Zdravím,mam podezření,že jsem si do PC natáhl ratku..Vždy se mi při spouštění systému načítá CMD řádek,což se v minulosti nedělo,prosím o kontrolu logu.
reLogfile of random's system information tool 1.10 (written by random/random)
Run by Dominik at 2016-12-17 22:18:13
Microsoft Windows 10 Home
System drive C: has 768 GB (83%) free of 927 GB
Total RAM: 7359 MB (29% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:18:44, on 17.12.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0596)
Boot mode: Normal
Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Users\Dominik\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Dominik\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\GameforgeLive\Games\CZE_ces\4Story\PrePatch.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files\trend micro\Dominik.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Zygor Guides Client] "C:\Users\Dominik\AppData\Roaming\Zygor Guides Client\startup.bat"
O4 - HKLM\..\Run: [4StoryPrePatch] C:\Program Files (x86)\GameforgeLive\Games\CZE_ces\4Story\PrePatch.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Dominik\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [BingSvc] C:\Users\Dominik\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [OscarX7Mouse5Mode] "C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [5711EEA2D67F0B7B839A1BB43EF53F163B6B3778._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service /prefetch:8
O4 - HKCU\..\Run: [HP Deskjet 3540 series (NET)] "C:\Program Files\HP\HP Deskjet 3540 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN4BT2323505X5:NW" -scfn "HP Deskjet 3540 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Dominik\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Dominik\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9642 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-741f0b42-1170-49aa-a932-c886a0e52f17 -SystemEventPortName:HostProcess-3383dac4-596c-41e4-8378-b71f54517bf9 -IoCancelEventPortName:HostProcess-99352eee-14b1-4475-a108-cc0996ea6592 -NonStateChangingEventPortName:HostProcess-a288b3e7-939e-4756-8e75-a87e852ab820 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c6e564ab-b982-4550-93c1-32754725e1b1 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {27303f48-0f8d-4704-ab4f54bf7750b52b}
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe"
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
atieclxx
C:\Windows\System32\RuntimeBroker.exe -Embedding
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
sihost.exe
C:\WINDOWS\Explorer.EXE
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Users\Dominik\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Users\Dominik\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe" Minimum
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service /prefetch:8
"C:\Program Files\HP\HP Deskjet 3540 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN4BT2323505X5:NW" -scfn "HP Deskjet 3540 series (NET)" -AutoStart 1
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\GameforgeLive\Games\CZE_ces\4Story\PrePatch.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
"C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe"
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" "-cachedir=C:\Users\Dominik\AppData\Local\Steam\htmlcache" "-steampid=44836" "-buildid=1481318740" "-steamid=0" --disable-gpu-compositing --disable-gpu --process-per-tab --disable-spell-checking --disable-out-of-process-pac --disable-smooth-scrolling --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Dominik\AppData\Local\Chromium\User Data\Crashpad" "--metrics-dir=C:\Users\Dominik\AppData\Local\Chromium\User Data" --annotation=channel= --annotation=plat=Win32 --annotation=prod= --annotation=ver=01.00.00.01-devel --handshake-handle=0x2c4
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --disable-smooth-scrolling --enable-pinch --primordial-pipe-token=0E53CC6EEF5B06C7C629F5681D3F83A2 --lang=en-US --lang=en-US --log-file="C:\Program Files (x86)\Steam\bin\cef\cef.win7\debug.log" --product-version="Valve Steam Client" --disable-spell-checking --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --service-request-channel-token=0E53CC6EEF5B06C7C629F5681D3F83A2 --mojo-platform-channel-handle=1848 /prefetch:1
"fontdrvhost.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Dominik\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=55.0.2883.87 --handshake-handle=0x248
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=15412 --on-initialized-event-handle=756 --parent-handle=764 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Disabled/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/Html5ByDefault/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Default/*SiteIsolationExtensions/Control/StrictSecureCookies/Default/SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_70/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --supports-dual-gpus=false --gpu-driver-bug-workarounds=6,17,18,21,24,37,65 --gpu-vendor-id=0x1002 --gpu-device-id=0x6611 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=20.19.0.32832 --gpu-driver-date=6-30-2016 --gpu-secondary-vendor-ids=0x1002 --gpu-secondary-device-ids=0x990c --service-request-channel-token=B2522BE801CE065C7CAB9653D30578DE --mojo-platform-channel-handle=1372 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Disabled/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/Html5ByDefault/Default/*InstanceID/Enabled/MaterialDesignDownloads/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Default/*SiteIsolationExtensions/Control/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_70/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=EADCA961065510F56DDC1A11BF081396 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=EADCA961065510F56DDC1A11BF081396 --mojo-platform-channel-handle=2460 /prefetch:1
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --disable-smooth-scrolling --enable-pinch --primordial-pipe-token=A2C2A950276283FB7D226EAAF74F0545 --lang=en-US --lang=en-US --log-file="C:\Program Files (x86)\Steam\bin\cef\cef.win7\debug.log" --product-version="Valve Steam Client" --disable-spell-checking --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --service-request-channel-token=A2C2A950276283FB7D226EAAF74F0545 --mojo-platform-channel-handle=4756 /prefetch:1
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 90B5AAFE-D18F-E969-C505-B46DF2E96D53 -Reinvoke
"C:\Program Files\Unity\Editor\Unity.exe" -openfile "C:\Users\Dominik\Desktop\objekty\lol\Assets\scena.unity"
"C:\Program Files\Unity\Editor\Data\Tools64\UnityShaderCompiler.exe" "C:/Program Files/Unity/Editor/Data" "./Library/shadercompiler-UnityShaderCompiler.exe0.log" "51793" ""
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:/Program Files/Unity/Editor/UnityHelper.exe" --type=gpu-process --channel="10428.0.120865123\1175468472" --no-sandbox --lang=en --log-severity=disable --user-agent="Mozilla/5.0 (Windows; Win64; ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.94 Safari/537.36 Unity/5.5.0f2 (unity3d.com)" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17 --gpu-vendor-id=0x1002 --gpu-device-id=0x6611 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=20.19.0.32832 --lang=en --log-severity=disable --user-agent="Mozilla/5.0 (Windows; Win64; ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.94 Safari/537.36 Unity/5.5.0f2 (unity3d.com)" /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/*DataReductionProxyUseQuic/Disabled/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/*EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/*Html5ByDefault/Default/*InstanceID/Enabled/MaterialDesignDownloads/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Default/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_70/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=63A61454C7E1B989180BB58AF4C5C1C1 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=63A61454C7E1B989180BB58AF4C5C1C1 --mojo-platform-channel-handle=6844 /prefetch:1
taskhostw.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/*DataReductionProxyUseQuic/Disabled/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/*EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/*Html5ByDefault/Default/*InstanceID/Enabled/MaterialDesignDownloads/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Default/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_70/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=6BC3B67263A66C47F48BAB1544901C31 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=6BC3B67263A66C47F48BAB1544901C31 --mojo-platform-channel-handle=2888 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/*DataReductionProxyUseQuic/Disabled/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/*EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/*Html5ByDefault/Default/*InstanceID/Enabled/MaterialDesignDownloads/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Default/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_70/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=67D298E107BB6D1EBF5FD8BCCD93CDDD --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=67D298E107BB6D1EBF5FD8BCCD93CDDD --mojo-platform-channel-handle=4988 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/*DataReductionProxyUseQuic/Disabled/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/*EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/*Html5ByDefault/Default/*InstanceID/Enabled/MaterialDesignDownloads/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Default/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_70/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=EA6D7CF25A38A83C952AA7AD61B14D51 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=EA6D7CF25A38A83C952AA7AD61B14D51 --mojo-platform-channel-handle=5532 /prefetch:1
"C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\Dominik\Downloads\DarkCometRemover2.zip"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/*DataReductionProxyUseQuic/Disabled/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/*EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/*Html5ByDefault/Default/*InstanceID/Enabled/MaterialDesignDownloads/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Default/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_70/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=A4E4727F71187FB218BA656FAA9AE7AB --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=A4E4727F71187FB218BA656FAA9AE7AB --mojo-platform-channel-handle=5680 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/*DataReductionProxyUseQuic/Disabled/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/*EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/*Html5ByDefault/Default/*InstanceID/Enabled/MaterialDesignDownloads/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Default/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_70/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=55C99ACD6F88047DB4476A10305FC76B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=55C99ACD6F88047DB4476A10305FC76B --mojo-platform-channel-handle=8628 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe133_ Global\UsGthrCtrlFltPipeMssGthrPipe133 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 616 620 628 8192 624
"C:\Users\Dominik\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\WINDOWS\tasks\update-S-1-5-21-1216999021-247591871-2712276268-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\WINDOWS\tasks\update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-10-05 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-10-05 186944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-07-26 13636824]
"UMonit"=C:\WINDOWS\SysWOW64\UMonit64.exe []
"StartCN"=C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [2016-06-24 6613896]
"Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2016-11-29 2786768]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Dominik\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-12-13 1517280]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-08-05 8894680]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-07-13 29494400]
"BingSvc"=C:\Users\Dominik\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-05 144008]
"OscarX7Mouse5Mode"=C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe [2012-03-20 3521024]
"5711EEA2D67F0B7B839A1BB43EF53F163B6B3778._service_run"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2016-12-08 1104728]
"HP Deskjet 3540 series (NET)"=C:\Program Files\HP\HP Deskjet 3540 series\Bin\ScanToPCActivationApp.exe [2014-03-06 3487240]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-12-09 2876704]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Dominik\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Lightshot"=C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [2016-07-11 225944]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22 598552]
"Zygor Guides Client"=C:\Users\Dominik\AppData\Roaming\Zygor Guides Client\startup.bat [2016-12-17 478]
"4StoryPrePatch"=C:\Program Files (x86)\GameforgeLive\Games\CZE_ces\4Story\PrePatch.exe [2014-04-24 327680]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"DSCAutomationHostEnabled"=2
"PromptOnSecureDesktop"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-12-17 22:18:14 ----D---- C:\Program Files\trend micro
2016-12-17 22:18:13 ----D---- C:\rsit
2016-12-17 22:12:49 ----D---- C:\Users\Dominik\AppData\Roaming\PhrozenSoft
2016-12-13 17:15:31 ----A---- C:\WINDOWS\system32\drivers\MBAMChameleon.sys
2016-12-13 17:15:19 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2016-12-13 17:15:19 ----A---- C:\WINDOWS\system32\drivers\farflt.sys
2016-12-13 17:15:14 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-12-13 17:15:09 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2016-12-13 17:14:51 ----A---- C:\WINDOWS\system32\drivers\mbae64.sys
2016-12-13 17:14:44 ----D---- C:\ProgramData\Malwarebytes
2016-12-13 17:14:44 ----D---- C:\Program Files\Malwarebytes
2016-12-11 11:45:04 ----AD---- C:\Program Files (x86)\Araz4Story Old School
2016-12-09 22:57:18 ----D---- C:\v4story 3.4
2016-12-09 17:07:24 ----AD---- C:\Program Files (x86)\v4story 3.4
2016-11-27 17:00:37 ----D---- C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
2016-11-25 21:28:04 ----D---- C:\mojemapa
======List of files/folders modified in the last 1 month======
2016-12-17 22:18:26 ----D---- C:\WINDOWS\prefetch
2016-12-17 22:18:14 ----RD---- C:\Program Files
2016-12-17 22:18:01 ----D---- C:\WINDOWS\Temp
2016-12-17 22:18:00 ----D---- C:\WINDOWS\system32\sru
2016-12-17 22:16:19 ----D---- C:\Users\Dominik\AppData\Roaming\TS3Client
2016-12-17 21:13:04 ----D---- C:\ProgramData\Unity
2016-12-17 19:24:12 ----D---- C:\Program Files (x86)\Steam
2016-12-17 18:17:38 ----D---- C:\WINDOWS\Microsoft.NET
2016-12-17 13:32:11 ----SHD---- C:\WINDOWS\Installer
2016-12-17 13:27:07 ----RD---- C:\Program Files (x86)
2016-12-17 13:27:04 ----D---- C:\WINDOWS\Tasks
2016-12-17 13:10:30 ----D---- C:\Users\Dominik\AppData\Roaming\Skype
2016-12-15 15:47:23 ----SHD---- C:\System Volume Information
2016-12-15 15:02:06 ----D---- C:\WINDOWS\System32
2016-12-15 15:02:06 ----D---- C:\WINDOWS\INF
2016-12-15 15:02:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-15 15:01:29 ----D---- C:\WINDOWS\system32\WDI
2016-12-15 14:58:33 ----D---- C:\ProgramData\McAfee
2016-12-15 14:58:33 ----D---- C:\Program Files (x86)\Common Files
2016-12-13 17:15:31 ----D---- C:\WINDOWS\system32\drivers
2016-12-13 17:14:44 ----HD---- C:\ProgramData
2016-12-13 17:08:48 ----D---- C:\WINDOWS\system32\Tasks
2016-12-01 20:34:07 ----AD---- C:\Program Files (x86)\TeamViewer
2016-11-28 13:21:09 ----D---- C:\WINDOWS\system32\config
2016-11-27 16:39:06 ----D---- C:\Program Files\Unity
2016-11-27 16:39:05 ----D---- C:\WINDOWS\CbsTemp
2016-11-24 21:48:32 ----D---- C:\MapEditorTemp
2016-11-23 17:56:26 ----D---- C:\4Story
2016-11-21 16:33:47 ----D---- C:\WINDOWS\Minidump
2016-11-21 16:33:42 ----D---- C:\WINDOWS
2016-11-18 00:33:23 ----D---- C:\Program Files (x86)\GameforgeLive
2016-11-18 00:03:09 ----AD---- C:\Program Files (x86)\World of Warcraft
2016-11-18 00:02:49 ----AD---- C:\Program Files (x86)\Battle.net
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2013-07-22 80640]
R0 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2013-07-22 25344]
R0 amdkmpfd;@oem14.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2013-09-24 36608]
R0 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2016-12-15 250816]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2016-11-29 77408]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-04-23 87552]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [2016-12-13 176064]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2016-08-12 26706432]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2016-08-12 518656]
R3 athur;@oem30.inf,%ATHR.Service.DispName%;Atheros AR9271 Wireless Network Adapter Service; C:\WINDOWS\System32\drivers\athurx.sys [2010-01-05 1847296]
R3 AtiHDAudioService;@oem2.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2015-05-28 102912]
R3 GeneStor;@oem11.inf,%GENESTOR.SvcDesc%;Genesys Logic Storage Driver; C:\WINDOWS\System32\drivers\GeneStor.sys [2015-07-16 115704]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-07-31 3565528]
R3 MBAMFarflt;MBAMFarflt; \??\C:\WINDOWS\system32\drivers\farflt.sys [2016-12-15 102856]
R3 MBAMProtection;MBAMProtection; \??\C:\WINDOWS\system32\drivers\mbam.sys [2016-12-15 43968]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\WINDOWS\system32\drivers\mwac.sys [2016-12-15 91584]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-10-30 589824]
R3 SensorsSimulatorDriver;@oem35.inf,%WudfSensorsSimulatorDriverDisplayName%;UMDF Reflector service for SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2015-10-30 216064]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2015-10-30 12800]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-03-15 117248]
S3 CEDRIVER60;CEDRIVER60; \??\C:\Program Files (x86)\Cheat Engine 6.5.1\dbk64.sys [2016-05-19 94040]
S3 dg_ssudbus;@oem15.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\System32\drivers\ssudbus.sys [2016-07-22 130688]
S3 EagleX64;EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [2016-11-14 140600]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-10-30 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 ssadbus;@oem0.inf,%SAMSUNG.Service.Desc%;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\System32\drivers\ssadbus.sys [2011-05-13 157672]
S3 ssadserd;@oem16.inf,%Samsung.Service.Name%;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\System32\drivers\ssadserd.sys [2011-05-13 146920]
S3 ssudmdm;@oem26.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-07-22 164992]
S3 ssudqcfilter;@oem21.inf,%ssudqcfilter.SvcDesc%;SAMSUNG Mobile USB QCRMNET Filter Driver; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [2015-12-08 57648]
S3 ssudserd;@oem18.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\WINDOWS\System32\drivers\ssudserd.sys [2015-12-08 214832]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2016-04-23 63488]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-10-30 45056]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2016-05-28 258912]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-09-07 131424]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdaptiveSleepService;AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [2016-06-24 138752]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2016-08-12 287232]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2016-11-29 4317648]
R2 OneSyncSvc_e3fe86c;Hostitel synchronizace_e3fe86c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 PimIndexMaintenanceSvc_e3fe86c;Data kontaktů_e3fe86c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-12-09 1467168]
R3 UnistoreSvc_e3fe86c;Úložiště uživatelských dat_e3fe86c; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-14 154440]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_12c072;Hostitel synchronizace_12c072; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_344a95f4;Hostitel synchronizace_344a95f4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_7bc12f35;Hostitel synchronizace_7bc12f35; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_8633f68c;Hostitel synchronizace_8633f68c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_dad9dd7d;Hostitel synchronizace_dad9dd7d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-05-23 324224]
S2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-11-28 10216688]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-10-30 51376]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-24 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-14 154440]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_12c072;Služba zasílání zpráv_12c072; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_344a95f4;Služba zasílání zpráv_344a95f4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_7bc12f35;Služba zasílání zpráv_7bc12f35; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_8633f68c;Služba zasílání zpráv_8633f68c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_dad9dd7d;Služba zasílání zpráv_dad9dd7d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_e3fe86c;Služba zasílání zpráv_e3fe86c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\syswow64\GameMon.des [2016-05-15 5741064]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_12c072;Data kontaktů_12c072; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_344a95f4;Data kontaktů_344a95f4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_7bc12f35;Data kontaktů_7bc12f35; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_8633f68c;Data kontaktů_8633f68c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_dad9dd7d;Data kontaktů_dad9dd7d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2016-09-07 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 290304]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 UnistoreSvc_12c072;Úložiště uživatelských dat_12c072; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 UnistoreSvc_344a95f4;Úložiště uživatelských dat_344a95f4; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 UnistoreSvc_7bc12f35;Úložiště uživatelských dat_7bc12f35; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 UnistoreSvc_8633f68c;Úložiště uživatelských dat_8633f68c; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 UnistoreSvc_dad9dd7d;Úložiště uživatelských dat_dad9dd7d; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu RSIT logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu RSIT logu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu RSIT logu
# AdwCleaner v6.041 - Log vytvořen 17/12/2016 v 22:35:19
# Aktualizováno dne 16/12/2016 z Malwarebytes
# Databáze : 2016-12-17.2 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Dominik - DESKTOP-VABBR69
# Spuštěno z : C:\Users\Dominik\Desktop\adwcleaner_6.041.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[#] Klíč smazán po restartu: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
***** [ Prohlížeče ] *****
[-] [C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazáno: fcfenmboojpjinhpgggodefccipikbpd
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1128 Bajty] - [17/12/2016 22:35:19]
C:\AdwCleaner\AdwCleaner[S0].txt - [1583 Bajty] - [17/12/2016 22:34:57]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1274 Bajty] ##########
# Aktualizováno dne 16/12/2016 z Malwarebytes
# Databáze : 2016-12-17.2 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Dominik - DESKTOP-VABBR69
# Spuštěno z : C:\Users\Dominik\Desktop\adwcleaner_6.041.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[#] Klíč smazán po restartu: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
***** [ Prohlížeče ] *****
[-] [C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazáno: fcfenmboojpjinhpgggodefccipikbpd
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1128 Bajty] - [17/12/2016 22:35:19]
C:\AdwCleaner\AdwCleaner[S0].txt - [1583 Bajty] - [17/12/2016 22:34:57]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1274 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu RSIT logu
Dejte log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu RSIT logu
Vkládam FRST LOG.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2016
Ran by SYSTEM on MININT-SD2H6A0 (18-12-2016 11:55:15)
Running from D:\
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-25] (Realtek Semiconductor)
HKLM\...\Run: [UMonit] => C:\WINDOWS\SysWOW64\UMonit64.exe
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-24] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2786768 2016-11-29] (Malwarebytes)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-21] (Oracle Corporation)
HKLM-x32\...\Run: [4StoryPrePatch] => C:\Program Files (x86)\GameforgeLive\Games\CZE_ces\4Story\PrePatch.exe [327680 2014-04-24] (Zemi Interactive Inc.)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-24] ()
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-11-29] (Malwarebytes)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5741064 2016-05-15] (INCA Internet Co., Ltd.)
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10216688 2016-11-28] (TeamViewer GmbH)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364456 2016-09-06] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-09-06] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-09-24] (Advanced Micro Devices, Inc.)
S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-27] (Advanced Micro Devices)
S3 CEDRIVER60; C:\Program Files (x86)\Cheat Engine 6.5.1\dbk64.sys [94040 2016-05-19] ()
S3 dg_ssudbus; C:\Windows\System32\drivers\ssudbus.sys [130688 2016-07-21] (Samsung Electronics Co., Ltd.)
S3 EagleX64; C:\WINDOWS\system32\drivers\EagleX64.sys [140600 2016-11-14] (AhnLab, Inc.)
S1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2016-11-28] ()
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [115704 2015-07-15] (GenesysLogic)
S2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176064 2016-12-13] (Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2016-12-18] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2016-12-18] (Malwarebytes)
S0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [250816 2016-12-18] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2016-12-18] (Malwarebytes)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-29] (Realtek )
S3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-29] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-21] (Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\Windows\System32\drivers\ssudqcfilter.sys [57648 2015-12-07] (QUALCOMM Incorporated)
S3 ssudserd; C:\Windows\System32\drivers\ssudserd.sys [214832 2015-12-07] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [114632 2015-09-15] (BigNox Corporation)
S1 VBoxUSBMon; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-15] (BigNox Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-29] (Microsoft Corporation)
S0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-29] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-29] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-18 11:54 - 2016-12-18 11:54 - 00000000 ____D C:\FRST
2016-12-17 13:30 - 2016-12-17 13:35 - 00000000 ____D C:\AdwCleaner
2016-12-17 13:18 - 2016-12-17 13:18 - 00000000 ____D C:\rsit
2016-12-17 13:18 - 2016-12-17 13:18 - 00000000 ____D C:\Program Files\trend micro
2016-12-17 13:17 - 2016-12-17 13:17 - 01222144 _____ C:\Users\Dominik\Downloads\RSITx64.exe
2016-12-17 13:12 - 2016-12-17 13:12 - 01767759 _____ C:\Users\Dominik\Downloads\DarkCometRemover2.zip
2016-12-17 13:12 - 2016-12-17 13:12 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\PhrozenSoft
2016-12-17 12:18 - 2016-12-17 12:18 - 00000798 _____ C:\Users\Dominik\Downloads\TClientP (1).IDX
2016-12-17 12:06 - 2016-12-17 12:06 - 00004694 _____ C:\Users\Dominik\Downloads\Tcd (2).rar
2016-12-15 06:02 - 2016-12-15 06:02 - 00350460 _____ C:\Users\Dominik\Downloads\skolni-seznam-literarnich-del-3572 (1).pdf
2016-12-15 06:02 - 2016-12-15 06:02 - 00350460 _____ C:\Users\Dominik\Downloads\seznam-cetby-pro-studijni-obory-3573 (1).pdf
2016-12-15 06:02 - 2016-12-15 06:02 - 00233098 _____ C:\Users\Dominik\Downloads\literarni-rozbor-knihy-3570 (1).pdf
2016-12-15 06:02 - 2016-12-15 06:02 - 00212841 _____ C:\Users\Dominik\Downloads\zakovsky-seznam-literarnich-del-vzor-3574 (1).pdf
2016-12-15 06:02 - 2016-12-15 06:02 - 00195902 _____ C:\Users\Dominik\Downloads\zakovsky-seznam-literarnich-del-3571 (1).pdf
2016-12-14 09:14 - 2016-12-14 09:14 - 00000000 ____D C:\Users\Dominik\AppData\Local\Chromium
2016-12-14 07:52 - 2016-12-14 07:52 - 00350460 _____ C:\Users\Dominik\Downloads\skolni-seznam-literarnich-del-3572.pdf
2016-12-14 07:52 - 2016-12-14 07:52 - 00350460 _____ C:\Users\Dominik\Downloads\seznam-cetby-pro-studijni-obory-3573.pdf
2016-12-14 07:52 - 2016-12-14 07:52 - 00233098 _____ C:\Users\Dominik\Downloads\literarni-rozbor-knihy-3570.pdf
2016-12-14 07:52 - 2016-12-14 07:52 - 00212841 _____ C:\Users\Dominik\Downloads\zakovsky-seznam-literarnich-del-vzor-3574.pdf
2016-12-14 07:52 - 2016-12-14 07:52 - 00195902 _____ C:\Users\Dominik\Downloads\zakovsky-seznam-literarnich-del-3571.pdf
2016-12-13 10:57 - 2016-12-13 10:57 - 00014072 _____ C:\Users\Dominik\Downloads\TNPC00000402.tcd
2016-12-13 08:39 - 2016-12-13 08:39 - 00000000 ____D C:\Users\Dominik\Desktop\Tcd - kopie
2016-12-13 08:15 - 2016-12-18 02:50 - 00102856 _____ (Malwarebytes) C:\Windows\System32\Drivers\farflt.sys
2016-12-13 08:15 - 2016-12-18 02:50 - 00091584 _____ (Malwarebytes) C:\Windows\System32\Drivers\mwac.sys
2016-12-13 08:15 - 2016-12-18 02:49 - 00250816 _____ (Malwarebytes) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2016-12-13 08:15 - 2016-12-18 02:49 - 00043968 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbam.sys
2016-12-13 08:15 - 2016-12-13 08:15 - 00176064 _____ (Malwarebytes) C:\Windows\System32\Drivers\MBAMChameleon.sys
2016-12-13 08:14 - 2016-12-13 08:14 - 00001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2016-12-13 08:14 - 2016-12-13 08:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-13 08:14 - 2016-12-13 08:14 - 00000000 ____D C:\Program Files\Malwarebytes
2016-12-13 08:14 - 2016-11-28 21:27 - 00077408 _____ C:\Windows\System32\Drivers\mbae64.sys
2016-12-13 08:11 - 2016-12-13 08:13 - 51969976 _____ (Malwarebytes ) C:\Users\Dominik\Downloads\mb3-setup-consumer-3.0.4.1269.exe
2016-12-13 08:08 - 2016-12-13 08:08 - 00003294 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-11 05:36 - 2016-12-11 05:36 - 00004849 _____ C:\Users\Dominik\Downloads\TNPC00000402 (1).zip
2016-12-11 05:36 - 2016-12-11 05:36 - 00004693 _____ C:\Users\Dominik\Downloads\TNPC00000401 (1).zip
2016-12-11 02:46 - 2016-12-11 02:46 - 00000000 ____D C:\Users\Dominik\Desktop\pes
2016-12-10 13:26 - 2016-12-11 02:43 - 1230234769 _____ (Araz Games ) C:\Users\Dominik\Downloads\Araz4Story Old School Setup.exe
2016-12-10 09:19 - 2016-12-10 09:19 - 00014354 _____ C:\Users\Dominik\Downloads\TNPC00000405.tcd
2016-12-09 13:57 - 2016-12-11 06:29 - 00000000 ____D C:\v4story 3.4
2016-12-09 09:58 - 2016-12-09 09:59 - 00000000 ____D C:\Users\Dominik\Desktop\v4story
2016-12-09 08:10 - 2016-12-09 08:10 - 00001098 _____ C:\Users\Public\Desktop\v4story 3.4.lnk
2016-12-09 08:07 - 2016-12-17 13:07 - 00000000 ____D C:\Program Files (x86)\v4story 3.4
2016-12-04 11:46 - 2016-12-04 11:47 - 00013569 _____ C:\Users\Dominik\Downloads\CzTZivi_mrtvi_The_Walking_Dead_S07E06_Swear_TvRip_720p_.torrent
2016-12-04 05:17 - 2016-12-04 05:17 - 01292302 _____ C:\Users\Dominik\Downloads\EM2000001_38.rar
2016-12-04 03:20 - 2016-12-04 03:20 - 00044163 _____ C:\Users\Dominik\Downloads\Tcd (1).rar
2016-12-04 03:20 - 2016-12-04 03:20 - 00000798 _____ C:\Users\Dominik\Downloads\TClientP.IDX
2016-12-04 03:12 - 2016-12-04 03:12 - 00044163 _____ C:\Users\Dominik\Downloads\Tcd.rar
2016-12-01 10:16 - 2016-12-01 10:17 - 00022746 _____ C:\Users\Dominik\Downloads\MapEditor (3).rar
2016-12-01 09:50 - 2016-12-01 09:50 - 00511971 _____ C:\Users\Dominik\Downloads\Assets.rar
2016-12-01 05:20 - 2016-12-01 05:20 - 04210075 _____ C:\Users\Dominik\Downloads\EM999231772_0 (2).tmu
2016-11-30 09:51 - 2016-11-30 09:51 - 04210075 _____ C:\Users\Dominik\Downloads\EM999231772_0 (1).tmu
2016-11-30 06:23 - 2016-11-30 06:23 - 04206900 _____ C:\Users\Dominik\Downloads\EM999231772_0.tmu
2016-11-30 06:23 - 2016-11-30 06:23 - 00003636 _____ C:\Users\Dominik\Downloads\TMAP.tcd
2016-11-29 08:44 - 2016-11-29 08:44 - 00719291 _____ C:\Users\Dominik\Downloads\Desktop.rar
2016-11-27 13:44 - 2016-12-11 02:51 - 00000000 ____D C:\Users\Dominik\Desktop\objekty
2016-11-27 12:11 - 2016-11-27 12:11 - 231175847 _____ C:\Users\Dominik\Downloads\MapEditor.rar
2016-11-27 08:00 - 2016-11-27 08:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
2016-11-27 07:38 - 2016-11-27 07:38 - 00000939 _____ C:\Users\Public\Desktop\Unity 5.5.0f2 (64-bit).lnk
2016-11-25 12:28 - 2016-11-25 12:28 - 00000000 ____D C:\mojemapa
2016-11-23 08:45 - 2016-11-23 08:45 - 03147520 _____ C:\Users\Dominik\Downloads\Data.zip
2016-11-21 07:33 - 2016-11-21 07:34 - 00279668 _____ C:\Windows\Minidump\112116-23359-01.dmp
2016-11-20 09:36 - 2016-11-20 09:36 - 01024811 _____ C:\Users\Dominik\Downloads\EM2000001_41.zip
2016-11-20 09:33 - 2016-11-20 09:33 - 00022920 _____ C:\Users\Dominik\Downloads\MapEditor (2).rar
2016-11-19 04:51 - 2016-11-19 04:51 - 00022920 _____ C:\Users\Dominik\Downloads\MapEditor (1).rar
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-18 02:51 - 2016-08-12 19:49 - 00065536 _____ C:\Windows\System32\spu_storage.bin
2016-12-18 02:50 - 2016-08-12 19:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-18 02:48 - 2016-08-12 17:41 - 00786432 ___SH C:\Windows\System32\config\BBI
2016-12-18 02:47 - 2016-10-13 13:11 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-18 02:26 - 2016-10-11 03:39 - 00004214 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CE15F959-F687-4564-9CAA-95FB14E63C55}
2016-12-18 02:24 - 2016-08-23 08:05 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Skype
2016-12-17 15:54 - 2016-08-14 05:13 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\TS3Client
2016-12-17 15:49 - 2016-08-15 01:58 - 00000424 _____ C:\Windows\Tasks\update-sys.job
2016-12-17 14:49 - 2016-08-15 01:58 - 00000424 _____ C:\Windows\Tasks\update-S-1-5-21-1216999021-247591871-2712276268-1001.job
2016-12-17 13:46 - 2016-08-18 09:08 - 00000000 ____D C:\Users\Dominik\AppData\Local\Nox
2016-12-17 13:45 - 2016-08-12 17:56 - 00000000 ____D C:\Windows\INF
2016-12-17 13:45 - 2016-08-12 11:46 - 00000000 ____D C:\users\Dominik
2016-12-17 13:43 - 2016-08-12 19:58 - 01873474 _____ C:\Windows\System32\PerfStringBackup.INI
2016-12-17 13:43 - 2016-08-12 18:02 - 00783844 _____ C:\Windows\System32\perfh005.dat
2016-12-17 13:43 - 2016-08-12 18:02 - 00167864 _____ C:\Windows\System32\perfc005.dat
2016-12-17 12:13 - 2016-11-07 05:52 - 00000000 ____D C:\ProgramData\Unity
2016-12-17 04:27 - 2016-08-14 00:16 - 00003470 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 04:27 - 2016-08-14 00:16 - 00003346 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-15 10:28 - 2016-08-14 00:22 - 00002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-15 05:58 - 2016-08-18 09:12 - 00000000 ____D C:\ProgramData\McAfee
2016-12-14 09:14 - 2016-10-13 20:17 - 00000000 ____D C:\Users\Dominik\AppData\Local\Steam
2016-12-13 08:08 - 2016-08-12 11:50 - 00000000 ___RD C:\Users\Dominik\OneDrive
2016-12-11 06:41 - 2016-11-07 05:16 - 00000000 ____D C:\Users\Dominik\AppData\Local\ElevatedDiagnostics
2016-12-09 11:14 - 2016-08-24 15:12 - 00000000 ____D C:\Users\Dominik\Desktop\škoal
2016-12-01 11:34 - 2016-11-04 12:54 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-01 11:33 - 2016-11-04 12:54 - 00001111 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2016-11-27 12:30 - 2016-11-07 05:52 - 00000000 ____D C:\Users\Dominik\AppData\LocalLow\Unity
2016-11-27 07:39 - 2016-11-05 04:05 - 00000000 ____D C:\Program Files\Unity
2016-11-27 07:39 - 2016-08-12 17:51 - 00000000 ____D C:\Windows\CbsTemp
2016-11-24 12:48 - 2016-11-14 07:44 - 00000000 ____D C:\MapEditorTemp
2016-11-23 08:56 - 2016-11-17 08:17 - 00000000 ____D C:\4Story
2016-11-21 07:33 - 2016-11-09 07:03 - 00000000 ____D C:\Windows\Minidump
2016-11-21 07:33 - 2016-11-09 07:02 - 782951683 _____ C:\Windows\MEMORY.DMP
Some files in TEMP:
====================
C:\Users\Dominik\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\Dominik\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\Dominik\AppData\Local\Temp\libeay32.dll
C:\Users\Dominik\AppData\Local\Temp\msvcr120.dll
C:\Users\Dominik\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Dominik\AppData\Local\Temp\sqlite3.dll
C:\Users\Dominik\AppData\Local\Temp\Uninstall.exe
==================== Known DLLs (Whitelisted) =========================
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe
[2016-05-11 04:38] - [2016-04-22 20:18] - 0585728 ____A (Microsoft Corporation) 5C156EC4E44E30331BCC865A3B61D839
C:\Windows\System32\wininit.exe
[2016-05-11 04:37] - [2016-04-22 21:06] - 0291360 ____A (Microsoft Corporation) C1C81AAF533552B3C4D9F11A5FF97700
C:\Windows\explorer.exe
[2016-09-15 07:27] - [2016-09-06 21:23] - 4515256 ____A (Microsoft Corporation) 02ADAC7A8D203C70BC0FBB34836DD4E6
C:\Windows\SysWOW64\explorer.exe
[2016-09-15 07:28] - [2016-09-06 21:21] - 4074160 ____A (Microsoft Corporation) E3F3144EE93C24EB323B0419D1A9F491
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2016-05-11 04:37] - [2016-04-22 21:00] - 1399224 ____A (Microsoft Corporation) F5F7CE3E32536F1A37FB3972F27A814F
C:\Windows\SysWOW64\User32.dll
[2016-05-11 04:37] - [2016-04-22 21:00] - 1337240 ____A (Microsoft Corporation) E7BD4D15CDC5A1E162256CFADCA92344
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2016-09-15 07:30] - [2016-09-06 20:30] - 0904704 ____A (Microsoft Corporation) 68E07DF3E6D1DFED440B82D3D33542B1
C:\Windows\System32\dnsapi.dll
[2016-04-12 23:12] - [2016-03-29 02:11] - 0686976 ____A (Microsoft Corporation) 9A3E17CDB177913C2A111C80F3D0DBB4
C:\Windows\SysWOW64\dnsapi.dll
[2016-04-12 23:12] - [2016-03-29 01:28] - 0535080 ____A (Microsoft Corporation) 6A7ACABAE92C837F5C1330188EAE36AE
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Association (Whitelisted) =============
==================== Restore Points =========================
Restore point date: 2016-10-12 04:57
Restore point date: 2016-10-12 12:01
Restore point date: 2016-10-14 07:57
Restore point date: 2016-10-22 09:24
Restore point date: 2016-10-31 03:17
Restore point date: 2016-11-05 04:08
Restore point date: 2016-11-05 04:09
Restore point date: 2016-11-15 09:10
Restore point date: 2016-11-24 05:06
Restore point date: 2016-11-27 07:39
Restore point date: 2016-12-08 06:36
Restore point date: 2016-12-15 06:47
Restore point date: 2016-12-15 06:47
==================== Memory info ===========================
Percentage of memory in use: 11%
Total physical RAM: 7358.64 MB
Available physical RAM: 6520.68 MB
Total Virtual: 7358.64 MB
Available Virtual: 6574.96 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:905.25 GB) (Free:754.21 GB) NTFS
Drive d: (NUL) (Removable) (Total:0.19 GB) (Free:0.19 GB) FAT32
Drive f: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
Drive g: (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.63 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.5 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 889BB36B)
Partition: GPT.
========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 00000000)
Partition: GPT.
LastRegBack: 2016-12-10 02:29
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2016
Ran by SYSTEM on MININT-SD2H6A0 (18-12-2016 11:55:15)
Running from D:\
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-25] (Realtek Semiconductor)
HKLM\...\Run: [UMonit] => C:\WINDOWS\SysWOW64\UMonit64.exe
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-24] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2786768 2016-11-29] (Malwarebytes)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-21] (Oracle Corporation)
HKLM-x32\...\Run: [4StoryPrePatch] => C:\Program Files (x86)\GameforgeLive\Games\CZE_ces\4Story\PrePatch.exe [327680 2014-04-24] (Zemi Interactive Inc.)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-24] ()
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-11-29] (Malwarebytes)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5741064 2016-05-15] (INCA Internet Co., Ltd.)
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10216688 2016-11-28] (TeamViewer GmbH)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364456 2016-09-06] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-09-06] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-09-24] (Advanced Micro Devices, Inc.)
S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-27] (Advanced Micro Devices)
S3 CEDRIVER60; C:\Program Files (x86)\Cheat Engine 6.5.1\dbk64.sys [94040 2016-05-19] ()
S3 dg_ssudbus; C:\Windows\System32\drivers\ssudbus.sys [130688 2016-07-21] (Samsung Electronics Co., Ltd.)
S3 EagleX64; C:\WINDOWS\system32\drivers\EagleX64.sys [140600 2016-11-14] (AhnLab, Inc.)
S1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2016-11-28] ()
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [115704 2015-07-15] (GenesysLogic)
S2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176064 2016-12-13] (Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2016-12-18] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2016-12-18] (Malwarebytes)
S0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [250816 2016-12-18] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2016-12-18] (Malwarebytes)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-29] (Realtek )
S3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-29] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-21] (Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\Windows\System32\drivers\ssudqcfilter.sys [57648 2015-12-07] (QUALCOMM Incorporated)
S3 ssudserd; C:\Windows\System32\drivers\ssudserd.sys [214832 2015-12-07] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [114632 2015-09-15] (BigNox Corporation)
S1 VBoxUSBMon; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-15] (BigNox Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-29] (Microsoft Corporation)
S0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-29] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-29] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-18 11:54 - 2016-12-18 11:54 - 00000000 ____D C:\FRST
2016-12-17 13:30 - 2016-12-17 13:35 - 00000000 ____D C:\AdwCleaner
2016-12-17 13:18 - 2016-12-17 13:18 - 00000000 ____D C:\rsit
2016-12-17 13:18 - 2016-12-17 13:18 - 00000000 ____D C:\Program Files\trend micro
2016-12-17 13:17 - 2016-12-17 13:17 - 01222144 _____ C:\Users\Dominik\Downloads\RSITx64.exe
2016-12-17 13:12 - 2016-12-17 13:12 - 01767759 _____ C:\Users\Dominik\Downloads\DarkCometRemover2.zip
2016-12-17 13:12 - 2016-12-17 13:12 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\PhrozenSoft
2016-12-17 12:18 - 2016-12-17 12:18 - 00000798 _____ C:\Users\Dominik\Downloads\TClientP (1).IDX
2016-12-17 12:06 - 2016-12-17 12:06 - 00004694 _____ C:\Users\Dominik\Downloads\Tcd (2).rar
2016-12-15 06:02 - 2016-12-15 06:02 - 00350460 _____ C:\Users\Dominik\Downloads\skolni-seznam-literarnich-del-3572 (1).pdf
2016-12-15 06:02 - 2016-12-15 06:02 - 00350460 _____ C:\Users\Dominik\Downloads\seznam-cetby-pro-studijni-obory-3573 (1).pdf
2016-12-15 06:02 - 2016-12-15 06:02 - 00233098 _____ C:\Users\Dominik\Downloads\literarni-rozbor-knihy-3570 (1).pdf
2016-12-15 06:02 - 2016-12-15 06:02 - 00212841 _____ C:\Users\Dominik\Downloads\zakovsky-seznam-literarnich-del-vzor-3574 (1).pdf
2016-12-15 06:02 - 2016-12-15 06:02 - 00195902 _____ C:\Users\Dominik\Downloads\zakovsky-seznam-literarnich-del-3571 (1).pdf
2016-12-14 09:14 - 2016-12-14 09:14 - 00000000 ____D C:\Users\Dominik\AppData\Local\Chromium
2016-12-14 07:52 - 2016-12-14 07:52 - 00350460 _____ C:\Users\Dominik\Downloads\skolni-seznam-literarnich-del-3572.pdf
2016-12-14 07:52 - 2016-12-14 07:52 - 00350460 _____ C:\Users\Dominik\Downloads\seznam-cetby-pro-studijni-obory-3573.pdf
2016-12-14 07:52 - 2016-12-14 07:52 - 00233098 _____ C:\Users\Dominik\Downloads\literarni-rozbor-knihy-3570.pdf
2016-12-14 07:52 - 2016-12-14 07:52 - 00212841 _____ C:\Users\Dominik\Downloads\zakovsky-seznam-literarnich-del-vzor-3574.pdf
2016-12-14 07:52 - 2016-12-14 07:52 - 00195902 _____ C:\Users\Dominik\Downloads\zakovsky-seznam-literarnich-del-3571.pdf
2016-12-13 10:57 - 2016-12-13 10:57 - 00014072 _____ C:\Users\Dominik\Downloads\TNPC00000402.tcd
2016-12-13 08:39 - 2016-12-13 08:39 - 00000000 ____D C:\Users\Dominik\Desktop\Tcd - kopie
2016-12-13 08:15 - 2016-12-18 02:50 - 00102856 _____ (Malwarebytes) C:\Windows\System32\Drivers\farflt.sys
2016-12-13 08:15 - 2016-12-18 02:50 - 00091584 _____ (Malwarebytes) C:\Windows\System32\Drivers\mwac.sys
2016-12-13 08:15 - 2016-12-18 02:49 - 00250816 _____ (Malwarebytes) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2016-12-13 08:15 - 2016-12-18 02:49 - 00043968 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbam.sys
2016-12-13 08:15 - 2016-12-13 08:15 - 00176064 _____ (Malwarebytes) C:\Windows\System32\Drivers\MBAMChameleon.sys
2016-12-13 08:14 - 2016-12-13 08:14 - 00001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2016-12-13 08:14 - 2016-12-13 08:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-13 08:14 - 2016-12-13 08:14 - 00000000 ____D C:\Program Files\Malwarebytes
2016-12-13 08:14 - 2016-11-28 21:27 - 00077408 _____ C:\Windows\System32\Drivers\mbae64.sys
2016-12-13 08:11 - 2016-12-13 08:13 - 51969976 _____ (Malwarebytes ) C:\Users\Dominik\Downloads\mb3-setup-consumer-3.0.4.1269.exe
2016-12-13 08:08 - 2016-12-13 08:08 - 00003294 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-11 05:36 - 2016-12-11 05:36 - 00004849 _____ C:\Users\Dominik\Downloads\TNPC00000402 (1).zip
2016-12-11 05:36 - 2016-12-11 05:36 - 00004693 _____ C:\Users\Dominik\Downloads\TNPC00000401 (1).zip
2016-12-11 02:46 - 2016-12-11 02:46 - 00000000 ____D C:\Users\Dominik\Desktop\pes
2016-12-10 13:26 - 2016-12-11 02:43 - 1230234769 _____ (Araz Games ) C:\Users\Dominik\Downloads\Araz4Story Old School Setup.exe
2016-12-10 09:19 - 2016-12-10 09:19 - 00014354 _____ C:\Users\Dominik\Downloads\TNPC00000405.tcd
2016-12-09 13:57 - 2016-12-11 06:29 - 00000000 ____D C:\v4story 3.4
2016-12-09 09:58 - 2016-12-09 09:59 - 00000000 ____D C:\Users\Dominik\Desktop\v4story
2016-12-09 08:10 - 2016-12-09 08:10 - 00001098 _____ C:\Users\Public\Desktop\v4story 3.4.lnk
2016-12-09 08:07 - 2016-12-17 13:07 - 00000000 ____D C:\Program Files (x86)\v4story 3.4
2016-12-04 11:46 - 2016-12-04 11:47 - 00013569 _____ C:\Users\Dominik\Downloads\CzTZivi_mrtvi_The_Walking_Dead_S07E06_Swear_TvRip_720p_.torrent
2016-12-04 05:17 - 2016-12-04 05:17 - 01292302 _____ C:\Users\Dominik\Downloads\EM2000001_38.rar
2016-12-04 03:20 - 2016-12-04 03:20 - 00044163 _____ C:\Users\Dominik\Downloads\Tcd (1).rar
2016-12-04 03:20 - 2016-12-04 03:20 - 00000798 _____ C:\Users\Dominik\Downloads\TClientP.IDX
2016-12-04 03:12 - 2016-12-04 03:12 - 00044163 _____ C:\Users\Dominik\Downloads\Tcd.rar
2016-12-01 10:16 - 2016-12-01 10:17 - 00022746 _____ C:\Users\Dominik\Downloads\MapEditor (3).rar
2016-12-01 09:50 - 2016-12-01 09:50 - 00511971 _____ C:\Users\Dominik\Downloads\Assets.rar
2016-12-01 05:20 - 2016-12-01 05:20 - 04210075 _____ C:\Users\Dominik\Downloads\EM999231772_0 (2).tmu
2016-11-30 09:51 - 2016-11-30 09:51 - 04210075 _____ C:\Users\Dominik\Downloads\EM999231772_0 (1).tmu
2016-11-30 06:23 - 2016-11-30 06:23 - 04206900 _____ C:\Users\Dominik\Downloads\EM999231772_0.tmu
2016-11-30 06:23 - 2016-11-30 06:23 - 00003636 _____ C:\Users\Dominik\Downloads\TMAP.tcd
2016-11-29 08:44 - 2016-11-29 08:44 - 00719291 _____ C:\Users\Dominik\Downloads\Desktop.rar
2016-11-27 13:44 - 2016-12-11 02:51 - 00000000 ____D C:\Users\Dominik\Desktop\objekty
2016-11-27 12:11 - 2016-11-27 12:11 - 231175847 _____ C:\Users\Dominik\Downloads\MapEditor.rar
2016-11-27 08:00 - 2016-11-27 08:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
2016-11-27 07:38 - 2016-11-27 07:38 - 00000939 _____ C:\Users\Public\Desktop\Unity 5.5.0f2 (64-bit).lnk
2016-11-25 12:28 - 2016-11-25 12:28 - 00000000 ____D C:\mojemapa
2016-11-23 08:45 - 2016-11-23 08:45 - 03147520 _____ C:\Users\Dominik\Downloads\Data.zip
2016-11-21 07:33 - 2016-11-21 07:34 - 00279668 _____ C:\Windows\Minidump\112116-23359-01.dmp
2016-11-20 09:36 - 2016-11-20 09:36 - 01024811 _____ C:\Users\Dominik\Downloads\EM2000001_41.zip
2016-11-20 09:33 - 2016-11-20 09:33 - 00022920 _____ C:\Users\Dominik\Downloads\MapEditor (2).rar
2016-11-19 04:51 - 2016-11-19 04:51 - 00022920 _____ C:\Users\Dominik\Downloads\MapEditor (1).rar
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-18 02:51 - 2016-08-12 19:49 - 00065536 _____ C:\Windows\System32\spu_storage.bin
2016-12-18 02:50 - 2016-08-12 19:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-18 02:48 - 2016-08-12 17:41 - 00786432 ___SH C:\Windows\System32\config\BBI
2016-12-18 02:47 - 2016-10-13 13:11 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-18 02:26 - 2016-10-11 03:39 - 00004214 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CE15F959-F687-4564-9CAA-95FB14E63C55}
2016-12-18 02:24 - 2016-08-23 08:05 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Skype
2016-12-17 15:54 - 2016-08-14 05:13 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\TS3Client
2016-12-17 15:49 - 2016-08-15 01:58 - 00000424 _____ C:\Windows\Tasks\update-sys.job
2016-12-17 14:49 - 2016-08-15 01:58 - 00000424 _____ C:\Windows\Tasks\update-S-1-5-21-1216999021-247591871-2712276268-1001.job
2016-12-17 13:46 - 2016-08-18 09:08 - 00000000 ____D C:\Users\Dominik\AppData\Local\Nox
2016-12-17 13:45 - 2016-08-12 17:56 - 00000000 ____D C:\Windows\INF
2016-12-17 13:45 - 2016-08-12 11:46 - 00000000 ____D C:\users\Dominik
2016-12-17 13:43 - 2016-08-12 19:58 - 01873474 _____ C:\Windows\System32\PerfStringBackup.INI
2016-12-17 13:43 - 2016-08-12 18:02 - 00783844 _____ C:\Windows\System32\perfh005.dat
2016-12-17 13:43 - 2016-08-12 18:02 - 00167864 _____ C:\Windows\System32\perfc005.dat
2016-12-17 12:13 - 2016-11-07 05:52 - 00000000 ____D C:\ProgramData\Unity
2016-12-17 04:27 - 2016-08-14 00:16 - 00003470 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 04:27 - 2016-08-14 00:16 - 00003346 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-15 10:28 - 2016-08-14 00:22 - 00002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-15 05:58 - 2016-08-18 09:12 - 00000000 ____D C:\ProgramData\McAfee
2016-12-14 09:14 - 2016-10-13 20:17 - 00000000 ____D C:\Users\Dominik\AppData\Local\Steam
2016-12-13 08:08 - 2016-08-12 11:50 - 00000000 ___RD C:\Users\Dominik\OneDrive
2016-12-11 06:41 - 2016-11-07 05:16 - 00000000 ____D C:\Users\Dominik\AppData\Local\ElevatedDiagnostics
2016-12-09 11:14 - 2016-08-24 15:12 - 00000000 ____D C:\Users\Dominik\Desktop\škoal
2016-12-01 11:34 - 2016-11-04 12:54 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-01 11:33 - 2016-11-04 12:54 - 00001111 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2016-11-27 12:30 - 2016-11-07 05:52 - 00000000 ____D C:\Users\Dominik\AppData\LocalLow\Unity
2016-11-27 07:39 - 2016-11-05 04:05 - 00000000 ____D C:\Program Files\Unity
2016-11-27 07:39 - 2016-08-12 17:51 - 00000000 ____D C:\Windows\CbsTemp
2016-11-24 12:48 - 2016-11-14 07:44 - 00000000 ____D C:\MapEditorTemp
2016-11-23 08:56 - 2016-11-17 08:17 - 00000000 ____D C:\4Story
2016-11-21 07:33 - 2016-11-09 07:03 - 00000000 ____D C:\Windows\Minidump
2016-11-21 07:33 - 2016-11-09 07:02 - 782951683 _____ C:\Windows\MEMORY.DMP
Some files in TEMP:
====================
C:\Users\Dominik\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\Dominik\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\Dominik\AppData\Local\Temp\libeay32.dll
C:\Users\Dominik\AppData\Local\Temp\msvcr120.dll
C:\Users\Dominik\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Dominik\AppData\Local\Temp\sqlite3.dll
C:\Users\Dominik\AppData\Local\Temp\Uninstall.exe
==================== Known DLLs (Whitelisted) =========================
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe
[2016-05-11 04:38] - [2016-04-22 20:18] - 0585728 ____A (Microsoft Corporation) 5C156EC4E44E30331BCC865A3B61D839
C:\Windows\System32\wininit.exe
[2016-05-11 04:37] - [2016-04-22 21:06] - 0291360 ____A (Microsoft Corporation) C1C81AAF533552B3C4D9F11A5FF97700
C:\Windows\explorer.exe
[2016-09-15 07:27] - [2016-09-06 21:23] - 4515256 ____A (Microsoft Corporation) 02ADAC7A8D203C70BC0FBB34836DD4E6
C:\Windows\SysWOW64\explorer.exe
[2016-09-15 07:28] - [2016-09-06 21:21] - 4074160 ____A (Microsoft Corporation) E3F3144EE93C24EB323B0419D1A9F491
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2016-05-11 04:37] - [2016-04-22 21:00] - 1399224 ____A (Microsoft Corporation) F5F7CE3E32536F1A37FB3972F27A814F
C:\Windows\SysWOW64\User32.dll
[2016-05-11 04:37] - [2016-04-22 21:00] - 1337240 ____A (Microsoft Corporation) E7BD4D15CDC5A1E162256CFADCA92344
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2016-09-15 07:30] - [2016-09-06 20:30] - 0904704 ____A (Microsoft Corporation) 68E07DF3E6D1DFED440B82D3D33542B1
C:\Windows\System32\dnsapi.dll
[2016-04-12 23:12] - [2016-03-29 02:11] - 0686976 ____A (Microsoft Corporation) 9A3E17CDB177913C2A111C80F3D0DBB4
C:\Windows\SysWOW64\dnsapi.dll
[2016-04-12 23:12] - [2016-03-29 01:28] - 0535080 ____A (Microsoft Corporation) 6A7ACABAE92C837F5C1330188EAE36AE
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Association (Whitelisted) =============
==================== Restore Points =========================
Restore point date: 2016-10-12 04:57
Restore point date: 2016-10-12 12:01
Restore point date: 2016-10-14 07:57
Restore point date: 2016-10-22 09:24
Restore point date: 2016-10-31 03:17
Restore point date: 2016-11-05 04:08
Restore point date: 2016-11-05 04:09
Restore point date: 2016-11-15 09:10
Restore point date: 2016-11-24 05:06
Restore point date: 2016-11-27 07:39
Restore point date: 2016-12-08 06:36
Restore point date: 2016-12-15 06:47
Restore point date: 2016-12-15 06:47
==================== Memory info ===========================
Percentage of memory in use: 11%
Total physical RAM: 7358.64 MB
Available physical RAM: 6520.68 MB
Total Virtual: 7358.64 MB
Available Virtual: 6574.96 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:905.25 GB) (Free:754.21 GB) NTFS
Drive d: (NUL) (Removable) (Total:0.19 GB) (Free:0.19 GB) FAT32
Drive f: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
Drive g: (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.63 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.5 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 889BB36B)
Partition: GPT.
========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 00000000)
Partition: GPT.
LastRegBack: 2016-12-10 02:29
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu RSIT logu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do D:\ jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-21] (Oracle Corporation)
C:\Windows\Tasks\update-sys.job
C:\Windows\Tasks\update-S-1-5-21-1216999021-247591871-2712276268-1001.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Dominik\AppData\Local\Temp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu RSIT logu
Fix result of Farbar Recovery Scan Tool (x64) Version: 17-12-2016
Ran by Dominik (18-12-2016 13:24:47) Run:1
Running from F:\
Loaded Profiles: Dominik (Available Profiles: Dominik)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-21] (Oracle Corporation)
C:\Windows\Tasks\update-sys.job
C:\Windows\Tasks\update-S-1-5-21-1216999021-247591871-2712276268-1001.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Dominik\AppData\Local\Temp
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
C:\Windows\Tasks\update-sys.job => moved successfully
C:\Windows\Tasks\update-S-1-5-21-1216999021-247591871-2712276268-1001.job => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"C:\Users\Dominik\AppData\Local\Temp" folder move:
Could not move "C:\Users\Dominik\AppData\Local\Temp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 64100137 B
Java, Flash, Steam htmlcache => 342528875 B
Windows/system/drivers => 3074643 B
Edge => 1393253 B
Chrome => 674690842 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 27614 B
LocalService => 0 B
NetworkService => 326682 B
Dominik => 795825459 B
RecycleBin => 35386417 B
EmptyTemp: => 1.8 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 18-12-2016 13:28:26)
C:\Users\Dominik\AppData\Local\Temp => moved successfully
==== End of Fixlog 13:28:27 ====
Ran by Dominik (18-12-2016 13:24:47) Run:1
Running from F:\
Loaded Profiles: Dominik (Available Profiles: Dominik)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-21] (Oracle Corporation)
C:\Windows\Tasks\update-sys.job
C:\Windows\Tasks\update-S-1-5-21-1216999021-247591871-2712276268-1001.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Dominik\AppData\Local\Temp
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
C:\Windows\Tasks\update-sys.job => moved successfully
C:\Windows\Tasks\update-S-1-5-21-1216999021-247591871-2712276268-1001.job => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"C:\Users\Dominik\AppData\Local\Temp" folder move:
Could not move "C:\Users\Dominik\AppData\Local\Temp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 64100137 B
Java, Flash, Steam htmlcache => 342528875 B
Windows/system/drivers => 3074643 B
Edge => 1393253 B
Chrome => 674690842 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 27614 B
LocalService => 0 B
NetworkService => 326682 B
Dominik => 795825459 B
RecycleBin => 35386417 B
EmptyTemp: => 1.8 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 18-12-2016 13:28:26)
C:\Users\Dominik\AppData\Local\Temp => moved successfully
==== End of Fixlog 13:28:27 ====
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu RSIT logu
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?