Problém s internetem

[EcolsX]

Dobrý den. Mám problém s rychlostí připojení, hlavně při hraní. Když ale používám VPN, internet běží v pohodě. Předem děkuji za odezvu. Zde přikládám log:

Logfile of random's system information tool 1.16 (written by random/random)
Run by Kuba at 2017-05-20 08:47:43
Microsoft Windows 10 Home
System drive C: has 4 GB (7%) free of 61 GB
Total RAM: 6143 MB (47% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:47:52, on 20.05.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0953)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
C:\Users\Kuba\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Kuba\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\Kuba\AppData\Local\MyComGames\MyComGames.exe
C:\Users\Kuba\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Kuba\AppData\Roaming\BitTorrent\updates\7.9.9_43389\bittorrentie.exe
C:\Users\Kuba\AppData\Roaming\BitTorrent\updates\7.9.9_43389\bittorrentie.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
C:\Program Files\trend micro\Kuba_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: 127.0.0.3 www.anchorfree.net
O1 - Hosts: 127.0.0.2 www.mefeedia.com
O1 - Hosts: 127.0.0.3 anchorfree.net
O1 - Hosts: 127.0.0.3 techbrowsing.com/away.php
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Kuba\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Kuba\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Kuba\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [MyComGames] "C:\Users\Kuba\AppData\Local\MyComGames\MyComGames.exe" -autostart
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Kuba\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CyberGhost] "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: CyberGhost 6 Service (CG6Service) - CyberGhost S.R.L - C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Wireless Controller Service - Unknown owner - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe (file missing)
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @oem5.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

--
End of file - 9879 bytes

====== Enumerating Processes ======

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\Tablet\Pen\WTabletServiceCon.exe"
"C:\Program Files\Tablet\Wacom\WTabletServicePro.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe"
"C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
C:\Windows\system32\svchost.exe -k appmodel
C:\Windows\system32\viakaraokesrv.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\CyberGhost 6\CyberGhost.Service.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\dashost.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
C:\Windows\system32\AUDIODG.EXE 0x300
C:\Windows\System32\WinLogon.exe -SpecialSession
C:\Windows\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -c
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe"
C:\Windows\system32\sihost.exe
C:\Windows\system32\taskhostw.exe
"C:\Program Files\Tablet\Wacom\WacomHost.exe" "C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au
C:\Windows\Explorer.EXE
"C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files\Tablet\Pen\Pen_TabletUser.exe"
"C:\Program Files\Tablet\Pen\WacomHost.exe" "C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Tablet\Pen\Pen_TouchUser.exe"
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Users\Kuba\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
C:\Users\Kuba\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
"C:\Users\Kuba\AppData\Local\MyComGames\MyComGames.exe" -autostart
"C:\Users\Kuba\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Users\Kuba\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\Kuba\AppData\Roaming\BitTorrent\updates\7.9.9_43389\bittorrentie.exe" BitTorrent_1868_00B9CFB8_686002028 BT4823DF041B09 BitTorrent
"C:\Users\Kuba\AppData\Roaming\BitTorrent\updates\7.9.9_43389\bittorrentie.exe" BitTorrent_1868_00B9D478_1199014364 BT4823DF041B09 BitTorrent
"C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\System32\fontdrvhost.exe
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe" -Embedding
"C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe" -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe" SCODEF:9012 CREDAT:140545 /prefetch:2
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe" SCODEF:9012 CREDAT:140547 /prefetch:2
"C:\Program Files\Opera\45.0.2552.812\opera.exe" --ran-launcher --opener-id="B6aM+oDT2caq9nSsC:\Windows\explorer.exe"
"C:\Program Files\Opera\45.0.2552.812\opera_crashreporter.exe" --ran-launcher --opener-id="B6aM+oDT2caq9nSsC:\Windows\explorer.exe" --crash-reporter-parent-id=9156
"C:\Program Files\Opera\45.0.2552.812\opera.exe" --type=gpu-process --field-trial-handle=1636 --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=9680 --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,19,20,23,41,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x10de --gpu-device-id=0x1381 --gpu-driver-vendor=NVIDIA --gpu-driver-version=21.21.13.7849 --gpu-driver-date=1-20-2017 --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=9680 --service-request-channel-token=CB18CA2A58FB5AE2A008AB74C3A31622 --mojo-platform-channel-handle=1652 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files\Opera\45.0.2552.812\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --field-trial-handle=1636 --primordial-pipe-token=56D8BD283A968C65D99AF5305086EAE4 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=9680 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=56D8BD283A968C65D99AF5305086EAE4 --renderer-client-id=6 --mojo-platform-channel-handle=2880 /prefetch:1
"C:\Program Files\Opera\45.0.2552.812\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --field-trial-handle=1636 --primordial-pipe-token=7D1C8D9100DAF0EE7EED12B3E8D36E79 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=9680 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=7D1C8D9100DAF0EE7EED12B3E8D36E79 --renderer-client-id=12 --mojo-platform-channel-handle=4244 /prefetch:1
"C:\Program Files\Opera\45.0.2552.812\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --field-trial-handle=1636 --primordial-pipe-token=57483A8C558C63C372010A7C7D2CAF2A --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=9680 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=57483A8C558C63C372010A7C7D2CAF2A --renderer-client-id=21 --mojo-platform-channel-handle=4244 /prefetch:1
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Opera\45.0.2552.812\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --field-trial-handle=1636 --primordial-pipe-token=B6FE76023B52F0135AD4E433FB3A7BC3 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=9680 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=B6FE76023B52F0135AD4E433FB3A7BC3 --renderer-client-id=14 --mojo-platform-channel-handle=6864 /prefetch:1
"C:\Program Files\Opera\45.0.2552.812\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --field-trial-handle=1636 --primordial-pipe-token=7FCFFD23F667C8185B24BC58F80A88DB --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=9680 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=7FCFFD23F667C8185B24BC58F80A88DB --renderer-client-id=11 --mojo-platform-channel-handle=7616 /prefetch:1
"C:\Program Files\Opera\45.0.2552.812\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --field-trial-handle=1636 --primordial-pipe-token=77E2F1984320CDA764014653D3B261A6 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=9680 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=77E2F1984320CDA764014653D3B261A6 --renderer-client-id=24 --mojo-platform-channel-handle=8020 /prefetch:1
"C:\Program Files\Opera\45.0.2552.812\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --field-trial-handle=1636 --primordial-pipe-token=C672254629E25D124DFBAEA00699EEF2 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=9680 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=C672254629E25D124DFBAEA00699EEF2 --renderer-client-id=10 --mojo-platform-channel-handle=8400 /prefetch:1
"C:\Program Files\Opera\45.0.2552.812\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --field-trial-handle=1636 --primordial-pipe-token=56E44E7A799F05E9CE22DACEC95D18EF --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=9680 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=56E44E7A799F05E9CE22DACEC95D18EF --renderer-client-id=13 --mojo-platform-channel-handle=6768 /prefetch:1
"C:\Program Files\Opera\45.0.2552.812\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --field-trial-handle=1636 --primordial-pipe-token=BEB5D4FB2385E7D0494F7B3C0D55B834 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=9680 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=BEB5D4FB2385E7D0494F7B3C0D55B834 --renderer-client-id=16 --mojo-platform-channel-handle=4080 /prefetch:1
"C:\Program Files\Opera\45.0.2552.812\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --field-trial-handle=1636 --primordial-pipe-token=1B123C3CBA306D3EB055259549262EE1 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=9680 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=1B123C3CBA306D3EB055259549262EE1 --renderer-client-id=19 --mojo-platform-channel-handle=4616 /prefetch:1
"C:\Program Files\Opera\45.0.2552.812\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --field-trial-handle=1636 --primordial-pipe-token=6CCE8D502C40DE05D1EA949AE2D7476E --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=9680 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=6CCE8D502C40DE05D1EA949AE2D7476E --renderer-client-id=18 --mojo-platform-channel-handle=10392 /prefetch:1
"C:\Program Files\Opera\45.0.2552.812\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --field-trial-handle=1636 --primordial-pipe-token=8742154A4EF7A947BC30F9A6600C0049 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=9680 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=8742154A4EF7A947BC30F9A6600C0049 --renderer-client-id=15 --mojo-platform-channel-handle=10300 /prefetch:1
"C:\Program Files\Opera\45.0.2552.812\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --field-trial-handle=1636 --primordial-pipe-token=1D810615BFDD3035CE1E391F8E376A9D --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=9680 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=1D810615BFDD3035CE1E391F8E376A9D --renderer-client-id=25 --mojo-platform-channel-handle=10412 /prefetch:1
"C:\Program Files\Opera\45.0.2552.812\opera.exe" --type=ppapi --field-trial-handle=1636 --alt-high-dpi-setting=96 --system-dpi-setting=96 --ppapi-flash-args --lang=cs --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=9680 --service-request-channel-token=3A7660952B96FE48F5BCC9BDA87AC2DC --mojo-platform-channel-handle=11484 --ignored=" --type=renderer " /prefetch:3
"C:\Program Files\Opera\45.0.2552.812\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --field-trial-handle=1636 --primordial-pipe-token=531E5B3FE93BF84384BA024EF861CE1C --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=9680 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=531E5B3FE93BF84384BA024EF861CE1C --renderer-client-id=17 --mojo-platform-channel-handle=11904 /prefetch:1
"C:\Program Files\Opera\45.0.2552.812\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --field-trial-handle=1636 --primordial-pipe-token=CB1B2F4E77D838FFF96196DEA12CFC4D --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=9680 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=CB1B2F4E77D838FFF96196DEA12CFC4D --renderer-client-id=28 --mojo-platform-channel-handle=10168 /prefetch:1
"C:\Program Files\Opera\45.0.2552.812\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --field-trial-handle=1636 --primordial-pipe-token=B0FF84E66C4F721FF3F7581816E1C3ED --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=9680 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=B0FF84E66C4F721FF3F7581816E1C3ED --renderer-client-id=29 --mojo-platform-channel-handle=8304 /prefetch:1
C:\Windows\system32\DllHost.exe /Processid:{49F6E667-6658-4BD1-9DE9-6AF87F9FAF85}
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe208_ Global\UsGthrCtrlFltPipeMssGthrPipe208 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 632 636 644 8192 640
"C:\Users\Kuba\AppData\Local\Temp\scoped_dir9156_26471\RSITx64.exe"

====== Scheduled tasks folder ======

C:\Windows\system32\tasks\Adobe Flash Player PPAPI Notifier - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_171_pepper.exe -check pepperplugin
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
C:\Windows\system32\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
C:\Windows\system32\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\Windows\system32\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\Windows\system32\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
C:\Windows\system32\tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
C:\Windows\system32\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
C:\Windows\system32\tasks\OneDrive Standalone Update Task v2 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\Windows\system32\tasks\Opera scheduled Autoupdate 1486210545 - C:\Program Files\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\{7957C13E-2876-4D90-A327-97444F4AD7DC} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\TabletPlugins\fbWTPUninstall.exe"
C:\Windows\system32\tasks\{79ED538B-0FFC-445C-B719-E9350374CFF6} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Tablet\Pen\32\Remove.exe" -c /u
C:\Windows\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\Windows\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\Windows\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\Windows\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\Windows\system32\sc.exe start wuauserv
C:\Windows\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\Windows\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\Windows\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\Windows\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\Windows\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\Windows\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\Windows\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval - %systemroot%\system32\MusNotification.exe Display
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe RebootDialog
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - %systemroot%\system32\MusNotification.exe Display
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - %systemroot%\system32\MusNotification.exe ReadyToReboot
C:\Windows\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\Windows\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\Windows\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\Windows\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\Windows\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\Windows\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\Windows\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\Windows\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\Windows\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\Windows\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\Windows\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\Windows\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\Windows\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\Windows\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\Windows\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\Windows\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\Windows\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\Windows\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe

=========Google Chrome=========

C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake
Extension apdfllckaahabafndbhieahigkjlhalf
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bgjpfhpjcgdppjbgnpnjllokbmcdllig 1 Seznam Lištička - Email 1.4.2
Extension blmojkbhnkkphngknkmgccmlenfaelkd 1 Seznam Lištička - Slovník 1.4.6
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension olfeabkoenfaoljndfecamgilllcpiak 1 Seznam Lištička - Rychlá volba 1.8.7
Extension pjkljhegncpnkpknbcohdijeoejaedia
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5616.1121.0.3
Homepage: http://www.google.com/
default_search_provider.search_url:
C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage: http://www.seznam.cz/?clid=13554
default_search_provider.search_url:

======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-04 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-04 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-28 631808]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2017-01-20 1872320]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Kuba\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-04-12 1518808]
"cz.seznam.software.autoupdate"=C:\Users\Kuba\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Kuba\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Steam"=C:\Program Files (x86)\Steam\steam.exe -silent []
"MyComGames"=C:\Users\Kuba\AppData\Local\MyComGames\MyComGames.exe [2017-05-15 5415824]
"BitTorrent"=C:\Users\Kuba\AppData\Roaming\BitTorrent\BitTorrent.exe [2017-03-18 1982152]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-03-14 27545048]
"CyberGhost"=C:\Program Files\CyberGhost 6\CyberGhost.exe [2017-05-03 1157680]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-12-12 587288]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"

====== List of files/folders created in the last 1 month ======

2017-05-20 08:47:43 ----D---- C:\rsit
2017-05-20 08:47:43 ----D---- C:\Program Files\trend micro
2017-05-08 10:12:28 ----D---- C:\Program Files\TAP-Windows
2017-05-08 10:12:20 ----AD---- C:\Program Files\CyberGhost 6
2017-05-06 09:20:30 ----D---- C:\Users\Kuba\AppData\Roaming\.purple
2017-05-06 09:20:16 ----D---- C:\Program Files (x86)\Pidgin

====== List of files/folders modified in the last 1 month ======

2017-05-20 08:47:43 ----RD---- C:\Program Files
2017-05-20 08:47:32 ----D---- C:\Windows\Prefetch
2017-05-20 08:44:11 ----D---- C:\Users\Kuba\AppData\Roaming\BitTorrent
2017-05-20 08:43:53 ----D---- C:\Users\Kuba\AppData\Roaming\Skype
2017-05-20 08:41:56 ----D---- C:\Windows\Temp
2017-05-20 08:39:07 ----D---- C:\Users\Kuba\AppData\Roaming\Seznam.cz
2017-05-20 08:36:13 ----D---- C:\Windows\system32\sru
2017-05-20 08:35:53 ----D---- C:\ProgramData\NVIDIA
2017-05-20 08:35:00 ----D---- C:\Windows\system32\Tasks
2017-05-20 08:35:00 ----AD---- C:\Program Files\Opera
2017-05-19 22:01:16 ----D---- C:\Windows\system32\SleepStudy
2017-05-19 20:03:25 ----D---- C:\Windows\AppReadiness
2017-05-19 14:56:55 ----RD---- C:\Windows\Microsoft.NET
2017-05-19 14:49:34 ----HD---- C:\Program Files\WindowsApps
2017-05-18 20:20:59 ----D---- C:\Windows\CbsTemp
2017-05-17 21:11:05 ----D---- C:\Windows\system32\config
2017-05-17 15:49:07 ----D---- C:\Windows\WinSxS
2017-05-16 21:50:18 ----D---- C:\Windows\system32\appraiser
2017-05-11 16:28:53 ----D---- C:\Windows\system32\NDF
2017-05-10 17:22:29 ----D---- C:\Windows\system32\MRT
2017-05-10 17:20:57 ----AC---- C:\Windows\system32\MRT.exe
2017-05-10 17:20:54 ----D---- C:\Windows\SysWOW64
2017-05-09 15:36:28 ----D---- C:\Windows\system32\Macromed
2017-05-09 15:36:25 ----D---- C:\Windows\SYSWOW64\Macromed
2017-05-08 12:47:29 ----D---- C:\Windows\System32
2017-05-08 12:47:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-05-08 10:12:40 ----D---- C:\Windows\INF
2017-05-08 10:12:32 ----D---- C:\Windows\system32\DriverStore
2017-05-08 10:12:32 ----D---- C:\Windows\system32\drivers
2017-05-07 20:08:06 ----D---- C:\Windows\Minidump
2017-05-07 20:08:05 ----D---- C:\Windows
2017-05-06 09:20:16 ----RD---- C:\Program Files (x86)
2017-05-05 22:41:44 ----D---- C:\Windows\system32\catroot2
2017-05-01 11:10:22 ----D---- C:\Users\Kuba\AppData\Roaming\WhatsApp
2017-04-29 07:24:39 ----SHD---- C:\Windows\Installer
2017-04-29 02:59:37 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\Windows\system32\drivers\iorate.sys [2016-11-02 48992]
R1 HssDRV6;@oem25.inf,%HssDRV6_Desc%;Hotspot Shield Routing Driver 6; C:\Windows\system32\DRIVERS\hssdrv6.sys [2015-09-18 44648]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO64A.SYS [2017-02-04 27552]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\Windows\System32\drivers\registry.sys [2016-07-16 70144]
R3 AFTrafMgr1.2;AFTrafMgr1.2; \??\C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_2_64.sys [2017-02-16 57272]
R3 NVHDA;@oem7.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2017-01-24 217528]
R3 nvlddmkm;nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_02838dee03d82b94\nvlddmkm.sys [2017-01-21 14427064]
R3 nvvad_WaveExtensible;@oem11.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2017-01-20 46016]
R3 nvvhci;@oem12.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\Windows\System32\drivers\nvvhci.sys [2017-01-20 57792]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\Windows\System32\drivers\rt640x64.sys [2016-07-16 589824]
R3 tap0901;@oem26.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\Windows\System32\drivers\tap0901.sys [2016-04-21 27136]
R3 taphss6;@oem24.inf,%DeviceDescription%;Anchorfree HSS VPN Adapter; C:\Windows\System32\drivers\taphss6.sys [2017-02-09 42064]
S0 megasas2i;megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\Windows\System32\drivers\scmbus.sys [2016-07-16 88416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\Windows\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\Windows\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 hidkmdf;@oem23.inf,%hidkmdf.SVCDESC%;KMDF Driver; C:\Windows\System32\drivers\hidkmdf.sys [2016-12-06 32480]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\Windows\system32\drivers\hvservice.sys [2016-08-06 73568]
S3 cht4iscsi;cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\Windows\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\Windows\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\Windows\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\Windows\system32\drivers\irda.sys [2016-07-16 120320]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\Windows\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-01-20 27584]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\Windows\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension; C:\Windows\System32\Drivers\UcmTcpciCx.sys [2016-07-16 108544]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2016-07-16 46592]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 CDPUserSvc_b879fa7;CDPUserSvc_b879fa7; C:\Windows\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 CG6Service;CyberGhost 6 Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [2017-05-03 91184]
R2 FoxitReaderService;Foxit Reader Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [2016-12-29 1659592]
R2 hshld;Hotspot Shield Service; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2017-03-01 2604664]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-20 462784]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-01-20 464440]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-01-20 425408]
R2 OneSyncSvc_b879fa7;Hostitel synchronizace_b879fa7; C:\Windows\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\TimeBrokerServer.dll
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S2 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-02-27 317400]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 MessagingService_b879fa7;Služba zasílání zpráv_b879fa7; C:\Windows\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-20 462784]
S3 PimIndexMaintenanceSvc_b879fa7;Data kontaktů_b879fa7; C:\Windows\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-03-10 1590560]
S3 UnistoreSvc_b879fa7;Úložiště uživatelských dat_b879fa7; C:\Windows\System32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 UserDataSvc_b879fa7;Přístup k uživatelským datům_b879fa7; C:\Windows\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[EcolsX]

# AdwCleaner v6.047 - Log vytvořen 20/05/2017 v 11:33:59
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-05-19.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Kuba - DESKTOP-VFD97N2
# Spuštěno z : C:\Users\Kuba\Desktop\adwcleaner_6.047.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKU\S-1-5-21-3172571655-639990-1623613506-1001\Software\csastats
[#] Klíč smazán po restartu: HKCU\Software\csastats
[#] Klíč smazán po restartu: [x64] HKCU\Software\csastats


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [997 Bajty] - [20/05/2017 11:33:59]
C:\AdwCleaner\AdwCleaner[S0].txt - [1480 Bajty] - [20/05/2017 11:32:41]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1142 Bajty] ##########

[Rudy]

Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[EcolsX]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-05-2017
Ran by Kuba (administrator) on DESKTOP-VFD97N2 (20-05-2017 12:51:03)
Running from C:\Users\Kuba\Desktop
Loaded Profiles: Kuba (Available Profiles: defaultuser0 & Kuba)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
() C:\Users\Kuba\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Kuba\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(BitTorrent Inc.) C:\Users\Kuba\AppData\Roaming\BitTorrent\BitTorrent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(BitTorrent Inc.) C:\Users\Kuba\AppData\Roaming\BitTorrent\updates\7.9.9_43389\bittorrentie.exe
(BitTorrent Inc.) C:\Users\Kuba\AppData\Roaming\BitTorrent\updates\7.9.9_43389\bittorrentie.exe
(CyberGhost S.R.L.) C:\Program Files\CyberGhost 6\CyberGhost.exe
(Jan Fiala) C:\Program Files (x86)\PSPad editor\PSPad.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1703.601.0_x64__8wekyb3d8bbwe\Calculator.exe
(Opera Software) C:\Program Files\Opera\45.0.2552.812\opera.exe
(Opera Software) C:\Program Files\Opera\45.0.2552.812\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\45.0.2552.812\opera.exe
(Opera Software) C:\Program Files\Opera\45.0.2552.812\opera.exe
(Opera Software) C:\Program Files\Opera\45.0.2552.812\opera.exe
(Opera Software) C:\Program Files\Opera\45.0.2552.812\opera.exe
(Opera Software) C:\Program Files\Opera\45.0.2552.812\opera.exe
(Opera Software) C:\Program Files\Opera\45.0.2552.812\opera.exe
(Opera Software) C:\Program Files\Opera\45.0.2552.812\opera.exe
(Opera Software) C:\Program Files\Opera\45.0.2552.812\opera.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() E:\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\LeagueClient.exe
() E:\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\LeagueClientUx.exe
() E:\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\LeagueClientUxRender.exe
() E:\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\LeagueClientUxRender.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Opera Software) C:\Program Files\Opera\45.0.2552.812\opera.exe
(Opera Software) C:\Program Files\Opera\45.0.2552.812\opera.exe
(Opera Software) C:\Program Files\Opera\45.0.2552.812\opera.exe
(Opera Software) C:\Program Files\Opera\45.0.2552.812\opera.exe
(Opera Software) C:\Program Files\Opera\45.0.2552.812\opera.exe
(Opera Software) C:\Program Files\Opera\45.0.2552.812\opera.exe
(Opera Software) C:\Program Files\Opera\45.0.2552.812\opera.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\Kuba\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-03-28] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3172571655-639990-1623613506-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Kuba\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3172571655-639990-1623613506-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Kuba\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3172571655-639990-1623613506-1001\...\Run: [Steam] => "C:\Program Files (x86)\Steam\steam.exe" -silent
HKU\S-1-5-21-3172571655-639990-1623613506-1001\...\Run: [MyComGames] => C:\Users\Kuba\AppData\Local\MyComGames\MyComGames.exe [5415824 2017-05-15] (MY.COM B.V.)
HKU\S-1-5-21-3172571655-639990-1623613506-1001\...\Run: [BitTorrent] => C:\Users\Kuba\AppData\Roaming\BitTorrent\BitTorrent.exe [1982152 2017-03-18] (BitTorrent Inc.)
HKU\S-1-5-21-3172571655-639990-1623613506-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3172571655-639990-1623613506-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 6\CyberGhost.exe [1157680 2017-05-03] (CyberGhost S.R.L.)
HKU\S-1-5-21-3172571655-639990-1623613506-1001\...\MountPoints2: {f49e0bfb-2543-11e7-a368-0025228bee7e} - "D:\Startup.exe"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.100.1.234 8.8.8.8
Tcpip\..\Interfaces\{593056a5-7059-4152-bf64-910354d1c50f}: [DhcpNameServer] 10.100.1.234 8.8.8.8
Tcpip\..\Interfaces\{a565a784-5893-44f0-8f07-b158c7da16a2}: [DhcpNameServer] 185.156.172.178 185.93.180.131 83.143.245.42

Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-04] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-04] (Oracle Corporation)

FireFox:
========
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-29] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-29] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-04] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-01-20] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-01-20] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-29] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-3172571655-639990-1623613506-1001: @my.com/Games -> C:\Users\Kuba\AppData\Local\MyComGames\NPMyComDetector.dll [2017-03-09] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-3172571655-639990-1623613506-1001: @nsroblox.roblox.com/launcher -> C:\Users\Kuba\AppData\Local\Roblox\Versions\version-29af4e59992d47ba\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3172571655-639990-1623613506-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\Kuba\AppData\Local\Roblox\Versions\version-29af4e59992d47ba\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default [2017-04-20]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-03-23]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-03-23]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-03-23]

Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [91184 2017-05-03] (CyberGhost S.R.L)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2016-12-29] (Foxit Software Inc.)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2604664 2017-03-01] (AnchorFree Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [464440 2017-01-20] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [671696 2016-12-10] (Wacom Technology, Corp.)
S2 NVIDIA Wireless Controller Service; "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AFTrafMgr1.2; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_2_64.sys [57272 2017-02-16] (AnchorFree Inc.)
R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [44648 2015-09-18] (AnchorFree Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2017-02-04] (REALiX(tm))
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_02838dee03d82b94\nvlddmkm.sys [14427064 2017-01-21] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42064 2017-02-09] (Anchorfree Inc.)
S3 WacHidRouterPro; C:\Windows\System32\drivers\wachidrouter.sys [119448 2016-12-06] (Wacom Technology)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-20 12:51 - 2017-05-20 12:51 - 00016594 _____ C:\Users\Kuba\Desktop\FRST.txt
2017-05-20 12:49 - 2017-05-20 12:49 - 00112640 _____ (forum.viry.cz) C:\Users\Kuba\Desktop\FRSTLauncher.exe
2017-05-20 12:46 - 2017-05-20 12:51 - 00000000 ____D C:\FRST
2017-05-20 12:45 - 2017-05-20 12:46 - 02429952 _____ (Farbar) C:\Users\Kuba\Desktop\FRST64.exe
2017-05-20 11:44 - 2017-05-20 11:44 - 00062200 _____ C:\Users\Kuba\Downloads\You only live once (1).pdf
2017-05-20 11:35 - 2017-05-20 11:35 - 00000000 ____D C:\Users\Kuba\AppData\LocalLow\BitTorrent
2017-05-20 11:31 - 2017-05-20 11:33 - 00000000 ____D C:\AdwCleaner
2017-05-20 11:29 - 2017-05-20 11:31 - 04110280 _____ C:\Users\Kuba\Desktop\adwcleaner_6.047.exe
2017-05-20 08:47 - 2017-05-20 08:47 - 01329152 _____ C:\Users\Kuba\Desktop\RSITx64.exe
2017-05-20 08:47 - 2017-05-20 08:47 - 00000000 ____D C:\rsit
2017-05-20 08:47 - 2017-05-20 08:47 - 00000000 ____D C:\Program Files\trend micro
2017-05-19 14:51 - 2017-05-19 14:51 - 00111509 _____ C:\Users\Kuba\Downloads\Love_The_Way_You_Lie_Part_2_-_Rihanna__Eminem_full_version_with_lyrics.pdf
2017-05-17 21:50 - 2017-05-17 21:50 - 08531713 _____ C:\Users\Kuba\Desktop\asdasdasdasd.psd
2017-05-08 10:12 - 2017-05-08 12:41 - 00000000 ____D C:\Users\Kuba\AppData\Local\CyberGhost
2017-05-08 10:12 - 2017-05-08 10:12 - 00001769 _____ C:\Users\Kuba\Desktop\CyberGhost 6.lnk
2017-05-08 10:12 - 2017-05-08 10:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 6
2017-05-08 10:12 - 2017-05-08 10:12 - 00000000 ____D C:\Program Files\TAP-Windows
2017-05-08 10:12 - 2017-05-08 10:12 - 00000000 ____D C:\Program Files\CyberGhost 6
2017-05-08 10:11 - 2017-05-08 10:11 - 08013944 _____ (CyberGhost S.R.L. ) C:\Users\Kuba\Desktop\CyberGhost_6.0.7.2738.exe
2017-05-07 20:08 - 2017-05-07 20:08 - 563697338 _____ C:\Windows\MEMORY.DMP
2017-05-07 12:40 - 2017-05-07 12:40 - 00486802 _____ C:\Users\Kuba\Downloads\No_Game_No_Life_-_This_Game_-_Piano.pdf
2017-05-06 23:45 - 2017-05-06 23:45 - 00001239 _____ C:\Users\Kuba\Desktop\ROBLOX Studio.lnk
2017-05-06 23:45 - 2017-05-06 23:45 - 00000047 _____ C:\Users\Kuba\AppData\LocalLow\rbxcsettings.rbx
2017-05-06 23:45 - 2017-05-06 23:45 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-05-06 23:45 - 2017-05-06 23:45 - 00000000 ____D C:\Users\Kuba\AppData\Local\Roblox
2017-05-06 09:47 - 2017-05-07 13:04 - 04818463 _____ C:\Users\Kuba\Desktop\faces.psd
2017-05-06 09:20 - 2017-05-06 18:53 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\.purple
2017-05-06 09:20 - 2017-05-06 09:20 - 00001056 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pidgin.lnk
2017-05-06 09:20 - 2017-05-06 09:20 - 00000000 ____D C:\Program Files (x86)\Pidgin
2017-05-05 21:23 - 2017-05-05 21:23 - 00062200 _____ C:\Users\Kuba\Downloads\You only live once.pdf
2017-05-04 21:47 - 2017-05-04 22:26 - 00014785 _____ C:\Users\Kuba\Desktop\fyzikaprotkol.odt
2017-05-02 17:06 - 2017-05-02 17:06 - 20538780 _____ C:\Users\Kuba\Desktop\link.psd
2017-04-30 21:32 - 2017-04-30 21:32 - 04969008 _____ C:\Users\Kuba\Desktop\ukol.rar
2017-04-30 20:26 - 2017-05-06 09:15 - 00000000 ____D C:\Users\Kuba\Desktop\galeie
2017-04-30 15:26 - 2017-05-06 18:03 - 00000000 ____D C:\Users\Kuba\Desktop\ukol
2017-04-30 15:22 - 2017-04-30 15:26 - 00002757 _____ C:\Users\Kuba\Downloads\1493558532.zip
2017-04-30 15:04 - 2017-04-30 15:04 - 00501872 _____ C:\Users\Kuba\Desktop\ZaverecnaPrace1.pdf
2017-04-29 10:54 - 2017-05-03 17:03 - 81823847 _____ C:\Users\Kuba\Desktop\riven.psd
2017-04-28 15:48 - 2017-04-28 15:48 - 00143745 _____ C:\Users\Kuba\Downloads\Fifty_Shades_Darker_Taylor_Swift__ZAYN_-_I_Dont_Wanna_Live_Forever.pdf
2017-04-21 20:54 - 2017-04-21 20:56 - 76967771 _____ C:\Users\Kuba\Desktop\my_brushes__by_knkl-d5mhbww (1).abr
2017-04-21 20:32 - 2017-04-21 20:32 - 00701990 _____ C:\Users\Kuba\Desktop\bitch mf.PSD
2017-04-21 19:47 - 2017-04-21 19:47 - 00124477 _____ C:\Users\Kuba\Downloads\Highlights (1).abr
2017-04-21 19:47 - 2017-04-21 19:47 - 00026502 _____ C:\Users\Kuba\Downloads\Texture_Rossdraws (3).abr
2017-04-21 19:47 - 2017-04-21 19:47 - 00026502 _____ C:\Users\Kuba\Downloads\Texture_Rossdraws (2).abr
2017-04-21 17:12 - 2017-04-21 17:12 - 00124477 _____ C:\Users\Kuba\Downloads\Highlights.abr
2017-04-21 17:11 - 2017-04-21 17:11 - 00026502 _____ C:\Users\Kuba\Downloads\Texture_Rossdraws.abr
2017-04-21 17:11 - 2017-04-21 17:11 - 00026502 _____ C:\Users\Kuba\Downloads\Texture_Rossdraws (1).abr
2017-04-20 16:13 - 2017-04-22 20:15 - 17649276 _____ C:\Users\Kuba\Desktop\FIO.psd
2017-04-20 11:51 - 2017-04-20 11:51 - 05405623 _____ C:\Users\Kuba\Desktop\fail.psd
2017-04-20 10:12 - 2017-04-20 10:13 - 00000000 ____D C:\Users\Kuba\Desktop\Nová složka (2)
2017-04-20 10:03 - 2017-04-20 10:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom
2017-04-20 10:03 - 2017-04-20 10:03 - 00000000 ____D C:\Program Files\TabletPlugins
2017-04-20 10:03 - 2014-08-19 21:12 - 01991448 ____N (Wacom Technology, Corp.) C:\Windows\system32\Pen_Tablet.dll
2017-04-20 10:03 - 2014-08-19 21:12 - 01984792 ____N (Wacom Technology, Corp.) C:\Windows\system32\Pen_Touch_Tablet.dll
2017-04-20 10:03 - 2014-08-19 21:12 - 01614104 ____N (Wacom Technology, Corp.) C:\Windows\SysWOW64\Pen_Tablet.dll
2017-04-20 10:03 - 2014-08-19 21:12 - 01607448 ____N (Wacom Technology, Corp.) C:\Windows\SysWOW64\Pen_Touch_Tablet.dll
2017-04-20 09:40 - 2017-04-20 09:40 - 00001420 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2017-04-20 09:40 - 2017-04-20 09:40 - 00000000 ____D C:\Users\Public\Foxit Software
2017-04-20 09:40 - 2017-04-20 09:40 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Foxit Software
2017-04-20 09:40 - 2017-04-20 09:40 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Foxit AgentInformation
2017-04-20 09:40 - 2017-04-20 09:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2017-04-20 09:40 - 2017-04-20 09:40 - 00000000 ____D C:\ProgramData\Foxit Software
2017-04-20 09:40 - 2017-04-20 09:40 - 00000000 ____D C:\ProgramData\Foxit ContentPlatform
2017-04-20 09:40 - 2017-04-20 09:40 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2017-04-20 09:37 - 2017-04-20 09:39 - 53897232 _____ (Foxit Software Inc. ) C:\Users\Kuba\Desktop\FoxitReader82_enu_Setup_clean.exe
2017-04-20 09:36 - 2017-03-16 14:12 - 00690108 _____ C:\Users\Kuba\Desktop\klinicka_farmakologie_pro_sestry-slais-2012.pdf
2017-04-20 09:34 - 2017-04-20 09:34 - 00589809 _____ C:\Users\Kuba\Downloads\Farmakologie-20170420.zip
2017-04-20 09:34 - 2017-04-20 09:34 - 00589809 _____ C:\Users\Kuba\Downloads\Farmakologie-20170420 (4).zip
2017-04-20 09:34 - 2017-04-20 09:34 - 00589809 _____ C:\Users\Kuba\Downloads\Farmakologie-20170420 (3).zip
2017-04-20 09:34 - 2017-04-20 09:34 - 00589809 _____ C:\Users\Kuba\Downloads\Farmakologie-20170420 (2).zip
2017-04-20 09:34 - 2017-04-20 09:34 - 00589809 _____ C:\Users\Kuba\Downloads\Farmakologie-20170420 (1).zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-20 12:50 - 2017-03-09 15:39 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\BitTorrent
2017-05-20 12:48 - 2017-02-04 14:09 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Skype
2017-05-20 12:30 - 2017-02-04 14:02 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-05-20 12:25 - 2017-02-04 14:24 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-20 11:47 - 2016-07-16 13:36 - 00000000 ____D C:\Windows\CbsTemp
2017-05-20 11:43 - 2017-02-04 14:07 - 00000000 ____D C:\Users\Kuba
2017-05-20 11:40 - 2017-02-04 21:14 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Seznam.cz
2017-05-20 11:40 - 2017-02-04 14:11 - 02847874 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-20 11:40 - 2016-07-17 00:25 - 01157096 _____ C:\Windows\system32\perfh005.dat
2017-05-20 11:40 - 2016-07-17 00:25 - 00302884 _____ C:\Windows\system32\perfc005.dat
2017-05-20 11:38 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-20 11:38 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\AppReadiness
2017-05-20 11:35 - 2017-03-09 00:04 - 00000000 ____D C:\Users\Kuba\AppData\Local\MyComGames
2017-05-20 11:34 - 2017-02-04 14:04 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-20 11:34 - 2016-07-16 08:04 - 00262144 _____ C:\Windows\system32\config\BBI
2017-05-20 08:35 - 2017-02-04 14:15 - 00003958 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1486210545
2017-05-20 08:35 - 2017-02-04 14:15 - 00001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-05-20 08:35 - 2017-02-04 14:12 - 00000000 ____D C:\Program Files\Opera
2017-05-16 21:50 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\appraiser
2017-05-16 15:42 - 2017-03-22 20:18 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-16 15:42 - 2017-03-22 20:18 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-13 13:25 - 2017-02-05 13:56 - 00000000 ____D C:\Users\Kuba\AppData\Local\CrashDumps
2017-05-11 16:28 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\NDF
2017-05-10 17:22 - 2017-02-04 21:32 - 00000000 ____D C:\Windows\system32\MRT
2017-05-10 17:20 - 2017-02-04 21:32 - 156335152 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-05-09 15:42 - 2017-03-12 18:32 - 85164279 _____ C:\Users\Kuba\Desktop\guweiz.psd
2017-05-09 15:36 - 2017-03-22 20:17 - 00004664 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-05-09 15:36 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-05-09 15:36 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\Macromed
2017-05-08 10:12 - 2017-02-04 14:07 - 00000000 ____D C:\Users\Kuba\AppData\Local\VirtualStore
2017-05-08 10:12 - 2016-07-16 13:45 - 00000000 ____D C:\Windows\INF
2017-05-07 20:08 - 2017-02-10 19:46 - 00000000 ____D C:\Windows\Minidump
2017-05-03 16:35 - 2017-02-04 14:07 - 00000000 ____D C:\Users\Kuba\AppData\Local\Packages
2017-05-01 11:10 - 2017-04-12 18:41 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\WhatsApp
2017-04-29 07:19 - 2017-03-22 20:17 - 00003470 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-29 07:19 - 2017-03-22 20:17 - 00003346 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-29 02:59 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-04-29 02:59 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-23 08:54 - 2017-03-26 14:46 - 46943708 _____ C:\Users\Kuba\Desktop\velvet crow.psd
2017-04-20 10:03 - 2017-02-07 21:52 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\WTablet
2017-04-20 10:03 - 2017-02-07 21:51 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2017-04-20 10:03 - 2017-02-06 23:05 - 00000000 ____D C:\Program Files\Tablet

==================== Files in the root of some directories =======

2009-09-04 19:00 - 2009-09-04 19:00 - 1347354 _____ () C:\Program Files\Apr2005_d3dx9_25_x64.cab
2009-09-04 19:00 - 2009-09-04 19:00 - 1078954 _____ () C:\Program Files\Apr2005_d3dx9_25_x86.cab
2009-09-04 19:00 - 2009-09-04 19:00 - 1397822 _____ () C:\Program Files\Apr2006_d3dx9_30_x64.cab
2009-09-04 19:00 - 2009-09-04 19:00 - 1115221 _____ () C:\Program Files\Apr2006_d3dx9_30_x86.cab
2009-09-04 19:00 - 2009-09-04 19:00 - 0916430 _____ () C:\Program Files\Apr2006_MDX1_x86.cab
2009-09-04 19:00 - 2009-09-04 19:00 - 4162630 _____ () C:\Program Files\Apr2006_MDX1_x86_Archive.cab
2009-09-04 19:00 - 2009-09-04 19:00 - 0179125 _____ () C:\Program Files\Apr2006_XACT_x64.cab
2009-09-04 19:00 - 2009-09-04 19:00 - 0133095 _____ () C:\Program Files\Apr2006_XACT_x86.cab
2009-09-04 19:00 - 2009-09-04 19:00 - 0087101 _____ () C:\Program Files\Apr2006_xinput_x64.cab
2009-09-04 19:00 - 2009-09-04 19:00 - 0046002 _____ () C:\Program Files\Apr2006_xinput_x86.cab
2009-09-04 19:00 - 2009-09-04 19:00 - 0698612 _____ () C:\Program Files\APR2007_d3dx10_33_x64.cab
2009-09-04 19:00 - 2009-09-04 19:00 - 0695857 _____ () C:\Program Files\APR2007_d3dx10_33_x86.cab
2009-09-04 19:00 - 2009-09-04 19:00 - 1607358 _____ () C:\Program Files\APR2007_d3dx9_33_x64.cab
2009-09-04 19:00 - 2009-09-04 19:00 - 1606031 _____ () C:\Program Files\APR2007_d3dx9_33_x86.cab
2009-09-04 19:00 - 2009-09-04 19:00 - 0195758 _____ () C:\Program Files\APR2007_XACT_x64.cab
2009-09-04 19:00 - 2009-09-04 19:00 - 0151225 _____ () C:\Program Files\APR2007_XACT_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0096817 _____ () C:\Program Files\APR2007_xinput_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0053294 _____ () C:\Program Files\APR2007_xinput_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1350534 _____ () C:\Program Files\Aug2005_d3dx9_27_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1077644 _____ () C:\Program Files\Aug2005_d3dx9_27_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0182903 _____ () C:\Program Files\AUG2006_XACT_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0137235 _____ () C:\Program Files\AUG2006_XACT_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0087142 _____ () C:\Program Files\AUG2006_xinput_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0046058 _____ () C:\Program Files\AUG2006_xinput_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0852286 _____ () C:\Program Files\AUG2007_d3dx10_35_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0796859 _____ () C:\Program Files\AUG2007_d3dx10_35_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1800152 _____ () C:\Program Files\AUG2007_d3dx9_35_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1708144 _____ () C:\Program Files\AUG2007_d3dx9_35_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0198088 _____ () C:\Program Files\AUG2007_XACT_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0153004 _____ () C:\Program Files\AUG2007_XACT_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0867604 _____ () C:\Program Files\Aug2008_d3dx10_39_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0849167 _____ () C:\Program Files\Aug2008_d3dx10_39_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1794076 _____ () C:\Program Files\Aug2008_d3dx9_39_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1464664 _____ () C:\Program Files\Aug2008_d3dx9_39_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0121764 _____ () C:\Program Files\Aug2008_XACT_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0092996 _____ () C:\Program Files\Aug2008_XACT_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0271404 _____ () C:\Program Files\Aug2008_XAudio_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0271038 _____ () C:\Program Files\Aug2008_XAudio_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0919036 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0900598 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 3112103 _____ () C:\Program Files\Aug2009_d3dcsx_42_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 3319732 _____ () C:\Program Files\Aug2009_d3dcsx_42_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0232635 _____ () C:\Program Files\Aug2009_d3dx10_42_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0192131 _____ () C:\Program Files\Aug2009_d3dx10_42_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0136301 _____ () C:\Program Files\Aug2009_d3dx11_42_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0105036 _____ () C:\Program Files\Aug2009_d3dx11_42_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0930108 _____ () C:\Program Files\Aug2009_d3dx9_42_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0728456 _____ () C:\Program Files\Aug2009_d3dx9_42_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0122408 _____ () C:\Program Files\Aug2009_XACT_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0093098 _____ () C:\Program Files\Aug2009_XACT_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0273264 _____ () C:\Program Files\Aug2009_XAudio_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0272634 _____ () C:\Program Files\Aug2009_XAudio_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1155483 _____ () C:\Program Files\BDANT.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0975148 _____ () C:\Program Files\BDAXP.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1357968 _____ () C:\Program Files\Dec2005_d3dx9_28_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1079448 _____ () C:\Program Files\Dec2005_d3dx9_28_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0212799 _____ () C:\Program Files\DEC2006_d3dx10_00_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0191712 _____ () C:\Program Files\DEC2006_d3dx10_00_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1571154 _____ () C:\Program Files\DEC2006_d3dx9_32_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1574376 _____ () C:\Program Files\DEC2006_d3dx9_32_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0192467 _____ () C:\Program Files\DEC2006_XACT_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0145591 _____ () C:\Program Files\DEC2006_XACT_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0094024 _____ (Microsoft Corporation) C:\Program Files\DSETUP.dll
2009-09-04 19:01 - 2009-09-04 19:01 - 1691464 _____ (Microsoft Corporation) C:\Program Files\dsetup32.dll
2009-09-04 19:01 - 2009-09-04 19:01 - 0044440 _____ () C:\Program Files\dxdllreg_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 13264168 _____ () C:\Program Files\dxnt.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0525656 _____ (Microsoft Corporation) C:\Program Files\DXSETUP.exe
2009-09-04 19:01 - 2009-09-04 19:01 - 0095637 _____ () C:\Program Files\dxupdate.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1247499 _____ () C:\Program Files\Feb2005_d3dx9_24_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1013225 _____ () C:\Program Files\Feb2005_d3dx9_24_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1362796 _____ () C:\Program Files\Feb2006_d3dx9_29_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1084712 _____ () C:\Program Files\Feb2006_d3dx9_29_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0178359 _____ () C:\Program Files\Feb2006_XACT_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0132409 _____ () C:\Program Files\Feb2006_XACT_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0194667 _____ () C:\Program Files\FEB2007_XACT_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0147983 _____ () C:\Program Files\FEB2007_XACT_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1336002 _____ () C:\Program Files\Jun2005_d3dx9_26_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1064925 _____ () C:\Program Files\Jun2005_d3dx9_26_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0180777 _____ () C:\Program Files\JUN2006_XACT_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0133663 _____ () C:\Program Files\JUN2006_XACT_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0699044 _____ () C:\Program Files\JUN2007_d3dx10_34_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0698464 _____ () C:\Program Files\JUN2007_d3dx10_34_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1607766 _____ () C:\Program Files\JUN2007_d3dx9_34_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1607278 _____ () C:\Program Files\JUN2007_d3dx9_34_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0197114 _____ () C:\Program Files\JUN2007_XACT_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0152901 _____ () C:\Program Files\JUN2007_XACT_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0867828 _____ () C:\Program Files\JUN2008_d3dx10_38_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0849919 _____ () C:\Program Files\JUN2008_d3dx10_38_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1792600 _____ () C:\Program Files\JUN2008_d3dx9_38_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1463878 _____ () C:\Program Files\JUN2008_d3dx9_38_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0055154 _____ () C:\Program Files\JUN2008_X3DAudio_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0021905 _____ () C:\Program Files\JUN2008_X3DAudio_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0121054 _____ () C:\Program Files\JUN2008_XACT_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0093128 _____ () C:\Program Files\JUN2008_XACT_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0269620 _____ () C:\Program Files\JUN2008_XAudio_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0269016 _____ () C:\Program Files\JUN2008_XAudio_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0844884 _____ () C:\Program Files\Mar2008_d3dx10_37_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0818260 _____ () C:\Program Files\Mar2008_d3dx10_37_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1769862 _____ () C:\Program Files\Mar2008_d3dx9_37_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1443274 _____ () C:\Program Files\Mar2008_d3dx9_37_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0055050 _____ () C:\Program Files\Mar2008_X3DAudio_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0021867 _____ () C:\Program Files\Mar2008_X3DAudio_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0122336 _____ () C:\Program Files\Mar2008_XACT_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0093726 _____ () C:\Program Files\Mar2008_XACT_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0251186 _____ () C:\Program Files\Mar2008_XAudio_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0226242 _____ () C:\Program Files\Mar2008_XAudio_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1067160 _____ () C:\Program Files\Mar2009_d3dx10_41_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1040737 _____ () C:\Program Files\Mar2009_d3dx10_41_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1973702 _____ () C:\Program Files\Mar2009_d3dx9_41_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1612446 _____ () C:\Program Files\Mar2009_d3dx9_41_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0054600 _____ () C:\Program Files\Mar2009_X3DAudio_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0021298 _____ () C:\Program Files\Mar2009_X3DAudio_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0121506 _____ () C:\Program Files\Mar2009_XACT_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0092732 _____ () C:\Program Files\Mar2009_XACT_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0275036 _____ () C:\Program Files\Mar2009_XAudio_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0273010 _____ () C:\Program Files\Mar2009_XAudio_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0864600 _____ () C:\Program Files\Nov2007_d3dx10_36_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0803876 _____ () C:\Program Files\Nov2007_d3dx10_36_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1802058 _____ () C:\Program Files\Nov2007_d3dx9_36_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1709360 _____ () C:\Program Files\Nov2007_d3dx9_36_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0046144 _____ () C:\Program Files\NOV2007_X3DAudio_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0018496 _____ () C:\Program Files\NOV2007_X3DAudio_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0196754 _____ () C:\Program Files\NOV2007_XACT_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0148264 _____ () C:\Program Files\NOV2007_XACT_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0994154 _____ () C:\Program Files\Nov2008_d3dx10_40_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0965421 _____ () C:\Program Files\Nov2008_d3dx10_40_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1906870 _____ () C:\Program Files\Nov2008_d3dx9_40_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1550796 _____ () C:\Program Files\Nov2008_d3dx9_40_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0054522 _____ () C:\Program Files\Nov2008_X3DAudio_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0021843 _____ () C:\Program Files\Nov2008_X3DAudio_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0121786 _____ () C:\Program Files\Nov2008_XACT_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0092676 _____ () C:\Program Files\Nov2008_XACT_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0273960 _____ () C:\Program Files\Nov2008_XAudio_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0272603 _____ () C:\Program Files\Nov2008_XAudio_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0086029 _____ () C:\Program Files\Oct2005_xinput_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0045351 _____ () C:\Program Files\Oct2005_xinput_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1412894 _____ () C:\Program Files\OCT2006_d3dx9_31_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 1127209 _____ () C:\Program Files\OCT2006_d3dx9_31_x86.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0182361 _____ () C:\Program Files\OCT2006_XACT_x64.cab
2009-09-04 19:01 - 2009-09-04 19:01 - 0138009 _____ () C:\Program Files\OCT2006_XACT_x86.cab
2017-02-16 20:17 - 2017-02-16 20:17 - 0000063 _____ () C:\Users\Kuba\AppData\Local\emaildefaults
2017-02-16 21:37 - 2017-02-16 21:37 - 0000418 _____ () C:\Users\Kuba\AppData\Local\karboncalligraphyrc
2017-02-16 20:16 - 2017-02-16 21:42 - 0015622 _____ () C:\Users\Kuba\AppData\Local\kritarc

Some files in TEMP:
====================
2017-03-21 07:30 - 2017-03-25 10:40 - 14456872 _____ (Microsoft Corporation) C:\Users\Kuba\AppData\Local\Temp\vc_redist.x86.exe
2017-05-18 16:39 - 2017-05-18 16:39 - 0534528 _____ () C:\Users\Kuba\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Users\Kuba\Desktop\Obrázek (2).jpg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Kuba\Desktop\Obrázek (2).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Kuba\Desktop\Obrázek.jpg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Kuba\Desktop\Obrázek.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Kuba\Desktop" je 3496 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
C:\Users\Kuba\AppData\Local\MyComGames
HKU\S-1-5-21-3172571655-639990-1623613506-1001\...\Run: [MyComGames] => C:\Users\Kuba\AppData\Local\MyComGames\MyComGames.exe [5415824 2017-05-15] (MY.COM B.V.)
HKU\S-1-5-21-3172571655-639990-1623613506-1001\...\MountPoints2: {f49e0bfb-2543-11e7-a368-0025228bee7e} - "D:\Startup.exe"
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Kuba\AppData\Local\Temp
AlternateDataStreams: C:\Users\Kuba\Desktop\Obrázek (2).jpg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Kuba\Desktop\Obrázek (2).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Kuba\Desktop\Obrázek.jpg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Kuba\Desktop\Obrázek.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
Task: {E6E41D0F-E277-4CE9-94EF-239102D274B8} - System32\Tasks\{79ED538B-0FFC-445C-B719-E9350374CFF6} => pcalua.exe -a "C:\Program Files\Tablet\Pen\32\Remove.exe" -c /u

EmptyTemp:
ResetHosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\Kuba\Desktop" je 3496 MB.

To je příliš mnoho a může to způsobovat zpomalení startu systému. Vytvořte v C:\Users\Kuba novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.

[EcolsX]

Mockrát děkuji za dosavadní odezvu, zde přikládám log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-05-2017
Ran by Kuba (20-05-2017 17:34:13) Run:1
Running from C:\Users\Kuba\Desktop
Loaded Profiles: Kuba (Available Profiles: defaultuser0 & Kuba)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
C:\Users\Kuba\AppData\Local\MyComGames
HKU\S-1-5-21-3172571655-639990-1623613506-1001\...\Run: [MyComGames] => C:\Users\Kuba\AppData\Local\MyComGames\MyComGames.exe [5415824 2017-05-15] (MY.COM B.V.)
HKU\S-1-5-21-3172571655-639990-1623613506-1001\...\MountPoints2: {f49e0bfb-2543-11e7-a368-0025228bee7e} - "D:\Startup.exe"
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Kuba\AppData\Local\Temp
AlternateDataStreams: C:\Users\Kuba\Desktop\Obr�zek (2).jpg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Kuba\Desktop\Obr�zek (2).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Kuba\Desktop\Obr�zek.jpg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Kuba\Desktop\Obr�zek.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
Task: {E6E41D0F-E277-4CE9-94EF-239102D274B8} - System32\Tasks\{79ED538B-0FFC-445C-B719-E9350374CFF6} => pcalua.exe -a "C:\Program Files\Tablet\Pen\32\Remove.exe" -c /u

EmptyTemp:
ResetHosts:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
C:\Users\Kuba\AppData\Local\MyComGames => moved successfully
HKU\S-1-5-21-3172571655-639990-1623613506-1001\Software\Microsoft\Windows\CurrentVersion\Run\\MyComGames => value removed successfully
HKU\S-1-5-21-3172571655-639990-1623613506-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f49e0bfb-2543-11e7-a368-0025228bee7e} => key removed successfully
HKCR\CLSID\{f49e0bfb-2543-11e7-a368-0025228bee7e} => key not found.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully

"C:\Users\Kuba\AppData\Local\Temp" folder move:

Could not move "C:\Users\Kuba\AppData\Local\Temp" => Scheduled to move on reboot.

C:\Users\Kuba\Desktop\Obrázek (2).jpg => ":3or4kl4x13tuuug3Byamue2s4b" ADS removed successfully.
C:\Users\Kuba\Desktop\Obrázek (2).jpg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully.
C:\Users\Kuba\Desktop\Obrázek.jpg => ":3or4kl4x13tuuug3Byamue2s4b" ADS removed successfully.
C:\Users\Kuba\Desktop\Obrázek.jpg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E6E41D0F-E277-4CE9-94EF-239102D274B8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6E41D0F-E277-4CE9-94EF-239102D274B8} => key removed successfully
C:\Windows\System32\Tasks\{79ED538B-0FFC-445C-B719-E9350374CFF6} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{79ED538B-0FFC-445C-B719-E9350374CFF6} => key removed successfully
ResetHosts: => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 1128495 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 27785075 B
Java, Flash, Steam htmlcache => 24316442 B
Windows/system/drivers => 93301398 B
Edge => 246678193 B
Chrome => 5792232 B
Firefox => 0 B
Opera => 327396167 B

Temp, IE cache, history, cookies, recent:
Default => 7040 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 1605952 B
systemprofile32 => 0 B
LocalService => 20480 B
NetworkService => 21436 B
defaultuser0 => 128 B
Kuba => 19570187073 B

RecycleBin => 4415352 B
EmptyTemp: => 18.9 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 20-05-2017 17:36:39)

C:\Users\Kuba\AppData\Local\Temp => moved successfully

==== End of Fixlog 17:36:39 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[EcolsX]

Ano, internet zase běží v pořádku. Mockrát děkuji za pomoc.

[Rudy]

To jsem rád. Nemáte zač!