zodiac-game.info popup po spuštění pc

[louwe]

Dobrý den, nemohu si poradit s tímto vyskakovacím oknem. Dávám tedy zde log z RSIT a prosím o pomoc.

ím Logfile of random's system information tool 1.10 (written by random/random)
Run by Ondra at 2016-08-19 15:02:16
Microsoft Windows 10 Education
System drive C: has 36 GB (32%) free of 114 GB
Total RAM: 16346 MB (86% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:02:19, on 19.08.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Gyazo\GyStation.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Ondra\AppData\Local\Discord\app-0.0.295\Discord.exe
C:\Users\Ondra\AppData\Local\Discord\app-0.0.295\Discord.exe
C:\Users\Ondra\AppData\Local\Discord\app-0.0.295\Discord.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Ondra.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [zenvpn] C:\Program Files (x86)\ZenVPN OpenVPN bundle\bin\zenvpn.exe
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Ondra] explorer.exe http://sd-steam.info
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk = ?
O4 - Global Startup: SteelSeries Engine 3.lnk = C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = vsb.cz
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = vsb.cz
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\WINDOWS\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - D:\STAŽENÉ\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PAExec - Power Admin LLC - C:\Windows\PAExec.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem4.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12519 bytes

======Listing Processes======








winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork

C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\atiesrxx.exe
atieclxx
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\viakaraokesrv.exe
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Windows\system32\PnkBstrA.exe

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
sihost.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe" scan upload
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
"C:\Windows\SysWOW64\rundll32.exe" C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
"C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe" silentrun
"C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
"C:\Program Files (x86)\Gyazo\GyStation.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "http://sd-steam.info/"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=52.0.2743.116 --handshake-handle=0x248
"C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe" -dataPath="C:\ProgramData\SteelSeries\SteelSeries Engine 3" -dbEnv=production -auto=true
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6068.0.1672397097\1007075459" --mojo-application-channel-token=26529EECC72A0242CA473E522822B5FD --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/PreconnectMore/Default/*QUIC/EnabledLoadServerInfoTimeoutSrttMultiplier50/ReportCertificateErrors/ShowAndPossiblySend/ResourcePriorities/Launch25PermanentA_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SchedulerExpensiveTaskBlocking/Enabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,13,27,55 --gpu-vendor-id=0x1002 --gpu-device-id=0x67b0 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=16.300.2311.0 --gpu-driver-date=7-18-2016 --mojo-platform-channel-handle=1356 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/PreconnectMore/Default/*QUIC/EnabledLoadServerInfoTimeoutSrttMultiplier50/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch25PermanentA_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SchedulerExpensiveTaskBlocking/Enabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=25637BE9AE81DCADD73D1465A7810958 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=73FC06E00589F46F7D088185525C9E53 --mojo-application-channel-token=EBCC942E46C166AE3D6521A30CCBE4FB --channel="6068.2.369284521\1482835410" --mojo-platform-channel-handle=2356 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/PreconnectMore/Default/*QUIC/EnabledLoadServerInfoTimeoutSrttMultiplier50/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch25PermanentA_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SchedulerExpensiveTaskBlocking/Enabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=F3CA33613F20AA68D7553F764627CF9B --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=72D2C348B4CD179037AA5DB1DDCF3B75 --mojo-application-channel-token=A33B530894A6895F670586128D1AF9FB --channel="6068.3.475754960\513598895" --mojo-platform-channel-handle=2472 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/PreconnectMore/Default/*QUIC/EnabledLoadServerInfoTimeoutSrttMultiplier50/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch25PermanentA_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SchedulerExpensiveTaskBlocking/Enabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=31B1B1C0A3C8C924CF83E48DC9437E5C --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=3B433C7D904E7546ED6040D95508A1F4 --mojo-application-channel-token=5C660FE40610A5E1E14802C203F49B0F --channel="6068.4.1407067651\605818454" --mojo-platform-channel-handle=2376 /prefetch:1
"C:\WINDOWS\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 2050 J510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN19E1H63405QV;CONNECTION=USB;MONITOR=1;
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/PreconnectMore/Default/*QUIC/EnabledLoadServerInfoTimeoutSrttMultiplier50/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch25PermanentA_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SchedulerExpensiveTaskBlocking/Enabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=069A50C3C46DCB68F31F78C077DD4C2B --lang=cs --disable-client-side-phishing-detection --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=FD2B5AA8901D297D34CF3DE4ACF50F1D --mojo-application-channel-token=87B07AAB1D1B108758492AD91541D9B5 --channel="6068.5.1654551797\1100545563" --mojo-platform-channel-handle=3920 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/PreconnectMore/Default/*QUIC/EnabledLoadServerInfoTimeoutSrttMultiplier50/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch25PermanentA_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SchedulerExpensiveTaskBlocking/Enabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=B67F84E559304802B847C85D8EF9235B --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=5497E66B9BF0C285E9D425966B2BD43F --mojo-application-channel-token=4A942A6C020915A399A9514D7C78F0DF --channel="6068.6.1956772949\1079260173" --mojo-platform-channel-handle=4060 /prefetch:1
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Users\Ondra\AppData\Local\Discord\app-0.0.295\Discord.exe"
"C:\Users\Ondra\AppData\Local\Discord\app-0.0.295\Discord.exe" --type=gpu-process --channel="7120.0.1571167614\597754405" --mojo-application-channel-token=AE4334AF903582814D6A9F626D8E0A82 --no-sandbox --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,13,27,55 --gpu-vendor-id=0x1002 --gpu-device-id=0x67b0 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=16.300.2311.0 --gpu-driver-date=7-18-2016 --mojo-platform-channel-handle=1444 /prefetch:2
C:\WINDOWS\system32\AUDIODG.EXE 0x22c
"C:\Users\Ondra\AppData\Local\Discord\app-0.0.295\Discord.exe" --type=renderer --no-sandbox --primordial-pipe-token=329297C4033E52297E17C96383AB80D1 --lang=cs --app-user-model-id=com.squirrel.Discord.Discord --node-integration=true --background-color=#282b30 --enable-blink-features=EnumerateDevices,AudioOutputDevices --hidden-page --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=F6002A5D5CA1D4FE587DEAF1F2671637 --mojo-application-channel-token=A5850FDA4E77A2AE768D2D3C8DCF8EFF --channel="7120.2.1462417810\1989766563" --mojo-platform-channel-handle=2424 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/*PreconnectMore/Default/*QUIC/EnabledLoadServerInfoTimeoutSrttMultiplier50/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch25PermanentA_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SchedulerExpensiveTaskBlocking/Enabled/*SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=B8669F774FF2EFFC60D9F99ACE6B6F93 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=B4D90D640E6ABC84B4C7D06EFF62A210 --mojo-application-channel-token=02D1C26AFD118798C9F52D970B696D00 --channel="6068.15.294540595\1509215667" --mojo-platform-channel-handle=5316 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/*PasswordSmartBubble/Default/*PreconnectMore/Default/*QUIC/EnabledLoadServerInfoTimeoutSrttMultiplier50/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch25PermanentA_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SchedulerExpensiveTaskBlocking/Enabled/*SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=4BFD5C8A7D1656F0F135459DC7756E02 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=B3869C409A3956F388F80E130FCF106D --mojo-application-channel-token=AD7260EDF755A2FCA764A333A7C906BC --channel="6068.18.2049777319\1864370175" --mojo-platform-channel-handle=7636 /prefetch:1
wmiadap.exe /F /T /R
C:\WINDOWS\system32\wbem\wmiprvse.exe
"D:\STAŽENÉ\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe /NOUACCHECK
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-07-27 213200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-27 2099504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-07-27 154832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-07-27 1522992]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Cm108Sound"=C:\Windows\syswow64\RunDll32.exe [2016-07-16 61952]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]
"StartCN"=C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [2016-07-18 6626696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-02-12 8641240]
"Gyazo"=C:\Program Files (x86)\Gyazo\GyStation.exe [2016-06-02 3582240]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-08-16 2857248]
"Ondra"=explorer.exe http://sd-steam.info []
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
"zenvpn"=C:\Program Files (x86)\ZenVPN OpenVPN bundle\bin\zenvpn.exe []
"Cisco AnyConnect Secure Mobility Agent for Windows"=C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2016-02-29 766464]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SteelSeries Engine 3.lnk - C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe

C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk - C:\WINDOWS\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-08-19 15:02:16 ----D---- C:\rsit
2016-08-19 15:02:16 ----D---- C:\Program Files\trend micro
2016-08-19 14:36:42 ----D---- C:\KVRT_Data
2016-08-19 14:25:38 ----D---- C:\Program Files\Common Files\AV
2016-08-19 14:20:29 ----A---- C:\WINDOWS\system32\sdnclean64.exe
2016-08-19 14:20:28 ----D---- C:\ProgramData\Spybot - Search & Destroy
2016-08-19 14:20:22 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-08-19 13:43:47 ----D---- C:\ProgramData\ESET
2016-08-19 13:43:45 ----D---- C:\Program Files\ESET
2016-08-19 13:27:50 ----D---- C:\ProgramData\Malwarebytes
2016-08-16 13:08:44 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2016-08-16 13:08:38 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2016-08-16 13:08:38 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2016-08-16 13:08:38 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-08-15 22:20:39 ----D---- C:\WINDOWS\LastGood.Tmp
2016-08-15 15:58:01 ----D---- C:\ProgramData\Steam
2016-08-13 01:52:42 ----D---- C:\ProgramData\SkidRow
2016-08-12 20:14:16 ----D---- C:\Users\Ondra\AppData\Roaming\HelloGames
2016-08-10 12:01:37 ----A---- C:\WINDOWS\system32\win32u.dll
2016-08-10 12:01:37 ----A---- C:\WINDOWS\system32\win32k.sys
2016-08-10 12:01:36 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2016-08-10 12:01:36 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-08-10 12:01:35 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-08-10 12:01:35 ----A---- C:\WINDOWS\system32\shell32.dll
2016-08-10 12:01:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-10 12:01:27 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2016-08-10 12:01:27 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-08-10 12:01:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2016-08-10 12:01:26 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-08-10 12:01:26 ----A---- C:\WINDOWS\SYSWOW64\offlinelsa.dll
2016-08-10 12:01:25 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-08-10 12:01:25 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 12:01:24 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-08-10 12:01:20 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2016-08-10 12:01:20 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2016-08-10 12:01:20 ----A---- C:\WINDOWS\SYSWOW64\Chakrathunk.dll
2016-08-10 12:01:20 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-08-10 12:01:19 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2016-08-10 12:01:18 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2016-08-10 12:01:18 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-08-10 12:01:18 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2016-08-10 12:01:17 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-08-10 12:01:17 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-08-10 12:01:17 ----A---- C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-10 12:01:17 ----A---- C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-10 12:01:17 ----A---- C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-10 12:01:17 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-10 12:01:17 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2016-08-10 12:01:17 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-08-10 12:01:16 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-10 12:01:16 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-08-10 12:01:16 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-08-10 12:01:16 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 12:01:16 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-08-10 12:01:16 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-10 12:01:15 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-08-10 12:01:15 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-10 12:01:15 ----A---- C:\WINDOWS\system32\shutdownux.dll
2016-08-10 12:01:15 ----A---- C:\WINDOWS\system32\mspaint.exe
2016-08-10 12:01:15 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-10 12:01:14 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-08-10 12:01:14 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2016-08-10 12:01:14 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-08-10 12:01:14 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2016-08-10 12:01:14 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2016-08-10 12:01:13 ----A---- C:\WINDOWS\system32\twinui.dll
2016-08-10 12:01:13 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-08-10 12:01:13 ----A---- C:\WINDOWS\system32\aclui.dll
2016-08-10 12:01:12 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-08-10 12:01:12 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-08-10 12:01:12 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-08-10 01:01:23 ----A---- C:\WINDOWS\system32\drivers\EasyAntiCheat.sys
2016-08-10 01:01:18 ----A---- C:\WINDOWS\SYSWOW64\EasyAntiCheat.exe
2016-08-10 00:50:17 ----D---- C:\Users\Ondra\AppData\Roaming\SpaceEngineers
2016-08-07 21:14:06 ----DC---- C:\WINDOWS\Panther
2016-08-07 21:12:50 ----D---- C:\Windows.old
2016-08-07 21:12:50 ----D---- C:\Program Files\CMAK
2016-08-07 21:12:50 ----D---- C:\Program Files (x86)\CMAK
2016-08-07 21:12:47 ----A---- C:\WINDOWS\SYSWOW64\wevtapi.dll
2016-08-07 21:12:47 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2016-08-07 21:12:47 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-08-07 21:12:47 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2016-08-07 21:12:47 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2016-08-07 21:12:47 ----A---- C:\WINDOWS\system32\wevtapi.dll
2016-08-07 21:12:47 ----A---- C:\WINDOWS\system32\user32.dll
2016-08-07 21:12:47 ----A---- C:\WINDOWS\system32\msctf.dll
2016-08-07 21:12:47 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2016-08-07 21:12:47 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-08-07 21:12:47 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-08-07 21:12:47 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-08-07 21:12:47 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2016-08-07 21:12:47 ----A---- C:\WINDOWS\system32\cdd.dll
2016-08-07 21:12:47 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-08-07 21:12:22 ----D---- C:\WINDOWS\system32\Microsoft
2016-08-07 21:11:44 ----D---- C:\WINDOWS\SYSWOW64\XPSViewer
2016-08-07 21:11:44 ----D---- C:\Program Files (x86)\Reference Assemblies
2016-08-07 21:11:44 ----D---- C:\Program Files (x86)\MSBuild
2016-08-07 21:11:43 ----D---- C:\Program Files\Reference Assemblies
2016-08-07 21:11:43 ----D---- C:\Program Files\MSBuild
2016-08-07 21:11:29 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2016-08-07 21:11:29 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
2016-08-07 21:11:29 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-07 21:11:28 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-07 21:11:28 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-07 21:11:28 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-07 20:34:29 ----D---- C:\ProgramData\Microsoft OneDrive
2016-08-07 20:23:54 ----D---- C:\ProgramData\USOShared
2016-08-07 20:23:21 ----SHD---- C:\Recovery
2016-08-07 20:22:21 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2016-08-07 20:21:29 ----ASH---- C:\hiberfil.sys
2016-08-07 20:16:14 ----SD---- C:\Users\Ondra\AppData\Roaming\Microsoft
2016-08-07 20:15:30 ----AS---- C:\WINDOWS\bootstat.dat
2016-08-07 20:15:23 ----D---- C:\Program Files\Common Files\ATI Technologies
2016-08-07 20:15:23 ----AD---- C:\Program Files\AMD
2016-08-07 20:15:17 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2016-08-07 20:15:14 ----D---- C:\Program Files\VIA
2016-08-07 20:14:47 ----D---- C:\WINDOWS\system32\SleepStudy
2016-08-07 20:14:47 ----D---- C:\WINDOWS\ServiceProfiles
2016-08-07 20:14:47 ----D---- C:\WINDOWS\Prefetch
2016-08-07 20:14:42 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-07 20:01:04 ----HD---- C:\$WINDOWS.~BT
2016-08-07 20:00:02 ----A---- C:\WINDOWS\progress.ini
2016-08-07 19:57:03 ----HD---- C:\$SysReset
2016-08-07 19:52:08 ----HD---- C:\$GetCurrent
2016-08-07 19:51:47 ----D---- C:\Windows10Upgrade
2016-08-07 19:29:25 ----D---- C:\Riot Games
2016-08-07 19:13:11 ----D---- C:\Users\Ondra\AppData\Roaming\ATI
2016-08-07 19:13:11 ----D---- C:\ProgramData\ATI
2016-08-07 17:57:58 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2016-08-07 17:57:58 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2016-08-07 17:57:58 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2016-08-07 17:57:58 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2016-08-07 17:57:49 ----AD---- C:\Program Files (x86)\AMD
2016-08-07 17:56:10 ----D---- C:\AMD
2016-08-03 15:55:35 ----A---- C:\WINDOWS\PAExec.exe
2016-08-03 15:09:53 ----ASH---- C:\swapfile.sys
2016-08-03 15:09:53 ----ASH---- C:\pagefile.sys
2016-08-01 14:49:21 ----D---- C:\Users\Ondra\AppData\Roaming\Frontier Developments
2016-07-28 13:09:35 ----D---- C:\ProgramData\LogMeIn
2016-07-28 13:06:31 ----A---- C:\WINDOWS\system32\drivers\hamachi.sys
2016-07-28 13:04:35 ----D---- C:\Program Files (x86)\Seznam.cz
2016-07-28 13:04:26 ----D---- C:\Users\Ondra\AppData\Roaming\Seznam.cz
2016-07-28 13:04:24 ----D---- C:\Users\Ondra\AppData\Roaming\Hamachi
2016-07-27 12:37:33 ----D---- C:\dev
2016-07-25 22:56:22 ----A---- C:\WINDOWS\SYSWOW64\atiumdag.dll
2016-07-25 22:56:06 ----A---- C:\WINDOWS\system32\atiumd6a.dll
2016-07-25 22:56:00 ----A---- C:\WINDOWS\system32\atiumd64.dll
2016-07-25 22:55:56 ----A---- C:\WINDOWS\SYSWOW64\atiu9pag.dll
2016-07-25 22:55:54 ----A---- C:\WINDOWS\SYSWOW64\atimpc32.dll
2016-07-25 22:55:54 ----A---- C:\WINDOWS\system32\atiu9p64.dll
2016-07-25 22:55:54 ----A---- C:\WINDOWS\system32\atimpc64.dll
2016-07-25 22:55:26 ----A---- C:\WINDOWS\system32\amdxc64.dll
2016-07-25 22:55:18 ----A---- C:\WINDOWS\SYSWOW64\amdxc32.dll
2016-07-25 22:55:12 ----A---- C:\WINDOWS\SYSWOW64\amdpcom32.dll
2016-07-25 22:55:12 ----A---- C:\WINDOWS\system32\amdpcom64.dll
2016-07-25 22:55:12 ----A---- C:\WINDOWS\system32\amdmiracast.dll
2016-07-25 22:55:10 ----A---- C:\WINDOWS\SYSWOW64\amdhcp32.dll
2016-07-25 22:55:10 ----A---- C:\WINDOWS\system32\amdhcp64.dll
2016-07-25 22:54:56 ----A---- C:\WINDOWS\system32\amdave64.dll
2016-07-25 22:54:54 ----A---- C:\WINDOWS\SYSWOW64\amdave32.dll
2016-07-25 22:53:52 ----A---- C:\WINDOWS\system32\mantleaxl64.dll
2016-07-25 22:53:50 ----A---- C:\WINDOWS\system32\mantle64.dll
2016-07-25 22:53:48 ----A---- C:\WINDOWS\SYSWOW64\mantle32.dll
2016-07-25 22:53:48 ----A---- C:\WINDOWS\SYSWOW64\hsa-thunk.dll
2016-07-25 22:53:48 ----A---- C:\WINDOWS\system32\hsa-thunk64.dll
2016-07-25 22:53:46 ----A---- C:\WINDOWS\system32\GameManager64.dll
2016-07-25 22:53:42 ----A---- C:\WINDOWS\system32\detoured.dll
2016-07-25 22:53:40 ----A---- C:\WINDOWS\system32\coinst_16.30.dll
2016-07-25 22:53:40 ----A---- C:\WINDOWS\system32\clinfo.exe
2016-07-25 22:53:08 ----A---- C:\WINDOWS\SYSWOW64\atisamu32.dll
2016-07-25 22:53:08 ----A---- C:\WINDOWS\system32\atitmm64.dll
2016-07-25 22:53:08 ----A---- C:\WINDOWS\system32\atisamu64.dll
2016-07-25 22:53:04 ----A---- C:\WINDOWS\SYSWOW64\atioglxx.dll
2016-07-25 22:52:58 ----A---- C:\WINDOWS\system32\ATIODCLI.exe
2016-07-25 22:52:30 ----A---- C:\WINDOWS\system32\atimuixx.dll
2016-07-25 22:52:14 ----A---- C:\WINDOWS\SYSWOW64\atiglpxx.dll
2016-07-25 22:52:14 ----A---- C:\WINDOWS\system32\atiglpxx.dll
2016-07-25 22:52:12 ----A---- C:\WINDOWS\SYSWOW64\atigktxx.dll
2016-07-25 22:52:12 ----A---- C:\WINDOWS\system32\atig6txx.dll
2016-07-25 22:52:12 ----A---- C:\WINDOWS\system32\atig6pxx.dll
2016-07-25 22:52:10 ----A---- C:\WINDOWS\system32\atiesrxx.exe
2016-07-25 22:52:08 ----A---- C:\WINDOWS\SYSWOW64\atieah32.exe
2016-07-25 22:52:08 ----A---- C:\WINDOWS\system32\atieclxx.exe
2016-07-25 22:52:08 ----A---- C:\WINDOWS\system32\atieah64.exe
2016-07-25 22:52:06 ----A---- C:\WINDOWS\system32\atidemgy.dll
2016-07-25 22:52:04 ----A---- C:\WINDOWS\SYSWOW64\aticalrt.dll
2016-07-25 22:52:04 ----A---- C:\WINDOWS\system32\aticalrt64.dll
2016-07-25 22:52:02 ----A---- C:\WINDOWS\system32\aticaldd64.dll
2016-07-25 22:51:54 ----A---- C:\WINDOWS\SYSWOW64\aticaldd.dll
2016-07-25 22:51:46 ----A---- C:\WINDOWS\system32\aticalcl64.dll
2016-07-25 22:51:44 ----A---- C:\WINDOWS\SYSWOW64\aticalcl.dll
2016-07-25 22:51:42 ----A---- C:\WINDOWS\SYSWOW64\atiadlxy.dll
2016-07-25 22:51:42 ----A---- C:\WINDOWS\SYSWOW64\atiadlxx.dll
2016-07-25 22:51:42 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2016-07-25 22:51:40 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2016-07-25 22:51:38 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll
2016-07-25 22:51:36 ----A---- C:\WINDOWS\system32\amfrt64.dll
2016-07-25 22:51:34 ----A---- C:\WINDOWS\SYSWOW64\amfrt32.dll
2016-07-25 22:51:16 ----A---- C:\WINDOWS\system32\amdvlk64.dll
2016-07-25 22:51:12 ----A---- C:\WINDOWS\SYSWOW64\amdvlk32.dll
2016-07-25 22:51:08 ----A---- C:\WINDOWS\system32\amdoclvp9lib64.dll
2016-07-25 22:51:06 ----A---- C:\WINDOWS\SYSWOW64\amdoclvp9lib32.dll
2016-07-25 22:51:00 ----A---- C:\WINDOWS\system32\amdocl64.dll
2016-07-25 22:50:46 ----A---- C:\WINDOWS\system32\amdocl12cl64.dll
2016-07-25 22:50:36 ----A---- C:\WINDOWS\SYSWOW64\amdocl12cl.dll
2016-07-25 22:50:26 ----A---- C:\WINDOWS\SYSWOW64\amdocl.dll
2016-07-25 22:50:04 ----A---- C:\WINDOWS\SYSWOW64\amdmmcl.dll
2016-07-25 22:50:04 ----A---- C:\WINDOWS\system32\amdmmcl6.dll
2016-07-25 22:49:58 ----A---- C:\WINDOWS\system32\amdmcl64.dll
2016-07-25 22:49:56 ----A---- C:\WINDOWS\SYSWOW64\amdmcl32.dll
2016-07-25 22:49:52 ----A---- C:\WINDOWS\system32\amdmantle64.dll
2016-07-25 22:49:46 ----A---- C:\WINDOWS\SYSWOW64\amdmantle32.dll
2016-07-25 22:49:42 ----A---- C:\WINDOWS\system32\amdlvr64.dll
2016-07-25 22:49:38 ----A---- C:\WINDOWS\SYSWOW64\amdlvr32.dll
2016-07-25 22:49:30 ----A---- C:\WINDOWS\SYSWOW64\amdhdl32.dll
2016-07-25 22:49:30 ----A---- C:\WINDOWS\system32\amdhdl64.dll
2016-07-25 22:49:28 ----A---- C:\WINDOWS\SYSWOW64\amdgfxinfo32.dll
2016-07-25 22:49:26 ----A---- C:\WINDOWS\system32\drivers\amdacpksd.sys
2016-07-25 22:49:24 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2016-07-25 22:49:24 ----A---- C:\WINDOWS\system32\OpenCL.dll
2016-07-25 22:45:24 ----A---- C:\WINDOWS\system32\atio6axx.dll
2016-07-25 22:45:18 ----A---- C:\WINDOWS\SYSWOW64\mantleaxl32.dll
2016-07-25 22:45:18 ----A---- C:\WINDOWS\system32\dgtrayicon.exe
2016-07-25 22:45:16 ----A---- C:\WINDOWS\system32\ATIODE.exe
2016-07-25 22:45:08 ----A---- C:\WINDOWS\system32\amdgfxinfo64.dll
2016-07-25 13:39:44 ----A---- C:\WINDOWS\system32\ativvaxy_vi_nd.dat
2016-07-25 13:39:42 ----A---- C:\WINDOWS\system32\ativvaxy_stn_nd.dat
2016-07-25 13:39:42 ----A---- C:\WINDOWS\system32\ativvaxy_FJ_nd.dat
2016-07-25 13:39:42 ----A---- C:\WINDOWS\system32\ativvaxy_FJ.dat
2016-07-25 13:39:42 ----A---- C:\WINDOWS\system32\ativvaxy_el_nd.dat
2016-07-25 13:39:42 ----A---- C:\WINDOWS\system32\ativvaxy_cz_nd.dat
2016-07-25 13:39:42 ----A---- C:\WINDOWS\system32\ativvaxy_cik_nd.dat
2016-07-25 13:39:42 ----A---- C:\WINDOWS\system32\ativvaxy_cik.dat
2016-07-25 13:39:40 ----A---- C:\WINDOWS\system32\ativce03.dat
2016-07-25 13:39:40 ----A---- C:\WINDOWS\system32\ativce02.dat
2016-07-25 13:37:52 ----A---- C:\WINDOWS\system32\amdicdxx.dat
2016-07-25 13:37:48 ----A---- C:\WINDOWS\system32\amde34b.dat
2016-07-25 13:37:48 ----A---- C:\WINDOWS\system32\amde34a.dat
2016-07-25 13:37:48 ----A---- C:\WINDOWS\system32\amde31a.dat
2016-07-20 15:30:18 ----D---- C:\Users\Ondra\AppData\Roaming\Guild Wars 2

======List of files/folders modified in the last 1 month======

2016-08-19 15:02:16 ----RD---- C:\Program Files
2016-08-19 15:02:12 ----D---- C:\WINDOWS\Temp
2016-08-19 14:59:01 ----D---- C:\WINDOWS\system32\sru
2016-08-19 14:57:23 ----D---- C:\Windows
2016-08-19 14:57:02 ----D---- C:\WINDOWS\system32\drivers\etc
2016-08-19 14:57:01 ----D---- C:\WINDOWS\SoftwareDistribution
2016-08-19 14:57:01 ----D---- C:\WINDOWS\INF
2016-08-19 14:56:58 ----SHD---- C:\Config.Msi
2016-08-19 14:56:58 ----D---- C:\WINDOWS\system32\drivers
2016-08-19 14:56:25 ----D---- C:\WINDOWS\system32\catroot2
2016-08-19 14:55:58 ----D---- C:\Users\Ondra\AppData\Roaming\TS3Client
2016-08-19 14:55:58 ----D---- C:\Program Files (x86)\Steam
2016-08-19 14:55:56 ----D---- C:\WINDOWS\Logs
2016-08-19 14:55:56 ----D---- C:\WINDOWS\debug
2016-08-19 14:39:57 ----D---- C:\WINDOWS\system32\CatRoot
2016-08-19 14:39:56 ----D---- C:\WINDOWS\system32\DriverStore
2016-08-19 14:38:46 ----SHDC---- C:\WINDOWS\Installer
2016-08-19 14:38:45 ----RD---- C:\Program Files (x86)
2016-08-19 14:38:45 ----D---- C:\WINDOWS\system32\Tasks
2016-08-19 14:38:21 ----D---- C:\WINDOWS\SysWOW64
2016-08-19 14:38:21 ----D---- C:\WINDOWS\System32
2016-08-19 14:37:32 ----AD---- C:\Program Files (x86)\Battlelog Web Plugins
2016-08-19 14:30:28 ----HD---- C:\ProgramData
2016-08-19 14:28:51 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-19 14:25:38 ----D---- C:\Program Files\Common Files
2016-08-19 14:20:34 ----SD---- C:\ProgramData\Microsoft
2016-08-19 13:44:07 ----HD---- C:\WINDOWS\ELAMBKUP
2016-08-19 01:36:29 ----RD---- C:\WINDOWS\Microsoft.NET
2016-08-18 21:37:15 ----D---- C:\WINDOWS\AppReadiness
2016-08-18 21:34:27 ----AD---- C:\Program Files (x86)\Battle.net
2016-08-18 20:30:34 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-08-18 20:20:55 ----D---- C:\Users\Ondra\AppData\Roaming\DesktopOK
2016-08-18 18:04:21 ----D---- C:\Users\Ondra\AppData\Roaming\vlc
2016-08-17 14:46:19 ----HD---- C:\Program Files\WindowsApps
2016-08-14 00:26:39 ----D---- C:\Program Files (x86)\SpeedFan
2016-08-11 16:07:49 ----D---- C:\WINDOWS\system32\config
2016-08-11 12:08:55 ----D---- C:\WINDOWS\rescache
2016-08-11 11:59:26 ----D---- C:\WINDOWS\WinSxS
2016-08-10 18:47:31 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\zh-TW
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\zh-HK
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\zh-CN
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\uk-UA
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\tr-TR
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\th-TH
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\sv-SE
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\sl-SI
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\sk-SK
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\ru-RU
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\ro-RO
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\pt-PT
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\pt-BR
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\pl-PL
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\nl-NL
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\nb-NO
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\lv-LV
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\lt-LT
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\ko-KR
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\ja-jp
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\it-IT
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\hu-HU
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\hr-HR
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\he-IL
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\fr-FR
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\fr-CA
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\fi-FI
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\et-EE
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\es-MX
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\es-ES
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\en-US
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\en-GB
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\el-GR
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\de-DE
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\da-DK
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\cs-CZ
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\bg-BG
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\ar-SA
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\appraiser
2016-08-10 18:47:28 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-08-10 18:47:28 ----D---- C:\WINDOWS\ShellExperiences
2016-08-10 18:47:28 ----D---- C:\Program Files\Windows Mail
2016-08-10 18:47:28 ----D---- C:\Program Files (x86)\Windows Mail
2016-08-10 16:23:03 ----D---- C:\WINDOWS\CbsTemp
2016-08-10 16:22:55 ----D---- C:\WINDOWS\system32\MRT
2016-08-10 16:20:57 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-08-10 11:52:12 ----RD---- C:\WINDOWS\assembly
2016-08-08 09:29:49 ----D---- C:\WINDOWS\appcompat
2016-08-08 09:28:28 ----D---- C:\WINDOWS\system32\WDI
2016-08-08 09:26:59 ----D---- C:\WINDOWS\system32\LogFiles
2016-08-07 21:14:02 ----D---- C:\WINDOWS\Setup
2016-08-07 21:11:44 ----D---- C:\WINDOWS\SYSWOW64\MUI
2016-08-07 21:11:44 ----D---- C:\WINDOWS\system32\MUI
2016-08-07 21:11:42 ----A---- C:\WINDOWS\SYSWOW64\dpwsockx.dll
2016-08-07 21:11:42 ----A---- C:\WINDOWS\SYSWOW64\dpmodemx.dll
2016-08-07 21:11:42 ----A---- C:\WINDOWS\SYSWOW64\dplayx.dll
2016-08-07 21:11:42 ----A---- C:\WINDOWS\SYSWOW64\dplaysvr.exe
2016-08-07 21:11:41 ----A---- C:\WINDOWS\SYSWOW64\dpnsvr.exe
2016-08-07 21:11:41 ----A---- C:\WINDOWS\SYSWOW64\dpnlobby.dll
2016-08-07 21:11:41 ----A---- C:\WINDOWS\SYSWOW64\dpnhupnp.dll
2016-08-07 21:11:41 ----A---- C:\WINDOWS\SYSWOW64\dpnhpast.dll
2016-08-07 21:11:41 ----A---- C:\WINDOWS\SYSWOW64\dpnet.dll
2016-08-07 21:11:41 ----A---- C:\WINDOWS\SYSWOW64\dpnathlp.dll
2016-08-07 21:11:41 ----A---- C:\WINDOWS\SYSWOW64\dpnaddr.dll
2016-08-07 21:11:40 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2016-08-07 21:11:40 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2016-08-07 21:11:40 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2016-08-07 21:11:40 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2016-08-07 21:11:40 ----A---- C:\WINDOWS\system32\dpnet.dll
2016-08-07 21:11:40 ----A---- C:\WINDOWS\system32\dpnathlp.dll
2016-08-07 21:11:40 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2016-08-07 20:25:47 ----D---- C:\WINDOWS\system32\wbem
2016-08-07 20:23:54 ----D---- C:\ProgramData\USOPrivate
2016-08-07 20:23:50 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2016-08-07 20:23:21 ----D---- C:\Program Files\Windows NT
2016-08-07 20:22:52 ----D---- C:\WINDOWS\Registration
2016-08-07 20:22:41 ----RSD---- C:\WINDOWS\Fonts
2016-08-07 20:22:41 ----D---- C:\WINDOWS\system32\WinBioDatabase
2016-08-07 20:22:41 ----D---- C:\WINDOWS\system32\Tasks_Migrated
2016-08-07 20:22:20 ----D---- C:\WINDOWS\Tasks
2016-08-07 20:21:02 ----D---- C:\WINDOWS\system32\CodeIntegrity
2016-08-07 20:17:37 ----D---- C:\WINDOWS\twain_32
2016-08-07 20:17:37 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-08-07 20:17:36 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-08-07 20:17:35 ----D---- C:\WINDOWS\system32\SRSLabs
2016-08-07 20:17:35 ----D---- C:\WINDOWS\system32\spool
2016-08-07 20:17:34 ----D---- C:\WINDOWS\system32\NDF
2016-08-07 20:17:29 ----D---- C:\WINDOWS\system32\appmgmt
2016-08-07 20:17:28 ----D---- C:\WINDOWS\System
2016-08-07 20:17:28 ----D---- C:\WINDOWS\LiveKernelReports
2016-08-07 20:17:26 ----RD---- C:\Users
2016-08-07 20:17:24 ----D---- C:\Program Files\Common Files\microsoft shared
2016-08-07 20:17:24 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-08-07 20:17:24 ----D---- C:\Program Files (x86)\Common Files
2016-08-07 20:16:40 ----HD---- C:\WINDOWS\system32\GroupPolicy
2016-08-07 20:16:39 ----D---- C:\WINDOWS\system32\Recovery
2016-08-07 20:16:02 ----D---- C:\WINDOWS\system32\Sysprep
2016-08-07 20:15:39 ----RD---- C:\WINDOWS\PrintDialog
2016-08-07 20:15:39 ----RD---- C:\WINDOWS\MiracastView
2016-08-07 19:28:59 ----D---- C:\Users\Ondra\AppData\Roaming\Riot Games
2016-08-04 08:24:54 ----SHD---- C:\$Recycle.Bin
2016-08-03 20:10:32 ----D---- C:\Users\Ondra\AppData\Roaming\TeamViewer
2016-08-02 10:37:54 ----D---- C:\Users\Ondra\AppData\Roaming\discord
2016-08-01 20:30:10 ----A---- C:\WINDOWS\SYSWOW64\PnkBstrB.exe
2016-07-27 21:25:34 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2016-07-27 10:09:15 ----AD---- C:\Program Files (x86)\Microsoft Office
2016-07-25 22:56:30 ----A---- C:\WINDOWS\SYSWOW64\atiuxpag.dll
2016-07-25 22:56:28 ----A---- C:\WINDOWS\SYSWOW64\atiumdva.dll
2016-07-25 22:56:28 ----A---- C:\WINDOWS\system32\atiuxp64.dll
2016-07-25 22:55:52 ----A---- C:\WINDOWS\system32\atidxx64.dll
2016-07-25 22:55:48 ----A---- C:\WINDOWS\SYSWOW64\atidxx32.dll
2016-07-25 22:55:38 ----A---- C:\WINDOWS\system32\aticfx64.dll
2016-07-25 22:55:34 ----A---- C:\WINDOWS\SYSWOW64\aticfx32.dll
2016-07-25 22:53:46 ----A---- C:\WINDOWS\SYSWOW64\GameManager32.dll
2016-07-25 22:53:40 ----A---- C:\WINDOWS\SYSWOW64\detoured.dll
2016-07-23 20:46:18 ----D---- C:\Users\Ondra\AppData\Roaming\steelseries-engine-3-client

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2016-06-28 199328]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-07-16 45920]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2016-06-28 263336]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2016-06-28 197288]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2014-12-21 40344]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R2 amdacpksd;ACP Kernel Service Driver; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [2016-07-25 313760]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 epfwwfpr;epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [2016-06-28 181416]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2016-07-16 78336]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2016-07-25 26717720]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2016-07-25 509464]
R3 AtiHDAudioService;@oem24.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2016-06-02 101376]
R3 bcmsmbsp;@oem1.inf,%bcmsmbsp.SVCDESC%;SMBus Controller Service; C:\WINDOWS\System32\drivers\bcmsmbsp.sys [2015-07-10 53024]
R3 int0800;@oem27.inf,%Flashud_svcdesc%;Intel 28F320C3 Flash Update Device Driver v6.4; C:\WINDOWS\System32\drivers\flashud.sys [2009-09-09 51712]
R3 L1C;@oem5.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2015-10-01 161864]
R3 MEIx64;@oem15.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-10-08 185600]
R3 SaiK0728;SaiK0728; C:\WINDOWS\system32\DRIVERS\SaiK0728.sys [2015-10-13 180896]
R3 ssdevfactory;@oem31.inf,%ssdevfactory.SVCDESC%;SteelSeries Device Factory Service; C:\WINDOWS\System32\drivers\ssdevfactory.sys [2015-10-03 40568]
R3 tap0901;@oem7.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\tap0901.sys [2014-11-05 27136]
S0 amdkmafd;@oem23.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2015-07-28 40720]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2016-06-28 15488]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2016-07-16 32096]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 acsock;acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [2016-02-29 133168]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2016-07-17 126304]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2016-07-17 157024]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2016-07-17 141152]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-07-16 117248]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2016-07-04 25640]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2016-07-04 25640]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2016-07-04 30528]
S3 Hamachi;@oem25.inf,%Hamachi.Service.DispName%;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\System32\drivers\Hamdrv.sys [2016-07-06 45680]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-07-16 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2016-08-19 192216]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2016-07-17 179040]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2016-07-16 95744]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys [2016-07-16 108544]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2016-07-16 50688]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2016-07-25 278544]
R2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2016-07-18 121856]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-03-02 83768]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_36f8c;CDPUserSvc_36f8c; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-07-17 2944768]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-06-10 2542216]
R2 OneSyncSvc_36f8c;Hostitel synchronizace_36f8c; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2016-04-03 76152]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 PimIndexMaintenanceSvc_36f8c;Data kontaktů_36f8c; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-12 154440]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 MBAMService;MBAMService; D:\STAŽENÉ\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbamservice.exe [2016-08-16 1136608]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EasyAntiCheat;EasyAntiCheat; C:\WINDOWS\syswow64\EasyAntiCheat.exe [2016-08-09 227104]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FlexNet Licensing Service;FlexNet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [2016-03-12 1104176]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-12 154440]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_36f8c;Služba zasílání zpráv_36f8c; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-06-10 2122248]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-07-16 200240]
S3 PAExec;PAExec; C:\Windows\PAExec.exe [2016-08-07 189112]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2016-07-17 2889896]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2016-07-16 1312768]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-08-16 1452320]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2016-07-16 287744]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2016-07-17 823136]
S4 MBAMScheduler;MBAMScheduler; \mbamscheduler.exe []
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]

-----------------EOF-----------------

[louwe]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ondra at 2016-08-19 15:24:43
Microsoft Windows 10 Education
System drive C: has 36 GB (32%) free of 114 GB
Total RAM: 16346 MB (81% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:24:44, on 19.08.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Gyazo\GyStation.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Users\Ondra\AppData\Local\Discord\app-0.0.295\Discord.exe
C:\Users\Ondra\AppData\Local\Discord\app-0.0.295\Discord.exe
C:\Users\Ondra\AppData\Local\Discord\app-0.0.295\Discord.exe
C:\Program Files\trend micro\Ondra.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [zenvpn] C:\Program Files (x86)\ZenVPN OpenVPN bundle\bin\zenvpn.exe
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Ondra] explorer.exe http://sd-steam.info
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_73351DC06A4629EA47799CC7BF4E395F] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk = ?
O4 - Global Startup: SteelSeries Engine 3.lnk = C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = vsb.cz
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = vsb.cz
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\WINDOWS\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - D:\STAŽENÉ\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PAExec - Power Admin LLC - C:\Windows\PAExec.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem4.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12080 bytes

======Listing Processes======








winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\atiesrxx.exe
atieclxx
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe"
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Windows\system32\PnkBstrA.exe
C:\WINDOWS\system32\viakaraokesrv.exe
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"

sihost.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe" scan upload
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
"C:\Windows\SysWOW64\rundll32.exe" C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
"C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe" silentrun
"C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
"C:\Program Files (x86)\Gyazo\GyStation.exe"
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe" -dataPath="C:\ProgramData\SteelSeries\SteelSeries Engine 3" -dbEnv=production -auto=true
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\WINDOWS\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 2050 J510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN19E1H63405QV;CONNECTION=USB;MONITOR=1;
C:\WINDOWS\system32\AUDIODG.EXE 0x3d8
"C:\Users\Ondra\AppData\Local\Discord\app-0.0.295\Discord.exe"
"C:\Users\Ondra\AppData\Local\Discord\app-0.0.295\Discord.exe" --type=gpu-process --channel="6468.0.1362202038\287341388" --mojo-application-channel-token=64581357962206298B9F8FA5954187D5 --no-sandbox --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,13,27,55 --gpu-vendor-id=0x1002 --gpu-device-id=0x67b0 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=16.300.2311.0 --gpu-driver-date=7-18-2016 --mojo-platform-channel-handle=1440 /prefetch:2
"C:\Users\Ondra\AppData\Local\Discord\app-0.0.295\Discord.exe" --type=renderer --no-sandbox --primordial-pipe-token=6DCC9B0334542EF846517B830AB6164A --lang=cs --app-user-model-id=com.squirrel.Discord.Discord --node-integration=true --background-color=#282b30 --enable-blink-features=EnumerateDevices,AudioOutputDevices --hidden-page --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=A88C0B2D7A22FED4F3DA6C15B9E6FE42 --mojo-application-channel-token=71FC398E88587C0AE3748C9FF43525D2 --channel="6468.2.594445799\698745898" --mojo-platform-channel-handle=2416 /prefetch:1
C:\WINDOWS\system32\wbem\wmiprvse.exe

"C:\Users\Ondra\Desktop\DesktopOK_x64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=52.0.2743.116 --handshake-handle=0x1b4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3376.0.2100769314\2000029263" --mojo-application-channel-token=6A3BDE725BD4174164D49DF3342A75E2 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Control/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/PreconnectMore/Default/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/ResourcePriorities/Launch25PermanentB_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SchedulerExpensiveTaskBlocking/Enabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_92/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,13,27,55 --gpu-vendor-id=0x1002 --gpu-device-id=0x67b0 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=16.300.2311.0 --gpu-driver-date=7-18-2016 --mojo-platform-channel-handle=1236 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Control/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/PreconnectMore/Default/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch25PermanentB_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SchedulerExpensiveTaskBlocking/Enabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_92/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=286EE868E32C10643293F64549A8B7C2 --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=8CC54A39867DE4071D1024A3A29EEDEF --mojo-application-channel-token=1787F9605917FDC6F2E2F77061B27908 --channel="3376.1.826709293\142100049" --mojo-platform-channel-handle=2300 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Control/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/*PreconnectMore/Default/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch25PermanentB_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SchedulerExpensiveTaskBlocking/Enabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_92/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=2C1D8D344A3D7A1096B74C44FC9C5C34 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=1A0AFDA3D136D7E9139E8D71A62C0EE2 --mojo-application-channel-token=CB7A13C9BD96AE72178FBDCCF38FB3DF --channel="3376.6.1089055460\985976707" --mojo-platform-channel-handle=4940 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Control/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/*PreconnectMore/Default/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch25PermanentB_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SchedulerExpensiveTaskBlocking/Enabled/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_92/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=8AD174258D2002AF85AE6876DA2AE3A3 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=B494615FE15E9CE1619115E7F1BDF223 --mojo-application-channel-token=842AD3281BE535FF9E4AE1D684A48834 --channel="3376.10.1201365909\77144274" --mojo-platform-channel-handle=6136 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi-broker --channel="3376.11.2104382249\1500849909" --lang=cs --device-scale-factor=1 --mojo-platform-channel-handle=6388 /prefetch:4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Control/*PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/*PreconnectMore/Default/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch25PermanentB_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SchedulerExpensiveTaskBlocking/Enabled/*SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_92/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=593B3B712968E142BEE881DD88D39540 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=9E5059C9F9A573FA94CA8FE45FEAFD62 --mojo-application-channel-token=1EF5EBBDA88C0E200A96B60CE2770212 --channel="3376.24.254779046\163881873" --mojo-platform-channel-handle=6616 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Control/*PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/*PreconnectMore/Default/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch25PermanentB_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SchedulerExpensiveTaskBlocking/Enabled/*SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_92/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=F7A7A88FC94C47BB803DF8D6FBD6F3F3 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=140FF403F9A86FD04E4F6182C60E18C0 --mojo-application-channel-token=FE0180031F5FC96162476A777ACE4438 --channel="3376.25.747109018\751312298" --mojo-platform-channel-handle=7760 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Control/*PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/*PreconnectMore/Default/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch25PermanentB_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SchedulerExpensiveTaskBlocking/Enabled/*SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_92/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=B5C390ED314B26674CEFED3FC96E8933 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=124782828D428FA25AC8596EF3F4391A --mojo-application-channel-token=B051131ACDFCBE0BE47B85B0C7AC0917 --channel="3376.28.2053935868\1382605037" --mojo-platform-channel-handle=5712 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Control/*PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/*PreconnectMore/Default/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch25PermanentB_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SchedulerExpensiveTaskBlocking/Enabled/*SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_92/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=942FDEEC4505DB2CF65FA93C3D306DB0 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=CD9759AEB9293CE8B9253E5E95D209A8 --mojo-application-channel-token=1B1677788B744BB9CE7D76E5ECA25C2E --channel="3376.32.1249625210\686272025" --mojo-platform-channel-handle=5208 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Control/*PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/*PreconnectMore/Default/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch25PermanentB_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SchedulerExpensiveTaskBlocking/Enabled/*SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_92/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=6C5C771FF8F23954F75FD71C53B3CCE1 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=0B931D1ED50249ACC9E2F98C4229E7B8 --mojo-application-channel-token=691D1A9DCBE17ADF82437A2E12DBE968 --channel="3376.43.303173773\1532052125" --mojo-platform-channel-handle=10376 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Control/*PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/*PreconnectMore/Default/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch25PermanentB_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SchedulerExpensiveTaskBlocking/Enabled/*SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_92/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=31E18CB426A936B9974F8D75CB722F18 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=C2599CB2F79626EE02DF6A0421110F48 --mojo-application-channel-token=357BEDA4E32858C1DAC47AABCC85FD90 --channel="3376.46.1959262884\703002091" --mojo-platform-channel-handle=7012 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Control/*PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/*PreconnectMore/Default/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch25PermanentB_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SchedulerExpensiveTaskBlocking/Enabled/*SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_92/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=4DE23ACC6ADC157D0EB124788E8D9016 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=D36424A27556C8FAFB756694B8C6FE5E --mojo-application-channel-token=AB0891269A0D514337FCFAD659DFB172 --channel="3376.47.301263622\1593255810" --mojo-platform-channel-handle=9968 /prefetch:1
wmiadap.exe /F /T /R
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\STAŽENÉ\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe /NOUACCHECK
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-07-27 213200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-27 2099504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-07-27 154832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-07-27 1522992]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Cm108Sound"=C:\Windows\syswow64\RunDll32.exe [2016-07-16 61952]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]
"StartCN"=C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [2016-07-18 6626696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-02-12 8641240]
"Gyazo"=C:\Program Files (x86)\Gyazo\GyStation.exe [2016-06-02 3582240]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-08-16 2857248]
"Ondra"=explorer.exe http://sd-steam.info []
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
"GoogleChromeAutoLaunch_73351DC06A4629EA47799CC7BF4E395F"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2016-08-03 1152840]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
"zenvpn"=C:\Program Files (x86)\ZenVPN OpenVPN bundle\bin\zenvpn.exe []
"Cisco AnyConnect Secure Mobility Agent for Windows"=C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2016-02-29 766464]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SteelSeries Engine 3.lnk - C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe

C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk - C:\WINDOWS\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-08-19 15:14:14 ----D---- C:\Program Files (x86)\Google
2016-08-19 15:02:16 ----D---- C:\rsit
2016-08-19 15:02:16 ----D---- C:\Program Files\trend micro
2016-08-19 14:36:42 ----D---- C:\KVRT_Data
2016-08-19 14:25:38 ----D---- C:\Program Files\Common Files\AV
2016-08-19 14:20:29 ----A---- C:\WINDOWS\system32\sdnclean64.exe
2016-08-19 14:20:28 ----D---- C:\ProgramData\Spybot - Search & Destroy
2016-08-19 14:20:22 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-08-19 13:43:47 ----D---- C:\ProgramData\ESET
2016-08-19 13:43:45 ----D---- C:\Program Files\ESET
2016-08-19 13:27:50 ----D---- C:\ProgramData\Malwarebytes
2016-08-16 13:08:44 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2016-08-16 13:08:38 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2016-08-16 13:08:38 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2016-08-16 13:08:38 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-08-15 22:20:39 ----D---- C:\WINDOWS\LastGood.Tmp
2016-08-15 15:58:01 ----D---- C:\ProgramData\Steam
2016-08-13 01:52:42 ----D---- C:\ProgramData\SkidRow
2016-08-12 20:14:16 ----D---- C:\Users\Ondra\AppData\Roaming\HelloGames
2016-08-10 12:01:37 ----A---- C:\WINDOWS\system32\win32u.dll
2016-08-10 12:01:37 ----A---- C:\WINDOWS\system32\win32k.sys
2016-08-10 12:01:36 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2016-08-10 12:01:36 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-08-10 12:01:35 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-08-10 12:01:35 ----A---- C:\WINDOWS\system32\shell32.dll
2016-08-10 12:01:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-10 12:01:27 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2016-08-10 12:01:27 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-08-10 12:01:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2016-08-10 12:01:26 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-08-10 12:01:26 ----A---- C:\WINDOWS\SYSWOW64\offlinelsa.dll
2016-08-10 12:01:25 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-08-10 12:01:25 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 12:01:24 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-08-10 12:01:20 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2016-08-10 12:01:20 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2016-08-10 12:01:20 ----A---- C:\WINDOWS\SYSWOW64\Chakrathunk.dll
2016-08-10 12:01:20 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-08-10 12:01:19 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2016-08-10 12:01:18 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2016-08-10 12:01:18 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-08-10 12:01:18 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2016-08-10 12:01:17 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-08-10 12:01:17 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-08-10 12:01:17 ----A---- C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-10 12:01:17 ----A---- C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-10 12:01:17 ----A---- C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-10 12:01:17 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-10 12:01:17 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2016-08-10 12:01:17 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-08-10 12:01:16 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-10 12:01:16 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-08-10 12:01:16 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-08-10 12:01:16 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 12:01:16 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-08-10 12:01:16 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-10 12:01:15 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-08-10 12:01:15 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-10 12:01:15 ----A---- C:\WINDOWS\system32\shutdownux.dll
2016-08-10 12:01:15 ----A---- C:\WINDOWS\system32\mspaint.exe
2016-08-10 12:01:15 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-10 12:01:14 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-08-10 12:01:14 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2016-08-10 12:01:14 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-08-10 12:01:14 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2016-08-10 12:01:14 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2016-08-10 12:01:13 ----A---- C:\WINDOWS\system32\twinui.dll
2016-08-10 12:01:13 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-08-10 12:01:13 ----A---- C:\WINDOWS\system32\aclui.dll
2016-08-10 12:01:12 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-08-10 12:01:12 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-08-10 12:01:12 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-08-10 01:01:23 ----A---- C:\WINDOWS\system32\drivers\EasyAntiCheat.sys
2016-08-10 01:01:18 ----A---- C:\WINDOWS\SYSWOW64\EasyAntiCheat.exe
2016-08-10 00:50:17 ----D---- C:\Users\Ondra\AppData\Roaming\SpaceEngineers
2016-08-07 21:14:06 ----DC---- C:\WINDOWS\Panther
2016-08-07 21:12:50 ----D---- C:\Windows.old
2016-08-07 21:12:50 ----D---- C:\Program Files\CMAK
2016-08-07 21:12:50 ----D---- C:\Program Files (x86)\CMAK
2016-08-07 21:12:47 ----A---- C:\WINDOWS\SYSWOW64\wevtapi.dll
2016-08-07 21:12:47 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2016-08-07 21:12:47 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-08-07 21:12:47 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2016-08-07 21:12:47 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2016-08-07 21:12:47 ----A---- C:\WINDOWS\system32\wevtapi.dll
2016-08-07 21:12:47 ----A---- C:\WINDOWS\system32\user32.dll
2016-08-07 21:12:47 ----A---- C:\WINDOWS\system32\msctf.dll
2016-08-07 21:12:47 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2016-08-07 21:12:47 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-08-07 21:12:47 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-08-07 21:12:47 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-08-07 21:12:47 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2016-08-07 21:12:47 ----A---- C:\WINDOWS\system32\cdd.dll
2016-08-07 21:12:47 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-08-07 21:12:22 ----D---- C:\WINDOWS\system32\Microsoft
2016-08-07 21:11:44 ----D---- C:\WINDOWS\SYSWOW64\XPSViewer
2016-08-07 21:11:44 ----D---- C:\Program Files (x86)\Reference Assemblies
2016-08-07 21:11:44 ----D---- C:\Program Files (x86)\MSBuild
2016-08-07 21:11:43 ----D---- C:\Program Files\Reference Assemblies
2016-08-07 21:11:43 ----D---- C:\Program Files\MSBuild
2016-08-07 21:11:29 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2016-08-07 21:11:29 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
2016-08-07 21:11:29 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-07 21:11:28 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-07 21:11:28 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-07 21:11:28 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-07 20:34:29 ----D---- C:\ProgramData\Microsoft OneDrive
2016-08-07 20:23:54 ----D---- C:\ProgramData\USOShared
2016-08-07 20:23:21 ----SHD---- C:\Recovery
2016-08-07 20:22:21 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2016-08-07 20:21:29 ----ASH---- C:\hiberfil.sys
2016-08-07 20:16:14 ----SD---- C:\Users\Ondra\AppData\Roaming\Microsoft
2016-08-07 20:15:30 ----AS---- C:\WINDOWS\bootstat.dat
2016-08-07 20:15:23 ----D---- C:\Program Files\Common Files\ATI Technologies
2016-08-07 20:15:23 ----AD---- C:\Program Files\AMD
2016-08-07 20:15:17 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2016-08-07 20:15:14 ----D---- C:\Program Files\VIA
2016-08-07 20:14:47 ----D---- C:\WINDOWS\system32\SleepStudy
2016-08-07 20:14:47 ----D---- C:\WINDOWS\ServiceProfiles
2016-08-07 20:14:47 ----D---- C:\WINDOWS\Prefetch
2016-08-07 20:14:42 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-07 20:01:04 ----HD---- C:\$WINDOWS.~BT
2016-08-07 20:00:02 ----A---- C:\WINDOWS\progress.ini
2016-08-07 19:57:03 ----HD---- C:\$SysReset
2016-08-07 19:52:08 ----HD---- C:\$GetCurrent
2016-08-07 19:51:47 ----D---- C:\Windows10Upgrade
2016-08-07 19:29:25 ----D---- C:\Riot Games
2016-08-07 19:13:11 ----D---- C:\Users\Ondra\AppData\Roaming\ATI
2016-08-07 19:13:11 ----D---- C:\ProgramData\ATI
2016-08-07 17:57:58 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2016-08-07 17:57:58 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2016-08-07 17:57:58 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2016-08-07 17:57:58 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2016-08-07 17:57:49 ----AD---- C:\Program Files (x86)\AMD
2016-08-07 17:56:10 ----D---- C:\AMD
2016-08-03 15:55:35 ----A---- C:\WINDOWS\PAExec.exe
2016-08-03 15:09:53 ----ASH---- C:\swapfile.sys
2016-08-03 15:09:53 ----ASH---- C:\pagefile.sys
2016-08-01 14:49:21 ----D---- C:\Users\Ondra\AppData\Roaming\Frontier Developments
2016-07-28 13:09:35 ----D---- C:\ProgramData\LogMeIn
2016-07-28 13:06:31 ----A---- C:\WINDOWS\system32\drivers\hamachi.sys
2016-07-28 13:04:35 ----D---- C:\Program Files (x86)\Seznam.cz
2016-07-28 13:04:26 ----D---- C:\Users\Ondra\AppData\Roaming\Seznam.cz
2016-07-28 13:04:24 ----D---- C:\Users\Ondra\AppData\Roaming\Hamachi
2016-07-27 12:37:33 ----D---- C:\dev
2016-07-25 22:56:22 ----A---- C:\WINDOWS\SYSWOW64\atiumdag.dll
2016-07-25 22:56:06 ----A---- C:\WINDOWS\system32\atiumd6a.dll
2016-07-25 22:56:00 ----A---- C:\WINDOWS\system32\atiumd64.dll
2016-07-25 22:55:56 ----A---- C:\WINDOWS\SYSWOW64\atiu9pag.dll
2016-07-25 22:55:54 ----A---- C:\WINDOWS\SYSWOW64\atimpc32.dll
2016-07-25 22:55:54 ----A---- C:\WINDOWS\system32\atiu9p64.dll
2016-07-25 22:55:54 ----A---- C:\WINDOWS\system32\atimpc64.dll
2016-07-25 22:55:26 ----A---- C:\WINDOWS\system32\amdxc64.dll
2016-07-25 22:55:18 ----A---- C:\WINDOWS\SYSWOW64\amdxc32.dll
2016-07-25 22:55:12 ----A---- C:\WINDOWS\SYSWOW64\amdpcom32.dll
2016-07-25 22:55:12 ----A---- C:\WINDOWS\system32\amdpcom64.dll
2016-07-25 22:55:12 ----A---- C:\WINDOWS\system32\amdmiracast.dll
2016-07-25 22:55:10 ----A---- C:\WINDOWS\SYSWOW64\amdhcp32.dll
2016-07-25 22:55:10 ----A---- C:\WINDOWS\system32\amdhcp64.dll
2016-07-25 22:54:56 ----A---- C:\WINDOWS\system32\amdave64.dll
2016-07-25 22:54:54 ----A---- C:\WINDOWS\SYSWOW64\amdave32.dll
2016-07-25 22:53:52 ----A---- C:\WINDOWS\system32\mantleaxl64.dll
2016-07-25 22:53:50 ----A---- C:\WINDOWS\system32\mantle64.dll
2016-07-25 22:53:48 ----A---- C:\WINDOWS\SYSWOW64\mantle32.dll
2016-07-25 22:53:48 ----A---- C:\WINDOWS\SYSWOW64\hsa-thunk.dll
2016-07-25 22:53:48 ----A---- C:\WINDOWS\system32\hsa-thunk64.dll
2016-07-25 22:53:46 ----A---- C:\WINDOWS\system32\GameManager64.dll
2016-07-25 22:53:42 ----A---- C:\WINDOWS\system32\detoured.dll
2016-07-25 22:53:40 ----A---- C:\WINDOWS\system32\coinst_16.30.dll
2016-07-25 22:53:40 ----A---- C:\WINDOWS\system32\clinfo.exe
2016-07-25 22:53:08 ----A---- C:\WINDOWS\SYSWOW64\atisamu32.dll
2016-07-25 22:53:08 ----A---- C:\WINDOWS\system32\atitmm64.dll
2016-07-25 22:53:08 ----A---- C:\WINDOWS\system32\atisamu64.dll
2016-07-25 22:53:04 ----A---- C:\WINDOWS\SYSWOW64\atioglxx.dll
2016-07-25 22:52:58 ----A---- C:\WINDOWS\system32\ATIODCLI.exe
2016-07-25 22:52:30 ----A---- C:\WINDOWS\system32\atimuixx.dll
2016-07-25 22:52:14 ----A---- C:\WINDOWS\SYSWOW64\atiglpxx.dll
2016-07-25 22:52:14 ----A---- C:\WINDOWS\system32\atiglpxx.dll
2016-07-25 22:52:12 ----A---- C:\WINDOWS\SYSWOW64\atigktxx.dll
2016-07-25 22:52:12 ----A---- C:\WINDOWS\system32\atig6txx.dll
2016-07-25 22:52:12 ----A---- C:\WINDOWS\system32\atig6pxx.dll
2016-07-25 22:52:10 ----A---- C:\WINDOWS\system32\atiesrxx.exe
2016-07-25 22:52:08 ----A---- C:\WINDOWS\SYSWOW64\atieah32.exe
2016-07-25 22:52:08 ----A---- C:\WINDOWS\system32\atieclxx.exe
2016-07-25 22:52:08 ----A---- C:\WINDOWS\system32\atieah64.exe
2016-07-25 22:52:06 ----A---- C:\WINDOWS\system32\atidemgy.dll
2016-07-25 22:52:04 ----A---- C:\WINDOWS\SYSWOW64\aticalrt.dll
2016-07-25 22:52:04 ----A---- C:\WINDOWS\system32\aticalrt64.dll
2016-07-25 22:52:02 ----A---- C:\WINDOWS\system32\aticaldd64.dll
2016-07-25 22:51:54 ----A---- C:\WINDOWS\SYSWOW64\aticaldd.dll
2016-07-25 22:51:46 ----A---- C:\WINDOWS\system32\aticalcl64.dll
2016-07-25 22:51:44 ----A---- C:\WINDOWS\SYSWOW64\aticalcl.dll
2016-07-25 22:51:42 ----A---- C:\WINDOWS\SYSWOW64\atiadlxy.dll
2016-07-25 22:51:42 ----A---- C:\WINDOWS\SYSWOW64\atiadlxx.dll
2016-07-25 22:51:42 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2016-07-25 22:51:40 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2016-07-25 22:51:38 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll
2016-07-25 22:51:36 ----A---- C:\WINDOWS\system32\amfrt64.dll
2016-07-25 22:51:34 ----A---- C:\WINDOWS\SYSWOW64\amfrt32.dll
2016-07-25 22:51:16 ----A---- C:\WINDOWS\system32\amdvlk64.dll
2016-07-25 22:51:12 ----A---- C:\WINDOWS\SYSWOW64\amdvlk32.dll
2016-07-25 22:51:08 ----A---- C:\WINDOWS\system32\amdoclvp9lib64.dll
2016-07-25 22:51:06 ----A---- C:\WINDOWS\SYSWOW64\amdoclvp9lib32.dll
2016-07-25 22:51:00 ----A---- C:\WINDOWS\system32\amdocl64.dll
2016-07-25 22:50:46 ----A---- C:\WINDOWS\system32\amdocl12cl64.dll
2016-07-25 22:50:36 ----A---- C:\WINDOWS\SYSWOW64\amdocl12cl.dll
2016-07-25 22:50:26 ----A---- C:\WINDOWS\SYSWOW64\amdocl.dll
2016-07-25 22:50:04 ----A---- C:\WINDOWS\SYSWOW64\amdmmcl.dll
2016-07-25 22:50:04 ----A---- C:\WINDOWS\system32\amdmmcl6.dll
2016-07-25 22:49:58 ----A---- C:\WINDOWS\system32\amdmcl64.dll
2016-07-25 22:49:56 ----A---- C:\WINDOWS\SYSWOW64\amdmcl32.dll
2016-07-25 22:49:52 ----A---- C:\WINDOWS\system32\amdmantle64.dll
2016-07-25 22:49:46 ----A---- C:\WINDOWS\SYSWOW64\amdmantle32.dll
2016-07-25 22:49:42 ----A---- C:\WINDOWS\system32\amdlvr64.dll
2016-07-25 22:49:38 ----A---- C:\WINDOWS\SYSWOW64\amdlvr32.dll
2016-07-25 22:49:30 ----A---- C:\WINDOWS\SYSWOW64\amdhdl32.dll
2016-07-25 22:49:30 ----A---- C:\WINDOWS\system32\amdhdl64.dll
2016-07-25 22:49:28 ----A---- C:\WINDOWS\SYSWOW64\amdgfxinfo32.dll
2016-07-25 22:49:26 ----A---- C:\WINDOWS\system32\drivers\amdacpksd.sys
2016-07-25 22:49:24 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2016-07-25 22:49:24 ----A---- C:\WINDOWS\system32\OpenCL.dll
2016-07-25 22:45:24 ----A---- C:\WINDOWS\system32\atio6axx.dll
2016-07-25 22:45:18 ----A---- C:\WINDOWS\SYSWOW64\mantleaxl32.dll
2016-07-25 22:45:18 ----A---- C:\WINDOWS\system32\dgtrayicon.exe
2016-07-25 22:45:16 ----A---- C:\WINDOWS\system32\ATIODE.exe
2016-07-25 22:45:08 ----A---- C:\WINDOWS\system32\amdgfxinfo64.dll
2016-07-25 13:39:44 ----A---- C:\WINDOWS\system32\ativvaxy_vi_nd.dat
2016-07-25 13:39:42 ----A---- C:\WINDOWS\system32\ativvaxy_stn_nd.dat
2016-07-25 13:39:42 ----A---- C:\WINDOWS\system32\ativvaxy_FJ_nd.dat
2016-07-25 13:39:42 ----A---- C:\WINDOWS\system32\ativvaxy_FJ.dat
2016-07-25 13:39:42 ----A---- C:\WINDOWS\system32\ativvaxy_el_nd.dat
2016-07-25 13:39:42 ----A---- C:\WINDOWS\system32\ativvaxy_cz_nd.dat
2016-07-25 13:39:42 ----A---- C:\WINDOWS\system32\ativvaxy_cik_nd.dat
2016-07-25 13:39:42 ----A---- C:\WINDOWS\system32\ativvaxy_cik.dat
2016-07-25 13:39:40 ----A---- C:\WINDOWS\system32\ativce03.dat
2016-07-25 13:39:40 ----A---- C:\WINDOWS\system32\ativce02.dat
2016-07-25 13:37:52 ----A---- C:\WINDOWS\system32\amdicdxx.dat
2016-07-25 13:37:48 ----A---- C:\WINDOWS\system32\amde34b.dat
2016-07-25 13:37:48 ----A---- C:\WINDOWS\system32\amde34a.dat
2016-07-25 13:37:48 ----A---- C:\WINDOWS\system32\amde31a.dat
2016-07-20 15:30:18 ----D---- C:\Users\Ondra\AppData\Roaming\Guild Wars 2

======List of files/folders modified in the last 1 month======

2016-08-19 15:23:35 ----D---- C:\WINDOWS\Temp
2016-08-19 15:22:27 ----D---- C:\WINDOWS\system32\sru
2016-08-19 15:20:27 ----D---- C:\WINDOWS\system32\drivers\etc
2016-08-19 15:19:00 ----SHDC---- C:\WINDOWS\Installer
2016-08-19 15:19:00 ----SHD---- C:\Config.Msi
2016-08-19 15:14:27 ----RD---- C:\Program Files (x86)
2016-08-19 15:14:14 ----D---- C:\WINDOWS\Tasks
2016-08-19 15:14:14 ----D---- C:\WINDOWS\system32\Tasks
2016-08-19 15:02:59 ----D---- C:\WINDOWS\System32
2016-08-19 15:02:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-19 15:02:16 ----RD---- C:\Program Files
2016-08-19 14:57:23 ----D---- C:\Windows
2016-08-19 14:57:01 ----D---- C:\WINDOWS\SoftwareDistribution
2016-08-19 14:57:01 ----D---- C:\WINDOWS\INF
2016-08-19 14:56:58 ----D---- C:\WINDOWS\system32\drivers
2016-08-19 14:56:25 ----D---- C:\WINDOWS\system32\catroot2
2016-08-19 14:55:58 ----D---- C:\Users\Ondra\AppData\Roaming\TS3Client
2016-08-19 14:55:58 ----D---- C:\Program Files (x86)\Steam
2016-08-19 14:55:56 ----D---- C:\WINDOWS\Logs
2016-08-19 14:55:56 ----D---- C:\WINDOWS\debug
2016-08-19 14:39:57 ----D---- C:\WINDOWS\system32\CatRoot
2016-08-19 14:39:56 ----D---- C:\WINDOWS\system32\DriverStore
2016-08-19 14:38:21 ----D---- C:\WINDOWS\SysWOW64
2016-08-19 14:37:32 ----AD---- C:\Program Files (x86)\Battlelog Web Plugins
2016-08-19 14:30:28 ----HD---- C:\ProgramData
2016-08-19 14:25:38 ----D---- C:\Program Files\Common Files
2016-08-19 14:20:34 ----SD---- C:\ProgramData\Microsoft
2016-08-19 13:44:07 ----HD---- C:\WINDOWS\ELAMBKUP
2016-08-19 01:36:29 ----RD---- C:\WINDOWS\Microsoft.NET
2016-08-18 21:37:15 ----D---- C:\WINDOWS\AppReadiness
2016-08-18 21:34:27 ----AD---- C:\Program Files (x86)\Battle.net
2016-08-18 20:30:34 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-08-18 20:20:55 ----D---- C:\Users\Ondra\AppData\Roaming\DesktopOK
2016-08-18 18:04:21 ----D---- C:\Users\Ondra\AppData\Roaming\vlc
2016-08-17 14:46:19 ----HD---- C:\Program Files\WindowsApps
2016-08-14 00:26:39 ----D---- C:\Program Files (x86)\SpeedFan
2016-08-11 16:07:49 ----D---- C:\WINDOWS\system32\config
2016-08-11 12:08:55 ----D---- C:\WINDOWS\rescache
2016-08-11 11:59:26 ----D---- C:\WINDOWS\WinSxS
2016-08-10 18:47:31 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\zh-TW
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\zh-HK
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\zh-CN
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\uk-UA
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\tr-TR
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\th-TH
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\sv-SE
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\sl-SI
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\sk-SK
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\ru-RU
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\ro-RO
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\pt-PT
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\pt-BR
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\pl-PL
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\nl-NL
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\nb-NO
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\lv-LV
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\lt-LT
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\ko-KR
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\ja-jp
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\it-IT
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\hu-HU
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\hr-HR
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\he-IL
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\fr-FR
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\fr-CA
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\fi-FI
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\et-EE
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\es-MX
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\es-ES
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\en-US
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\en-GB
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\el-GR
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\de-DE
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\da-DK
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\cs-CZ
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\bg-BG
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\ar-SA
2016-08-10 18:47:29 ----D---- C:\WINDOWS\system32\appraiser
2016-08-10 18:47:28 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-08-10 18:47:28 ----D---- C:\WINDOWS\ShellExperiences
2016-08-10 18:47:28 ----D---- C:\Program Files\Windows Mail
2016-08-10 18:47:28 ----D---- C:\Program Files (x86)\Windows Mail
2016-08-10 16:23:03 ----D---- C:\WINDOWS\CbsTemp
2016-08-10 16:22:55 ----D---- C:\WINDOWS\system32\MRT
2016-08-10 16:20:57 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-08-10 11:52:12 ----RD---- C:\WINDOWS\assembly
2016-08-08 09:29:49 ----D---- C:\WINDOWS\appcompat
2016-08-08 09:28:28 ----D---- C:\WINDOWS\system32\WDI
2016-08-08 09:26:59 ----D---- C:\WINDOWS\system32\LogFiles
2016-08-07 21:14:02 ----D---- C:\WINDOWS\Setup
2016-08-07 21:11:44 ----D---- C:\WINDOWS\SYSWOW64\MUI
2016-08-07 21:11:44 ----D---- C:\WINDOWS\system32\MUI
2016-08-07 21:11:42 ----A---- C:\WINDOWS\SYSWOW64\dpwsockx.dll
2016-08-07 21:11:42 ----A---- C:\WINDOWS\SYSWOW64\dpmodemx.dll
2016-08-07 21:11:42 ----A---- C:\WINDOWS\SYSWOW64\dplayx.dll
2016-08-07 21:11:42 ----A---- C:\WINDOWS\SYSWOW64\dplaysvr.exe
2016-08-07 21:11:41 ----A---- C:\WINDOWS\SYSWOW64\dpnsvr.exe
2016-08-07 21:11:41 ----A---- C:\WINDOWS\SYSWOW64\dpnlobby.dll
2016-08-07 21:11:41 ----A---- C:\WINDOWS\SYSWOW64\dpnhupnp.dll
2016-08-07 21:11:41 ----A---- C:\WINDOWS\SYSWOW64\dpnhpast.dll
2016-08-07 21:11:41 ----A---- C:\WINDOWS\SYSWOW64\dpnet.dll
2016-08-07 21:11:41 ----A---- C:\WINDOWS\SYSWOW64\dpnathlp.dll
2016-08-07 21:11:41 ----A---- C:\WINDOWS\SYSWOW64\dpnaddr.dll
2016-08-07 21:11:40 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2016-08-07 21:11:40 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2016-08-07 21:11:40 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2016-08-07 21:11:40 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2016-08-07 21:11:40 ----A---- C:\WINDOWS\system32\dpnet.dll
2016-08-07 21:11:40 ----A---- C:\WINDOWS\system32\dpnathlp.dll
2016-08-07 21:11:40 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2016-08-07 20:25:47 ----D---- C:\WINDOWS\system32\wbem
2016-08-07 20:23:54 ----D---- C:\ProgramData\USOPrivate
2016-08-07 20:23:50 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2016-08-07 20:23:21 ----D---- C:\Program Files\Windows NT
2016-08-07 20:22:52 ----D---- C:\WINDOWS\Registration
2016-08-07 20:22:41 ----RSD---- C:\WINDOWS\Fonts
2016-08-07 20:22:41 ----D---- C:\WINDOWS\system32\WinBioDatabase
2016-08-07 20:22:41 ----D---- C:\WINDOWS\system32\Tasks_Migrated
2016-08-07 20:21:02 ----D---- C:\WINDOWS\system32\CodeIntegrity
2016-08-07 20:17:37 ----D---- C:\WINDOWS\twain_32
2016-08-07 20:17:37 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-08-07 20:17:36 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-08-07 20:17:35 ----D---- C:\WINDOWS\system32\SRSLabs
2016-08-07 20:17:35 ----D---- C:\WINDOWS\system32\spool
2016-08-07 20:17:34 ----D---- C:\WINDOWS\system32\NDF
2016-08-07 20:17:29 ----D---- C:\WINDOWS\system32\appmgmt
2016-08-07 20:17:28 ----D---- C:\WINDOWS\System
2016-08-07 20:17:28 ----D---- C:\WINDOWS\LiveKernelReports
2016-08-07 20:17:26 ----RD---- C:\Users
2016-08-07 20:17:24 ----D---- C:\Program Files\Common Files\microsoft shared
2016-08-07 20:17:24 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-08-07 20:17:24 ----D---- C:\Program Files (x86)\Common Files
2016-08-07 20:16:40 ----HD---- C:\WINDOWS\system32\GroupPolicy
2016-08-07 20:16:39 ----D---- C:\WINDOWS\system32\Recovery
2016-08-07 20:16:02 ----D---- C:\WINDOWS\system32\Sysprep
2016-08-07 20:15:39 ----RD---- C:\WINDOWS\PrintDialog
2016-08-07 20:15:39 ----RD---- C:\WINDOWS\MiracastView
2016-08-07 19:28:59 ----D---- C:\Users\Ondra\AppData\Roaming\Riot Games
2016-08-04 08:24:54 ----SHD---- C:\$Recycle.Bin
2016-08-03 20:10:32 ----D---- C:\Users\Ondra\AppData\Roaming\TeamViewer
2016-08-02 10:37:54 ----D---- C:\Users\Ondra\AppData\Roaming\discord
2016-08-01 20:30:10 ----A---- C:\WINDOWS\SYSWOW64\PnkBstrB.exe
2016-07-27 21:25:34 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2016-07-27 10:09:15 ----AD---- C:\Program Files (x86)\Microsoft Office
2016-07-25 22:56:30 ----A---- C:\WINDOWS\SYSWOW64\atiuxpag.dll
2016-07-25 22:56:28 ----A---- C:\WINDOWS\SYSWOW64\atiumdva.dll
2016-07-25 22:56:28 ----A---- C:\WINDOWS\system32\atiuxp64.dll
2016-07-25 22:55:52 ----A---- C:\WINDOWS\system32\atidxx64.dll
2016-07-25 22:55:48 ----A---- C:\WINDOWS\SYSWOW64\atidxx32.dll
2016-07-25 22:55:38 ----A---- C:\WINDOWS\system32\aticfx64.dll
2016-07-25 22:55:34 ----A---- C:\WINDOWS\SYSWOW64\aticfx32.dll
2016-07-25 22:53:46 ----A---- C:\WINDOWS\SYSWOW64\GameManager32.dll
2016-07-25 22:53:40 ----A---- C:\WINDOWS\SYSWOW64\detoured.dll
2016-07-23 20:46:18 ----D---- C:\Users\Ondra\AppData\Roaming\steelseries-engine-3-client

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2016-06-28 199328]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-07-16 45920]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2016-06-28 263336]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2016-06-28 197288]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2014-12-21 40344]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R2 amdacpksd;ACP Kernel Service Driver; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [2016-07-25 313760]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 epfwwfpr;epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [2016-06-28 181416]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2016-07-16 78336]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2016-07-25 26717720]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2016-07-25 509464]
R3 AtiHDAudioService;@oem24.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2016-06-02 101376]
R3 bcmsmbsp;@oem1.inf,%bcmsmbsp.SVCDESC%;SMBus Controller Service; C:\WINDOWS\System32\drivers\bcmsmbsp.sys [2015-07-10 53024]
R3 int0800;@oem27.inf,%Flashud_svcdesc%;Intel 28F320C3 Flash Update Device Driver v6.4; C:\WINDOWS\System32\drivers\flashud.sys [2009-09-09 51712]
R3 L1C;@oem5.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2015-10-01 161864]
R3 MEIx64;@oem15.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-10-08 185600]
R3 SaiK0728;SaiK0728; C:\WINDOWS\system32\DRIVERS\SaiK0728.sys [2015-10-13 180896]
R3 ssdevfactory;@oem31.inf,%ssdevfactory.SVCDESC%;SteelSeries Device Factory Service; C:\WINDOWS\System32\drivers\ssdevfactory.sys [2015-10-03 40568]
R3 tap0901;@oem7.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\tap0901.sys [2014-11-05 27136]
S0 amdkmafd;@oem23.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2015-07-28 40720]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2016-06-28 15488]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2016-07-16 32096]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 acsock;acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [2016-02-29 133168]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2016-07-17 126304]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2016-07-17 157024]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2016-07-17 141152]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-07-16 117248]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2016-07-04 25640]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2016-07-04 25640]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2016-07-04 30528]
S3 Hamachi;@oem25.inf,%Hamachi.Service.DispName%;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\System32\drivers\Hamdrv.sys [2016-07-06 45680]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-07-16 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2016-08-19 192216]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2016-07-17 179040]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2016-07-16 95744]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys [2016-07-16 108544]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2016-07-16 50688]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2016-07-25 278544]
R2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2016-07-18 121856]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-03-02 83768]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_34ee4;CDPUserSvc_34ee4; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-07-17 2944768]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-06-10 2542216]
R2 OneSyncSvc_34ee4;Hostitel synchronizace_34ee4; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2016-04-03 76152]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 PimIndexMaintenanceSvc_34ee4;Data kontaktů_34ee4; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-19 154440]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 MBAMService;MBAMService; D:\STAŽENÉ\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbamservice.exe [2016-08-16 1136608]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EasyAntiCheat;EasyAntiCheat; C:\WINDOWS\syswow64\EasyAntiCheat.exe [2016-08-09 227104]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FlexNet Licensing Service;FlexNet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [2016-03-12 1104176]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-19 154440]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_34ee4;Služba zasílání zpráv_34ee4; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-06-10 2122248]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-07-16 200240]
S3 PAExec;PAExec; C:\Windows\PAExec.exe [2016-08-07 189112]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2016-07-17 2889896]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2016-07-16 1312768]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-08-16 1452320]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2016-07-16 287744]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2016-07-17 823136]
S4 MBAMScheduler;MBAMScheduler; \mbamscheduler.exe []
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[louwe]

Přikládám log, stále nic nepomáhá.

# AdwCleaner v6.000 - *Logfile created 19/08/2016 *at 15:32:06
# *Updated on 12/08/2016 by ToolsLib
# *Database : 2016-08-19.1 [*Server]
# *Operating System : Windows 10 Education (X64)
# *Username : Ondra - DESKTOP-A9E1KAA
# *Running from : C:\Users\Ondra\Downloads\adwcleaner_6.000.exe
# *Mode: Scan
# *Support : https://toolslib.net/forum



***** [ *Services ] *****

*No malicious services found.


***** [ *Folders ] *****

*No malicious folders found.


***** [ *Files ] *****

*No malicious files found.


***** [ DLL ] *****

*No malicious DLLs found.


***** [ WMI ] *****

*No malicious keys found.


***** [ *Shortcuts ] *****

*No infected shortcut found.


***** [ *Scheduled tasks ] *****

*No malicious task found.


***** [ *Registry ] *****

*Key Found: HKU\S-1-5-21-2735073394-199789404-1462047816-1001\Software\Conduit
*Key Found: HKCU\Software\Conduit
*Key Found: HKLM\SOFTWARE\Conduit
*Key Found: HKLM\SOFTWARE\Classes\s


***** [ *Web browsers ] *****

*No malicious Firefox based browser items found.
*No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [1165 *Bytes] - [19/08/2016 15:32:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1239 *Bytes] ##########

[Rudy]

ADW nemazal, neklikl jste na >cleaning<. Zkuste ještě jednou.

[louwe]

# AdwCleaner v6.000 - *Logfile created 19/08/2016 *at 20:23:14
# *Updated on 12/08/2016 by ToolsLib
# *Database : 2016-08-19.3 [*Server]
# *Operating System : Windows 10 Education (X64)
# *Username : Ondra - DESKTOP-A9E1KAA
# *Running from : D:\STAŽENÉ\adwcleaner_6.000.exe
# *Mode: Scan
# *Support : https://toolslib.net/forum



***** [ *Services ] *****

*No malicious services found.


***** [ *Folders ] *****

*No malicious folders found.


***** [ *Files ] *****

*No malicious files found.


***** [ DLL ] *****

*No malicious DLLs found.


***** [ WMI ] *****

*No malicious keys found.


***** [ *Shortcuts ] *****

*No infected shortcut found.


***** [ *Scheduled tasks ] *****

*No malicious task found.


***** [ *Registry ] *****

*No malicious registry entries found.


***** [ *Web browsers ] *****

*No malicious Firefox based browser items found.
*No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1213 *Bytes] - [19/08/2016 15:32:30]
C:\AdwCleaner\AdwCleaner[S0].txt - [1319 *Bytes] - [19/08/2016 15:32:06]
C:\AdwCleaner\AdwCleaner[S1].txt - [1307 *Bytes] - [19/08/2016 19:03:43]
C:\AdwCleaner\AdwCleaner[S2].txt - [1227 *Bytes] - [19/08/2016 20:23:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1301 *Bytes] ##########

[Rudy]

Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[louwe]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-08-2016
Ran by Ondra (administrator) on DESKTOP-A9E1KAA (19-08-2016 21:34:54)
Running from D:\STAŽENÉ
Loaded Profiles: Ondra (Available Profiles: Ondra)
Platform: Windows 10 Education Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Windows\System32\PnkBstrA.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Hammer & Chisel, Inc.) C:\Users\Ondra\AppData\Local\Discord\app-0.0.295\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Ondra\AppData\Local\Discord\app-0.0.295\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Ondra\AppData\Local\Discord\app-0.0.295\Discord.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Nenad Hrg SoftwareOK) C:\Users\Ondra\Desktop\DesktopOK_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.24\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.64\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.212\deploy\LolClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Cm108Sound] => C:\Windows\Syswow64\cm108.dll [8757248 2013-01-16] (C-Media Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6626696 2016-07-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [zenvpn] => C:\Program Files (x86)\ZenVPN OpenVPN bundle\bin\zenvpn.exe
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [766464 2016-02-29] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2735073394-199789404-1462047816-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-2735073394-199789404-1462047816-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3582240 2016-06-02] (Nota Inc.)
HKU\S-1-5-21-2735073394-199789404-1462047816-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-16] (Valve Corporation)
HKU\S-1-5-21-2735073394-199789404-1462047816-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2735073394-199789404-1462047816-1001\...\Run: [Ondra] => explorer.exe hxxp://sd-steam.info <===== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2016-04-05]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
Startup: C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk [2016-08-19]
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk -> C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyScripts: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{816540e8-cc6f-45f8-9e1d-76072b0caa7e}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{e80366ae-28fe-42cb-8e1c-c4c54da8d895}: [DhcpNameServer] 10.8.0.1

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-08-19] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-19] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-08-19] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-08-19] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-19] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-19] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-19] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-19] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-19] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)

Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-19]
CHR Extension: (Momentum New Tab Page) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\abdholagkagimalmpmohnkmpcbjomlgp [2016-08-19]
CHR Extension: (Super Netflix) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aioencjhbaolepcoappllicjebblphoc [2016-08-19]
CHR Extension: (Dokumenty Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-19]
CHR Extension: (Disk Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-19]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-08-19]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-08-19]
CHR Extension: (YouTube) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-19]
CHR Extension: (Adblock Plus) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-19]
CHR Extension: (Foxtab Speed Dial) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp [2016-08-19]
CHR Extension: (Tabulky Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-19]
CHR Extension: (AdBlock) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-19]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-08-19]
CHR Extension: (Steam Database) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdbmhfkmnlmbkgbabkdealhhbfhlmmon [2016-08-19]
CHR Extension: (Lightning Speed Dial) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\kddckpmlbneidbekmajhmhikeegjdgcd [2016-08-19]
CHR Extension: (Instair Speed Dial) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikeacjcceacohckgiajooneiabebfjj [2016-08-19]
CHR Extension: (Infinite HD App) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\laealigljflmglcgncipdbmbjgjdpiim [2016-08-19]
CHR Extension: (Twitch Now) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2016-08-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-19]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-08-19]
CHR Extension: (Gmail) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-19]
CHR Extension: (Chrome Media Router) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-19]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-07-18] (Advanced Micro Devices) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2944768 2016-07-31] (Microsoft Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [227104 2016-08-09] (EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2542216 2016-06-10] (ESET)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-10] (Electronic Arts)
S3 PAExec; C:\Windows\PAExec.exe [189112 2016-08-07] (Power Admin LLC)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-04-03] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-04-02] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-17] (Microsoft Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [46736 2015-09-11] (VIA Technologies, Inc.)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [349696 2016-07-16] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [614912 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [313760 2016-07-25] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [101376 2016-06-02] (Advanced Micro Devices)
R3 bcmsmbsp; C:\Windows\System32\drivers\bcmsmbsp.sys [53024 2015-07-10] (Broadcom Corporation.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [263336 2016-06-28] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [199328 2016-06-28] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15488 2016-06-28] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [197288 2016-06-28] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [181416 2016-06-28] (ESET)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2016-07-04] ()
S3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2016-07-06] (LogMeIn Inc.)
R3 int0800; C:\Windows\System32\drivers\flashud.sys [51712 2009-09-09] (Intel Corporation)
R4 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-19] (Malwarebytes)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 SaiK0728; C:\Windows\system32\DRIVERS\SaiK0728.sys [180896 2015-10-13] (Saitek)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [40568 2015-10-03] (SteelSeries ApS)
R3 uvhid; C:\Windows\System32\drivers\uvhid.sys [25592 2015-11-11] (Windows (R) Win 7 DDK provider)
S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [52592 2015-12-23] (Cisco Systems, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-19 21:34 - 2016-08-19 21:34 - 00000000 ____D C:\FRST
2016-08-19 20:40 - 2016-08-19 20:40 - 00000222 _____ C:\Users\Ondra\Desktop\Deus Ex Mankind Divided.url
2016-08-19 19:16 - 2016-08-19 19:16 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-19 19:06 - 2016-08-19 19:14 - 00001319 _____ C:\Users\Ondra\Desktop\Nový textový dokument.txt
2016-08-19 19:06 - 2016-08-19 19:06 - 00001319 _____ C:\Users\Ondra\Desktop\AdwCleaner[S0].txt
2016-08-19 15:30 - 2016-08-19 20:23 - 00000000 ____D C:\AdwCleaner
2016-08-19 15:23 - 2016-08-19 15:23 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2016-08-19 15:14 - 2016-08-19 19:57 - 00000000 ____D C:\Users\Ondra\AppData\Local\Google
2016-08-19 15:14 - 2016-08-19 15:20 - 00000982 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-19 15:14 - 2016-08-19 15:20 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-19 15:14 - 2016-08-19 15:14 - 00004040 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-19 15:14 - 2016-08-19 15:14 - 00003808 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-19 15:14 - 2016-08-19 15:14 - 00002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-19 15:14 - 2016-08-19 15:14 - 00000000 ____D C:\Program Files (x86)\Google
2016-08-19 15:02 - 2016-08-19 15:24 - 00000000 ____D C:\Program Files\trend micro
2016-08-19 15:02 - 2016-08-19 15:02 - 00000000 ____D C:\rsit
2016-08-19 14:36 - 2016-08-19 14:36 - 00000000 ____D C:\KVRT_Data
2016-08-19 14:25 - 2016-08-19 14:25 - 00000000 ____D C:\Program Files\Common Files\AV
2016-08-19 14:20 - 2016-08-19 14:31 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-08-19 14:20 - 2016-08-19 14:25 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-08-19 14:20 - 2016-08-19 14:20 - 00001460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-08-19 14:20 - 2016-08-19 14:20 - 00001448 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-08-19 14:20 - 2016-08-19 14:20 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-08-19 14:20 - 2016-08-19 14:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-08-19 14:20 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2016-08-19 13:43 - 2016-08-19 13:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-08-19 13:43 - 2016-08-19 13:43 - 00000000 ____D C:\ProgramData\ESET
2016-08-19 13:43 - 2016-08-19 13:43 - 00000000 ____D C:\Program Files\ESET
2016-08-16 13:08 - 2016-08-19 19:16 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-16 13:08 - 2016-08-16 13:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-08-16 13:08 - 2016-08-16 13:08 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-08-16 13:08 - 2016-08-16 13:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-08-15 22:20 - 2016-08-15 22:20 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-08-15 15:58 - 2016-08-15 15:58 - 00000000 ____D C:\ProgramData\Steam
2016-08-13 01:52 - 2016-08-13 01:52 - 00000000 ____D C:\ProgramData\SkidRow
2016-08-12 20:14 - 2016-08-12 20:19 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\HelloGames
2016-08-10 12:01 - 2016-08-02 10:58 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 12:01 - 2016-08-02 10:53 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 12:01 - 2016-08-02 10:52 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 12:01 - 2016-08-02 10:48 - 22219328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 12:01 - 2016-08-02 10:48 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-10 12:01 - 2016-08-02 10:44 - 00151232 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 12:01 - 2016-08-02 10:44 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-08-10 12:01 - 2016-08-02 10:23 - 22572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 12:01 - 2016-08-02 10:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-08-10 12:01 - 2016-08-02 10:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-08-10 12:01 - 2016-08-02 10:20 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-10 12:01 - 2016-08-02 10:20 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-10 12:01 - 2016-08-02 10:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-08-10 12:01 - 2016-08-02 10:15 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-10 12:01 - 2016-08-02 10:14 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-08-10 12:01 - 2016-08-02 10:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 12:01 - 2016-08-02 10:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-08-10 12:01 - 2016-08-02 10:11 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-10 12:01 - 2016-08-02 10:11 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-10 12:01 - 2016-08-02 10:10 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-10 12:01 - 2016-08-02 10:09 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-10 12:01 - 2016-08-02 10:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 12:01 - 2016-08-02 10:07 - 09125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-10 12:01 - 2016-08-02 10:03 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-08-10 12:01 - 2016-08-02 10:00 - 05511168 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-10 12:01 - 2016-08-02 09:59 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 12:01 - 2016-08-02 09:58 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 12:01 - 2016-08-02 09:57 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 12:01 - 2016-08-02 09:56 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-08-10 12:01 - 2016-08-02 09:56 - 01785856 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 12:01 - 2016-08-02 09:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-10 12:01 - 2016-08-02 09:55 - 03617280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 12:01 - 2016-08-02 09:55 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 12:01 - 2016-08-02 09:52 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-10 12:01 - 2016-08-02 06:56 - 02251440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 12:01 - 2016-08-02 06:51 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 12:01 - 2016-08-02 06:47 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-08-10 12:01 - 2016-08-02 06:39 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-08-10 12:01 - 2016-08-02 06:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-08-10 12:01 - 2016-08-02 06:37 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-08-10 12:01 - 2016-08-02 06:36 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-08-10 12:01 - 2016-08-02 06:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-10 12:01 - 2016-08-02 06:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-08-10 12:01 - 2016-08-02 06:28 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 12:01 - 2016-08-02 06:27 - 07623168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-10 12:01 - 2016-08-02 06:26 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 12:01 - 2016-08-02 06:26 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-08-10 12:01 - 2016-08-02 06:25 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-08-10 12:01 - 2016-08-02 06:25 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 12:01 - 2016-08-02 06:23 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-08-10 12:01 - 2016-08-02 06:16 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 12:01 - 2016-08-02 06:13 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 12:01 - 2016-08-02 06:13 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-10 12:01 - 2016-08-02 06:12 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-08-10 12:01 - 2016-08-02 06:09 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-10 01:01 - 2016-08-10 17:21 - 00355064 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2016-08-10 01:01 - 2016-08-09 21:28 - 00227104 _____ (EasyAntiCheat Ltd) C:\WINDOWS\SysWOW64\EasyAntiCheat.exe
2016-08-10 00:50 - 2016-08-10 01:00 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\SpaceEngineers
2016-08-09 21:17 - 2016-08-09 21:17 - 00000222 _____ C:\Users\Ondra\Desktop\Shelter 2.url
2016-08-09 21:17 - 2016-08-09 21:17 - 00000222 _____ C:\Users\Ondra\Desktop\Rust.url
2016-08-09 21:16 - 2016-08-09 21:16 - 00000222 _____ C:\Users\Ondra\Desktop\Space Engineers.url
2016-08-09 21:08 - 2016-08-09 21:08 - 00000222 _____ C:\Users\Ondra\Desktop\KHOLAT.url
2016-08-09 21:05 - 2016-08-09 21:05 - 00000222 _____ C:\Users\Ondra\Desktop\Savage Lands.url
2016-08-08 15:02 - 2016-08-08 15:02 - 00003558 _____ C:\WINDOWS\System32\Tasks\Ondra
2016-08-07 23:25 - 2016-08-07 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-08-07 21:14 - 2016-08-19 14:55 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-07 21:12 - 2016-08-07 21:12 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-07 21:12 - 2016-08-07 21:12 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-07 21:12 - 2016-08-07 21:12 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-07 21:12 - 2016-08-07 21:12 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-07 21:12 - 2016-08-07 21:12 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-08-07 21:12 - 2016-08-07 21:12 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-08-07 21:12 - 2016-08-07 21:12 - 01260384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-08-07 21:12 - 2016-08-07 21:12 - 00843104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-08-07 21:12 - 2016-08-07 21:12 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-07 21:12 - 2016-08-07 21:12 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-07 21:12 - 2016-08-07 21:12 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-07 21:12 - 2016-08-07 21:12 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-07 21:12 - 2016-08-07 21:12 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-07 21:12 - 2016-08-07 21:12 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-07 21:12 - 2016-08-07 21:12 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-07 21:12 - 2016-08-07 21:12 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-07 21:12 - 2016-08-07 21:12 - 00000000 ____D C:\Windows.old
2016-08-07 21:12 - 2016-08-07 21:12 - 00000000 ____D C:\Program Files\CMAK
2016-08-07 21:12 - 2016-08-07 21:12 - 00000000 ____D C:\Program Files (x86)\CMAK
2016-08-07 21:11 - 2016-08-07 21:11 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-08-07 21:11 - 2016-08-07 21:11 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-07 21:11 - 2016-08-07 21:11 - 00000000 ____D C:\Program Files\MSBuild
2016-08-07 21:11 - 2016-08-07 21:11 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-07 21:11 - 2016-08-07 21:11 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-07 21:11 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-07 21:11 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-07 21:11 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-07 21:11 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-08-07 21:11 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-07 21:11 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-08-07 21:09 - 2016-08-07 21:13 - 00000000 ____D C:\Users\Ondra\AppData\Local\UnrealEngine
2016-08-07 21:09 - 2016-08-07 21:09 - 00000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2016-08-07 21:09 - 2016-08-07 21:09 - 00000000 ____D C:\Users\Ondra\AppData\Local\AbzuGame
2016-08-07 20:34 - 2016-08-07 20:34 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-07 20:33 - 2016-08-07 20:49 - 00000000 ____D C:\Users\Ondra\AppData\Local\ConnectedDevicesPlatform
2016-08-07 20:33 - 2016-08-07 20:33 - 00000020 ___SH C:\Users\Ondra\ntuser.ini
2016-08-07 20:23 - 2016-08-07 20:23 - 00000000 _SHDL C:\Users\Default\Šablony
2016-08-07 20:23 - 2016-08-07 20:23 - 00000000 _SHDL C:\Users\Default\Soubory cookie
2016-08-07 20:23 - 2016-08-07 20:23 - 00000000 _SHDL C:\Users\Default\Poslední
2016-08-07 20:23 - 2016-08-07 20:23 - 00000000 _SHDL C:\Users\Default\Okolní tiskárny
2016-08-07 20:23 - 2016-08-07 20:23 - 00000000 _SHDL C:\Users\Default\Okolní síť
2016-08-07 20:23 - 2016-08-07 20:23 - 00000000 _SHDL C:\Users\Default\Nabídka Start
2016-08-07 20:23 - 2016-08-07 20:23 - 00000000 _SHDL C:\Users\Default\Dokumenty
2016-08-07 20:23 - 2016-08-07 20:23 - 00000000 _SHDL C:\Users\Default\Documents\Obrázky
2016-08-07 20:23 - 2016-08-07 20:23 - 00000000 _SHDL C:\Users\Default\Documents\Hudba
2016-08-07 20:23 - 2016-08-07 20:23 - 00000000 _SHDL C:\Users\Default\Documents\Filmy
2016-08-07 20:23 - 2016-08-07 20:23 - 00000000 _SHDL C:\Users\Default\Data aplikací
2016-08-07 20:23 - 2016-08-07 20:23 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-07 20:23 - 2016-08-07 20:23 - 00000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2016-08-07 20:23 - 2016-08-07 20:23 - 00000000 _SHDL C:\Users\Default User\Documents\Obrázky
2016-08-07 20:23 - 2016-08-07 20:23 - 00000000 _SHDL C:\Users\Default User\Documents\Hudba
2016-08-07 20:23 - 2016-08-07 20:23 - 00000000 _SHDL C:\Users\Default User\Documents\Filmy
2016-08-07 20:23 - 2016-08-07 20:23 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-07 20:23 - 2016-08-07 20:23 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2016-08-07 20:23 - 2016-08-07 20:23 - 00000000 ____D C:\ProgramData\USOShared
2016-08-07 20:22 - 2016-08-19 15:34 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-07 20:22 - 2016-08-14 21:38 - 00003860 _____ C:\WINDOWS\System32\Tasks\ESET Windows 10 upgrade – Perform upgrade
2016-08-07 20:22 - 2016-08-07 23:26 - 00004296 _____ C:\WINDOWS\System32\Tasks\AMD Updater
2016-08-07 20:22 - 2016-08-07 20:22 - 00022924 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-07 20:22 - 2016-08-07 20:22 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-08-07 20:22 - 2016-08-07 20:22 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-08-07 20:22 - 2016-08-07 20:22 - 00002664 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachineDaily
2016-08-07 20:22 - 2016-08-07 20:22 - 00002524 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine
2016-08-07 20:22 - 2016-08-07 20:22 - 00002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-08-07 20:20 - 2016-08-07 20:20 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-07 20:20 - 2016-08-07 20:20 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-08-07 20:20 - 2016-08-07 20:20 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2016-08-07 20:20 - 2016-08-07 20:20 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2016-08-07 20:20 - 2016-08-07 20:20 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2016-08-07 20:16 - 2016-08-08 00:44 - 00000000 ____D C:\Users\Ondra
2016-08-07 20:16 - 2016-08-07 20:21 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-08-07 20:16 - 2016-08-07 20:16 - 00000000 _SHDL C:\Users\Ondra\Šablony
2016-08-07 20:16 - 2016-08-07 20:16 - 00000000 _SHDL C:\Users\Ondra\Soubory cookie
2016-08-07 20:16 - 2016-08-07 20:16 - 00000000 _SHDL C:\Users\Ondra\Poslední
2016-08-07 20:16 - 2016-08-07 20:16 - 00000000 _SHDL C:\Users\Ondra\Okolní tiskárny
2016-08-07 20:16 - 2016-08-07 20:16 - 00000000 _SHDL C:\Users\Ondra\Okolní síť
2016-08-07 20:16 - 2016-08-07 20:16 - 00000000 _SHDL C:\Users\Ondra\Nabídka Start
2016-08-07 20:16 - 2016-08-07 20:16 - 00000000 _SHDL C:\Users\Ondra\Dokumenty
2016-08-07 20:16 - 2016-08-07 20:16 - 00000000 _SHDL C:\Users\Ondra\Documents\Obrázky
2016-08-07 20:16 - 2016-08-07 20:16 - 00000000 _SHDL C:\Users\Ondra\Documents\Hudba
2016-08-07 20:16 - 2016-08-07 20:16 - 00000000 _SHDL C:\Users\Ondra\Documents\Filmy
2016-08-07 20:16 - 2016-08-07 20:16 - 00000000 _SHDL C:\Users\Ondra\Data aplikací
2016-08-07 20:16 - 2016-08-07 20:16 - 00000000 _SHDL C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-07 20:16 - 2016-08-07 20:16 - 00000000 _SHDL C:\Users\Ondra\AppData\Local\Data aplikací
2016-08-07 20:15 - 2016-08-19 15:34 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-08-07 20:15 - 2016-08-07 23:25 - 00000000 ____D C:\Program Files\AMD
2016-08-07 20:15 - 2016-08-07 20:15 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SaiK0728_01009.Wdf
2016-08-07 20:15 - 2016-08-07 20:15 - 00000000 ____D C:\Program Files\VIA
2016-08-07 20:15 - 2016-08-07 20:15 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-08-07 20:15 - 2016-08-07 20:15 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2016-08-07 20:15 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-07 20:14 - 2016-08-19 01:36 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-07 20:14 - 2016-08-10 19:22 - 00389512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-07 20:14 - 2016-08-07 20:14 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-07 20:01 - 2016-08-07 20:04 - 00000000 ___HD C:\$WINDOWS.~BT
2016-08-07 20:00 - 2016-08-07 20:01 - 00000036 _____ C:\WINDOWS\progress.ini
2016-08-07 19:57 - 2016-08-07 19:57 - 00000000 ___HD C:\$SysReset
2016-08-07 19:52 - 2016-08-07 20:32 - 00000000 ___HD C:\$GetCurrent
2016-08-07 19:51 - 2016-08-07 20:33 - 00000000 ____D C:\Windows10Upgrade
2016-08-07 19:51 - 2016-08-07 19:51 - 00000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pomocník při upgradu na Windows 10.lnk
2016-08-07 19:46 - 2016-08-07 19:46 - 00000000 ____D C:\Users\Ondra\Documents\League of Legends
2016-08-07 19:29 - 2016-08-07 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2016-08-07 19:29 - 2016-08-07 19:29 - 00001585 _____ C:\Users\Public\Desktop\League of Legends.lnk
2016-08-07 19:29 - 2016-08-07 19:29 - 00000000 ____D C:\Riot Games
2016-08-07 19:13 - 2016-08-07 19:13 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\ATI
2016-08-07 19:13 - 2016-08-07 19:13 - 00000000 ____D C:\ProgramData\ATI
2016-08-07 18:00 - 2016-08-07 18:00 - 00000000 ____D C:\Users\Ondra\AppData\Local\ATI
2016-08-07 17:57 - 2016-08-12 20:19 - 00000000 ____D C:\Users\Ondra\AppData\Local\AMD
2016-08-07 17:57 - 2016-08-07 17:57 - 00000000 ____D C:\Program Files (x86)\AMD
2016-08-07 17:57 - 2016-06-23 20:22 - 00264992 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-08-07 17:57 - 2016-06-23 20:21 - 00257824 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-08-07 17:57 - 2016-06-23 20:21 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-08-07 17:57 - 2016-06-23 20:20 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-08-07 17:56 - 2016-08-07 23:21 - 00000000 ____D C:\AMD
2016-08-07 16:58 - 2016-08-07 17:53 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-08-03 15:55 - 2016-08-07 17:53 - 00189112 _____ (Power Admin LLC) C:\WINDOWS\PAExec.exe
2016-08-03 10:49 - 2016-08-19 13:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-08-02 18:45 - 2016-08-02 18:45 - 00000000 ____D C:\Users\Ondra\AppData\LocalLow\Weappy
2016-08-01 15:35 - 2016-08-01 15:35 - 00000000 ____D C:\Users\Ondra\Documents\Square Enix
2016-08-01 14:49 - 2016-08-01 14:49 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Frontier Developments
2016-08-01 14:49 - 2016-08-01 14:49 - 00000000 ____D C:\Users\Ondra\AppData\Local\Frontier Developments
2016-08-01 14:20 - 2016-08-01 14:20 - 00000000 ____D C:\Users\Ondra\AppData\Local\Frontier_Developments
2016-08-01 13:57 - 2016-08-01 13:57 - 00000222 _____ C:\Users\Ondra\Desktop\Just Cause 3.url
2016-07-28 13:09 - 2016-07-28 13:09 - 00000000 ____D C:\Users\Ondra\AppData\Local\LogMeIn
2016-07-28 13:09 - 2016-07-28 13:09 - 00000000 ____D C:\ProgramData\LogMeIn
2016-07-28 13:06 - 2016-07-28 13:06 - 00033344 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\Drivers\hamachi.sys
2016-07-28 13:04 - 2016-07-28 20:04 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Seznam.cz
2016-07-28 13:04 - 2016-07-28 20:04 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2016-07-28 13:04 - 2016-07-28 13:08 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Hamachi
2016-07-28 12:30 - 2016-07-28 12:30 - 00000000 ____D C:\Users\Ondra\Documents\Commandos II
2016-07-28 12:25 - 2016-07-28 12:25 - 00000220 _____ C:\Users\Ondra\Desktop\Commandos 2 Men of Courage.url
2016-07-27 12:37 - 2016-07-27 12:37 - 00000000 ____D C:\dev
2016-07-26 15:13 - 2016-07-26 15:13 - 00000000 ____D C:\Users\Ondra\AppData\Local\Fallout4
2016-07-26 15:04 - 2016-08-07 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2016-07-26 15:04 - 2016-07-26 15:04 - 00000714 _____ C:\Users\Ondra\Desktop\Fallout 4.lnk
2016-07-25 22:56 - 2016-07-25 22:56 - 10284832 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2016-07-25 22:56 - 2016-07-25 22:56 - 08864056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2016-07-25 22:56 - 2016-07-25 22:56 - 07234256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2016-07-25 22:55 - 2016-07-25 22:55 - 08653128 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2016-07-25 22:55 - 2016-07-25 22:55 - 07044704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2016-07-25 22:55 - 2016-07-25 22:55 - 00474992 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-07-25 22:55 - 2016-07-25 22:55 - 00160792 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2016-07-25 22:55 - 2016-07-25 22:55 - 00151456 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-07-25 22:55 - 2016-07-25 22:55 - 00135288 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-07-25 22:55 - 2016-07-25 22:55 - 00133808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2016-07-25 22:55 - 2016-07-25 22:55 - 00119744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-07-25 22:55 - 2016-07-25 22:55 - 00119744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-07-25 22:55 - 2016-07-25 22:55 - 00102040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-07-25 22:55 - 2016-07-25 22:55 - 00102040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-07-25 22:54 - 2016-07-25 22:54 - 00155616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-07-25 22:54 - 2016-07-25 22:54 - 00134776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 26632720 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00874520 _____ (AMD) C:\WINDOWS\system32\coinst_16.30.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00279056 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00267288 _____ C:\WINDOWS\system32\GameManager64.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00261656 _____ C:\WINDOWS\system32\clinfo.exe
2016-07-25 22:53 - 2016-07-25 22:53 - 00260112 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00225808 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00151056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00128528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00126488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00121872 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00110104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00012816 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2016-07-25 22:52 - 2016-07-25 22:52 - 15720464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2016-07-25 22:52 - 2016-07-25 22:52 - 00513040 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-07-25 22:52 - 2016-07-25 22:52 - 00451088 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-07-25 22:52 - 2016-07-25 22:52 - 00278544 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2016-07-25 22:52 - 2016-07-25 22:52 - 00222736 _____ C:\WINDOWS\system32\atieah64.exe
2016-07-25 22:52 - 2016-07-25 22:52 - 00200720 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-07-25 22:52 - 2016-07-25 22:52 - 00194064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-07-25 22:52 - 2016-07-25 22:52 - 00167952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2016-07-25 22:52 - 2016-07-25 22:52 - 00115216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2016-07-25 22:52 - 2016-07-25 22:52 - 00102416 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-07-25 22:52 - 2016-07-25 22:52 - 00099856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2016-07-25 22:52 - 2016-07-25 22:52 - 00099856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2016-07-25 22:52 - 2016-07-25 22:52 - 00071184 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2016-07-25 22:52 - 2016-07-25 22:52 - 00060944 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2016-07-25 22:52 - 2016-07-25 22:52 - 00059920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2016-07-25 22:51 - 2016-07-25 22:51 - 48806416 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 14311440 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 08827920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 07084560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 02369040 _____ C:\WINDOWS\system32\amdoclvp9lib64.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 02279440 _____ C:\WINDOWS\SysWOW64\amdoclvp9lib32.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 02138640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 01828880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 01318416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 00985104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 00985104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 00394256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-07-25 22:51 - 2016-07-25 22:51 - 00064528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 00057872 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 00052240 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2016-07-25 22:50 - 2016-07-25 22:50 - 38257680 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2016-07-25 22:50 - 2016-07-25 22:50 - 27480592 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2016-07-25 22:50 - 2016-07-25 22:50 - 21632528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2016-07-25 22:50 - 2016-07-25 22:50 - 00059408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2016-07-25 22:50 - 2016-07-25 22:50 - 00047120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2016-07-25 22:49 - 2016-07-25 22:49 - 08619024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2016-07-25 22:49 - 2016-07-25 22:49 - 06947344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2016-07-25 22:49 - 2016-07-25 22:49 - 00742928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-07-25 22:49 - 2016-07-25 22:49 - 00618512 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-07-25 22:49 - 2016-07-25 22:49 - 00313760 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdacpksd.sys
2016-07-25 22:49 - 2016-07-25 22:49 - 00213520 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-07-25 22:49 - 2016-07-25 22:49 - 00193040 _____ C:\WINDOWS\system32\amdhdl64.dll
2016-07-25 22:49 - 2016-07-25 22:49 - 00173072 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2016-07-25 22:49 - 2016-07-25 22:49 - 00104984 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-07-25 22:49 - 2016-07-25 22:49 - 00095760 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-07-25 22:49 - 2016-07-25 22:49 - 00075280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2016-07-25 22:49 - 2016-07-25 22:49 - 00058896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2016-07-25 22:45 - 2016-07-25 22:45 - 32548376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2016-07-25 22:45 - 2016-07-25 22:45 - 00341520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2016-07-25 22:45 - 2016-07-25 22:45 - 00283664 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-07-25 22:45 - 2016-07-25 22:45 - 00240664 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-07-25 22:45 - 2016-07-25 22:45 - 00100880 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-07-25 13:40 - 2016-07-25 13:40 - 00149008 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2016-07-25 13:40 - 2016-07-25 13:40 - 00117808 _____ C:\WINDOWS\system32\kapp_ci.sbin
2016-07-25 13:40 - 2016-07-25 13:40 - 00112336 _____ C:\WINDOWS\system32\kapp_si.sbin
2016-07-25 13:39 - 2016-07-25 13:39 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2016-07-25 13:39 - 2016-07-25 13:39 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2016-07-25 13:39 - 2016-07-25 13:39 - 00368672 _____ C:\WINDOWS\system32\ativvaxy_el_nd.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00322736 _____ C:\WINDOWS\system32\ativvaxy_vi_nd.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00270912 _____ C:\WINDOWS\system32\ativvaxy_stn_nd.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00266816 _____ C:\WINDOWS\system32\ativvaxy_cz_nd.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00260980 _____ C:\WINDOWS\system32\ativvaxy_FJ.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00260720 _____ C:\WINDOWS\system32\ativvaxy_FJ_nd.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00234292 _____ C:\WINDOWS\system32\ativvaxy_cik.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00234032 _____ C:\WINDOWS\system32\ativvaxy_cik_nd.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00177280 _____ C:\WINDOWS\system32\ativce03.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00100816 _____ C:\WINDOWS\system32\ativce02.dat
2016-07-25 13:38 - 2016-07-25 13:38 - 00731440 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2016-07-25 13:38 - 2016-07-25 13:38 - 00731440 _____ C:\WINDOWS\system32\atiapfxx.blb
2016-07-25 13:37 - 2016-07-25 13:37 - 00890373 _____ C:\WINDOWS\system32\amdicdxx.dat
2016-07-25 13:37 - 2016-07-25 13:37 - 00175584 _____ C:\WINDOWS\system32\amde31a.dat
2016-07-25 13:37 - 2016-07-25 13:37 - 00166624 _____ C:\WINDOWS\system32\amde34b.dat
2016-07-25 13:37 - 2016-07-25 13:37 - 00166624 _____ C:\WINDOWS\system32\amde34a.dat
2016-07-25 13:37 - 2016-07-25 13:37 - 00016827 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2016-07-20 15:30 - 2016-08-07 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2016-07-20 15:30 - 2016-07-20 15:31 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Guild Wars 2
2016-07-20 15:30 - 2016-07-20 15:30 - 00000643 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-19 21:21 - 2016-03-12 23:50 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-19 21:07 - 2016-04-11 12:30 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\DesktopOK
2016-08-19 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-19 19:07 - 2016-03-20 20:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-08-19 15:40 - 2016-07-17 00:20 - 00526306 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-19 15:40 - 2016-07-17 00:20 - 00106130 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-19 15:40 - 2016-03-12 22:03 - 01614686 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-19 15:34 - 2016-07-16 08:04 - 00131072 _____ C:\WINDOWS\system32\config\BBI
2016-08-19 14:57 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-08-19 14:55 - 2016-07-10 23:45 - 00000000 ____D C:\Users\Ondra\AppData\Local\CrashDumps
2016-08-19 14:55 - 2016-03-12 23:52 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\TS3Client
2016-08-19 14:51 - 2016-03-31 00:41 - 00007600 _____ C:\Users\Ondra\AppData\Local\Resmon.ResmonCfg
2016-08-19 14:37 - 2016-04-02 22:35 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2016-08-19 13:44 - 2016-07-16 13:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-08-18 23:03 - 2016-03-25 23:42 - 00000000 ____D C:\Users\Ondra\AppData\Local\Battle.net
2016-08-18 21:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-18 21:34 - 2016-03-25 23:42 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-08-18 18:04 - 2016-03-13 00:16 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\vlc
2016-08-17 14:46 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-15 15:58 - 2016-03-13 12:50 - 00000000 ____D C:\Users\Ondra\Documents\My Games
2016-08-14 00:26 - 2016-03-12 23:32 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-08-12 12:32 - 2016-06-01 15:51 - 00000000 ____D C:\Users\Ondra\Documents\The Witcher 3
2016-08-11 12:08 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-08-10 19:22 - 2016-02-13 15:24 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-10 18:47 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-10 18:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-08-10 18:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-08-10 18:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-08-10 18:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-08-10 18:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-08-10 18:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-10 18:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-08-10 16:23 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-10 16:22 - 2016-03-13 01:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 16:20 - 2016-03-13 01:26 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-08 09:29 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-07 22:14 - 2016-03-12 22:00 - 00000000 ____D C:\Users\Ondra\AppData\Local\Packages
2016-08-07 21:14 - 2016-07-16 13:49 - 00000000 ____D C:\WINDOWS\Setup
2016-08-07 21:14 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-07 21:11 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-08-07 21:11 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-08-07 21:11 - 2016-07-16 13:43 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-08-07 21:11 - 2016-07-16 13:43 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-08-07 21:11 - 2016-07-16 13:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-08-07 21:11 - 2016-07-16 13:43 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-08-07 21:11 - 2016-07-16 13:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-08-07 21:11 - 2016-07-16 13:43 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-08-07 21:11 - 2016-07-16 13:43 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-08-07 21:11 - 2016-07-16 13:43 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-08-07 21:11 - 2016-07-16 13:43 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-08-07 21:11 - 2016-07-16 13:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-08-07 21:11 - 2016-07-16 13:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-08-07 21:11 - 2016-07-16 13:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-08-07 21:11 - 2016-07-16 13:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-08-07 21:11 - 2016-07-16 13:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-08-07 21:11 - 2016-07-16 13:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-08-07 21:11 - 2016-07-16 13:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-08-07 21:11 - 2016-07-16 13:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-08-07 21:11 - 2016-07-16 13:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2016-08-07 20:48 - 2016-04-08 20:37 - 00000980 __RSH C:\ProgramData\ntuser.pol
2016-08-07 20:34 - 2016-03-12 22:01 - 00002387 _____ C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-07 20:34 - 2016-03-12 22:01 - 00000000 ___RD C:\Users\Ondra\OneDrive
2016-08-07 20:23 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-07 20:23 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-08-07 20:22 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-07 20:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-07 20:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-08-07 20:22 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-08-07 20:22 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-07 20:21 - 2016-07-13 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2016-08-07 20:21 - 2016-07-07 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2016-08-07 20:21 - 2016-06-01 15:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher® 3 - Wild Hunt [GOG.com]
2016-08-07 20:21 - 2016-05-28 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topcon
2016-08-07 20:21 - 2016-05-01 10:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2016-08-07 20:21 - 2016-03-25 23:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-08-07 20:21 - 2016-03-20 20:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2016-08-07 20:21 - 2016-03-18 19:48 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hideman
2016-08-07 20:21 - 2016-03-13 11:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2016-08-07 20:21 - 2016-03-13 00:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-08-07 20:21 - 2016-03-13 00:15 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2016-08-07 20:21 - 2016-03-12 23:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-08-07 20:21 - 2016-03-12 23:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcGIS
2016-08-07 20:21 - 2016-03-12 23:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-07 20:21 - 2016-03-12 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unified Remote 3
2016-08-07 20:21 - 2016-03-12 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2016-08-07 20:21 - 2016-03-12 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-08-07 20:21 - 2016-03-12 23:32 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2016-08-07 20:21 - 2016-03-12 23:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2016-08-07 20:21 - 2016-03-12 23:29 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2016-08-07 20:21 - 2016-03-12 23:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-08-07 20:21 - 2016-03-12 22:21 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-07 20:21 - 2016-03-12 22:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-07 20:21 - 2016-03-12 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAM CoDeC Pack
2016-08-07 20:20 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2016-08-07 20:17 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-07 20:17 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-07 20:17 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\System
2016-08-07 20:17 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-07 20:17 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-07 20:17 - 2016-07-09 12:58 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-08-07 20:17 - 2016-05-11 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trimble
2016-08-07 20:17 - 2016-04-17 15:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2016-08-07 20:17 - 2016-04-05 15:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries
2016-08-07 20:17 - 2016-03-12 23:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2016-08-07 20:17 - 2016-03-12 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-08-07 20:17 - 2016-03-12 23:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-08-07 20:17 - 2016-03-12 22:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2016-08-07 20:17 - 2016-03-12 22:01 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2016-08-07 20:16 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-07 20:16 - 2016-03-29 11:43 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-08-07 20:16 - 2016-03-12 22:36 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-08-07 20:16 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-08-07 20:15 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-07 20:15 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-08-07 19:28 - 2016-03-12 23:38 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Riot Games
2016-08-03 20:10 - 2016-06-04 17:10 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\TeamViewer
2016-08-03 16:08 - 2016-03-12 22:00 - 00000000 ____D C:\Users\Ondra\AppData\Local\TileDataLayer
2016-08-02 10:37 - 2016-03-12 22:36 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\discord
2016-08-02 02:09 - 2016-07-07 12:30 - 00000000 ____D C:\Users\Ondra\AppData\Local\Plex Media Server
2016-08-01 22:58 - 2016-03-12 22:36 - 00002233 _____ C:\Users\Ondra\Desktop\Discord.lnk
2016-08-01 22:58 - 2016-03-12 22:36 - 00000000 ____D C:\Users\Ondra\AppData\Local\Discord
2016-08-01 20:30 - 2016-03-13 22:43 - 00111928 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-07-29 16:48 - 2016-03-13 22:43 - 00111928 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2016-07-27 21:25 - 2016-03-13 00:58 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-25 22:56 - 2016-07-15 21:30 - 00149352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2016-07-25 22:56 - 2016-07-15 21:18 - 09310736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2016-07-25 22:56 - 2016-07-15 21:18 - 00180432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2016-07-25 22:55 - 2016-07-15 21:29 - 10967952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2016-07-25 22:55 - 2016-07-15 21:18 - 09108624 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2016-07-25 22:55 - 2016-07-15 21:18 - 01546848 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-07-25 22:55 - 2016-07-15 21:18 - 01272432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-07-25 22:53 - 2016-07-15 21:27 - 00232472 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-07-25 22:53 - 2016-07-15 21:27 - 00012824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2016-07-25 22:52 - 2016-07-15 21:26 - 26717720 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2016-07-25 22:52 - 2016-07-15 21:26 - 00509464 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2016-07-23 20:46 - 2016-04-05 19:25 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\steelseries-engine-3-client

==================== Files in the root of some directories =======

2016-03-31 00:41 - 2016-08-19 14:51 - 0007600 _____ () C:\Users\Ondra\AppData\Local\Resmon.ResmonCfg
2016-03-12 23:24 - 2016-03-12 23:24 - 0000057 _____ () C:\ProgramData\Ament.ini

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-18 13:26

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-2735073394-199789404-1462047816-1001\...\Run: [Ondra] => explorer.exe hxxp://sd-steam.info <===== ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
c:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
End

Uložte do D:\STAŽENÉ jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[louwe]

Fix result of Farbar Recovery Scan Tool (x64) Version: 19-08-2016
Ran by Ondra (19-08-2016 21:52:32) Run:1
Running from D:\STAŽENÉ
Loaded Profiles: Ondra (Available Profiles: Ondra)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-2735073394-199789404-1462047816-1001\...\Run: [Ondra] => explorer.exe hxxp://sd-steam.info <===== ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
c:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
End
*****************

HKU\S-1-5-21-2735073394-199789404-1462047816-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Ondra => value removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
c:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully


The system needed a reboot.

==== End of Fixlog 21:52:32 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[louwe]

Po restartu zatím vše vypadá v pořádku. Děkuji moc za pomoc !

[Rudy]

Nemáte zač!

[louwe]

Oprava, problém je zpět.

[Rudy]

Udělejte ještě tyto skeny:

1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.