Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Procesor často vytížen

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
Arcane
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 11 říj 2006 15:22

Procesor často vytížen

#1 Příspěvek od Arcane »

Zdravím, posledních pár dnů se mi pc chová prapodivně. Před pár dny po probuzení mi v chromu crashly všechny stránky s chybou, že došla paměť.
Zkoušel jsem projet pc pomocí mbamu, ale nešel spustit. Pomocí mbam-cleaneru jsem ho odstranil a nainstaloval znovu ve verzi 2 (3 mi z nějakého důvodu nešla nainstalovat.
Navíc mi windows blokoval spustitelné soubory a hlásil "Tato aplikace je z důvodu zajištění vaší ochrany blokována. Správce vám zabránil ve spuštění této aplikace." i když jsem já administrátorem. Navíc se mi tato hláška nikdy neukazovala, tak nevím jestli to třeba také není důsledkem nějakého malwaru. (případně nového Creators Update ve W10).
Musel jsem to spouštět přes cmd s elevací oprávnění.). Nakonec tedy mbam odstranil co našel, ale stále se mi zdá, že je cpu občas vytíženo, i když se nic neděje.
Navíc se mi ve správcích úloh objevují podezřelé procesy (g7D3A.tmp.exe, g6D.tmp.exe apod. z adresáře \AppData\Local\Temp).
Proto prosím o zkontrolování logu. Log jsem musel rozdělit na 2 zprávy, protože se sem prý nevejde (max 100 000 znaků)

Logfile of random's system information tool 1.16 (written by random/random)
Run by Jan at 2017-05-09 14:38:27
Microsoft Windows 10 Pro
System drive C: has 102 GB (42%) free of 244 GB
Total RAM: 16255 MB (54% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:38:28, on 09.05.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\SysWOW64\muachost.exe
D:\Arcane\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Jan\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
D:\Arcane\Steam\Steam.exe
D:\Arcane\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
D:\Arcane\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe
C:\ProgramData\Battle.net\Agent\Agent.5552\Agent.exe
C:\Program Files (x86)\Battle.net\Battle.net.8733\Battle.net.exe
C:\Program Files (x86)\Battle.net\Battle.net.8733\Battle.net Helper.exe
C:\Program Files (x86)\Battle.net\Battle.net.8733\Battle.net Helper.exe
C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\trend micro\Jan_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Jan\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\WINDOWS\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Developer Tools Service (DeveloperToolsService) - Unknown owner - C:\WINDOWS\System32\DeveloperToolsSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @oem49.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\SysWOW64\nlssrv32.exe
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Synergy - Unknown owner - C:\Program Files\Synergy\synergyd.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Wallpaper Engine Service - Unknown owner - D:\Arcane\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 15810 bytes

====== Enumerating Processes ======

C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localservice -s bthserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s lmhosts
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s CscService
c:\windows\system32\svchost.exe -k localservice -s EventSystem
C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\57680f5597l66565z0\57680f5597l66565z0.dll",ftqflz
C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\77762f98680l3466z7\77762f98680l3466z7.dll",ftqflz
c:\windows\system32\svchost.exe -k localservice -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -s SENS
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e9bc3c89-e85b-4b38-9025-b33d0c72b10a -SystemEventPortName:HostProcess-24405d44-0bb5-498c-9835-90fecf654bb6 -IoCancelEventPortName:HostProcess-7992e3d3-3d39-413e-b9ab-b36791b9a0af -NonStateChangingEventPortName:HostProcess-bf56ceb8-4532-41e6-b573-815fb5fb814e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4438d784-62c4-4b73-8d10-44e5d0327cd8 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
C:\WINDOWS\system32\WLANExt.exe 2902425297424
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
C:\WINDOWS\system32\ibtsiva.exe
"C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\WINDOWS\SysWOW64\nlssrv32.exe
"C:\Program Files (x86)\Origin\OriginWebHelperService.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\Synergy\synergyd.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -s Browser
D:\Arcane\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s upnphost
c:\windows\system32\svchost.exe -k localservice -s fdPHost
c:\windows\system32\svchost.exe -k localservicenonetwork -s NcdAutoSetup
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s FDResPub
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s HomeGroupProvider
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\taskhostw.exe
C:\WINDOWS\SysWOW64\muachost.exe
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
D:\Arcane\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
C:\WINDOWS\system32\igfxEM.exe
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
C:\WINDOWS\system32\AUDIODG.EXE 0x4ac
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s WdiSystemHost
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe"
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe"
C:\Program Files\Synergy\synergys.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\Ailt DmargeCopy\Ailt DmargeCopy.dll",ZzyFeje
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Users\Jan\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Jan\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=58.0.3029.96 --initial-client-data=0x1ec,0x1f0,0x1f4,0x1e8,0x1f8,0x7ff97a362968,0x7ff97a362980,0x7ff97a362990
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=13796 --on-initialized-event-handle=600 --parent-handle=604 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --lang=cs --service-request-channel-token=2B2F3BBD846091A70FC3A5DBFF5B3AF1 --mojo-platform-channel-handle=2208 --ignored=" --type=renderer " /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=F51E46996FA879AD8EFD8B4E13795F30 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=F51E46996FA879AD8EFD8B4E13795F30 --renderer-client-id=3 --mojo-platform-channel-handle=2588 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=21EA8C4A2DD3B97B8DF69F2ED953D663 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=21EA8C4A2DD3B97B8DF69F2ED953D663 --renderer-client-id=4 --mojo-platform-channel-handle=2836 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=048C49238CF3274F8BDFE3A8D3177713 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=048C49238CF3274F8BDFE3A8D3177713 --renderer-client-id=5 --mojo-platform-channel-handle=2900 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=48FF67AD5883BC641DAE66DBC8813EC2 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=48FF67AD5883BC641DAE66DBC8813EC2 --renderer-client-id=6 --mojo-platform-channel-handle=3032 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=DCC9354C05D6A859D1082664CCA4EE4A --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=DCC9354C05D6A859D1082664CCA4EE4A --renderer-client-id=7 --mojo-platform-channel-handle=3008 /prefetch:1
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"D:\Arcane\Steam\Steam.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=3D62C259D0566C2C43BC114015CBFDA2 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=3D62C259D0566C2C43BC114015CBFDA2 --renderer-client-id=25 --mojo-platform-channel-handle=4816 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=3AAFF5790ABA805D4D0B8916371ED9B3 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=3AAFF5790ABA805D4D0B8916371ED9B3 --renderer-client-id=21 --mojo-platform-channel-handle=6968 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=DA433D56AFC6DCAEBABC5EA4948C215D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=DA433D56AFC6DCAEBABC5EA4948C215D --renderer-client-id=20 --mojo-platform-channel-handle=1832 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=69B774180D55BDF8D53E3F7816DDCCE1 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=69B774180D55BDF8D53E3F7816DDCCE1 --renderer-client-id=22 --mojo-platform-channel-handle=8568 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=2BBBACE9B81BE9390C2DED3A47B64C9D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=2BBBACE9B81BE9390C2DED3A47B64C9D --renderer-client-id=23 --mojo-platform-channel-handle=8892 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=FAA46B4272AF6CDAB189DB795EAB7DDA --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=FAA46B4272AF6CDAB189DB795EAB7DDA --renderer-client-id=15 --mojo-platform-channel-handle=8956 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=03284DB3F4212BF82274DA81E4B6D83A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=03284DB3F4212BF82274DA81E4B6D83A --renderer-client-id=16 --mojo-platform-channel-handle=9476 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=C390084B9B78CE183236A18266A0C3AC --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=C390084B9B78CE183236A18266A0C3AC --renderer-client-id=11 --mojo-platform-channel-handle=9460 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=9B0DEDEFB0096B128603B84EA492F580 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=9B0DEDEFB0096B128603B84EA492F580 --renderer-client-id=10 --mojo-platform-channel-handle=10716 /prefetch:1
D:\Arcane\Steam\bin\cef\cef.win7\steamwebhelper.exe "-cachedir=C:\Users\Jan\AppData\Local\Steam\htmlcache" "-steampid=10800" "-buildid=1493162727" "-steamid=0" --disable-gpu-compositing --disable-gpu --process-per-tab --disable-spell-checking --disable-out-of-process-pac --disable-smooth-scrolling --enable-direct-write "--log-file=D:\Arcane\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=DAFD2AFC88CA79704C03A2619B989D2B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=DAFD2AFC88CA79704C03A2619B989D2B --renderer-client-id=12 --mojo-platform-channel-handle=11044 /prefetch:1
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=609A14DD18B42BB28B7DFD9C533347D7 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=609A14DD18B42BB28B7DFD9C533347D7 --renderer-client-id=13 --mojo-platform-channel-handle=10940 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=CDA8229F4CAE2950451DDD5B4B2A87F5 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=CDA8229F4CAE2950451DDD5B4B2A87F5 --renderer-client-id=14 --mojo-platform-channel-handle=11816 /prefetch:1
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"D:\Arcane\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --disable-smooth-scrolling --enable-pinch --primordial-pipe-token=30872650498CF3B099A4248606C8417F --lang=en-US --lang=cs-CZ --log-file="D:\Arcane\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --disable-spell-checking --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --service-request-channel-token=30872650498CF3B099A4248606C8417F --renderer-client-id=2 --mojo-platform-channel-handle=1700 /prefetch:1
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe"
C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 "--database=C:\Users\Jan\AppData\Local\Spotify\User Data\Crashpad" "--metrics-dir=C:\Users\Jan\AppData\Local\Spotify\User Data" --url=https://crashdump.spotify.com:443 --annotation=channel= --annotation=platform=win32 --annotation=product=spotify --annotation=version=1.0.53.758 --initial-client-data=0x490,0x498,0x4a4,0x494,0x4a8,0x57c7184,0x57c7194,0x57c71a4
"C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe" --type=gpu-process --no-sandbox --disable-d3d11 --lang=en-US --log-file="C:\Users\Jan\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.53.758 --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,19,20,23,40,71 --gpu-vendor-id=0x10de --gpu-device-id=0x1401 --gpu-driver-vendor=NVIDIA --gpu-driver-version=22.21.13.8189 --gpu-driver-date=4-19-2017 --gpu-secondary-vendor-ids=0x8086 --gpu-secondary-device-ids=0x0412 --lang=en-US --log-file="C:\Users\Jan\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.53.758 --service-request-channel-token=086327DB5E056095FFCC1E60225F98BC --mojo-platform-channel-handle=1848 /prefetch:2
"C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe" --type=renderer --disable-pinch --no-sandbox --primordial-pipe-token=6E9B0BC5B7CECDB94735A8B97029ADF0 --lang=en-US --lang=en-US --log-file="C:\Users\Jan\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.53.758 --disable-spell-checking --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=6E9B0BC5B7CECDB94735A8B97029ADF0 --renderer-client-id=3 --mojo-platform-channel-handle=2716 /prefetch:1
c:\windows\system32\taskhostw.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=3F3FD4621FC1B449865965D54A005933 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=3F3FD4621FC1B449865965D54A005933 --renderer-client-id=517 --mojo-platform-channel-handle=12424 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -s DoSvc
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1703.601.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=B136442B65BD46B1B928E1B5654CF44D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=B136442B65BD46B1B928E1B5654CF44D --renderer-client-id=774 --mojo-platform-channel-handle=5524 /prefetch:1
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
c:\windows\system32\svchost.exe -k localservice -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs -s RasMan
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\ProgramData\Battle.net\Agent\Agent.5552\Agent.exe" --session=3754347736619994186
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Battle.net\Battle.net.8733\Battle.net.exe" --updatepid=8588
C:\Program Files (x86)\Battle.net\Battle.net.8733\Battle.net Helper.exe
C:\Program Files (x86)\Battle.net\Battle.net.8733\Battle.net Helper.exe
c:\windows\system32\taskhostw.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=5C1570ADF1218412A6E2FEAD6DD8222B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=5C1570ADF1218412A6E2FEAD6DD8222B --renderer-client-id=857 --mojo-platform-channel-handle=17352 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=CFE70CF26B6AC7CF2227F69C038C8483 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=CFE70CF26B6AC7CF2227F69C038C8483 --renderer-client-id=887 --mojo-platform-channel-handle=15316 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=93AFC6A15A7EC536CD976D882E1F67EA --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=93AFC6A15A7EC536CD976D882E1F67EA --renderer-client-id=888 --mojo-platform-channel-handle=18188 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=9043FA4A900043F36B614BFE60FF714F --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=9043FA4A900043F36B614BFE60FF714F --renderer-client-id=890 --mojo-platform-channel-handle=15228 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=0207F8EC7DDCFC3DB9A390A86B3844EF --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=0207F8EC7DDCFC3DB9A390A86B3844EF --renderer-client-id=891 --mojo-platform-channel-handle=13372 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=C7BF31690417FC7DDAB8D383EC405D8A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=C7BF31690417FC7DDAB8D383EC405D8A --renderer-client-id=893 --mojo-platform-channel-handle=10436 /prefetch:1
C:\Users\Jan\AppData\Local\Temp\g7D3A.tmp.exe
"C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=63615D54F40AFA71A228726EDD7FB1A7 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=63615D54F40AFA71A228726EDD7FB1A7 --renderer-client-id=1102 --mojo-platform-channel-handle=20736 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=EDD525B3E1960320B925FA160787890C --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=EDD525B3E1960320B925FA160787890C --renderer-client-id=1173 --mojo-platform-channel-handle=21316 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=EE92E94654FE7B9E22189D32CC5F7265 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=EE92E94654FE7B9E22189D32CC5F7265 --renderer-client-id=1445 --mojo-platform-channel-handle=7252 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=519E2399B0C32CFEF7782C51460FA6B3 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=519E2399B0C32CFEF7782C51460FA6B3 --renderer-client-id=1448 --mojo-platform-channel-handle=18264 /prefetch:1
"C:\Program Files\NVIDIA Corporation\Display\nvtray.exe" -nvupdt
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -c
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
C:\Program Files\NVIDIA Corporation\nvstreamsrv\NvStreamUserAgent.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=DDA6D98C81FBD6FBE709ACE2E9E71575 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=DDA6D98C81FBD6FBE709ACE2E9E71575 --renderer-client-id=1490 --mojo-platform-channel-handle=13568 /prefetch:1
C:\Windows\System32\InstallAgent.exe -Embedding
C:\Windows\System32\InstallAgentUserBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4e9d8c70-058d-4694-9a78-bca1fc913211 -SystemEventPortName:HostProcess-5d8fb04a-1873-4dda-a7c9-b562865943ef -IoCancelEventPortName:HostProcess-d1bcfad8-2fb2-4a07-8128-9d1014608c5f -NonStateChangingEventPortName:HostProcess-9472459a-93ac-41a6-adf4-d60aca5ae1b2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6bec513a-58e5-4929-8c4f-e58e3673e3d2 -DeviceGroupId:WudfDefaultDevicePool
"C:\WINDOWS\system32\NOTEPAD.EXE" D:\Arcane\Hry\NieR Automata\README.txt
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=43E92BCF1A15732F8702D0C0366C2E66 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=43E92BCF1A15732F8702D0C0366C2E66 --renderer-client-id=1557 --mojo-platform-channel-handle=20368 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=AAF60642628515B0DB8503EE22B364BB --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=AAF60642628515B0DB8503EE22B364BB --renderer-client-id=1560 --mojo-platform-channel-handle=18156 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=EE12319F477DC11D4FDB3D6FD7F7C3E9 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=EE12319F477DC11D4FDB3D6FD7F7C3E9 --renderer-client-id=1563 --mojo-platform-channel-handle=16096 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -s gpsvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2228 --primordial-pipe-token=3A23DCCE5371C27333D6DFB0FB07FD2D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=3A23DCCE5371C27333D6DFB0FB07FD2D --renderer-client-id=1565 --mojo-platform-channel-handle=19348 /prefetch:1
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -s wlidsvc
"C:\WINDOWS\system32\NOTEPAD.EXE" C:\rsit\info.txt
"C:\WINDOWS\system32\NOTEPAD.EXE" C:\rsit\log.txt
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Jan\Desktop\RSITx64.exe"
Naposledy upravil(a) Arcane dne 09 kvě 2017 13:57, celkem upraveno 2 x.

Arcane
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 11 říj 2006 15:22

Re: Procesor často vytížen

#2 Příspěvek od Arcane »

====== Scheduled tasks folder ======

C:\WINDOWS\tasks\CaladosyDeptur Standard.job - C:\WINDOWS\system32\rundll32.exe "C:\Program Files\CaladosyDeptur Standard\CaladosyDeptur Standard.dll",zUpKyDTgAw
C:\WINDOWS\system32\tasks\57680f5597l66565z0 - C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\57680f5597l66565z0\57680f5597l66565z0.dll",ftqflz
C:\WINDOWS\system32\tasks\77762f98680l3466z7 - C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\77762f98680l3466z7\77762f98680l3466z7.dll",ftqflz
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-arcane36@seznam.cz - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\WINDOWS\system32\tasks\Ailt DmargeCopy - C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Ailt DmargeCopy\Ailt DmargeCopy.dll",ZzyFeje
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\InstallShield Update Service - "C:\Users\Jan\AppData\Roaming\com.lachhh.lachhhRPG\ISSCH\issch.exe" e0A6b8377FA783163E099C31ccDD33B91AFE4B02
C:\WINDOWS\system32\tasks\klcp_update - "%ProgramFiles(x86)%\K-Lite Codec Pack\Tools\CodecTweakTool.exe" /verysilent /update /freq=14
C:\WINDOWS\system32\tasks\MSISW_Host - C:\WINDOWS\SysWOW64\muachost.exe
C:\WINDOWS\system32\tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
C:\WINDOWS\system32\tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
C:\WINDOWS\system32\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
C:\WINDOWS\system32\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
C:\WINDOWS\system32\tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
C:\WINDOWS\system32\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task v2 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\Opera scheduled Autoupdate 1482320874 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\Personal Performance Exam - C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Personal Performance Exam\Personal Performance Exam.dll",jkADPASOjY
C:\WINDOWS\system32\tasks\SidebarStartup - C:\Users\Jan\AppData\Local\SidebarDiagnostics\app-3.3.7\SidebarDiagnostics.exe
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{D1E197DB-4B7F-4627-B2E6-180083B60C6E} - C:\Windows\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\WwanSvc\NotificationTask - %SystemRoot%\System32\WiFiTask.exe wwan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\Windows\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Subsystem for Linux\AptPackageIndexUpdate - %windir%\System32\LxRun.exe /update
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\Program Files\Windows Defender\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install - %systemroot%\system32\usoclient.exe ScanInstallWait
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval - %systemroot%\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe Reboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\WINDOWS\system32\MRT.exe /EHB /Q
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Cellular - %windir%\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5 /source LogonIdleTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\WINDOWS\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload
C:\WINDOWS\system32\tasks\Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task

=========Mozilla firefox=========

ProfilePath - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\tbfyn1f4.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wolfram.com/Mathematica]
"Description"=Wolfram Mathematica Plug-in
"Path"=C:\Program Files (x86)\Common Files\Wolfram Research\Browser\11.0.1.5597552\npmathplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll


C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\tbfyn1f4.default\addons.json

C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\tbfyn1f4.default\extensions.json
Disable Prefetch - extension - disable-prefetch@mozilla.org - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\tbfyn1f4.default\features\{1c7b9f95-7024-45f2-bf00-4f6931ab2e64}\disable-prefetch@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\tbfyn1f4.default\features\{1c7b9f95-7024-45f2-bf00-4f6931ab2e64}\e10srollout@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Site Deployment Checker - extension - deployment-checker@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\tbfyn1f4.default\pluginreg.dat
Plugin - Shockwave Flash - 18.0.0.232 - C:\Users\Jan\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll

=========Google Chrome=========

C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension ajopnjidmegmdimjlfnijceegpefgped 1 BetterTTV 7.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension bmofencpfjfladdmoiflekmblmhflbkp 0
Extension cjpalhdlnbpafiamejdnhcphjbkeiagm 1 uBlock Origin 1.12.1
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.19
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 2 Adobe Acrobat 15.1.0.3
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension fadndhdgpmmaapbmfcknlfgcflmmmieb 1 FrankerFaceZ 1.57
Extension fdpohaocaechififmbbbbbknoalclacl 1 Full Page Screen Capture 2.2
Extension felcaaldnbdncclmgdcncolpebgiejap
Extension fhbjgbiflinjbdggehcddcbncdddomop 1 Postman 4.10.7
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gkojfkhlekighikafcpjkiklfbnlmeio 1 Unlimited Free VPN - Hola 1.44.3
Extension gpdpldlbafdmhlmcdllcjgoigmpjonfc 1 Simple Speed Dial 2.5.0
Extension hmhgeddbohgjknpmjagkdomcpobmllji 0 JetBrains IDE Support 2.0.9
Extension kgicdngjllamjgijagdkoalhkpplipnd 1 Better Youtube Subscriptions 1.3.8
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension lmjegmlicamnimmfhcmpkclmigmmcbeh 1 Application Launcher for Drive (by Google) 3.2
Extension lneaknkopdijkpnocmklfnjbeapigfbh 1 Mapy Google 5.4.1
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nlmbdmpjmlijibeockamioakdpmhjnpk 1 Twitch Now 1.1.189
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension noibmlfclijjipjajmgfgejgcaioholk
Extension oeopbcgkkoapgobdbedcemjljbihmemj 1 Checker Plus for Gmail™ 20.1.1
Extension okadibdjfemgnhjiembecghcbfknbfhg 1 Enhanced Steam 9.3
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5817.313.0.3
Homepage: http://www.google.com/
default_search_provider.search_url:
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=


======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-04-30 214216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-01 553024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-04-30 3066672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-01 214080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-04-30 150728]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-01 462400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-04-30 2074416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-01 173120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-02-26 13423688]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-01-31 36352]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01 508128]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2017-05-03 1893496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ARCANE-PC"=C:\Users\Jan\AppData\Local\Temp\g7D3A.tmp.exe [2017-05-08 307712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2017-03-21 23819304]
"Spotify Web Helper"=C:\Users\Jan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-04-29 1446000]
"GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2017-05-02 1143640]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2013-03-12 134616]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16 81920]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2016-03-18 67384]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2016-07-20 5565960]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2015-08-06 421888]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-04-01 596504]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2016-10-25 2383040]

C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Poslat do aplikace OneNote.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath" = %SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.96\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.RTV1"=rtvcvfw64.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2017-05-09 14:37:29 ----D---- C:\rsit
2017-05-09 14:37:29 ----D---- C:\Program Files\trend micro
2017-05-09 12:18:05 ----D---- C:\WINDOWS\LastGood
2017-05-09 12:18:00 ----A---- C:\WINDOWS\SYSWOW64\nvaudcap32v.dll
2017-05-09 12:18:00 ----A---- C:\WINDOWS\system32\nvaudcap64v.dll
2017-05-07 18:59:58 ----D---- C:\Program Files\Personal Performance Exam
2017-05-07 18:59:26 ----D---- C:\Program Files\Ailt DmargeCopy
2017-05-07 18:58:42 ----D---- C:\Program Files\CaladosyDeptur Standard
2017-05-07 13:52:06 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2017-05-07 13:51:50 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-05-07 13:51:50 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2017-05-07 13:51:50 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2017-05-03 02:47:56 ----HD---- C:\ProgramData\3572f69113l19270z3
2017-05-03 02:46:38 ----HD---- C:\ProgramData\57680f5597l66565z0
2017-05-03 02:46:12 ----HD---- C:\ProgramData\77762f98680l3466z7
2017-05-03 02:45:19 ----HD---- C:\ProgramData\94985f64993l59540z0
2017-04-28 20:47:43 ----A---- C:\WINDOWS\SYSWOW64\nvStreaming.exe
2017-04-28 20:45:35 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2017-04-28 20:45:35 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2017-04-28 20:45:35 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2017-04-28 20:45:35 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2017-04-28 20:45:35 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2017-04-28 20:45:35 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-04-28 20:45:35 ----A---- C:\WINDOWS\system32\nvopencl.dll
2017-04-28 20:45:35 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2017-04-28 20:45:35 ----A---- C:\WINDOWS\system32\nvmcumd.dll
2017-04-28 20:45:35 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2017-04-28 20:45:35 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2017-04-28 20:45:34 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2017-04-28 20:45:34 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2017-04-28 20:45:34 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2017-04-28 20:45:34 ----A---- C:\WINDOWS\SYSWOW64\nvEncMFThevc.dll
2017-04-28 20:45:34 ----A---- C:\WINDOWS\SYSWOW64\nvDecMFTMjpeg.dll
2017-04-28 20:45:34 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2017-04-28 20:45:34 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2017-04-28 20:45:34 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2017-04-28 20:45:34 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2017-04-28 20:45:34 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-04-28 20:45:34 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-04-28 20:45:34 ----A---- C:\WINDOWS\system32\nvEncMFThevc.dll
2017-04-28 20:45:34 ----A---- C:\WINDOWS\system32\nvEncMFTH264.dll
2017-04-28 20:45:34 ----A---- C:\WINDOWS\system32\nvdispgenco6438189.dll
2017-04-28 20:45:34 ----A---- C:\WINDOWS\system32\nvdispco6438189.dll
2017-04-28 20:45:34 ----A---- C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-04-28 20:45:34 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2017-04-28 20:45:34 ----A---- C:\WINDOWS\system32\nvcuda.dll
2017-04-28 20:45:34 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2017-04-28 00:55:56 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-04-28 00:55:56 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-04-28 00:55:56 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-04-28 00:55:56 ----A---- C:\WINDOWS\SYSWOW64\mmgaserver.exe
2017-04-28 00:55:56 ----A---- C:\WINDOWS\system32\drivers\netvsc.sys
2017-04-28 00:55:56 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2017-04-28 00:55:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-28 00:55:55 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-04-28 00:55:55 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-04-28 00:55:55 ----A---- C:\WINDOWS\SYSWOW64\odbcconf.dll
2017-04-28 00:55:55 ----A---- C:\WINDOWS\SYSWOW64\InputSwitch.dll
2017-04-28 00:55:55 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2017-04-28 00:55:55 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2017-04-28 00:55:55 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2017-04-28 00:55:54 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-04-28 00:55:54 ----A---- C:\WINDOWS\SYSWOW64\WiFiDisplay.dll
2017-04-28 00:55:54 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-04-28 00:55:54 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2017-04-28 00:55:54 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2017-04-28 00:55:54 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2017-04-28 00:55:54 ----A---- C:\WINDOWS\SYSWOW64\PlayToManager.dll
2017-04-28 00:55:54 ----A---- C:\WINDOWS\SYSWOW64\PackageStateRoaming.dll
2017-04-28 00:55:54 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2017-04-28 00:55:54 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-04-28 00:55:54 ----A---- C:\WINDOWS\SYSWOW64\imagehlp.dll
2017-04-28 00:55:54 ----A---- C:\WINDOWS\SYSWOW64\dbghelp.dll
2017-04-28 00:55:54 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2017-04-28 00:55:54 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-04-28 00:55:54 ----A---- C:\WINDOWS\SYSWOW64\AppResolver.dll
2017-04-28 00:55:54 ----A---- C:\WINDOWS\system32\winlogon.exe
2017-04-28 00:55:54 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-04-28 00:55:54 ----A---- C:\WINDOWS\system32\TDLMigration.dll
2017-04-28 00:55:54 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2017-04-28 00:55:54 ----A---- C:\WINDOWS\system32\SpeechPal.dll
2017-04-28 00:55:54 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-04-28 00:55:54 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-04-28 00:55:53 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-04-28 00:55:53 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\SYSWOW64\CloudBackupSettings.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\system32\wpnapps.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\system32\StorSvc.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2017-04-28 00:55:53 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\system32\PackageStateRoaming.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\system32\offreg.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\system32\NotificationObjFactory.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\system32\ieproxy.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-28 00:55:53 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-04-28 00:55:52 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-04-28 00:55:51 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-04-28 00:55:51 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-04-28 00:55:51 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-04-28 00:55:50 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-04-28 00:55:50 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-04-28 00:55:49 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-04-28 00:55:49 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-04-28 00:55:48 ----A---- C:\WINDOWS\system32\shell32.dll
2017-04-28 00:55:47 ----A---- C:\WINDOWS\system32\twinui.dll
2017-04-28 00:55:47 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-04-28 00:55:47 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-04-28 00:55:47 ----A---- C:\WINDOWS\system32\mmgaserver.exe
2017-04-28 00:55:46 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2017-04-28 00:55:46 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2017-04-28 00:55:46 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-04-28 00:55:46 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-04-28 00:55:46 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-04-28 00:55:46 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2017-04-28 00:55:46 ----A---- C:\WINDOWS\system32\wmpps.dll
2017-04-28 00:55:46 ----A---- C:\WINDOWS\system32\webcheck.dll
2017-04-28 00:55:46 ----A---- C:\WINDOWS\system32\wc_storage.dll
2017-04-28 00:55:46 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-04-28 00:55:46 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2017-04-28 00:55:46 ----A---- C:\WINDOWS\system32\mshtmled.dll
2017-04-28 00:55:46 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-04-28 00:55:46 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2017-04-28 00:55:46 ----A---- C:\WINDOWS\system32\InputSwitch.dll
2017-04-28 00:55:46 ----A---- C:\WINDOWS\system32\imagehlp.dll
2017-04-28 00:55:46 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2017-04-28 00:55:46 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-04-28 00:55:46 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-04-28 00:55:46 ----A---- C:\WINDOWS\system32\dxtrans.dll
2017-04-28 00:55:46 ----A---- C:\WINDOWS\system32\drivers\wcifs.sys
2017-04-28 00:55:46 ----A---- C:\WINDOWS\system32\dbghelp.dll
2017-04-28 00:55:46 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-04-28 00:55:46 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-28 00:55:46 ----A---- C:\WINDOWS\system32\comsvcs.dll
2017-04-28 00:55:46 ----A---- C:\WINDOWS\system32\ci.dll
2017-04-28 00:55:44 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2017-04-28 00:55:44 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-28 00:55:44 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-04-28 00:55:44 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2017-04-28 00:55:44 ----A---- C:\WINDOWS\system32\odbcconf.dll
2017-04-28 00:55:44 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-04-28 00:55:44 ----A---- C:\WINDOWS\system32\catsrvps.dll
2017-04-28 00:55:43 ----A---- C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-04-28 00:55:43 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-04-28 00:55:43 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2017-04-28 00:55:43 ----A---- C:\WINDOWS\system32\StartTileData.dll
2017-04-28 00:55:43 ----A---- C:\WINDOWS\system32\dwmcore.dll
2017-04-28 00:55:43 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-04-28 00:55:43 ----A---- C:\WINDOWS\system32\browserbroker.dll
2017-04-28 00:55:43 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-04-28 00:55:43 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-04-28 00:55:43 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-28 00:55:43 ----A---- C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-04-28 00:55:43 ----A---- C:\WINDOWS\explorer.exe
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\wpx.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\wininet.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\usocore.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\reseteng.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\RDXService.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\NotificationController.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\LockHostingFramework.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\fveapi.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\domgmt.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\daxexec.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\bcdedit.exe
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-04-28 00:55:42 ----A---- C:\WINDOWS\system32\AppResolver.dll
2017-04-28 00:55:41 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-28 00:55:41 ----A---- C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-04-28 00:55:41 ----A---- C:\WINDOWS\system32\CloudBackupSettings.dll
2017-04-28 00:38:36 ----D---- C:\Users\Jan\AppData\Roaming\Google
2017-04-15 05:36:52 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-04-15 00:54:15 ----A---- C:\WINDOWS\SYSWOW64\XpsPrint.dll
2017-04-15 00:54:15 ----A---- C:\WINDOWS\SYSWOW64\XpsDocumentTargetPrint.dll
2017-04-15 00:54:15 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2017-04-15 00:54:15 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2017-04-15 00:54:15 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-15 00:54:15 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2017-04-15 00:54:15 ----A---- C:\WINDOWS\system32\drivers\BasicRender.sys
2017-04-15 00:54:14 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2017-04-15 00:54:14 ----A---- C:\WINDOWS\SYSWOW64\quartz.dll
2017-04-15 00:54:14 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2017-04-15 00:54:14 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2017-04-15 00:54:14 ----A---- C:\WINDOWS\SYSWOW64\mfmjpegdec.dll
2017-04-15 00:54:14 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2017-04-15 00:54:14 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2017-04-15 00:54:14 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2017-04-15 00:54:14 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2017-04-15 00:54:14 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2017-04-15 00:54:14 ----A---- C:\WINDOWS\system32\XpsPrint.dll
2017-04-15 00:54:14 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-15 00:54:13 ----A---- C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-04-15 00:54:10 ----A---- C:\WINDOWS\system32\msIso.dll
2017-04-15 00:54:10 ----A---- C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-15 00:54:10 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2017-04-15 00:54:10 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-04-15 00:54:09 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-04-15 00:54:09 ----A---- C:\WINDOWS\system32\gdi32full.dll
2017-04-15 00:54:08 ----A---- C:\WINDOWS\system32\quartz.dll
2017-04-15 00:54:08 ----A---- C:\WINDOWS\system32\ole32.dll
2017-04-15 00:54:08 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-04-15 00:54:08 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-04-15 00:54:08 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2017-04-15 00:54:08 ----A---- C:\WINDOWS\system32\atmlib.dll
2017-04-15 00:54:08 ----A---- C:\WINDOWS\system32\atmfd.dll
2017-04-15 00:54:08 ----A---- C:\WINDOWS\system32\asycfilt.dll

====== List of files/folders modified in the last 1 month ======

2017-05-09 14:38:26 ----D---- C:\Users\Jan\AppData\Roaming\uTorrent
2017-05-09 14:37:33 ----D---- C:\WINDOWS\Prefetch
2017-05-09 14:37:29 ----RD---- C:\Program Files
2017-05-09 14:18:38 ----D---- C:\WINDOWS\Temp
2017-05-09 13:59:53 ----D---- C:\Users\Jan\AppData\Roaming\Skype
2017-05-09 13:40:00 ----D---- C:\WINDOWS\system32\sru
2017-05-09 13:18:54 ----D---- C:\WINDOWS\AppReadiness
2017-05-09 13:18:53 ----HD---- C:\Program Files\WindowsApps
2017-05-09 12:25:33 ----D---- C:\ProgramData\NVIDIA
2017-05-09 12:24:53 ----D---- C:\Users\Jan\AppData\Roaming\Spotify
2017-05-09 12:24:25 ----D---- C:\WINDOWS\system32\SleepStudy
2017-05-09 12:21:25 ----D---- C:\WINDOWS\System32
2017-05-09 12:21:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-09 12:20:29 ----D---- C:\WINDOWS\INF
2017-05-09 12:18:33 ----D---- C:\ProgramData\NVIDIA Corporation
2017-05-09 12:18:25 ----D---- C:\WINDOWS\SysWOW64
2017-05-09 12:18:24 ----D---- C:\WINDOWS\system32\Tasks
2017-05-09 12:18:22 ----D---- C:\WINDOWS\system32\DriverStore
2017-05-09 12:18:22 ----D---- C:\WINDOWS\system32\drivers
2017-05-09 12:18:22 ----D---- C:\WINDOWS\system32\CatRoot
2017-05-09 12:18:17 ----D---- C:\Program Files\NVIDIA Corporation
2017-05-09 12:18:17 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2017-05-09 12:18:05 ----D---- C:\WINDOWS\system32\catroot2
2017-05-09 12:18:05 ----AD---- C:\Windows
2017-05-08 21:58:57 ----D---- C:\Users\Jan\AppData\Roaming\TS3Client
2017-05-08 19:04:34 ----AD---- C:\Program Files (x86)\Battle.net
2017-05-08 01:57:59 ----AD---- C:\Program Files\Synergy
2017-05-07 18:59:14 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-07 18:59:02 ----D---- C:\WINDOWS\ModemLogs
2017-05-07 18:58:42 ----D---- C:\WINDOWS\Tasks
2017-05-07 13:51:50 ----RD---- C:\Program Files (x86)
2017-05-07 13:51:50 ----D---- C:\ProgramData\Malwarebytes
2017-05-07 13:48:05 ----SHD---- C:\System Volume Information
2017-05-07 13:45:25 ----AD---- C:\Program Files (x86)\Opera
2017-05-07 13:39:39 ----D---- C:\AdwCleaner
2017-05-07 13:11:11 ----D---- C:\WINDOWS\system32\NDF
2017-05-07 12:18:08 ----D---- C:\WINDOWS\system32\WDI
2017-05-07 04:24:13 ----SHD---- C:\WINDOWS\Installer
2017-05-07 04:24:13 ----SHD---- C:\Config.Msi
2017-05-06 22:13:59 ----RD---- C:\WINDOWS\Microsoft.NET
2017-05-06 22:13:58 ----RD---- C:\WINDOWS\assembly
2017-05-03 22:21:33 ----A---- C:\WINDOWS\SYSWOW64\nvspcap.dll
2017-05-03 22:21:33 ----A---- C:\WINDOWS\system32\nvspcap64.dll
2017-05-03 22:21:32 ----A---- C:\WINDOWS\SYSWOW64\nvspbridge.dll
2017-05-03 22:21:32 ----A---- C:\WINDOWS\system32\nvspbridge64.dll
2017-05-03 22:21:32 ----A---- C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-05-03 21:28:28 ----A---- C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-05-03 17:41:02 ----A---- C:\WINDOWS\NvContainerRecovery.bat
2017-05-03 02:47:56 ----HD---- C:\ProgramData
2017-05-02 16:27:33 ----D---- C:\WINDOWS\system32\config
2017-05-01 22:53:14 ----D---- C:\WINDOWS\debug
2017-05-01 16:29:13 ----D---- C:\WINDOWS\rescache
2017-05-01 16:29:12 ----D---- C:\WINDOWS\WinSxS
2017-05-01 11:41:53 ----D---- C:\WINDOWS\system32\LogFiles
2017-05-01 05:33:52 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-01 05:33:52 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-05-01 05:33:20 ----SD---- C:\WINDOWS\SYSWOW64\F12
2017-05-01 05:33:20 ----SD---- C:\WINDOWS\system32\F12
2017-05-01 05:33:20 ----D---- C:\WINDOWS\SYSWOW64\Dism
2017-05-01 05:33:20 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-05-01 05:33:20 ----D---- C:\WINDOWS\system32\Dism
2017-05-01 05:33:20 ----D---- C:\WINDOWS\system32\appraiser
2017-05-01 05:33:19 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-05-01 05:33:19 ----D---- C:\WINDOWS\ShellExperiences
2017-05-01 05:33:19 ----D---- C:\WINDOWS\Provisioning
2017-05-01 05:33:19 ----D---- C:\WINDOWS\PolicyDefinitions
2017-05-01 05:33:19 ----D---- C:\WINDOWS\AppPatch
2017-05-01 05:33:19 ----D---- C:\Program Files\Windows Photo Viewer
2017-05-01 05:33:19 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-04-30 06:40:05 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2017-04-30 06:39:54 ----D---- C:\Program Files (x86)\Common Files
2017-04-30 06:39:22 ----AD---- C:\Program Files (x86)\Microsoft Office
2017-04-28 20:47:35 ----D---- C:\Program Files (x86)\VulkanRT
2017-04-28 02:50:36 ----AD---- C:\World of Warcraft
2017-04-28 00:56:25 ----D---- C:\WINDOWS\CbsTemp
2017-04-20 03:59:14 ----A---- C:\WINDOWS\SYSWOW64\nvEncMFTH264.dll
2017-04-20 03:59:14 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2017-04-20 03:59:14 ----A---- C:\WINDOWS\system32\nvapi64.dll
2017-04-20 03:59:14 ----A---- C:\WINDOWS\system32\drivers\SETEC0A.tmp
2017-04-20 02:44:18 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2017-04-20 02:44:18 ----A---- C:\WINDOWS\system32\nvcpl.dll
2017-04-20 02:44:16 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2017-04-20 02:44:16 ----A---- C:\WINDOWS\system32\nvshext.dll
2017-04-20 02:44:16 ----A---- C:\WINDOWS\system32\nvmctray.dll
2017-04-20 02:44:16 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2017-04-20 02:44:16 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
2017-04-15 05:35:22 ----AD---- C:\Program Files\Microsoft Silverlight
2017-04-15 05:35:22 ----AD---- C:\Program Files (x86)\Microsoft Silverlight
2017-04-15 05:34:56 ----D---- C:\WINDOWS\SYSWOW64\en-US
2017-04-15 05:34:56 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-04-15 05:34:55 ----D---- C:\WINDOWS\system32\en-US
2017-04-15 05:34:55 ----D---- C:\WINDOWS\system32\cs-CZ
2017-04-15 00:56:48 ----D---- C:\WINDOWS\system32\MRT
2017-04-15 00:54:42 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-04-15 00:53:29 ----D---- C:\WINDOWS\Logs
2017-04-13 19:33:41 ----D---- C:\Program Files (x86)\Internet Explorer

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-01-31 652784]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R0 lxss;@%SystemRoot%\system32\drivers\lxss.sys,-100; C:\WINDOWS\system32\drivers\lxss.sys [2017-04-06 17312]
R1 AppleCharger;AppleCharger; C:\WINDOWS\system32\DRIVERS\AppleCharger.sys [2013-10-28 22240]
R1 SeLow;@oem51.inf,%SeLow_DisplayName%;SoftEther Lightweight Network Protocol; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [2015-09-22 50208]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R2 mi2c;mi2c; \??\C:\Windows\system32\drivers\mi2c.sys [2014-12-25 20784]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2017-03-18 105472]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-03-18 96768]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-03-18 129536]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-03-18 85504]
R3 Hamachi;@oem45.inf,%Hamachi.Service.DispName%;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\System32\drivers\Hamdrv.sys [2016-07-20 45680]
R3 ibtusb;@oem49.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2017-01-13 736512]
R3 mt7612US;@oem71.inf,%Generic.Service.DispName%;Xbox Wireless Adapter for Windows; C:\WINDOWS\System32\drivers\mt7612US.sys [2015-12-09 377864]
R3 Neo_VPN;@oem38.inf,%Neo.Service.DispName%;VPN Client Device Driver - VPN; C:\WINDOWS\System32\drivers\Neo_VPN.sys [2015-09-22 38432]
R3 Netwtw04;@oem39.inf,%NIC_Service_DispName_WINT_64%;Ovladač adaptéru Intel(R) Wireless pro systém Windows 10 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [2017-01-24 7932160]
R3 NVHDA;@oem11.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2017-04-02 218040]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_274d0ab8ee30c459\nvlddmkm.sys [2017-04-21 14847088]
R3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-05-03 30328]
R3 nvvad_WaveExtensible;@oem17.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-05-03 48248]
R3 nvvhci;@oem3.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2017-05-03 57976]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-03-18 180736]
R3 rt640x64;@oem66.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-06-23 895256]
R3 ScpVBus;@oem24.inf,%ScpVBus.SVCDESC%;Scp Virtual Bus Driver; C:\WINDOWS\System32\drivers\ScpVBus.sys [2013-05-19 39168]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2017-03-20 127904]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2017-03-20 161696]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2017-03-20 143776]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2017-04-19 980992]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\syswow64\epmntdrv.sys [2014-11-18 15968]
S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\syswow64\EuGdiDrv.sys [2014-11-18 10208]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys [2016-01-01 26192]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-05-26 42288]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2017-03-20 230816]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2017-04-19 118784]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2017-03-18 1735584]
S3 RtlWlanu_OldIC;Realtek Wireless LAN 802.11n – síťový adaptér USB 2.0; C:\WINDOWS\System32\drivers\rtwlanu_oldIC.sys [2016-07-16 3814400]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-03-20 40352]
S3 sthid;Splashtop Virtual Hid; C:\WINDOWS\System32\drivers\sthid.sys [2016-05-06 21216]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2016-10-25 744640]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-02-27 2227312]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CDPUserSvc_5ef0f;Uživatelská služba platformy připojených zařízení_5ef0f; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-04-19 3801280]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\dusmsvc.dll
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2015-06-12 640928]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-01-31 15344]
R2 ibtsiva;@oem49.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-02-13 731648]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-03-12 169432]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [2016-07-20 419248]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\WINDOWS\SysWOW64\nlssrv32.exe [2012-01-31 66560]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03 495224]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-04-20 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-05-03 450168]
R2 OneSyncSvc_5ef0f;Hostitel synchronizace_5ef0f; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2017-04-02 2184688]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2015-06-12 157088]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-03-18 335808]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
R3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03 495224]
R3 PimIndexMaintenanceSvc_5ef0f;Data kontaktů_5ef0f; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-04-26 1590048]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-03-12 366552]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-02-22 317400]
S3 AppleChargerSrv;AppleChargerSrv; C:\WINDOWS\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 debugregsvc;@%SystemRoot%\system32\debugregsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k DevToolsGroup;"ServiceDll" = %SystemRoot%\System32\debugregsvc.dll
S3 DeveloperToolsService;Developer Tools Service; C:\WINDOWS\System32\DeveloperToolsSvc.exe [2017-03-17 103936]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\DevicesFlowBroker.dll
S3 DevicesFlowUserSvc_5ef0f;Tok zařízení_5ef0f; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" =
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2016-07-20 2554376]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2014-02-18 171480]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-02-13 820184]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\IpxlatCfg.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 LxssManager;@%systemroot%\system32\lxss\LxssManager.dll,-100; %systemroot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\system32\lxss\LxssManager.dll
S3 MessagingService_5ef0f;Služba zasílání zpráv_5ef0f; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-04-16 172488]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\NaturalAuth.dll
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2017-04-02 2123240]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-04-19 207056]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalService;"ServiceDll" = %SystemRoot%\system32\SEMgrSvc.dll
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2017-03-20 3913064]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2017-03-18 891904]
S3 SshBroker;@%SystemRoot%\system32\SshBroker.dll,-3; %SystemRoot%\system32\svchost.exe -k SshBrokerGroup;"ServiceDll" = %SystemRoot%\System32\SshBroker.dll
S3 SshProxy;@%SystemRoot%\system32\SshProxy.dll,-3; %SystemRoot%\system32\svchost.exe -k SshProxyGroup;"ServiceDll" = %SystemRoot%\System32\SshProxy.dll
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2017-03-20 846752]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

altrok
Moderátor
Moderátor
Příspěvky: 7257
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Procesor často vytížen

#3 Příspěvek od altrok »

Krasny den Vam preju :bye:



:arrow: V ramci cisteni Vam budou vyprazdneny docasne adresare (vysypani Kose a tempu, vyprazdneni cache prohlizecu apod.).


:arrow: Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
  • ukoncete vsechny programy
  • kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
  • kliknete na Scan (Skenovani), pote na Clean (Cisteni)
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

Arcane
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 11 říj 2006 15:22

Re: Procesor často vytížen

#4 Příspěvek od Arcane »

Děkuji za rychlou odpověď :) Tímhle programem jsem už pc projížděl v rámci mého samostatného pokusu o opravu, přesto to však stále něco našlo. Viz log níže. Btw. zase jsem měl problém program spustit. W10 nadává, že to správce zablokoval, i když jsem se snažil jej spustit jako správce. Nakonec jsem ho spustil přes správcovskou cmd.

# AdwCleaner v6.046 - Logfile created 09/05/2017 at 22:04:34
# Updated on 24/04/2017 by Malwarebytes
# Database : 2017-05-08.1 [Local]
# Operating System : Windows 10 Pro (X64)
# Username : Jan - ARCANE-PC
# Running from : C:\Users\Jan\Desktop\adwcleaner_6.046.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****



***** [ Folders ] *****



***** [ Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Setup_is1


***** [ Web browsers ] *****

[-] [C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxp://www.surfvox.com/


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2128 Bytes] - [07/05/2017 13:39:39]
C:\AdwCleaner\AdwCleaner[C2].txt - [1019 Bytes] - [09/05/2017 22:04:34]
C:\AdwCleaner\AdwCleaner[S1].txt - [3077 Bytes] - [03/07/2016 03:31:29]
C:\AdwCleaner\AdwCleaner[S2].txt - [2091 Bytes] - [07/05/2017 13:37:43]
C:\AdwCleaner\AdwCleaner[S3].txt - [1482 Bytes] - [09/05/2017 22:02:13]
C:\AdwCleaner\AdwCleaner[S4].txt - [1554 Bytes] - [09/05/2017 22:04:06]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1384 Bytes] ##########

altrok
Moderátor
Moderátor
Příspěvky: 7257
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Procesor často vytížen

#5 Příspěvek od altrok »

:arrow: Zrovna tento malware si zajistil pravidelne a opakovane spousteni, coz je s nejvetsi pravdepodonosti duvod opakujicich se nalezu AdwCleaneru. Sestrelime jej v pristim kroku :)



:arrow: Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pokud budete mit problemy se stazenim FRSTLauncheru, staci kdyz pouzijete samotny FRST.exe/FRST64.exe.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

Arcane
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 11 říj 2006 15:22

Re: Procesor často vytížen

#6 Příspěvek od Arcane »

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05-2017
Ran by Jan (administrator) on ARCANE-PC (10-05-2017 00:30:49)
Running from C:\Users\Jan\Desktop
Loaded Profiles: Jan (Available Profiles: Jan)
Platform: Windows 10 Pro Version 1703 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\Synergy\synergyd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
() D:\Arcane\Steam\SteamApps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
() C:\Program Files\Synergy\synergys.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Spotify Ltd) C:\Users\Jan\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(BitTorrent Inc.) C:\Users\Jan\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\Jan\AppData\Roaming\uTorrent\updates\3.5.0_43580\utorrentie.exe
(BitTorrent Inc.) C:\Users\Jan\AppData\Roaming\uTorrent\updates\3.5.0_43580\utorrentie.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) D:\Arcane\Steam\Steam.exe
(Spotify Ltd) C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5552\Agent.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Spotify Ltd) C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe
(Valve Corporation) D:\Arcane\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Arcane\Steam\bin\cef\cef.win7\steamwebhelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.8733\Battle.net.exe
() C:\Program Files (x86)\Battle.net\Battle.net.8733\Battle.net Helper.exe
(Valve Corporation) D:\Arcane\Steam\bin\cef\cef.win7\steamwebhelper.exe
() D:\Arcane\Steam\SteamApps\common\wallpaper_engine\wallpaper64.exe
(Spotify Ltd) C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.BingWeather_4.20.1102.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1703.601.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Battle.net\Battle.net.8733\Battle.net Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Jan\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13423688 2013-02-26] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-07-20] (LogMeIn Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKU\S-1-5-21-1304501298-2617440923-2015831366-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-1304501298-2617440923-2015831366-1001\...\Run: [Spotify Web Helper] => C:\Users\Jan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-29] (Spotify Ltd)
HKU\S-1-5-21-1304501298-2617440923-2015831366-1001\...\Run: [GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640 2017-05-02] (Google Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2016-08-03]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 81.25.1.250 81.25.28.250
Tcpip\..\Interfaces\{10f705c1-32e3-4380-8a5c-97e2e0787804}: [DhcpNameServer] 81.25.1.250 81.25.28.250
Tcpip\..\Interfaces\{b248c7a5-9403-4e4a-82c2-7eee9c289ce5}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1304501298-2617440923-2015831366-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-04-30] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-01] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-04-30] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-01] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-04-30] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-01] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-04-30] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-01] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-30] (Microsoft Corporation)

Edge:
======
Edge Session Restore: HKU\S-1-5-21-1304501298-2617440923-2015831366-1001 -> is enabled.

FireFox:
========
FF DefaultProfile: tbfyn1f4.default
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\tbfyn1f4.default [2017-04-16]
FF Extension: (Disable Prefetch) - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\tbfyn1f4.default\features\{1c7b9f95-7024-45f2-bf00-4f6931ab2e64}\disable-prefetch@mozilla.org.xpi [2017-04-13]
FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-04-16] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-01] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\11.0.1.5597552\npmathplugin.dll [2016-09-21] (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.surfvox.com/"
CHR NewTab: Default -> Active:"chrome-extension://gpdpldlbafdmhlmcdllcjgoigmpjonfc/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default [2017-05-10]
CHR Extension: (BetterTTV) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-04-28]
CHR Extension: (Dokumenty Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-03]
CHR Extension: (Disk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-03]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-03]
CHR Extension: (uBlock Origin) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-04-20]
CHR Extension: (Vyhledávání Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-06-24]
CHR Extension: (FrankerFaceZ) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2016-07-03]
CHR Extension: (Full Page Screen Capture) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2016-10-14]
CHR Extension: (Postman) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbjgbiflinjbdggehcddcbncdddomop [2017-04-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-03]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-05-07]
CHR Extension: (Simple Speed Dial) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdpldlbafdmhlmcdllcjgoigmpjonfc [2016-07-03]
CHR Extension: (JetBrains IDE Support) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhgeddbohgjknpmjagkdomcpobmllji [2017-03-09]
CHR Extension: (Better Youtube Subscriptions) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgicdngjllamjgijagdkoalhkpplipnd [2017-05-07]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-07-03]
CHR Extension: (Mapy Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-07-03]
CHR Extension: (Twitch Now) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2016-07-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-15]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2017-04-28]
CHR Extension: (Enhanced Steam) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2017-04-13]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-03]
CHR Extension: (Chrome Media Router) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-01]
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\System Profile [2016-03-10]
CHR HKU\S-1-5-21-1304501298-2617440923-2015831366-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
S3 AppleChargerSrv; C:\WINDOWS\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3801280 2017-04-19] (Microsoft Corporation)
S3 debugregsvc; C:\WINDOWS\System32\debugregsvc.dll [74752 2017-03-17] (Microsoft Corporation)
S3 DeveloperToolsService; C:\WINDOWS\System32\DeveloperToolsSvc.exe [103936 2017-03-17] (Microsoft Corporation)
S3 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2554376 2016-07-20] (LogMeIn Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-07-20] (LogMeIn, Inc.)
S3 LxssManager; C:\WINDOWS\system32\lxss\LxssManager.dll [357888 2017-04-06] (Microsoft Corporation)
R2 nlsX86cc; C:\WINDOWS\SysWOW64\nlssrv32.exe [66560 2012-01-31] (Nalpeiron Ltd.) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123240 2017-04-02] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184688 2017-04-02] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 SshBroker; C:\WINDOWS\System32\SshBroker.dll [373760 2017-03-17] (Microsoft Corporation)
S3 SshProxy; C:\WINDOWS\System32\SshProxy.dll [266240 2017-03-17] (Microsoft Corporation)
R2 Synergy; C:\Program Files\Synergy\synergyd.exe [314024 2016-08-08] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R2 Wallpaper Engine Service; D:\Arcane\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [25600 2017-02-12] () [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S4 WebManagement; C:\WINDOWS\system32\WebManagement.exe [1034240 2017-03-17] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [15968 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [736512 2017-01-13] (Intel Corporation)
R0 lxss; C:\WINDOWS\System32\drivers\lxss.sys [17312 2017-04-06] (Microsoft Corporation)
R2 mi2c; C:\Windows\system32\drivers\mi2c.sys [20784 2014-12-25] (Nicomsoft Ltd.)
R3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (MediaTek Inc.)
R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo_VPN.sys [38432 2015-09-22] (SoftEther Corporation)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7932160 2017-01-24] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a2b0acab06663645\nvlddmkm.sys [14456944 2017-05-02] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-05-02] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-23] (Realtek )
S3 RtlWlanu_OldIC; C:\WINDOWS\System32\drivers\rtwlanu_oldIC.sys [3814400 2016-07-16] (Realtek Semiconductor Corporation )
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [50208 2015-09-22] (SoftEther Corporation)
S3 sthid; C:\WINDOWS\System32\drivers\sthid.sys [21216 2016-05-06] (Splashtop Inc.)
R3 tapoas; C:\WINDOWS\System32\drivers\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
S1 UsbCharger; C:\WINDOWS\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
R3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2016-04-21] (Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: LxssManager -> C:\Windows\system32\lxss\LxssManager.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-10 00:30 - 2017-05-10 00:31 - 00031390 _____ C:\Users\Jan\Desktop\FRST.txt
2017-05-10 00:30 - 2017-05-10 00:30 - 00000000 ____D C:\FRST
2017-05-10 00:27 - 2017-05-10 00:27 - 02429440 _____ (Farbar) C:\Users\Jan\Desktop\FRST64.exe
2017-05-10 00:27 - 2017-05-10 00:27 - 00112640 _____ (forum.viry.cz) C:\Users\Jan\Desktop\FRSTLauncher.exe
2017-05-09 22:32 - 2017-05-01 22:52 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-05-09 22:32 - 2017-05-01 22:51 - 06437312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-05-09 22:32 - 2017-05-01 22:51 - 02479552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-05-09 22:32 - 2017-05-01 22:51 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-05-09 22:32 - 2017-05-01 22:51 - 00548800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-05-09 22:32 - 2017-05-01 22:51 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-05-09 22:32 - 2017-05-01 22:51 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-09 22:32 - 2017-05-01 22:51 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-05-09 22:32 - 2017-05-01 22:14 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-05-09 22:32 - 2017-04-25 23:11 - 07944687 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-05-09 22:30 - 2017-05-02 00:38 - 40201848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 35388864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 35281528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 28623480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 11056456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 11024384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 10547440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 09245744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 09014792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 08805232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 04092088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 03792320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 03607464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 03247736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 01600560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 01278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 01276128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 01054144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 00995736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 00993872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 00991168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 00960960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 00911992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 00821184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 00776048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 00688968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 00651200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 00618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 00612088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 00609912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 00577728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 00499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 00218040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-05-09 22:30 - 2017-05-02 00:38 - 00059448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-05-09 22:30 - 2017-05-02 00:38 - 00046008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-05-09 22:30 - 2017-05-02 00:38 - 00045061 _____ C:\WINDOWS\system32\nvinfo.pb
2017-05-09 22:30 - 2017-05-02 00:38 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-05-09 22:30 - 2017-05-02 00:38 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-05-09 22:25 - 2017-05-09 22:25 - 00000000 ____D C:\WINDOWS\LastGood
2017-05-09 22:23 - 2017-05-02 00:38 - 01988032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438205.dll
2017-05-09 22:23 - 2017-05-02 00:38 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438205.dll
2017-05-09 22:09 - 2017-05-09 22:09 - 00000000 ____D C:\Users\Jan\AppData\LocalLow\uTorrent
2017-05-09 14:37 - 2017-05-09 14:38 - 00000000 ____D C:\Program Files\trend micro
2017-05-09 12:18 - 2017-05-09 12:18 - 00004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-09 12:18 - 2017-05-03 22:21 - 00175736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-05-09 12:18 - 2017-05-03 22:21 - 00143480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-05-08 00:32 - 2017-05-08 03:14 - 01504214 _____ C:\Users\Jan\Desktop\Diplomka_2017_Kozánek_Jan2.pdf
2017-05-07 18:59 - 2017-05-09 14:52 - 00000000 ____D C:\Program Files\Personal Performance Exam
2017-05-07 18:59 - 2017-05-09 14:52 - 00000000 ____D C:\Program Files\Ailt DmargeCopy
2017-05-07 18:59 - 2017-05-07 18:59 - 00016888 _____ C:\WINDOWS\System32\Tasks\Personal Performance Exam
2017-05-07 18:59 - 2017-05-07 18:59 - 00016822 _____ C:\WINDOWS\System32\Tasks\Ailt DmargeCopy
2017-05-07 18:58 - 2017-05-09 14:52 - 00000000 ____D C:\Program Files\CaladosyDeptur Standard
2017-05-07 18:58 - 2017-05-07 18:58 - 00001566 _____ C:\WINDOWS\Tasks\CaladosyDeptur Standard.job
2017-05-07 13:52 - 2017-05-09 15:08 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-07 13:51 - 2017-05-07 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-05-07 13:51 - 2017-05-07 13:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-05-07 13:51 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-05-07 13:51 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-03 02:47 - 2017-05-07 18:58 - 00000000 ___HD C:\ProgramData\3572f69113l19270z3
2017-05-03 02:46 - 2017-05-07 18:59 - 00000000 ___HD C:\ProgramData\57680f5597l66565z0
2017-05-03 02:46 - 2017-05-07 18:58 - 00000000 ___HD C:\ProgramData\77762f98680l3466z7
2017-05-03 02:46 - 2017-05-03 02:46 - 00016834 _____ C:\WINDOWS\System32\Tasks\77762f98680l3466z7
2017-05-03 02:46 - 2017-05-03 02:46 - 00016834 _____ C:\WINDOWS\System32\Tasks\57680f5597l66565z0
2017-05-03 02:45 - 2017-05-07 18:58 - 00000000 ___HD C:\ProgramData\94985f64993l59540z0
2017-04-29 03:10 - 2017-04-29 03:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Little Nightmares
2017-04-28 00:55 - 2017-04-19 09:14 - 08321440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-28 00:55 - 2017-04-19 09:07 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-04-28 00:55 - 2017-04-19 09:06 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-04-28 00:55 - 2017-04-19 09:06 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-28 00:55 - 2017-04-19 09:06 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-04-28 00:55 - 2017-04-19 09:04 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-04-28 00:55 - 2017-04-19 09:03 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-28 00:55 - 2017-04-19 09:02 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-04-28 00:55 - 2017-04-19 09:02 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-04-28 00:55 - 2017-04-19 08:59 - 00387416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-04-28 00:55 - 2017-04-19 08:34 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-28 00:55 - 2017-04-19 08:22 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-28 00:55 - 2017-04-19 08:19 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-28 00:55 - 2017-04-19 08:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-04-28 00:55 - 2017-04-19 08:18 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-04-28 00:55 - 2017-04-19 08:17 - 23680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-28 00:55 - 2017-04-19 08:16 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-04-28 00:55 - 2017-04-19 08:16 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-04-28 00:55 - 2017-04-19 08:15 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-04-28 00:55 - 2017-04-19 08:14 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-28 00:55 - 2017-04-19 08:14 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-04-28 00:55 - 2017-04-19 08:14 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-28 00:55 - 2017-04-19 08:13 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-04-28 00:55 - 2017-04-19 08:13 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-04-28 00:55 - 2017-04-19 08:13 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-04-28 00:55 - 2017-04-19 08:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-04-28 00:55 - 2017-04-19 08:12 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-04-28 00:55 - 2017-04-19 08:12 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-04-28 00:55 - 2017-04-19 08:11 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-04-28 00:55 - 2017-04-19 08:11 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-04-28 00:55 - 2017-04-19 08:11 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-28 00:55 - 2017-04-19 08:11 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-28 00:55 - 2017-04-19 08:11 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-04-28 00:55 - 2017-04-19 08:10 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-28 00:55 - 2017-04-19 08:10 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-04-28 00:55 - 2017-04-19 08:10 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-04-28 00:55 - 2017-04-19 08:10 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-04-28 00:55 - 2017-04-19 08:09 - 08246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-28 00:55 - 2017-04-19 08:08 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-28 00:55 - 2017-04-19 08:08 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-04-28 00:55 - 2017-04-19 08:07 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-28 00:55 - 2017-04-19 08:07 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-04-28 00:55 - 2017-04-19 08:07 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-04-28 00:55 - 2017-04-19 08:07 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-04-28 00:55 - 2017-04-19 08:07 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-04-28 00:55 - 2017-04-19 08:06 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-04-28 00:55 - 2017-04-19 08:05 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-04-28 00:55 - 2017-04-19 08:05 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-28 00:55 - 2017-04-19 08:04 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-04-28 00:55 - 2017-04-19 08:04 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-04-28 00:55 - 2017-04-19 08:02 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-04-28 00:55 - 2017-04-19 08:02 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-04-28 00:55 - 2017-04-19 08:01 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-04-28 00:55 - 2017-04-19 07:59 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-04-28 00:55 - 2017-04-19 07:59 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-04-28 00:55 - 2017-04-19 07:58 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-04-28 00:55 - 2017-04-19 07:58 - 06761048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-28 00:55 - 2017-04-19 07:44 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-04-28 00:55 - 2017-04-19 07:41 - 20506112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-28 00:55 - 2017-04-19 07:41 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-04-28 00:55 - 2017-04-19 07:37 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-28 00:55 - 2017-04-19 07:37 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-04-28 00:55 - 2017-04-19 07:37 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-04-28 00:55 - 2017-04-19 07:36 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-04-28 00:55 - 2017-04-19 07:36 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-04-28 00:55 - 2017-04-19 07:35 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-04-28 00:55 - 2017-04-19 07:34 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-04-28 00:55 - 2017-04-19 07:34 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-04-28 00:55 - 2017-04-19 07:34 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-28 00:55 - 2017-04-19 07:34 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-04-28 00:55 - 2017-04-19 07:33 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-28 00:55 - 2017-04-19 07:33 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-04-28 00:55 - 2017-04-19 07:32 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-04-28 00:55 - 2017-04-19 07:32 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-04-28 00:55 - 2017-04-19 07:30 - 06296064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-28 00:55 - 2017-04-19 07:30 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-04-28 00:55 - 2017-04-19 07:30 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-04-28 00:55 - 2017-04-19 07:30 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-04-28 00:55 - 2017-04-19 07:29 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-04-28 00:55 - 2017-04-19 07:29 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-04-28 00:55 - 2017-04-19 07:28 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-04-28 00:55 - 2017-04-19 07:28 - 01627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-04-28 00:55 - 2017-04-19 07:24 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-04-28 00:55 - 2017-04-14 02:39 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-04-28 00:55 - 2017-04-14 02:37 - 00206232 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-04-28 00:55 - 2017-04-14 02:35 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-04-28 00:55 - 2017-04-14 02:35 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-04-28 00:55 - 2017-04-14 02:35 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-04-28 00:55 - 2017-04-14 02:33 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-04-28 00:55 - 2017-04-14 02:32 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-04-28 00:55 - 2017-04-14 02:32 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-04-28 00:55 - 2017-04-14 02:30 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-04-28 00:55 - 2017-04-14 02:25 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-04-28 00:55 - 2017-04-14 02:25 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-04-28 00:55 - 2017-04-14 01:43 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-04-28 00:55 - 2017-04-14 01:43 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-04-28 00:55 - 2017-04-14 01:41 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-04-28 00:55 - 2017-04-14 01:41 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-04-28 00:55 - 2017-04-14 01:40 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-04-28 00:55 - 2017-04-14 01:39 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-04-28 00:55 - 2017-04-14 01:39 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-04-28 00:55 - 2017-04-14 01:39 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-04-28 00:55 - 2017-04-14 01:39 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-04-28 00:55 - 2017-04-14 01:39 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-04-28 00:55 - 2017-04-14 01:38 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-04-28 00:55 - 2017-04-14 01:38 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-04-28 00:55 - 2017-04-14 01:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-04-28 00:55 - 2017-04-14 01:38 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-04-28 00:55 - 2017-04-14 01:37 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-04-28 00:55 - 2017-04-14 01:37 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-04-28 00:55 - 2017-04-14 01:37 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-04-28 00:55 - 2017-04-14 01:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-04-28 00:55 - 2017-04-14 01:37 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-04-28 00:55 - 2017-04-14 01:36 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-04-28 00:55 - 2017-04-14 01:36 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-04-28 00:55 - 2017-04-14 01:36 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-28 00:55 - 2017-04-14 01:35 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-04-28 00:55 - 2017-04-14 01:35 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-04-28 00:55 - 2017-04-14 01:35 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-04-28 00:55 - 2017-04-14 01:35 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-04-28 00:55 - 2017-04-14 01:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-28 00:55 - 2017-04-14 01:34 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-28 00:55 - 2017-04-14 01:34 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-04-28 00:55 - 2017-04-14 01:33 - 01885696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-04-28 00:55 - 2017-04-14 01:33 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-04-28 00:55 - 2017-04-14 01:33 - 01074688 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-04-28 00:55 - 2017-04-14 01:33 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-04-28 00:55 - 2017-04-14 01:32 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-28 00:55 - 2017-04-14 01:32 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-04-28 00:55 - 2017-04-14 01:31 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-28 00:55 - 2017-04-14 01:31 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-04-28 00:55 - 2017-04-14 01:31 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-04-28 00:55 - 2017-04-14 01:30 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-28 00:55 - 2017-04-14 01:29 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-04-28 00:55 - 2017-04-14 01:29 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-28 00:55 - 2017-04-14 01:29 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-04-28 00:55 - 2017-04-14 01:29 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-04-28 00:55 - 2017-04-14 01:29 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-04-28 00:55 - 2017-04-14 01:28 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-28 00:55 - 2017-04-14 01:26 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-04-28 00:55 - 2017-04-14 01:25 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-04-28 00:55 - 2017-04-14 01:24 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-04-28 00:55 - 2017-04-14 01:21 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-04-28 00:55 - 2017-04-14 01:21 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-04-28 00:55 - 2017-04-14 01:18 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-04-28 00:55 - 2017-04-14 01:18 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-04-28 00:55 - 2017-04-14 01:15 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-04-28 00:55 - 2017-04-14 01:15 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-04-28 00:55 - 2017-04-14 01:15 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-04-28 00:55 - 2017-04-14 01:13 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-04-28 00:55 - 2017-04-14 01:13 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-04-28 00:55 - 2017-04-14 01:13 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-04-28 00:55 - 2017-04-14 01:13 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-04-28 00:55 - 2017-04-14 01:12 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-04-28 00:55 - 2017-04-14 01:11 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-04-28 00:55 - 2017-04-14 01:09 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-04-28 00:55 - 2017-04-14 01:08 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-04-28 00:55 - 2017-04-14 01:06 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-04-28 00:55 - 2017-04-14 01:04 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-04-28 00:55 - 2017-04-14 01:01 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-04-28 00:38 - 2017-04-28 00:38 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Google
2017-04-22 12:27 - 2017-04-22 12:27 - 00000000 ____D C:\Users\Jan\AppData\Local\DBG
2017-04-20 16:29 - 2017-04-20 16:29 - 00000000 ____D C:\Users\Jan\AppData\Local\Tempzxpsign0d840e6b3c6fde6f
2017-04-20 14:40 - 2017-04-20 14:40 - 00000000 ____D C:\Users\Jan\AppData\Local\Tempzxpsigndb1227cd9705aed7
2017-04-15 05:36 - 2017-04-03 18:56 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-15 05:36 - 2017-04-03 18:56 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-15 00:54 - 2017-04-01 03:05 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-15 00:54 - 2017-04-01 03:05 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-15 00:54 - 2017-04-01 03:04 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-04-15 00:54 - 2017-04-01 03:04 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-04-15 00:54 - 2017-04-01 03:04 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-15 00:54 - 2017-04-01 02:57 - 01411640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-04-15 00:54 - 2017-04-01 02:57 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-15 00:54 - 2017-04-01 02:57 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-15 00:54 - 2017-04-01 02:52 - 02444184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-15 00:54 - 2017-04-01 02:52 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-15 00:54 - 2017-04-01 02:51 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-15 00:54 - 2017-04-01 02:47 - 01323880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-15 00:54 - 2017-04-01 02:29 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-15 00:54 - 2017-04-01 02:28 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-04-15 00:54 - 2017-04-01 02:25 - 00986592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-15 00:54 - 2017-04-01 02:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-15 00:54 - 2017-04-01 02:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-15 00:54 - 2017-04-01 02:05 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-15 00:54 - 2017-04-01 02:04 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-04-15 00:54 - 2017-04-01 02:04 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-15 00:54 - 2017-04-01 02:03 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-15 00:54 - 2017-04-01 02:02 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-04-15 00:54 - 2017-04-01 02:01 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-04-15 00:54 - 2017-04-01 01:58 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-15 00:54 - 2017-04-01 01:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-04-15 00:54 - 2017-04-01 01:56 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-04-15 00:54 - 2017-04-01 01:55 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-04-15 00:54 - 2017-04-01 01:55 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-04-15 00:54 - 2017-04-01 01:52 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-15 00:54 - 2017-04-01 01:52 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-15 00:54 - 2017-04-01 01:50 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-04-15 00:54 - 2017-04-01 01:50 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-15 00:54 - 2017-04-01 01:45 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-15 00:54 - 2017-04-01 01:44 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-15 00:54 - 2017-03-31 23:00 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-04-15 00:54 - 2017-03-25 10:28 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-04-15 00:54 - 2017-03-25 09:58 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-04-14 02:33 - 2017-04-14 02:33 - 00000000 ____D C:\Users\Jan\Documents\Bayonetta
2017-04-13 22:37 - 2017-04-13 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bayonetta

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-10 00:30 - 2016-08-07 02:03 - 00000000 ____D C:\Users\Jan\AppData\Roaming\uTorrent
2017-05-10 00:28 - 2017-04-06 15:54 - 00004196 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D1E197DB-4B7F-4627-B2E6-180083B60C6E}
2017-05-10 00:28 - 2014-12-25 03:34 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Skype
2017-05-10 00:27 - 2014-12-25 03:20 - 00000000 ____D C:\Users\Jan\AppData\Local\Battle.net
2017-05-10 00:26 - 2016-10-29 13:34 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Spotify
2017-05-10 00:25 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-09 23:12 - 2017-04-06 15:48 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-09 22:35 - 2017-04-06 15:57 - 02270116 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-09 22:35 - 2017-03-20 06:39 - 01001170 _____ C:\WINDOWS\system32\perfh005.dat
2017-05-09 22:35 - 2017-03-20 06:39 - 00227448 _____ C:\WINDOWS\system32\perfc005.dat
2017-05-09 22:34 - 2014-12-25 03:46 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-09 22:33 - 2017-04-06 15:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-09 22:33 - 2017-04-06 15:49 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-09 22:33 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-09 22:33 - 2015-12-22 14:34 - 00000000 ____D C:\Users\Jan\AppData\Local\CrashDumps
2017-05-09 22:33 - 2015-11-13 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-05-09 22:33 - 2014-12-25 05:09 - 00000000 ____D C:\Users\Jan\Documents\Assassin's Creed Unity
2017-05-09 22:33 - 2014-12-25 03:20 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-05-09 22:32 - 2017-04-06 15:49 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-09 22:32 - 2017-04-06 15:49 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-05-09 22:32 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-05-09 22:32 - 2016-03-18 20:45 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-09 22:27 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-09 22:27 - 2014-12-25 03:35 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-09 22:25 - 2014-12-25 03:35 - 156335152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-09 22:17 - 2016-10-29 13:34 - 00000000 ____D C:\Users\Jan\AppData\Local\Spotify
2017-05-09 22:05 - 2017-04-06 15:54 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-09 22:05 - 2017-04-06 15:49 - 00000000 ____D C:\Users\Jan
2017-05-09 22:05 - 2017-04-06 15:48 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-09 22:05 - 2014-12-25 02:28 - 00000000 __SHD C:\Users\Jan\IntelGraphicsProfiles
2017-05-09 22:04 - 2017-03-18 13:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-05-09 22:04 - 2016-07-03 03:31 - 00000000 ____D C:\AdwCleaner
2017-05-09 14:53 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-09 14:53 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-09 14:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\TAPI
2017-05-09 14:41 - 2017-03-02 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-09 12:18 - 2017-04-06 15:54 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-09 12:18 - 2017-04-06 15:54 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-09 12:18 - 2017-04-06 15:54 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-09 12:18 - 2017-04-06 15:54 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-09 12:18 - 2017-04-06 15:54 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-09 12:18 - 2017-04-06 15:54 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-09 12:18 - 2017-04-06 15:54 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-09 02:00 - 2014-12-25 02:37 - 00000000 ____D C:\Users\Jan\AppData\Local\Adobe
2017-05-08 21:58 - 2014-12-27 17:25 - 00000000 ____D C:\Users\Jan\AppData\Roaming\TS3Client
2017-05-08 01:57 - 2016-05-20 22:57 - 00000000 ____D C:\Program Files\Synergy
2017-05-08 00:29 - 2016-07-03 20:59 - 00000000 ____D C:\Users\Jan\AppData\Local\UnrealEngine
2017-05-07 18:59 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ModemLogs
2017-05-07 13:51 - 2014-12-25 03:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-07 13:45 - 2016-12-21 13:47 - 00000000 ____D C:\Program Files (x86)\Opera
2017-05-07 04:24 - 2017-04-06 15:54 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-03 22:21 - 2017-04-02 13:14 - 00048248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-05-03 22:21 - 2016-07-27 23:25 - 01893496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-05-03 22:21 - 2016-07-27 23:25 - 01755256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-05-03 22:21 - 2016-07-27 23:25 - 01477240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-05-03 22:21 - 2016-07-27 23:25 - 01317496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-05-03 22:21 - 2016-07-27 23:25 - 00121464 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-05-03 21:28 - 2016-12-25 04:29 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-05-03 03:52 - 2016-04-17 13:48 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-02 00:38 - 2017-03-23 16:27 - 04092088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\SETB185.tmp
2017-05-01 16:29 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-01 11:41 - 2014-12-25 02:12 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-01 05:33 - 2017-04-06 15:48 - 00497136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-01 05:33 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-01 05:33 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-01 05:33 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-01 05:33 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-01 05:33 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-01 05:33 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-01 05:33 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-01 05:33 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-01 05:33 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-01 05:33 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-01 05:33 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-01 05:33 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-01 05:33 - 2016-12-19 17:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-01 05:33 - 2016-12-19 17:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-30 06:40 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-30 06:39 - 2015-09-24 13:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-04-28 02:50 - 2014-12-25 04:10 - 00000000 ____D C:\World of Warcraft
2017-04-28 00:46 - 2017-04-06 15:54 - 00003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-28 00:46 - 2017-04-06 15:54 - 00003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-20 13:20 - 2014-12-25 02:12 - 00000000 ____D C:\Users\Jan\AppData\Local\Packages
2017-04-20 03:59 - 2017-03-23 16:27 - 04085712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\SETD273.tmp
2017-04-20 03:59 - 2017-03-23 16:27 - 03602112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\SETE245.tmp
2017-04-20 03:59 - 2017-03-23 16:27 - 00995736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\SETE1D3.tmp
2017-04-16 20:43 - 2016-12-19 17:06 - 00000000 ____D C:\Users\Jan\AppData\LocalLow\Mozilla
2017-04-15 05:35 - 2014-12-25 03:44 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-04-15 05:35 - 2014-12-25 03:44 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-04-15 00:57 - 2014-12-25 03:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-04-13 19:33 - 2015-11-08 18:41 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2016-05-11 22:07 - 2017-03-03 22:21 - 0000034 _____ () C:\Users\Jan\AppData\Roaming\AdobeWLCMCache.dat
2015-08-03 23:30 - 2015-08-09 16:21 - 0001006 _____ () C:\Users\Jan\AppData\Roaming\ARCANE-PC.MTBF.txt
2015-08-02 20:13 - 2016-06-24 21:42 - 282716672 _____ () C:\Users\Jan\AppData\Roaming\steam_api.wic
2015-08-02 20:13 - 2016-07-06 12:19 - 0000009 _____ () C:\Users\Jan\AppData\Roaming\update.dat
2016-04-24 01:29 - 2016-06-26 22:03 - 0003320 _____ () C:\Users\Jan\AppData\Roaming\VoiceMeeterDefault.xml
2015-08-02 20:14 - 2015-08-04 21:00 - 0000004 _____ () C:\Users\Jan\AppData\Roaming\Microsoft\notaut.txt
2015-08-25 20:52 - 2015-08-25 20:52 - 0001480 _____ () C:\Users\Jan\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2015-02-03 03:42 - 2016-01-16 14:46 - 0007597 _____ () C:\Users\Jan\AppData\Local\Resmon.ResmonCfg
2016-12-25 04:30 - 2017-01-27 13:59 - 0006776 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-25 04:30 - 2017-01-15 11:08 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Some files in TEMP:
====================
2017-05-08 22:10 - 2017-05-08 22:10 - 0469504 _____ () C:\Users\Jan\AppData\Local\Temp\g6D.tmp.exe
2017-03-23 16:29 - 2017-04-20 02:18 - 0754352 _____ (NVIDIA Corporation) C:\Users\Jan\AppData\Local\Temp\nvSCPAPI.dll
2017-03-23 16:29 - 2017-04-20 02:18 - 0867968 _____ (NVIDIA Corporation) C:\Users\Jan\AppData\Local\Temp\nvSCPAPI64.dll
2017-04-07 16:29 - 2017-04-20 02:18 - 0367736 _____ (NVIDIA Corporation) C:\Users\Jan\AppData\Local\Temp\nvStInst.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CaladosyDeptur Standard.job => rundll32.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jan\Desktop" je 7 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

Arcane
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 11 říj 2006 15:22

Re: Procesor často vytížen

#7 Příspěvek od Arcane »

Addition.txt


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-05-2017
Ran by Jan (10-05-2017 00:31:25)
Running from C:\Users\Jan\Desktop
Windows 10 Pro Version 1703 (X64) (2017-04-06 13:59:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1304501298-2617440923-2015831366-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1304501298-2617440923-2015831366-503 - Limited - Disabled)
Guest (S-1-5-21-1304501298-2617440923-2015831366-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1304501298-2617440923-2015831366-1005 - Limited - Enabled)
Jan (S-1-5-21-1304501298-2617440923-2015831366-1001 - Administrator - Enabled) => C:\Users\Jan

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

«Dark Souls II - Scholar of the First Sin» 1.02 (HKLM-x32\...\«Dark Souls II - Scholar of the First Sin»_is1) (Version: 1.02 - Namco Bandai)
µTorrent (HKU\S-1-5-21-1304501298-2617440923-2015831366-1001\...\uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.)
abgx360 v1.0.6 (HKLM-x32\...\abgx360) (Version: - )
Activision(R) (x32 Version: 1.00.0000 - Activision) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.204 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (32 Bit) (HKLM-x32\...\{8913FAF3-5BFE-45BA-AF57-67AF4BA67898}) (Version: 18.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.)
Agatha Christie - The ABC Murders (HKLM\...\Steam App 374900) (Version: - Artefacts Studios)
Aktualizace NVIDIA 25.0.0.0 (Version: 25.0.0.0 - NVIDIA Corporation) Hidden
Always Sometimes Monsters (HKLM-x32\...\Steam App 274310) (Version: - Vagabond Dog)
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Assassins Creed Unity Update v1.4 (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRVbml0eQ==_is1) (Version: 1 - )
Batman Arkham Knight version 1.0 (HKLM-x32\...\{C4EC5C21-E459-4164-9776-BA456540C08D}_is1) (Version: 1.0 - Warner Bros)
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version: - WB Games Montreal)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bayonetta (HKLM-x32\...\Bayonetta_is1) (Version: - )
Beatbuddy: Tale of the Guardians (HKLM-x32\...\Steam App 231040) (Version: - Threaks)
bit Dungeon II (HKLM-x32\...\Steam App 331440) (Version: - KintoGames)
Bloody5 (HKLM-x32\...\Bloody3) (Version: 15.06.0005 - Bloody)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cally's Caves 3 (HKLM\...\Steam App 418120) (Version: - VDO Games)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
Cook, Serve, Delicious! (HKLM-x32\...\Steam App 247020) (Version: - Vertigo Gaming Inc.)
CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Crucial Storage Executive (HKU\S-1-5-21-1304501298-2617440923-2015831366-1001\...\Crucial Storage Executive 3.20.042015.04) (Version: 3.20.042015.04 - Crucial)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Curse Client (HKU\S-1-5-21-1304501298-2617440923-2015831366-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Dark Souls - Prepare to Die Edition (HKLM-x32\...\Dark Souls - Prepare to Die Edition_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Dark Souls 3 (HKLM-x32\...\Dark Souls 3_is1) (Version: - )
Dark Souls III (HKLM-x32\...\Dark Souls III_is1) (Version: - )
Deus Ex: Mankind Divided™ (HKLM\...\Steam App 337000) (Version: - Eidos Montreal)
Devil Daggers (HKLM\...\Steam App 422970) (Version: - Sorath)
Discord (HKU\S-1-5-21-1304501298-2617440923-2015831366-1001\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Dishonored (RU) (HKLM-x32\...\Steam App 217980) (Version: 1.0 - Bethesda Softworks)
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
Don't Starve Together (HKLM\...\Steam App 322330) (Version: - Klei Entertainment)
Drum Controller Standard Tuning Kit (HKLM-x32\...\InstallShield_{FC8A7918-D65D-440C-9596-C88185E8DCA4}) (Version: 1.00.0000 - Activision)
Duet (HKLM-x32\...\Steam App 292600) (Version: - Kumobius)
Dungeon of the Endless (HKLM-x32\...\Steam App 249050) (Version: - AMPLITUDE Studios)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
EaseUS Partition Master 10.2 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS)
Enter the Gungeon (HKLM\...\Steam App 311690) (Version: - Dodge Roll)
Evolve Stage 2 (HKLM\...\Steam App 273350) (Version: - Turtle Rock Studios)
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - )
Far Cry 4 Valley of the Yeti Addon (HKLM-x32\...\RmFyQ3J5NA==_is1) (Version: 1 - )
Firewatch (HKLM-x32\...\Firewatch_is1) (Version: - )
Game of Thrones Episode 6 (HKLM-x32\...\Game of Thrones Episode 6_is1) (Version: - )
Gemini Rue (HKLM-x32\...\Steam App 80310) (Version: - Joshua Neurnberger)
Gods Will Be Watching (HKLM-x32\...\Steam App 274290) (Version: - Deconstructeam)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.96 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Guitar Hero III (HKLM-x32\...\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}) (Version: 1.3 - Activision)
Guitar Hero Three Control Panel (HKLM-x32\...\{FC7CCCFB-2081-4E9D-8F6D-CAAE87267E6C}) (Version: 2.0.4 - Sigma Production Inc.)
Guitar Hero World Tour (HKLM-x32\...\{A126E617-63F0-4E57-BFA4-7190F5845C39}) (Version: 1.0 - Aspyr)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heavy Bullets (HKLM-x32\...\Steam App 297120) (Version: - Terri Vellmann)
Hell Yeah! (HKLM-x32\...\Steam App 205230) (Version: - Arkedo)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hollow Knight (1.0.0.5) (HKLM-x32\...\1308320804_is1) (Version: 0.1.1.294 - GOG.com)
Hotline Miami 2: Wrong Number (HKLM\...\Steam App 274170) (Version: - Dennaton Games)
Human Resource Machine (HKLM\...\Steam App 375820) (Version: - Tomorrow Corporation)
Hyper Light Drifter (HKLM\...\Steam App 257850) (Version: - Heart Machine)
Imagenomic Portraiture 2.3.3 Plug-in (build 2330) (HKLM\...\ImagenomicPortraiturePlugin) (Version: - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Infernax (HKLM-x32\...\Steam App 374190) (Version: - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{A5D7BA33-DE92-4283-B885-14AE73400444}) (Version: 19.01.1627.3533 - Intel Corporation)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.14 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kingdom (HKLM-x32\...\Steam App 368230) (Version: - Noio)
Kingdom: New Lands (HKLM\...\Steam App 496300) (Version: - Noio)
K-Lite Mega Codec Pack 13.0.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.0.0 - KLCP)
Knights of Pen and Paper 2 (HKLM-x32\...\Steam App 310060) (Version: - Kyy Games)
Kodi (HKU\S-1-5-21-1304501298-2617440923-2015831366-1001\...\Kodi) (Version: - XBMC-Foundation)
Lara Croft and the Guardian of Light (HKLM-x32\...\Steam App 35130) (Version: - Crystal Dynamics)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version: - DONTNOD Entertainment)
Little Nightmares (HKLM-x32\...\Little Nightmares_is1) (Version: - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.493 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.493 - LogMeIn, Inc.) Hidden
Lone Survivor: The Director's Cut (HKLM-x32\...\Steam App 209830) (Version: - Jasper Byrne)
Lords of the Fallen (HKLM-x32\...\{F3DFAE55-83E3-4BD4-9311-B5AB0C16EFD9}_is1) (Version: - CI Games)
Mafia III (HKLM-x32\...\Mafia III_is1) (Version: - )
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mark of the Ninja (HKLM\...\Steam App 214560) (Version: - Klei Entertainment)
Mass Effect™: Andromeda (HKLM-x32\...\{72BBCA87-9350-48BC-9E2F-6DBC1E80C993}) (Version: 1.0.0.5 - Electronic Arts)
Master Spy (HKLM\...\Steam App 331190) (Version: - TURBOGUN)
Megabyte Punch (HKLM-x32\...\Steam App 248550) (Version: - Team Reptile)
Memoria (HKLM-x32\...\Steam App 243200) (Version: - Daedalic Entertainment)
Metal Gear Solid V: TPP (HKLM-x32\...\Metal Gear Solid V: TPP_is1) (Version: - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.7967.2139 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1304501298-2617440923-2015831366-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 52.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 cs)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2.6291 - Mozilla)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
MURDERED: SOUL SUSPECT™ (HKLM-x32\...\Steam App 233290) (Version: - Airtight Games)
NetBeans IDE 8.0.2 (HKLM\...\nbi-nb-base-8.0.2.0.201411181905) (Version: 8.0.2 - NetBeans.org)
Never Alone (Kisima Ingitchuna) (HKLM\...\Steam App 295790) (Version: - Upper One Games)
Neverending Nightmares (HKLM-x32\...\Steam App 253330) (Version: - Infinitap Games)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Nimbus (HKLM-x32\...\Steam App 50000) (Version: - Noumenon Games)
Not The Robots (HKLM-x32\...\Steam App 257120) (Version: - 2DArray)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Odallus: The Dark Call (HKLM\...\Steam App 319480) (Version: - JoyMasher)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
ON_OFF Charge 2 B14.0217.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B14.0217.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 43.0.2442.1144 (HKLM-x32\...\Opera 43.0.2442.1144) (Version: 43.0.2442.1144 - Opera Software)
Ori and the Blind Forest (HKLM-x32\...\Ori and the Blind Forest_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Origin (HKLM-x32\...\Origin) (Version: 10.4.5.30491 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Ovládací panel NVIDIA 382.05 (Version: 382.05 - NVIDIA Corporation) Hidden
Party Hard (HKLM-x32\...\Steam App 356570) (Version: - Pinokl Games)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
PS4 Remote Play (HKLM-x32\...\{E6441C60-6448-4A8F-AA66-36DCA9438264}) (Version: 1.5.0.08251 - Sony Interactive Entertainment Inc.)
Punch Club (HKLM\...\Steam App 394310) (Version: - Lazy Bear Games)
Quest of Dungeons (HKLM-x32\...\Steam App 270050) (Version: - David Amador)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Race The Sun (HKLM-x32\...\Steam App 253030) (Version: - Flippfly LLC)
Rayman Origins (HKLM-x32\...\{DE491AB9-1D47-4FED-A8F5-4D4325B2EB4B}) (Version: 1.00 - Ubisoft)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6849 - Realtek Semiconductor Corp.)
Resident Evil 7: Biohazard (HKLM-x32\...\Resident Evil 7: Biohazard_is1) (Version: - )
Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.)
Rise of the Tomb Raider (HKLM-x32\...\Steam App 391220) (Version: - Crystal Dynamics)
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
Road to Ballhalla (HKLM\...\Steam App 425410) (Version: - Torched Hill)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
rymdkapsel (HKLM-x32\...\Steam App 253790) (Version: - grapefrukt games)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Secrets of Rætikon (HKLM-x32\...\Steam App 246680) (Version: - Broken Rules)
Shadow Tactics - Blades of the Shogun (HKLM-x32\...\1601442230_is1) (Version: 2.0.0.3 - GOG.com)
SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Skype™ 7.34 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.34.103 - Skype Technologies S.A.)
Slain: Back from Hell (HKLM\...\Steam App 369070) (Version: - Andrew Gilmour)
Songbringer (HKLM-x32\...\Steam App 367080) (Version: - Wizard Fu Games)
Spotify (HKU\S-1-5-21-1304501298-2617440923-2015831366-1001\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
Starbound (HKLM\...\Steam App 211820) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synergy (64-bit) (HKLM\...\{AE81EF09-AD7A-49BB-897D-F2C9C4453A4B}) (Version: 1.8.2 - The Synergy Project)
Tabletop Simulator (HKLM\...\Steam App 286160) (Version: - Berserk Games)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
Terraria (HKLM\...\Steam App 105600) (Version: - Re-Logic)
The Legend of Zelda: Breath of the Wild (HKLM-x32\...\The Legend of Zelda: Breath of the Wild_is1) (Version: - )
The Witcher 3 Wild Hunt version 1.7 (HKLM-x32\...\The Witcher 3 Wild Hunt_is1) (Version: 1.7 - )
This War of Mine (HKLM-x32\...\Steam App 282070) (Version: - 11 bit studios)
Titan Souls (HKLM\...\Steam App 297130) (Version: - Acid Nerve)
To the Moon (HKLM-x32\...\Steam App 206440) (Version: - Freebird Games)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version: - Frozenbyte)
Undertale (HKLM-x32\...\Steam App 391540) (Version: - tobyfox)
Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
Velocibox (HKLM-x32\...\Steam App 317710) (Version: - Shawn Beck)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version: - VB-Audio Software)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Wallpaper Engine (HKLM\...\Steam App 431960) (Version: - Kristjan Skutta)
Westerado: Double Barreled (HKLM\...\Steam App 275200) (Version: - Ostrich Banditos)
Where is my Heart? (HKLM-x32\...\Steam App 244950) (Version: - Schulenburg Software)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wolfram Extras 11.0 (5597552) (HKLM\...\A-WIN-Extras 11.0.1 5597552_is1) (Version: 11.0.1 - Wolfram Research, Inc.)
Wolfram Mathematica 11 (M-WIN-L 11.0.1 5597744) (HKLM\...\M-WIN-L 11.0.1 5597744_is1) (Version: 11.0.1 - Wolfram Research, Inc.)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Public Test (HKLM-x32\...\World of Warcraft Public Test) (Version: - Blizzard Entertainment)
You Have to Win the Game (HKLM-x32\...\Steam App 286100) (Version: - Minor Key Games)
Ziggurat (HKLM-x32\...\Steam App 308420) (Version: - Milkstone Studios)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-78F0DE19A1AF}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{59279090-bd31-4342-a5b7-71bdaca6abb7}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Jan\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Jan\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Jan\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04A2DB1D-3BE7-4D24-B541-EBC475D72262} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation)
Task: {07A8D75D-15F1-4C46-9FE2-23E844851DD4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {0D488B6D-F73C-4A73-AE37-3E09FF89BB5A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0FFA8FA9-D0F3-49A6-A84A-E750313B9526} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {13B3155A-963D-4C3E-9D55-CC53F7BE0D96} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-04-30] (Microsoft Corporation)
Task: {193CDC18-8C56-4E89-8CC8-695FC0E23296} - System32\Tasks\57680f5597l66565z0 => Rundll32.exe "C:\ProgramData\57680f5597l66565z0\57680f5597l66565z0.dll",ftqflz <==== ATTENTION
Task: {296607BA-9257-445F-B4DD-135EAB7A046B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {2BD0567E-9672-458A-A996-06957C9901D9} - System32\Tasks\Microsoft\Windows\Windows Subsystem for Linux\AptPackageIndexUpdate => C:\WINDOWS\System32\LxRun.exe [2017-04-06] (Microsoft Corporation)
Task: {31D0CE80-2360-4CB3-869C-7D4968D5F093} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-03-13] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {357351E5-6F83-4ADC-92A6-B4A6E13F6DAC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation)
Task: {3FFFA913-9B6B-4B39-B246-4B09756D9502} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {429F4991-3E56-4794-8589-43B26D16D540} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-04-30] (Microsoft Corporation)
Task: {431325D3-1A12-448B-964B-5893B2F3CBEB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {45C47B7A-DE73-469D-889E-3E34DD701BBE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4C867841-7FEE-48C8-8AEF-F1B6596B0291} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {4DE9DBBA-29B4-4820-86EC-94D66A36F468} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-07] (Google Inc.)
Task: {58EDEA3E-9023-4217-9014-050E1ACA6513} - System32\Tasks\77762f98680l3466z7 => Rundll32.exe "C:\ProgramData\77762f98680l3466z7\77762f98680l3466z7.dll",ftqflz <==== ATTENTION
Task: {61C4DA81-3B4A-4AC7-8C5C-1A9210EEFD4F} - System32\Tasks\Ailt DmargeCopy => Rundll32.exe "C:\Program Files\Ailt DmargeCopy\Ailt DmargeCopy.dll",ZzyFeje
Task: {6D537038-348F-430F-B6D9-4115628289A3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {76C7BC31-71A9-4C9A-B4BE-589B1FDF5CA4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8F6921F0-B367-40EB-8145-C3FCC3951E04} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {930A0FFF-EC39-4DC1-9BC1-CA6DF5CF012B} - System32\Tasks\InstallShield Update Service => C:\Users\Jan\AppData\Roaming\com.lachhh.lachhhRPG\ISSCH\issch.exe
Task: {9315105C-7850-4AD8-80A2-7BF286988411} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {9320CD55-1895-4400-809D-699C3D7F68DF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {95250A80-1F15-440A-9E9A-A2D05F16CAAE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-09] (Microsoft Corporation)
Task: {A1D39891-435F-4D46-8B1F-06ADD2FBA725} - System32\Tasks\Personal Performance Exam => Rundll32.exe "C:\Program Files\Personal Performance Exam\Personal Performance Exam.dll",jkADPASOjY
Task: {A1F2561F-35B4-4A40-AC1D-33B160769119} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A4A31865-BD62-43C9-85FB-E5D287FD6681} - System32\Tasks\Opera scheduled Autoupdate 1482320874 => C:\Program Files (x86)\Opera\launcher.exe [2017-02-27] (Opera Software)
Task: {A7BE9E46-13E8-4938-9620-C22CDED15504} - System32\Tasks\MSISW_Host => C:\WINDOWS\SysWOW64\muachost.exe [2015-08-18] (MSI)
Task: {AAD9EBB1-A46F-4ED0-887C-8B3EE630C928} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-arcane36@seznam.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {AE4D9760-78BC-401F-8984-66F00487D7D0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {AFE85890-3C5C-4522-B0B9-39BD2310532C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {B9407770-7557-4865-B144-D071943C7572} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {C8709DA9-5E70-4505-9560-4B760E338DDF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {D059F1DD-358D-4CC6-99BD-8F40946433F2} - System32\Tasks\SidebarStartup => C:\Users\Jan\AppData\Local\SidebarDiagnostics\app-3.3.7\SidebarDiagnostics.exe
Task: {D1628DD5-0F32-46B7-A994-F014F49EC3E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-07] (Google Inc.)
Task: {DF5B8AC1-F04F-4118-8635-1CB622E0D100} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E0FA24FC-BAA9-4268-A41A-F1A7B8269389} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {E2E61EAF-97D1-4C8E-8E65-D6AF4CD0B69E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CaladosyDeptur Standard.job => rundll32.exe C:\Program Files\CaladosyDeptur Standard\CaladosyDeptur Standard.dll

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Postman.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fhbjgbiflinjbdggehcddcbncdddomop

==================== Loaded Modules (Whitelisted) ==============

altrok
Moderátor
Moderátor
Příspěvky: 7257
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Procesor často vytížen

#8 Příspěvek od altrok »

:arrow: Vygenerujte prosim znovu log Addition.txt, ale tentokrat bez pouziti FRSTLauncheru, tedy jen pomoci FRST64.exe
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

Arcane
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 11 říj 2006 15:22

Re: Procesor často vytížen

#9 Příspěvek od Arcane »

Posílám další log. Jinak to vypadá, že se mi furt něco dere do temp složky, protože během skenování mi z ní Win Defender něco odstranil.
http://imgur.com/a/ywIGe


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-05-2017
Ran by Jan (10-05-2017 11:39:52)
Running from C:\Users\Jan\Desktop
Windows 10 Pro Version 1703 (X64) (2017-04-06 13:59:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1304501298-2617440923-2015831366-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1304501298-2617440923-2015831366-503 - Limited - Disabled)
Guest (S-1-5-21-1304501298-2617440923-2015831366-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1304501298-2617440923-2015831366-1005 - Limited - Enabled)
Jan (S-1-5-21-1304501298-2617440923-2015831366-1001 - Administrator - Enabled) => C:\Users\Jan

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

«Dark Souls II - Scholar of the First Sin» 1.02 (HKLM-x32\...\«Dark Souls II - Scholar of the First Sin»_is1) (Version: 1.02 - Namco Bandai)
µTorrent (HKU\S-1-5-21-1304501298-2617440923-2015831366-1001\...\uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.)
abgx360 v1.0.6 (HKLM-x32\...\abgx360) (Version: - )
Activision(R) (x32 Version: 1.00.0000 - Activision) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.204 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (32 Bit) (HKLM-x32\...\{8913FAF3-5BFE-45BA-AF57-67AF4BA67898}) (Version: 18.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.)
Agatha Christie - The ABC Murders (HKLM\...\Steam App 374900) (Version: - Artefacts Studios)
Aktualizace NVIDIA 25.0.0.0 (Version: 25.0.0.0 - NVIDIA Corporation) Hidden
Always Sometimes Monsters (HKLM-x32\...\Steam App 274310) (Version: - Vagabond Dog)
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Assassins Creed Unity Update v1.4 (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRVbml0eQ==_is1) (Version: 1 - )
Batman Arkham Knight version 1.0 (HKLM-x32\...\{C4EC5C21-E459-4164-9776-BA456540C08D}_is1) (Version: 1.0 - Warner Bros)
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version: - WB Games Montreal)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bayonetta (HKLM-x32\...\Bayonetta_is1) (Version: - )
Beatbuddy: Tale of the Guardians (HKLM-x32\...\Steam App 231040) (Version: - Threaks)
bit Dungeon II (HKLM-x32\...\Steam App 331440) (Version: - KintoGames)
Bloody5 (HKLM-x32\...\Bloody3) (Version: 15.06.0005 - Bloody)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cally's Caves 3 (HKLM\...\Steam App 418120) (Version: - VDO Games)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
Cook, Serve, Delicious! (HKLM-x32\...\Steam App 247020) (Version: - Vertigo Gaming Inc.)
CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Crucial Storage Executive (HKU\S-1-5-21-1304501298-2617440923-2015831366-1001\...\Crucial Storage Executive 3.20.042015.04) (Version: 3.20.042015.04 - Crucial)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Curse Client (HKU\S-1-5-21-1304501298-2617440923-2015831366-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Dark Souls - Prepare to Die Edition (HKLM-x32\...\Dark Souls - Prepare to Die Edition_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Dark Souls 3 (HKLM-x32\...\Dark Souls 3_is1) (Version: - )
Dark Souls III (HKLM-x32\...\Dark Souls III_is1) (Version: - )
Deus Ex: Mankind Divided™ (HKLM\...\Steam App 337000) (Version: - Eidos Montreal)
Devil Daggers (HKLM\...\Steam App 422970) (Version: - Sorath)
Discord (HKU\S-1-5-21-1304501298-2617440923-2015831366-1001\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Dishonored (RU) (HKLM-x32\...\Steam App 217980) (Version: 1.0 - Bethesda Softworks)
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
Don't Starve Together (HKLM\...\Steam App 322330) (Version: - Klei Entertainment)
Drum Controller Standard Tuning Kit (HKLM-x32\...\InstallShield_{FC8A7918-D65D-440C-9596-C88185E8DCA4}) (Version: 1.00.0000 - Activision)
Duet (HKLM-x32\...\Steam App 292600) (Version: - Kumobius)
Dungeon of the Endless (HKLM-x32\...\Steam App 249050) (Version: - AMPLITUDE Studios)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
EaseUS Partition Master 10.2 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS)
Enter the Gungeon (HKLM\...\Steam App 311690) (Version: - Dodge Roll)
Evolve Stage 2 (HKLM\...\Steam App 273350) (Version: - Turtle Rock Studios)
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - )
Far Cry 4 Valley of the Yeti Addon (HKLM-x32\...\RmFyQ3J5NA==_is1) (Version: 1 - )
Firewatch (HKLM-x32\...\Firewatch_is1) (Version: - )
Game of Thrones Episode 6 (HKLM-x32\...\Game of Thrones Episode 6_is1) (Version: - )
Gemini Rue (HKLM-x32\...\Steam App 80310) (Version: - Joshua Neurnberger)
Gods Will Be Watching (HKLM-x32\...\Steam App 274290) (Version: - Deconstructeam)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.96 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Guitar Hero III (HKLM-x32\...\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}) (Version: 1.3 - Activision)
Guitar Hero Three Control Panel (HKLM-x32\...\{FC7CCCFB-2081-4E9D-8F6D-CAAE87267E6C}) (Version: 2.0.4 - Sigma Production Inc.)
Guitar Hero World Tour (HKLM-x32\...\{A126E617-63F0-4E57-BFA4-7190F5845C39}) (Version: 1.0 - Aspyr)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heavy Bullets (HKLM-x32\...\Steam App 297120) (Version: - Terri Vellmann)
Hell Yeah! (HKLM-x32\...\Steam App 205230) (Version: - Arkedo)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hollow Knight (1.0.0.5) (HKLM-x32\...\1308320804_is1) (Version: 0.1.1.294 - GOG.com)
Hotline Miami 2: Wrong Number (HKLM\...\Steam App 274170) (Version: - Dennaton Games)
Human Resource Machine (HKLM\...\Steam App 375820) (Version: - Tomorrow Corporation)
Hyper Light Drifter (HKLM\...\Steam App 257850) (Version: - Heart Machine)
Imagenomic Portraiture 2.3.3 Plug-in (build 2330) (HKLM\...\ImagenomicPortraiturePlugin) (Version: - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Infernax (HKLM-x32\...\Steam App 374190) (Version: - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{A5D7BA33-DE92-4283-B885-14AE73400444}) (Version: 19.01.1627.3533 - Intel Corporation)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.14 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kingdom (HKLM-x32\...\Steam App 368230) (Version: - Noio)
Kingdom: New Lands (HKLM\...\Steam App 496300) (Version: - Noio)
K-Lite Mega Codec Pack 13.0.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.0.0 - KLCP)
Knights of Pen and Paper 2 (HKLM-x32\...\Steam App 310060) (Version: - Kyy Games)
Kodi (HKU\S-1-5-21-1304501298-2617440923-2015831366-1001\...\Kodi) (Version: - XBMC-Foundation)
Lara Croft and the Guardian of Light (HKLM-x32\...\Steam App 35130) (Version: - Crystal Dynamics)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version: - DONTNOD Entertainment)
Little Nightmares (HKLM-x32\...\Little Nightmares_is1) (Version: - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.493 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.493 - LogMeIn, Inc.) Hidden
Lone Survivor: The Director's Cut (HKLM-x32\...\Steam App 209830) (Version: - Jasper Byrne)
Lords of the Fallen (HKLM-x32\...\{F3DFAE55-83E3-4BD4-9311-B5AB0C16EFD9}_is1) (Version: - CI Games)
Mafia III (HKLM-x32\...\Mafia III_is1) (Version: - )
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mark of the Ninja (HKLM\...\Steam App 214560) (Version: - Klei Entertainment)
Mass Effect™: Andromeda (HKLM-x32\...\{72BBCA87-9350-48BC-9E2F-6DBC1E80C993}) (Version: 1.0.0.5 - Electronic Arts)
Master Spy (HKLM\...\Steam App 331190) (Version: - TURBOGUN)
Megabyte Punch (HKLM-x32\...\Steam App 248550) (Version: - Team Reptile)
Memoria (HKLM-x32\...\Steam App 243200) (Version: - Daedalic Entertainment)
Metal Gear Solid V: TPP (HKLM-x32\...\Metal Gear Solid V: TPP_is1) (Version: - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.7967.2139 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1304501298-2617440923-2015831366-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 52.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 cs)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2.6291 - Mozilla)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
MURDERED: SOUL SUSPECT™ (HKLM-x32\...\Steam App 233290) (Version: - Airtight Games)
NetBeans IDE 8.0.2 (HKLM\...\nbi-nb-base-8.0.2.0.201411181905) (Version: 8.0.2 - NetBeans.org)
Never Alone (Kisima Ingitchuna) (HKLM\...\Steam App 295790) (Version: - Upper One Games)
Neverending Nightmares (HKLM-x32\...\Steam App 253330) (Version: - Infinitap Games)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Nimbus (HKLM-x32\...\Steam App 50000) (Version: - Noumenon Games)
Not The Robots (HKLM-x32\...\Steam App 257120) (Version: - 2DArray)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Odallus: The Dark Call (HKLM\...\Steam App 319480) (Version: - JoyMasher)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
ON_OFF Charge 2 B14.0217.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B14.0217.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 43.0.2442.1144 (HKLM-x32\...\Opera 43.0.2442.1144) (Version: 43.0.2442.1144 - Opera Software)
Ori and the Blind Forest (HKLM-x32\...\Ori and the Blind Forest_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Origin (HKLM-x32\...\Origin) (Version: 10.4.5.30491 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Ovládací panel NVIDIA 382.05 (Version: 382.05 - NVIDIA Corporation) Hidden
Party Hard (HKLM-x32\...\Steam App 356570) (Version: - Pinokl Games)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
PS4 Remote Play (HKLM-x32\...\{E6441C60-6448-4A8F-AA66-36DCA9438264}) (Version: 1.5.0.08251 - Sony Interactive Entertainment Inc.)
Punch Club (HKLM\...\Steam App 394310) (Version: - Lazy Bear Games)
Quest of Dungeons (HKLM-x32\...\Steam App 270050) (Version: - David Amador)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Race The Sun (HKLM-x32\...\Steam App 253030) (Version: - Flippfly LLC)
Rayman Origins (HKLM-x32\...\{DE491AB9-1D47-4FED-A8F5-4D4325B2EB4B}) (Version: 1.00 - Ubisoft)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6849 - Realtek Semiconductor Corp.)
Resident Evil 7: Biohazard (HKLM-x32\...\Resident Evil 7: Biohazard_is1) (Version: - )
Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.)
Rise of the Tomb Raider (HKLM-x32\...\Steam App 391220) (Version: - Crystal Dynamics)
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
Road to Ballhalla (HKLM\...\Steam App 425410) (Version: - Torched Hill)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
rymdkapsel (HKLM-x32\...\Steam App 253790) (Version: - grapefrukt games)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Secrets of Rætikon (HKLM-x32\...\Steam App 246680) (Version: - Broken Rules)
Shadow Tactics - Blades of the Shogun (HKLM-x32\...\1601442230_is1) (Version: 2.0.0.3 - GOG.com)
SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Skype™ 7.34 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.34.103 - Skype Technologies S.A.)
Slain: Back from Hell (HKLM\...\Steam App 369070) (Version: - Andrew Gilmour)
Songbringer (HKLM-x32\...\Steam App 367080) (Version: - Wizard Fu Games)
Spotify (HKU\S-1-5-21-1304501298-2617440923-2015831366-1001\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
Starbound (HKLM\...\Steam App 211820) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synergy (64-bit) (HKLM\...\{AE81EF09-AD7A-49BB-897D-F2C9C4453A4B}) (Version: 1.8.2 - The Synergy Project)
Tabletop Simulator (HKLM\...\Steam App 286160) (Version: - Berserk Games)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
Terraria (HKLM\...\Steam App 105600) (Version: - Re-Logic)
The Legend of Zelda: Breath of the Wild (HKLM-x32\...\The Legend of Zelda: Breath of the Wild_is1) (Version: - )
The Witcher 3 Wild Hunt version 1.7 (HKLM-x32\...\The Witcher 3 Wild Hunt_is1) (Version: 1.7 - )
This War of Mine (HKLM-x32\...\Steam App 282070) (Version: - 11 bit studios)
Titan Souls (HKLM\...\Steam App 297130) (Version: - Acid Nerve)
To the Moon (HKLM-x32\...\Steam App 206440) (Version: - Freebird Games)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version: - Frozenbyte)
Undertale (HKLM-x32\...\Steam App 391540) (Version: - tobyfox)
Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
Velocibox (HKLM-x32\...\Steam App 317710) (Version: - Shawn Beck)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version: - VB-Audio Software)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Wallpaper Engine (HKLM\...\Steam App 431960) (Version: - Kristjan Skutta)
Westerado: Double Barreled (HKLM\...\Steam App 275200) (Version: - Ostrich Banditos)
Where is my Heart? (HKLM-x32\...\Steam App 244950) (Version: - Schulenburg Software)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wolfram Extras 11.0 (5597552) (HKLM\...\A-WIN-Extras 11.0.1 5597552_is1) (Version: 11.0.1 - Wolfram Research, Inc.)
Wolfram Mathematica 11 (M-WIN-L 11.0.1 5597744) (HKLM\...\M-WIN-L 11.0.1 5597744_is1) (Version: 11.0.1 - Wolfram Research, Inc.)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Public Test (HKLM-x32\...\World of Warcraft Public Test) (Version: - Blizzard Entertainment)
You Have to Win the Game (HKLM-x32\...\Steam App 286100) (Version: - Minor Key Games)
Ziggurat (HKLM-x32\...\Steam App 308420) (Version: - Milkstone Studios)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-78F0DE19A1AF}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{59279090-bd31-4342-a5b7-71bdaca6abb7}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Jan\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Jan\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Jan\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04A2DB1D-3BE7-4D24-B541-EBC475D72262} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation)
Task: {07A8D75D-15F1-4C46-9FE2-23E844851DD4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {0D488B6D-F73C-4A73-AE37-3E09FF89BB5A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0FFA8FA9-D0F3-49A6-A84A-E750313B9526} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {13B3155A-963D-4C3E-9D55-CC53F7BE0D96} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-04-30] (Microsoft Corporation)
Task: {193CDC18-8C56-4E89-8CC8-695FC0E23296} - System32\Tasks\57680f5597l66565z0 => Rundll32.exe "C:\ProgramData\57680f5597l66565z0\57680f5597l66565z0.dll",ftqflz <==== ATTENTION
Task: {296607BA-9257-445F-B4DD-135EAB7A046B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {2BD0567E-9672-458A-A996-06957C9901D9} - System32\Tasks\Microsoft\Windows\Windows Subsystem for Linux\AptPackageIndexUpdate => C:\WINDOWS\System32\LxRun.exe [2017-04-06] (Microsoft Corporation)
Task: {31D0CE80-2360-4CB3-869C-7D4968D5F093} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-03-13] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {357351E5-6F83-4ADC-92A6-B4A6E13F6DAC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation)
Task: {3FFFA913-9B6B-4B39-B246-4B09756D9502} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {429F4991-3E56-4794-8589-43B26D16D540} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-04-30] (Microsoft Corporation)
Task: {431325D3-1A12-448B-964B-5893B2F3CBEB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {45C47B7A-DE73-469D-889E-3E34DD701BBE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4C867841-7FEE-48C8-8AEF-F1B6596B0291} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {4DE9DBBA-29B4-4820-86EC-94D66A36F468} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-07] (Google Inc.)
Task: {58EDEA3E-9023-4217-9014-050E1ACA6513} - System32\Tasks\77762f98680l3466z7 => Rundll32.exe "C:\ProgramData\77762f98680l3466z7\77762f98680l3466z7.dll",ftqflz <==== ATTENTION
Task: {61C4DA81-3B4A-4AC7-8C5C-1A9210EEFD4F} - System32\Tasks\Ailt DmargeCopy => Rundll32.exe "C:\Program Files\Ailt DmargeCopy\Ailt DmargeCopy.dll",ZzyFeje
Task: {6D537038-348F-430F-B6D9-4115628289A3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {76C7BC31-71A9-4C9A-B4BE-589B1FDF5CA4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8F6921F0-B367-40EB-8145-C3FCC3951E04} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {930A0FFF-EC39-4DC1-9BC1-CA6DF5CF012B} - System32\Tasks\InstallShield Update Service => C:\Users\Jan\AppData\Roaming\com.lachhh.lachhhRPG\ISSCH\issch.exe
Task: {9315105C-7850-4AD8-80A2-7BF286988411} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {9320CD55-1895-4400-809D-699C3D7F68DF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {95250A80-1F15-440A-9E9A-A2D05F16CAAE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-09] (Microsoft Corporation)
Task: {A1D39891-435F-4D46-8B1F-06ADD2FBA725} - System32\Tasks\Personal Performance Exam => Rundll32.exe "C:\Program Files\Personal Performance Exam\Personal Performance Exam.dll",jkADPASOjY
Task: {A1F2561F-35B4-4A40-AC1D-33B160769119} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A4A31865-BD62-43C9-85FB-E5D287FD6681} - System32\Tasks\Opera scheduled Autoupdate 1482320874 => C:\Program Files (x86)\Opera\launcher.exe [2017-02-27] (Opera Software)
Task: {A7BE9E46-13E8-4938-9620-C22CDED15504} - System32\Tasks\MSISW_Host => C:\WINDOWS\SysWOW64\muachost.exe [2015-08-18] (MSI)
Task: {AAD9EBB1-A46F-4ED0-887C-8B3EE630C928} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-arcane36@seznam.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {AE4D9760-78BC-401F-8984-66F00487D7D0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {AFE85890-3C5C-4522-B0B9-39BD2310532C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {B9407770-7557-4865-B144-D071943C7572} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {C8709DA9-5E70-4505-9560-4B760E338DDF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {D059F1DD-358D-4CC6-99BD-8F40946433F2} - System32\Tasks\SidebarStartup => C:\Users\Jan\AppData\Local\SidebarDiagnostics\app-3.3.7\SidebarDiagnostics.exe
Task: {D1628DD5-0F32-46B7-A994-F014F49EC3E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-07] (Google Inc.)
Task: {DF5B8AC1-F04F-4118-8635-1CB622E0D100} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E0FA24FC-BAA9-4268-A41A-F1A7B8269389} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {E2E61EAF-97D1-4C8E-8E65-D6AF4CD0B69E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CaladosyDeptur Standard.job => rundll32.exe C:\Program Files\CaladosyDeptur Standard\CaladosyDeptur Standard.dll

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Postman.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fhbjgbiflinjbdggehcddcbncdddomop

==================== Loaded Modules (Whitelisted) ==============

2016-08-08 13:53 - 2016-08-08 13:53 - 00017576 _____ () C:\Program Files\Synergy\synwinhk.DLL
2016-07-27 23:25 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-08-08 13:53 - 2016-08-08 13:53 - 00314024 _____ () C:\Program Files\Synergy\synergyd.exe
2017-02-12 22:59 - 2017-02-12 22:43 - 00025600 _____ () D:\Arcane\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-10-25 10:57 - 2016-10-25 10:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2017-03-18 22:59 - 2017-03-20 06:41 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-08 13:53 - 2016-08-08 13:53 - 00982184 _____ () C:\Program Files\Synergy\synergys.exe
2017-05-09 13:17 - 2017-05-09 13:18 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-09 13:17 - 2017-05-09 13:18 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-09 13:17 - 2017-05-09 13:18 - 43195904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-09 13:17 - 2017-05-09 13:18 - 02457088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
2017-05-09 22:32 - 2017-05-01 22:51 - 00133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-05-03 02:44 - 2017-05-03 02:44 - 01507816 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8733\Battle.net Helper.exe
2017-02-12 22:43 - 2017-04-28 01:10 - 00955904 _____ () D:\Arcane\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe
2017-05-08 15:06 - 2017-05-08 15:06 - 00765440 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.Vui.dll
2017-05-08 15:06 - 2017-05-08 15:06 - 10601984 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-05-08 15:06 - 2017-05-08 15:06 - 02640384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2017-04-22 13:31 - 2017-04-22 13:31 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.20.1102.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
2017-04-22 13:31 - 2017-04-22 13:31 - 15069696 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.20.1102.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.dll
2017-03-20 06:43 - 2017-03-20 06:43 - 04123032 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.20.1102.0_x64__8wekyb3d8bbwe\Microsoft.Advertising.dll
2016-03-04 16:21 - 2016-03-04 16:22 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.20.1102.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-03-15 13:34 - 2017-03-15 13:34 - 03879424 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1703.601.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-05-09 13:17 - 2017-05-09 13:17 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-05-09 13:17 - 2017-05-09 13:17 - 26322944 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-05-09 13:17 - 2017-05-09 13:17 - 00441856 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-05-09 13:17 - 2017-05-09 13:17 - 02139648 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-05-09 13:17 - 2017-05-09 13:17 - 02901928 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-05-09 13:17 - 2017-05-09 13:17 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2016-06-03 12:45 - 2016-06-03 12:45 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-05-09 13:17 - 2017-05-09 13:17 - 00641024 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-09 13:17 - 2017-05-09 13:17 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2017-04-02 00:06 - 2017-04-02 00:06 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2016-07-27 23:25 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-02-28 10:51 - 2017-02-28 10:51 - 01937376 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2017-03-23 17:00 - 2017-03-10 02:13 - 00674592 _____ () D:\Arcane\Steam\SDL2.dll
2016-10-14 12:15 - 2016-09-01 03:02 - 04969248 _____ () D:\Arcane\Steam\v8.dll
2017-04-28 00:48 - 2017-04-26 01:55 - 02465056 _____ () D:\Arcane\Steam\video.dll
2016-10-14 12:15 - 2016-09-01 03:02 - 01563936 _____ () D:\Arcane\Steam\icui18n.dll
2016-10-14 12:15 - 2016-01-27 09:49 - 00442880 _____ () D:\Arcane\Steam\libavutil-54.dll
2016-10-14 12:15 - 2016-01-27 09:49 - 00485888 _____ () D:\Arcane\Steam\libswscale-3.dll
2016-10-14 12:15 - 2016-09-01 03:02 - 01195296 _____ () D:\Arcane\Steam\icuuc.dll
2016-10-14 12:15 - 2016-01-27 09:49 - 00491008 _____ () D:\Arcane\Steam\libavformat-56.dll
2016-10-14 12:15 - 2016-01-27 09:49 - 02549760 _____ () D:\Arcane\Steam\libavcodec-56.dll
2016-10-14 12:15 - 2016-01-27 09:49 - 00332800 _____ () D:\Arcane\Steam\libavresample-2.dll
2017-04-28 00:48 - 2017-04-26 01:55 - 00848672 _____ () D:\Arcane\Steam\bin\chromehtml.DLL
2016-10-14 12:15 - 2016-07-05 00:17 - 00266560 _____ () D:\Arcane\Steam\openvr_api.dll
2016-10-29 13:34 - 2017-04-29 11:29 - 67725936 _____ () C:\Users\Jan\AppData\Roaming\Spotify\libcef.dll
2016-10-29 13:45 - 2017-04-29 11:29 - 00110192 _____ () C:\Users\Jan\AppData\Roaming\Spotify\SpotifyWinRT.dll
2017-03-10 04:42 - 2017-01-30 23:41 - 68875552 _____ () D:\Arcane\Steam\bin\cef\cef.win7\libcef.dll
2017-04-28 00:48 - 2017-04-26 01:55 - 00383776 _____ () D:\Arcane\Steam\steam.dll
2016-10-14 12:15 - 2015-09-25 01:52 - 00119208 _____ () D:\Arcane\Steam\winh264.dll
2017-05-03 02:44 - 2017-05-03 02:44 - 55758824 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8733\libcef.dll
2017-05-03 02:44 - 2017-05-03 02:44 - 00540336 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8733\ortp.dll
2017-05-03 02:44 - 2017-05-03 02:44 - 00133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8733\libEGL.dll
2017-05-03 02:44 - 2017-05-03 02:44 - 03384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8733\libGLESv2.dll
2017-05-03 02:44 - 2017-05-03 02:44 - 03384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8733\libglesv2.dll
2017-05-03 02:44 - 2017-05-03 02:44 - 00133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8733\libegl.dll
2016-10-29 13:34 - 2017-04-29 11:29 - 01929840 _____ () C:\Users\Jan\AppData\Roaming\Spotify\libglesv2.dll
2016-10-29 13:34 - 2017-04-29 11:29 - 00087152 _____ () C:\Users\Jan\AppData\Roaming\Spotify\libegl.dll
2017-02-12 22:43 - 2017-04-28 01:10 - 00735232 _____ () D:\Arcane\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
2017-05-09 22:24 - 2017-04-28 03:01 - 04124576 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2017-03-18 22:59 - 2017-03-20 06:41 - 02487712 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2017-05-09 12:18 - 2017-05-03 22:20 - 00034424 _____ () C:\Program Files\NVIDIA Corporation\nvstreamsrv\boost_system-vc120-mt-1_58.dll
2017-05-09 12:18 - 2017-05-03 22:20 - 00920184 _____ () C:\Program Files\NVIDIA Corporation\nvstreamsrv\boost_regex-vc120-mt-1_58.dll
2017-05-10 11:37 - 2017-05-10 11:37 - 00098816 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\win32api.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00110080 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\pywintypes27.dll
2017-05-10 11:37 - 2017-05-10 11:37 - 00364544 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\pythoncom27.dll
2017-05-10 11:37 - 2017-05-10 11:37 - 00320512 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\win32com.shell.shell.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00914432 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\_hashlib.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 01176576 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\wx._core_.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00806400 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\wx._gdi_.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00816128 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\wx._windows_.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 01067008 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\wx._controls_.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00733184 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\wx._misc_.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00682496 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\pysqlite2._sqlite.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00088064 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\_ctypes.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00686080 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\unicodedata.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00119808 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\win32file.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00108544 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\win32security.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00007168 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\hashobjs_ext.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00017920 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\thumbnails_ext.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00088064 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\usb_ext.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00012800 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\common.time34.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00018432 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\win32event.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00167936 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\win32gui.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00046080 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\_socket.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 01303552 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\_ssl.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00128512 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\_elementtree.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00127488 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\pyexpat.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00038912 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\win32inet.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00036864 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\_psutil_windows.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00524248 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\windows._lib_cacheinvalidation.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00011264 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\win32crypt.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00123392 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\wx._wizard.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00077312 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\wx._html2.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00027648 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\_multiprocessing.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00020480 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\_yappi.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00035840 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\win32process.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00078848 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\wx._animate.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00024064 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\win32pipe.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00010240 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\select.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00025600 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\win32pdh.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00017408 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\win32profile.pyd
2017-05-10 11:37 - 2017-05-10 11:37 - 00022528 ____R () C:\Users\Jan\AppData\Local\Temp\_MEI100882\win32ts.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1304501298-2617440923-2015831366-1001\...\skype.com -> hxxps://apps.skype.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1304501298-2617440923-2015831366-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{52603a9d-b673-489b-a225-547fea47ee76}.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1304501298-2617440923-2015831366-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"

Arcane
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 11 říj 2006 15:22

Re: Procesor často vytížen

#10 Příspěvek od Arcane »

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{35FF68FA-B59E-4639-86F0-D3F837184EC4}] => (Allow) D:\Arcane\Steam\SteamApps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{1E7C4A03-4BCA-44D2-8422-3309452FF81D}] => (Allow) D:\Arcane\Steam\SteamApps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{6D07536A-230F-4A97-B690-E1AD3C36035D}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win32\starbound.exe
FirewallRules: [{56DB40D6-59AB-4C75-BF5B-23D81FAC22B2}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win32\starbound.exe
FirewallRules: [{1084A357-074C-409B-A962-DC8C8588A260}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{2228F13F-6011-4B03-ACCA-DABD2F376969}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{3406700A-DB65-4114-B883-879E4CB0199D}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{2E047166-857E-4005-A6FA-F9961398766A}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{A0C77DA5-F87D-468C-9D83-4817E4D8CD9E}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound.exe
FirewallRules: [{4BD99755-A863-4630-8BD4-B9E3BAB68CBF}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound.exe
FirewallRules: [{9B6D980C-AB50-4052-91C2-0D475689E3CC}] => (Allow) D:\Arcane\Steam\SteamApps\common\HyperLightDrifter\HyperLightDrifter.exe
FirewallRules: [{27845F21-9169-4F8D-B906-53C363BAAE8C}] => (Allow) D:\Arcane\Steam\SteamApps\common\HyperLightDrifter\HyperLightDrifter.exe
FirewallRules: [{8BD45BB5-577B-4842-A679-ED031C8E678E}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
FirewallRules: [{E5C8D594-F538-4294-996C-C62C79423575}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
FirewallRules: [{2D744310-5F11-408D-A5BD-36F59D4772CC}] => (Block) D:\arcane\hry\the turing test\theturingtest\binaries\win64\theturingtest.exe
FirewallRules: [{0FB591DB-700F-4B0C-86D9-0EEB4ACC8EE1}] => (Block) D:\arcane\hry\the turing test\theturingtest\binaries\win64\theturingtest.exe
FirewallRules: [UDP Query User{E23DBA1F-41B1-4D0D-804D-614AD565ED61}D:\arcane\hry\the turing test\theturingtest\binaries\win64\theturingtest.exe] => (Allow) D:\arcane\hry\the turing test\theturingtest\binaries\win64\theturingtest.exe
FirewallRules: [TCP Query User{9D9D545D-C447-44DF-9AF6-027576879B2C}D:\arcane\hry\the turing test\theturingtest\binaries\win64\theturingtest.exe] => (Allow) D:\arcane\hry\the turing test\theturingtest\binaries\win64\theturingtest.exe
FirewallRules: [{5D95936E-D0FC-4370-BE07-81B13BDAB243}] => (Allow) D:\Arcane\Steam\SteamApps\common\Slain!\Slain.exe
FirewallRules: [{C879DDE6-94BA-4C81-80E0-BC9EFB576859}] => (Allow) D:\Arcane\Steam\SteamApps\common\Slain!\Slain.exe
FirewallRules: [{18BAC99B-CF6A-4E8B-87A2-E0664864C7A1}] => (Allow) D:\Arcane\Steam\SteamApps\common\wallpaper_engine\launcher.exe
FirewallRules: [{5C22C89F-2C59-4F79-A2E7-4082E453E9B5}] => (Allow) D:\Arcane\Steam\SteamApps\common\wallpaper_engine\launcher.exe
FirewallRules: [{5D299C56-F886-4D20-9B37-5A6087426820}] => (Allow) D:\Arcane\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{F573F031-5E82-4EBE-B6E6-E925FF518D34}] => (Allow) D:\Arcane\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{75DA69BA-E8D5-4B6E-9AB3-6FDAA3065E88}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{615A8273-990A-468A-8767-1E052C9FF23C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D73E3230-A49A-4A03-9A13-DBF8878F997C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{008B62F7-8A5B-4609-9721-4FCDEAF3474B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1FE87BA3-63C8-4AB2-B449-1DEE064EEBE7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{5C61516A-7A25-4D57-82B8-EB79CB394D99}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{522A0440-824B-4E8F-A3BC-CD46B4FD85AC}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe
FirewallRules: [{9BB466BD-CCDB-4CE0-81E5-B235B6C06062}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6F9C397A-6A7B-404E-852D-5B66A5D7BB38}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6FCB68F1-E5E0-4E68-B1EA-A3885940849D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{39FB5FA8-951B-48B5-A349-4AA60A8EA4AD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{869C248E-6C23-4DC9-827A-EA175CC268CB}] => (Allow) D:\Arcane\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{A8B3BFA2-D570-4176-B91F-A65C88A1030D}] => (Allow) D:\Arcane\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{CC120F3E-B8A4-4101-86B0-E0FFC3399FE9}] => (Allow) D:\Arcane\Steam\SteamApps\common\Commandos Behind Enemy Lines\Legacy\Comandos.exe
FirewallRules: [{801FE971-B595-4D67-B81F-C30100E65E26}] => (Allow) D:\Arcane\Steam\SteamApps\common\Commandos Behind Enemy Lines\Legacy\Comandos.exe
FirewallRules: [{B53CE045-DE58-4173-B811-423CAFEFB0BF}] => (Allow) D:\Arcane\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{255FCB95-A4DB-4557-B405-F071A5124C4D}] => (Allow) D:\Arcane\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CD30A312-6D90-4234-89B6-3BD1BE37957E}] => (Allow) D:\Arcane\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{5546B7BE-968B-4DF1-920E-5B4551BD910B}] => (Allow) D:\Arcane\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{F3A63F45-D4E6-4222-AC5C-3C08DAF0BBFC}] => (Block) D:\arcane\hry\maize\maize\binaries\win64\maize.exe
FirewallRules: [{06507C5D-D893-4954-AC20-CE551EEB2DEB}] => (Block) D:\arcane\hry\maize\maize\binaries\win64\maize.exe
FirewallRules: [UDP Query User{7BE3E241-2E89-4BAC-AE80-486F865EFE91}D:\arcane\hry\maize\maize\binaries\win64\maize.exe] => (Allow) D:\arcane\hry\maize\maize\binaries\win64\maize.exe
FirewallRules: [TCP Query User{08F9C5BA-7BC1-4D2A-A28A-9BED5A055108}D:\arcane\hry\maize\maize\binaries\win64\maize.exe] => (Allow) D:\arcane\hry\maize\maize\binaries\win64\maize.exe
FirewallRules: [{B5C51691-2B50-40AC-B9D2-31AC4AE5E1DF}] => (Block) D:\arcane\hry\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe
FirewallRules: [{7CCDE125-039E-4A92-93AD-582A4C93064D}] => (Block) D:\arcane\hry\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{58C5D7BB-5410-499C-A2E0-36D7170C0D17}D:\arcane\hry\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{0CDA9D26-0258-4A76-A802-F6159C01007E}D:\arcane\hry\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe
FirewallRules: [{B69804E5-07F4-4B9A-A11F-1DC5FE38745A}] => (Block) D:\arcane\hry\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe
FirewallRules: [{118ECEAE-7244-45E4-86D7-262A2A4396C5}] => (Block) D:\arcane\hry\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{F982108C-E112-4B77-A786-087C6F01DD10}D:\arcane\hry\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{66F1CA4E-1B18-40B0-BF12-D5AA7CA7D058}D:\arcane\hry\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe
FirewallRules: [{50F224FD-FC2D-4263-9BEA-8FEA7370876A}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.0\math.exe
FirewallRules: [{DEB2C1F2-6DD9-4949-BB53-11CCEEB65361}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.0\math.exe
FirewallRules: [{145821D0-DA41-441A-8B77-90B470ED2E09}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.0\MathKernel.exe
FirewallRules: [{8790E2D4-7368-440D-9F5E-0A61194BCD59}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.0\MathKernel.exe
FirewallRules: [{5783D1CF-4074-4BBD-A629-E968576E97E2}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.0\Mathematica.exe
FirewallRules: [{8CA87906-8429-4D36-BB59-D535F2EEB448}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.0\Mathematica.exe
FirewallRules: [{B20D069A-11EB-4D77-A492-AC0E626E7F6C}] => (Allow) D:\Arcane\Steam\SteamApps\common\Titan Souls\TITAN.exe
FirewallRules: [{13A4D434-BA6A-4B07-86FA-40DD1171A4C8}] => (Allow) D:\Arcane\Steam\SteamApps\common\Titan Souls\TITAN.exe
FirewallRules: [{67D56B46-6399-4375-977E-98D9F53AA56E}] => (Allow) D:\Arcane\Steam\SteamApps\common\Odallus\Launcher.exe
FirewallRules: [{E53C36B1-7C36-4A56-8ACA-07864591568C}] => (Allow) D:\Arcane\Steam\SteamApps\common\Odallus\Launcher.exe
FirewallRules: [{D741C7E6-E00F-4EDC-B496-908FE861FBEE}] => (Block) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2E3859AB-01E1-4FE5-8D5B-556265A5EA62}] => (Block) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{F85A3036-D7AA-4675-BA8C-3E8AC29908B7}C:\users\jan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{EEDADA2F-6DEF-4069-AB70-48671EFD0F7F}C:\users\jan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{422FF6D3-5279-471A-BBD1-2FCEE5F2BF1C}] => (Allow) D:\Arcane\Steam\SteamApps\common\Westerado\WesteradoDB.exe
FirewallRules: [{4D1CCD2F-44E5-4EEC-AD4F-F1D528F1BBD8}] => (Allow) D:\Arcane\Steam\SteamApps\common\Westerado\WesteradoDB.exe
FirewallRules: [{B7B1B04D-D3A5-48C8-877C-7F5AFE44333D}] => (Allow) D:\Arcane\Steam\SteamApps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{945EAB5F-245E-471F-8B49-14B8F5064056}] => (Allow) D:\Arcane\Steam\SteamApps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{209D1476-D9D6-4F02-8B74-AD1D088D037C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{75AB39E9-A33E-4F04-A13D-D74BD60E9B12}] => (Allow) D:\Arcane\Steam\SteamApps\common\devildaggers\dd.exe
FirewallRules: [{9A1011B7-E373-485F-88C5-9F6F913FAEE8}] => (Allow) D:\Arcane\Steam\SteamApps\common\devildaggers\dd.exe
FirewallRules: [{C9668D4A-275C-4F75-BE3E-83BE0307EE50}] => (Allow) D:\Arcane\Steam\SteamApps\common\Agatha Christie The ABC Murders\The ABC Murders.exe
FirewallRules: [{FC4612D2-493A-408E-A676-0C322BF12B58}] => (Allow) D:\Arcane\Steam\SteamApps\common\Agatha Christie The ABC Murders\The ABC Murders.exe
FirewallRules: [{3A9A98F4-76C6-4B6A-9A57-1009F8BFAF89}] => (Allow) D:\Arcane\Steam\SteamApps\common\Punch Club\Punch Club.exe
FirewallRules: [{9FD81D3E-9545-407D-90F1-260C3DBA7868}] => (Allow) D:\Arcane\Steam\SteamApps\common\Punch Club\Punch Club.exe
FirewallRules: [{969FC4EF-3CA1-4B86-A701-370B0687B038}] => (Block) C:\program files\synergy\synergys.exe
FirewallRules: [{927F0C0A-4662-433B-A782-21553E8D04B6}] => (Block) C:\program files\synergy\synergys.exe
FirewallRules: [UDP Query User{F44C6F37-95E8-4E9A-8BEF-E934FD968397}C:\program files\synergy\synergys.exe] => (Allow) C:\program files\synergy\synergys.exe
FirewallRules: [TCP Query User{DCAE20E4-DA87-41B2-B43A-126DD9D18C8A}C:\program files\synergy\synergys.exe] => (Allow) C:\program files\synergy\synergys.exe
FirewallRules: [{A9B68CFC-5003-483E-B8B2-BCA27399D9ED}] => (Allow) D:\Arcane\Steam\SteamApps\common\Deus Ex Mankind Divided\retail\DXMD.exe
FirewallRules: [{1A238F53-29DA-4558-A873-75E5DCB55867}] => (Allow) D:\Arcane\Steam\SteamApps\common\Deus Ex Mankind Divided\retail\DXMD.exe
FirewallRules: [{C61B0A0A-A953-40F8-B4E8-5F1225BBB498}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{D92FB89F-9F17-401A-8018-3EDBD0B25E85}D:\arcane\hry\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe] => (Block) D:\arcane\hry\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe
FirewallRules: [TCP Query User{21380132-221A-4A0D-8C14-F0AA61826FC4}D:\arcane\hry\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe] => (Block) D:\arcane\hry\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe
FirewallRules: [{CA359E54-DB89-4B3B-AEC0-276C44731AED}] => (Allow) D:\Arcane\Steam\SteamApps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{9651212F-ED78-42F7-A522-2FCD7CE4CFB1}] => (Allow) D:\Arcane\Steam\SteamApps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{AB9ED90B-E8E2-407D-9317-C1588A4A89D5}] => (Allow) D:\Arcane\Steam\SteamApps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{3BC4C48D-0A3E-4ACC-B49E-88F7BB60F259}] => (Allow) D:\Arcane\Steam\SteamApps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{C5E9E4E8-E447-4092-AEC7-97EADCAE00ED}] => (Allow) D:\Arcane\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{56917BE2-4EC5-4AB6-8D59-1D5BE6D8774C}] => (Allow) D:\Arcane\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [UDP Query User{7A2BE408-B218-4FA9-A174-F5DDE277C41F}C:\users\jan\appdata\local\pokemon\app-0.2.1\pokemon go live map.exe] => (Allow) C:\users\jan\appdata\local\pokemon\app-0.2.1\pokemon go live map.exe
FirewallRules: [TCP Query User{B2356AE9-0D6E-48EC-9B3F-C47B82906D9D}C:\users\jan\appdata\local\pokemon\app-0.2.1\pokemon go live map.exe] => (Allow) C:\users\jan\appdata\local\pokemon\app-0.2.1\pokemon go live map.exe
FirewallRules: [{A126697D-2461-418B-96D2-074C7B827808}] => (Allow) D:\Arcane\Steam\SteamApps\common\Kingdom New Lands\Kingdom.exe
FirewallRules: [{83B1EC06-89E1-4CFB-9667-8AD4FE2CC412}] => (Allow) D:\Arcane\Steam\SteamApps\common\Kingdom New Lands\Kingdom.exe
FirewallRules: [UDP Query User{EE22345C-2CBC-4927-BD9B-0E42A064C960}D:\arcane\hry\doom\doomx64.exe] => (Allow) D:\arcane\hry\doom\doomx64.exe
FirewallRules: [TCP Query User{5A72DAA2-21A2-4883-9DCC-C26FED8EE6AB}D:\arcane\hry\doom\doomx64.exe] => (Allow) D:\arcane\hry\doom\doomx64.exe
FirewallRules: [{6613B849-5111-4D08-BB13-1004170198B3}] => (Allow) D:\Arcane\Hry\DOOM\Steam\bin\steamwebhelper.exe
FirewallRules: [{3546A860-EEA2-44B7-810D-9716DEF90BF4}] => (Allow) D:\Arcane\Hry\DOOM\Steam\bin\steamwebhelper.exe
FirewallRules: [{DA6CA83E-E85E-4204-8C77-4AE476C4FB2E}] => (Allow) D:\Arcane\Hry\DOOM\Steam\Steam.exe
FirewallRules: [{D0B4AE82-BEE4-4BC2-A376-FD391D0942A0}] => (Allow) D:\Arcane\Hry\DOOM\Steam\Steam.exe
FirewallRules: [{27F6FD83-8CEA-470C-8FF0-817988F73452}] => (Allow) C:\Users\Jan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BFC32B15-CF3C-4EB4-9C14-04F06CE50F10}] => (Allow) C:\Users\Jan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C97B1660-66C6-4528-8B21-D7952FD262BA}] => (Allow) C:\Users\Jan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A4E7E9CC-76D9-41B5-AFC5-768844C2D96A}] => (Allow) C:\Users\Jan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3C3EC55E-2A6C-4E78-A747-033169DB53FE}] => (Allow) C:\Users\Jan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DABE1896-78EB-4380-B269-78191C45CBCE}] => (Allow) C:\Users\Jan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7755EDE4-C7DE-46ED-B870-02684123EA1A}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win32\starbound.exe
FirewallRules: [{2882C96B-0F9F-46F6-BEDD-BB784DF65F5B}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win32\starbound.exe
FirewallRules: [{86384468-9C15-4524-B3B2-7C6B6192F29E}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{29AE2A78-CD9E-4872-B213-6564D3BFB397}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{0F2A268D-E559-4A42-8149-4BCE994E0202}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{AAFA3022-1FCF-4ED3-8D91-82C2E26B4B87}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{EEC67932-76B5-4AE2-8BDA-9C037FC18BCF}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound.exe
FirewallRules: [{1B26912F-8161-4EB0-ACA6-3039613203E4}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win64\starbound.exe
FirewallRules: [{6DA77A2F-332D-48A2-B40D-BCF356DEB86B}] => (Allow) C:\Program Files (x86)\Shairport4w\Shairport4w.exe
FirewallRules: [{4520D2E3-111D-4C9D-898B-DBB173871534}] => (Allow) C:\Program Files (x86)\Shairport4w\Shairport4w.exe
FirewallRules: [{E263BFA4-3369-4BB2-8824-AEDD92E256DA}] => (Block) D:\arcane\hry\overwatch\gameclientapp.exe
FirewallRules: [{BE3201C4-E773-4D52-A42B-C15EA8AF767F}] => (Block) D:\arcane\hry\overwatch\gameclientapp.exe
FirewallRules: [UDP Query User{94ECC555-9730-4F81-B99B-270D58288C7E}D:\arcane\hry\overwatch\gameclientapp.exe] => (Allow) D:\arcane\hry\overwatch\gameclientapp.exe
FirewallRules: [TCP Query User{60566884-E850-488F-924E-23D232352F97}D:\arcane\hry\overwatch\gameclientapp.exe] => (Allow) D:\arcane\hry\overwatch\gameclientapp.exe
FirewallRules: [{D90E4A0F-3DE1-4950-A652-F0D554FFF2F5}] => (Block) C:\program files\reflector 2\reflector2.exe
FirewallRules: [{E63D5F01-0180-405D-B7C7-0EEFBC05F543}] => (Block) C:\program files\reflector 2\reflector2.exe
FirewallRules: [UDP Query User{9C79FB5D-8D7F-4C02-A516-C082F4F0DC97}C:\program files\reflector 2\reflector2.exe] => (Allow) C:\program files\reflector 2\reflector2.exe
FirewallRules: [TCP Query User{D31CC347-368E-413E-AA4E-FB0E47E7DA87}C:\program files\reflector 2\reflector2.exe] => (Allow) C:\program files\reflector 2\reflector2.exe
FirewallRules: [{8C9F4367-F978-425B-9F86-DBABD61EB89F}] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe
FirewallRules: [{32F8E1B4-D0AB-4B4D-9A8E-C2640DB8CE0F}] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe
FirewallRules: [UDP Query User{260FDDA0-C1AE-46CC-8C31-8224EB58C897}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe
FirewallRules: [TCP Query User{DE70302A-0D4B-4D4F-995C-151A1C7D9048}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe
FirewallRules: [{0445C64A-2A7E-472C-A4EC-E3936327CD99}] => (Allow) D:\Arcane\Steam\SteamApps\common\Undertale\UNDERTALE.exe
FirewallRules: [{09E50708-D916-473A-83BD-144ED11B3FB6}] => (Allow) D:\Arcane\Steam\SteamApps\common\Undertale\UNDERTALE.exe
FirewallRules: [{94310F5F-EE9E-44A1-8C92-A15B6D3CAFE3}] => (Allow) D:\Arcane\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{A27BBF16-78F3-4F5C-9A90-47CC8D3D32BF}] => (Allow) D:\Arcane\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{DE18DC85-6048-4024-A2B6-D3B40723D816}] => (Allow) D:\Arcane\Steam\SteamApps\common\OrganTrailDC\OrganTrail.exe
FirewallRules: [{BC1BA6B9-BB12-44DB-9949-AC4AEDF3434A}] => (Allow) D:\Arcane\Steam\SteamApps\common\OrganTrailDC\OrganTrail.exe
FirewallRules: [{4A9507FE-E1F0-45A2-AD07-178C2D056BC8}] => (Allow) D:\Arcane\Steam\SteamApps\common\BIT.TRIP FATE\BIT.TRIP FATE.exe
FirewallRules: [{7EB5CE70-463A-41F6-BA22-5DFE00A44310}] => (Allow) D:\Arcane\Steam\SteamApps\common\BIT.TRIP FATE\BIT.TRIP FATE.exe
FirewallRules: [{01C03203-D628-4CE7-8E51-C149F00CBF56}] => (Block) D:\arcane\hry\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe
FirewallRules: [{4C2E0BE7-9598-416E-9A0B-64CF12FB004E}] => (Block) D:\arcane\hry\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{63E73D70-7A62-4D70-95AF-500B558C0DFD}D:\arcane\hry\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{FA545A57-9962-44B1-BC8E-E4FC7EFB7E1C}D:\arcane\hry\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe
FirewallRules: [{551384DB-4E9A-491C-993D-8BA9FF6C14F3}] => (Allow) D:\Arcane\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{D31F929A-6CC7-490E-8EF7-5333C0E8CC1B}] => (Allow) D:\Arcane\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{9485C611-4440-454D-8321-676AC228593C}] => (Allow) D:\Arcane\Steam\SteamApps\common\Monaco\MONACO.exe
FirewallRules: [{7BE1ED5B-C87F-4AA8-BF0C-99A3DC59197B}] => (Allow) D:\Arcane\Steam\SteamApps\common\Monaco\MONACO.exe
FirewallRules: [{E79BEEB6-D1C4-45EF-AB36-F9BE6594C82D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{BC758B66-1D5A-4CE4-99B6-0F663645B6DB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{6FD0C1B5-6F9E-439F-8E59-BF211185CE56}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [{32C3E8DA-2EC0-4E6D-ADC5-47C1FAF4D56E}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{E1846FC5-BEC6-4C4C-83A2-77C4CB06518F}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{4CA86C88-6631-4CE4-83D5-FE129902FC66}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{A574799E-DC73-4E52-A3E9-5537CBCC7B7C}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{BC28E0FB-341E-45FE-94C3-33817496F384}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{216BF81E-B081-46BA-B04D-27A634230F19}] => (Block) D:\arcane\hry\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [{4B92E215-829C-4F34-9BEC-83651FF3C823}] => (Block) D:\arcane\hry\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{D952D124-03AE-4268-B034-FDD5A39E4D4C}D:\arcane\hry\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{34E86509-B394-4C37-876A-826451443603}D:\arcane\hry\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [{D030A73D-485C-4A00-A5C3-6001384244B8}] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{4A633616-F53E-4CBD-9FAC-6E74C7E0580A}] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{79DAAC61-1C05-40F1-86B2-A4907F563B41}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{B317580E-5716-4BB1-BDD2-E42907AAFE63}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{076843DB-D6BB-431D-9021-42941B76838E}] => (Block) D:\arcane\hry\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [{2E302E08-D2DF-470A-899D-03427C4E8450}] => (Block) D:\arcane\hry\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{92FFFC40-23AA-4AC9-AB55-36D95BD25252}D:\arcane\hry\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{66D1992E-9A3A-4C3D-94FB-32379A55ACED}D:\arcane\hry\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [{DD0F0A8C-D726-4809-95BE-5D8738826FD2}] => (Allow) D:\Arcane\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CD18DE0B-1316-46BF-9E79-9A0EED9AA2CB}] => (Allow) D:\Arcane\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BC36E42B-2225-4311-B236-DBC72A2BEE00}] => (Allow) D:\Arcane\Steam\SteamApps\common\Party Hard\PartyHardGame.exe
FirewallRules: [{6C942C85-CC7C-4662-84FC-A57462F22820}] => (Allow) D:\Arcane\Steam\SteamApps\common\Party Hard\PartyHardGame.exe
FirewallRules: [{12F4862E-1F0D-4661-8014-C7DCA23E751B}] => (Allow) D:\Arcane\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{152D3A58-A5F1-4E7D-B6E1-DDFCFACCF9D5}] => (Allow) D:\Arcane\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{C6D33BFA-1D0E-437C-9023-1AF3601463AB}] => (Allow) D:\Arcane\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{63649462-5C46-4789-88FB-CAE0EC6229DB}] => (Allow) D:\Arcane\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{3AE07854-A9DC-4C42-A181-3F6C41153A47}] => (Allow) D:\Arcane\Steam\SteamApps\common\CookServeDelicious\CSDSteamBuild.exe
FirewallRules: [{E2B829FD-B3F4-4D99-8F82-B89AE1BFF6E4}] => (Allow) D:\Arcane\Steam\SteamApps\common\CookServeDelicious\CSDSteamBuild.exe
FirewallRules: [{300FFB54-AB58-4135-A410-E12DB0B7DF20}] => (Allow) D:\Arcane\Steam\SteamApps\common\Ziggurat\Ziggurat.exe
FirewallRules: [{A649872D-209C-488A-89FA-439C68EB389A}] => (Allow) D:\Arcane\Steam\SteamApps\common\Ziggurat\Ziggurat.exe
FirewallRules: [{7568AC21-1FBB-4C40-BCEC-2AFD4D15FE2A}] => (Allow) D:\Arcane\Steam\SteamApps\common\Lone Survivor\LoneSurvivor\LoneSurvivor.exe
FirewallRules: [{F58C773E-C379-4165-9589-D55A6AA0C5AD}] => (Allow) D:\Arcane\Steam\SteamApps\common\Lone Survivor\LoneSurvivor\LoneSurvivor.exe
FirewallRules: [{738663EB-360F-4B6F-B1D2-8D6079A34DD8}] => (Allow) D:\Arcane\Steam\SteamApps\common\Always Sometimes Monsters\Game.exe
FirewallRules: [{B173AE34-6A73-4BB6-9827-B84F34BFF05F}] => (Allow) D:\Arcane\Steam\SteamApps\common\Always Sometimes Monsters\Game.exe
FirewallRules: [{23275BCE-5907-4702-AD74-F62911E9284D}] => (Allow) D:\Arcane\Steam\SteamApps\common\Neverending Nightmares\nightmare.exe
FirewallRules: [{98EF7660-47B2-4997-B4C0-191B478B5C92}] => (Allow) D:\Arcane\Steam\SteamApps\common\Neverending Nightmares\nightmare.exe
FirewallRules: [{BC9E0DF2-2620-4A96-85C1-8278E6CE836C}] => (Allow) D:\Arcane\Steam\SteamApps\common\Beatbuddy\Beatbuddy.exe
FirewallRules: [{CD7A022A-4E36-40D3-9EA3-DEB78E0E78AD}] => (Allow) D:\Arcane\Steam\SteamApps\common\Beatbuddy\Beatbuddy.exe
FirewallRules: [TCP Query User{A5BEBBE2-8D3E-4E86-A827-26F4D4A133A4}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{9E389609-618D-4E17-9DF4-C0B1A866C5A5}] => (Block) D:\arcane\hry\king's quest - chapter 1 - a knight to remember\binaries\win\kingsquest.exe
FirewallRules: [{696B6BBF-D913-4750-9034-FE0CC226C6F7}] => (Block) D:\arcane\hry\king's quest - chapter 1 - a knight to remember\binaries\win\kingsquest.exe
FirewallRules: [UDP Query User{B67667FB-6897-40AB-A2A9-F3F6686660F4}D:\arcane\hry\king's quest - chapter 1 - a knight to remember\binaries\win\kingsquest.exe] => (Allow) D:\arcane\hry\king's quest - chapter 1 - a knight to remember\binaries\win\kingsquest.exe
FirewallRules: [TCP Query User{0017AEAE-F24C-4500-98EB-2633E41DD7B1}D:\arcane\hry\king's quest - chapter 1 - a knight to remember\binaries\win\kingsquest.exe] => (Allow) D:\arcane\hry\king's quest - chapter 1 - a knight to remember\binaries\win\kingsquest.exe
FirewallRules: [{64A13D67-6F53-4C2A-9DEA-2F30A181AB0E}] => (Block) D:\arcane\hry\far cry 4\bin\ige_wpf64.exe
FirewallRules: [{EFBA301F-6E35-485A-9A49-175F93BED128}] => (Block) D:\arcane\hry\far cry 4\bin\ige_wpf64.exe
FirewallRules: [UDP Query User{DA4029D6-F206-4823-8373-08F987DDB97A}D:\arcane\hry\far cry 4\bin\ige_wpf64.exe] => (Allow) D:\arcane\hry\far cry 4\bin\ige_wpf64.exe
FirewallRules: [TCP Query User{8E4E1EC8-32D0-45CB-A213-9D7849EF4EBA}D:\arcane\hry\far cry 4\bin\ige_wpf64.exe] => (Allow) D:\arcane\hry\far cry 4\bin\ige_wpf64.exe
FirewallRules: [{44CECFD8-C67D-44C8-B5CF-2E242B0B4564}] => (Block) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [{D52E801D-8DDE-43C3-8598-C56774155F11}] => (Block) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [UDP Query User{058153A0-D337-42EA-8B09-DB1020D5AD6D}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [TCP Query User{2EBEB137-FAD5-4F2B-B31E-2F3328EA88A3}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [{36D25BBF-526C-437E-B325-9586EE3415F1}] => (Allow) D:\Arcane\Steam\SteamApps\common\Not The Robots\Not the Robots.exe
FirewallRules: [{C5FC2578-1A47-40D8-81F8-3D0BFEB44FD4}] => (Allow) D:\Arcane\Steam\SteamApps\common\Not The Robots\Not the Robots.exe
FirewallRules: [{08B7D5ED-BE02-4642-B9E0-41EEE0B06D27}] => (Allow) D:\Arcane\Steam\SteamApps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{5B004DD3-9C26-480B-B62A-C603FA9722C5}] => (Allow) D:\Arcane\Steam\SteamApps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{F20ABD47-62BF-4BE6-880E-76A35D930BBC}] => (Allow) D:\Arcane\Steam\SteamApps\common\Where is my Heart\Where is my Heart.exe
FirewallRules: [{2483DF75-3392-470D-A0E2-8F23D150B30E}] => (Allow) D:\Arcane\Steam\SteamApps\common\Where is my Heart\Where is my Heart.exe
FirewallRules: [UDP Query User{C3B48F1D-38FF-41BB-BF85-714237EAF662}D:\arcane\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Allow) D:\arcane\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{4AC1D3A2-6B87-4A6C-ACAF-20BDE23EA0CB}D:\arcane\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Allow) D:\arcane\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FE5A6B6D-7ACA-4459-A445-C57EE6EFCD58}] => (Allow) D:\Arcane\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{759FFFAD-E973-48F5-98CC-E27A3F28AB6B}] => (Allow) D:\Arcane\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{E1EDB930-D8A9-4405-BB15-86FCFEA30CBA}] => (Allow) D:\Arcane\Steam\SteamApps\common\Dishonored RHCP\Binaries\Win32\Dishonored.exe
FirewallRules: [{545B69EC-F603-49AF-831F-1AA80F8DF4C8}] => (Allow) D:\Arcane\Steam\SteamApps\common\Dishonored RHCP\Binaries\Win32\Dishonored.exe
FirewallRules: [{5E1056AC-61C5-49B9-B10E-36E88DF42E5D}] => (Allow) D:\Arcane\Steam\SteamApps\common\Gods Will Be Watching\gwbw.exe
FirewallRules: [{EFFA18E4-650C-4958-9C55-A9B6A731A884}] => (Allow) D:\Arcane\Steam\SteamApps\common\Gods Will Be Watching\gwbw.exe
FirewallRules: [{5AB6668B-CB13-42BC-A3AC-4667F1D70E70}] => (Allow) D:\Arcane\Steam\SteamApps\common\Memoria\VisionaireConfigurationTool.exe
FirewallRules: [{7617F3ED-2D9A-4FB4-91CE-5DA2C7FF8876}] => (Allow) D:\Arcane\Steam\SteamApps\common\Memoria\VisionaireConfigurationTool.exe
FirewallRules: [{B8520190-66D6-472D-9661-2305CCEFDF9E}] => (Allow) D:\Arcane\Steam\SteamApps\common\Memoria\memoria.exe
FirewallRules: [{158FE415-9368-409F-8166-436434A79F38}] => (Allow) D:\Arcane\Steam\SteamApps\common\Memoria\memoria.exe
FirewallRules: [{865208AF-8D42-44EE-BCD3-65A5E0BEDCE3}] => (Allow) D:\Arcane\Steam\SteamApps\common\You Have to Win the Game\TheGame.exe
FirewallRules: [{08D6F8DB-3AF4-40AC-BE13-93229CCF0951}] => (Allow) D:\Arcane\Steam\SteamApps\common\You Have to Win the Game\TheGame.exe
FirewallRules: [{A10041CA-F786-4BF1-BFF4-EAA75C1F1509}] => (Allow) D:\Arcane\Steam\SteamApps\common\Nimbus\Nimbus.exe
FirewallRules: [{6E5E55B4-D574-4DC8-A90E-346582233C81}] => (Allow) D:\Arcane\Steam\SteamApps\common\Nimbus\Nimbus.exe
FirewallRules: [{6AE93BF3-2605-4A70-B07F-CA1A890B4885}] => (Allow) D:\Arcane\Steam\SteamApps\common\Infernax\Infernax.exe
FirewallRules: [{8D0E5800-AF75-497C-A398-32DA1356B547}] => (Allow) D:\Arcane\Steam\SteamApps\common\Infernax\Infernax.exe
FirewallRules: [{FDBDC004-9E37-437D-86F4-74A4DC3B7961}] => (Allow) D:\Arcane\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{EC3DE6C5-138E-4B99-BC28-FAA5AEEA9F9E}] => (Allow) D:\Arcane\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{CDA94695-6D89-49F9-A5EC-2E41B61FC2C7}] => (Allow) D:\Arcane\Steam\SteamApps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{59AA07C4-867F-4A31-9869-97ACFB7AEA14}] => (Allow) D:\Arcane\Steam\SteamApps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{210FAF6B-0A11-4719-BEAF-B4871B99A3E9}] => (Allow) D:\Arcane\Steam\SteamApps\common\rymdkapsel\rymdkapsel.exe
FirewallRules: [{510511A0-E57C-4F6D-ADE6-1F1833EF6E8B}] => (Allow) D:\Arcane\Steam\SteamApps\common\rymdkapsel\rymdkapsel.exe
FirewallRules: [{0E3E9135-1FB9-4334-A96D-78D1C064556F}] => (Allow) D:\Arcane\Steam\SteamApps\common\Heavy Bullets\HEAVY_BULLETS.exe
FirewallRules: [{92BAF9FE-2942-4A24-A6A4-858272BA8DB7}] => (Allow) D:\Arcane\Steam\SteamApps\common\Heavy Bullets\HEAVY_BULLETS.exe
FirewallRules: [{6971D694-1430-4886-92DF-F972048F1F92}] => (Allow) D:\Arcane\Steam\SteamApps\common\bit Dungeon II\bitDungeonII.exe
FirewallRules: [{E38170B2-2DA2-44DB-A36B-84A8C42E22B2}] => (Allow) D:\Arcane\Steam\SteamApps\common\bit Dungeon II\bitDungeonII.exe
FirewallRules: [{0F9E8CE0-BC3C-40F5-8A03-14039EC24521}] => (Allow) D:\Arcane\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{BA4634E8-9777-4E05-B2D1-29C030994CE5}] => (Allow) D:\Arcane\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{D923A36F-1597-4BFE-BD47-EDB388DA0D0A}] => (Allow) D:\Arcane\Steam\SteamApps\common\Hammerwatch\Hammerwatch.exe
FirewallRules: [{B4896156-0068-4193-AD05-F2A01DD15E7E}] => (Allow) D:\Arcane\Steam\SteamApps\common\Hammerwatch\Hammerwatch.exe
FirewallRules: [{59143F50-C92D-4719-B3C3-EF11AD529D3C}] => (Block) D:\arcane\steam\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [{FA41709C-ECCA-482A-B7FD-DEA99D5AC1F8}] => (Block) D:\arcane\steam\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [UDP Query User{28829E22-6F90-46B2-9594-55324CA886D2}D:\arcane\steam\steamapps\common\trine 2\trine2_32bit.exe] => (Allow) D:\arcane\steam\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [TCP Query User{53FE2743-9FD5-48AE-8ED6-30E5BE54CB78}D:\arcane\steam\steamapps\common\trine 2\trine2_32bit.exe] => (Allow) D:\arcane\steam\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [{C1554976-5841-4368-B7D3-A163CEDE61B1}] => (Allow) D:\Arcane\Steam\SteamApps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{A258795B-192B-4430-912B-40752B83267A}] => (Allow) D:\Arcane\Steam\SteamApps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{8C143E0D-52E7-4A92-820C-F005B7B2A494}] => (Allow) D:\Arcane\Steam\SteamApps\common\LegendofDungeon\LegendofDungeon_DirectToRift.exe
FirewallRules: [{F38A6DAE-DDCC-4992-89A6-AF77785C9007}] => (Allow) D:\Arcane\Steam\SteamApps\common\LegendofDungeon\LegendofDungeon_DirectToRift.exe
FirewallRules: [{2E28AEE0-B87A-4997-87B6-1EDE74A93000}] => (Allow) D:\Arcane\Steam\SteamApps\common\LegendofDungeon\LegendofDungeon.exe
FirewallRules: [{E6566D08-22BD-4BC4-A60C-1357A782BA2B}] => (Allow) D:\Arcane\Steam\SteamApps\common\LegendofDungeon\LegendofDungeon.exe
FirewallRules: [{AAB15AA8-39C2-4C06-850E-36AD09A23A6A}] => (Allow) D:\Arcane\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{EED249CA-B00C-4FD9-8B4E-4065135B9AD1}] => (Allow) D:\Arcane\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{E9B90559-8E21-44A8-946B-22555D13B699}] => (Block) D:\arcane\hry\guitar hero iii\gh3.exe
FirewallRules: [{80EFB765-7A3C-4EAD-AC31-77BF202E8C40}] => (Block) D:\arcane\hry\guitar hero iii\gh3.exe
FirewallRules: [UDP Query User{BBE72163-FD2C-4A67-9904-86F8C00E9215}D:\arcane\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\arcane\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [TCP Query User{FDC80891-52C5-4594-88FE-3CE3C4514319}D:\arcane\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\arcane\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{FEE5CD36-8D4B-43B1-8FA6-AA4D7487A982}] => (Allow) D:\Arcane\Steam\SteamApps\common\RaceTheSun\RaceTheSun.exe
FirewallRules: [{B62833D1-4F17-47BF-9F5C-8165FEDB98B9}] => (Allow) D:\Arcane\Steam\SteamApps\common\RaceTheSun\RaceTheSun.exe
FirewallRules: [{E33B1BA8-B60F-4E03-9B31-3875051BB5E7}] => (Allow) D:\Arcane\Steam\SteamApps\common\Lara Croft and the Guardian of Light\lcgol.exe
FirewallRules: [{A8FF5CEB-0454-4D5F-B694-080C54553F4F}] => (Allow) D:\Arcane\Steam\SteamApps\common\Lara Croft and the Guardian of Light\lcgol.exe
FirewallRules: [{D84DD13A-7031-4981-B4C6-6725FEE26606}] => (Allow) D:\Arcane\Steam\SteamApps\common\Gemini Rue\reslists\winsetup.exe
FirewallRules: [{70A15629-F5A3-4DFD-910D-0A580D1C66E5}] => (Allow) D:\Arcane\Steam\SteamApps\common\Gemini Rue\reslists\winsetup.exe
FirewallRules: [{2507D2A1-FCE7-4D0D-8BEF-3023BBEC3190}] => (Allow) D:\Arcane\Steam\SteamApps\common\Gemini Rue\reslists\Gemini Rue.exe
FirewallRules: [{29940D9C-BF41-4867-B26C-B8D622DF63F8}] => (Allow) D:\Arcane\Steam\SteamApps\common\Gemini Rue\reslists\Gemini Rue.exe
FirewallRules: [{C49C8EE6-0C24-447E-9150-DB08DF203683}] => (Allow) D:\Arcane\Steam\SteamApps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{1975E034-5B84-4939-BF74-CC24622C1DF6}] => (Allow) D:\Arcane\Steam\SteamApps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{40298224-EA73-489D-89E9-478DAAE5BD59}] => (Allow) D:\Arcane\Steam\SteamApps\common\TeleglitchDME\Teleglitch.exe
FirewallRules: [{89CCEC94-9FEB-42EC-B405-752DA1547E5F}] => (Allow) D:\Arcane\Steam\SteamApps\common\TeleglitchDME\Teleglitch.exe
FirewallRules: [{1C2205C6-40EC-4C73-9705-0D0E8BF488A5}] => (Allow) D:\Arcane\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{3C248AC1-CF16-4371-8C99-A23BB2AB4BFF}] => (Allow) D:\Arcane\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{4C28A353-F39A-4F26-8875-09DEA0409958}] => (Allow) D:\Arcane\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{922FB62C-E0AB-4BF5-920E-5AFE45E1543B}] => (Allow) D:\Arcane\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{F01696FD-A839-4FE6-81AE-0927A99D6481}] => (Allow) D:\Arcane\Steam\SteamApps\common\Heroine's Quest\Heroine's Quest.exe
FirewallRules: [{9DAECFAF-A77C-4C1F-9E35-15848214A88B}] => (Allow) D:\Arcane\Steam\SteamApps\common\Heroine's Quest\Heroine's Quest.exe
FirewallRules: [{899D24E0-5BF6-47FD-93A3-C1D99BA72970}] => (Allow) D:\Arcane\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A4B178D8-5975-4FED-976A-00F2EDFC8999}] => (Allow) D:\Arcane\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3ECF2E8D-B523-427A-9C9E-828B838EE2FF}] => (Allow) D:\Arcane\Steam\SteamApps\common\MegabytePunch\MegabytePunch.exe
FirewallRules: [{F85702D9-227C-4296-801F-EA1D16962544}] => (Allow) D:\Arcane\Steam\SteamApps\common\MegabytePunch\MegabytePunch.exe
FirewallRules: [{64E43905-3C3C-4E46-B9CC-515E819DF70E}] => (Allow) D:\Arcane\Steam\SteamApps\common\Secrets of Raetikon\Raetikon.exe
FirewallRules: [{81E881DB-9684-4C2A-B433-96281972B7AC}] => (Allow) D:\Arcane\Steam\SteamApps\common\Secrets of Raetikon\Raetikon.exe
FirewallRules: [{5FAA4EEF-5C54-4D10-A1BD-6AEFCE6A2CB7}] => (Allow) D:\Arcane\Steam\SteamApps\common\Volgarr\Volgarr.exe
FirewallRules: [{AA90BEFA-C092-49C3-B8B9-F070DE96DD51}] => (Allow) D:\Arcane\Steam\SteamApps\common\Volgarr\Volgarr.exe
FirewallRules: [{5EFB3286-81A5-401B-BA8E-7D8292B4AFC5}] => (Allow) D:\Arcane\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{8EFC835A-BEB6-416E-A9AB-9B8C0C1E7920}] => (Allow) D:\Arcane\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{A4B9E7DC-3B25-4FBB-AF77-B8A6DFE02EF0}] => (Allow) D:\Arcane\Steam\SteamApps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [{461F9196-C406-4FA3-AE9E-C340EF5C5C1D}] => (Allow) D:\Arcane\Steam\SteamApps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [{2B8069FD-9459-4AF0-98C8-96E9CB56823A}] => (Allow) D:\Arcane\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{5708A38B-DBE3-4EE9-B655-B01D05C54F50}] => (Allow) D:\Arcane\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{585FABE6-3F80-4070-9E33-29E22C3AAFA0}] => (Allow) D:\Arcane\Steam\SteamApps\common\QuestofDungeons\QuestofDungeons.exe
FirewallRules: [{AF821C01-B726-4DB5-8B68-2ADDEB30A62E}] => (Allow) D:\Arcane\Steam\SteamApps\common\QuestofDungeons\QuestofDungeons.exe
FirewallRules: [UDP Query User{B6536359-26CE-4282-9D43-68CD0517D1AA}D:\arcane\hry\far cry 4\bin\farcry4.exe] => (Allow) D:\arcane\hry\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{B00D4C6F-FC65-4225-ACF4-8D9B0FEF6EFA}D:\arcane\hry\far cry 4\bin\farcry4.exe] => (Allow) D:\arcane\hry\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{ACFF5332-A58F-4D59-A391-7BF2176820C5}D:\arcane\hry\alien isolation\ai.exe] => (Allow) D:\arcane\hry\alien isolation\ai.exe
FirewallRules: [TCP Query User{EDC3C2D6-21BF-4DDA-B36E-989B294159BF}D:\arcane\hry\alien isolation\ai.exe] => (Allow) D:\arcane\hry\alien isolation\ai.exe
FirewallRules: [{A95FF3A2-1518-4567-A302-01578956A55C}] => (Allow) C:\Users\Jan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9C6A86A9-C2FB-42A3-860C-AA151B74E385}] => (Allow) C:\Users\Jan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{EC19B493-2156-4430-A808-AD5297A3C207}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{8F89B706-577B-4B26-B52B-2725D53251FA}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{0A3D2120-D4B8-4742-B1B4-F4F03D58EC6B}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{88ACF896-69F5-4F75-9A43-ECA831599F67}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5FCFAE96-37D9-4871-84B4-AC69B829EE79}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{1CC5382A-C79E-4C43-99ED-AA6A9AB6AB69}] => (Allow) D:\Arcane\Steam\bin\steamwebhelper.exe
FirewallRules: [{0F4782FF-8E27-40C2-86C0-B6DAD16B45BA}] => (Allow) D:\Arcane\Steam\bin\steamwebhelper.exe
FirewallRules: [{62306B4B-86C7-40AF-B6C1-ECE6751BED3A}] => (Allow) D:\Arcane\Steam\Steam.exe
FirewallRules: [{7839955C-C191-4492-A23E-C994E2DFF406}] => (Allow) D:\Arcane\Steam\Steam.exe
FirewallRules: [{E1F98A21-BC9B-49F3-98A7-1CFA22D2F933}] => (Allow) D:\Arcane\Hry\Guitar Hero World Tour\GHWT.exe
FirewallRules: [{7A3C0C7B-F174-4CC5-B5CD-EEC09B48515E}] => (Allow) D:\Arcane\Hry\Guitar Hero World Tour\GHWT.exe
FirewallRules: [{67FA1896-F3E7-4113-9285-947CD9C6239E}] => (Allow) D:\Arcane\Steam\SteamApps\common\Velocibox\Velocibox.exe
FirewallRules: [{59EE3A3A-7423-4672-9DDC-AE3D294CA3CD}] => (Allow) D:\Arcane\Steam\SteamApps\common\Velocibox\Velocibox.exe
FirewallRules: [TCP Query User{9C7F327F-6DE7-4DD3-8CE2-D500FA02A621}D:\arcane\hry\guitar hero iii\gh3.exe] => (Allow) D:\arcane\hry\guitar hero iii\gh3.exe
FirewallRules: [UDP Query User{AD233134-1A02-49D6-8B09-E0DE8AD55AB5}D:\arcane\hry\guitar hero iii\gh3.exe] => (Allow) D:\arcane\hry\guitar hero iii\gh3.exe
FirewallRules: [{003D9345-4AA8-43AB-9575-A795280EF556}] => (Allow) D:\Arcane\Steam\SteamApps\common\Knights of Pen and Paper\knightspp.exe
FirewallRules: [{BC815AD1-030A-4520-91A2-CB85887B6ACF}] => (Allow) D:\Arcane\Steam\SteamApps\common\Knights of Pen and Paper\knightspp.exe
FirewallRules: [{63E60EAE-9252-48E2-863D-8ACB35308C95}] => (Allow) D:\Arcane\Steam\SteamApps\common\Duet\Duet.exe
FirewallRules: [{CA6AD745-8999-4EE0-8B38-458D2AA8F3AF}] => (Allow) D:\Arcane\Steam\SteamApps\common\Duet\Duet.exe
FirewallRules: [TCP Query User{23773234-98EF-4A58-9626-DC678735EF65}D:\arcane\hry\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{847A03A5-761F-414F-8B8A-EAFF4CC3C2D0}D:\arcane\hry\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe
FirewallRules: [{AB3C7DB6-D220-4577-BBDC-E024CE9D44F9}] => (Allow) D:\Arcane\Steam\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{1A7CDF5E-CC2C-4A0F-A32A-B33F1E32DE21}] => (Allow) D:\Arcane\Steam\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{34131F24-2EE8-4598-BD36-6EEC71032CCB}] => (Allow) D:\Arcane\Steam\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{C2613FCE-58FE-43EA-9FAF-A36D44227ADA}] => (Allow) D:\Arcane\Steam\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [TCP Query User{B043FAEE-550F-4779-86F6-FB100823EE09}D:\arcane\hry\heroes of the storm\versions\base39595\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base39595\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4487C8E5-1043-4E75-AF2C-75F86CBE396E}D:\arcane\hry\heroes of the storm\versions\base39595\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base39595\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{7640F552-29EE-4184-87EC-65F39D69CCA5}D:\arcane\hry\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{56322065-261C-4063-939C-66AFA2B427B7}D:\arcane\hry\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
FirewallRules: [{A0E8441D-2DD0-4B06-90D0-950503D09A36}] => (Allow) D:\Arcane\Steam\SteamApps\common\Murdered Soul Suspect\Binaries\Win64\Murdered.exe
FirewallRules: [{F04B8D7F-58CE-4A8F-83A3-E4895AD1DC7F}] => (Allow) D:\Arcane\Steam\SteamApps\common\Murdered Soul Suspect\Binaries\Win64\Murdered.exe
FirewallRules: [TCP Query User{1D874991-D898-4898-BD99-A2F33572E021}D:\arcane\steam\steamapps\common\the ball\binaries\win32\theball.exe] => (Allow) D:\arcane\steam\steamapps\common\the ball\binaries\win32\theball.exe
FirewallRules: [UDP Query User{848B68B2-701D-45A4-AFCD-C38071673EFA}D:\arcane\steam\steamapps\common\the ball\binaries\win32\theball.exe] => (Allow) D:\arcane\steam\steamapps\common\the ball\binaries\win32\theball.exe
FirewallRules: [TCP Query User{FBE2B3F7-74EA-43FE-ACD3-DBEA0EDBF891}D:\arcane\hry\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) D:\arcane\hry\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [UDP Query User{3D5414E7-A8AB-40B8-A9B5-245FE977670A}D:\arcane\hry\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) D:\arcane\hry\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [TCP Query User{21F9E952-4C67-44B0-B376-54B49BE5724B}D:\arcane\hry\rayman legends\rayman legends.exe] => (Allow) D:\arcane\hry\rayman legends\rayman legends.exe
FirewallRules: [UDP Query User{94AC1110-2D0A-46C3-B0FE-6774D5A7FEB5}D:\arcane\hry\rayman legends\rayman legends.exe] => (Allow) D:\arcane\hry\rayman legends\rayman legends.exe
FirewallRules: [TCP Query User{B499F70D-7CB8-4D08-8F10-82C76A190209}D:\arcane\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) D:\arcane\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [UDP Query User{1F19710E-E7FE-4B61-BC9B-33C0C3DC8F8E}D:\arcane\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) D:\arcane\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [TCP Query User{A2665423-B0B1-46BD-9E48-E39AB314C276}D:\arcane\hry\far cry 3\bin\farcry3_d3d11.exe] => (Allow) D:\arcane\hry\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{8D6D93AA-28BE-4DB7-9D9F-D887A73649FE}D:\arcane\hry\far cry 3\bin\farcry3_d3d11.exe] => (Allow) D:\arcane\hry\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{075B706D-FCB6-43F9-ABF0-9A97B407BCA6}] => (Allow) D:\Arcane\Steam\SteamApps\common\Kingdom\Kingdom.exe
FirewallRules: [{AD727EE9-B0FE-4EA5-B492-C5DCF9AC16D5}] => (Allow) D:\Arcane\Steam\SteamApps\common\Kingdom\Kingdom.exe
FirewallRules: [{BE8E036B-E8D2-40C6-914D-959C915D4E3E}] => (Allow) D:\Arcane\Hry\Rayman Origins\Rayman Origins.exe
FirewallRules: [{02A08DEE-8FF5-44BA-B521-0E8C25416369}] => (Allow) D:\Arcane\Hry\Rayman Origins\Rayman Origins.exe
FirewallRules: [{285CF0D5-5FA8-461C-8404-4278C1E2AA65}] => (Allow) D:\Arcane\Hry\Rayman Origins\gu.exe
FirewallRules: [{80621D8F-5134-4010-92F3-22453704F12A}] => (Allow) D:\Arcane\Hry\Rayman Origins\gu.exe
FirewallRules: [{38CBD5E0-C2E0-4F2B-8F66-E2D7BC0EE15A}] => (Allow) D:\Arcane\Steam\SteamApps\common\Lone Survivor\LoneSurvivor\LoneSurvivor.exe
FirewallRules: [{19EDC028-B95A-4516-9E70-54C9385339D2}] => (Allow) D:\Arcane\Steam\SteamApps\common\Lone Survivor\LoneSurvivor\LoneSurvivor.exe
FirewallRules: [{64CC51E3-D20D-496E-B2DF-5199F8FE071B}] => (Allow) D:\Arcane\Steam\SteamApps\common\Knights of Pen and Paper 2\kopp2.exe
FirewallRules: [{64AD4211-78CA-4320-A227-79D36E7FF4C7}] => (Allow) D:\Arcane\Steam\SteamApps\common\Knights of Pen and Paper 2\kopp2.exe
FirewallRules: [{25D0DBF1-95D4-4B66-9FE8-CDE8114F229E}] => (Allow) D:\Arcane\Steam\SteamApps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{48D84D89-CF05-41DB-B95C-96F441C33F2A}] => (Allow) D:\Arcane\Steam\SteamApps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [TCP Query User{0F888A91-C384-4907-8500-6222491DDFAE}D:\arcane\hry\firewatch\firewatch.exe] => (Allow) D:\arcane\hry\firewatch\firewatch.exe
FirewallRules: [UDP Query User{0013B767-D4DE-4156-A517-27DED32AA0F5}D:\arcane\hry\firewatch\firewatch.exe] => (Allow) D:\arcane\hry\firewatch\firewatch.exe
FirewallRules: [TCP Query User{78F86FBD-8ACA-4D40-85AC-FDFFC463660A}D:\arcane\hry\overwatch\overwatch.exe] => (Allow) D:\arcane\hry\overwatch\overwatch.exe
FirewallRules: [UDP Query User{E526CBBF-F781-47AB-967D-A667F210D490}D:\arcane\hry\overwatch\overwatch.exe] => (Allow) D:\arcane\hry\overwatch\overwatch.exe
FirewallRules: [TCP Query User{A3ED933E-DF49-4439-95DD-7D4A77D9A09E}D:\arcane\hry\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{DBAAEC09-AECB-4D93-8E3A-C5BA5E73CBE6}D:\arcane\hry\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
FirewallRules: [{AB1D563E-E28B-4E50-ADF0-66C445A0E447}] => (Allow) D:\Arcane\Steam\SteamApps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{EFFBC62D-6608-4F53-995D-3B30D238AD34}] => (Allow) D:\Arcane\Steam\SteamApps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{0E95AF60-4CD5-4D87-A671-12A62693EB85}] => (Allow) D:\Arcane\Steam\SteamApps\common\Songbringer\windows\Songbringer.exe
FirewallRules: [{D362643C-4B23-411B-8768-B5B7B1573744}] => (Allow) D:\Arcane\Steam\SteamApps\common\Songbringer\windows\Songbringer.exe
FirewallRules: [{C00B3869-ECA4-4A68-8D34-DF2E5A4D1C5D}] => (Allow) D:\Arcane\Steam\SteamApps\common\NeverAlone\Never_Alone.exe
FirewallRules: [{F4461A9B-1F50-4FF9-9AF3-FCE3C891376C}] => (Allow) D:\Arcane\Steam\SteamApps\common\NeverAlone\Never_Alone.exe
FirewallRules: [{4CB9D0C5-800A-44A6-9A05-465723C388E7}] => (Allow) D:\Arcane\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{DD7F9F0E-6A1D-41D0-BE1D-E9E05E9ADCBD}] => (Allow) D:\Arcane\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [TCP Query User{BE4BE212-B55E-4533-8101-8FBD52BFB246}D:\arcane\hry\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{1C935A48-FDF0-4B72-9077-49DBAD98F404}D:\arcane\hry\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe
FirewallRules: [{56CAF450-43C7-486F-B54D-0E4AB1A39A1D}] => (Allow) D:\Arcane\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{746D85FA-21A7-4C1A-93EF-C3C1CE6FEDB1}] => (Allow) D:\Arcane\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [TCP Query User{362062CE-58D3-43CA-81EB-06A7F3C29B44}D:\arcane\hry\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{A0E52B93-51D3-4031-A260-0554904643BE}D:\arcane\hry\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
FirewallRules: [{964F21E6-9072-4718-BACC-D668AEEE8696}] => (Allow) D:\Arcane\Steam\SteamApps\common\Enter the Gungeon\EtG.exe
FirewallRules: [{F46430DD-FCC5-474E-8D2A-1A8242586C76}] => (Allow) D:\Arcane\Steam\SteamApps\common\Enter the Gungeon\EtG.exe
FirewallRules: [TCP Query User{DC687852-9969-4EBE-9F48-C9AE5DA16FDF}D:\arcane\hry\hearthstone\hearthstone.exe] => (Allow) D:\arcane\hry\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{8B6A0995-736A-4593-8797-13BB5A92C293}D:\arcane\hry\hearthstone\hearthstone.exe] => (Allow) D:\arcane\hry\hearthstone\hearthstone.exe
FirewallRules: [{F218459F-49E1-4441-9C3E-2FAD2F964059}] => (Allow) D:\Arcane\Steam\SteamApps\common\Human Resource Machine\Human Resource Machine.exe
FirewallRules: [{3C76E70E-FAE5-4C2E-A2FE-31B67DC956A4}] => (Allow) D:\Arcane\Steam\SteamApps\common\Human Resource Machine\Human Resource Machine.exe
FirewallRules: [{9090DC44-C3B2-4E4F-B428-3C8F303C1E25}] => (Allow) D:\Arcane\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{C4006502-04EA-4B64-AF65-564FF8B4354F}] => (Allow) D:\Arcane\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{E266A53E-90CB-4741-8399-041316478A67}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [UDP Query User{0C79C90E-66D0-4C49-9334-F44DAEF57964}C:\program files (x86)\synergy\synergy.exe] => (Allow) C:\program files (x86)\synergy\synergy.exe
FirewallRules: [{9356D479-DF25-4802-8EB3-AB247C949A15}] => (Allow) D:\Arcane\Steam\SteamApps\common\Cally's Caves 3\CC3 steam greenlight.exe
FirewallRules: [{963E68D6-0F45-476E-9F26-F28BA34C297B}] => (Allow) D:\Arcane\Steam\SteamApps\common\Cally's Caves 3\CC3 steam greenlight.exe
FirewallRules: [{7F7D10E3-83F4-4E25-A585-46E810B7E7A7}] => (Allow) D:\Arcane\Steam\SteamApps\common\Master Spy\MasterSpy.exe
FirewallRules: [{6656DAB7-FDC4-40B9-9FC7-0C4D8812E030}] => (Allow) D:\Arcane\Steam\SteamApps\common\Master Spy\MasterSpy.exe
FirewallRules: [{C6386966-E904-49BA-9ED9-60DBE2CBC0B3}] => (Allow) D:\Arcane\Steam\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{5AEE498A-7153-44C9-9426-0D9DFB6BA452}] => (Allow) D:\Arcane\Steam\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{4D2BE697-EB4E-4E67-AD23-BC66B9377E46}] => (Allow) D:\Arcane\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{8AE15C00-67E9-453F-8047-37D8488F6B86}] => (Allow) D:\Arcane\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{C564FA0E-C40C-4C0B-8DC7-AFDE55112448}D:\arcane\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) D:\arcane\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [UDP Query User{2B3B764D-E31D-450A-95DB-6D1735733A7A}D:\arcane\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) D:\arcane\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [TCP Query User{1B719E62-2CFC-4019-8A31-955CE1ED6E21}D:\arcane\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\arcane\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{4FDED380-5A65-441B-8447-591A407E3D40}D:\arcane\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\arcane\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{7787479D-1379-4923-8BA8-C6CB35C59048}] => (Allow) D:\Arcane\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{CA380E6B-91E5-4811-BCD3-D6045CF2FB9B}] => (Allow) D:\Arcane\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [TCP Query User{D5181A79-F9AC-4901-8EF7-C89519BB033E}D:\arcane\hry\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{137C13B7-2090-4F67-98CC-A51C51CF6778}D:\arcane\hry\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe
FirewallRules: [{5A80BA21-F0CA-48C8-87E9-094ACD5E5AD9}] => (Allow) H:\EaseUS Data Recovery Wizard 10.5\DRWUI.exe
FirewallRules: [{809C74DD-A72D-46E5-8481-F0372210D54A}] => (Allow) H:\EaseUS Data Recovery Wizard 10.5\DRWUI.exe
FirewallRules: [{319B5FA6-72D1-479F-ACA5-C2E93BDD00E6}] => (Block) H:\EaseUS Data Recovery Wizard 10.5\DRWUI.exe
FirewallRules: [{5E6F36A9-772F-41E4-ADC3-28549E8C564A}] => (Allow) D:\Arcane\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{24B19597-B6AC-4826-9D87-C099D9083DF5}] => (Allow) D:\Arcane\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{1AA2AD5B-6E90-470B-8BEA-E84D0F3999BD}] => (Allow) C:\Program Files (x86)\uTorrent\utorrent.exe
FirewallRules: [{53469B47-2B23-421D-A810-DA06B84BF04B}] => (Allow) C:\Program Files (x86)\uTorrent\utorrent.exe
FirewallRules: [{FCCA79D4-F38E-400A-B3B8-EC85B9BF0826}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FC0818A2-6D7F-46AA-BA06-344A00706521}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7DAE861D-2A2A-4A3F-9107-8D11F9B97B09}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{025A5BA3-FB5F-4EAD-8682-F243162E0A1F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{756489A7-CFA7-4387-B87E-BE67693D3475}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F356FC10-FC90-41E3-9BC9-799579C634DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4244C5B5-5FBA-403B-A761-EF3B0541737C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{19A68366-C24E-4064-A585-F7AAA9E9E82A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0617424E-A83E-49B4-A926-2E111D01833F}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [{EF9A5190-C9B4-4369-AEEE-54FE8FAB7CA5}] => (Allow) D:\Arcane\Steam\SteamApps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [{6236C34D-F44E-4AF7-A6B7-4C85C3FCB193}] => (Allow) D:\Arcane\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{34F93365-587B-43E2-A870-C43BC199C269}] => (Allow) D:\Arcane\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{25757224-B09A-445C-B1E3-ACE4B4C9CF75}] => (Allow) D:\Arcane\Steam\SteamApps\common\Gemini Rue\gemini_rue_pc.exe
FirewallRules: [{38E8299F-C9B0-430A-99A2-383D0E8E50F5}] => (Allow) D:\Arcane\Steam\SteamApps\common\Gemini Rue\gemini_rue_pc.exe
FirewallRules: [{A7022A46-C868-4135-BDD0-5C6521B77301}] => (Allow) D:\Arcane\Steam\SteamApps\common\Gemini Rue\winsetup.exe
FirewallRules: [{8441BA4E-82D4-4412-B8B0-E80772FC9E65}] => (Allow) D:\Arcane\Steam\SteamApps\common\Gemini Rue\winsetup.exe
FirewallRules: [{055C92B7-0E3C-4CA1-A575-913BCD2DB6D1}] => (Allow) D:\Arcane\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{D20BCFD3-0ED4-46B6-8C32-D2AD642B3D29}] => (Allow) D:\Arcane\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{C24CF7DB-6F50-43FB-A85A-E4744F3724F8}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{037BAC95-475D-4CDB-B0F0-1ADE70F20DA5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CE4EC323-0FF8-4148-B850-3BC4864A8B55}] => (Allow) D:\Arcane\Hry\Mass Effect Andromeda\MassEffectAndromedaTrial.exe
FirewallRules: [{ED4DC7FB-A10A-47E3-8FDF-31F43D3FDD0E}] => (Allow) D:\Arcane\Hry\Mass Effect Andromeda\MassEffectAndromedaTrial.exe
FirewallRules: [{DDC35998-8D10-41DB-8F82-B2A92AC313F3}] => (Allow) D:\Arcane\Hry\Mass Effect Andromeda\MassEffectAndromeda.exe
FirewallRules: [{D3D1A88A-3E92-4D65-9A0E-49445876BB8E}] => (Allow) D:\Arcane\Hry\Mass Effect Andromeda\MassEffectAndromeda.exe
FirewallRules: [{2AA86367-EE26-47B1-81A7-0BA0BA01978C}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{7A7D7A4F-5961-448B-B7E4-DBB426C0FE5A}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [TCP Query User{106643D4-FC2C-49A1-9609-BD195438DDDC}D:\arcane\hry\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E70BD2AF-21CF-4FB6-831A-E6F90F3FDE11}D:\arcane\hry\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) D:\arcane\hry\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [{51DCB82C-8468-4AB8-8571-4C1037A829B2}] => (Block) D:\arcane\hry\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [{2107B54E-93A5-449E-AFCD-D36D739A1192}] => (Block) D:\arcane\hry\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [{28F28EBD-EA15-4AA3-B983-C9AF9F8C8ED1}] => (Allow) D:\Arcane\Steam\SteamApps\common\Road to Ballhalla\Game\RoadToBallhallaUE4.exe
FirewallRules: [{DEA6FA76-D490-4425-975D-36B526F4E913}] => (Allow) D:\Arcane\Steam\SteamApps\common\Road to Ballhalla\Game\RoadToBallhallaUE4.exe
FirewallRules: [{AAD2D0ED-7596-4AF6-B5AE-AE5612DCCFFD}] => (Allow) D:\Arcane\Steam\SteamApps\common\Road to Ballhalla\Editor\rtbtiled.exe
FirewallRules: [{58749E62-FDBC-4F18-8BBB-D40CF7E9EB0A}] => (Allow) D:\Arcane\Steam\SteamApps\common\Road to Ballhalla\Editor\rtbtiled.exe


==================== Restore Points =========================

28-04-2017 00:56:00 Windows Update
04-05-2017 22:05:19 Nainstalováno rozhraní DirectX
07-05-2017 13:48:00 JRT Pre-Junkware Removal
09-05-2017 22:34:33 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/10/2017 03:08:52 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.

Error: (05/10/2017 03:06:44 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (05/10/2017 03:05:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LittleNightmares.exe, verze: 1.0.0.0, časové razítko: 0x58ee543f
Název chybujícího modulu: LittleNightmares.exe, verze: 1.0.0.0, časové razítko: 0x58ee543f
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000004ad49f
ID chybujícího procesu: 0x236c
Čas spuštění chybující aplikace: 0x01d2c92346492129
Cesta k chybující aplikaci: D:\Arcane\Hry\Little Nightmares\Atlas\Binaries\Win64\LittleNightmares.exe
Cesta k chybujícímu modulu: D:\Arcane\Hry\Little Nightmares\Atlas\Binaries\Win64\LittleNightmares.exe
ID zprávy: f2fcd2e6-984d-457b-9c29-9cffc465edcb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/09/2017 10:36:13 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.

Error: (05/09/2017 10:33:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 58.0.3029.96, časové razítko: 0x5907a13b
Název chybujícího modulu: chrome_elf.dll, verze: 58.0.3029.96, časové razítko: 0x5907888c
Kód výjimky: 0x80000003
Posun chyby: 0x000000000002cb20
ID chybujícího procesu: 0x22c8
Čas spuštění chybující aplikace: 0x01d2c90389c78f98
Cesta k chybující aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.96\chrome_elf.dll
ID zprávy: e59d02db-9c83-49d6-9f2f-9e965c7d7c96
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/09/2017 10:33:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 58.0.3029.96, časové razítko: 0x5907a13b
Název chybujícího modulu: chrome_elf.dll, verze: 58.0.3029.96, časové razítko: 0x5907888c
Kód výjimky: 0x80000003
Posun chyby: 0x000000000002cb20
ID chybujícího procesu: 0x3c0c
Čas spuštění chybující aplikace: 0x01d2c903878ba833
Cesta k chybující aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.96\chrome_elf.dll
ID zprávy: 62bde0c5-d7e7-4f5d-a466-28e002503583
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/09/2017 10:33:23 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (05/09/2017 10:27:16 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (05/09/2017 10:26:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 58.0.3029.96, časové razítko: 0x5907a13b
Název chybujícího modulu: chrome_elf.dll, verze: 58.0.3029.96, časové razítko: 0x5907888c
Kód výjimky: 0x80000003
Posun chyby: 0x000000000002cb20
ID chybujícího procesu: 0x3f18
Čas spuštění chybující aplikace: 0x01d2c90294f4973f
Cesta k chybující aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.96\chrome_elf.dll
ID zprávy: 572f1cf8-2c16-4838-b560-1dd29dac2423
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/09/2017 02:03:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 1.0.1703.13001 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 2f2c

Čas spuštění: 01d2c7f35a5f2220

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

ID hlášení: 28da4f2a-25ca-4499-93dd-6bdf50f40390

Úplný název balíčku s chybou: Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe

ID aplikace související s balíčkem s chybou: App


System errors:
=============
Error: (05/10/2017 11:36:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/10/2017 11:36:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/10/2017 05:37:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
Požadavek není podporován.

Error: (05/10/2017 05:36:21 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Update Orchestrator Service se po přijetí pokynu pro vypnutí neukončila správně.

Error: (05/10/2017 05:35:12 AM) (Source: DCOM) (EventID: 10010) (User: ARCANE-PC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/09/2017 10:05:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/09/2017 10:05:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/09/2017 10:05:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
Požadavek není podporován.

Error: (05/09/2017 10:04:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll

Error: (05/09/2017 10:04:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll


CodeIntegrity:
===================================
Date: 2017-05-10 11:39:55.095
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-10 11:39:55.094
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-10 11:37:32.469
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-10 11:37:32.468
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-10 11:37:25.088
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-10 11:37:25.087
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-10 05:31:21.130
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Synergy\synwinhk.dll that did not meet the Microsoft signing level requirements.

Date: 2017-05-10 05:26:21.126
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Synergy\synwinhk.dll that did not meet the Microsoft signing level requirements.

Date: 2017-05-10 05:21:21.122
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Synergy\synwinhk.dll that did not meet the Microsoft signing level requirements.

Date: 2017-05-10 05:16:21.108
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Synergy\synwinhk.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 39%
Total physical RAM: 16254.61 MB
Available physical RAM: 9856.28 MB
Total Virtual: 18686.61 MB
Available Virtual: 10895.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.03 GB) (Free:104.56 GB) NTFS
Drive d: () (Fixed) (Total:1862.67 GB) (Free:110.82 GB) NTFS
Drive f: (Seagate Backup Plus Drive) (Fixed) (Total:931.51 GB) (Free:15.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: E4A0C14C)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 75C8AA22)
Partition 1: (Not Active) - (Size=238 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: D5565673)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

altrok
Moderátor
Moderátor
Příspěvky: 7257
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Procesor často vytížen

#11 Příspěvek od altrok »

:arrow: Co vsechno ma Vas PC spolecneho s Ruskem? Poskytovatele internetoveho pripojeni (ISP), aktualni poloha apod.



  • Znovu spustte FRST.exe/FRST64.exe
  • stisknete Ctrl + y (obe klavesy zaroven)
  • otevre se fixlist.txt, do nejz vlozte obsah bileho pole nize
  • stisknete Ctrl + s (ulozite zmeny), pote fixlist zavrete
  • kliknete na tlacitko Fix
  • po restartu bude vedle FRST vytvoren fixlog, jehoz obsah vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
    CreateRestorePoint:
    CloseProcesses:
    File: C:\ProgramData\57680f5597l66565z0\57680f5597l66565z0.dll
    File: C:\Program Files\Ailt DmargeCopy\Ailt DmargeCopy.dll
    
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    GroupPolicy: Restriction <======= ATTENTION
    CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.surfvox.com/"
    CHR NewTab: Default -> Active:"chrome-extension://gpdpldlbafdmhlmcdllcjgoigmpjonfc/newtab.html"
    File: C:\WINDOWS\SysWOW64\nlssrv32.exe
    File: C:\Program Files\Synergy\synergyd.exe
    R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
    File: C:\Windows\system32\drivers\mi2c.sys
    2017-05-09 14:37 - 2017-05-09 14:38 - 00000000 ____D C:\Program Files\trend micro
    2017-05-07 18:59 - 2017-05-09 14:52 - 00000000 ____D C:\Program Files\Personal Performance Exam
    2017-05-07 18:59 - 2017-05-09 14:52 - 00000000 ____D C:\Program Files\Ailt DmargeCopy
    2017-05-07 18:59 - 2017-05-07 18:59 - 00016888 _____ C:\WINDOWS\System32\Tasks\Personal Performance Exam
    2017-05-07 18:59 - 2017-05-07 18:59 - 00016822 _____ C:\WINDOWS\System32\Tasks\Ailt DmargeCopy
    2017-05-07 18:58 - 2017-05-09 14:52 - 00000000 ____D C:\Program Files\CaladosyDeptur Standard
    2017-05-07 18:58 - 2017-05-07 18:58 - 00001566 _____ C:\WINDOWS\Tasks\CaladosyDeptur Standard.job
    Folder: C:\ProgramData\3572f69113l19270z3
    Folder: C:\ProgramData\57680f5597l66565z0
    Folder: C:\ProgramData\77762f98680l3466z7
    Folder: C:\ProgramData\94985f64993l59540z0
    2017-05-03 02:47 - 2017-05-07 18:58 - 00000000 ___HD C:\ProgramData\3572f69113l19270z3
    2017-05-03 02:46 - 2017-05-07 18:59 - 00000000 ___HD C:\ProgramData\57680f5597l66565z0
    2017-05-03 02:46 - 2017-05-07 18:58 - 00000000 ___HD C:\ProgramData\77762f98680l3466z7
    2017-05-03 02:46 - 2017-05-03 02:46 - 00016834 _____ C:\WINDOWS\System32\Tasks\77762f98680l3466z7
    2017-05-03 02:46 - 2017-05-03 02:46 - 00016834 _____ C:\WINDOWS\System32\Tasks\57680f5597l66565z0
    2017-05-03 02:45 - 2017-05-07 18:58 - 00000000 ___HD C:\ProgramData\94985f64993l59540z0
    Folder: C:\Users\Jan\AppData\Local\Tempzxpsign0d840e6b3c6fde6f
    Folder: C:\Users\Jan\AppData\Local\Tempzxpsigndb1227cd9705aed7
    Folder: C:\Users\Jan\AppData\Local\DBG
    Folder: C:\WINDOWS\ModemLogs
    CMD: del C:\WINDOWS\system32\SET*.tmp
    CMD: del C:\WINDOWS\SysWOW64\SET*.tmp
    File: C:\Users\Jan\AppData\Local\Temp\g6D.tmp.exe
    CustomCLSID: HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-78F0DE19A1AF}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
    CustomCLSID: HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Jan\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Jan\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Jan\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
    Task: {0D488B6D-F73C-4A73-AE37-3E09FF89BB5A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {193CDC18-8C56-4E89-8CC8-695FC0E23296} - System32\Tasks\57680f5597l66565z0 => Rundll32.exe "C:\ProgramData\57680f5597l66565z0\57680f5597l66565z0.dll",ftqflz <==== ATTENTION
    Task: {296607BA-9257-445F-B4DD-135EAB7A046B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {45C47B7A-DE73-469D-889E-3E34DD701BBE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {4C867841-7FEE-48C8-8AEF-F1B6596B0291} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {58EDEA3E-9023-4217-9014-050E1ACA6513} - System32\Tasks\77762f98680l3466z7 => Rundll32.exe "C:\ProgramData\77762f98680l3466z7\77762f98680l3466z7.dll",ftqflz <==== ATTENTION
    Task: {61C4DA81-3B4A-4AC7-8C5C-1A9210EEFD4F} - System32\Tasks\Ailt DmargeCopy => Rundll32.exe "C:\Program Files\Ailt DmargeCopy\Ailt DmargeCopy.dll",ZzyFeje
    Task: {76C7BC31-71A9-4C9A-B4BE-589B1FDF5CA4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {8F6921F0-B367-40EB-8145-C3FCC3951E04} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    File: C:\Users\Jan\AppData\Roaming\com.lachhh.lachhhRPG\ISSCH\issch.exe 
    Task: {930A0FFF-EC39-4DC1-9BC1-CA6DF5CF012B} - System32\Tasks\InstallShield Update Service => C:\Users\Jan\AppData\Roaming\com.lachhh.lachhhRPG\ISSCH\issch.exe 
    Task: {A1D39891-435F-4D46-8B1F-06ADD2FBA725} - System32\Tasks\Personal Performance Exam => Rundll32.exe "C:\Program Files\Personal Performance Exam\Personal Performance Exam.dll",jkADPASOjY
    Task: {A1F2561F-35B4-4A40-AC1D-33B160769119} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {AFE85890-3C5C-4522-B0B9-39BD2310532C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {B9407770-7557-4865-B144-D071943C7572} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
    Task: {C8709DA9-5E70-4505-9560-4B760E338DDF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {DF5B8AC1-F04F-4118-8635-1CB622E0D100} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    ShortcutWithArgument: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Postman.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fhbjgbiflinjbdggehcddcbncdddomop
    FirewallRules: [{2AA86367-EE26-47B1-81A7-0BA0BA01978C}] => (Allow) C:\Windows\System32\rundll32.exe
    FirewallRules: [{7A7D7A4F-5961-448B-B7E4-DBB426C0FE5A}] => (Allow) C:\Windows\System32\rundll32.exe
    CMD: dir "C:\Windows\Inf" /AD
    CMD: dir "C:\PROGRA~1"
    CMD: dir "C:\PROGRA~2"
    CMD: dir "C:\PROGRA~3"
    CMD: dir "%localappdata%"
    CMD: dir "%appdata%"
    Hosts:
    EmptyTemp:
    End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

Arcane
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 11 říj 2006 15:22

Re: Procesor často vytížen

#12 Příspěvek od Arcane »

S Ruskem nemá společného zdaleka nic. ISP je UPC a poloha střední čechy. Logy tvrdí něco jiného? Kéž bych věděl, že přijdu o všechny záložky v prohlížeči :(

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-05-2017
Ran by Jan (10-05-2017 13:12:57) Run:1
Running from C:\Users\Jan\Desktop
Loaded Profiles: Jan (Available Profiles: Jan)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
File: C:\ProgramData\57680f5597l66565z0\57680f5597l66565z0.dll
File: C:\Program Files\Ailt DmargeCopy\Ailt DmargeCopy.dllHKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
GroupPolicy: Restriction <======= ATTENTION
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.surfvox.com/"
CHR NewTab: Default -> Active:"chrome-extension://gpdpldlbafdmhlmcdllcjgoigmpjonfc/newtab.html"
File: C:\WINDOWS\SysWOW64\nlssrv32.exe
File: C:\Program Files\Synergy\synergyd.exe
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
File: C:\Windows\system32\drivers\mi2c.sys
2017-05-09 14:37 - 2017-05-09 14:38 - 00000000 ____D C:\Program Files\trend micro
2017-05-07 18:59 - 2017-05-09 14:52 - 00000000 ____D C:\Program Files\Personal Performance Exam
2017-05-07 18:59 - 2017-05-09 14:52 - 00000000 ____D C:\Program Files\Ailt DmargeCopy
2017-05-07 18:59 - 2017-05-07 18:59 - 00016888 _____ C:\WINDOWS\System32\Tasks\Personal Performance Exam
2017-05-07 18:59 - 2017-05-07 18:59 - 00016822 _____ C:\WINDOWS\System32\Tasks\Ailt DmargeCopy
2017-05-07 18:58 - 2017-05-09 14:52 - 00000000 ____D C:\Program Files\CaladosyDeptur Standard
2017-05-07 18:58 - 2017-05-07 18:58 - 00001566 _____ C:\WINDOWS\Tasks\CaladosyDeptur Standard.job
Folder: C:\ProgramData\3572f69113l19270z3
Folder: C:\ProgramData\57680f5597l66565z0
Folder: C:\ProgramData\77762f98680l3466z7
Folder: C:\ProgramData\94985f64993l59540z0
2017-05-03 02:47 - 2017-05-07 18:58 - 00000000 ___HD C:\ProgramData\3572f69113l19270z3
2017-05-03 02:46 - 2017-05-07 18:59 - 00000000 ___HD C:\ProgramData\57680f5597l66565z0
2017-05-03 02:46 - 2017-05-07 18:58 - 00000000 ___HD C:\ProgramData\77762f98680l3466z7
2017-05-03 02:46 - 2017-05-03 02:46 - 00016834 _____ C:\WINDOWS\System32\Tasks\77762f98680l3466z7
2017-05-03 02:46 - 2017-05-03 02:46 - 00016834 _____ C:\WINDOWS\System32\Tasks\57680f5597l66565z0
2017-05-03 02:45 - 2017-05-07 18:58 - 00000000 ___HD C:\ProgramData\94985f64993l59540z0
Folder: C:\Users\Jan\AppData\Local\Tempzxpsign0d840e6b3c6fde6f
Folder: C:\Users\Jan\AppData\Local\Tempzxpsigndb1227cd9705aed7
Folder: C:\Users\Jan\AppData\Local\DBG
Folder: C:\WINDOWS\ModemLogs
CMD: del C:\WINDOWS\system32\SET*.tmp
CMD: del C:\WINDOWS\SysWOW64\SET*.tmp
File: C:\Users\Jan\AppData\Local\Temp\g6D.tmp.exe
CustomCLSID: HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-78F0DE19A1AF}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Jan\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Jan\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Jan\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
Task: {0D488B6D-F73C-4A73-AE37-3E09FF89BB5A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {193CDC18-8C56-4E89-8CC8-695FC0E23296} - System32\Tasks\57680f5597l66565z0 => Rundll32.exe "C:\ProgramData\57680f5597l66565z0\57680f5597l66565z0.dll",ftqflz <==== ATTENTION
Task: {296607BA-9257-445F-B4DD-135EAB7A046B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {45C47B7A-DE73-469D-889E-3E34DD701BBE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4C867841-7FEE-48C8-8AEF-F1B6596B0291} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {58EDEA3E-9023-4217-9014-050E1ACA6513} - System32\Tasks\77762f98680l3466z7 => Rundll32.exe "C:\ProgramData\77762f98680l3466z7\77762f98680l3466z7.dll",ftqflz <==== ATTENTION
Task: {61C4DA81-3B4A-4AC7-8C5C-1A9210EEFD4F} - System32\Tasks\Ailt DmargeCopy => Rundll32.exe "C:\Program Files\Ailt DmargeCopy\Ailt DmargeCopy.dll",ZzyFeje
Task: {76C7BC31-71A9-4C9A-B4BE-589B1FDF5CA4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8F6921F0-B367-40EB-8145-C3FCC3951E04} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
File: C:\Users\Jan\AppData\Roaming\com.lachhh.lachhhRPG\ISSCH\issch.exe
Task: {930A0FFF-EC39-4DC1-9BC1-CA6DF5CF012B} - System32\Tasks\InstallShield Update Service => C:\Users\Jan\AppData\Roaming\com.lachhh.lachhhRPG\ISSCH\issch.exe
Task: {A1D39891-435F-4D46-8B1F-06ADD2FBA725} - System32\Tasks\Personal Performance Exam => Rundll32.exe "C:\Program Files\Personal Performance Exam\Personal Performance Exam.dll",jkADPASOjY
Task: {A1F2561F-35B4-4A40-AC1D-33B160769119} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {AFE85890-3C5C-4522-B0B9-39BD2310532C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {B9407770-7557-4865-B144-D071943C7572} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {C8709DA9-5E70-4505-9560-4B760E338DDF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DF5B8AC1-F04F-4118-8635-1CB622E0D100} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
ShortcutWithArgument: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Postman.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fhbjgbiflinjbdggehcddcbncdddomop
FirewallRules: [{2AA86367-EE26-47B1-81A7-0BA0BA01978C}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{7A7D7A4F-5961-448B-B7E4-DBB426C0FE5A}] => (Allow) C:\Windows\System32\rundll32.exe
CMD: dir "C:\Windows\Inf" /AD
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.

========================= File: C:\ProgramData\57680f5597l66565z0\57680f5597l66565z0.dll ========================

"C:\ProgramData\57680f5597l66565z0\57680f5597l66565z0.dll" => not found.
====== End of File: ======

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\File: C:\Program Files\Ailt DmargeCopy\Ailt DmargeCopy.dllAdobeAAMUpdater-1.0 => value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
Chrome StartupUrls => removed successfully
Chrome NewTab => removed successfully

========================= File: C:\WINDOWS\SysWOW64\nlssrv32.exe ========================

File not signed
MD5: B1EF4686961986DFFB7FE8F18E6FCB5B
Creation and modification date: 2012-01-31 21:36 - 2012-01-31 21:36
Size: 0066560
Attributes: ----A
Company Name: Nalpeiron Ltd.
Internal Name: Nalpeiron build 10-4-2010
Original Name: nslsrv32.exe
Product: Nalpeiron License Management
Description: This service enables products that use the Nalpeiron Licensing System
File Version: 6, 3, 8, 0
Product Version: 6, 3, 8, 0
Copyright: Copyright © Nalpeiron 2004 - 2010

====== End of File: ======


========================= File: C:\Program Files\Synergy\synergyd.exe ========================

File is digitally signed
MD5: F5723CDDC53C18D4E7D8223EE3B21CAE
Creation and modification date: 2016-08-08 13:53 - 2016-08-08 13:53
Size: 0314024
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======

HKLM\System\CurrentControlSet\Services\ibtsiva => key removed successfully
ibtsiva => service removed successfully

========================= File: C:\Windows\system32\drivers\mi2c.sys ========================

File is digitally signed
MD5: 8EA880DC2E0F8D93A943C25EF17E18FC
Creation and modification date: 2014-12-25 05:23 - 2014-12-25 05:23
Size: 0020784
Attributes: ----A
Company Name: Nicomsoft Ltd.
Internal Name: ddcdrv
Original Name: ddcdrv.sys
Product: WINI2C-DDC
Description: WINI2C-DDC Kernel Mode Driver
File Version: 3, 8, 0, 0
Product Version: 3, 8, 0, 0
Copyright: ©2006-2011, Nicomsoft Ltd.

====== End of File: ======

C:\Program Files\trend micro => moved successfully
C:\Program Files\Personal Performance Exam => moved successfully
C:\Program Files\Ailt DmargeCopy => moved successfully
C:\WINDOWS\System32\Tasks\Personal Performance Exam => moved successfully
C:\WINDOWS\System32\Tasks\Ailt DmargeCopy => moved successfully
C:\Program Files\CaladosyDeptur Standard => moved successfully
C:\WINDOWS\Tasks\CaladosyDeptur Standard.job => moved successfully

========================= Folder: C:\ProgramData\3572f69113l19270z3 ========================

2017-05-03 02:47 - 2017-05-07 12:37 - 0041728 _____ () C:\ProgramData\3572f69113l19270z3\169.tmp

====== End of Folder: ======


========================= Folder: C:\ProgramData\57680f5597l66565z0 ========================

2017-05-03 02:46 - 2017-05-07 18:58 - 0041691 _____ () C:\ProgramData\57680f5597l66565z0\169.tmp

====== End of Folder: ======


========================= Folder: C:\ProgramData\77762f98680l3466z7 ========================

2017-05-03 02:46 - 2017-05-07 13:09 - 0041681 _____ () C:\ProgramData\77762f98680l3466z7\169.tmp

====== End of Folder: ======


========================= Folder: C:\ProgramData\94985f64993l59540z0 ========================

2017-05-03 02:45 - 2017-05-07 13:34 - 0041671 _____ () C:\ProgramData\94985f64993l59540z0\169.tmp

====== End of Folder: ======

C:\ProgramData\3572f69113l19270z3 => moved successfully
C:\ProgramData\57680f5597l66565z0 => moved successfully
C:\ProgramData\77762f98680l3466z7 => moved successfully
C:\WINDOWS\System32\Tasks\77762f98680l3466z7 => moved successfully
C:\WINDOWS\System32\Tasks\57680f5597l66565z0 => moved successfully
C:\ProgramData\94985f64993l59540z0 => moved successfully

========================= Folder: C:\Users\Jan\AppData\Local\Tempzxpsign0d840e6b3c6fde6f ========================


====== End of Folder: ======


========================= Folder: C:\Users\Jan\AppData\Local\Tempzxpsigndb1227cd9705aed7 ========================


====== End of Folder: ======


========================= Folder: C:\Users\Jan\AppData\Local\DBG ========================


====== End of Folder: ======


========================= Folder: C:\WINDOWS\ModemLogs ========================


====== End of Folder: ======


========= del C:\WINDOWS\system32\SET*.tmp =========

Could Not Find C:\WINDOWS\system32\SET*.tmp

========= End of CMD: =========


========= del C:\WINDOWS\SysWOW64\SET*.tmp =========

Could Not Find C:\WINDOWS\SysWOW64\SET*.tmp

========= End of CMD: =========


========================= File: C:\Users\Jan\AppData\Local\Temp\g6D.tmp.exe ========================

File not signed
MD5: 3EA2480920BC4B74F90951A00514A4EE
Creation and modification date: 2017-05-08 22:10 - 2017-05-08 22:10
Size: 0469504
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======

HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-78F0DE19A1AF} => key removed successfully
HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98} => key removed successfully
HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2} => key removed successfully
HKU\S-1-5-21-1304501298-2617440923-2015831366-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D488B6D-F73C-4A73-AE37-3E09FF89BB5A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D488B6D-F73C-4A73-AE37-3E09FF89BB5A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{193CDC18-8C56-4E89-8CC8-695FC0E23296} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{193CDC18-8C56-4E89-8CC8-695FC0E23296} => key removed successfully
C:\WINDOWS\System32\Tasks\57680f5597l66565z0 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\57680f5597l66565z0 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{296607BA-9257-445F-B4DD-135EAB7A046B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{296607BA-9257-445F-B4DD-135EAB7A046B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{45C47B7A-DE73-469D-889E-3E34DD701BBE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45C47B7A-DE73-469D-889E-3E34DD701BBE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4C867841-7FEE-48C8-8AEF-F1B6596B0291} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C867841-7FEE-48C8-8AEF-F1B6596B0291} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{58EDEA3E-9023-4217-9014-050E1ACA6513} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58EDEA3E-9023-4217-9014-050E1ACA6513} => key removed successfully
C:\WINDOWS\System32\Tasks\77762f98680l3466z7 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\77762f98680l3466z7 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{61C4DA81-3B4A-4AC7-8C5C-1A9210EEFD4F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61C4DA81-3B4A-4AC7-8C5C-1A9210EEFD4F} => key removed successfully
C:\WINDOWS\System32\Tasks\Ailt DmargeCopy => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ailt DmargeCopy => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{76C7BC31-71A9-4C9A-B4BE-589B1FDF5CA4} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76C7BC31-71A9-4C9A-B4BE-589B1FDF5CA4} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8F6921F0-B367-40EB-8145-C3FCC3951E04} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F6921F0-B367-40EB-8145-C3FCC3951E04} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully

========================= File: C:\Users\Jan\AppData\Roaming\com.lachhh.lachhhRPG\ISSCH\issch.exe ========================

"C:\Users\Jan\AppData\Roaming\com.lachhh.lachhhRPG\ISSCH\issch.exe" => not found.
====== End of File: ======

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{930A0FFF-EC39-4DC1-9BC1-CA6DF5CF012B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{930A0FFF-EC39-4DC1-9BC1-CA6DF5CF012B} => key removed successfully
C:\WINDOWS\System32\Tasks\InstallShield Update Service => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\InstallShield Update Service => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{A1D39891-435F-4D46-8B1F-06ADD2FBA725} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1D39891-435F-4D46-8B1F-06ADD2FBA725} => key removed successfully
C:\WINDOWS\System32\Tasks\Personal Performance Exam => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Personal Performance Exam => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A1F2561F-35B4-4A40-AC1D-33B160769119} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1F2561F-35B4-4A40-AC1D-33B160769119} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AFE85890-3C5C-4522-B0B9-39BD2310532C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFE85890-3C5C-4522-B0B9-39BD2310532C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9407770-7557-4865-B144-D071943C7572} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9407770-7557-4865-B144-D071943C7572} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8709DA9-5E70-4505-9560-4B760E338DDF} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8709DA9-5E70-4505-9560-4B760E338DDF} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF5B8AC1-F04F-4118-8635-1CB622E0D100} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF5B8AC1-F04F-4118-8635-1CB622E0D100} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Postman.lnk => Shortcut argument removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2AA86367-EE26-47B1-81A7-0BA0BA01978C} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7A7D7A4F-5961-448B-B7E4-DBB426C0FE5A} => value removed successfully

========= dir "C:\Windows\Inf" /AD =========

Volume in drive C has no label.
Volume Serial Number is 827C-68F4

Directory of C:\Windows\Inf

10.05.2017 11:44 <DIR> .
10.05.2017 11:44 <DIR> ..
06.04.2017 16:45 <DIR> .NET CLR Data
06.04.2017 16:45 <DIR> .NET CLR Networking
20.03.2017 06:39 <DIR> .NET CLR Networking 4.0.0.0
06.04.2017 16:45 <DIR> .NET Data Provider for Oracle
06.04.2017 16:45 <DIR> .NET Data Provider for SqlServer
20.03.2017 06:39 <DIR> .NET Memory Cache 4.0
06.04.2017 16:45 <DIR> .NETFramework
06.04.2017 16:45 <DIR> BITS
20.03.2017 06:39 <DIR> en-US
06.04.2017 16:45 <DIR> ESENT
06.04.2017 15:50 <DIR> Intel Storage Counters
06.04.2017 16:45 <DIR> MSDTC
06.04.2017 16:45 <DIR> MSDTC Bridge 3.0.0.0
20.03.2017 06:39 <DIR> MSDTC Bridge 4.0.0.0
06.04.2017 16:45 <DIR> PERFLIB
06.04.2017 16:45 <DIR> PNRPSvc
06.04.2017 16:45 <DIR> rdyboost
20.03.2017 06:39 <DIR> RemoteAccess
06.04.2017 16:45 <DIR> ServiceModelEndpoint 3.0.0.0
06.04.2017 16:45 <DIR> ServiceModelOperation 3.0.0.0
06.04.2017 16:45 <DIR> ServiceModelService 3.0.0.0
06.04.2017 16:45 <DIR> SMSvcHost 3.0.0.0
20.03.2017 06:39 <DIR> SMSvcHost 4.0.0.0
06.04.2017 16:45 <DIR> TAPISRV
06.04.2017 16:45 <DIR> TermService
06.04.2017 16:45 <DIR> UGatherer
06.04.2017 16:45 <DIR> UGTHRSVC
06.04.2017 16:45 <DIR> usbhub
06.04.2017 16:45 <DIR> Windows Workflow Foundation 3.0.0.0
20.03.2017 06:39 <DIR> Windows Workflow Foundation 4.0.0.0
10.05.2017 05:41 <DIR> WmiApRpl
06.04.2017 16:45 <DIR> wsearchidxpi
0 File(s) 0 bytes
34 Dir(s) 112˙114˙503˙680 bytes free

========= End of CMD: =========


========= dir "C:\PROGRA~1" =========

Volume in drive C has no label.
Volume Serial Number is 827C-68F4

Directory of C:\PROGRA~1

10.05.2017 13:13 <DIR> .
10.05.2017 13:13 <DIR> ..
02.03.2017 17:44 <DIR> Adobe
19.12.2016 17:10 <DIR> Bonjour
06.04.2017 15:50 <DIR> Common Files
16.02.2016 03:33 <DIR> CPUID
11.08.2015 19:34 <DIR> Crucial
02.08.2016 19:30 <DIR> Embedded Lockdown Manager
04.11.2016 23:10 <DIR> Extras
13.11.2015 11:27 <DIR> GIGABYTE
20.07.2016 13:52 <DIR> Google
06.04.2017 15:50 <DIR> Intel
06.04.2017 15:50 <DIR> Internet Explorer
19.12.2016 17:10 <DIR> Java
02.03.2017 16:57 <DIR> Malwarebytes
24.09.2015 13:00 <DIR> Microsoft Office
24.09.2015 13:01 <DIR> Microsoft Office 15
15.04.2017 05:35 <DIR> Microsoft Silverlight
06.04.2017 16:42 <DIR> MSBuild
23.05.2015 17:47 <DIR> NetBeans 8.0.2
22.12.2015 14:41 <DIR> Nik Software
09.05.2017 22:33 <DIR> NVIDIA Corporation
06.04.2017 15:49 <DIR> Realtek
06.04.2017 16:42 <DIR> Reference Assemblies
25.10.2015 16:43 <DIR> Reflector 2
22.09.2015 21:37 <DIR> SoftEther VPN Client
08.05.2017 01:57 <DIR> Synergy
29.01.2017 19:23 <DIR> TeamSpeak 3 Client
21.04.2016 13:42 <DIR> VB
25.12.2014 03:34 <DIR> Ventrilo
22.12.2015 14:38 <DIR> VS Revo Group
06.04.2017 16:45 <DIR> Windows Defender
06.04.2017 16:45 <DIR> Windows Defender Advanced Threat Protection
06.04.2017 15:50 <DIR> Windows Mail
06.04.2017 16:45 <DIR> Windows Media Player
18.03.2017 23:03 <DIR> Windows Multimedia Platform
06.04.2017 15:57 <DIR> Windows NT
10.05.2017 05:36 <DIR> Windows Photo Viewer
18.03.2017 23:03 <DIR> Windows Portable Devices
18.03.2017 23:03 <DIR> Windows Security
18.03.2017 23:03 <DIR> WindowsPowerShell
01.06.2015 17:12 <DIR> WinRAR
04.11.2016 23:01 <DIR> Wolfram Research
0 File(s) 0 bytes
43 Dir(s) 112˙114˙503˙680 bytes free

========= End of CMD: =========


========= dir "C:\PROGRA~2" =========

Volume in drive C has no label.
Volume Serial Number is 827C-68F4

Directory of C:\PROGRA~2

07.05.2017 13:51 <DIR> .
07.05.2017 13:51 <DIR> ..
25.12.2014 03:47 <DIR> abgx360
25.12.2014 03:24 <DIR> Activision
02.03.2017 17:25 <DIR> Adobe
17.03.2016 18:56 <DIR> Apple Software Update
10.05.2017 11:38 <DIR> Battle.net
25.12.2015 00:55 <DIR> Bloody5
19.12.2016 17:10 <DIR> Bonjour
25.12.2014 03:21 <DIR> CDBurnerXP
24.12.2016 22:03 <DIR> Cisco
30.04.2017 06:39 <DIR> Common Files
25.12.2014 02:46 <DIR> EaseUS
01.01.2016 21:05 <DIR> GIGABYTE
17.04.2016 13:48 <DIR> Google
25.12.2014 05:27 <DIR> i-Menu
20.07.2016 13:57 <DIR> Imagenomic
25.12.2014 03:48 <DIR> ImgBurn
24.12.2016 22:11 <DIR> Intel
13.04.2017 19:33 <DIR> Internet Explorer
01.05.2016 15:11 <DIR> Java
17.03.2017 01:48 <DIR> K-Lite Codec Pack
30.10.2015 16:19 <DIR> Kodi
22.08.2016 20:57 <DIR> Lachhh
27.07.2016 14:14 <DIR> LogMeIn Hamachi
07.05.2017 13:51 <DIR> Malwarebytes Anti-Malware
25.12.2014 03:54 <DIR> Microsoft ASP.NET
15.11.2015 18:18 <DIR> Microsoft Games for Windows - LIVE
30.04.2017 06:39 <DIR> Microsoft Office
15.04.2017 05:35 <DIR> Microsoft Silverlight
25.12.2014 03:28 <DIR> Microsoft XNA
06.04.2017 15:50 <DIR> Microsoft.NET
01.05.2017 05:33 <DIR> Mozilla Firefox
01.05.2017 05:33 <DIR> Mozilla Maintenance Service
06.04.2017 16:42 <DIR> MSBuild
30.12.2015 19:56 <DIR> MSI Afterburner
09.05.2017 22:32 <DIR> NVIDIA Corporation
16.02.2015 00:17 <DIR> OpenAL
22.09.2015 21:15 <DIR> OpenVPN
07.05.2017 13:45 <DIR> Opera
02.04.2017 00:06 <DIR> Origin
02.04.2017 00:28 <DIR> Origin Games
22.09.2015 21:14 <DIR> PingBuster
27.08.2015 17:56 <DIR> QuickTime
01.01.2016 18:09 <DIR> Realtek
06.04.2017 16:42 <DIR> Reference Assemblies
10.01.2016 00:43 <DIR> RivaTuner Statistics Server
19.12.2016 17:11 <DIR> Safari
17.11.2015 17:00 <DIR> Sigma Production Inc
06.04.2017 16:02 <DIR> Skype
28.12.2016 17:01 <DIR> Sony
14.06.2016 15:02 <DIR> Splashtop
31.08.2016 20:23 <DIR> Synergy
09.02.2017 05:39 <DIR> TeamViewer
20.01.2017 23:59 <DIR> Ubisoft
21.04.2016 13:42 <DIR> VB
09.05.2017 22:32 <DIR> VulkanRT
06.04.2017 16:45 <DIR> Windows Defender
06.04.2017 15:50 <DIR> Windows Mail
06.04.2017 16:45 <DIR> Windows Media Player
18.03.2017 23:03 <DIR> Windows Multimedia Platform
18.03.2017 23:03 <DIR> Windows NT
10.05.2017 05:36 <DIR> Windows Photo Viewer
18.03.2017 23:03 <DIR> Windows Portable Devices
18.03.2017 23:03 <DIR> WindowsPowerShell
0 File(s) 0 bytes
65 Dir(s) 112˙114˙499˙584 bytes free

========= End of CMD: =========


========= dir "C:\PROGRA~3" =========

Volume in drive C has no label.
Volume Serial Number is 827C-68F4

Directory of C:\PROGRA~3

29.04.2016 23:14 <DIR> .mono
02.03.2017 17:27 <DIR> Adobe
11.05.2016 22:06 <DIR> ALM
10.06.2015 18:10 <DIR> Apple
27.08.2015 17:56 <DIR> Apple Computer
08.01.2016 13:11 <DIR> AVAST Software
13.02.2016 16:53 <DIR> Battle.net
15.01.2015 21:21 <DIR> Blizzard Entertainment
02.03.2017 17:25 <DIR> boost_interprocess
25.12.2014 03:21 <DIR> Canneverbe Limited
29.07.2015 14:49 <DIR> ClassicShell
25.12.2014 04:57 <DIR> Codemasters
25.12.2014 04:56 <DIR> CODEX
16.07.2016 13:47 <DIR> Comms
10.06.2015 18:10 <DIR> DigiDNA
25.12.2014 05:16 <DIR> Electronic Arts
04.03.2017 19:37 <DIR> GOG.com
20.07.2016 13:53 <DIR> Google
25.12.2014 02:21 <DIR> InstallShield
24.12.2016 22:03 <DIR> Intel
24.12.2016 22:03 <DIR> Intel.sav
09.02.2015 20:36 <DIR> LogMeIn
07.05.2017 13:51 <DIR> Malwarebytes
04.11.2016 23:10 <DIR> Mathematica
24.09.2015 13:00 <DIR> Microsoft Help
06.04.2017 16:01 <DIR> Microsoft OneDrive
25.12.2014 03:39 <DIR> Microsoft Toolkit
10.05.2017 13:13 <DIR> NVIDIA
09.05.2017 22:33 <DIR> NVIDIA Corporation
27.01.2017 13:59 6˙776 NvTelemetryContainer.log
15.01.2017 11:08 5˙110 NvTelemetryContainer.log_backup1
01.05.2016 15:11 <DIR> Oracle
21.08.2016 17:53 <DIR> Orbit
02.04.2017 17:30 <DIR> Origin
09.05.2017 22:34 <DIR> Package Cache
17.08.2015 19:11 <DIR> Pinnacle
25.10.2015 16:10 <DIR> Reflector 2
06.04.2017 15:53 <DIR> regid.1986-12.com.adobe
30.04.2017 06:40 <DIR> regid.1991-06.com.microsoft
24.12.2016 22:03 <DIR> Roaming
06.04.2017 16:02 <DIR> Skype
18.03.2017 23:03 <DIR> SoftwareDistribution
22.09.2015 16:16 <DIR> Steam
25.12.2014 03:24 <DIR> Sun
06.04.2017 15:59 <DIR> USOPrivate
06.04.2017 15:59 <DIR> USOShared
22.12.2015 14:38 <DIR> VS Revo Group
20.03.2017 06:41 <DIR> WindowsHolographicDevices
10.01.2016 14:14 <DIR> X360CE
2 File(s) 11˙886 bytes
48 Dir(s) 112˙114˙495˙488 bytes free

========= End of CMD: =========


========= dir "%localappdata%" =========

Volume in drive C has no label.
Volume Serial Number is 827C-68F4

Directory of C:\Users\Jan\AppData\Local

10.05.2017 00:32 <DIR> .
10.05.2017 00:32 <DIR> ..
25.12.2014 05:00 <DIR> 201280
08.10.2016 16:23 <DIR> 2K Games
13.11.2015 10:50 <DIR> ActiveSync
10.05.2017 02:00 <DIR> Adobe
25.08.2015 20:52 1˙480 Adobe Ulo§it pro web 13.0 Prefs
26.12.2015 17:41 <DIR> Another_Perspective
25.12.2014 03:34 <DIR> Apple
19.12.2016 17:11 <DIR> Apple Computer
25.12.2014 03:53 <DIR> Apps
13.02.2015 03:34 <DIR> Aspyr
10.05.2017 13:08 <DIR> Battle.net
26.12.2015 18:00 <DIR> BIT.TRIP BEAT
25.12.2014 04:59 <DIR> Bizarre Creations
29.04.2016 23:14 <DIR> Blizzard
25.12.2014 03:20 <DIR> Blizzard Entertainment
04.07.2015 01:17 <DIR> CEF
15.12.2016 17:58 <DIR> Chromium
13.11.2015 10:50 <DIR> ClassicShell
13.11.2015 11:21 <DIR> Comms
06.04.2017 16:00 <DIR> ConnectedDevicesPlatform
10.05.2017 11:47 <DIR> CrashDumps
11.09.2015 22:30 <DIR> CSDSteamBuild
19.02.2017 01:46 <DIR> Daedalic Entertainment GmbH
22.04.2017 12:27 <DIR> DBG
03.07.2016 20:59 <DIR> DeadByDaylight
30.04.2017 17:19 <DIR> Diagnostics
19.08.2016 02:12 <DIR> DigiDNA
30.09.2016 14:19 <DIR> Discord
22.07.2016 14:51 <DIR> Downloaded Installations
24.01.2016 05:00 <DIR> ElevatedDiagnostics
25.12.2014 04:59 <DIR> Fallout3
21.11.2015 16:47 <DIR> Fallout4
06.10.2016 12:18 <DIR> FluxSoftware
25.12.2014 04:59 <DIR> Gaijin Games
25.12.2014 04:59 <DIR> Game Dev Tycoon - Steam
23.06.2015 21:02 <DIR> Gods_Will_Be_Watching
28.10.2016 17:06 <DIR> Google
01.06.2015 17:14 <DIR> GWX
02.01.2016 00:01 <DIR> Home_v15x
10.03.2017 02:36 <DIR> HyperLightDrifter
07.08.2016 04:09 <DIR> id Software
11.02.2015 20:28 <DIR> Introversion
25.12.2014 04:05 <DIR> JDownloader 2.0
03.08.2015 22:08 <DIR> JDownloader v2.0
09.02.2015 20:36 <DIR> LogMeIn
19.08.2016 02:18 <DIR> LogMeIn Hamachi
03.12.2016 23:57 <DIR> Maize
02.07.2016 23:32 <DIR> Master Spy
04.11.2016 23:10 <DIR> Mathematica
06.04.2017 15:54 <DIR> Microsoft
24.09.2015 13:08 <DIR> Microsoft Help
13.11.2015 12:21 <DIR> MicrosoftEdge
26.06.2016 16:14 <DIR> MomodoraRUtM
22.08.2016 21:59 <DIR> Mozilla
06.11.2015 23:48 <DIR> MSfree Inc
28.03.2016 01:21 <DIR> NBGI
23.05.2015 17:49 <DIR> NetBeans
16.11.2015 16:25 <DIR> Nicke_Manarin
27.07.2016 23:25 <DIR> NVIDIA
25.12.2016 04:29 <DIR> NVIDIA Corporation
04.07.2015 00:46 <DIR> openvr
21.12.2016 13:47 <DIR> Opera Software
21.05.2015 15:08 <DIR> Ori and the Blind Forest
02.04.2017 00:28 <DIR> Origin
20.04.2017 13:20 <DIR> Packages
13.11.2015 11:06 <DIR> PackageStaging
25.12.2014 04:59 <DIR> PAYDAY 2
13.11.2015 12:18 <DIR> PeerDistRepub
09.08.2015 16:21 <DIR> Pinnacle
03.08.2015 23:34 <DIR> Pinnacle_Studio_18
18.03.2016 16:39 <DIR> Plex Media Server
14.08.2016 13:26 <DIR> pokemon
25.12.2014 02:46 <DIR> Programs
13.11.2015 10:48 <DIR> Publishers
06.04.2017 16:08 <DIR> Recovery
25.10.2015 16:41 <DIR> Reflector 2
16.01.2016 14:46 7˙597 Resmon.ResmonCfg
01.05.2016 15:10 <DIR> SidebarDiagnostics
21.08.2016 17:52 <DIR> SKIDROW
10.12.2015 20:53 <DIR> Skype
28.12.2016 17:03 <DIR> Sony Corporation
14.06.2016 15:10 <DIR> Splashtop
10.05.2017 11:37 <DIR> Spotify
30.09.2016 14:19 <DIR> SquirrelTemp
15.12.2016 17:58 <DIR> Steam
25.12.2014 04:58 <DIR> storage
29.01.2017 19:23 <DIR> TeamSpeak 3
25.12.2014 03:51 <DIR> TeamViewer
10.05.2017 13:13 <DIR> Temp
04.11.2016 02:05 <DIR> Tempzxpsign09b48dfb32514237
07.09.2016 16:12 <DIR> Tempzxpsign0a5741b006e311f1
20.07.2016 13:44 <DIR> Tempzxpsign0abc5062c3badc0c
02.03.2017 17:30 <DIR> Tempzxpsign0c05ad2ca4418842
20.04.2017 16:29 <DIR> Tempzxpsign0d840e6b3c6fde6f
20.07.2016 13:54 <DIR> Tempzxpsign0ed4a74599cb28c7
02.03.2017 17:37 <DIR> Tempzxpsign170456f05f3b012d
21.08.2016 23:56 <DIR> Tempzxpsign254675de7c82bdd5
31.07.2016 13:16 <DIR> Tempzxpsign298cd31ab548c224
03.03.2017 22:24 <DIR> Tempzxpsign2b061b92cbd78c66
11.12.2016 01:37 <DIR> Tempzxpsign305ee1638f943426
13.01.2017 12:55 <DIR> Tempzxpsign331f9ff25fe41d8c
31.07.2016 17:03 <DIR> Tempzxpsign341ff2ac5a306a5c
23.01.2017 01:51 <DIR> Tempzxpsign34892fd143c3d60e
02.03.2017 17:13 <DIR> Tempzxpsign3baf5bb8be457be7
20.09.2016 14:49 <DIR> Tempzxpsign424be096dab7537a
02.03.2017 17:43 <DIR> Tempzxpsign499c63ed5610ccda
02.03.2017 17:30 <DIR> Tempzxpsign5282a2579a869b37
03.03.2017 22:20 <DIR> Tempzxpsign596ee2f939c8c453
15.01.2017 01:08 <DIR> Tempzxpsign66ce5bac8fd9de86
15.08.2016 16:21 <DIR> Tempzxpsign68664e3c23aec7af
05.09.2016 02:05 <DIR> Tempzxpsign68b6afcc3a213a65
22.07.2016 01:46 <DIR> Tempzxpsign6a74ba21f07931f5
14.01.2017 21:20 <DIR> Tempzxpsign721e0c5842d60b23
21.07.2016 14:41 <DIR> Tempzxpsign792e25b037356722
13.01.2017 12:55 <DIR> Tempzxpsign897a1265927e8acb
26.09.2016 09:03 <DIR> Tempzxpsign9f1b9e7672155d7c
04.09.2016 21:23 <DIR> Tempzxpsignac2007f76ae7d0a3
25.11.2016 18:44 <DIR> Tempzxpsignb5eb62fbe3f90d28
13.10.2016 22:36 <DIR> Tempzxpsignb77e56fd7dbe6c4b
20.07.2016 13:49 <DIR> Tempzxpsignbaa2073abe873d9d
21.07.2016 21:51 <DIR> Tempzxpsignbd75bcb243bea073
25.02.2017 23:45 <DIR> Tempzxpsignc273f4f0e2068146
23.08.2016 17:41 <DIR> Tempzxpsignd1bfc9a30656e4c8
18.03.2017 01:39 <DIR> Tempzxpsignd56ad787efa74535
07.10.2016 01:12 <DIR> Tempzxpsignd8813c2be7402bef
02.03.2017 16:48 <DIR> Tempzxpsignd9eb9065e901ea4c
20.04.2017 14:40 <DIR> Tempzxpsigndb1227cd9705aed7
14.02.2017 03:31 <DIR> Tempzxpsignde395b159f6dbbed
12.02.2017 19:00 <DIR> Tempzxpsigne282d4db0a424a7d
20.07.2016 13:57 <DIR> Tempzxpsigne494e6e925123ad4
20.12.2016 23:27 <DIR> Tempzxpsignef2f4140e7aee5d8
20.07.2016 13:47 <DIR> Tempzxpsignf0a9e214d9e7d0b2
02.03.2017 17:30 <DIR> Tempzxpsignf857733060ec3760
13.11.2015 10:48 <DIR> TileDataLayer
30.12.2015 02:49 <DIR> Two Tribes
21.01.2017 00:03 <DIR> Ubisoft Game Launcher
14.11.2015 16:26 <DIR> UNDERTALE
08.05.2017 00:29 <DIR> UnrealEngine
19.02.2017 03:45 <DIR> VenusPrototype
20.05.2016 23:11 <DIR> VirtualStore
30.10.2015 15:24 <DIR> Vivox
22.12.2015 14:38 <DIR> VS Revo Group
02.07.2015 21:49 <DIR> WIMH
04.11.2016 23:10 <DIR> Wolfram
2 File(s) 9˙077 bytes
144 Dir(s) 112˙114˙491˙392 bytes free

========= End of CMD: =========


========= dir "%appdata%" =========

Volume in drive C has no label.
Volume Serial Number is 827C-68F4

Directory of C:\Users\Jan\AppData\Roaming

09.05.2017 22:31 <DIR> .
09.05.2017 22:31 <DIR> ..
29.04.2016 23:14 <DIR> .mono
31.12.2014 19:36 <DIR> 11bitstudios
08.11.2015 15:49 <DIR> 5kplayer
25.11.2016 23:49 <DIR> A Good Snowman Is Hard To Build
25.12.2014 05:00 <DIR> abgx360
02.03.2017 17:35 <DIR> Adobe
03.03.2017 22:21 34 AdobeWLCMCache.dat
21.12.2016 13:28 <DIR> Apple Computer
09.08.2015 16:21 1˙006 ARCANE-PC.MTBF.txt
18.12.2015 22:01 <DIR> Audacity
13.02.2016 16:53 <DIR> Battle.net
25.12.2014 05:01 <DIR> Bioshock
25.12.2014 03:21 <DIR> Canneverbe Limited
29.07.2015 14:47 <DIR> ClassicShell
26.05.2015 18:27 <DIR> com.infernax
10.01.2016 01:56 <DIR> com.kintogames.bitDungeonII
07.08.2016 03:42 <DIR> com.lachhh.lachhhRPG
16.05.2015 18:40 <DIR> com.sokobond
07.08.2016 02:07 <DIR> corz
04.02.2016 17:54 <DIR> Crystal Dynamics
28.07.2016 17:22 <DIR> Curse
25.12.2014 03:54 <DIR> Curse Advertising
27.10.2016 19:12 <DIR> Curse Client
28.03.2016 00:54 <DIR> Dark Souls - Prepare to Die Edition
01.04.2016 16:21 <DIR> DarkSoulsII
30.03.2017 17:53 <DIR> DarkSoulsIII
30.09.2016 14:26 <DIR> discord
18.03.2016 21:21 <DIR> Duet
29.08.2016 14:38 <DIR> Eidos Montreal
28.04.2017 00:38 <DIR> Google
19.08.2015 04:10 <DIR> grapefrukt games
05.05.2016 00:19 <DIR> Human Resource Machine
25.12.2014 05:35 <DIR> Identities
19.08.2016 02:36 <DIR> iFunbox_UserCache
21.12.2015 18:15 <DIR> Imagenomic
28.12.2014 20:58 <DIR> ImgBurn
25.12.2014 02:18 <DIR> InstallShield
24.12.2016 22:03 <DIR> Intel
25.12.2014 02:21 <DIR> Intel Corporation
25.12.2014 05:01 <DIR> Knights Saves
20.11.2016 02:05 <DIR> Kodi
10.01.2016 01:58 <DIR> LoneSurvivor
25.12.2014 03:41 <DIR> Macromedia
04.11.2016 23:14 <DIR> Mathematica
22.08.2016 21:53 <DIR> Mozilla
23.12.2015 16:59 <DIR> MPC-HC
23.05.2015 17:49 <DIR> NetBeans
21.12.2016 13:47 <DIR> Opera Software
06.05.2015 02:24 <DIR> Ori and the Blind Forest
02.04.2017 17:30 <DIR> Origin
25.12.2014 03:47 <DIR> PDAppFlex
09.09.2015 15:16 <DIR> PingBuster
14.08.2016 13:25 <DIR> pokemon-go-map
23.06.2016 11:58 <DIR> Racket
10.05.2017 12:53 <DIR> Skype
10.05.2017 12:32 <DIR> Spotify
25.12.2014 05:03 <DIR> Steam
24.06.2016 21:42 282˙716˙672 steam_api.wic
27.08.2015 12:58 <DIR> Sun
14.02.2016 20:28 <DIR> TeamViewer
25.12.2014 05:02 <DIR> The Wolf Among Us
25.12.2014 05:02 <DIR> Tomb Raider
25.01.2016 00:02 <DIR> Totusoft
04.04.2015 12:45 <DIR> Trine2
08.05.2017 21:58 <DIR> TS3Client
06.07.2016 12:19 9 update.dat
10.05.2017 11:43 <DIR> uTorrent
26.06.2016 22:03 3˙320 VoiceMeeterDefault.xml
25.08.2015 17:26 <DIR> VP2
29.10.2016 00:08 <DIR> WesteradoDB
15.05.2015 01:47 <DIR> WinRAR
5 File(s) 282˙721˙041 bytes
68 Dir(s) 112˙114˙487˙296 bytes free

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 31683796 B
Java, Flash, Steam htmlcache => 729627444 B
Windows/system/drivers => 15151585 B
Edge => 13955565 B
Chrome => 987462622 B
Firefox => 369972666 B
Opera => 18724442 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 1320641 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 970570 B
Jan => 166848153 B

RecycleBin => 109930 B
EmptyTemp: => 2.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:14:14 ====

altrok
Moderátor
Moderátor
Příspěvky: 7257
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Procesor často vytížen

#13 Příspěvek od altrok »

Pouzival jste na zalozky nejake rozsireni? Tyka se to jen zalozek v Chromu?

Marne hledam, co by ve fixu melo spojitost se zalozkami...

  • Znovu spustte FRST.exe/FRST64.exe
  • stisknete Ctrl + y (obe klavesy zaroven)
  • otevre se fixlist.txt, do nejz vlozte obsah bileho pole nize
  • stisknete Ctrl + s (ulozite zmeny), pote fixlist zavrete
  • kliknete na tlacitko Fix
  • po restartu bude vedle FRST vytvoren fixlog, jehoz obsah vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
    CloseProcesses:
    Tcpip\Parameters: [DhcpNameServer] 81.25.1.250 81.25.28.250
    Tcpip\..\Interfaces\{10f705c1-32e3-4380-8a5c-97e2e0787804}: [DhcpNameServer] 81.25.1.250 81.25.28.250
    End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

Arcane
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 11 říj 2006 15:22

Re: Procesor často vytížen

#14 Příspěvek od Arcane »

Pardon, možná jsem se vyjádřil špatně jak tak koukám. Nesmazaly se mi uložené záložky, ale otevřené karty se stránkama. Ty si nechávám permanentně otevřené na vedlejším monitoru.


Fix result of Farbar Recovery Scan Tool (x64) Version: 08-05-2017
Ran by Jan (10-05-2017 14:08:26) Run:2
Running from C:\Users\Jan\Desktop
Loaded Profiles: Jan (Available Profiles: Jan)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
Tcpip\Parameters: [DhcpNameServer] 81.25.1.250 81.25.28.250
Tcpip\..\Interfaces\{10f705c1-32e3-4380-8a5c-97e2e0787804}: [DhcpNameServer] 81.25.1.250 81.25.28.250
End
*****************

Processes closed successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{10f705c1-32e3-4380-8a5c-97e2e0787804}\\DhcpNameServer => value removed successfully


The system needed a reboot.

==== End of Fixlog 14:08:27 ====

altrok
Moderátor
Moderátor
Příspěvky: 7257
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Procesor často vytížen

#15 Příspěvek od altrok »

Ano, otevrene panely, historie, cookies a dalsi byly smazany. Tato operace nelze vratit.

Jak se pocitac chova ted? Jake konkretni problemy pozorujete?

Vlozte prosim nove logy FRST.txt a Addition.txt (opet bez pouziti FRSTLauncheru).
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

Zamčeno