VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Preventivka (RSIT+CDI)

https://forum.viry.cz:443/viewtopic.php?t=151196

Stránka 1 z 1

Preventivka (RSIT+CDI)

Napsal: 21 led 2017 12:34
od Clorky
PC je v pohodě, ale dlouho jsem ho nepročistil. :-) jak to vypadá?
RSIT+CDI

----------------------------------------------------------------------------
CrystalDiskInfo 7.0.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 Professional [10.0 Build 14393] (x64)
Date : 2017/01/21 12:33:30

-- Controller Map ----------------------------------------------------------
+ Standardní řadič SATA AHCI [ATA]
- Samsung SSD 840 EVO 120GB
- WDC WD1001FALS-00E8B0
- Řadič prostorů úložišť [SCSI]
- Řadič zpětné smyčky disku VHD společnosti Microsoft [SCSI]

-- Disk List ---------------------------------------------------------------
(1) Samsung SSD 840 EVO 120GB : 120,0 GB [0/0/0, pd1] - sg
(2) WDC WD1001FALS-00E8B0 : 1000,2 GB [1/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) Samsung SSD 840 EVO 120GB
----------------------------------------------------------------------------
Model : Samsung SSD 840 EVO 120GB
Firmware : EXT0DB6Q
Serial Number : S1D5NSAF642236X
Disk Size : 120,0 GB (8,4/120,0/120,0/120,0)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 234441648
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ATA8-ACS version 4c
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 9171 hod.
Power On Count : 934 krát
Host Writes : 7453 GB
Wear Level Count : 51
Temperature : 28 C (82 F)
Health Status : Dobrý (100 %)
Features : S.M.A.R.T., 48bit LBA, NCQ, TRIM
APM Level : ----
AAM Level : ----
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
05 100 100 _10 000000000000 Reallocated Sector Count
09 _98 _98 __0 0000000023D3 Power-on Hours
0C _99 _99 __0 0000000003A6 Power-on Count
B1 _95 _95 __0 000000000033 Wear Leveling Count
B3 100 __1 _10 000000000000 Used Reserved Block Count (Total)
B5 100 100 _10 000000000000 Program Fail Count (Total)
B6 100 100 _10 000000000000 Erase Fail Count (Total)
B7 100 100 _10 000000000000 Runtime Bad Block (Total)
BB 100 100 __0 000000000000 Uncorrectable Error Count
BE _72 _57 __0 00000000001C Airflow Temperature
C3 200 200 __0 000000000000 ECC Error Rate
C7 _99 _99 __0 0000000003EE CRC Error Count
EB _99 _99 __0 000000000062 POR Recovery Count
F1 _99 _99 __0 0003A3A29487 Total LBA Written

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5331 4435 4E53 4146 3634 3232 3336 5820 2020 2020
020: 0000 0000 0000 4558 5430 4442 3651 5361 6D73 756E
030: 6720 5353 4420 3834 3020 4556 4F20 3132 3047 4220
040: 2020 2020 2020 2020 2020 2020 2020 8001 4001 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0101
060: 4BB0 0DF9 0000 0007 0003 0078 0078 0078 0078 0F10
070: 0000 0000 0000 0000 0000 001F 850E 0046 006C 0060
080: 03FC 0039 746B 7D01 4163 7469 BC01 4163 207F 0001
090: 0004 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 4BB0 0DF9 0000 0000 0000 0008 4000 0000 5002 5388
110: A04C 8C8F 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 107F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0800 0000 0000 0000 0000
240: 0000 0000 0000 4000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 D5A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 05 33 00 64 64 00 00 00 00 00 00 00 09 32
010: 00 62 62 D3 23 00 00 00 00 00 0C 32 00 63 63 A6
020: 03 00 00 00 00 00 B1 13 00 5F 5F 33 00 00 00 00
030: 00 00 B3 13 00 64 01 00 00 00 00 00 00 00 B5 32
040: 00 64 64 00 00 00 00 00 00 00 B6 32 00 64 64 00
050: 00 00 00 00 00 00 B7 13 00 64 64 00 00 00 00 00
060: 00 00 BB 32 00 64 64 00 00 00 00 00 00 00 BE 32
070: 00 48 39 1C 00 00 00 00 00 00 C3 1A 00 C8 C8 00
080: 00 00 00 00 00 00 C7 3E 00 63 63 EE 03 00 00 00
090: 00 00 EB 12 00 63 63 62 00 00 00 00 00 00 F1 32
0A0: 00 63 63 87 94 A2 A3 03 00 00 00 00 00 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 68 10 00 53
170: 03 00 01 00 02 46 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 99

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 05 0A 00 00 00 00 00 00 00 00 00 00 09 00
010: 00 00 00 00 00 00 00 00 00 00 0C 00 00 00 00 00
020: 00 00 00 00 00 00 B1 00 00 00 00 00 00 00 00 00
030: 00 00 B3 0A 00 00 00 00 00 00 00 00 00 00 B5 0A
040: 00 00 00 00 00 00 00 00 00 00 B6 0A 00 00 00 00
050: 00 00 00 00 00 00 B7 0A 00 00 00 00 00 00 00 00
060: 00 00 BB 00 00 00 00 00 00 00 00 00 00 00 BE 00
070: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
080: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
090: 00 00 EB 00 00 00 00 00 00 00 00 00 00 00 F1 00
0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4E

----------------------------------------------------------------------------
(2) WDC WD1001FALS-00E8B0
----------------------------------------------------------------------------
Model : WDC WD1001FALS-00E8B0
Firmware : 05.00K05
Serial Number : WD-WMATV4204319
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : 32767 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 30837 hod.
Power On Count : 3591 krát
Temperature : 33 C (91 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]
Drive Letter : D: E:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000002 Počet chyb čtení
03 253 252 _21 0000000004B0 Čas na roztočení ploten
04 _97 _97 __0 000000000E96 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _58 _58 __0 000000007875 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _97 _97 __0 000000000E07 Počet cyklů zapnutí zařízení
C0 199 199 __0 0000000003D3 Počet vypnutí disku
C1 199 199 __0 000000000E96 Počet cyklů načítání/vymazání
C2 117 _97 __0 000000000021 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 4154 5634 3230 3433 3139
020: 0000 FFFF 0032 3035 2E30 304B 3035 5744 4320 5744
030: 3130 3031 4641 4C53 2D30 3045 3842 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0506 0000 0044 0040
080: 01FE 0000 746B 7F01 4123 7469 BC01 4123 207F 005E
090: 005E 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 0000 0000 5001 4EE0
110: 5715 C61B 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0400
130: 0001 0000 0000 16AC 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 54A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 02 00 00 00 00 00 00 03 27
010: 00 FD FC B0 04 00 00 00 00 00 04 32 00 61 61 96
020: 0E 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 3A 3A 75 78 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 61 61 07 0E 00 00 00 00 00 C0 32
070: 00 C7 C7 D3 03 00 00 00 00 00 C1 32 00 C7 C7 96
080: 0E 00 00 00 00 00 C2 22 00 75 61 21 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 05 00 A8 48 01 7B
170: 03 00 01 00 02 D6 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 06 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 C8 C8 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 64 64 64 64 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 C8 C8 C8 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05

Logfile of random's system information tool 1.14 (written by random/random)
Run by Petr at 2017-01-21 12:28:20
Microsoft Windows 10 Pro
System drive C: has 30 GB (30%) free of 102 GB
Total RAM: 10168 MB (55% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:28:22, on 21. 1. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
E:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files\trend micro\Petr_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKCU\..\Run: [SteelSeries Engine] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
O4 - HKCU\..\Run: [NetLimiter] "C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe" /minimized
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Petr\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.2 ... rol_32.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{5b11aa51-3e65-4d6c-ac2b-5da5716333a4}: NameServer = 4.2.2.3,4.2.2.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{9867b728-1aa3-4b9b-ac0e-dd8f008a35e2}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: Apple Mobile Device - Unknown owner - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDevice.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Windows Connectivity Manager for Gramblr (gramblrclient) - Unknown owner - C:\Program Files\Gramblr\gramblr.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NetLimiter 4 Service (nlsvc) - Locktime Software - C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
O23 - Service: Origin Client Service - Electronic Arts - D:\Hry\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - D:\Hry\Origin\OriginWebHelperService.exe
O23 - Service: RadeonPro Support Service - Mr. John aka japamd - C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe

--
End of file - 11332 bytes

======Enumerating Processes======

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\Tablet\Pen\WTabletServiceCon.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Gramblr\gramblr.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe"
"C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"D:\Hry\Origin\OriginWebHelperService.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\atiesrxx.exe
"C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\atieclxx.exe
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
"C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe" /s
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe atlogon
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Tablet\Pen\Pen_TabletUser.exe"
"C:\Program Files\Tablet\Pen\WacomHost.exe" "C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files\Tablet\Pen\Pen_TouchUser.exe"
"C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe"
"C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe" /AUTOHIDE
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Petr\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=55.0.2883.87 --handshake-handle=0x1a8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=8436 --on-initialized-event-handle=560 --parent-handle=568 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisableFirstRunAutoImport/Default/DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Default/InstanceID/Enabled/MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/TcpLowatOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Control/*SiteIsolationExtensions/Control/StrictSecureCookies/Default/SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_64/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --supports-dual-gpus=false --gpu-driver-bug-workarounds=6,17,18,21,24,37,65 --gpu-vendor-id=0x1002 --gpu-device-id=0x67b1 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=21.19.411.0 --gpu-driver-date=1-13-2017 --service-request-channel-token=7AB187D5C3B1A408CA498D7EEFE0846D --mojo-platform-channel-handle=1284 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisableFirstRunAutoImport/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Default/*InstanceID/Enabled/MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/TcpLowatOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Control/*SiteIsolationExtensions/Control/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_64/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=EF4EA73564BCAE2E003FBBE88B2AE603 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=EF4EA73564BCAE2E003FBBE88B2AE603 --mojo-platform-channel-handle=2704 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisableFirstRunAutoImport/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Default/*InstanceID/Enabled/MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/TcpLowatOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Control/*SiteIsolationExtensions/Control/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_64/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=0314D024A9F0FF477A38B57BB35A2F1C --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=0314D024A9F0FF477A38B57BB35A2F1C --mojo-platform-channel-handle=2872 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisableFirstRunAutoImport/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/TcpLowatOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Control/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_64/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=863E5EDC9B1F4904237F0E20EB1F3260 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=863E5EDC9B1F4904237F0E20EB1F3260 --mojo-platform-channel-handle=6548 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisableFirstRunAutoImport/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/TcpLowatOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Control/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_64/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=E67361033E29348A00EDCF92FBDA2F12 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=E67361033E29348A00EDCF92FBDA2F12 --mojo-platform-channel-handle=4744 /prefetch:1
C:\Windows\System32\InstallAgent.exe -Embedding
C:\Windows\System32\InstallAgentUserBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisableFirstRunAutoImport/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/TcpLowatOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Control/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_64/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=C535B1E91AE1A951994CC71DB0CE354B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=C535B1E91AE1A951994CC71DB0CE354B --mojo-platform-channel-handle=7756 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --ppapi-flash-args --lang=cs --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --service-request-channel-token=FA6658A3282E1A98E617A8E9087EAFB1 --mojo-platform-channel-handle=7992 --ignored=" --type=renderer " /prefetch:3
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\WINDOWS\system32\AUDIODG.EXE 0x324
"E:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisableFirstRunAutoImport/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/*EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/TcpLowatOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Control/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_64/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=B9237664061651335169798011590322 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=B9237664061651335169798011590322 --mojo-platform-channel-handle=5884 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisableFirstRunAutoImport/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/*EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/TcpLowatOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Control/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_64/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=09EB90E0F328299012A6E92E873BBDA1 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=09EB90E0F328299012A6E92E873BBDA1 --mojo-platform-channel-handle=8672 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisableFirstRunAutoImport/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/*EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/TcpLowatOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Control/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_64/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=481A9290AB4292FDCB01402DDC7160ED --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=481A9290AB4292FDCB01402DDC7160ED --mojo-platform-channel-handle=7916 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisableFirstRunAutoImport/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/*EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/TcpLowatOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Control/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_64/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=D1A60F678FF95CE202E4598C912F8FAE --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=D1A60F678FF95CE202E4598C912F8FAE --mojo-platform-channel-handle=6268 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisableFirstRunAutoImport/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/*EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/TcpLowatOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Control/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_64/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=7F60A8F82535B2BD4E784BD72C4FD950 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=7F60A8F82535B2BD4E784BD72C4FD950 --mojo-platform-channel-handle=9980 /prefetch:1
C:\WINDOWS\System32\vds.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisableFirstRunAutoImport/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/*EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/TcpLowatOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/*SecurityWarningIconUpdate/Control/SignInPasswordPromo/Control/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_64/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=6ACAFCCB6872224B7CCC6223CA92A1B8 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=6ACAFCCB6872224B7CCC6223CA92A1B8 --mojo-platform-channel-handle=7600 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisableFirstRunAutoImport/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/*EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/TcpLowatOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/*SecurityWarningIconUpdate/Control/SignInPasswordPromo/Control/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_64/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=C18D98878D9FD38EAD23D6154102F4D3 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=C18D98878D9FD38EAD23D6154102F4D3 --mojo-platform-channel-handle=11088 /prefetch:1
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" "-cachedir=C:\Users\Petr\AppData\Local\Steam\htmlcache" "-steampid=2672" "-buildid=1484790260" "-steamid=0" --disable-gpu-compositing --disable-gpu --process-per-tab --disable-spell-checking --disable-out-of-process-pac --disable-smooth-scrolling --enable-direct-write
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --disable-smooth-scrolling --enable-pinch --primordial-pipe-token=CC631E5FF9881C2E363B3AC2221269A5 --lang=en-US --lang=en-US --log-file="C:\Program Files (x86)\Steam\bin\cef\cef.win7\debug.log" --product-version="Valve Steam Client" --disable-spell-checking --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --service-request-channel-token=CC631E5FF9881C2E363B3AC2221269A5 --renderer-client-id=2 --mojo-platform-channel-handle=1580 /prefetch:1
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"E:\Hlavní složky\Plocha\RSITx64.exe"
"E:\Hlavní složky\Plocha\RSITx64.exe"

======Scheduled tasks folder======

Re: Preventivka (RSIT+CDI)

Napsal: 21 led 2017 12:34
od Clorky
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\AdobeAAMUpdater-1.0-i5-Petr-Petr - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\WINDOWS\system32\tasks\AMD Updater - "C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe" /AUTOUPDATEIN
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Microsoft Office 15 Sync Maintenance for i5-Petr-Petr i5-Petr - C:\Program Files\Microsoft Office\Office15\MsoSync.exe
C:\WINDOWS\system32\tasks\MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
C:\WINDOWS\system32\tasks\SamsungMagician - "C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe" /AUTOHIDE
C:\WINDOWS\system32\tasks\server - E:\AppData\Local\TempSystem.exe
C:\WINDOWS\system32\tasks\StartCN - "C:\Program Files\AMD\CNext\CNext\cncmd.exe" startwithdelay
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{072207E9-C917-46F1-B1BB-D4E207A488DE} - C:\Windows\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{E6DBB309-B6A9-48F5-A5BA-80A513F846F4} - C:\Windows\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{04266EFC-5BB2-479D-A1BC-2D70E926B677} - "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/6.20.0.104/cs/ ... Error=1603
C:\WINDOWS\system32\tasks\{0A03B37D-8A84-4E7C-A29C-700FD16EDFE3} - "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/6.21.59.104/cs ... Error=1603
C:\WINDOWS\system32\tasks\{121A26B9-85DE-4D45-80BB-3E6DA6A20FFB} - "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/6.21.0.104/cs/ ... Error=1603
C:\WINDOWS\system32\tasks\{32FA096E-4D15-4567-8A70-B047A49211B1} - "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/6.20.0.104/cs/ ... Error=1603
C:\WINDOWS\system32\tasks\{4DD16751-0F76-44F6-9FF4-2212EA22CC80} - C:\WINDOWS\system32\pcalua.exe -a "D:\Hry\Mass Effect\MassEffectLauncher.exe" -d "D:\Hry\Mass Effect"
C:\WINDOWS\system32\tasks\{65EF54A0-FCC5-4725-8897-2109CB44787E} - C:\WINDOWS\system32\pcalua.exe -a "C:\Nuklearni Karel\uninstall.exe" -d "C:\Nuklearni Karel"
C:\WINDOWS\system32\tasks\{6657CC10-E0AA-49E7-B395-0B0C22CAE24A} - C:\Windows\system32\pcalua.exe -a C:\Hry\Bioshock\Builds\Release\Bioshock.exe -d C:\Hry\Bioshock\Builds\Release
C:\WINDOWS\system32\tasks\{A17716E6-3791-4337-886D-73BC3D44C12A} - "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/6.20.0.104/cs/ ... Error=1603
C:\WINDOWS\system32\tasks\{C7B6F82C-45E4-40A7-8483-2D75F8222C5D} - "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/6.20.0.104/cs/ ... Error=1603
C:\WINDOWS\system32\tasks\{DBAEFEB3-6ABB-49D6-A18C-201301AC427E} - "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/6.21.0.104/cs/ ... Error=1603
C:\WINDOWS\system32\tasks\{F243475E-1CC9-4A04-BAEF-3015EEF02FAD} - "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/6.21.0.104/cs/ ... age=tsMain
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\Windows\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe RebootDialog
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\UpgradeSubscription.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\UpgradeSubscription.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office 15 Subscription Heartbeat - %ProgramFiles%\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload mininterval:2880
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload

=========Google Chrome=========

C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension bnbaboaihhkjoaolfnfoablhllahjnee 1 GeoGebra Math Apps 5.0.240.0
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension fdpohaocaechififmbbbbbknoalclacl 1 Full Page Screen Capture 2.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension fipfdaiijpggambcebohhpdgahdeidgh 1 HBO Now Resolution Changer 1.2.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.8.4
Extension gkojfkhlekighikafcpjkiklfbnlmeio 1 Unlimited Free VPN - Hola 1.28.819
Extension haigaafonckooggfpmjplfpbkafelcfe 1 dmitlichess 0.2.71
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.1
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5516.1005.0.3
Homepage:
default_search_provider.search_url:
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-06-25 219304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2015-06-16 2335448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-06-25 153768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-18 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2015-06-16 1730264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-18 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-06-24 8492800]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19 557768]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2016-03-19 176952]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SteelSeries Engine"=C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [2014-10-09 87040]
"NetLimiter"=C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [2016-03-07 55632]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-08-26 8912088]
"Spotify Web Helper"=C:\Users\Petr\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2016-12-24 1444976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"SoftwareSASGeneration"=1
"EnableLUA"=0
"PromptOnSecureDesktop"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=%SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-01-21 12:20:32 ----D---- C:\rsit
2017-01-20 17:33:40 ----D---- C:\games
2017-01-19 19:20:32 ----D---- C:\WINDOWS\LastGood
2017-01-19 15:17:05 ----D---- C:\WINDOWS\SYSWOW64\directx
2017-01-18 18:09:04 ----A---- C:\cmdlog.txt
2017-01-18 17:05:33 ----AD---- C:\Program Files (x86)\TeamViewer
2017-01-17 14:50:08 ----A---- C:\WINDOWS\SYSWOW64\detoured.dll
2017-01-17 14:50:08 ----A---- C:\WINDOWS\system32\detoured.dll
2017-01-17 14:50:08 ----A---- C:\WINDOWS\system32\coinst_16.50.dll
2017-01-17 14:50:02 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2017-01-17 14:50:02 ----A---- C:\WINDOWS\SYSWOW64\amdxc32.dll
2017-01-17 14:50:02 ----A---- C:\WINDOWS\system32\OpenCL.dll
2017-01-17 14:50:02 ----A---- C:\WINDOWS\system32\amdxc64.dll
2017-01-13 11:54:08 ----A---- C:\WINDOWS\system32\amdihk64.dll
2017-01-13 11:53:36 ----A---- C:\WINDOWS\SYSWOW64\amdihk32.dll
2017-01-11 16:44:05 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 16:44:05 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 16:44:04 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 16:44:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2017-01-11 16:44:03 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2017-01-11 16:44:03 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-01-11 16:44:03 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-01-11 16:44:03 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 16:44:03 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-01-11 16:44:03 ----A---- C:\WINDOWS\system32\d2d1.dll
2017-01-11 16:44:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 16:44:02 ----A---- C:\WINDOWS\system32\rdpcore.dll
2017-01-11 16:44:02 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 16:44:02 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 16:44:02 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 16:44:02 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 16:44:02 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 16:44:02 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.CredDialogController.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\SYSWOW64\offlinesam.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\system32\winlogon.exe
2017-01-11 16:44:01 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\system32\samsrv.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\system32\rdpencom.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\system32\D3D12.dll
2017-01-11 16:44:00 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2017-01-11 16:44:00 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2017-01-11 16:44:00 ----A---- C:\WINDOWS\system32\shell32.dll
2017-01-11 16:44:00 ----A---- C:\WINDOWS\system32\offlinesam.dll
2017-01-11 16:44:00 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-01-11 16:43:59 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\SYSWOW64\WinSCard.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\SYSWOW64\MSVP9DEC.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\SYSWOW64\cryptui.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\system32\wow64.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\system32\WinSCard.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-01-11 16:43:58 ----A---- C:\WINDOWS\system32\cryptui.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\system32\certprop.dll
2017-01-11 16:43:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 16:43:57 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2017-01-11 16:43:57 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-01-11 16:43:57 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2017-01-11 16:43:57 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2017-01-11 16:43:56 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-01-11 16:43:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-01-11 16:43:55 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-01-11 16:43:55 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-01-11 16:43:55 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 16:43:54 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2017-01-11 16:43:54 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-01-11 16:43:54 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-01-11 16:43:54 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 16:43:53 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-01-11 16:43:53 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-01-11 16:43:53 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 16:43:53 ----A---- C:\WINDOWS\system32\mspaint.exe
2017-01-11 16:43:52 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2017-01-11 16:43:52 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 16:43:52 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-01-11 16:43:52 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 16:43:51 ----A---- C:\WINDOWS\system32\winmde.dll
2017-01-11 16:43:51 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 16:43:51 ----A---- C:\WINDOWS\system32\twinui.dll
2017-01-11 16:43:51 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 16:43:50 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-01-11 16:43:49 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-01-11 16:43:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 16:43:48 ----A---- C:\WINDOWS\system32\usocore.dll
2017-01-11 16:43:48 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 16:43:48 ----A---- C:\WINDOWS\system32\AppVPublishing.dll
2017-01-11 16:43:48 ----A---- C:\WINDOWS\system32\AppVOrchestration.dll
2017-01-11 16:43:48 ----A---- C:\WINDOWS\system32\AppVIntegration.dll
2017-01-11 16:43:48 ----A---- C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-01-11 16:43:48 ----A---- C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-01-11 16:43:48 ----A---- C:\WINDOWS\system32\AppVClient.exe
2017-01-11 16:43:48 ----A---- C:\WINDOWS\system32\AppVCatalog.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2017-01-11 16:43:47 ----A---- C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\system32\TransportDSA.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 16:43:47 ----A---- C:\WINDOWS\system32\AppVScripting.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\system32\AppVReporting.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\system32\AppVPolicy.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\system32\AppVManifest.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-01-11 16:43:46 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2017-01-11 16:43:46 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2017-01-11 16:43:46 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-01-11 16:43:46 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-01-11 16:43:46 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2017-01-11 16:43:46 ----A---- C:\WINDOWS\SYSWOW64\CloudBackupSettings.dll
2017-01-11 16:43:46 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 16:43:46 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-01-11 16:43:46 ----A---- C:\WINDOWS\system32\win32k.sys
2017-01-11 16:43:46 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-01-11 16:43:46 ----A---- C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 16:43:46 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 16:43:46 ----A---- C:\WINDOWS\system32\AppVShNotify.exe
2017-01-11 16:43:46 ----A---- C:\WINDOWS\system32\AppVDllSurrogate.exe
2017-01-11 16:43:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-01-11 16:43:45 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-01-11 16:43:45 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-01-11 16:43:45 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 16:43:45 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 16:43:45 ----A---- C:\WINDOWS\system32\SRH.dll
2017-01-11 16:43:45 ----A---- C:\WINDOWS\system32\aclui.dll
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\domgmt.dll
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\ClipUp.exe
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\AudioSes.dll
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\AudioEng.dll
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 16:43:43 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-01-11 16:43:43 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2017-01-11 16:43:43 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2017-01-11 16:43:43 ----A---- C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 16:43:43 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 16:43:43 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 16:43:43 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2017-01-11 16:43:42 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2017-01-11 16:43:42 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2017-01-11 16:43:42 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2017-01-11 16:43:42 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-01-11 16:43:42 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 16:43:42 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 16:43:42 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 16:43:42 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-01-11 16:43:42 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 16:43:42 ----A---- C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 16:43:42 ----A---- C:\WINDOWS\system32\fhcfg.dll
2017-01-11 16:43:42 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2017-01-11 16:43:42 ----A---- C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 16:43:42 ----A---- C:\WINDOWS\system32\cloudAP.dll
2017-01-11 16:43:41 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 16:43:37 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 16:43:36 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-01-11 16:43:36 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 16:43:35 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2017-01-11 16:43:35 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2017-01-11 16:43:35 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-01-11 16:43:35 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-01-11 16:43:35 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-01-11 16:43:34 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 16:43:33 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2017-01-11 16:43:33 ----A---- C:\WINDOWS\SYSWOW64\AppVEntSubsystems32.dll
2017-01-11 16:43:33 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 16:43:33 ----A---- C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 16:43:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 16:43:32 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-01-11 16:43:32 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-01-11 16:43:32 ----A---- C:\WINDOWS\system32\provengine.dll
2017-01-11 16:43:31 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 16:43:30 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2017-01-11 16:43:30 ----A---- C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 16:43:30 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2017-01-03 16:08:56 ----D---- C:\WINDOWS\system32\˙˙˙˙˙˙˙˙8
2017-01-03 15:52:42 ----D---- C:\Program Files (x86)\Recuva
2017-01-03 15:52:26 ----D---- C:\Users\Petr\AppData\Roaming\MaxisPC
2017-01-03 15:28:40 ----D---- C:\Users\Petr\AppData\Roaming\GHISLER
2017-01-03 15:28:40 ----D---- C:\totalcmd
2017-01-03 15:22:03 ----D---- C:\WINDOWS\Panther
2017-01-02 20:55:27 ----D---- C:\Users\Petr\AppData\Roaming\Telegram Desktop
2016-12-28 23:36:27 ----A---- C:\4708_457228656_MVM_0.tmp

======List of files/folders modified in the last 1 month======

2017-01-21 12:28:22 ----D---- C:\Program Files\trend micro
2017-01-21 12:28:21 ----D---- C:\ProgramData\Gramblr
2017-01-21 12:21:31 ----D---- C:\WINDOWS\Temp
2017-01-21 12:20:43 ----D---- C:\WINDOWS\Prefetch
2017-01-21 12:09:55 ----D---- C:\AMD
2017-01-21 12:08:15 ----D---- C:\Program Files (x86)\Steam
2017-01-21 12:08:14 ----D---- C:\Users\Petr\AppData\Roaming\TeamViewer
2017-01-21 12:08:09 ----D---- C:\WINDOWS\SoftwareDistribution
2017-01-21 12:08:09 ----D---- C:\WINDOWS\Logs
2017-01-21 12:08:09 ----D---- C:\WINDOWS\LiveKernelReports
2017-01-21 12:08:09 ----D---- C:\WINDOWS\INF
2017-01-21 12:08:09 ----D---- C:\Windows
2017-01-21 11:56:02 ----D---- C:\WINDOWS\system32\sru
2017-01-21 11:54:57 ----D---- C:\Program Files (x86)\VS Revo Group
2017-01-21 10:18:30 ----D---- C:\WINDOWS\system32\SleepStudy
2017-01-21 09:16:06 ----D---- C:\WINDOWS\AppReadiness
2017-01-21 08:54:11 ----SHD---- C:\$RECYCLE.BIN
2017-01-21 08:53:56 ----D---- C:\WINDOWS\System32
2017-01-21 01:08:44 ----D---- C:\WINDOWS\system32\Tasks
2017-01-20 23:56:55 ----D---- C:\Users\Petr\AppData\Roaming\Spotify
2017-01-20 16:33:35 ----RD---- C:\WINDOWS\Microsoft.NET
2017-01-19 22:34:50 ----D---- C:\Users\Petr\AppData\Roaming\uTorrent
2017-01-19 19:25:17 ----SHDC---- C:\WINDOWS\Installer
2017-01-19 19:25:17 ----SHD---- C:\Config.Msi
2017-01-19 19:25:15 ----D---- C:\WINDOWS\SysWOW64
2017-01-19 19:24:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-19 19:21:33 ----AD---- C:\Program Files\AMD
2017-01-19 19:20:55 ----D---- C:\WINDOWS\system32\DriverStore
2017-01-19 19:20:55 ----D---- C:\WINDOWS\system32\CatRoot
2017-01-19 19:20:34 ----D---- C:\Program Files (x86)\VulkanRT
2017-01-19 19:20:33 ----D---- C:\WINDOWS\system32\drivers
2017-01-19 19:17:45 ----D---- C:\Program Files (x86)\MSI Afterburner
2017-01-19 15:16:39 ----RD---- C:\Program Files
2017-01-19 15:13:29 ----AD---- C:\Program Files\Recuva
2017-01-19 15:11:07 ----D---- C:\Textures Backup
2017-01-19 07:00:16 ----SHD---- C:\System Volume Information
2017-01-19 06:50:02 ----D---- C:\WINDOWS\system32\catroot2
2017-01-18 22:02:10 ----D---- C:\WINDOWS\system32\config
2017-01-18 17:32:38 ----AD---- C:\Program Files (x86)\CrystalDiskInfo
2017-01-18 17:05:36 ----RSD---- C:\WINDOWS\Fonts
2017-01-18 17:05:33 ----RD---- C:\Program Files (x86)
2017-01-17 14:50:08 ----A---- C:\WINDOWS\SYSWOW64\mantleaxl32.dll
2017-01-17 14:50:08 ----A---- C:\WINDOWS\SYSWOW64\mantle32.dll
2017-01-17 14:50:08 ----A---- C:\WINDOWS\SYSWOW64\hsa-thunk.dll
2017-01-17 14:50:08 ----A---- C:\WINDOWS\SYSWOW64\GameManager32.dll
2017-01-17 14:50:08 ----A---- C:\WINDOWS\system32\mantleaxl64.dll
2017-01-17 14:50:08 ----A---- C:\WINDOWS\system32\mantle64.dll
2017-01-17 14:50:08 ----A---- C:\WINDOWS\system32\hsa-thunk64.dll
2017-01-17 14:50:08 ----A---- C:\WINDOWS\system32\GameManager64.dll
2017-01-17 14:50:08 ----A---- C:\WINDOWS\system32\dgtrayicon.exe
2017-01-17 14:50:08 ----A---- C:\WINDOWS\system32\clinfo.exe
2017-01-17 14:50:06 ----A---- C:\WINDOWS\SYSWOW64\atisamu32.dll
2017-01-17 14:50:06 ----A---- C:\WINDOWS\SYSWOW64\atimpc32.dll
2017-01-17 14:50:06 ----A---- C:\WINDOWS\system32\atisamu64.dll
2017-01-17 14:50:06 ----A---- C:\WINDOWS\system32\atimuixx.dll
2017-01-17 14:50:06 ----A---- C:\WINDOWS\system32\atimpc64.dll
2017-01-17 14:50:04 ----A---- C:\WINDOWS\SYSWOW64\atigktxx.dll
2017-01-17 14:50:04 ----A---- C:\WINDOWS\SYSWOW64\atieah32.exe
2017-01-17 14:50:04 ----A---- C:\WINDOWS\SYSWOW64\atidxx32.dll
2017-01-17 14:50:04 ----A---- C:\WINDOWS\SYSWOW64\aticfx32.dll
2017-01-17 14:50:04 ----A---- C:\WINDOWS\system32\atig6txx.dll
2017-01-17 14:50:04 ----A---- C:\WINDOWS\system32\atiesrxx.exe
2017-01-17 14:50:04 ----A---- C:\WINDOWS\system32\atieclxx.exe
2017-01-17 14:50:04 ----A---- C:\WINDOWS\system32\atieah64.exe
2017-01-17 14:50:04 ----A---- C:\WINDOWS\system32\atidxx64.dll
2017-01-17 14:50:04 ----A---- C:\WINDOWS\system32\atidemgy.dll
2017-01-17 14:50:04 ----A---- C:\WINDOWS\system32\aticfx64.dll
2017-01-17 14:50:02 ----A---- C:\WINDOWS\SYSWOW64\atiadlxy.dll
2017-01-17 14:50:02 ----A---- C:\WINDOWS\SYSWOW64\atiadlxx.dll
2017-01-17 14:50:02 ----A---- C:\WINDOWS\SYSWOW64\amfrt32.dll
2017-01-17 14:50:02 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2017-01-17 14:50:02 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2017-01-17 14:50:02 ----A---- C:\WINDOWS\system32\ati2erec.dll
2017-01-17 14:50:02 ----A---- C:\WINDOWS\system32\amfrt64.dll
2017-01-17 14:50:00 ----A---- C:\WINDOWS\SYSWOW64\amdvlk32.dll
2017-01-17 14:50:00 ----A---- C:\WINDOWS\SYSWOW64\amdpcom32.dll
2017-01-17 14:50:00 ----A---- C:\WINDOWS\system32\amdvlk64.dll
2017-01-17 14:50:00 ----A---- C:\WINDOWS\system32\amdpcom64.dll
2017-01-17 14:49:58 ----A---- C:\WINDOWS\SYSWOW64\amdmcl32.dll
2017-01-17 14:49:58 ----A---- C:\WINDOWS\SYSWOW64\amdlvr32.dll
2017-01-17 14:49:58 ----A---- C:\WINDOWS\SYSWOW64\amdhcp32.dll
2017-01-17 14:49:58 ----A---- C:\WINDOWS\system32\amdmiracast.dll
2017-01-17 14:49:58 ----A---- C:\WINDOWS\system32\amdmcl64.dll
2017-01-17 14:49:58 ----A---- C:\WINDOWS\system32\amdlvr64.dll
2017-01-17 14:49:58 ----A---- C:\WINDOWS\system32\amdhcp64.dll
2017-01-17 14:49:56 ----A---- C:\WINDOWS\SYSWOW64\amd-vulkan32.json
2017-01-17 14:49:56 ----A---- C:\WINDOWS\SYSWOW64\amdgfxinfo32.dll
2017-01-17 14:49:56 ----A---- C:\WINDOWS\SYSWOW64\amdave32.dll
2017-01-17 14:49:56 ----A---- C:\WINDOWS\system32\amd-vulkan64.json
2017-01-17 14:49:56 ----A---- C:\WINDOWS\system32\amdgfxinfo64.dll
2017-01-17 14:49:56 ----A---- C:\WINDOWS\system32\amdave64.dll
2017-01-13 19:02:44 ----D---- C:\WINDOWS\rescache
2017-01-12 20:52:38 ----D---- C:\WINDOWS\WinSxS
2017-01-11 20:59:34 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-01-11 20:59:34 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-01-11 20:59:34 ----D---- C:\WINDOWS\system32\wbem
2017-01-11 20:59:34 ----D---- C:\WINDOWS\system32\oobe
2017-01-11 20:59:34 ----D---- C:\WINDOWS\ShellExperiences
2017-01-11 20:59:34 ----D---- C:\WINDOWS\Provisioning
2017-01-11 20:59:34 ----D---- C:\WINDOWS\PolicyDefinitions
2017-01-11 20:59:34 ----D---- C:\Program Files\Internet Explorer
2017-01-11 20:59:34 ----D---- C:\Program Files (x86)\Internet Explorer
2017-01-11 19:30:43 ----D---- C:\WINDOWS\CbsTemp
2017-01-03 15:54:38 ----HD---- C:\$GetCurrent
2017-01-01 16:54:45 ----D---- C:\WINDOWS\system32\NDF
2016-12-23 15:09:59 ----RSD---- C:\WINDOWS\assembly
2016-12-23 08:43:42 ----D---- C:\WINDOWS\system32\WDI
2016-12-23 00:13:26 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem11.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2014-10-28 62152]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R1 dtsoftbus01;@oem39.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-10-18 283064]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2016-11-17 262792]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2016-11-17 197248]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO64A.SYS [2014-10-06 27552]
R1 nbdrv;@oem30.inf,%nbdrv_Desc%;NetBalancer Filter; C:\WINDOWS\system32\DRIVERS\nbdrv.sys [2015-02-05 42128]
R2 amdacpksd;ACP Kernel Service Driver; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [2016-07-25 313760]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 epfwwfpr;epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [2016-11-17 181384]
R2 nldrv;nldrv; \??\C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [2016-03-07 129152]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0310456.inf_amd64_54a99fe241bea5ba\atikmdag.sys [2017-01-17 28737560]
R3 amdkmdap;amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0310456.inf_amd64_54a99fe241bea5ba\atikmpag.sys [2017-01-17 530968]
R3 AtiHDAudioService;@oem22.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2016-12-08 101376]
R3 busenum;@oem6.inf,%SvcDesc%;SteelBusSvc; C:\WINDOWS\System32\drivers\SteelBus64.sys [2014-10-08 146944]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 iwdbus;@oem24.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-07-28 27000]
R3 MBfilt;MBfilt; C:\WINDOWS\system32\drivers\MBfilt64.sys [2015-06-24 41088]
R3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2013-03-11 13368]
R3 RTL8023x64;@oem7.inf,%Rtlnicx64.Service.DispName%;Realtek 10/100 NIC Family NDIS x64 Driver; C:\WINDOWS\system32\DRIVERS\Rtnic64.sys [2014-01-23 61656]
R3 SAlphamHid;@oem15.inf,%SvcDesc%;SteelHIDSvc; C:\WINDOWS\System32\drivers\SAlpham64.sys [2014-10-08 39168]
S0 amdkmafd;@oem50.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2016-08-18 49448]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2016-08-24 15488]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-21 64352]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2016-10-21 127328]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2016-07-16 157024]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2016-07-16 141152]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 hidkmdf;@oem4.inf,%hidkmdf.SVCDESC%;KMDF Driver; C:\WINDOWS\System32\drivers\hidkmdf.sys [2012-10-12 13728]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-10-21 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-07-28 38264]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2016-07-16 179040]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\WINDOWS\system32\drivers\tsusbhub.sys [2016-07-16 123392]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2017-01-17 299552]
R2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2016-07-18 121856]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-03-02 83768]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CDPUserSvc_323e2e7;CDPUserSvc_323e2e7; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-11-17 2771848]
R2 gramblrclient;Windows Connectivity Manager for Gramblr; C:\Program Files\Gramblr\gramblr.exe [2016-11-17 10186832]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-04-03 154584]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-04-03 398296]
R2 nlsvc;NetLimiter 4 Service; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [2016-03-07 322896]
R2 OneSyncSvc_323e2e7;Hostitel synchronizace_323e2e7; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 Origin Web Helper Service;Origin Web Helper Service; D:\Hry\Origin\OriginWebHelperService.exe [2016-11-02 2209296]
R2 RadeonPro Support Service;RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [2013-11-04 20608]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-12-15 10351856]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\TimeBrokerServer.dll
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=%SystemRoot%\System32\CDPUserSvc.dll
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-05-23 324224]
S3 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDevice.exe [2015-08-10 55336]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2016-10-22 1445384]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll"=%SystemRoot%\system32\FrameServer.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\hvhostsvc.dll
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-01-31 887232]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2016-03-19 651576]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\irmon.dll
S3 MessagingService_323e2e7;Služba zasílání zpráv_323e2e7; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 Origin Client Service;Origin Client Service; D:\Hry\Origin\OriginClientService.exe [2016-11-02 2142728]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 PimIndexMaintenanceSvc_323e2e7;Data kontaktů_323e2e7; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\RMapi.dll
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2016-10-21 2889896]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-04 837312]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2016-12-14 822624]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll"=%systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------
ice;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-04 837312]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2016-12-14 822624]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll"=%systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

Re: Preventivka (RSIT+CDI)

Napsal: 22 led 2017 19:34
od Rudy
Zdravím!
Oba disky jsou OK. Jinak spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Preventivka (RSIT+CDI)

Napsal: 23 led 2017 10:26
od Clorky
Znovu zdravím :)
Zasílám log ADW a nový log RSIT.
ADW nenašel nic, tudíž jsem ani neklikal na "čištění"
# AdwCleaner v6.042 - Log vytvořen 23/01/2017 v 10:26:27
# Aktualizováno dne 06/01/2017 z Malwarebytes
# Databáze : 2017-01-22.1 [Server]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : Petr - I5-PETR
# Spuštěno z : E:\Hlavní složky\Stažené soubory\adwcleaner_6.042.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****

Nebyly nalezeny žádné škodlivé služby.


***** [ Složky ] *****

Nebyly nalezeny žádné škodlivé složky.


***** [ Soubory ] *****

Nebyly nalezeny žádné škodlivé soubory.


***** [ DLL ] *****

Nebyly nalezeny žádné škodlivé DLL.


***** [ WMI ] *****

Nebyly nalezeny žádné škodlivé klíče.


***** [ Zástupci ] *****

Žádný infikovaný zástupce nenalezen.


***** [ Naplánované úlohy ] *****

Žádná nebezpečná úloha nenalezena.


***** [ Registry ] *****

Nebyly nalezeny žádné škodlivé položky registru.


***** [ Internetové prohlížeče ] *****

Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox.
Nebyly nalezeny žádné škodlivé položky prohlížeče Chromium.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [1222 Bajty] - [23/01/2017 10:26:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1295 Bajty] ##########

Re: Preventivka (RSIT+CDI)

Napsal: 23 led 2017 10:29
od Clorky
Logfile of random's system information tool 1.14 (written by random/random)
Run by Petr at 2017-01-23 10:27:47
Microsoft Windows 10 Pro
System drive C: has 42 GB (41%) free of 102 GB
Total RAM: 10168 MB (56% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:27:49, on 23. 1. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
E:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
E:\Hlavní složky\Stažené soubory\adwcleaner_6.042.exe
C:\Program Files\trend micro\Petr_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKCU\..\Run: [SteelSeries Engine] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
O4 - HKCU\..\Run: [NetLimiter] "C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe" /minimized
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Petr\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.2 ... rol_32.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{5b11aa51-3e65-4d6c-ac2b-5da5716333a4}: NameServer = 4.2.2.3,4.2.2.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{9867b728-1aa3-4b9b-ac0e-dd8f008a35e2}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: Apple Mobile Device - Unknown owner - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDevice.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Windows Connectivity Manager for Gramblr (gramblrclient) - Unknown owner - C:\Program Files\Gramblr\gramblr.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NetLimiter 4 Service (nlsvc) - Locktime Software - C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
O23 - Service: Origin Client Service - Electronic Arts - D:\Hry\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - D:\Hry\Origin\OriginWebHelperService.exe
O23 - Service: RadeonPro Support Service - Mr. John aka japamd - C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe

--
End of file - 11437 bytes

======Enumerating Processes======

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\Tablet\Pen\WTabletServiceCon.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Gramblr\gramblr.exe"
"C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe"
"C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"D:\Hry\Origin\OriginWebHelperService.exe"
"C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
C:\WINDOWS\System32\dwm.exe
C:\WINDOWS\system32\atieclxx.exe
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
"C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe" /s
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Tablet\Pen\Pen_TabletUser.exe"
"C:\Program Files\Tablet\Pen\WacomHost.exe" "C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files\Tablet\Pen\Pen_TouchUser.exe"
C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe atlogon
"C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe"
"C:\Program Files\Locktime Software\NetLimiter 4\NLClientApp.exe" /minimized
"C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe" /AUTOHIDE
C:\WINDOWS\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding
"E:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE" -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x568
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Petr\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=55.0.2883.87 --handshake-handle=0x1d8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4140 --on-initialized-event-handle=588 --parent-handle=596 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisableFirstRunAutoImport/Default/DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Default/InstanceID/Enabled/MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/TcpLowatOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Control/*SiteIsolationExtensions/Control/StrictSecureCookies/Default/SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_64/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --supports-dual-gpus=false --gpu-driver-bug-workarounds=6,17,18,21,24,37,65 --gpu-vendor-id=0x1002 --gpu-device-id=0x67b1 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=21.19.411.0 --gpu-driver-date=1-13-2017 --service-request-channel-token=B3B29A4DFBF2CEDBC3428A0ABE5F234F --mojo-platform-channel-handle=1276 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisableFirstRunAutoImport/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Default/*InstanceID/Enabled/MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/TcpLowatOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Control/*SiteIsolationExtensions/Control/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_64/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=049FD2B412BC68CA9D9B9DE48E0ACE1A --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=049FD2B412BC68CA9D9B9DE48E0ACE1A --mojo-platform-channel-handle=2660 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisableFirstRunAutoImport/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/TcpLowatOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Control/*SiteIsolationExtensions/Control/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_64/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=3C061EACF10CECDF4D54C2235703F9B1 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=3C061EACF10CECDF4D54C2235703F9B1 --mojo-platform-channel-handle=4900 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisableFirstRunAutoImport/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/TcpLowatOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Control/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_64/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=03CDE0245C2D6E1C06BB242138291E84 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=03CDE0245C2D6E1C06BB242138291E84 --mojo-platform-channel-handle=5428 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisableFirstRunAutoImport/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/TcpLowatOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Control/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_64/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=4BEB343492633A861D7732C2F31485A5 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=4BEB343492633A861D7732C2F31485A5 --mojo-platform-channel-handle=5288 /prefetch:1
C:\Windows\System32\InstallAgent.exe -Embedding
C:\Windows\System32\InstallAgentUserBroker.exe -Embedding
"C:\Program Files\WinRAR\WinRAR.exe" "E:\Hlavní složky\Stažené soubory\jngv1308+4tr.rar"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisableFirstRunAutoImport/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/*EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/TcpLowatOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Control/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_64/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=2ED326BB84453DBDF3129BE7DF1E7A06 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=2ED326BB84453DBDF3129BE7DF1E7A06 --mojo-platform-channel-handle=8348 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisableFirstRunAutoImport/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/*EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/TcpLowatOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Control/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_64/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=A3567BA1159FB87029030C3BA53A4666 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=A3567BA1159FB87029030C3BA53A4666 --mojo-platform-channel-handle=6032 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisableFirstRunAutoImport/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/*EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/TcpLowatOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Control/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_64/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=D814CD5ED11B4B492CADEBF6B17348C5 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=D814CD5ED11B4B492CADEBF6B17348C5 --mojo-platform-channel-handle=6416 /prefetch:1
"C:\Program Files\WinRAR\WinRAR.exe" "E:\Hlavní složky\Stažené soubory\jetsngunsgoldtrainer.zip"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisableFirstRunAutoImport/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/*EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/TcpLowatOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Control/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_64/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=30226D6F65624991B8C4A02BBD630CD8 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=30226D6F65624991B8C4A02BBD630CD8 --mojo-platform-channel-handle=3212 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisableFirstRunAutoImport/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/*EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/TcpLowatOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Control/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_64/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=FE7D9761BDAD503345E2AB8E2B7E160A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=FE7D9761BDAD503345E2AB8E2B7E160A --mojo-platform-channel-handle=6736 /prefetch:1
"E:\Hlavní složky\Stažené soubory\adwcleaner_6.042.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[S0].txt
"E:\Hlavní složky\Plocha\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\AdobeAAMUpdater-1.0-i5-Petr-Petr - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\WINDOWS\system32\tasks\AMD Updater - "C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe" /AUTOUPDATEIN
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Microsoft Office 15 Sync Maintenance for i5-Petr-Petr i5-Petr - C:\Program Files\Microsoft Office\Office15\MsoSync.exe
C:\WINDOWS\system32\tasks\MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
C:\WINDOWS\system32\tasks\SamsungMagician - "C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe" /AUTOHIDE
C:\WINDOWS\system32\tasks\server - E:\AppData\Local\TempSystem.exe
C:\WINDOWS\system32\tasks\StartCN - "C:\Program Files\AMD\CNext\CNext\cncmd.exe" startwithdelay
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{072207E9-C917-46F1-B1BB-D4E207A488DE} - C:\Windows\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{E6DBB309-B6A9-48F5-A5BA-80A513F846F4} - C:\Windows\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{04266EFC-5BB2-479D-A1BC-2D70E926B677} - "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/6.20.0.104/cs/ ... Error=1603
C:\WINDOWS\system32\tasks\{0A03B37D-8A84-4E7C-A29C-700FD16EDFE3} - "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/6.21.59.104/cs ... Error=1603
C:\WINDOWS\system32\tasks\{121A26B9-85DE-4D45-80BB-3E6DA6A20FFB} - "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/6.21.0.104/cs/ ... Error=1603
C:\WINDOWS\system32\tasks\{32FA096E-4D15-4567-8A70-B047A49211B1} - "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/6.20.0.104/cs/ ... Error=1603
C:\WINDOWS\system32\tasks\{4DD16751-0F76-44F6-9FF4-2212EA22CC80} - C:\WINDOWS\system32\pcalua.exe -a "D:\Hry\Mass Effect\MassEffectLauncher.exe" -d "D:\Hry\Mass Effect"
C:\WINDOWS\system32\tasks\{65EF54A0-FCC5-4725-8897-2109CB44787E} - C:\WINDOWS\system32\pcalua.exe -a "C:\Nuklearni Karel\uninstall.exe" -d "C:\Nuklearni Karel"
C:\WINDOWS\system32\tasks\{6657CC10-E0AA-49E7-B395-0B0C22CAE24A} - C:\Windows\system32\pcalua.exe -a C:\Hry\Bioshock\Builds\Release\Bioshock.exe -d C:\Hry\Bioshock\Builds\Release
C:\WINDOWS\system32\tasks\{A17716E6-3791-4337-886D-73BC3D44C12A} - "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/6.20.0.104/cs/ ... Error=1603
C:\WINDOWS\system32\tasks\{C7B6F82C-45E4-40A7-8483-2D75F8222C5D} - "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/6.20.0.104/cs/ ... Error=1603
C:\WINDOWS\system32\tasks\{DBAEFEB3-6ABB-49D6-A18C-201301AC427E} - "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/6.21.0.104/cs/ ... Error=1603
C:\WINDOWS\system32\tasks\{F243475E-1CC9-4A04-BAEF-3015EEF02FAD} - "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/6.21.0.104/cs/ ... age=tsMain
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\Windows\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe RebootDialog
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\UpgradeSubscription.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\UpgradeSubscription.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office 15 Subscription Heartbeat - %ProgramFiles%\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload mininterval:2880
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload

=========Google Chrome=========

C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension bnbaboaihhkjoaolfnfoablhllahjnee 1 GeoGebra Math Apps 5.0.240.0
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension fdpohaocaechififmbbbbbknoalclacl 1 Full Page Screen Capture 2.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.8.4
Extension haigaafonckooggfpmjplfpbkafelcfe 1 dmitlichess 0.2.71
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.1
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5516.1005.0.3
Homepage:
default_search_provider.search_url:
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-06-25 219304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2015-06-16 2335448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-06-25 153768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-18 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2015-06-16 1730264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-18 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-06-24 8492800]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19 557768]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2016-03-19 176952]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SteelSeries Engine"=C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [2014-10-09 87040]
"NetLimiter"=C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [2016-03-07 55632]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-08-26 8912088]
"Spotify Web Helper"=C:\Users\Petr\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2016-12-24 1444976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"SoftwareSASGeneration"=1
"EnableLUA"=0
"PromptOnSecureDesktop"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoResolveTrack"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"MemCheckBoxInRunDlg"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=%SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

Re: Preventivka (RSIT+CDI)

Napsal: 23 led 2017 10:29
od Clorky
======List of files/folders created in the last 1 month======

2017-01-23 10:21:59 ----D---- C:\AdwCleaner
2017-01-23 09:18:32 ----D---- C:\Program Files (x86)\Cheat Engine 6.6
2017-01-21 14:41:10 ----D---- C:\WINDOWS\SYSWOW64\drivers\atikmdag-patched
2017-01-21 14:41:10 ----D---- C:\WINDOWS\system32\drivers\atikmdag-patched
2017-01-21 14:32:19 ----D---- C:\WINDOWS\Panther
2017-01-21 14:08:00 ----A---- C:\WINDOWS\tweaking.com-regbackup-I5-PETR-Windows-10-Pro-(64-bit).dat
2017-01-21 14:07:58 ----D---- C:\RegBackup
2017-01-21 12:43:12 ----D---- C:\Program Files (x86)\HomeDev
2017-01-21 12:20:32 ----D---- C:\rsit
2017-01-20 17:33:40 ----D---- C:\games
2017-01-19 19:20:32 ----D---- C:\WINDOWS\LastGood.Tmp
2017-01-19 15:17:05 ----D---- C:\WINDOWS\SYSWOW64\directx
2017-01-18 18:09:04 ----A---- C:\cmdlog.txt
2017-01-18 17:05:33 ----AD---- C:\Program Files (x86)\TeamViewer
2017-01-17 14:50:08 ----A---- C:\WINDOWS\SYSWOW64\detoured.dll
2017-01-17 14:50:08 ----A---- C:\WINDOWS\system32\detoured.dll
2017-01-17 14:50:08 ----A---- C:\WINDOWS\system32\coinst_16.50.dll
2017-01-17 14:50:02 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2017-01-17 14:50:02 ----A---- C:\WINDOWS\SYSWOW64\amdxc32.dll
2017-01-17 14:50:02 ----A---- C:\WINDOWS\system32\OpenCL.dll
2017-01-17 14:50:02 ----A---- C:\WINDOWS\system32\amdxc64.dll
2017-01-13 11:54:08 ----A---- C:\WINDOWS\system32\amdihk64.dll
2017-01-13 11:53:36 ----A---- C:\WINDOWS\SYSWOW64\amdihk32.dll
2017-01-11 16:44:05 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 16:44:05 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 16:44:04 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 16:44:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2017-01-11 16:44:03 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2017-01-11 16:44:03 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-01-11 16:44:03 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-01-11 16:44:03 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 16:44:03 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-01-11 16:44:03 ----A---- C:\WINDOWS\system32\d2d1.dll
2017-01-11 16:44:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 16:44:02 ----A---- C:\WINDOWS\system32\rdpcore.dll
2017-01-11 16:44:02 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 16:44:02 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 16:44:02 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 16:44:02 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 16:44:02 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 16:44:02 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.CredDialogController.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\SYSWOW64\offlinesam.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\system32\winlogon.exe
2017-01-11 16:44:01 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\system32\samsrv.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\system32\rdpencom.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 16:44:01 ----A---- C:\WINDOWS\system32\D3D12.dll
2017-01-11 16:44:00 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2017-01-11 16:44:00 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2017-01-11 16:44:00 ----A---- C:\WINDOWS\system32\shell32.dll
2017-01-11 16:44:00 ----A---- C:\WINDOWS\system32\offlinesam.dll
2017-01-11 16:44:00 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-01-11 16:43:59 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\SYSWOW64\WinSCard.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\SYSWOW64\MSVP9DEC.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\SYSWOW64\cryptui.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\system32\wow64.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\system32\WinSCard.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-01-11 16:43:58 ----A---- C:\WINDOWS\system32\cryptui.dll
2017-01-11 16:43:58 ----A---- C:\WINDOWS\system32\certprop.dll
2017-01-11 16:43:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 16:43:57 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2017-01-11 16:43:57 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-01-11 16:43:57 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2017-01-11 16:43:57 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2017-01-11 16:43:56 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-01-11 16:43:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-01-11 16:43:55 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-01-11 16:43:55 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-01-11 16:43:55 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 16:43:54 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2017-01-11 16:43:54 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-01-11 16:43:54 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-01-11 16:43:54 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 16:43:53 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-01-11 16:43:53 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-01-11 16:43:53 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 16:43:53 ----A---- C:\WINDOWS\system32\mspaint.exe
2017-01-11 16:43:52 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2017-01-11 16:43:52 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 16:43:52 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-01-11 16:43:52 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 16:43:51 ----A---- C:\WINDOWS\system32\winmde.dll
2017-01-11 16:43:51 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 16:43:51 ----A---- C:\WINDOWS\system32\twinui.dll
2017-01-11 16:43:51 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 16:43:50 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-01-11 16:43:49 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-01-11 16:43:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 16:43:48 ----A---- C:\WINDOWS\system32\usocore.dll
2017-01-11 16:43:48 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 16:43:48 ----A---- C:\WINDOWS\system32\AppVPublishing.dll
2017-01-11 16:43:48 ----A---- C:\WINDOWS\system32\AppVOrchestration.dll
2017-01-11 16:43:48 ----A---- C:\WINDOWS\system32\AppVIntegration.dll
2017-01-11 16:43:48 ----A---- C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-01-11 16:43:48 ----A---- C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-01-11 16:43:48 ----A---- C:\WINDOWS\system32\AppVClient.exe
2017-01-11 16:43:48 ----A---- C:\WINDOWS\system32\AppVCatalog.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2017-01-11 16:43:47 ----A---- C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\system32\TransportDSA.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 16:43:47 ----A---- C:\WINDOWS\system32\AppVScripting.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\system32\AppVReporting.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\system32\AppVPolicy.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\system32\AppVManifest.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-01-11 16:43:47 ----A---- C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-01-11 16:43:46 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2017-01-11 16:43:46 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2017-01-11 16:43:46 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-01-11 16:43:46 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-01-11 16:43:46 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2017-01-11 16:43:46 ----A---- C:\WINDOWS\SYSWOW64\CloudBackupSettings.dll
2017-01-11 16:43:46 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 16:43:46 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-01-11 16:43:46 ----A---- C:\WINDOWS\system32\win32k.sys
2017-01-11 16:43:46 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-01-11 16:43:46 ----A---- C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 16:43:46 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 16:43:46 ----A---- C:\WINDOWS\system32\AppVShNotify.exe
2017-01-11 16:43:46 ----A---- C:\WINDOWS\system32\AppVDllSurrogate.exe
2017-01-11 16:43:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-01-11 16:43:45 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-01-11 16:43:45 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-01-11 16:43:45 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 16:43:45 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 16:43:45 ----A---- C:\WINDOWS\system32\SRH.dll
2017-01-11 16:43:45 ----A---- C:\WINDOWS\system32\aclui.dll
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\domgmt.dll
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\ClipUp.exe
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\AudioSes.dll
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\AudioEng.dll
2017-01-11 16:43:44 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 16:43:43 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-01-11 16:43:43 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2017-01-11 16:43:43 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2017-01-11 16:43:43 ----A---- C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 16:43:43 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 16:43:43 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 16:43:43 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2017-01-11 16:43:42 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2017-01-11 16:43:42 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2017-01-11 16:43:42 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2017-01-11 16:43:42 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-01-11 16:43:42 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 16:43:42 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 16:43:42 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 16:43:42 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-01-11 16:43:42 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 16:43:42 ----A---- C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 16:43:42 ----A---- C:\WINDOWS\system32\fhcfg.dll
2017-01-11 16:43:42 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2017-01-11 16:43:42 ----A---- C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 16:43:42 ----A---- C:\WINDOWS\system32\cloudAP.dll
2017-01-11 16:43:41 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 16:43:37 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 16:43:36 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-01-11 16:43:36 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 16:43:35 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2017-01-11 16:43:35 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2017-01-11 16:43:35 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-01-11 16:43:35 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-01-11 16:43:35 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-01-11 16:43:34 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 16:43:33 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2017-01-11 16:43:33 ----A---- C:\WINDOWS\SYSWOW64\AppVEntSubsystems32.dll
2017-01-11 16:43:33 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 16:43:33 ----A---- C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 16:43:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 16:43:32 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-01-11 16:43:32 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-01-11 16:43:32 ----A---- C:\WINDOWS\system32\provengine.dll
2017-01-11 16:43:31 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 16:43:30 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2017-01-11 16:43:30 ----A---- C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 16:43:30 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2017-01-03 16:08:56 ----D---- C:\WINDOWS\system32\˙˙˙˙˙˙˙˙8
2017-01-03 15:52:42 ----D---- C:\Program Files (x86)\Recuva
2017-01-03 15:52:26 ----D---- C:\Users\Petr\AppData\Roaming\MaxisPC
2017-01-03 15:28:40 ----D---- C:\Users\Petr\AppData\Roaming\GHISLER
2017-01-03 15:28:40 ----D---- C:\totalcmd
2017-01-02 20:55:27 ----D---- C:\Users\Petr\AppData\Roaming\Telegram Desktop

======List of files/folders modified in the last 1 month======

2017-01-23 10:27:49 ----D---- C:\Program Files\trend micro
2017-01-23 10:27:37 ----D---- C:\ProgramData\Gramblr
2017-01-23 10:25:41 ----D---- C:\WINDOWS\system32\catroot2
2017-01-23 10:21:59 ----D---- C:\WINDOWS\Temp
2017-01-23 09:18:32 ----RD---- C:\Program Files (x86)
2017-01-22 21:35:06 ----D---- C:\WINDOWS\system32\Tasks
2017-01-22 21:00:28 ----D---- C:\WINDOWS\system32\SleepStudy
2017-01-22 20:14:00 ----D---- C:\WINDOWS\Prefetch
2017-01-22 17:41:36 ----RD---- C:\WINDOWS\Microsoft.NET
2017-01-22 16:00:23 ----SHD---- C:\System Volume Information
2017-01-22 14:07:08 ----D---- C:\WINDOWS\AppReadiness
2017-01-21 23:20:55 ----D---- C:\Users\Petr\AppData\Roaming\uTorrent
2017-01-21 19:07:06 ----D---- C:\WINDOWS\Logs
2017-01-21 14:41:10 ----D---- C:\WINDOWS\SYSWOW64\drivers
2017-01-21 14:41:10 ----D---- C:\WINDOWS\system32\drivers
2017-01-21 14:40:20 ----D---- C:\Windows
2017-01-21 14:40:18 ----D---- C:\WINDOWS\system32\LogFiles
2017-01-21 14:39:26 ----D---- C:\WINDOWS\System32
2017-01-21 14:39:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-21 14:32:19 ----D---- C:\WINDOWS\debug
2017-01-21 14:32:14 ----D---- C:\WINDOWS\CSC
2017-01-21 14:31:55 ----D---- C:\WINDOWS\system32\sru
2017-01-21 14:13:00 ----D---- C:\WINDOWS\SoftwareDistribution
2017-01-21 14:10:48 ----D---- C:\WINDOWS\SysWOW64
2017-01-21 14:10:48 ----D---- C:\WINDOWS\system32\MsDtc
2017-01-21 14:10:48 ----D---- C:\WINDOWS\system32\config
2017-01-21 14:10:48 ----D---- C:\WINDOWS\pss
2017-01-21 14:10:48 ----D---- C:\WINDOWS\INF
2017-01-21 14:10:45 ----D---- C:\WINDOWS\system32\CatRoot
2017-01-21 14:10:43 ----D---- C:\Users\Petr\AppData\Roaming\Avg_Update_1114avi
2017-01-21 14:10:43 ----D---- C:\ProgramData\Skype
2017-01-21 12:48:34 ----SHDC---- C:\WINDOWS\Installer
2017-01-21 12:43:22 ----D---- C:\Users\Petr\AppData\Roaming\DiskSpaceFan
2017-01-21 12:43:12 ----SHD---- C:\Config.Msi
2017-01-21 12:39:33 ----RD---- C:\Program Files
2017-01-21 12:09:55 ----D---- C:\AMD
2017-01-21 12:08:15 ----D---- C:\Program Files (x86)\Steam
2017-01-21 12:08:14 ----D---- C:\Users\Petr\AppData\Roaming\TeamViewer
2017-01-21 12:08:09 ----D---- C:\WINDOWS\LiveKernelReports
2017-01-21 11:54:57 ----D---- C:\Program Files (x86)\VS Revo Group
2017-01-21 08:54:11 ----SHD---- C:\$RECYCLE.BIN
2017-01-20 23:56:55 ----D---- C:\Users\Petr\AppData\Roaming\Spotify
2017-01-19 19:21:33 ----AD---- C:\Program Files\AMD
2017-01-19 19:20:55 ----D---- C:\WINDOWS\system32\DriverStore
2017-01-19 19:20:34 ----D---- C:\Program Files (x86)\VulkanRT
2017-01-19 19:17:45 ----D---- C:\Program Files (x86)\MSI Afterburner
2017-01-19 15:13:29 ----AD---- C:\Program Files\Recuva
2017-01-19 15:11:07 ----D---- C:\Textures Backup
2017-01-18 17:32:38 ----AD---- C:\Program Files (x86)\CrystalDiskInfo
2017-01-18 17:05:36 ----RSD---- C:\WINDOWS\Fonts
2017-01-17 14:50:08 ----A---- C:\WINDOWS\SYSWOW64\mantleaxl32.dll
2017-01-17 14:50:08 ----A---- C:\WINDOWS\SYSWOW64\mantle32.dll
2017-01-17 14:50:08 ----A---- C:\WINDOWS\SYSWOW64\hsa-thunk.dll
2017-01-17 14:50:08 ----A---- C:\WINDOWS\SYSWOW64\GameManager32.dll
2017-01-17 14:50:08 ----A---- C:\WINDOWS\system32\mantleaxl64.dll
2017-01-17 14:50:08 ----A---- C:\WINDOWS\system32\mantle64.dll
2017-01-17 14:50:08 ----A---- C:\WINDOWS\system32\hsa-thunk64.dll
2017-01-17 14:50:08 ----A---- C:\WINDOWS\system32\GameManager64.dll
2017-01-17 14:50:08 ----A---- C:\WINDOWS\system32\dgtrayicon.exe
2017-01-17 14:50:08 ----A---- C:\WINDOWS\system32\clinfo.exe
2017-01-17 14:50:06 ----A---- C:\WINDOWS\SYSWOW64\atisamu32.dll
2017-01-17 14:50:06 ----A---- C:\WINDOWS\SYSWOW64\atimpc32.dll
2017-01-17 14:50:06 ----A---- C:\WINDOWS\system32\atisamu64.dll
2017-01-17 14:50:06 ----A---- C:\WINDOWS\system32\atimuixx.dll
2017-01-17 14:50:06 ----A---- C:\WINDOWS\system32\atimpc64.dll
2017-01-17 14:50:04 ----A---- C:\WINDOWS\SYSWOW64\atigktxx.dll
2017-01-17 14:50:04 ----A---- C:\WINDOWS\SYSWOW64\atieah32.exe
2017-01-17 14:50:04 ----A---- C:\WINDOWS\SYSWOW64\atidxx32.dll
2017-01-17 14:50:04 ----A---- C:\WINDOWS\SYSWOW64\aticfx32.dll
2017-01-17 14:50:04 ----A---- C:\WINDOWS\system32\atig6txx.dll
2017-01-17 14:50:04 ----A---- C:\WINDOWS\system32\atiesrxx.exe
2017-01-17 14:50:04 ----A---- C:\WINDOWS\system32\atieclxx.exe
2017-01-17 14:50:04 ----A---- C:\WINDOWS\system32\atieah64.exe
2017-01-17 14:50:04 ----A---- C:\WINDOWS\system32\atidxx64.dll
2017-01-17 14:50:04 ----A---- C:\WINDOWS\system32\atidemgy.dll
2017-01-17 14:50:04 ----A---- C:\WINDOWS\system32\aticfx64.dll
2017-01-17 14:50:02 ----A---- C:\WINDOWS\SYSWOW64\atiadlxy.dll
2017-01-17 14:50:02 ----A---- C:\WINDOWS\SYSWOW64\atiadlxx.dll
2017-01-17 14:50:02 ----A---- C:\WINDOWS\SYSWOW64\amfrt32.dll
2017-01-17 14:50:02 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2017-01-17 14:50:02 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2017-01-17 14:50:02 ----A---- C:\WINDOWS\system32\ati2erec.dll
2017-01-17 14:50:02 ----A---- C:\WINDOWS\system32\amfrt64.dll
2017-01-17 14:50:00 ----A---- C:\WINDOWS\SYSWOW64\amdvlk32.dll
2017-01-17 14:50:00 ----A---- C:\WINDOWS\SYSWOW64\amdpcom32.dll
2017-01-17 14:50:00 ----A---- C:\WINDOWS\system32\amdvlk64.dll
2017-01-17 14:50:00 ----A---- C:\WINDOWS\system32\amdpcom64.dll
2017-01-17 14:49:58 ----A---- C:\WINDOWS\SYSWOW64\amdmcl32.dll
2017-01-17 14:49:58 ----A---- C:\WINDOWS\SYSWOW64\amdlvr32.dll
2017-01-17 14:49:58 ----A---- C:\WINDOWS\SYSWOW64\amdhcp32.dll
2017-01-17 14:49:58 ----A---- C:\WINDOWS\system32\amdmiracast.dll
2017-01-17 14:49:58 ----A---- C:\WINDOWS\system32\amdmcl64.dll
2017-01-17 14:49:58 ----A---- C:\WINDOWS\system32\amdlvr64.dll
2017-01-17 14:49:58 ----A---- C:\WINDOWS\system32\amdhcp64.dll
2017-01-17 14:49:56 ----A---- C:\WINDOWS\SYSWOW64\amd-vulkan32.json
2017-01-17 14:49:56 ----A---- C:\WINDOWS\SYSWOW64\amdgfxinfo32.dll
2017-01-17 14:49:56 ----A---- C:\WINDOWS\SYSWOW64\amdave32.dll
2017-01-17 14:49:56 ----A---- C:\WINDOWS\system32\amd-vulkan64.json
2017-01-17 14:49:56 ----A---- C:\WINDOWS\system32\amdgfxinfo64.dll
2017-01-17 14:49:56 ----A---- C:\WINDOWS\system32\amdave64.dll
2017-01-13 19:02:44 ----D---- C:\WINDOWS\rescache
2017-01-12 20:52:38 ----D---- C:\WINDOWS\WinSxS
2017-01-11 20:59:34 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-01-11 20:59:34 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-01-11 20:59:34 ----D---- C:\WINDOWS\system32\wbem
2017-01-11 20:59:34 ----D---- C:\WINDOWS\system32\oobe
2017-01-11 20:59:34 ----D---- C:\WINDOWS\ShellExperiences
2017-01-11 20:59:34 ----D---- C:\WINDOWS\Provisioning
2017-01-11 20:59:34 ----D---- C:\WINDOWS\PolicyDefinitions
2017-01-11 20:59:34 ----D---- C:\Program Files\Internet Explorer
2017-01-11 20:59:34 ----D---- C:\Program Files (x86)\Internet Explorer
2017-01-11 19:30:43 ----D---- C:\WINDOWS\CbsTemp
2017-01-03 15:54:38 ----HD---- C:\$GetCurrent
2017-01-01 16:54:45 ----D---- C:\WINDOWS\system32\NDF

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem11.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2014-10-28 62152]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R1 dtsoftbus01;@oem39.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-10-18 283064]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2016-11-17 262792]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2016-11-17 197248]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO64A.SYS [2014-10-06 27552]
R1 nbdrv;@oem30.inf,%nbdrv_Desc%;NetBalancer Filter; C:\WINDOWS\system32\DRIVERS\nbdrv.sys [2015-02-05 42128]
R2 amdacpksd;ACP Kernel Service Driver; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [2016-07-25 313760]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 epfwwfpr;epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [2016-11-17 181384]
R2 nldrv;nldrv; \??\C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [2016-03-07 129152]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\drivers\atikmdag-patched\atikmdag.sys [2012-06-27 28716096]
R3 amdkmdap;amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0310456.inf_amd64_54a99fe241bea5ba\atikmpag.sys [2017-01-17 530968]
R3 AtiHDAudioService;@oem22.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2016-12-08 101376]
R3 busenum;@oem6.inf,%SvcDesc%;SteelBusSvc; C:\WINDOWS\System32\drivers\SteelBus64.sys [2014-10-08 146944]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-10-21 73568]
R3 iwdbus;@oem24.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-07-28 27000]
R3 MBfilt;MBfilt; C:\WINDOWS\system32\drivers\MBfilt64.sys [2015-06-24 41088]
R3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2013-03-11 13368]
R3 RTL8023x64;@oem7.inf,%Rtlnicx64.Service.DispName%;Realtek 10/100 NIC Family NDIS x64 Driver; C:\WINDOWS\system32\DRIVERS\Rtnic64.sys [2014-01-23 61656]
R3 SAlphamHid;@oem15.inf,%SvcDesc%;SteelHIDSvc; C:\WINDOWS\System32\drivers\SAlpham64.sys [2014-10-08 39168]
S0 amdkmafd;@oem50.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2016-08-18 49448]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2016-08-24 15488]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-21 64352]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2016-10-21 127328]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2016-07-16 157024]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2016-07-16 141152]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 hidkmdf;@oem4.inf,%hidkmdf.SVCDESC%;KMDF Driver; C:\WINDOWS\System32\drivers\hidkmdf.sys [2012-10-12 13728]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-07-28 38264]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2016-07-16 179040]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\WINDOWS\system32\drivers\tsusbhub.sys [2016-07-16 123392]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2017-01-17 299552]
R2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2016-07-18 121856]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-03-02 83768]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CDPUserSvc_149cf95;CDPUserSvc_149cf95; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-11-17 2771848]
R2 gramblrclient;Windows Connectivity Manager for Gramblr; C:\Program Files\Gramblr\gramblr.exe [2016-11-17 10186832]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-04-03 154584]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-04-03 398296]
R2 nlsvc;NetLimiter 4 Service; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [2016-03-07 322896]
R2 OneSyncSvc_149cf95;Hostitel synchronizace_149cf95; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 Origin Web Helper Service;Origin Web Helper Service; D:\Hry\Origin\OriginWebHelperService.exe [2016-11-02 2209296]
R2 RadeonPro Support Service;RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [2013-11-04 20608]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-12-15 10351856]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\TimeBrokerServer.dll
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=%SystemRoot%\System32\CDPUserSvc.dll
S2 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\hvhostsvc.dll
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-05-23 324224]
S3 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDevice.exe [2015-08-10 55336]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2016-10-22 1445384]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll"=%SystemRoot%\system32\FrameServer.dll
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-01-31 887232]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2016-03-19 651576]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\irmon.dll
S3 MessagingService_149cf95;Služba zasílání zpráv_149cf95; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 Origin Client Service;Origin Client Service; D:\Hry\Origin\OriginClientService.exe [2016-11-02 2142728]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 PimIndexMaintenanceSvc_149cf95;Data kontaktů_149cf95; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\RMapi.dll
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2016-10-21 2889896]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-04 837312]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2016-12-14 822624]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll"=%systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

Re: Preventivka (RSIT+CDI)

Napsal: 23 led 2017 17:10
od Rudy
RSIT v desítkách, bohužel, nemohu použít k mazání, mohl bych poškodit systém. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=30&t=133101 .

Re: Preventivka (RSIT+CDI)

Napsal: 24 led 2017 15:22
od Clorky
Píše mi, že se nenachází na ploše. Může to být spojeno s tím, že plochu mám přesunutou na oddíl pevného disku E:\, nikoliv na systémovém disku C:\?
Celá cesta je: E:\Hlavní složky\Plocha

Re: Preventivka (RSIT+CDI)

Napsal: 24 led 2017 15:24
od Clorky
Tak jsem zapnul pouze FRSTx64 bez FRSTLauncher. Vypadá to, že běží a tady je log a v příloze Addition.
Nic o WACOM nevím, dá se toho zbavit?

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2017
Ran by Petr (administrator) on I5-PETR (24-01-2017 15:23:38)
Running from E:\Hlavní složky\Plocha
Loaded Profiles: Petr (Available Profiles: Petr & Táta)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\Gramblr\gramblr.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(Mr. John aka japamd) C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Electronic Arts) D:\Hry\Origin\OriginWebHelperService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLClientApp.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Eurobattle.net) C:\Program Files (x86)\Eurobattle.net\xpam.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() D:\Hry\The Elder Scrolls V Skyrim Legendary Edition\Mod Organizer\ModOrganizer.exe
(Gretech Corp.) E:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BitTorrent, Inc.) C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [87040 2014-10-09] (SteelSeries ApS)
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [55632 2016-03-07] (Locktime Software)
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [Spotify Web Helper] => C:\Users\Petr\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2016-12-24] (Spotify Ltd)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5b11aa51-3e65-4d6c-ac2b-5da5716333a4}: [NameServer] 4.2.2.3,4.2.2.4
Tcpip\..\Interfaces\{9867b728-1aa3-4b9b-ac0e-dd8f008a35e2}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{9867b728-1aa3-4b9b-ac0e-dd8f008a35e2}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-1292206800-3816184836-4294836885-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-18] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-18] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1292206800-3816184836-4294836885-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2017-01-24]
CHR Extension: (Prezentace Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-02]
CHR Extension: (Dokumenty Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-02]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-02]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-02]
CHR Extension: (GeoGebra Math Apps) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2017-01-03]
CHR Extension: (Full Page Screen Capture) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2016-12-20]
CHR Extension: (Tabulky Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-02]
CHR Extension: (AdBlock) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-29]
CHR Extension: (dmitlichess) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\haigaafonckooggfpmjplfpbkafelcfe [2017-01-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-02]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-18]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-07-18] (Advanced Micro Devices) [File not signed]
S3 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDevice.exe [55336 2015-08-10] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1445384 2016-10-22] ()
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2771848 2016-11-17] (ESET)
R2 gramblrclient; C:\Program Files\Gramblr\gramblr.exe [10186832 2016-11-17] () [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [322896 2016-03-07] (Locktime Software)
S3 Origin Client Service; D:\Hry\Origin\OriginClientService.exe [2142728 2016-11-02] (Electronic Arts)
R2 Origin Web Helper Service; D:\Hry\Origin\OriginWebHelperService.exe [2209296 2016-11-02] (Electronic Arts)
R2 RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [20608 2013-11-04] (Mr. John aka japamd) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-10-21] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe [417792 2016-07-12] (Wondershare) [File not signed]
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-11-14] (Wacom Technology, Corp.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [313760 2016-07-25] (Advanced Micro Devices)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\drivers\atikmdag-patched\atikmdag.sys [28716096 2012-06-27] (Advanced Micro Devices, Inc.) [File not signed]
R3 amdkmdag; C:\Windows\SysWOW64\drivers\atikmdag-patched\atikmdag.sys [28716096 2012-06-27] (Advanced Micro Devices, Inc.) [File not signed]
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0310456.inf_amd64_54a99fe241bea5ba\atikmpag.sys [530968 2017-01-17] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-12-08] (Advanced Micro Devices)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2014-10-18] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [262792 2016-11-17] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2016-08-24] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [197248 2016-11-17] (ESET)
R2 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [181384 2016-11-17] (ESET)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2014-10-06] (REALiX(tm))
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
R1 nbdrv; C:\WINDOWS\system32\DRIVERS\nbdrv.sys [42128 2015-02-05] (SeriousBit)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [129152 2016-03-07] (Locktime Software)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
R3 RTL8023x64; C:\WINDOWS\system32\DRIVERS\Rtnic64.sys [61656 2014-01-23] (Realtek Semiconductor Corporation )
R3 SAlphamHid; C:\WINDOWS\System32\drivers\SAlpham64.sys [39168 2014-10-08] (SteelSeries Corporation)
S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-12-18] (Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [115208 2014-11-24] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-24 15:23 - 2017-01-24 15:23 - 00000000 ____D C:\FRST
2017-01-24 15:20 - 2017-01-24 15:20 - 00000000 ____D C:\RtC Wolfenstein CZ
2017-01-23 12:05 - 2017-01-23 12:47 - 00000023 _____ C:\WINDOWS\BlendSettings.ini
2017-01-23 10:21 - 2017-01-23 10:26 - 00000000 ____D C:\AdwCleaner
2017-01-23 09:18 - 2017-01-23 09:18 - 00000000 ____D C:\Users\Petr\Documents\My Cheat Tables
2017-01-23 09:18 - 2017-01-23 09:18 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.6
2017-01-21 16:23 - 2017-01-21 16:47 - 00000000 ____D C:\Users\Petr\Documents\JnGGold
2017-01-21 14:41 - 2017-01-21 14:41 - 00000000 ___DL C:\WINDOWS\SysWOW64\Drivers\atikmdag-patched
2017-01-21 14:41 - 2017-01-21 14:41 - 00000000 ____D C:\WINDOWS\system32\Drivers\atikmdag-patched
2017-01-21 14:32 - 2017-01-21 14:32 - 00000000 ____D C:\WINDOWS\Panther
2017-01-21 14:08 - 2017-01-21 14:08 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-I5-PETR-Windows-10-Pro-(64-bit).dat
2017-01-21 14:07 - 2017-01-21 14:07 - 00000000 ____D C:\RegBackup
2017-01-21 12:43 - 2017-01-21 12:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeDev
2017-01-21 12:43 - 2017-01-21 12:43 - 00000000 ____D C:\Program Files (x86)\HomeDev
2017-01-21 12:20 - 2017-01-21 12:28 - 00000000 ____D C:\rsit
2017-01-21 08:54 - 2017-01-21 08:54 - 00002433 _____ C:\Users\Táta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-21 08:54 - 2017-01-21 08:54 - 00000000 ____D C:\Users\Táta\AppData\LocalLow\AMD
2017-01-21 08:53 - 2017-01-21 08:53 - 00000020 ___SH C:\Users\Táta\ntuser.ini
2017-01-21 08:53 - 2017-01-21 08:53 - 00000000 ____D C:\Users\Táta\AppData\Roaming\WTablet
2017-01-20 17:33 - 2017-01-21 15:37 - 00000000 ____D C:\games
2017-01-20 17:33 - 2017-01-20 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Lunch Design
2017-01-19 19:21 - 2017-01-19 19:21 - 00003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-01-19 19:21 - 2017-01-19 19:21 - 00000000 ____D C:\Users\Petr\AppData\LocalLow\AMD
2017-01-19 19:21 - 2017-01-19 19:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-01-19 19:21 - 2017-01-19 19:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2017-01-19 19:20 - 2017-01-19 19:21 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-01-19 16:06 - 2017-01-19 16:06 - 00000000 ____D C:\Users\Petr\Documents\CPY_SAVES
2017-01-19 15:17 - 2017-01-19 15:17 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2017-01-19 15:17 - 2017-01-19 15:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls IV Oblivion
2017-01-18 18:09 - 2017-01-20 16:07 - 00000084 _____ C:\cmdlog.txt
2017-01-18 18:09 - 2017-01-18 18:09 - 00000000 ____D C:\Users\Petr\Documents\LucasArts
2017-01-18 17:53 - 2017-01-18 17:53 - 00000000 ____D C:\Users\Petr\AppData\LocalLow\Unknown Worlds
2017-01-18 17:05 - 2017-01-18 17:05 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-01-18 17:05 - 2017-01-18 17:05 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-01-18 17:01 - 2017-01-18 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts
2017-01-17 14:50 - 2017-01-17 14:50 - 00923160 _____ (AMD) C:\WINDOWS\system32\coinst_16.50.dll
2017-01-17 14:50 - 2017-01-17 14:50 - 00154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2017-01-17 14:50 - 2017-01-17 14:50 - 00121880 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-01-17 14:50 - 2017-01-17 14:50 - 00120368 _____ C:\WINDOWS\system32\kapp_ci.sbin
2017-01-17 14:50 - 2017-01-17 14:50 - 00115984 _____ C:\WINDOWS\system32\kapp_si.sbin
2017-01-17 14:50 - 2017-01-17 14:50 - 00112672 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-01-17 14:50 - 2017-01-17 14:50 - 00109080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2017-01-17 14:50 - 2017-01-17 14:50 - 00096800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2017-01-17 14:50 - 2017-01-17 14:50 - 00029728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-01-17 14:50 - 2017-01-17 14:50 - 00029720 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-01-17 14:49 - 2017-01-17 14:49 - 00019391 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2017-01-13 11:54 - 2017-01-13 11:54 - 00111616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2017-01-13 11:53 - 2017-01-13 11:53 - 00092160 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2017-01-11 16:44 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-11 16:44 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-11 16:44 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 16:44 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 16:44 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-11 16:44 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 16:44 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 16:44 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 16:44 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-11 16:44 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-11 16:44 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 16:44 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-11 16:44 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 16:44 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 16:44 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-11 16:44 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-11 16:44 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-11 16:44 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-11 16:44 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 16:44 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 16:44 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-11 16:44 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-11 16:44 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-11 16:44 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-11 16:44 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-11 16:44 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-11 16:44 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-11 16:44 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-11 16:44 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-11 16:44 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 16:44 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 16:44 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-11 16:44 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-11 16:44 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-11 16:44 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-11 16:44 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-11 16:44 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-11 16:43 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 16:43 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 16:43 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 16:43 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-11 16:43 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-11 16:43 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 16:43 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-11 16:43 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-11 16:43 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 16:43 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 16:43 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 16:43 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 16:43 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 16:43 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 16:43 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 16:43 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 16:43 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-11 16:43 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 16:43 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 16:43 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 16:43 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 16:43 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 16:43 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-11 16:43 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 16:43 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 16:43 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 16:43 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-11 16:43 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-11 16:43 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 16:43 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-11 16:43 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 16:43 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 16:43 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-11 16:43 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 16:43 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-11 16:43 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-11 16:43 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 16:43 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 16:43 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 16:43 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 16:43 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 16:43 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-11 16:43 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-11 16:43 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-11 16:43 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-11 16:43 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-11 16:43 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-11 16:43 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-11 16:43 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-11 16:43 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-11 16:43 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 16:43 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-11 16:43 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-11 16:43 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-11 16:43 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-11 16:43 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-11 16:43 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-11 16:43 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-11 16:43 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-11 16:43 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-11 16:43 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-11 16:43 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-11 16:43 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-11 16:43 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-11 16:43 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-11 16:43 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-11 16:43 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-11 16:43 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-11 16:43 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-11 16:43 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-11 16:43 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 16:43 - 2016-12-14 06:33 - 02169184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-01-11 16:43 - 2016-12-14 06:33 - 01669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-01-11 16:43 - 2016-12-14 06:33 - 01400160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-01-11 16:43 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-11 16:43 - 2016-12-14 06:33 - 01054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-01-11 16:43 - 2016-12-14 06:33 - 00992096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-01-11 16:43 - 2016-12-14 06:33 - 00822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-01-11 16:43 - 2016-12-14 06:33 - 00813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-01-11 16:43 - 2016-12-14 06:33 - 00779616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-01-11 16:43 - 2016-12-14 06:33 - 00752992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-01-11 16:43 - 2016-12-14 06:33 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-01-11 16:43 - 2016-12-14 06:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-01-11 16:43 - 2016-12-14 06:33 - 00571744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-01-11 16:43 - 2016-12-14 06:33 - 00513376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-01-11 16:43 - 2016-12-14 06:33 - 00406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-01-11 16:43 - 2016-12-14 06:33 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-01-11 16:43 - 2016-12-14 06:33 - 00190816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2017-01-11 16:43 - 2016-12-14 06:26 - 01469792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-01-11 16:43 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-11 16:43 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 16:43 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-11 16:43 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-11 16:43 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-11 16:43 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-11 16:43 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 16:43 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 16:43 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-11 16:43 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-11 16:43 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-11 16:43 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-11 16:43 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-11 16:43 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 16:43 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-11 16:43 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-11 16:43 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 16:43 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-11 16:43 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-11 16:43 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 16:43 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-11 16:43 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 16:43 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-11 16:43 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 16:43 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-11 16:43 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-11 16:43 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 16:43 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 16:43 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 16:43 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 16:43 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-11 16:43 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 16:43 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 16:43 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-11 16:43 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-11 16:43 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-11 16:43 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-11 16:43 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-11 16:43 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-11 16:43 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-11 16:43 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-11 16:43 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-11 16:43 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-11 16:43 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-11 16:43 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 16:43 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-11 16:43 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-11 16:43 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-11 16:43 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-11 16:43 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-11 16:43 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-11 16:43 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-11 16:43 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-11 16:43 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 16:43 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 16:43 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-11 16:43 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-03 16:08 - 2017-01-03 16:08 - 00000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙8
2017-01-03 15:52 - 2017-01-03 15:52 - 00000000 ____D C:\Users\Petr\AppData\Roaming\MaxisPC
2017-01-03 15:52 - 2017-01-03 15:52 - 00000000 ____D C:\Program Files (x86)\Recuva
2017-01-03 15:41 - 2017-01-19 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software
2017-01-03 15:28 - 2017-01-03 15:28 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2017-01-03 15:28 - 2017-01-03 15:28 - 00000000 ____D C:\Users\Petr\AppData\Roaming\GHISLER
2017-01-03 15:28 - 2017-01-03 15:28 - 00000000 ____D C:\totalcmd
2017-01-02 20:55 - 2017-01-02 20:55 - 00001174 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram.lnk
2017-01-02 20:55 - 2017-01-02 20:55 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Telegram Desktop

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-24 15:23 - 2016-10-28 09:59 - 00000000 ____D C:\ProgramData\Gramblr
2017-01-24 15:20 - 2014-10-06 17:43 - 00000000 ____D C:\Users\Petr\AppData\Roaming\uTorrent
2017-01-24 15:19 - 2016-10-21 15:58 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-24 15:07 - 2016-10-21 16:06 - 00004194 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E6DBB309-B6A9-48F5-A5BA-80A513F846F4}
2017-01-24 13:22 - 2016-10-21 16:06 - 00005194 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for i5-Petr-Petr i5-Petr
2017-01-24 09:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-24 06:56 - 2016-10-21 16:01 - 00000000 ____D C:\Users\Petr
2017-01-23 21:45 - 2016-10-21 16:06 - 00003124 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2017-01-23 12:40 - 2016-07-16 23:25 - 00767392 _____ C:\WINDOWS\system32\perfh005.dat
2017-01-23 12:40 - 2016-07-16 23:25 - 00182618 _____ C:\WINDOWS\system32\perfc005.dat
2017-01-23 12:40 - 2015-08-04 16:02 - 02081800 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-23 12:35 - 2016-10-21 16:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-23 12:05 - 2015-08-04 23:21 - 00000000 ____D C:\Users\Petr\Documents\My Games
2017-01-23 10:27 - 2015-01-29 20:43 - 00000000 ____D C:\Program Files\trend micro
2017-01-21 14:33 - 2016-10-21 16:01 - 00000000 ____D C:\Users\Táta
2017-01-21 14:32 - 2016-10-21 16:02 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-01-21 14:32 - 2016-10-21 15:59 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-01-21 14:32 - 2016-07-16 07:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2017-01-21 14:32 - 2014-10-06 17:39 - 00000000 ____D C:\WINDOWS\CSC
2017-01-21 14:14 - 2015-08-04 23:21 - 00000000 ____D C:\Users\Petr\Documents\regfiles
2017-01-21 14:10 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2017-01-21 14:10 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-21 14:10 - 2014-12-10 17:39 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Avg_Update_1114avi
2017-01-21 14:10 - 2014-10-27 13:48 - 00000000 ____D C:\WINDOWS\pss
2017-01-21 14:10 - 2014-10-06 18:39 - 00000000 ____D C:\ProgramData\Skype
2017-01-21 12:43 - 2015-03-28 13:57 - 00000000 ____D C:\Users\Petr\AppData\Roaming\DiskSpaceFan
2017-01-21 12:09 - 2016-11-14 08:28 - 00000000 ____D C:\AMD
2017-01-21 12:08 - 2016-07-31 19:32 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-21 12:08 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-21 12:08 - 2015-01-09 22:59 - 00000000 ____D C:\Users\Petr\AppData\Roaming\TeamViewer
2017-01-21 11:54 - 2016-07-31 20:08 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2017-01-21 08:54 - 2015-10-30 17:08 - 00000000 ___RD C:\Users\Táta\OneDrive
2017-01-21 08:53 - 2016-04-27 08:00 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-20 23:56 - 2016-10-15 10:25 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Spotify
2017-01-19 19:21 - 2016-10-21 15:59 - 00000000 ____D C:\Program Files\AMD
2017-01-19 19:20 - 2016-05-04 14:42 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-01-19 19:17 - 2014-10-31 18:22 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2017-01-19 16:19 - 2016-08-03 18:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2017-01-19 15:13 - 2015-03-29 20:19 - 00000000 ____D C:\Program Files\Recuva
2017-01-19 15:11 - 2016-12-18 17:42 - 00000000 ____D C:\Textures Backup
2017-01-19 06:39 - 2016-10-21 15:58 - 00361016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-18 17:32 - 2016-06-02 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-01-18 17:32 - 2016-06-02 16:47 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2017-01-17 14:50 - 2016-10-20 18:22 - 09881120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 07927840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2017-01-17 14:50 - 2016-10-20 18:22 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2017-01-17 14:50 - 2016-10-20 18:22 - 02501664 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 02183712 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 01356312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 01016352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 01016352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 00780336 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2017-01-17 14:50 - 2016-10-20 18:22 - 00780336 _____ C:\WINDOWS\system32\atiapfxx.blb
2017-01-17 14:50 - 2016-10-20 18:22 - 00540192 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-01-17 14:50 - 2016-10-20 18:22 - 00467992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 00411672 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-01-17 14:50 - 2016-10-20 18:22 - 00299552 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-01-17 14:50 - 2016-10-20 18:22 - 00291360 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-01-17 14:50 - 2016-10-20 18:22 - 00284704 _____ C:\WINDOWS\system32\GameManager64.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 00278552 _____ C:\WINDOWS\system32\clinfo.exe
2017-01-17 14:50 - 2016-10-20 18:22 - 00277024 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 00249376 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 00242720 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 00239640 _____ C:\WINDOWS\system32\atieah64.exe
2017-01-17 14:50 - 2016-10-20 18:22 - 00217632 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-01-17 14:50 - 2016-10-20 18:22 - 00212512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 00185888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 00169504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 00150152 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 00146520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 00145944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 00144416 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 00138776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 00127000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 00120384 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 00120384 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 00119840 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 00118296 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 00111128 _____ C:\WINDOWS\system32\atidxx64.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 00102672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 00102672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 00098840 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2017-01-17 14:50 - 2016-10-20 18:22 - 00069152 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-01-17 14:49 - 2016-10-20 18:22 - 00854560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-01-17 14:49 - 2016-10-20 18:22 - 00688664 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-01-17 14:49 - 2016-10-20 18:22 - 00475632 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-01-17 14:49 - 2016-10-20 18:22 - 00257560 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-01-17 14:49 - 2016-10-20 18:22 - 00230424 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-01-17 14:49 - 2016-10-20 18:22 - 00152096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-01-17 14:49 - 2016-10-20 18:22 - 00135920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-01-17 14:49 - 2016-10-20 18:22 - 00125560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-01-17 14:49 - 2016-10-20 18:22 - 00113608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-01-17 14:49 - 2016-10-20 18:22 - 00092184 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-01-17 14:49 - 2016-10-20 18:22 - 00075808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-01-17 14:49 - 2016-10-20 18:22 - 00000144 _____ C:\WINDOWS\SysWOW64\amd-vulkan32.json
2017-01-17 14:49 - 2016-10-20 18:22 - 00000144 _____ C:\WINDOWS\system32\amd-vulkan64.json
2017-01-13 19:02 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-11 20:59 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-11 20:59 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-11 20:59 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-11 20:59 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-11 20:59 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-11 20:59 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-01-11 19:30 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-11 16:13 - 2016-10-21 16:06 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-11 16:13 - 2015-03-01 23:49 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-01-06 22:49 - 2015-08-04 23:21 - 00000000 ____D C:\Users\Petr\Documents\The Witcher 3
2017-01-03 15:54 - 2016-10-21 12:19 - 00000000 ___HD C:\$GetCurrent
2017-01-01 16:54 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-30 12:13 - 2016-12-07 17:06 - 00000000 ___RD C:\Users\Petr\Documents\Scanned Documents

==================== Files in the root of some directories =======

2014-11-03 15:01 - 2014-11-03 15:06 - 0000127 _____ () C:\Users\Petr\AppData\Roaming\Camdata.ini
2014-11-03 15:01 - 2014-11-03 15:06 - 0000408 _____ () C:\Users\Petr\AppData\Roaming\CamLayout.ini
2014-11-03 15:01 - 2014-11-03 15:06 - 0000408 _____ () C:\Users\Petr\AppData\Roaming\CamShapes.ini
2014-11-03 15:01 - 2014-11-03 15:06 - 0004547 _____ () C:\Users\Petr\AppData\Roaming\CamStudio.cfg
2016-11-01 09:57 - 2016-11-01 09:57 - 5285376 _____ () C:\Users\Petr\AppData\Roaming\chromedriver221.exe
2016-11-01 09:57 - 2016-11-01 09:57 - 0034476 _____ () C:\Users\Petr\AppData\Roaming\disable_webrtc-1.0.6.xpi
2016-11-01 09:57 - 2016-11-01 09:57 - 18587648 _____ (PhantomJS) C:\Users\Petr\AppData\Roaming\PhantomJSv211.exe
2014-12-22 21:04 - 2014-12-22 21:04 - 0000044 _____ () C:\Users\Petr\AppData\Roaming\twow_sysprepdt.dat
2014-11-03 15:00 - 2014-11-03 15:01 - 0000096 _____ () C:\Users\Petr\AppData\Roaming\version2.xml
2016-11-01 09:57 - 2016-11-01 09:57 - 0701954 _____ () C:\Users\Petr\AppData\Roaming\WebDriver.FirefoxExt2530.zip
2014-10-27 17:54 - 2014-10-27 17:54 - 0000600 _____ () C:\Users\Petr\AppData\Roaming\winscp.rnd
2015-12-15 21:12 - 2015-12-15 21:12 - 0003584 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-31 20:25 - 2015-02-07 22:12 - 2128896 _____ () C:\Users\Petr\AppData\Local\file__0.localstorage
2017-01-21 12:13 - 2017-01-24 15:22 - 0029696 _____ () C:\Users\Petr\AppData\Local\MSGBOX.EXE
2014-10-06 17:55 - 2015-02-14 11:05 - 0007603 _____ () C:\Users\Petr\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-16 16:58

==================== End of FRST.txt ============================

Re: Preventivka (RSIT+CDI)

Napsal: 24 led 2017 18:15
od Rudy
Zkusíme to, i když je to regulérní soft. Otevřte poznámkový blok a zkopírujte do něj:
Start
C:\Program Files\Tablet
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]
FF Plugin HKU\S-1-5-21-1292206800-3816184836-4294836885-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
C:\WINDOWS\LastGood.Tmp
Task: {075ACDC0-9C5B-440F-864C-E112618AEEDE} - System32\Tasks\{4DD16751-0F76-44F6-9FF4-2212EA22CC80} => pcalua.exe -a "D:\Hry\Mass Effect\MassEffectLauncher.exe" -d "D:\Hry\Mass Effect"
Task: {5602D040-740C-44BD-8221-59A9E15CBFC5} - System32\Tasks\{6657CC10-E0AA-49E7-B395-0B0C22CAE24A} => pcalua.exe -a C:\Hry\Bioshock\Builds\Release\Bioshock.exe -d C:\Hry\Bioshock\Builds\Release
Task: {65E04892-2A4D-471A-9200-CFCAF18C24FF} - \WPD\SqmUpload_S-1-5-21-1292206800-3816184836-4294836885-1005 -> No File <==== ATTENTION
Task: {79151870-157B-4E97-B930-C4F3AB8F87F5} - \WPD\SqmUpload_S-1-5-21-1292206800-3816184836-4294836885-1001 -> No File <==== ATTENTION
Task: {85419F5E-9C58-4D6E-9AD8-DCFE45F08D85} - System32\Tasks\{65EF54A0-FCC5-4725-8897-2109CB44787E} => pcalua.exe -a "C:\Nuklearni Karel\uninstall.exe" -d "C:\Nuklearni Karel"

EmptyTemp:
ResetHosts:
End
Uložte do E:\Hlavní složky\Plocha jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Preventivka (RSIT+CDI)

Napsal: 24 led 2017 20:28
od Clorky
Díky, tady je fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-01-2017
Ran by Petr (24-01-2017 20:26:51) Run:1
Running from E:\Hlavní složky\Plocha
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
C:\Program Files\Tablet
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]
FF Plugin HKU\S-1-5-21-1292206800-3816184836-4294836885-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
C:\WINDOWS\LastGood.Tmp
Task: {075ACDC0-9C5B-440F-864C-E112618AEEDE} - System32\Tasks\{4DD16751-0F76-44F6-9FF4-2212EA22CC80} => pcalua.exe -a "D:\Hry\Mass Effect\MassEffectLauncher.exe" -d "D:\Hry\Mass Effect"
Task: {5602D040-740C-44BD-8221-59A9E15CBFC5} - System32\Tasks\{6657CC10-E0AA-49E7-B395-0B0C22CAE24A} => pcalua.exe -a C:\Hry\Bioshock\Builds\Release\Bioshock.exe -d C:\Hry\Bioshock\Builds\Release
Task: {65E04892-2A4D-471A-9200-CFCAF18C24FF} - \WPD\SqmUpload_S-1-5-21-1292206800-3816184836-4294836885-1005 -> No File <==== ATTENTION
Task: {79151870-157B-4E97-B930-C4F3AB8F87F5} - \WPD\SqmUpload_S-1-5-21-1292206800-3816184836-4294836885-1001 -> No File <==== ATTENTION
Task: {85419F5E-9C58-4D6E-9AD8-DCFE45F08D85} - System32\Tasks\{65EF54A0-FCC5-4725-8897-2109CB44787E} => pcalua.exe -a "C:\Nuklearni Karel\uninstall.exe" -d "C:\Nuklearni Karel"

EmptyTemp:
ResetHosts:
End
*****************

C:\Program Files\Tablet => moved successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk => key removed successfully
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\Software\MozillaPlugins\wacom.com/WacomTabletPlugin => key removed successfully
C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll => not found.
C:\WINDOWS\LastGood.Tmp => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{075ACDC0-9C5B-440F-864C-E112618AEEDE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{075ACDC0-9C5B-440F-864C-E112618AEEDE} => key removed successfully
C:\WINDOWS\System32\Tasks\{4DD16751-0F76-44F6-9FF4-2212EA22CC80} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4DD16751-0F76-44F6-9FF4-2212EA22CC80} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5602D040-740C-44BD-8221-59A9E15CBFC5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5602D040-740C-44BD-8221-59A9E15CBFC5} => key removed successfully
C:\WINDOWS\System32\Tasks\{6657CC10-E0AA-49E7-B395-0B0C22CAE24A} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6657CC10-E0AA-49E7-B395-0B0C22CAE24A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65E04892-2A4D-471A-9200-CFCAF18C24FF} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65E04892-2A4D-471A-9200-CFCAF18C24FF} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-1292206800-3816184836-4294836885-1005 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{79151870-157B-4E97-B930-C4F3AB8F87F5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79151870-157B-4E97-B930-C4F3AB8F87F5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-1292206800-3816184836-4294836885-1001 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85419F5E-9C58-4D6E-9AD8-DCFE45F08D85} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85419F5E-9C58-4D6E-9AD8-DCFE45F08D85} => key removed successfully
C:\WINDOWS\System32\Tasks\{65EF54A0-FCC5-4725-8897-2109CB44787E} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{65EF54A0-FCC5-4725-8897-2109CB44787E} => key removed successfully
ResetHosts: => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 37849032 B
Java, Flash, Steam htmlcache => 44483478 B
Windows/system/drivers => 8491 B
Edge => 0 B
Chrome => 614683926 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Petr => 1946407 B

RecycleBin => 0 B
EmptyTemp: => 666.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:26:54 ====

Re: Preventivka (RSIT+CDI)

Napsal: 24 led 2017 21:25
od Rudy
Smazáno. Log by již měl být OK.

Re: Preventivka (RSIT+CDI)

Napsal: 25 led 2017 16:59
od Clorky
Snad ano :) díky moc za spolupráci. Je nějaká možnost, jak zaslat příspěvek fóru?

Znovu díky.

Re: Preventivka (RSIT+CDI)

Napsal: 25 led 2017 17:51
od Rudy
Všchny možnosti podpory našeho fóra najdete zde: http://forum.viry.cz/viewtopic.php?f=7&t=78175 . Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz