VIRY.CZ

info.txt logfile of random's system information tool 1.10 2018-02-03 10:36:19

======MBR======

0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000C0944702000000000200EEFE7F0001000000FFFFFFFF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

-->RunDll32 C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1F561AD0-55E0-4B00-9429-C727DD525977}\setup.exe" -l0x9
-->RunDll32 C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1F561AD0-55E0-4B00-9429-C727DD525977}\setup.exe" -l0x9 /remove
-->RunDll32 C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{80D92E50-9674-44B6-8513-853AB60030A0}\setup.exe" -l0x9
-->RunDll32 C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{80D92E50-9674-44B6-8513-853AB60030A0}\setup.exe" -l0x9 /remove
-->RunDll32 C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x9
-->RunDll32 C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x9 /remove
-->RunDll32 C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A11DFDF1-93CD-40DD-84AB-ECEB55A766F4}\setup.exe" -l0x9
-->RunDll32 C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A11DFDF1-93CD-40DD-84AB-ECEB55A766F4}\setup.exe" -l0x9 /remove
12 is Better Than 6-->"Z:\Steam\steam.exe" steam://uninstall/410110
500 Years Act 1-->"Z:\Steam\steam.exe" steam://uninstall/357200
7-Zip 16.00-->C:\Program Files (x86)\7-Zip\Uninstall.exe
AC3Filter 2.6.0b-->"C:\Program Files (x86)\AC3Filter\unins000.exe"
Adobe Acrobat Reader DC - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AC0F074E4100}
Adobe Flash Player 28 PPAPI-->C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe -maintain pepperplugin
Adobe Photoshop CC 2015-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{793C2BF7-A4FE-4608-91C9-9282C5801C21}"
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001824245926}
Aljaska v nesnazich - SE v.2017-->d:\Program Files (x86)\Helping Hands\Aljaska v nesnazich - SE\Uninstall.exe
Amnesia: The Dark Descent-->"Z:\Steam\steam.exe" steam://uninstall/57300
Arduino-->"C:\Program Files (x86)\Arduino\uninstall.exe"
arduino-create-agent-->C:\Users\Ententeak\AppData\Roaming\ArduinoCreateAgent-1.1\uninstall.exe
ASUS Download Master Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{8722B86D-2664-4C75-B307-892C3855F54C}\setup.exe" -runfromtemp -l0x0409 -removeonly
ASUS Wireless Router Device Discovery Utility-->C:\Program Files (x86)\InstallShield Installation Information\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}\setup.exe -runfromtemp -l0x0005 -removeonly
Audiosurf-->"Z:\Steam\steam.exe" steam://uninstall/12900
AVer MediaCenter 3D-->C:\Program Files (x86)\InstallShield Installation Information\{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}\setup.exe -runfromtemp -l0x0409
AVerMedia H727 PCIe Hybrid DVBT HDMI Capture Device 1.54.64.42-->C:\Program Files (x86)\AVerMedia\AVerMedia H727 PCIe Hybrid DVBT HDMI Capture Device\uninst.exe
Bass Audio Decoder (remove only)-->"C:\Program Files (x86)\Bass Audio Decoder\uninstall.exe"
Battle.net-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=enUS --uid=battle.net --displayname="Battle.net"
Blender 2.78-->"Z:\Steam\steam.exe" steam://uninstall/365670
Bloody6-->"C:\ProgramData\Microsoft\Windows\Templates\Bloody6\Setup.exe" uninstall
Burnout Paradise: The Ultimate Box-->"Z:\Steam\steam.exe" steam://uninstall/24740
Caladrius Blaze-->"Z:\Steam\steam.exe" steam://uninstall/386770
Car Mechanic Simulator 2014-->"Z:\Steam\steam.exe" steam://uninstall/270850
CASE: Animatronics-->"Z:\Steam\steam.exe" steam://uninstall/489360
Catlateral Damage-->"Z:\Steam\steam.exe" steam://uninstall/329860
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Cinemaware Anthology: 1986-1991-->"Z:\Steam\steam.exe" steam://uninstall/326590
Command & Conquer™ 3 Tiberium Wars and Kane's Wrath-->"C:\Program Files (x86)\Common Files\EAInstaller\Command and Conquer 3 TW and KW\Cleanup.exe" uninstall_game -autologging -keepMaintenanceLog
Command & Conquer™ 4 Tiberian Twilight-->MsiExec.exe /X{82696435-8572-4D8B-A230-D1AA567D0F0F}
Command & Conquer™ and The Covert Operations™-->"C:\Program Files (x86)\Common Files\EAInstaller\CNC and The Covert Operations\Cleanup.exe" uninstall_game -autologging -keepMaintenanceLog
Command & Conquer™ Red Alert 2 and Yuri’s Revenge-->"C:\Program Files (x86)\Common Files\EAInstaller\Command and Conquer Red Alert II\Cleanup.exe" uninstall_game -autologging -keepMaintenanceLog
Command & Conquer™ Red Alert, Counterstrike and The Aftermath-->"C:\Program Files (x86)\Common Files\EAInstaller\Command and Conquer Red Alert\Cleanup.exe" uninstall_game -autologging -keepMaintenanceLog
Command & Conquer™ Red Alert™ 3 and Uprising-->"C:\Program Files (x86)\Common Files\EAInstaller\Command and Conquer Red Alert 3\Cleanup.exe" uninstall_game -autologging -keepMaintenanceLog
Command & Conquer™ The Ultimate Collection Additional Content-->"C:\Program Files (x86)\Common Files\EAInstaller\Command and Conquer The Ultimate Collection Additional Content\Cleanup.exe" uninstall_game -autologging -keepMaintenanceLog
Command & Conquer™ Tiberian Sun™ and Firestorm™-->"C:\Program Files (x86)\Common Files\EAInstaller\Command and Conquer Tiberian Sun\Cleanup.exe" uninstall_game -autologging -keepMaintenanceLog
Command & Conquer™: Generals and Zero Hour-->"C:\Program Files (x86)\Common Files\EAInstaller\Command and Conquer Generals Zero Hour\Cleanup.exe" uninstall_game -autologging -keepMaintenanceLog
Convoy-->"Z:\Steam\steam.exe" steam://uninstall/318230
Crowntakers-->"Z:\Steam\steam.exe" steam://uninstall/294370
CrystalDiskInfo 7.0.4-->"C:\Program Files (x86)\CrystalDiskInfo\unins000.exe"
DARK-->"Z:\Steam\steam.exe" steam://uninstall/225360
DCoder Image Source (remove only)-->"C:\Program Files (x86)\DCoder Image Source\uninstall.exe"
Deadpool-->"Z:\Steam\steam.exe" steam://uninstall/224060
Detective Hayseed - Hollywood-->"Z:\Steam\steam.exe" steam://uninstall/504380
DirectVobSub (remove only)-->"C:\Program Files (x86)\DirectVobSub\uninstall.exe"
DiRT 3 Complete Edition-->"Z:\Steam\steam.exe" steam://uninstall/321040
Dishonored RHCP-->"Z:\Steam\steam.exe" steam://uninstall/217980
DmC Devil May Cry-->"Z:\Steam\steam.exe" steam://uninstall/220440
Doki Doki Literature Club-->"Z:\Steam\steam.exe" steam://uninstall/698780
Drawful 2-->"Z:\Steam\steam.exe" steam://uninstall/442070
Dropbox Update Helper-->MsiExec.exe /I{099218A5-A723-43DC-8DB5-6173656A1E94}
Dropbox-->"C:\Program Files (x86)\Dropbox\Client\DropboxUninstaller.exe" /InstallType:MACHINE
Duke Nukem 3D: Megaton Edition-->"Z:\Steam\steam.exe" steam://uninstall/225140
Dungelot : Shattered Lands-->"Z:\Steam\steam.exe" steam://uninstall/403940
DUNGEONS - Steam Special Edition-->"Z:\Steam\steam.exe" steam://uninstall/57650
Dustforce-->"Z:\Steam\steam.exe" steam://uninstall/65300
DVD Decrypter (Remove Only)-->"C:\Program Files (x86)\DVD Decrypter\uninstall.exe"
DVD Shrink 3.2-->"C:\Program Files (x86)\DVD Shrink\unins000.exe"
Epson Copy Utility 3.5-->RunDll32 C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}\setup.exe" -l0x9 -UnInstall
Epson Event Manager-->MsiExec.exe /X{FE5ED0AC-BCC8-482A-8B08-AA11D5F00152}
EPSON Perfection V33/V330 Manual-->"C:\Program Files (x86)\Epson\TpManual\EPSON Perfection V33_V330\en\Useg\DocUnins.exe"
EPSON Scan-->C:\Program Files (x86)\epson\escndv\setup\setup.exe /r
Epson Software Updater-->MsiExec.exe /X{7BAC3F7A-B963-468E-982E-B5608A87408D}
ESET Smart Security-->MsiExec.exe /I{95291E13-1EE6-43C4-9B72-AC0DF6D16818}
EventGhost 0.4.1.r1722-->"C:\Program Files (x86)\EventGhost\unins000.exe"
Evoland 2-->"d:\Program Files (x86)\Evoland 2\unins000.exe"
Evoland 2-->"D:\Program Files (x86)\Evoland 2\unins001.exe"
FaceRig Virtual Video driver version 1.0.1.1000-->"C:\WINDOWS\unins002.exe"
FaceRig-->"Z:\Steam\steam.exe" steam://uninstall/274920
Factorio-->"Z:\Steam\steam.exe" steam://uninstall/427520
Fallout 4-->"Z:\Steam\steam.exe" steam://uninstall/377160
ffdshow v1.3.4533 [2014-09-29]-->"C:\Program Files (x86)\ffdshow\unins000.exe"
FFMPEG Core Files (remove only)-->"C:\Program Files (x86)\FFMPEG Core Files\uninstall.exe"
FlatOut 4: Total Insanity-->"Z:\Steam\steam.exe" steam://uninstall/402130
Galactic Civilizations III-->"Z:\Steam\steam.exe" steam://uninstall/226860
Game Corp DX-->"Z:\Steam\steam.exe" steam://uninstall/399670
Gas Guzzlers Extreme-->"Z:\Steam\steam.exe" steam://uninstall/243800
GCFScape 1.8.6-->"C:\Program Files\Nem's Tools\GCFScape\unins000.exe"
GloSC version 1.4.1-->"C:\Program Files\GloSC\unins000.exe"
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\Installer\setup.exe" --uninstall --system-level --verbose-logging
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
gpedt.msc 1.0-->"C:\WINDOWS\unins001.exe"
Grey Goo Definitive Edition-->"D:\Games\Grey Goo Definitive Edition\unins000.exe"
Guilty Gear Isuka-->"Z:\Steam\steam.exe" steam://uninstall/267900
Haali Media Splitter-->"C:\Program Files (x86)\Haali\MatroskaSplitter\uninstall.exe"
Hegemony Rome: The Rise of Caesar-->"Z:\Steam\steam.exe" steam://uninstall/227060
Heroine's Quest: The Herald of Ragnarok-->"Z:\Steam\steam.exe" steam://uninstall/283880
Holy Potatoes! A Weapon Shop?!-->"Z:\Steam\steam.exe" steam://uninstall/363600
Cheat Engine 6.6-->"C:\Program Files (x86)\Cheat Engine 6.6\unins000.exe"
Cheat Engine 6.7-->"C:\Program Files (x86)\Cheat Engine 6.7\unins000.exe"
Choice Chamber-->"Z:\Steam\steam.exe" steam://uninstall/359960
Chrome Remote Desktop Host-->MsiExec.exe /I{D61C8E6E-A4F3-4CD8-8568-51CEB5660C89}
Chunky-->"C:\Program Files (x86)\Chunky\uninstall.exe"
I am Bread-->"Z:\Steam\steam.exe" steam://uninstall/327890
Injustice: Gods Among Us Ultimate Edition-->"Z:\Steam\steam.exe" steam://uninstall/242700
Inkscape 0.92.1-->d:\Program Files\Inkscape\Uninstall.exe
Jamestown-->"Z:\Steam\steam.exe" steam://uninstall/94200
Java 8 Update 161 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F64180161F0}
Jelly in the sky-->"Z:\Steam\steam.exe" steam://uninstall/593530
Jewel Legends Atlantis 1.00-->d:\Program Files (x86)\Games\Jewel Legends Atlantis\Uninstall.exe
Jotun-->"Z:\Steam\steam.exe" steam://uninstall/323580
LAV Filters 0.68.1-->"C:\Program Files (x86)\LAV Filters\unins000.exe"
Left 4 Dead 2 Authoring Tools-->"Z:\Steam\steam.exe" steam://uninstall/563
Left 4 Dead 2-->"Z:\Steam\steam.exe" steam://uninstall/550
Left 4 Dead-->"Z:\Steam\steam.exe" steam://uninstall/500
LEGO Batman 2-->"Z:\Steam\steam.exe" steam://uninstall/213330
LEGO® MARVEL Super Heroes-->"Z:\Steam\steam.exe" steam://uninstall/249130
Lilly Looking Through-->"Z:\Steam\steam.exe" steam://uninstall/250030
Lineage II-->"C:\Program Files (x86)\InstallShield Installation Information\{23664DA8-8872-4CF4-A2F2-327CC539823B}\setup.exe" -runfromtemp -l0x0409 -removeonly
LineageII EU-->"C:\Program Files (x86)\4game\3.6.2.257\lineage2eu_uninstall.exe" /InstKey=lineage2eu
LOOT version 0.10.2-->"D:\Games\LOOT\unins000.exe"
MadVR (remove only)-->"C:\Program Files (x86)\MadVR\uninstall.exe"
Maelstrom-->"Z:\Steam\steam.exe" steam://uninstall/11560
Magicka-->"Z:\Steam\steam.exe" steam://uninstall/42910
Manticore Gaming Keyboard-->"C:\WINDOWS\unins000.exe"
Memories of a Vagabond-->"Z:\Steam\steam.exe" steam://uninstall/307070
Metro: Last Light-->"Z:\Steam\steam.exe" steam://uninstall/43160
Mezi světy - Sběratelská edice-->"d:\Spidla\Mezi svety - Sberatelska edice\unins000.exe"
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64)-->MsiExec.exe /I{B0169E83-757B-EF66-E2F0-391944D785BC}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022-->MsiExec.exe /X{350AA351-21FA-3270-8B7A-835434E766AD}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501-->"C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649-->"C:\ProgramData\Package Cache\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501-->"C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660-->"C:\ProgramData\Package Cache\{61087a79-ac85-455c-934d-1fa22cc64f36}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40649-->MsiExec.exe /X{20C1086D-C843-36B1-B678-990089D1BD44}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40649-->MsiExec.exe /X{ABB19BB4-838D-3082-BDA4-87C6604181A2}
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660-->MsiExec.exe /X{7DAD0258-515C-3DD4-8964-BD714199E0F7}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660-->MsiExec.exe /X{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017-->"C:\ProgramData\Package Cache\{e52a6842-b0ac-476e-b48f-378a97a67346}\VC_redist.x64.exe" /uninstall
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017-->"C:\ProgramData\Package Cache\{f325f05b-f963-4640-a43b-c8a494cdda0f}\VC_redist.x86.exe" /uninstall
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.10.25017-->MsiExec.exe /X{E512788E-C50B-3858-A4B9-73AD5F3F9E93}
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.10.25017-->MsiExec.exe /X{8D4F7A6D-6B81-3DC8-9C21-6008E4866727}
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.10.25017-->MsiExec.exe /X{68306422-7C57-373F-8860-D26CE4BA2A15}
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.10.25017-->MsiExec.exe /X{582EA838-9199-3518-A05C-DB09462F68EC}
Microsoft XNA Framework Redistributable 3.1-->MsiExec.exe /I{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}
Minecraft-->MsiExec.exe /X{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}
Mini Metro-->"Z:\Steam\steam.exe" steam://uninstall/287980
Moorhuhn Winter-Edition-->C:\WINDOWS\IsUn0407.exe -f"d:\Program Files (x86)\Phenomedia AG\Moorhuhn Winter-Edition\Uninst.isu"
Moorhuhn X - XXL-->RunDll32 C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D0D3C193-7052-4DE4-8BF4-3954D2021FF2}\Setup.exe" -l0x7
Mortal Kombat Komplete Edition-->"Z:\Steam\steam.exe" steam://uninstall/237110
Mozilla Firefox 49.0.2 (x86 cs)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MSI Super Charger-->"C:\Program Files (x86)\MSI\Super Charger\unins000.exe"
NARUTO SHIPPUDEN Ultimate Ninja STORM 4-->"D:\Games\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\unins000.exe"
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst-->"Z:\Steam\steam.exe" steam://uninstall/234670
NARUTO SHIPPUDEN: Ultimate Ninja STORM 4 Update v1.04 Incl. DLC-->"D:\Games\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\unins001.exe"
NCSOFT Game Launcher-->C:\Program Files (x86)\NCWest\NCLauncher\Uninstall.exe
Need for Speed: Undercover-->"Z:\Steam\steam.exe" steam://uninstall/17430
Need for Speed™ Carbon-->D:\Program Files (x86)\Electronic Arts\Need for Speed Carbon\EAUninstall.exe
Nexus Mod Manager-->"C:\Program Files\Nexus Mod Manager\uninstall\unins000.exe"
Nosferatu: The Wrath of Malachi-->"Z:\Steam\steam.exe" steam://uninstall/283290
NVIDIA GeForce Experience 3.12.0.84-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Ovladač 3D Vision 390.65-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Ovladač HD audia 1.3.36.6-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Ovladač řídící jednotky 3D Vision 390.41-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA Ovladače grafiky 390.65-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Systémový software PhysX 9.17.0524-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX
ONE PIECE BURNING BLOOD-->"D:\Games\ONE PIECE BURNING BLOOD\unins000.exe"
OpenAL-->"C:\Program Files (x86)\OpenAL\oalinst.exe" /U
Origin-->Z:\Origin\OriginUninstall.exe
Original War-->"Z:\Steam\steam.exe" steam://uninstall/235320
Path of Exile - beta-->"C:\ProgramData\Package Cache\{bdf3557f-d78a-46ae-bc52-c9baf154b526}\PathOfExileInstaller.exe" /uninstall
Path of Exile - beta-->MsiExec.exe /X{3BB59A34-8DB2-4B1F-B48E-B14526C51582}
Path of Exile-->"Z:\Steam\steam.exe" steam://uninstall/238960
PCSX2 - Playstation 2 Emulator-->D:\Games\PCSX2 1.0.0\Uninst-pcsx2-r5350.exe
PCSX2 - Playstation 2 Emulator-->D:\Games\PCSX2 1.4.0\Uninst-pcsx2 1.4.0.exe
Portal 2-->"Z:\Steam\steam.exe" steam://uninstall/620
PSPad editor-->"C:\Program Files (x86)\PSPad editor\Uninst\unins000.exe"
Python 2.6.6-->MsiExec.exe /I{6151CF20-0BD8-4023-A4A0-6A86DCFE58E5}
Python 3.6.4 Core Interpreter (64-bit)-->MsiExec.exe /I{B3411348-B653-4D70-9A09-28901FB91143}
Python 3.6.4 Development Libraries (64-bit)-->MsiExec.exe /I{910DACA6-6A2B-467F-94AE-2DA40A29C0A5}
Python 3.6.4 Documentation (64-bit)-->MsiExec.exe /I{732F63FB-D1EA-4D7B-844D-69AB27FB6A1E}
Python 3.6.4 Executables (64-bit)-->MsiExec.exe /I{06C8E684-F68F-4AEF-B41E-768E2BDF5FA5}
Python 3.6.4 pip Bootstrap (64-bit)-->MsiExec.exe /I{5DFE0CAA-8EE6-40F7-B940-7FF9E4FB812F}
Python 3.6.4 Standard Library (64-bit)-->MsiExec.exe /I{C4D98953-C1E2-4273-929A-BC489AD42FAF}
Python 3.6.4 Tcl/Tk Support (64-bit)-->MsiExec.exe /I{F8F7EF2B-246C-4085-B0DD-E3EBCD52D585}
Python 3.6.4 Test Suite (64-bit)-->MsiExec.exe /I{7D68AD0E-805E-47EA-B3AF-AD449353EDC9}
Python 3.6.4 Utility Scripts (64-bit)-->MsiExec.exe /I{871F9D05-4AF7-40E5-9DBD-1BD29D1ACA6D}
Python Launcher-->MsiExec.exe /X{B42FF40A-60D4-4096-AC47-C86153D72797}
Quiplash-->"Z:\Steam\steam.exe" steam://uninstall/351510
Rainmeter-->C:\Program Files\Rainmeter\uninst.exe
Rayman Legends-->"Z:\Steam\steam.exe" steam://uninstall/242550
Rayman Origins-->"Z:\Steam\steam.exe" steam://uninstall/207490
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
Rememoried-->"Z:\Steam\steam.exe" steam://uninstall/368450
Ridge Racer™ Unbounded-->"Z:\Steam\steam.exe" steam://uninstall/202310
Rover Rescue-->"Z:\Steam\steam.exe" steam://uninstall/286440
Rust-->"Z:\Steam\steam.exe" steam://uninstall/252490
Rytmik Player-->"Z:\Steam\steam.exe" steam://uninstall/430890
Saints Row IV-->"Z:\Steam\steam.exe" steam://uninstall/206420
Serious Sam 3: BFE-->"Z:\Steam\steam.exe" steam://uninstall/41070
Shu-->"Z:\Steam\steam.exe" steam://uninstall/528720
Skullgirls-->"Z:\Steam\steam.exe" steam://uninstall/245170
Skyrim Script Extender (SKSE)-->"Z:\Steam\steam.exe" steam://uninstall/365720
Smlouva s dablem v.2017-->D:\Program Files (x86)\Helping Hands\Smlouva s dablem\Uninstall.exe
Sonic & All-Stars Racing Transformed-->"Z:\Steam\steam.exe" steam://uninstall/212480
Soulbringer-->"Z:\Steam\steam.exe" steam://uninstall/283310
Sound Blaster Cinema 2-->RunDll32 C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}\setup.exe" -l0x9 /remove
Spore: Creepy & Cute Parts Pack-->"Z:\Steam\steam.exe" steam://uninstall/17440
Spore: Galactic Adventures-->"Z:\Steam\steam.exe" steam://uninstall/24720
Spore-->"Z:\Steam\steam.exe" steam://uninstall/17390
Spore™-->"C:\Program Files (x86)\Common Files\EAInstaller\SPORE\Cleanup.exe" uninstall_game -autologging
StarCraft-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=enUS --uid=s1 --displayname="StarCraft"
Starward Rogue-->"Z:\Steam\steam.exe" steam://uninstall/410820
Steam-->Z:\Steam\uninstall.exe
Surgeon Simulator-->"Z:\Steam\steam.exe" steam://uninstall/233720
Table Top Racing: World Tour-->"Z:\Steam\steam.exe" steam://uninstall/450670
Team Fortress 2-->"Z:\Steam\steam.exe" steam://uninstall/440
The Crew (Worldwide)-->"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe" uplay://uninstall/413
The Elder Scrolls V: Skyrim Special Edition-->"Z:\Steam\steam.exe" steam://uninstall/489830
The Elder Scrolls V: Skyrim-->"Z:\Steam\steam.exe" steam://uninstall/72850
The Legend of Korra™-->"Z:\Steam\steam.exe" steam://uninstall/281690
The Night of the Rabbit-->"Z:\Steam\steam.exe" steam://uninstall/230820
Total Commander 64-bit (Remove or Repair)-->c:\totalcmd\tcunin64.exe
Totally Accurate Battle Zombielator-->"Z:\Steam\steam.exe" steam://uninstall/615000
TrackMania Nations Forever-->"Z:\Steam\steam.exe" steam://uninstall/11020
TrackMania United-->"Z:\Steam\steam.exe" steam://uninstall/7200
Tricky Towers-->"Z:\Steam\steam.exe" steam://uninstall/437920
Trine 2-->"Z:\Steam\steam.exe" steam://uninstall/35720
Trine-->"Z:\Steam\steam.exe" steam://uninstall/35700
Ulož.to FileManager verze 2.20-->"d:\Program Files (x86)\Ulozto File Manager\unins000.exe"
Undertale-->"Z:\Steam\steam.exe" steam://uninstall/391540
Universal Adb Driver-->MsiExec.exe /I{C0E08D8D-6076-4117-B644-2AF34F35B757}
Uplay-->C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe
VIA Platforma Ovladače zařízení-->C:\Program Files (x86)\Common Files\InstallShield\Driver\7\Intel 32\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VLC media player-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Vulkan Run Time Libraries 1.0.65.0-->C:\Program Files (x86)\VulkanRT\1.0.65.0\UninstallVulkanRT.exe
Wallpaper Engine-->"Z:\Steam\steam.exe" steam://uninstall/431960
Warhammer 40,000: Dawn of War III-->"Z:\Steam\steam.exe" steam://uninstall/285190
Warhammer 40,000: Eternal Crusade-->"Z:\Steam\steam.exe" steam://uninstall/375230
Warhammer 40,000: Regicide-->"Z:\Steam\steam.exe" steam://uninstall/322910
Warhammer: End Times - Vermintide-->"Z:\Steam\steam.exe" steam://uninstall/235540
Watch_Dogs-->"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe" uplay://uninstall/274
WestwoodChat-->MsiExec.exe /I{7CAE6A67-AF7B-4A6A-8705-8AFACA45BB60}
WestwoodOnline-->MsiExec.exe /I{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}
Win32DiskImager version 0.9.5-->"C:\Program Files (x86)\ImageWriter\unins000.exe"
WinRAR 5.40 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
Xiph.Org Open Codecs 0.85.17777-->C:\Program Files (x86)\Xiph.Org\Open Codecs\uninst.exe
XSplit Gamecaster-->MsiExec.exe /X{86A133DA-6799-4E96-8200-D2A7E0C98C75}
ZanZarah: The Hidden Portal-->"Z:\Steam\steam.exe" steam://uninstall/384570
Zoom Player (remove only)-->"C:\Program Files (x86)\Zoom Player\uninstall.exe"

======Hosts File======

127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com

======System event log======

Computer Name: Ententeakovo
Event Code: 20
Message: Poslední stav úspěšného vypnutí byl false. Poslední stav úspěšného spuštění byl true.
Record Number: 5
Source Name: Microsoft-Windows-Kernel-Boot
Time Written: 20180127164823.977411-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Ententeakovo
Event Code: 153
Message: Zabezpečení založené na virtualizaci (zásady: 0) je disabled.
Record Number: 4
Source Name: Microsoft-Windows-Kernel-Boot
Time Written: 20180127164823.977351-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Ententeakovo
Event Code: 6005
Message: Služba Event Log byla spuštěna.
Record Number: 3
Source Name: EventLog
Time Written: 20180127164906.156883-000
Event Type: Informace
User:

Computer Name: Ententeakovo
Event Code: 6009
Message: Microsoft (R) Windows (R) 10.00. 17083 Multiprocessor Free.
Record Number: 2
Source Name: EventLog
Time Written: 20180127164906.156883-000
Event Type: Informace
User:

Computer Name: Ententeakovo
Event Code: 12
Message: Operační systém se spustil v systémovém čase ‎2018‎-‎01‎-‎27T16:48:23.499726900Z.
Record Number: 1
Source Name: Microsoft-Windows-Kernel-General
Time Written: 20180127164823.977301-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: Ententeakovo
Event Code: 4097
Message: Úspěšná automatická aktualizace kořenového certifikátu jiného výrobce: Subjekt: <CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE> Kryptografický otisk SHA1: <B1BC968BD4F49D622AA89A81F2150152A41D829C>.
Record Number: 5
Source Name: Microsoft-Windows-CAPI2
Time Written: 20180127164904.110012-000
Event Type: Informace
User:

Computer Name: Ententeakovo
Event Code: 4097
Message: Úspěšná automatická aktualizace kořenového certifikátu jiného výrobce: Subjekt: <CN=VeriSign Universal Root Certification Authority, OU="(c) 2008 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US> Kryptografický otisk SHA1: <3679CA35668772304D30A5FB873B0FA77BB70D54>.
Record Number: 4
Source Name: Microsoft-Windows-CAPI2
Time Written: 20180127164904.094382-000
Event Type: Informace
User:

Computer Name: Ententeakovo
Event Code: 5617
Message: Subsystémy služby WMI (Windows Management Instrumentation) byly úspěšně inicializovány.
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20180127164849.121309-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Ententeakovo
Event Code: 5615
Message: Služba WMI (Windows Management Instrumentation) byla úspěšně spuštěna.
Record Number: 2
Source Name: Microsoft-Windows-WMI
Time Written: 20180127164849.038714-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: ENTENTEAKOVO
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20180127164906.188128-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: Ententeakovo
Event Code: 4688
Message: Byl vytvořen nový proces.

Tvůrčí subjekt:
ID zabezpečení: S-1-5-18
Název účtu: -
Doména účtu: -
Přihlašovací ID: 0x3E7

Cílový subjekt:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
Přihlašovací ID: 0x0

Informace o procesu:
ID nového procesu: 0x1ac
Název nového procesu: C:\Windows\System32\autochk.exe
Typ zvýšení oprávnění tokenu: %%1936
Povinný štítek: S-1-16-16384
ID tvůrčího procesu: 0x198
Název tvůrčího procesu: C:\Windows\System32\smss.exe
Příkazový řádek procesu:

Typ zvýšení oprávnění tokenu označuje typ tokenu, který byl přiřazen novému procesu v souladu se zásadami nástroje Řízení uživatelských účtů.

Typ 1 je úplný token, u kterého nebyla odebrána žádná oprávnění ani nebyly zakázány skupiny. Úplný token se používá pouze v případě, že je vypnut nástroj Řízení uživatelských účtů nebo pokud uživatel je integrovaný účet Administrator nebo účet služby.

Typ 2 je token se zvýšenými oprávněními, u kterého nebyla odebrána žádná oprávnění ani nebyly zakázány skupiny. Token se zvýšenými oprávněními se používá, pokud je zapnut nástroj Řízení uživatelských účtů a uživatel se rozhodne spustit program pomocí možnosti Spustit jako správce. Token se zvýšenými oprávněními se také používá, pokud je aplikace nakonfigurována tak, aby vždy vyžadovala oprávnění správce nebo maximální oprávnění, a uživatel je členem skupiny Administrators.

Typ 3 je omezený token s odebranými oprávněními správce a zakázanými skupinami pro správu. Omezený token se používá, pokud je zapnut nástroj Řízení uživatelských účtů, aplikace nevyžaduje oprávnění správce a uživatel se nerozhodne spustit program pomocí možnosti Spustit jako správce.
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20180127164831.271949-000
Event Type: Úspěšný audit
User:

Computer Name: Ententeakovo
Event Code: 4688
Message: Byl vytvořen nový proces.

Tvůrčí subjekt:
ID zabezpečení: S-1-5-18
Název účtu: -
Doména účtu: -
Přihlašovací ID: 0x3E7

Cílový subjekt:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
Přihlašovací ID: 0x0

Informace o procesu:
ID nového procesu: 0x198
Název nového procesu: C:\Windows\System32\smss.exe
Typ zvýšení oprávnění tokenu: %%1936
Povinný štítek: S-1-16-16384
ID tvůrčího procesu: 0x4
Název tvůrčího procesu:
Příkazový řádek procesu:

Typ zvýšení oprávnění tokenu označuje typ tokenu, který byl přiřazen novému procesu v souladu se zásadami nástroje Řízení uživatelských účtů.

Typ 1 je úplný token, u kterého nebyla odebrána žádná oprávnění ani nebyly zakázány skupiny. Úplný token se používá pouze v případě, že je vypnut nástroj Řízení uživatelských účtů nebo pokud uživatel je integrovaný účet Administrator nebo účet služby.

Typ 2 je token se zvýšenými oprávněními, u kterého nebyla odebrána žádná oprávnění ani nebyly zakázány skupiny. Token se zvýšenými oprávněními se používá, pokud je zapnut nástroj Řízení uživatelských účtů a uživatel se rozhodne spustit program pomocí možnosti Spustit jako správce. Token se zvýšenými oprávněními se také používá, pokud je aplikace nakonfigurována tak, aby vždy vyžadovala oprávnění správce nebo maximální oprávnění, a uživatel je členem skupiny Administrators.

Typ 3 je omezený token s odebranými oprávněními správce a zakázanými skupinami pro správu. Omezený token se používá, pokud je zapnut nástroj Řízení uživatelských účtů, aplikace nevyžaduje oprávnění správce a uživatel se nerozhodne spustit program pomocí možnosti Spustit jako správce.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20180127164827.702321-000
Event Type: Úspěšný audit
User:

Computer Name: Ententeakovo
Event Code: 4826
Message: Načetla se konfigurační data spouštění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: -
Doména účtu: -
ID přihlášení: 0x3E7

Obecné nastavení:
Možnosti načtení: -
Upřesňující možnosti: Ne
Zásady přístupu ke konfiguraci: Výchozí
Protokolování systémových událostí: Ne
Ladění jádra: Ne
Typ spuštění VSM: Vypnuto

Nastavení podpisu:
Testovací podepsání: Ne
Podepsání za běhu: Ano
Zakázat kontroly integrity: Ne

Nastavení HyperVisoru:
Možnosti načtení HyperVisoru: -
Typ spuštění HyperVisoru: Vypnuto
Ladění HyperVisoru: Ne
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20180127164827.699440-000
Event Type: Úspěšný audit
User:

Computer Name: Ententeakovo
Event Code: 4696
Message: Primární token byl přiřazen k procesu.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: -
Doména účtu: -
ID přihlášení: 0x3E7

Informace o procesu:
ID procesu: 0x4
Název procesu:

Cílový proces:
ID cílového procesu: 0x78
Název cílového procesu: Registry

Informace o novému tokenu:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x3E7
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20180127164827.699436-000
Event Type: Úspěšný audit
User:

Computer Name: Ententeakovo
Event Code: 4688
Message: Byl vytvořen nový proces.

Tvůrčí subjekt:
ID zabezpečení: S-1-5-18
Název účtu: -
Doména účtu: -
Přihlašovací ID: 0x3E7

Cílový subjekt:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
Přihlašovací ID: 0x0

Informace o procesu:
ID nového procesu: 0x78
Název nového procesu: Registry
Typ zvýšení oprávnění tokenu: %%1936
Povinný štítek: S-1-16-16384
ID tvůrčího procesu: 0x4
Název tvůrčího procesu:
Příkazový řádek procesu:

Typ zvýšení oprávnění tokenu označuje typ tokenu, který byl přiřazen novému procesu v souladu se zásadami nástroje Řízení uživatelských účtů.

Typ 1 je úplný token, u kterého nebyla odebrána žádná oprávnění ani nebyly zakázány skupiny. Úplný token se používá pouze v případě, že je vypnut nástroj Řízení uživatelských účtů nebo pokud uživatel je integrovaný účet Administrator nebo účet služby.

Typ 2 je token se zvýšenými oprávněními, u kterého nebyla odebrána žádná oprávnění ani nebyly zakázány skupiny. Token se zvýšenými oprávněními se používá, pokud je zapnut nástroj Řízení uživatelských účtů a uživatel se rozhodne spustit program pomocí možnosti Spustit jako správce. Token se zvýšenými oprávněními se také používá, pokud je aplikace nakonfigurována tak, aby vždy vyžadovala oprávnění správce nebo maximální oprávnění, a uživatel je členem skupiny Administrators.

Typ 3 je omezený token s odebranými oprávněními správce a zakázanými skupinami pro správu. Omezený token se používá, pokud je zapnut nástroj Řízení uživatelských účtů, aplikace nevyžaduje oprávnění správce a uživatel se nerozhodne spustit program pomocí možnosti Spustit jako správce.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20180127164827.699432-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"OS"=Windows_NT
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"PSModulePath"=%ProgramFiles%\WindowsPowerShell\Modules;%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"Path"=C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"ESET_OPTIONS"=
"NUMBER_OF_PROCESSORS"=8
"PROCESSOR_LEVEL"=21
"PROCESSOR_IDENTIFIER"=AMD64 Family 21 Model 2 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0200

-----------------EOF-----------------

Ahoj

RSIT log info.txt je k nicomu bez hlavneho logu log.txt

Poprosim o log z FRST podla tohto navodu (vloz sem obidva logy): https://forum.viry.cz/viewtopic.php?f=13&t=152707

V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

aha.. chybička se vloudila.. už jsem to dlouho nedělal a nějak mi nedošlo, že to dělá dva výpisy (PSPad otevírá vše v jednom okně s panelama)

log.txt:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ententeak at 2018-02-03 10:35:54
Microsoft Windows 10 Home Insider Preview
System drive C: has 44 GB (39%) free of 112 GB
Total RAM: 16332 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:35:57, on 03.02.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17083.1000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
Z:\Steam\Steam.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Users\Ententeak\AppData\Roaming\ArduinoCreateAgent-1.1\Arduino_Create_Bridge.exe
C:\Program Files (x86)\EventGhost\EventGhost.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
D:\Downloads\TranslucentTB.2017.3\TranslucentTB.2017.3\TranslucentTB.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\Genius\Manticore\MTHid.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Z:\Steam\bin\cef\cef.win7\steamwebhelper.exe
Z:\Steam\bin\cef\cef.win7\steamwebhelper.exe
Z:\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe
C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe
C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe
C:\Users\Ententeak\AppData\Local\Vivaldi\Application\update_notifier.exe
C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe
C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe
C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe
C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe
C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe
C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe
C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe
C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe
C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe
C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe
C:\Program Files\trend micro\Ententeak.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [Sound Blaster Cinema 2] "C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [VIAxHCUtl] C:\Program Files (x86)\VIA XHCI UASP Utility\usb3Monitor.exe
O4 - HKLM\..\Run: [Super Charger] C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [Manticore] C:\Program Files (x86)\Genius\Manticore\MThid.exe
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Steam] "Z:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [TranslucentTB] "D:\Downloads\TranslucentTB.2017.3\TranslucentTB.2017.3\TranslucentTB.exe"
O4 - HKCU\..\Run: [GloSC-GameLauncher] "C:\Program Files\GloSC\GloSC_GameLauncher.exe"
O4 - HKCU\..\Run: [Vivaldi Update Notifier] "C:\Users\Ententeak\AppData\Local\Vivaldi\Application\update_notifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O4 - Startup: Arduino Create Agent.lnk = C:\Users\Ententeak\AppData\Roaming\ArduinoCreateAgent-1.1\Arduino_Create_Bridge.exe
O4 - Startup: EventGhost.lnk = C:\Program Files (x86)\EventGhost\EventGhost.exe
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O4 - Startup: TranslucentTB.exe.lnk = D:\Downloads\TranslucentTB.2017.3\TranslucentTB.2017.3\TranslucentTB.exe
O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
O4 - Global Startup: AVerQuick.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVerRemote - AVerMedia - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: Služba Vzdálené plochy Chrome (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\63.0.3239.32\remoting_host.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%SystemRoot%\System32\OctBroker.exe,-100 (OctBroker) - Unknown owner - C:\WINDOWS\system32\OctBroker.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - Z:\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - Z:\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Wallpaper Engine Service - Unknown owner - Z:\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 12597 bytes

======Listing Processes======









C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
winlogon.exe
"fontdrvhost.exe"
"dwm.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s gpsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp

c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalService -p

c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection

C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
"C:\Program Files (x86)\Google\Chrome Remote Desktop\63.0.3239.32\remoting_host.exe" --type=daemon --host-config="C:\ProgramData\Google\Chrome Remote Desktop\host.json"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\WINDOWS\system32\DbxSvc.exe
"C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe"
"C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
c:\windows\system32\tcpsvcs.exe

c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\svchost.exe -k imgsvc
Z:\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe -x64
"Z:\Origin\OriginWebHelperService.exe"
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
"C:\Program Files (x86)\Google\Chrome Remote Desktop\63.0.3239.32\remoting_host.exe" --type=host --mojo-pipe-token=5ECD4376048B1313579CD06C70BD026A --mojo-platform-channel-handle=876
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NgcSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s NgcCtnrSvc
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -c
-safe -silent
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /c
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\smartscreen.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21715.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server
C:\WINDOWS\system32\SearchIndexer.exe /Embedding

C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\Program Files\ESET\ESET Security\egui.exe" /hide
"Z:\Steam\Steam.exe" -silent
"C:\Program Files\GloSC\GloSC_GameLauncher.exe"
"C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:crashpad-handler --monitor-self --monitor-self-argument=-type:crashpad-handler --monitor-self-annotation=product_name=desktop_crashpad --capture-python --no-upload-gzip --no-rate-limit --database=C:\Users\Ententeak\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=buildno=Dropbox-win-43.3.47 --annotation=client_session_id=90e1fb2d-3c35-42f0-90bc-a5007704ed4a --annotation=host_int_account1_boot=5751388688 --annotation=machine_id=3832c5e2-cd54-4cce-a60d-0722fcbb772b --annotation=platform=win --annotation=platform_version=10 --initial-client-data=0x204,0x214,0x218,0x210,0x21c,0x6bc48db8,0x6bc48dc8,0x6bc48dd8
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:crashpad-handler --no-periodic-tasks --no-rate-limit --no-upload-gzip --monitor-self-annotation=product_name=desktop_crashpad --database=C:\Users\Ententeak\AppData\Local\Dropbox\Crashpad --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=buildno=Dropbox-win-43.3.47 --annotation=client_session_id=90e1fb2d-3c35-42f0-90bc-a5007704ed4a --annotation=host_int_account1_boot=5751388688 --annotation=machine_id=3832c5e2-cd54-4cce-a60d-0722fcbb772b --annotation=platform=win --annotation=platform_version=10 --initial-client-data=0x228,0x22c,0x230,0x224,0x234,0x6bc48db8,0x6bc48dc8,0x6bc48dd8
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:exit-monitor -session-token:90e1fb2d-3c35-42f0-90bc-a5007704ed4a -target-handle:528 -target-shutdown-event:540 "-target-command-line:\"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe\" /systemstartup" -method:collectupload -handler-pipe:\\.\pipe\crashpad_9960_JQGPXMXMVEXYMOWB
"C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe"
"C:\Users\Ententeak\AppData\Roaming\ArduinoCreateAgent-1.1\Arduino_Create_Bridge.exe"
"C:\Program Files (x86)\EventGhost\EventGhost.exe" -h -e OnInitAfterBoot
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files\Rainmeter\Rainmeter.exe"
"D:\Downloads\TranslucentTB.2017.3\TranslucentTB.2017.3\TranslucentTB.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --disable-gpu-compositing --no-sandbox --service-pipe-token=9B6D58B83248C376D547ECC9F2F2094A --lang=en-US --lang=en-US --log-file="C:\Users\Ententeak\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=9B6D58B83248C376D547ECC9F2F2094A --renderer-client-id=2 --mojo-platform-channel-handle=1832 /prefetch:1
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -d "C:\Program Files\NVIDIA Corporation\NvStreamSrv\SsauPlugins" -f "C:\ProgramData\NVIDIA Corporation\nvstreamsvc\NvcSSAU.log" -l 4 -r -c
C:\WINDOWS\system32\AUDIODG.EXE 0x540
rundll32.exe "C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxcore.dll" RmWindowsHookSetup
rundll32.exe "C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\rxcore.dll" RmWindowsHookSetup
"C:\Program Files (x86)\Genius\Manticore\MTHid.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
Z:\Steam\bin\cef\cef.win7\steamwebhelper.exe "-lang=cs_CZ" "-cachedir=C:\Users\Ententeak\AppData\Local\Steam\htmlcache" "-steampid=9612" "-buildid=1516948201" "-steamid=0" "-clientui=Z:\Steam\clientui" --disable-spell-checking --disable-out-of-process-pac --enable-blink-features=ResizeObserver --disable-smooth-scrolling --disable-gpu-compositing --disable-gpu --enable-direct-write "--log-file=Z:\Steam\logs\cef_log.txt"
Z:\Steam\bin\cef\cef.win7\steamwebhelper.exe --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Ententeak\AppData\Local\CEF\User Data\Crashpad" "--metrics-dir=C:\Users\Ententeak\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win32 --annotation=product=cefwebhelper --annotation=version=1.0 --initial-client-data=0x320,0x324,0x328,0x2fc,0x32c,0x55f381a4,0x55f381b4,0x55f381c4
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"Z:\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --disable-smooth-scrolling --enable-pinch --service-pipe-token=F594C764310548B501006C2E4C8D79B4 --enable-blink-features=ResizeObserver --lang=en-US --lang=cs-CZ --log-file="Z:\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback ... localhost/* --disable-spell-checking --buildid=1516948201 --steamid=0 --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=F594C764310548B501006C2E4C8D79B4 --renderer-client-id=2 --mojo-platform-channel-handle=1960 /prefetch:1
"C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe" https://vivaldi.com/newfeatures?hl=cs&v ... 10.0.17083
C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe --type=crashpad-handler "--user-data-dir=C:\Users\Ententeak\AppData\Local\Vivaldi\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Ententeak\AppData\Local\Vivaldi\User Data\Crashpad" "--metrics-dir=C:\Users\Ententeak\AppData\Local\Vivaldi\User Data" --annotation=plat=Win32 --annotation=prod=Vivaldi --annotation=ver=1.15.1089.3 --initial-client-data=0x228,0x22c,0x230,0x224,0x234,0x6c60ded8,0x6c60dee8,0x6c60def4
"C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe" --type=gpu-process --field-trial-handle=1520,17470920746936435745,17460420653900418696,131072 --gpu-preferences=GAAAAAAAAAAABwAAAQAAAAAAAAAAAGAA --gpu-vendor-id=0x10de --gpu-device-id=0x1380 --gpu-driver-vendor=NVIDIA --gpu-driver-version=23.21.13.9065 --gpu-driver-date=1-3-2018 --service-request-channel-token=9C78EEAB2C7CAA86E1568953D02E3436 --mojo-platform-channel-handle=1544 --ignored=" --type=renderer " /prefetch:2
"C:\Users\Ententeak\AppData\Local\Vivaldi\Application\update_notifier.exe"
"C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe" --type=renderer --field-trial-handle=1520,17470920746936435745,17460420653900418696,131072 --service-pipe-token=8B796CBB129DBD48ED7B4E99B0472421 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_28_0_0_137.dll" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=8B796CBB129DBD48ED7B4E99B0472421 --renderer-client-id=20 --running-vivaldi --mojo-platform-channel-handle=3168 /prefetch:1
"C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe" --type=renderer --field-trial-handle=1520,17470920746936435745,17460420653900418696,131072 --service-pipe-token=7E253D9FFDD9F6C49F6F72B9A6BAF3A0 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_28_0_0_137.dll" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=7E253D9FFDD9F6C49F6F72B9A6BAF3A0 --renderer-client-id=8 --running-vivaldi --mojo-platform-channel-handle=3672 /prefetch:1
"C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe" --type=renderer --field-trial-handle=1520,17470920746936435745,17460420653900418696,131072 --service-pipe-token=6197D400C795DFB4C55EFA6CDC8E272B --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_28_0_0_137.dll" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=6197D400C795DFB4C55EFA6CDC8E272B --renderer-client-id=11 --running-vivaldi --mojo-platform-channel-handle=3776 /prefetch:1
"C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe" --type=renderer --field-trial-handle=1520,17470920746936435745,17460420653900418696,131072 --service-pipe-token=1BC60581E9E92206262270697C04C764 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_28_0_0_137.dll" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=1BC60581E9E92206262270697C04C764 --renderer-client-id=14 --running-vivaldi --mojo-platform-channel-handle=3744 /prefetch:1
"C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe" --type=renderer --field-trial-handle=1520,17470920746936435745,17460420653900418696,131072 --service-pipe-token=C69E58CD6B6067CDBF1D51E3FE294AAF --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_28_0_0_137.dll" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=C69E58CD6B6067CDBF1D51E3FE294AAF --renderer-client-id=17 --running-vivaldi --mojo-platform-channel-handle=3924 /prefetch:1
"C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe" --type=renderer --field-trial-handle=1520,17470920746936435745,17460420653900418696,131072 --service-pipe-token=193554F88F741FC18BE516FF61D7E238 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_28_0_0_137.dll" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=193554F88F741FC18BE516FF61D7E238 --renderer-client-id=21 --running-vivaldi --mojo-platform-channel-handle=6916 /prefetch:1
"C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe" --type=renderer --field-trial-handle=1520,17470920746936435745,17460420653900418696,131072 --service-pipe-token=9455F230295D49DF7C4F87E523DA565C --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_28_0_0_137.dll" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=9455F230295D49DF7C4F87E523DA565C --renderer-client-id=24 --running-vivaldi --mojo-platform-channel-handle=6236 /prefetch:1
"C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe" --type=renderer --field-trial-handle=1520,17470920746936435745,17460420653900418696,131072 --service-pipe-token=3E8E8B0F5FB5B226783912E375D884BE --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_28_0_0_137.dll" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=3E8E8B0F5FB5B226783912E375D884BE --renderer-client-id=22 --running-vivaldi --mojo-platform-channel-handle=8476 /prefetch:1
"C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe" --type=renderer --field-trial-handle=1520,17470920746936435745,17460420653900418696,131072 --service-pipe-token=23E1571F677630ECB49E35DF478449A6 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_28_0_0_137.dll" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=23E1571F677630ECB49E35DF478449A6 --renderer-client-id=23 --running-vivaldi --mojo-platform-channel-handle=9712 /prefetch:1
"C:\Users\Ententeak\AppData\Local\Vivaldi\Application\vivaldi.exe" --type=renderer --field-trial-handle=1520,17470920746936435745,17460420653900418696,131072 --service-pipe-token=0B0D97BA5D8914C5BA58775DBC62E591 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_28_0_0_137.dll" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=0B0D97BA5D8914C5BA58775DBC62E591 --renderer-client-id=31 --running-vivaldi --mojo-platform-channel-handle=11152 /prefetch:1
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /cr
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc

c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 756 760 768 8192 764
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
"D:\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe

FRST je prý dlouhý (867303 znaků) takže jej dávám do přílohy společně s addition.txt

Si si vedomy, ze pouzivas Windows Insider zostavy, ktore mozu byt neotestovane a nestabilne?

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Scan (Skenovanie) a pockaj na dokoncenie
• Klikni na Clean (Cistenie) a potvrd kliknutim na OK
• AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
• Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj

jo, vědomej si jsem, proto si píšu do preventivek a ne do řešení problémů
Kdysi už jsem tu řešil podobnej problém a pak se ukázalo, že ho způsobuje kolidování ESETu s testovací verzí WinDefendera...
Spíš mi jde o to, že se v poslední době začaly dost šířit ty "těžební" viry a kolegovi z práce to odvařilo grafárnu, tak jsem se trochu lekl, abych nedopadl stejně..

Ale teď mě překvapily dvě věci:
1) že mi tu radí "nováček" (bez hodnosti rádce) s méně příspěvky, než mám já. Ale zatím jste mi neradil nic, s čím bych už neměl zkušenosti a co by mi tu jindy neradil "rádce", takže mi to nějak extra neva
2) že AdwCleaner nechtěl restart....

jinak tedy log:
# AdwCleaner 7.0.7.0 - Logfile created on Sat Feb 03 16:27:17 2018
# Updated on 2018/18/01 by Malwarebytes
# Database: 02-02-2018.4
# Running on Windows 10 Home Insider Preview (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.MYPCTuneUp, C:\ProgramData\NERO\NERO TUNEITUP
PUP.Optional.MYPCTuneUp, C:\Users\All Users\NERO\NERO TUNEITUP


***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [1273 B] - [2016/12/9 11:24:40]
C:/AdwCleaner/AdwCleaner[S0].txt - [1495 B] - [2016/12/9 11:23:54]


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########

Rank "Novacek" mam podla pravidiel po absolvovani kurzu pre novacikov

V AdwCleaneri si neklikol na Clean (Cistenie), preto nechcel restart. Ale jeho nalezy uz precistime cez FRST, vid. nizsie.

Kazdopadne logy vyzeraju OK, nevidim ziadne "tazebne virusy" ani inu havet, len bezne zbytocnosti.

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  S3 BcastDVRUserService_43375; C:\WINDOWS\system32\svchost.exe [45536 2018-01-20] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
  S3 BcastDVRUserService_43375; C:\WINDOWS\SysWOW64\svchost.exe [40344 2018-01-20] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
  S3 BluetoothUserService_43375; C:\WINDOWS\system32\svchost.exe [45536 2018-01-20] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
  S3 BluetoothUserService_43375; C:\WINDOWS\SysWOW64\svchost.exe [40344 2018-01-20] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
  Task: {E15D0692-401F-477B-A71E-D377FC1D0682} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
  
  C:\ProgramData\NERO\NERO TUNEITUP
  C:\Users\All Users\NERO\NERO TUNEITUP
  DeleteKey: HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Aha, tak funkce "Nováček" je pro mě novinka (a už vidím, že "běžný uživatel" má titul "Návštěvník" )

Fix result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by Ententeak (03-02-2018 19:18:02) Run:3
Running from F:\Desktop
Loaded Profiles: Ententeak (Available Profiles: defaultuser0 & Ententeak)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

S3 BcastDVRUserService_43375; C:\WINDOWS\system32\svchost.exe [45536 2018-01-20] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_43375; C:\WINDOWS\SysWOW64\svchost.exe [40344 2018-01-20] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_43375; C:\WINDOWS\system32\svchost.exe [45536 2018-01-20] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_43375; C:\WINDOWS\SysWOW64\svchost.exe [40344 2018-01-20] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
Task: {E15D0692-401F-477B-A71E-D377FC1D0682} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

C:\ProgramData\NERO\NERO TUNEITUP
C:\Users\All Users\NERO\NERO TUNEITUP
DeleteKey: HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Error: (0) Failed to create a restore point.
"HKLM\System\CurrentControlSet\Services\BcastDVRUserService_43375" => removed successfully
BcastDVRUserService_43375 => service removed successfully
BcastDVRUserService_43375 => service not found.
"HKLM\System\CurrentControlSet\Services\BluetoothUserService_43375" => removed successfully
BluetoothUserService_43375 => service removed successfully
BluetoothUserService_43375 => service not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E15D0692-401F-477B-A71E-D377FC1D0682} => could not remove key. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E15D0692-401F-477B-A71E-D377FC1D0682}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => key not found
C:\ProgramData\NERO\NERO TUNEITUP => moved successfully
"C:\Users\All Users\NERO\NERO TUNEITUP" => not found
HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474} => key not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 49557797 B
Java, Flash, Steam htmlcache => 20271485 B
Windows/system/drivers => 2865848 B
Edge => 4193894 B
Chrome => 107068457 B
Firefox => 17231578 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
defaultuser0 => 0 B
Ententeak => 12014111 B

RecycleBin => 0 B
EmptyTemp: => 209.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:19:08 ====

Ako to vyzera s PC, nastala nejaka zmena?

no.. změna.. ono si to zamrzá jen tak nepravidelně občas.. takže je otázka, jak rychle poznám změnu
Ale jestli to vypadá čistě alespoň z pohledu logů, tak díky

Nie je zaco

Este upraceme po pouzitych nastrojoch:

• Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
• Uloz na plochu a spusti
• Nechaj oznacenu moznost "Remove disinfection tools"
• Klikni na "Run"