Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosím o kontrolu logu
Dobrý den,
prosím o kontrolu logu RSIT na NTB. Poslední dobou sleduji, že mám pomalou odezvu na "pravou myš", Mozilla nabíhá hodně pomalu a spouštění některých aplikací také trvá dlouho, nebo práce s nimi (např. Excel) trvá.
Děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by Dios at 2017-03-02 11:53:55
Microsoft Windows 10 Pro
System drive C: has 19 GB (3%) free of 588 GB
Total RAM: 4030 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:54:21, on 2.3.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files (x86)\KROSplus\KROSplus.exe
C:\Program Files\trend micro\Dios.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tipmatchbets.com/?cz&page=di ... egory=chat
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: PXCIEaddin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll
O2 - BHO: Norton Identity Safety - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: PDFXChange 4.0 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [DriveUtilitiesHelper] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
O4 - HKLM\..\Run: [NetLockMngr] C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Tmobile_Czech Estoril ModemListener] C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [StatusAlerts] "C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Dios\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{010225A0-1DFD-CB3D-7CBF-F81DEAD6A5B5}: NameServer = 62.141.0.1 213.162.65.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{010225A2-1DFD-CB3D-7CBF-F81DEAD6A5B5}: NameServer = 93.153.117.1 93.153.117.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{44da3733-12ea-4092-ab15-cb3b918a7993}: NameServer = 192.168.100.1,8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{010225A0-1DFD-CB3D-7CBF-F81DEAD6A5B5}: NameServer = 62.141.0.1 213.162.65.1
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: DraftSight API Service - Dassault Systemes - C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Firebird\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Firebird\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\WINDOWS\system32\HPSIsvc.exe (file missing)
O23 - Service: @oem106.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\NIS.exe
O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\windows\SysWOW64\NLSSRV32.EXE
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SWLock Server (SWLckServer) - Unknown owner - C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Tmobile_Czech Estoril Modem Device Helper - Unknown owner - C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: CryptoPlus XME Engine Service (xmengine service) - Monet+, a.s. - C:\windows\SysWOW64\xmesrv.exe
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe
--
End of file - 18987 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\Hpservice.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe"
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe" -start
C:\windows\system32\vcsFPService.exe
"C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
dashost.exe {9d819a4b-b7e6-47f1-b01c68fb8da75e39}
"C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\NIS.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\diMaster.dll" /prefetch:1
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
"C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\NIS.exe" /c /a /s UserSession2
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"C:\Program Files (x86)\uTorrent\uTorrent.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe"
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE"
"C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE" /n /dde
C:\WINDOWS\splwow64.exe 8192
"C:\Program Files (x86)\KROSplus\KROSplus.exe" LOG
C:\WINDOWS\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"fontdrvhost.exe"
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe46_ Global\UsGthrCtrlFltPipeMssGthrPipe46 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x478
"C:\Users\Dios\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 640 644 652 8192 648
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK
C:\WINDOWS\tasks\HPCeeScheduleForDios.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForDios (null)
C:\WINDOWS\tasks\TrackerAutoUpdate.job - C:\Program Files\Tracker Software\Update\TrackerUpdate.exe -CheckUpdate
=========Mozilla firefox=========
ProfilePath - C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
"{C1A2A613-35F1-4FCF-B27F-2840527B6556}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.0.50\coFFAddon\
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.221 Plugin
"Path"=C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nitropdf.com/NitroPDF]
"Description"=NitroPDF Web Browser Plugin
"Path"=C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@parallelgraphics.com/Cortona]
"Description"=Cortona VRML Plugin
"Path"=C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5]
"Description"=A component of your photo software powered by RocketLife
"Path"=C:\Users\Dios\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.221 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.92.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.92.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFFICE.DLL
npPDFXCviewNPPlugin.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\extensions\
firefoxdav@icloud.com
C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\searchplugins\
firmycz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Safety - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20 1301120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-06-09 570944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-06-09 234048]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42DFA04F-0F16-418e-B80C-AB97A5AFAD39}]
PDFXChange 4.0 - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-27 422496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Safety - C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-07 946304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-09 461888]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-07 60576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-09 173120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20 1301120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - PDFXChange 4.0 - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-27 422496]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-07 946304]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2015-06-01 183216]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2015-06-01 411056]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2015-06-01 453552]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-01-27 835072]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-01-07 379040]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07 508128]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-03 3944136]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2017-01-19 176440]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2017-01-17 67384]
"OneDrive"=C:\Users\Dios\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-09-15 554184]
"iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2017-01-17 110392]
"iCloudPhotos"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [2017-01-17 356664]
"ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2017-01-17 67896]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2017-01-16 1407912]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2014-08-09 322352]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-02-08 9363672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DTRun]
c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPPowerAssistant]
C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-01-27 13880]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPQuickWebProxy]
c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2015-10-05 169528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2015-08-06 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-03-31 597016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2011-01-27 835072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Quick View]
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [2014-06-02 5563760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Dios^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Kooperativa - PDF Server.lnk]
C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2017-01-13 67384]
"DriveUtilitiesHelper"=C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2015-05-20 1890664]
"NetLockMngr"=C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe [2012-09-30 3076512]
"NUSB3MON"=c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]
"Tmobile_Czech Estoril ModemListener"=C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe [2014-12-11 159016]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"StatusAlerts"=C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [2014-08-19 330176]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-10-31 2072928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2015-06-01 451584]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDrives"=0
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0
"NofolderOptions"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-03-02 10:22:11 ----AD---- C:\Program Files\CCleaner
2017-02-28 11:09:38 ----D---- C:\Program Files\NortonInstaller
2017-02-07 12:29:29 ----D---- C:\ProgramData\Wondershare
2017-02-07 12:28:59 ----D---- C:\Users\Dios\AppData\Roaming\HMYGSetting
======List of files/folders modified in the last 1 month======
2017-03-02 11:54:17 ----D---- C:\Program Files\trend micro
2017-03-02 11:54:15 ----D---- C:\WINDOWS\Temp
2017-03-02 11:54:10 ----D---- C:\Users\Dios\AppData\Roaming\uTorrent
2017-03-02 11:54:06 ----D---- C:\WINDOWS\Prefetch
2017-03-02 11:39:01 ----D---- C:\WINDOWS\system32\SleepStudy
2017-03-02 11:17:02 ----D---- C:\WINDOWS\system32\sru
2017-03-02 11:10:41 ----D---- C:\WINDOWS\system32\config
2017-03-02 11:07:56 ----D---- C:\WINDOWS\debug
2017-03-02 11:01:43 ----RD---- C:\WINDOWS\Microsoft.NET
2017-03-02 11:00:14 ----D---- C:\WINDOWS\SoftwareDistribution
2017-03-02 11:00:10 ----D---- C:\Windows
2017-03-02 10:46:16 ----AD---- C:\KROSplusData
2017-03-02 10:29:57 ----D---- C:\WINDOWS\INF
2017-03-02 10:29:55 ----D---- C:\WINDOWS\LiveKernelReports
2017-03-02 10:29:54 ----D---- C:\WINDOWS\Minidump
2017-03-02 10:22:21 ----D---- C:\WINDOWS\system32\Tasks
2017-03-02 10:22:11 ----RD---- C:\Program Files
2017-03-02 07:24:39 ----RD---- C:\Program Files (x86)
2017-03-02 07:19:02 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2017-03-02 07:18:30 ----SHD---- C:\System Volume Information
2017-03-02 07:08:33 ----D---- C:\WINDOWS\AppReadiness
2017-03-02 07:08:27 ----HD---- C:\Program Files\WindowsApps
2017-03-01 22:41:06 ----D---- C:\Users\Dios\AppData\Roaming\vlc
2017-03-01 14:46:59 ----D---- C:\WINDOWS\system32\Macromed
2017-03-01 14:46:44 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-03-01 08:11:50 ----AD---- C:\Program Files (x86)\uTorrent
2017-02-28 13:11:33 ----D---- C:\WINDOWS\Tasks
2017-02-28 08:52:04 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-02-28 07:57:07 ----D---- C:\WINDOWS\System32
2017-02-27 18:26:18 ----D---- C:\WINDOWS\system32\catroot2
2017-02-27 10:12:40 ----D---- C:\WINDOWS\WinSxS
2017-02-26 18:03:42 ----D---- C:\Program Files\Common Files\AV
2017-02-26 17:01:35 ----D---- C:\WINDOWS\system32\CatRoot
2017-02-26 17:01:34 ----D---- C:\WINDOWS\system32\DriverStore
2017-02-26 16:55:21 ----D---- C:\WINDOWS\system32\drivers
2017-02-26 13:07:50 ----D---- C:\WINDOWS\system32\drivers\NISx64
2017-02-24 09:25:03 ----D---- C:\Stavitel
2017-02-24 09:04:31 ----D---- C:\WINDOWS\system32\NDF
2017-02-23 11:10:14 ----D---- C:\WINDOWS\CbsTemp
2017-02-23 11:10:13 ----D---- C:\WINDOWS\SysWOW64
2017-02-23 11:09:51 ----D---- C:\WINDOWS\system32\MRT
2017-02-23 10:56:46 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-02-22 07:54:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-17 09:39:08 ----D---- C:\Users\Dios\AppData\Roaming\Nitro
2017-02-13 06:23:16 ----HD---- C:\WINDOWS\ELAMBKUP
2017-02-09 09:28:38 ----AD---- C:\Program Files (x86)\Norton Internet Security
2017-02-07 12:29:29 ----HD---- C:\ProgramData
2017-02-07 12:21:35 ----D---- C:\Program Files (x86)\Common Files
2017-02-06 20:48:07 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 BTATH_BUS;@oem124.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2015-08-27 36496]
R0 hpdskflt;@oem106.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\BASHDefs\20170228.008\BHDrvx64.sys [2016-11-07 1874136]
R1 ccSet_NIS;NIS Settings Manager; C:\WINDOWS\system32\drivers\NISx64\1609000.047\ccSetx64.sys [2017-02-07 174240]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2017-01-26 497312]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\IPSDefs\20170301.001\IDSvia64.sys [2017-02-08 1038024]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\windows\system32\drivers\LMIRfsDriver.sys [2012-11-29 72216]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R3 Accelerometer;@oem106.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 ARCVCAM;@oem48.inf,%avshws.DeviceDesc%;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\WINDOWS\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athwnx.sys [2016-07-16 4233728]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-07-13 610336]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-09-15 84992]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2017-01-26 156824]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HpqKbFiltr;@oem107.inf,%HpqKbFiltr.SvcDesc%;HpqKbFilter Driver; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [2010-12-03 25912]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-06-01 5384176]
R3 IntcDAud;@oem114.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440]
R3 JMCR;JMCR; C:\WINDOWS\System32\drivers\jmcr.sys [2012-07-31 175928]
R3 MEIx64;@oem93.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2016-01-19 202032]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2016-09-15 175616]
R3 ROCKEYNT;@oem120.inf,%Rockey.SVCDESC%;Feitian ROCKEY4 Device Service; C:\WINDOWS\system32\DRIVERS\Rockey4.sys [2013-12-04 36904]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2016-07-16 589824]
R3 SNP2UVCW10;@oem75.inf,%SERVICE_DISPLAY_NAME%;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvcW10.sys [2015-12-21 2530920]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 Afc;PPdus ASPI Shell; C:\WINDOWS\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2016-09-15 127328]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2016-07-16 157024]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2016-07-16 141152]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-11-11 967168]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-09-10 118272]
S3 dg_ssudbus;@oem40.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\windows\SysWOW64\FsUsbExDisk.SYS [2013-12-30 37344]
S3 GemCCID;GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [2015-11-04 139632]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-09-15 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2012-11-29 11552]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2016-07-16 179040]
S3 mvusbews;USB EWS Device; C:\WINDOWS\System32\Drivers\mvusbews.sys [2012-11-08 19968]
S3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\ENG64.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\EX64.SYS []
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-07-03 42696]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-01-19 2227312]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-09-22 83768]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-01-07 138400]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_5a1eb;CDPUserSvc_5a1eb; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2014-06-24 176128]
R2 hpsrv;@oem106.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2012-09-24 31040]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-12-07 31776]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-08-08 325912]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2016-09-15 26112]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\NIS.exe [2017-02-21 326160]
R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2012-12-13 230408]
R2 OneSyncSvc_5a1eb;Hostitel synchronizace_5a1eb; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2017-01-19 651576]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 PimIndexMaintenanceSvc_5a1eb;Data kontaktů_5a1eb; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-01-16 1039376]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-01 270936]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-07-16 52920]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 DraftSight API Service;DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2014-03-14 123392]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files (x86)\Firebird\bin\fbguard.exe [2007-12-12 65536]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files (x86)\Firebird\bin\fbserver.exe [2007-12-12 1531989]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-06-05 1432400]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-04-24 227904]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-08-06 203344]
S3 HP DS Service;HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [2011-10-17 13824]
S3 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
S3 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688]
S3 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-01-28 281656]
S3 hpqcxs08;hpqcxs08; C:\WINDOWS\syswow64\svchost.exe [2016-07-16 38792]
S3 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\syswow64\svchost.exe [2016-07-16 38792]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2015-04-28 1102472]
S3 HPSIService;HP SI Service; C:\WINDOWS\system32\HPSIsvc.exe [2010-04-29 127800]
S3 HPSLPSVC;HP Network Devices Support; C:\windows\system32\svchost.exe [2016-07-16 44496]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2010-11-29 210896]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_5a1eb;Služba zasílání zpráv_5a1eb; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-01-29 172488]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 nlsX86cc;Nalpeiron Licensing Service; C:\windows\SysWOW64\NLSSRV32.EXE [2013-03-25 70152]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
S3 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2016-09-15 2889896]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2016-09-15 1312768]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S4 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
S4 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2016-01-28 693440]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2016-12-14 822624]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-09 116648]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-09 116648]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
-----------------EOF-----------------
prosím o kontrolu logu RSIT na NTB. Poslední dobou sleduji, že mám pomalou odezvu na "pravou myš", Mozilla nabíhá hodně pomalu a spouštění některých aplikací také trvá dlouho, nebo práce s nimi (např. Excel) trvá.
Děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by Dios at 2017-03-02 11:53:55
Microsoft Windows 10 Pro
System drive C: has 19 GB (3%) free of 588 GB
Total RAM: 4030 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:54:21, on 2.3.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files (x86)\KROSplus\KROSplus.exe
C:\Program Files\trend micro\Dios.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tipmatchbets.com/?cz&page=di ... egory=chat
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: PXCIEaddin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll
O2 - BHO: Norton Identity Safety - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: PDFXChange 4.0 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [DriveUtilitiesHelper] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
O4 - HKLM\..\Run: [NetLockMngr] C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Tmobile_Czech Estoril ModemListener] C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [StatusAlerts] "C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Dios\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{010225A0-1DFD-CB3D-7CBF-F81DEAD6A5B5}: NameServer = 62.141.0.1 213.162.65.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{010225A2-1DFD-CB3D-7CBF-F81DEAD6A5B5}: NameServer = 93.153.117.1 93.153.117.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{44da3733-12ea-4092-ab15-cb3b918a7993}: NameServer = 192.168.100.1,8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{010225A0-1DFD-CB3D-7CBF-F81DEAD6A5B5}: NameServer = 62.141.0.1 213.162.65.1
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: DraftSight API Service - Dassault Systemes - C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Firebird\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Firebird\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\WINDOWS\system32\HPSIsvc.exe (file missing)
O23 - Service: @oem106.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\NIS.exe
O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\windows\SysWOW64\NLSSRV32.EXE
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SWLock Server (SWLckServer) - Unknown owner - C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Tmobile_Czech Estoril Modem Device Helper - Unknown owner - C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: CryptoPlus XME Engine Service (xmengine service) - Monet+, a.s. - C:\windows\SysWOW64\xmesrv.exe
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe
--
End of file - 18987 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\Hpservice.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe"
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe" -start
C:\windows\system32\vcsFPService.exe
"C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
dashost.exe {9d819a4b-b7e6-47f1-b01c68fb8da75e39}
"C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\NIS.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\diMaster.dll" /prefetch:1
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
"C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\NIS.exe" /c /a /s UserSession2
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"C:\Program Files (x86)\uTorrent\uTorrent.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe"
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE"
"C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE" /n /dde
C:\WINDOWS\splwow64.exe 8192
"C:\Program Files (x86)\KROSplus\KROSplus.exe" LOG
C:\WINDOWS\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"fontdrvhost.exe"
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe46_ Global\UsGthrCtrlFltPipeMssGthrPipe46 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x478
"C:\Users\Dios\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 640 644 652 8192 648
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK
C:\WINDOWS\tasks\HPCeeScheduleForDios.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForDios (null)
C:\WINDOWS\tasks\TrackerAutoUpdate.job - C:\Program Files\Tracker Software\Update\TrackerUpdate.exe -CheckUpdate
=========Mozilla firefox=========
ProfilePath - C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
"{C1A2A613-35F1-4FCF-B27F-2840527B6556}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.0.50\coFFAddon\
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.221 Plugin
"Path"=C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nitropdf.com/NitroPDF]
"Description"=NitroPDF Web Browser Plugin
"Path"=C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@parallelgraphics.com/Cortona]
"Description"=Cortona VRML Plugin
"Path"=C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5]
"Description"=A component of your photo software powered by RocketLife
"Path"=C:\Users\Dios\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.221 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.92.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.92.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFFICE.DLL
npPDFXCviewNPPlugin.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\extensions\
firefoxdav@icloud.com
C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\searchplugins\
firmycz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Safety - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20 1301120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-06-09 570944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-06-09 234048]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42DFA04F-0F16-418e-B80C-AB97A5AFAD39}]
PDFXChange 4.0 - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-27 422496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Safety - C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-07 946304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-09 461888]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-07 60576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-09 173120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20 1301120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - PDFXChange 4.0 - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-27 422496]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-07 946304]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2015-06-01 183216]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2015-06-01 411056]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2015-06-01 453552]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-01-27 835072]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-01-07 379040]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07 508128]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-03 3944136]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2017-01-19 176440]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2017-01-17 67384]
"OneDrive"=C:\Users\Dios\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-09-15 554184]
"iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2017-01-17 110392]
"iCloudPhotos"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [2017-01-17 356664]
"ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2017-01-17 67896]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2017-01-16 1407912]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2014-08-09 322352]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-02-08 9363672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DTRun]
c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPPowerAssistant]
C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-01-27 13880]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPQuickWebProxy]
c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2015-10-05 169528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2015-08-06 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-03-31 597016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2011-01-27 835072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Quick View]
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [2014-06-02 5563760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Dios^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Kooperativa - PDF Server.lnk]
C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2017-01-13 67384]
"DriveUtilitiesHelper"=C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2015-05-20 1890664]
"NetLockMngr"=C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe [2012-09-30 3076512]
"NUSB3MON"=c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]
"Tmobile_Czech Estoril ModemListener"=C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe [2014-12-11 159016]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"StatusAlerts"=C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [2014-08-19 330176]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-10-31 2072928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2015-06-01 451584]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDrives"=0
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0
"NofolderOptions"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-03-02 10:22:11 ----AD---- C:\Program Files\CCleaner
2017-02-28 11:09:38 ----D---- C:\Program Files\NortonInstaller
2017-02-07 12:29:29 ----D---- C:\ProgramData\Wondershare
2017-02-07 12:28:59 ----D---- C:\Users\Dios\AppData\Roaming\HMYGSetting
======List of files/folders modified in the last 1 month======
2017-03-02 11:54:17 ----D---- C:\Program Files\trend micro
2017-03-02 11:54:15 ----D---- C:\WINDOWS\Temp
2017-03-02 11:54:10 ----D---- C:\Users\Dios\AppData\Roaming\uTorrent
2017-03-02 11:54:06 ----D---- C:\WINDOWS\Prefetch
2017-03-02 11:39:01 ----D---- C:\WINDOWS\system32\SleepStudy
2017-03-02 11:17:02 ----D---- C:\WINDOWS\system32\sru
2017-03-02 11:10:41 ----D---- C:\WINDOWS\system32\config
2017-03-02 11:07:56 ----D---- C:\WINDOWS\debug
2017-03-02 11:01:43 ----RD---- C:\WINDOWS\Microsoft.NET
2017-03-02 11:00:14 ----D---- C:\WINDOWS\SoftwareDistribution
2017-03-02 11:00:10 ----D---- C:\Windows
2017-03-02 10:46:16 ----AD---- C:\KROSplusData
2017-03-02 10:29:57 ----D---- C:\WINDOWS\INF
2017-03-02 10:29:55 ----D---- C:\WINDOWS\LiveKernelReports
2017-03-02 10:29:54 ----D---- C:\WINDOWS\Minidump
2017-03-02 10:22:21 ----D---- C:\WINDOWS\system32\Tasks
2017-03-02 10:22:11 ----RD---- C:\Program Files
2017-03-02 07:24:39 ----RD---- C:\Program Files (x86)
2017-03-02 07:19:02 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2017-03-02 07:18:30 ----SHD---- C:\System Volume Information
2017-03-02 07:08:33 ----D---- C:\WINDOWS\AppReadiness
2017-03-02 07:08:27 ----HD---- C:\Program Files\WindowsApps
2017-03-01 22:41:06 ----D---- C:\Users\Dios\AppData\Roaming\vlc
2017-03-01 14:46:59 ----D---- C:\WINDOWS\system32\Macromed
2017-03-01 14:46:44 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-03-01 08:11:50 ----AD---- C:\Program Files (x86)\uTorrent
2017-02-28 13:11:33 ----D---- C:\WINDOWS\Tasks
2017-02-28 08:52:04 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-02-28 07:57:07 ----D---- C:\WINDOWS\System32
2017-02-27 18:26:18 ----D---- C:\WINDOWS\system32\catroot2
2017-02-27 10:12:40 ----D---- C:\WINDOWS\WinSxS
2017-02-26 18:03:42 ----D---- C:\Program Files\Common Files\AV
2017-02-26 17:01:35 ----D---- C:\WINDOWS\system32\CatRoot
2017-02-26 17:01:34 ----D---- C:\WINDOWS\system32\DriverStore
2017-02-26 16:55:21 ----D---- C:\WINDOWS\system32\drivers
2017-02-26 13:07:50 ----D---- C:\WINDOWS\system32\drivers\NISx64
2017-02-24 09:25:03 ----D---- C:\Stavitel
2017-02-24 09:04:31 ----D---- C:\WINDOWS\system32\NDF
2017-02-23 11:10:14 ----D---- C:\WINDOWS\CbsTemp
2017-02-23 11:10:13 ----D---- C:\WINDOWS\SysWOW64
2017-02-23 11:09:51 ----D---- C:\WINDOWS\system32\MRT
2017-02-23 10:56:46 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-02-22 07:54:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-17 09:39:08 ----D---- C:\Users\Dios\AppData\Roaming\Nitro
2017-02-13 06:23:16 ----HD---- C:\WINDOWS\ELAMBKUP
2017-02-09 09:28:38 ----AD---- C:\Program Files (x86)\Norton Internet Security
2017-02-07 12:29:29 ----HD---- C:\ProgramData
2017-02-07 12:21:35 ----D---- C:\Program Files (x86)\Common Files
2017-02-06 20:48:07 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 BTATH_BUS;@oem124.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2015-08-27 36496]
R0 hpdskflt;@oem106.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\BASHDefs\20170228.008\BHDrvx64.sys [2016-11-07 1874136]
R1 ccSet_NIS;NIS Settings Manager; C:\WINDOWS\system32\drivers\NISx64\1609000.047\ccSetx64.sys [2017-02-07 174240]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2017-01-26 497312]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\IPSDefs\20170301.001\IDSvia64.sys [2017-02-08 1038024]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\windows\system32\drivers\LMIRfsDriver.sys [2012-11-29 72216]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R3 Accelerometer;@oem106.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 ARCVCAM;@oem48.inf,%avshws.DeviceDesc%;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\WINDOWS\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athwnx.sys [2016-07-16 4233728]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-07-13 610336]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-09-15 84992]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2017-01-26 156824]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HpqKbFiltr;@oem107.inf,%HpqKbFiltr.SvcDesc%;HpqKbFilter Driver; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [2010-12-03 25912]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-06-01 5384176]
R3 IntcDAud;@oem114.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440]
R3 JMCR;JMCR; C:\WINDOWS\System32\drivers\jmcr.sys [2012-07-31 175928]
R3 MEIx64;@oem93.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2016-01-19 202032]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2016-09-15 175616]
R3 ROCKEYNT;@oem120.inf,%Rockey.SVCDESC%;Feitian ROCKEY4 Device Service; C:\WINDOWS\system32\DRIVERS\Rockey4.sys [2013-12-04 36904]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2016-07-16 589824]
R3 SNP2UVCW10;@oem75.inf,%SERVICE_DISPLAY_NAME%;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvcW10.sys [2015-12-21 2530920]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 Afc;PPdus ASPI Shell; C:\WINDOWS\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2016-09-15 127328]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2016-07-16 157024]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2016-07-16 141152]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-11-11 967168]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-09-10 118272]
S3 dg_ssudbus;@oem40.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\windows\SysWOW64\FsUsbExDisk.SYS [2013-12-30 37344]
S3 GemCCID;GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [2015-11-04 139632]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-09-15 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2012-11-29 11552]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2016-07-16 179040]
S3 mvusbews;USB EWS Device; C:\WINDOWS\System32\Drivers\mvusbews.sys [2012-11-08 19968]
S3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\ENG64.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\EX64.SYS []
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-07-03 42696]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-01-19 2227312]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-09-22 83768]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-01-07 138400]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_5a1eb;CDPUserSvc_5a1eb; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2014-06-24 176128]
R2 hpsrv;@oem106.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2012-09-24 31040]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-12-07 31776]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-08-08 325912]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2016-09-15 26112]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\NIS.exe [2017-02-21 326160]
R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2012-12-13 230408]
R2 OneSyncSvc_5a1eb;Hostitel synchronizace_5a1eb; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2017-01-19 651576]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 PimIndexMaintenanceSvc_5a1eb;Data kontaktů_5a1eb; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-01-16 1039376]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-01 270936]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-07-16 52920]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 DraftSight API Service;DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2014-03-14 123392]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files (x86)\Firebird\bin\fbguard.exe [2007-12-12 65536]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files (x86)\Firebird\bin\fbserver.exe [2007-12-12 1531989]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-06-05 1432400]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-04-24 227904]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-08-06 203344]
S3 HP DS Service;HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [2011-10-17 13824]
S3 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
S3 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688]
S3 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-01-28 281656]
S3 hpqcxs08;hpqcxs08; C:\WINDOWS\syswow64\svchost.exe [2016-07-16 38792]
S3 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\syswow64\svchost.exe [2016-07-16 38792]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2015-04-28 1102472]
S3 HPSIService;HP SI Service; C:\WINDOWS\system32\HPSIsvc.exe [2010-04-29 127800]
S3 HPSLPSVC;HP Network Devices Support; C:\windows\system32\svchost.exe [2016-07-16 44496]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2010-11-29 210896]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_5a1eb;Služba zasílání zpráv_5a1eb; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-01-29 172488]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 nlsX86cc;Nalpeiron Licensing Service; C:\windows\SysWOW64\NLSSRV32.EXE [2013-03-25 70152]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
S3 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2016-09-15 2889896]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2016-09-15 1312768]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S4 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
S4 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2016-01-28 693440]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2016-12-14 822624]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-09 116648]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-09 116648]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
-----------------EOF-----------------
Re: Prosím o kontrolu logu
Ahoj.
-poprosim te pomoci tohoto navodu sem vlozit log (FRST.txt i Addition.txt) z FRST:
http://forum.viry.cz/viewtopic.php?f=30&t=133101
-poprosim te pomoci tohoto navodu sem vlozit log (FRST.txt i Addition.txt) z FRST:
http://forum.viry.cz/viewtopic.php?f=30&t=133101
Re: Prosím o kontrolu logu
Ahoj,
ten Launcher mi nejde stáhnout. Ihned do odebere NORTON. Bude stačit pouze FRST?
ten Launcher mi nejde stáhnout. Ihned do odebere NORTON. Bude stačit pouze FRST?
Re: Prosím o kontrolu logu
Tak NORTON byl vypnut, akorát něco hlásilo, že problém se škodlivým souborem vyřešil Windows.....tak snad jsou logy jak mají být....
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-03-2017
Ran by Dios (administrator) on SPIKL (02-03-2017 12:48:57)
Running from C:\Users\Dios\Desktop
Loaded Profiles: Dios (Available Profiles: Dios & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe
() C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\nis.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\nis.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
() C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(KROS a.s.) C:\Program Files (x86)\KROSplus\KROSplus.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\conathst.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-27] (IDT, Inc.)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-07] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2017-01-13] (Apple Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2015-05-20] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [NetLockMngr] => C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe [3076512 2012-09-30] ()
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Tmobile_Czech Estoril ModemListener] => C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe [159016 2014-12-11] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330176 2014-08-19] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [322352 2014-08-09] (BitTorrent, Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
GroupPolicyScripts: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{010225A0-1DFD-CB3D-7CBF-F81DEAD6A5B5}: [NameServer] 62.141.0.1 213.162.65.1
Tcpip\..\Interfaces\{010225A2-1DFD-CB3D-7CBF-F81DEAD6A5B5}: [NameServer] 93.153.117.1 93.153.117.33
Tcpip\..\Interfaces\{20adc871-8488-4412-9121-2b7c6725d838}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{278401da-e960-4b4c-bcbc-f939ebbd7fd9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3b5a714d-352b-4aad-8581-cff6782c3e01}: [DhcpNameServer] 192.168.9.1 192.168.9.1
Tcpip\..\Interfaces\{44da3733-12ea-4092-ab15-cb3b918a7993}: [NameServer] 192.168.100.1,8.8.8.8
Tcpip\..\Interfaces\{c202a2a1-8152-4b98-9159-127249dde237}: [DhcpNameServer] 10.0.28.1
Tcpip\..\Interfaces\{d4f80e1b-eb6c-4a5f-a082-7407669bd57a}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.tipmatchbets.com/?cz&page=discussion&category=chat
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-06-09] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-06-09] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: PDFXChange 4.0 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} -> C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-27] (Tracker Software Products Ltd.)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-07] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-09] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-07] (Atheros Commnucations)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-09] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
Toolbar: HKLM-x32 - PDFXChange 4.0 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-27] (Tracker Software Products Ltd.)
Toolbar: HKLM-x32 - No Name - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-07] (Symantec Corporation)
FireFox:
========
FF DefaultProfile: h0iijypa.default-1414995702743
FF ProfilePath: C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743 [2017-03-02]
FF Homepage: Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743 -> hxxps://www.seznam.cz/
FF Extension: (iCloud Bookmarks) - C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\Extensions\firefoxdav@icloud.com [2016-10-20]
FF Extension: (QuickJava) - C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2016-10-10]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\features\{cd0caea9-2276-44ea-898c-309436cd274a}\disableSHA1rollout@mozilla.org.xpi [2017-02-25]
FF SearchPlugin: C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\searchplugins\firmycz.xml [2015-06-16]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.0.50\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.0.50\coFFAddon [2017-02-09]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.0.50\coFFAddon
FF HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-26] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-03-01] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-06-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-06-09] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-03-01] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-09] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2012-12-13] (Nitro PDF)
FF Plugin-x32: @parallelgraphics.com/Cortona -> C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll [2011-11-28] (ParallelGraphics)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Dios\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-04] (RocketLife, LLP)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2014-08-06] ()
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
FF Plugin HKU\S-1-5-21-2675517426-136286855-1641891982-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2675517426-136286855-1641891982-1001: @servis24.cz/PKIComponent -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [2016-12-01] (Česká spořitelna, a.s.)
FF Plugin HKU\S-1-5-21-2675517426-136286855-1641891982-1001: @servis24.cz/PKIComponent-x64 -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll [2014-10-01] (Česká spořitelna, a.s.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-09-17] (Apple Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default [2017-03-02]
CHR Extension: (Prezentace Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-13]
CHR Extension: (Dokumenty Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-13]
CHR Extension: (Disk Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-13]
CHR Extension: (YouTube) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-05]
CHR Extension: (Tabulky Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-13]
CHR Extension: (Norton Identity Safe) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-01-05]
CHR Extension: (Norton Security Toolbar) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-04-10]
CHR Extension: (Peněženka Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-05]
CHR Extension: (Gmail) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-05]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\Exts\Chrome.crx [2017-02-25]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\Exts\Chrome.crx [2017-02-25]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [693440 2016-01-28] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-07] (Atheros) [File not signed]
S3 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123392 2014-03-14] (Dassault Systèmes) [File not signed]
S3 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\bin\fbguard.exe [65536 2007-12-12] (The Firebird Project) [File not signed]
S3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\bin\fbserver.exe [1531989 2007-12-12] (The Firebird Project) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1039376 2017-01-16] (Garmin Ltd. or its subsidiaries)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [File not signed]
S3 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
S3 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-28] (Hewlett-Packard Company)
S3 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\NIS.exe [326160 2017-02-21] (Symantec Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software)
S3 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 SWLckServer; C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe [1469856 2012-09-30] () [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-03] (Synaptics Incorporated)
R2 Tmobile_Czech Estoril Modem Device Helper; C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe [76584 2014-12-11] ()
S3 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-05-20] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 xmengine service; C:\windows\SysWOW64\xmesrv.exe [34696 2009-10-09] (Monet+, a.s.)
S3 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ARCVCAM; C:\WINDOWS\system32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\BASHDefs\20170228.008\BHDrvx64.sys [1874136 2016-11-07] (Symantec Corporation)
R1 ccSet_NIS; C:\WINDOWS\system32\drivers\NISx64\1609000.047\ccSetx64.sys [174240 2017-02-07] (Symantec Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497312 2017-01-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-01-26] (Symantec Corporation)
S3 FsUsbExDisk; C:\windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-12-30] () [File not signed]
S3 GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [139632 2015-11-04] (Gemalto)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\IPSDefs\20170301.001\IDSvia64.sys [1038024 2017-02-08] (Symantec Corporation)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Marvell Semiconductor, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 ROCKEYNT; C:\WINDOWS\system32\DRIVERS\Rockey4.sys [36904 2013-12-04] (Feitian Technologies Co., Ltd.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-03] (Synaptics Incorporated)
U5 SNP2UVC; C:\Windows\System32\Drivers\SNP2UVC.sys [2668424 2015-12-10] ()
R3 SNP2UVCW10; C:\WINDOWS\system32\DRIVERS\snp2uvcW10.sys [2530920 2015-12-21] (Sonix Tech. Co., Ltd.)
R3 SRTSP; C:\WINDOWS\System32\Drivers\NISx64\1609000.047\SRTSP64.SYS [760992 2017-02-07] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NISx64\1609000.047\SRTSPX64.SYS [49312 2017-02-07] (Symantec Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NISx64\1609000.047\SYMEFASI64.SYS [1716896 2017-02-07] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NISx64\1609000.047\SymELAM.sys [24616 2017-02-07] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102608 2017-02-09] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NISx64\1609000.047\Ironx64.SYS [291480 2017-02-07] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\NISx64\1609000.047\SYMNETS.SYS [567512 2017-02-07] (Symantec Corporation)
S3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [36736 2013-02-08] (The OpenVPN Project) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\EX64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-02 12:48 - 2017-03-02 12:53 - 00031725 _____ C:\Users\Dios\Desktop\FRST.txt
2017-03-02 12:45 - 2017-03-02 12:45 - 00029696 _____ C:\Users\Dios\AppData\Local\MSGBOX.EXE
2017-03-02 12:45 - 2017-03-02 12:45 - 00015327 _____ C:\Users\Dios\Desktop\LM.bat
2017-03-02 12:25 - 2017-03-02 12:25 - 00396895 _____ C:\Users\Dios\Downloads\ZD_, KV.pdf
2017-03-02 12:13 - 2017-03-02 12:48 - 02423808 _____ (Farbar) C:\Users\Dios\Desktop\FRST64.exe
2017-03-02 11:44 - 2017-03-02 11:44 - 00004988 _____ C:\Users\Dios\Documents\cc_20170302_114428.reg
2017-03-02 11:40 - 2017-03-02 11:40 - 00007818 _____ C:\Users\Dios\Documents\cc_20170302_114032.reg
2017-03-02 10:55 - 2017-03-02 10:55 - 00050618 _____ C:\Users\Dios\Documents\cc_20170302_105551.reg
2017-03-02 10:22 - 2017-03-02 10:23 - 00000000 ____D C:\Program Files\CCleaner
2017-03-02 10:22 - 2017-03-02 10:22 - 00002848 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-03-02 10:22 - 2017-03-02 10:22 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-03-02 10:22 - 2017-03-02 10:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-03-02 10:17 - 2017-03-02 10:17 - 00000000 ____D C:\Users\Dios\Downloads\CCleaner Professional & Business Edition v5.27.5976 (2017)(CZ,SK)
2017-03-02 07:03 - 2017-03-02 07:03 - 00001607 _____ C:\Users\Dios\Desktop\Platby_MPxVC_2017.lnk
2017-02-28 14:56 - 2017-02-28 14:56 - 00022920 _____ C:\Users\Dios\Downloads\cee-19981008_Novy_Matej.pdf
2017-02-28 14:49 - 2017-02-28 14:49 - 00000244 _____ C:\Users\Dios\Desktop\Práce ve výškách - SingingRock Outlet.URL
2017-02-28 14:17 - 2017-02-28 14:17 - 00114517 _____ C:\Users\Dios\Downloads\5556_1.pdf
2017-02-28 11:09 - 2017-02-28 11:09 - 00000000 ____D C:\Program Files\NortonInstaller
2017-02-28 10:43 - 2017-02-28 10:43 - 00072374 _____ C:\Users\Dios\Downloads\IrwPrintShoppingList.pdf
2017-02-27 12:45 - 2017-02-27 12:45 - 00153229 _____ C:\Users\Dios\Downloads\SC_CC_15x15_FY17_cz.pdf
2017-02-27 07:08 - 2017-02-27 07:20 - 00000000 ____D C:\Users\Dios\Downloads\Nocturnal.Animals.2016.BRRip.XviD.AC3.CZ-PiRaTE
2017-02-26 13:07 - 2017-02-26 13:07 - 00003404 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-02-25 20:39 - 2017-02-27 06:41 - 2971028847 _____ C:\Users\Dios\Downloads\Fantastická zvířata a kde je najít.mkv
2017-02-23 10:54 - 2017-02-23 10:54 - 00201881 _____ C:\Users\Dios\Downloads\98432-1468912.pdf
2017-02-23 10:53 - 2017-02-23 10:53 - 01569675 _____ C:\Users\Dios\Downloads\98431-1529786_zadávací dokumentace.pdf
2017-02-23 10:53 - 2017-02-23 10:53 - 01569575 _____ C:\Users\Dios\Downloads\98431-1529786.pdf
2017-02-23 10:46 - 2017-02-23 10:46 - 02234269 _____ C:\Users\Dios\Downloads\97802-6936461.pdf
2017-02-23 10:43 - 2017-02-23 10:43 - 02197263 _____ C:\Users\Dios\Downloads\97801-5119059.pdf
2017-02-23 10:42 - 2017-02-23 10:42 - 02162545 _____ C:\Users\Dios\Downloads\97799-2870263.pdf
2017-02-23 10:41 - 2017-02-23 10:41 - 00184852 _____ C:\Users\Dios\Downloads\97797-8421441(1).pdf
2017-02-23 10:17 - 2017-02-23 10:17 - 00162192 _____ C:\Users\Dios\Downloads\97798-6613698.pdf
2017-02-23 08:42 - 2017-02-23 08:42 - 00189715 _____ C:\Users\Dios\Downloads\97797-8421441_Zápis o předání a převzetí staveniště.pdf
2017-02-23 08:42 - 2017-02-23 08:42 - 00184852 _____ C:\Users\Dios\Downloads\97797-8421441.pdf
2017-02-23 08:38 - 2017-02-23 08:38 - 06017067 _____ C:\Users\Dios\Downloads\97794-7355759.pdf
2017-02-23 08:37 - 2017-02-23 08:37 - 00018514 _____ C:\Users\Dios\Downloads\98428-2287615.pdf
2017-02-23 08:31 - 2017-02-23 08:34 - 00031232 _____ C:\Users\Dios\Desktop\2. Rozpočet ukazatele.xls
2017-02-21 09:56 - 2017-02-21 09:57 - 00214438 _____ C:\Users\Dios\Downloads\IF_5546_3.pdf
2017-02-21 07:15 - 2017-02-21 07:49 - 1369619519 _____ C:\Users\Dios\Downloads\The.Girl.On.The.Train.2016.WEB-DL.AVC.CZ-AsiToBudePiRaTE.mp4
2017-02-18 12:45 - 2017-02-18 13:11 - 1127147918 _____ C:\Users\Dios\Downloads\Prazdniny v Provence (2016).avi
2017-02-17 13:05 - 2017-02-17 13:05 - 00000303 _____ C:\Users\Dios\Desktop\PTservis.txt
2017-02-17 12:35 - 2017-02-20 10:28 - 00042464 _____ C:\Users\Dios\Desktop\V.O. Opavská_porovnání.xlsx
2017-02-17 12:09 - 2017-02-17 12:09 - 00567465 _____ C:\Users\Dios\Downloads\dodatecna_informace_c2-rybnik_lhota.pdf
2017-02-17 10:12 - 2017-02-17 10:12 - 00099681 _____ C:\Users\Dios\Downloads\dokument(8).pdf
2017-02-17 08:27 - 2017-02-17 08:43 - 1743691776 _____ C:\Users\Dios\Downloads\Bezva ženská na krku (2016) (CZ).avi
2017-02-15 12:52 - 2017-02-15 13:12 - 00026080 _____ C:\Users\Dios\Desktop\Kompostové hospodářství_sledování fakturace.xlsx
2017-02-15 07:47 - 2017-02-15 07:54 - 00000000 ____D C:\Users\Dios\Downloads\Deepwater.Horizon.2016.BRRip.XViD.AC3.CZ-S1LV3R
2017-02-14 11:43 - 2017-02-14 11:43 - 04897565 _____ C:\Users\Dios\Downloads\P r i k a z_s m l o u v a_T D S+a d m_f i n a l_2.pdf
2017-02-14 09:46 - 2017-02-14 09:46 - 00104675 _____ C:\Users\Dios\Downloads\příkazní na výkon TDS-zverej.pdf
2017-02-13 18:18 - 2017-02-13 19:38 - 1549791232 _____ C:\Users\Dios\Downloads\Zúčtování.avi
2017-02-13 14:33 - 2017-02-13 14:33 - 00818926 _____ C:\Users\Dios\Downloads\Ceník_Olomouc_2017.pdf
2017-02-13 14:32 - 2017-02-13 14:32 - 00123708 _____ C:\Users\Dios\Downloads\WWWCENIKSTEPANOV2015.pdf
2017-02-13 14:29 - 2017-02-13 14:29 - 00832521 _____ C:\Users\Dios\Downloads\Cenik_2016.pdf
2017-02-13 13:41 - 2017-02-13 13:41 - 00704994 _____ C:\Users\Dios\Downloads\00_Vyzva_rybnik_Lhota(1).pdf
2017-02-13 13:38 - 2017-02-13 13:38 - 00527670 _____ C:\Users\Dios\Downloads\egadup6mgutm7rctjiq3p5rpp0_1483009720_Oznámení o vyloučení uchazeče z výběrového řízení.pdf
2017-02-13 12:47 - 2017-02-13 12:47 - 00443149 _____ C:\Users\Dios\Downloads\splatky_bez_navyseni_pravidla(1).pdf
2017-02-12 20:26 - 2017-02-12 21:33 - 00000000 ____D C:\Users\Dios\Downloads\Povinnost a čest Act of Valor (2012)
2017-02-12 20:19 - 2017-02-12 21:48 - 766113532 _____ C:\Users\Dios\Downloads\Trollové.avi
2017-02-11 14:36 - 2017-02-11 16:16 - 1278392984 _____ C:\Users\Dios\Downloads\Musim te svest cz xvid-calibrum2.avi
2017-02-11 10:39 - 2017-02-15 13:35 - 00011465 _____ C:\Users\Dios\Desktop\Dovolená.xlsx
2017-02-11 10:27 - 2017-02-11 11:59 - 1932204032 _____ C:\Users\Dios\Downloads\Kobry a užovky.avi
2017-02-09 16:09 - 2017-02-09 17:12 - 1014570955 _____ C:\Users\Dios\Downloads\Avatar.avi
2017-02-09 14:21 - 2017-02-09 14:21 - 06111589 _____ C:\Users\Dios\Downloads\Úprava prostranství před Priorem.pdf
2017-02-09 13:16 - 2017-02-09 13:16 - 00443149 _____ C:\Users\Dios\Downloads\splatky_bez_navyseni_pravidla.pdf
2017-02-09 10:04 - 2017-02-09 10:08 - 00000000 ____D C:\Users\Dios\Downloads\Storks.2016.BRRip.XviD.AC3.CZ.SK-PiRaTE
2017-02-09 09:34 - 2017-03-02 07:42 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2017-02-09 09:19 - 2017-02-09 09:19 - 00666620 _____ C:\Users\Dios\Downloads\00_Vyzva_-_demolice_M5-L11-oprava.pdf
2017-02-09 09:04 - 2017-02-09 09:40 - 00000000 ____D C:\Users\Dios\Desktop\Hygienické zařízení-apresski
2017-02-08 14:38 - 2017-02-08 15:21 - 736397312 _____ C:\Users\Dios\Downloads\jpa.avi
2017-02-07 12:53 - 2017-02-07 13:13 - 00327680 _____ C:\Users\Dios\Desktop\UPOL_Výkaz výměr_rev2_2003_poptávka.xls
2017-02-07 12:32 - 2017-02-07 12:32 - 00000000 ____D C:\Users\Dios\Documents\Wondershare
2017-02-07 12:29 - 2017-02-07 12:29 - 00000000 ____D C:\ProgramData\Wondershare
2017-02-07 12:28 - 2017-02-07 12:28 - 00000000 ____D C:\Users\Dios\AppData\Roaming\HMYGSetting
2017-02-07 12:21 - 2017-02-07 12:21 - 00000000 ____D C:\Users\Dios\AppData\Local\Wondershare
2017-02-07 12:20 - 2017-03-02 07:24 - 00000000 ____D C:\Users\Dios\.android
2017-02-07 12:12 - 2017-02-07 12:25 - 00000000 ____D C:\Users\Dios\Downloads\Eye.in.the.Sky.2015.BRRip.XviD.AC3.CZ-Ex
2017-02-07 09:19 - 2017-02-07 09:19 - 00000000 ____D C:\Users\Dios\Downloads\Blood.Father.2016.BDRip.x264.CZ
2017-02-07 09:15 - 2017-02-07 09:15 - 00000000 ____D C:\Users\Dios\Downloads\Wondershare MobileTrans v7.4.6.429 Final + Serials
2017-02-07 08:31 - 2017-02-07 08:41 - 00314498 _____ C:\Users\Dios\Desktop\S.M. Olomouc - 04 Výkaz výměr_rev1 - porovnání.xlsx
2017-02-06 14:49 - 2017-02-06 14:49 - 01812343 _____ C:\Users\Dios\Downloads\3963_3483_239_2016_mikulicova.pdf
2017-02-06 14:47 - 2017-02-06 14:47 - 00213446 _____ C:\Users\Dios\Downloads\3997_oceneni_bytu.pdf
2017-02-06 12:41 - 2017-02-06 12:41 - 00105359 _____ C:\Users\Dios\Downloads\dokument(7).pdf
2017-02-06 09:46 - 2017-02-06 09:46 - 00019524 _____ C:\Users\Dios\Downloads\cee-19891002_Vcelik_Tomas.pdf
2017-02-06 09:13 - 2017-02-06 09:13 - 00496908 _____ C:\Users\Dios\Downloads\PGY-cenik-2016.pdf
2017-02-06 09:04 - 2017-02-06 09:05 - 00176915 _____ C:\Users\Dios\Downloads\Ceník-2016-platnost-od-1.4.2016.pdf
2017-02-06 08:32 - 2017-02-06 08:45 - 1506766848 _____ C:\Users\Dios\Downloads\Jesse Stone Ztracen v Paradise.avi
2017-02-04 19:00 - 2017-02-04 21:41 - 976465920 _____ C:\Users\Dios\Downloads\Máma mezi Marťany.avi
2017-02-03 16:06 - 2017-02-03 17:17 - 1499277312 _____ C:\Users\Dios\Downloads\Toy.Story.3.480p.BRRip.XviD.AC3.CZ-lukasenko79.avi
2017-02-02 08:43 - 2017-02-02 08:43 - 00704994 _____ C:\Users\Dios\Downloads\00_Vyzva_rybnik_Lhota.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-02 12:54 - 2014-05-29 20:12 - 00000000 ____D C:\Users\Dios\AppData\Roaming\uTorrent
2017-03-02 12:48 - 2015-05-21 06:39 - 00000000 ___DC C:\FRST
2017-03-02 12:34 - 2015-04-16 11:10 - 00000000 ____D C:\KROSplusData
2017-03-02 12:01 - 2014-07-23 13:21 - 00000000 ____D C:\Users\Dios\Desktop\Odvirování
2017-03-02 11:54 - 2016-11-16 06:52 - 00000000 ____D C:\Users\Dios\AppData\LocalLow\Mozilla
2017-03-02 11:54 - 2014-07-22 08:33 - 00000000 ____D C:\Program Files\trend micro
2017-03-02 11:39 - 2016-09-15 07:01 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-02 11:22 - 2016-09-15 08:00 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-03-02 10:29 - 2016-11-01 17:33 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-02 10:29 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-02 10:29 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-02 10:29 - 2011-12-01 10:57 - 00000000 ____D C:\Users\Dios\AppData\Local\CrashDumps
2017-03-02 07:16 - 2016-01-04 07:30 - 00000000 ___RD C:\Users\Dios\iCloudDrive
2017-03-02 07:14 - 2017-01-18 13:52 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-03-02 07:14 - 2016-12-20 10:48 - 00000340 _____ C:\WINDOWS\Tasks\HPCeeScheduleForDios.job
2017-03-02 07:14 - 2016-09-15 08:00 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-02 07:13 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-03-02 07:08 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-02 07:08 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-02 06:55 - 2012-01-05 19:01 - 00000000 ____D C:\Users\Dios\AppData\Local\Adobe
2017-03-01 22:41 - 2012-02-11 08:08 - 00000000 ____D C:\Users\Dios\AppData\Roaming\vlc
2017-03-01 14:47 - 2017-01-18 13:52 - 00003900 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-03-01 14:46 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-03-01 14:46 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-03-01 08:11 - 2014-08-09 18:45 - 00000000 ____D C:\Program Files (x86)\uTorrent
2017-02-28 13:11 - 2016-12-20 10:48 - 00003228 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForDios
2017-02-28 12:54 - 2016-01-11 13:53 - 00054660 _____ C:\Users\Dios\Desktop\Sledování cash flow II.xlsx
2017-02-28 12:47 - 2016-04-24 11:47 - 00027991 _____ C:\Users\Dios\Desktop\byt vybavení.xlsx
2017-02-28 08:52 - 2016-12-14 08:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-27 08:59 - 2012-12-14 13:16 - 00002286 ____H C:\Users\Dios\Documents\Default.rdp
2017-02-27 07:12 - 2014-09-19 15:00 - 00001303 _____ C:\Users\Dios\Documents\RESUME.XLW
2017-02-26 18:03 - 2015-06-12 07:04 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-26 13:46 - 2015-05-03 15:11 - 00000000 ____D C:\Users\Dios\Downloads\Other
2017-02-26 13:07 - 2017-01-20 09:58 - 00002484 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2017-02-26 13:07 - 2017-01-20 09:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2017-02-26 13:07 - 2016-03-22 07:33 - 00000000 ____D C:\WINDOWS\system32\Drivers\NISx64
2017-02-24 09:25 - 2016-07-19 09:13 - 00000000 ____D C:\Stavitel
2017-02-24 09:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-24 07:51 - 2016-09-02 06:37 - 00002209 _____ C:\Users\Public\Desktop\Internet Manager.lnk
2017-02-24 07:51 - 2016-09-02 06:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager
2017-02-23 19:07 - 2016-02-22 13:14 - 00000000 ____D C:\Users\Dios\Downloads\Filmy
2017-02-23 11:10 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 11:09 - 2013-07-21 05:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 10:56 - 2011-11-14 08:50 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 10:28 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-23 08:01 - 2015-10-09 20:19 - 00000000 ____D C:\Users\Dios\AppData\Local\Packages
2017-02-22 08:01 - 2012-12-11 14:12 - 00000000 ____D C:\Users\Dios\Downloads\iPod Photo Cache
2017-02-22 07:54 - 2016-09-15 07:10 - 02410490 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-22 07:54 - 2016-07-16 23:25 - 00899540 _____ C:\WINDOWS\system32\perfh005.dat
2017-02-22 07:54 - 2016-07-16 23:25 - 00232632 _____ C:\WINDOWS\system32\perfc005.dat
2017-02-20 13:52 - 2012-09-27 10:25 - 00000000 ____D C:\Users\Dios\AppData\Local\GHISLER
2017-02-19 19:16 - 2016-03-09 08:33 - 00022528 _____ C:\Users\Dios\Desktop\Passwords_09032016.xlsx
2017-02-17 09:39 - 2013-10-30 08:15 - 00000000 ____D C:\Users\Dios\AppData\Roaming\Nitro
2017-02-16 22:59 - 2016-09-15 07:11 - 00000000 ____D C:\Users\Dios
2017-02-16 13:21 - 2014-03-20 17:19 - 00064512 _____ C:\Users\Dios\Desktop\Půjčky_VC(HP).xls
2017-02-15 14:37 - 2012-08-03 20:17 - 00000000 ____D C:\Users\Dios\AppData\Local\The Witcher
2017-02-13 06:23 - 2016-07-16 12:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-02-11 10:52 - 2016-11-01 09:00 - 00002201 _____ C:\Users\Public\Desktop\Money S3.lnk
2017-02-09 09:28 - 2017-01-20 09:53 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2017-02-09 09:16 - 2017-01-20 09:58 - 00102608 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2017-02-09 09:16 - 2017-01-20 09:58 - 00008298 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-01 08:22 - 2013-02-27 06:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
==================== Files in the root of some directories =======
2016-03-07 09:59 - 2016-03-07 10:33 - 0000034 _____ () C:\Users\Dios\AppData\Roaming\AdobeWLCMCache.dat
2016-07-12 11:32 - 2016-07-12 11:32 - 0009317 _____ () C:\Users\Dios\AppData\Roaming\Hodnoty oddělené čárkami (Windows).EML
2014-01-22 07:15 - 2015-08-17 08:45 - 0024299 _____ () C:\Users\Dios\AppData\Roaming\Microsoft Excel 97-2003.ADR
2016-07-12 10:03 - 2016-08-17 08:01 - 0009306 _____ () C:\Users\Dios\AppData\Roaming\Microsoft Excel 97-2003.EML
2017-03-02 12:45 - 2017-03-02 12:45 - 0029696 _____ () C:\Users\Dios\AppData\Local\MSGBOX.EXE
2014-07-17 06:43 - 2016-01-21 08:53 - 0007614 _____ () C:\Users\Dios\AppData\Local\resmon.resmoncfg
2012-01-26 19:25 - 2012-01-26 19:41 - 0001223 _____ () C:\ProgramData\hpzinstall.log
2012-09-14 10:29 - 2014-07-29 09:10 - 0000299 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-27 07:24
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-03-2017
Ran by Dios (administrator) on SPIKL (02-03-2017 12:48:57)
Running from C:\Users\Dios\Desktop
Loaded Profiles: Dios (Available Profiles: Dios & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe
() C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\nis.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\nis.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
() C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(KROS a.s.) C:\Program Files (x86)\KROSplus\KROSplus.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\conathst.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-27] (IDT, Inc.)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-07] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2017-01-13] (Apple Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2015-05-20] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [NetLockMngr] => C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe [3076512 2012-09-30] ()
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Tmobile_Czech Estoril ModemListener] => C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe [159016 2014-12-11] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330176 2014-08-19] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [322352 2014-08-09] (BitTorrent, Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
GroupPolicyScripts: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{010225A0-1DFD-CB3D-7CBF-F81DEAD6A5B5}: [NameServer] 62.141.0.1 213.162.65.1
Tcpip\..\Interfaces\{010225A2-1DFD-CB3D-7CBF-F81DEAD6A5B5}: [NameServer] 93.153.117.1 93.153.117.33
Tcpip\..\Interfaces\{20adc871-8488-4412-9121-2b7c6725d838}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{278401da-e960-4b4c-bcbc-f939ebbd7fd9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3b5a714d-352b-4aad-8581-cff6782c3e01}: [DhcpNameServer] 192.168.9.1 192.168.9.1
Tcpip\..\Interfaces\{44da3733-12ea-4092-ab15-cb3b918a7993}: [NameServer] 192.168.100.1,8.8.8.8
Tcpip\..\Interfaces\{c202a2a1-8152-4b98-9159-127249dde237}: [DhcpNameServer] 10.0.28.1
Tcpip\..\Interfaces\{d4f80e1b-eb6c-4a5f-a082-7407669bd57a}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.tipmatchbets.com/?cz&page=discussion&category=chat
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-06-09] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-06-09] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: PDFXChange 4.0 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} -> C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-27] (Tracker Software Products Ltd.)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-07] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-09] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-07] (Atheros Commnucations)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-09] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
Toolbar: HKLM-x32 - PDFXChange 4.0 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-27] (Tracker Software Products Ltd.)
Toolbar: HKLM-x32 - No Name - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-07] (Symantec Corporation)
FireFox:
========
FF DefaultProfile: h0iijypa.default-1414995702743
FF ProfilePath: C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743 [2017-03-02]
FF Homepage: Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743 -> hxxps://www.seznam.cz/
FF Extension: (iCloud Bookmarks) - C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\Extensions\firefoxdav@icloud.com [2016-10-20]
FF Extension: (QuickJava) - C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2016-10-10]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\features\{cd0caea9-2276-44ea-898c-309436cd274a}\disableSHA1rollout@mozilla.org.xpi [2017-02-25]
FF SearchPlugin: C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\searchplugins\firmycz.xml [2015-06-16]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.0.50\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.0.50\coFFAddon [2017-02-09]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.0.50\coFFAddon
FF HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-26] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-03-01] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-06-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-06-09] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-03-01] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-09] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2012-12-13] (Nitro PDF)
FF Plugin-x32: @parallelgraphics.com/Cortona -> C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll [2011-11-28] (ParallelGraphics)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Dios\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-04] (RocketLife, LLP)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2014-08-06] ()
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
FF Plugin HKU\S-1-5-21-2675517426-136286855-1641891982-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2675517426-136286855-1641891982-1001: @servis24.cz/PKIComponent -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [2016-12-01] (Česká spořitelna, a.s.)
FF Plugin HKU\S-1-5-21-2675517426-136286855-1641891982-1001: @servis24.cz/PKIComponent-x64 -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll [2014-10-01] (Česká spořitelna, a.s.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-09-17] (Apple Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default [2017-03-02]
CHR Extension: (Prezentace Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-13]
CHR Extension: (Dokumenty Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-13]
CHR Extension: (Disk Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-13]
CHR Extension: (YouTube) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-05]
CHR Extension: (Tabulky Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-13]
CHR Extension: (Norton Identity Safe) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-01-05]
CHR Extension: (Norton Security Toolbar) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-04-10]
CHR Extension: (Peněženka Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-05]
CHR Extension: (Gmail) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-05]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\Exts\Chrome.crx [2017-02-25]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\Exts\Chrome.crx [2017-02-25]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [693440 2016-01-28] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-07] (Atheros) [File not signed]
S3 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123392 2014-03-14] (Dassault Systèmes) [File not signed]
S3 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\bin\fbguard.exe [65536 2007-12-12] (The Firebird Project) [File not signed]
S3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\bin\fbserver.exe [1531989 2007-12-12] (The Firebird Project) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1039376 2017-01-16] (Garmin Ltd. or its subsidiaries)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [File not signed]
S3 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
S3 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-28] (Hewlett-Packard Company)
S3 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\NIS.exe [326160 2017-02-21] (Symantec Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software)
S3 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 SWLckServer; C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe [1469856 2012-09-30] () [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-03] (Synaptics Incorporated)
R2 Tmobile_Czech Estoril Modem Device Helper; C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe [76584 2014-12-11] ()
S3 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-05-20] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 xmengine service; C:\windows\SysWOW64\xmesrv.exe [34696 2009-10-09] (Monet+, a.s.)
S3 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ARCVCAM; C:\WINDOWS\system32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\BASHDefs\20170228.008\BHDrvx64.sys [1874136 2016-11-07] (Symantec Corporation)
R1 ccSet_NIS; C:\WINDOWS\system32\drivers\NISx64\1609000.047\ccSetx64.sys [174240 2017-02-07] (Symantec Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497312 2017-01-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-01-26] (Symantec Corporation)
S3 FsUsbExDisk; C:\windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-12-30] () [File not signed]
S3 GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [139632 2015-11-04] (Gemalto)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\IPSDefs\20170301.001\IDSvia64.sys [1038024 2017-02-08] (Symantec Corporation)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Marvell Semiconductor, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 ROCKEYNT; C:\WINDOWS\system32\DRIVERS\Rockey4.sys [36904 2013-12-04] (Feitian Technologies Co., Ltd.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-03] (Synaptics Incorporated)
U5 SNP2UVC; C:\Windows\System32\Drivers\SNP2UVC.sys [2668424 2015-12-10] ()
R3 SNP2UVCW10; C:\WINDOWS\system32\DRIVERS\snp2uvcW10.sys [2530920 2015-12-21] (Sonix Tech. Co., Ltd.)
R3 SRTSP; C:\WINDOWS\System32\Drivers\NISx64\1609000.047\SRTSP64.SYS [760992 2017-02-07] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NISx64\1609000.047\SRTSPX64.SYS [49312 2017-02-07] (Symantec Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NISx64\1609000.047\SYMEFASI64.SYS [1716896 2017-02-07] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NISx64\1609000.047\SymELAM.sys [24616 2017-02-07] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102608 2017-02-09] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NISx64\1609000.047\Ironx64.SYS [291480 2017-02-07] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\NISx64\1609000.047\SYMNETS.SYS [567512 2017-02-07] (Symantec Corporation)
S3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [36736 2013-02-08] (The OpenVPN Project) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\EX64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-02 12:48 - 2017-03-02 12:53 - 00031725 _____ C:\Users\Dios\Desktop\FRST.txt
2017-03-02 12:45 - 2017-03-02 12:45 - 00029696 _____ C:\Users\Dios\AppData\Local\MSGBOX.EXE
2017-03-02 12:45 - 2017-03-02 12:45 - 00015327 _____ C:\Users\Dios\Desktop\LM.bat
2017-03-02 12:25 - 2017-03-02 12:25 - 00396895 _____ C:\Users\Dios\Downloads\ZD_, KV.pdf
2017-03-02 12:13 - 2017-03-02 12:48 - 02423808 _____ (Farbar) C:\Users\Dios\Desktop\FRST64.exe
2017-03-02 11:44 - 2017-03-02 11:44 - 00004988 _____ C:\Users\Dios\Documents\cc_20170302_114428.reg
2017-03-02 11:40 - 2017-03-02 11:40 - 00007818 _____ C:\Users\Dios\Documents\cc_20170302_114032.reg
2017-03-02 10:55 - 2017-03-02 10:55 - 00050618 _____ C:\Users\Dios\Documents\cc_20170302_105551.reg
2017-03-02 10:22 - 2017-03-02 10:23 - 00000000 ____D C:\Program Files\CCleaner
2017-03-02 10:22 - 2017-03-02 10:22 - 00002848 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-03-02 10:22 - 2017-03-02 10:22 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-03-02 10:22 - 2017-03-02 10:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-03-02 10:17 - 2017-03-02 10:17 - 00000000 ____D C:\Users\Dios\Downloads\CCleaner Professional & Business Edition v5.27.5976 (2017)(CZ,SK)
2017-03-02 07:03 - 2017-03-02 07:03 - 00001607 _____ C:\Users\Dios\Desktop\Platby_MPxVC_2017.lnk
2017-02-28 14:56 - 2017-02-28 14:56 - 00022920 _____ C:\Users\Dios\Downloads\cee-19981008_Novy_Matej.pdf
2017-02-28 14:49 - 2017-02-28 14:49 - 00000244 _____ C:\Users\Dios\Desktop\Práce ve výškách - SingingRock Outlet.URL
2017-02-28 14:17 - 2017-02-28 14:17 - 00114517 _____ C:\Users\Dios\Downloads\5556_1.pdf
2017-02-28 11:09 - 2017-02-28 11:09 - 00000000 ____D C:\Program Files\NortonInstaller
2017-02-28 10:43 - 2017-02-28 10:43 - 00072374 _____ C:\Users\Dios\Downloads\IrwPrintShoppingList.pdf
2017-02-27 12:45 - 2017-02-27 12:45 - 00153229 _____ C:\Users\Dios\Downloads\SC_CC_15x15_FY17_cz.pdf
2017-02-27 07:08 - 2017-02-27 07:20 - 00000000 ____D C:\Users\Dios\Downloads\Nocturnal.Animals.2016.BRRip.XviD.AC3.CZ-PiRaTE
2017-02-26 13:07 - 2017-02-26 13:07 - 00003404 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-02-25 20:39 - 2017-02-27 06:41 - 2971028847 _____ C:\Users\Dios\Downloads\Fantastická zvířata a kde je najít.mkv
2017-02-23 10:54 - 2017-02-23 10:54 - 00201881 _____ C:\Users\Dios\Downloads\98432-1468912.pdf
2017-02-23 10:53 - 2017-02-23 10:53 - 01569675 _____ C:\Users\Dios\Downloads\98431-1529786_zadávací dokumentace.pdf
2017-02-23 10:53 - 2017-02-23 10:53 - 01569575 _____ C:\Users\Dios\Downloads\98431-1529786.pdf
2017-02-23 10:46 - 2017-02-23 10:46 - 02234269 _____ C:\Users\Dios\Downloads\97802-6936461.pdf
2017-02-23 10:43 - 2017-02-23 10:43 - 02197263 _____ C:\Users\Dios\Downloads\97801-5119059.pdf
2017-02-23 10:42 - 2017-02-23 10:42 - 02162545 _____ C:\Users\Dios\Downloads\97799-2870263.pdf
2017-02-23 10:41 - 2017-02-23 10:41 - 00184852 _____ C:\Users\Dios\Downloads\97797-8421441(1).pdf
2017-02-23 10:17 - 2017-02-23 10:17 - 00162192 _____ C:\Users\Dios\Downloads\97798-6613698.pdf
2017-02-23 08:42 - 2017-02-23 08:42 - 00189715 _____ C:\Users\Dios\Downloads\97797-8421441_Zápis o předání a převzetí staveniště.pdf
2017-02-23 08:42 - 2017-02-23 08:42 - 00184852 _____ C:\Users\Dios\Downloads\97797-8421441.pdf
2017-02-23 08:38 - 2017-02-23 08:38 - 06017067 _____ C:\Users\Dios\Downloads\97794-7355759.pdf
2017-02-23 08:37 - 2017-02-23 08:37 - 00018514 _____ C:\Users\Dios\Downloads\98428-2287615.pdf
2017-02-23 08:31 - 2017-02-23 08:34 - 00031232 _____ C:\Users\Dios\Desktop\2. Rozpočet ukazatele.xls
2017-02-21 09:56 - 2017-02-21 09:57 - 00214438 _____ C:\Users\Dios\Downloads\IF_5546_3.pdf
2017-02-21 07:15 - 2017-02-21 07:49 - 1369619519 _____ C:\Users\Dios\Downloads\The.Girl.On.The.Train.2016.WEB-DL.AVC.CZ-AsiToBudePiRaTE.mp4
2017-02-18 12:45 - 2017-02-18 13:11 - 1127147918 _____ C:\Users\Dios\Downloads\Prazdniny v Provence (2016).avi
2017-02-17 13:05 - 2017-02-17 13:05 - 00000303 _____ C:\Users\Dios\Desktop\PTservis.txt
2017-02-17 12:35 - 2017-02-20 10:28 - 00042464 _____ C:\Users\Dios\Desktop\V.O. Opavská_porovnání.xlsx
2017-02-17 12:09 - 2017-02-17 12:09 - 00567465 _____ C:\Users\Dios\Downloads\dodatecna_informace_c2-rybnik_lhota.pdf
2017-02-17 10:12 - 2017-02-17 10:12 - 00099681 _____ C:\Users\Dios\Downloads\dokument(8).pdf
2017-02-17 08:27 - 2017-02-17 08:43 - 1743691776 _____ C:\Users\Dios\Downloads\Bezva ženská na krku (2016) (CZ).avi
2017-02-15 12:52 - 2017-02-15 13:12 - 00026080 _____ C:\Users\Dios\Desktop\Kompostové hospodářství_sledování fakturace.xlsx
2017-02-15 07:47 - 2017-02-15 07:54 - 00000000 ____D C:\Users\Dios\Downloads\Deepwater.Horizon.2016.BRRip.XViD.AC3.CZ-S1LV3R
2017-02-14 11:43 - 2017-02-14 11:43 - 04897565 _____ C:\Users\Dios\Downloads\P r i k a z_s m l o u v a_T D S+a d m_f i n a l_2.pdf
2017-02-14 09:46 - 2017-02-14 09:46 - 00104675 _____ C:\Users\Dios\Downloads\příkazní na výkon TDS-zverej.pdf
2017-02-13 18:18 - 2017-02-13 19:38 - 1549791232 _____ C:\Users\Dios\Downloads\Zúčtování.avi
2017-02-13 14:33 - 2017-02-13 14:33 - 00818926 _____ C:\Users\Dios\Downloads\Ceník_Olomouc_2017.pdf
2017-02-13 14:32 - 2017-02-13 14:32 - 00123708 _____ C:\Users\Dios\Downloads\WWWCENIKSTEPANOV2015.pdf
2017-02-13 14:29 - 2017-02-13 14:29 - 00832521 _____ C:\Users\Dios\Downloads\Cenik_2016.pdf
2017-02-13 13:41 - 2017-02-13 13:41 - 00704994 _____ C:\Users\Dios\Downloads\00_Vyzva_rybnik_Lhota(1).pdf
2017-02-13 13:38 - 2017-02-13 13:38 - 00527670 _____ C:\Users\Dios\Downloads\egadup6mgutm7rctjiq3p5rpp0_1483009720_Oznámení o vyloučení uchazeče z výběrového řízení.pdf
2017-02-13 12:47 - 2017-02-13 12:47 - 00443149 _____ C:\Users\Dios\Downloads\splatky_bez_navyseni_pravidla(1).pdf
2017-02-12 20:26 - 2017-02-12 21:33 - 00000000 ____D C:\Users\Dios\Downloads\Povinnost a čest Act of Valor (2012)
2017-02-12 20:19 - 2017-02-12 21:48 - 766113532 _____ C:\Users\Dios\Downloads\Trollové.avi
2017-02-11 14:36 - 2017-02-11 16:16 - 1278392984 _____ C:\Users\Dios\Downloads\Musim te svest cz xvid-calibrum2.avi
2017-02-11 10:39 - 2017-02-15 13:35 - 00011465 _____ C:\Users\Dios\Desktop\Dovolená.xlsx
2017-02-11 10:27 - 2017-02-11 11:59 - 1932204032 _____ C:\Users\Dios\Downloads\Kobry a užovky.avi
2017-02-09 16:09 - 2017-02-09 17:12 - 1014570955 _____ C:\Users\Dios\Downloads\Avatar.avi
2017-02-09 14:21 - 2017-02-09 14:21 - 06111589 _____ C:\Users\Dios\Downloads\Úprava prostranství před Priorem.pdf
2017-02-09 13:16 - 2017-02-09 13:16 - 00443149 _____ C:\Users\Dios\Downloads\splatky_bez_navyseni_pravidla.pdf
2017-02-09 10:04 - 2017-02-09 10:08 - 00000000 ____D C:\Users\Dios\Downloads\Storks.2016.BRRip.XviD.AC3.CZ.SK-PiRaTE
2017-02-09 09:34 - 2017-03-02 07:42 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2017-02-09 09:19 - 2017-02-09 09:19 - 00666620 _____ C:\Users\Dios\Downloads\00_Vyzva_-_demolice_M5-L11-oprava.pdf
2017-02-09 09:04 - 2017-02-09 09:40 - 00000000 ____D C:\Users\Dios\Desktop\Hygienické zařízení-apresski
2017-02-08 14:38 - 2017-02-08 15:21 - 736397312 _____ C:\Users\Dios\Downloads\jpa.avi
2017-02-07 12:53 - 2017-02-07 13:13 - 00327680 _____ C:\Users\Dios\Desktop\UPOL_Výkaz výměr_rev2_2003_poptávka.xls
2017-02-07 12:32 - 2017-02-07 12:32 - 00000000 ____D C:\Users\Dios\Documents\Wondershare
2017-02-07 12:29 - 2017-02-07 12:29 - 00000000 ____D C:\ProgramData\Wondershare
2017-02-07 12:28 - 2017-02-07 12:28 - 00000000 ____D C:\Users\Dios\AppData\Roaming\HMYGSetting
2017-02-07 12:21 - 2017-02-07 12:21 - 00000000 ____D C:\Users\Dios\AppData\Local\Wondershare
2017-02-07 12:20 - 2017-03-02 07:24 - 00000000 ____D C:\Users\Dios\.android
2017-02-07 12:12 - 2017-02-07 12:25 - 00000000 ____D C:\Users\Dios\Downloads\Eye.in.the.Sky.2015.BRRip.XviD.AC3.CZ-Ex
2017-02-07 09:19 - 2017-02-07 09:19 - 00000000 ____D C:\Users\Dios\Downloads\Blood.Father.2016.BDRip.x264.CZ
2017-02-07 09:15 - 2017-02-07 09:15 - 00000000 ____D C:\Users\Dios\Downloads\Wondershare MobileTrans v7.4.6.429 Final + Serials
2017-02-07 08:31 - 2017-02-07 08:41 - 00314498 _____ C:\Users\Dios\Desktop\S.M. Olomouc - 04 Výkaz výměr_rev1 - porovnání.xlsx
2017-02-06 14:49 - 2017-02-06 14:49 - 01812343 _____ C:\Users\Dios\Downloads\3963_3483_239_2016_mikulicova.pdf
2017-02-06 14:47 - 2017-02-06 14:47 - 00213446 _____ C:\Users\Dios\Downloads\3997_oceneni_bytu.pdf
2017-02-06 12:41 - 2017-02-06 12:41 - 00105359 _____ C:\Users\Dios\Downloads\dokument(7).pdf
2017-02-06 09:46 - 2017-02-06 09:46 - 00019524 _____ C:\Users\Dios\Downloads\cee-19891002_Vcelik_Tomas.pdf
2017-02-06 09:13 - 2017-02-06 09:13 - 00496908 _____ C:\Users\Dios\Downloads\PGY-cenik-2016.pdf
2017-02-06 09:04 - 2017-02-06 09:05 - 00176915 _____ C:\Users\Dios\Downloads\Ceník-2016-platnost-od-1.4.2016.pdf
2017-02-06 08:32 - 2017-02-06 08:45 - 1506766848 _____ C:\Users\Dios\Downloads\Jesse Stone Ztracen v Paradise.avi
2017-02-04 19:00 - 2017-02-04 21:41 - 976465920 _____ C:\Users\Dios\Downloads\Máma mezi Marťany.avi
2017-02-03 16:06 - 2017-02-03 17:17 - 1499277312 _____ C:\Users\Dios\Downloads\Toy.Story.3.480p.BRRip.XviD.AC3.CZ-lukasenko79.avi
2017-02-02 08:43 - 2017-02-02 08:43 - 00704994 _____ C:\Users\Dios\Downloads\00_Vyzva_rybnik_Lhota.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-02 12:54 - 2014-05-29 20:12 - 00000000 ____D C:\Users\Dios\AppData\Roaming\uTorrent
2017-03-02 12:48 - 2015-05-21 06:39 - 00000000 ___DC C:\FRST
2017-03-02 12:34 - 2015-04-16 11:10 - 00000000 ____D C:\KROSplusData
2017-03-02 12:01 - 2014-07-23 13:21 - 00000000 ____D C:\Users\Dios\Desktop\Odvirování
2017-03-02 11:54 - 2016-11-16 06:52 - 00000000 ____D C:\Users\Dios\AppData\LocalLow\Mozilla
2017-03-02 11:54 - 2014-07-22 08:33 - 00000000 ____D C:\Program Files\trend micro
2017-03-02 11:39 - 2016-09-15 07:01 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-02 11:22 - 2016-09-15 08:00 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-03-02 10:29 - 2016-11-01 17:33 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-02 10:29 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-02 10:29 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-02 10:29 - 2011-12-01 10:57 - 00000000 ____D C:\Users\Dios\AppData\Local\CrashDumps
2017-03-02 07:16 - 2016-01-04 07:30 - 00000000 ___RD C:\Users\Dios\iCloudDrive
2017-03-02 07:14 - 2017-01-18 13:52 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-03-02 07:14 - 2016-12-20 10:48 - 00000340 _____ C:\WINDOWS\Tasks\HPCeeScheduleForDios.job
2017-03-02 07:14 - 2016-09-15 08:00 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-02 07:13 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-03-02 07:08 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-02 07:08 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-02 06:55 - 2012-01-05 19:01 - 00000000 ____D C:\Users\Dios\AppData\Local\Adobe
2017-03-01 22:41 - 2012-02-11 08:08 - 00000000 ____D C:\Users\Dios\AppData\Roaming\vlc
2017-03-01 14:47 - 2017-01-18 13:52 - 00003900 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-03-01 14:46 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-03-01 14:46 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-03-01 08:11 - 2014-08-09 18:45 - 00000000 ____D C:\Program Files (x86)\uTorrent
2017-02-28 13:11 - 2016-12-20 10:48 - 00003228 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForDios
2017-02-28 12:54 - 2016-01-11 13:53 - 00054660 _____ C:\Users\Dios\Desktop\Sledování cash flow II.xlsx
2017-02-28 12:47 - 2016-04-24 11:47 - 00027991 _____ C:\Users\Dios\Desktop\byt vybavení.xlsx
2017-02-28 08:52 - 2016-12-14 08:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-27 08:59 - 2012-12-14 13:16 - 00002286 ____H C:\Users\Dios\Documents\Default.rdp
2017-02-27 07:12 - 2014-09-19 15:00 - 00001303 _____ C:\Users\Dios\Documents\RESUME.XLW
2017-02-26 18:03 - 2015-06-12 07:04 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-26 13:46 - 2015-05-03 15:11 - 00000000 ____D C:\Users\Dios\Downloads\Other
2017-02-26 13:07 - 2017-01-20 09:58 - 00002484 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2017-02-26 13:07 - 2017-01-20 09:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2017-02-26 13:07 - 2016-03-22 07:33 - 00000000 ____D C:\WINDOWS\system32\Drivers\NISx64
2017-02-24 09:25 - 2016-07-19 09:13 - 00000000 ____D C:\Stavitel
2017-02-24 09:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-24 07:51 - 2016-09-02 06:37 - 00002209 _____ C:\Users\Public\Desktop\Internet Manager.lnk
2017-02-24 07:51 - 2016-09-02 06:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager
2017-02-23 19:07 - 2016-02-22 13:14 - 00000000 ____D C:\Users\Dios\Downloads\Filmy
2017-02-23 11:10 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 11:09 - 2013-07-21 05:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 10:56 - 2011-11-14 08:50 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 10:28 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-23 08:01 - 2015-10-09 20:19 - 00000000 ____D C:\Users\Dios\AppData\Local\Packages
2017-02-22 08:01 - 2012-12-11 14:12 - 00000000 ____D C:\Users\Dios\Downloads\iPod Photo Cache
2017-02-22 07:54 - 2016-09-15 07:10 - 02410490 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-22 07:54 - 2016-07-16 23:25 - 00899540 _____ C:\WINDOWS\system32\perfh005.dat
2017-02-22 07:54 - 2016-07-16 23:25 - 00232632 _____ C:\WINDOWS\system32\perfc005.dat
2017-02-20 13:52 - 2012-09-27 10:25 - 00000000 ____D C:\Users\Dios\AppData\Local\GHISLER
2017-02-19 19:16 - 2016-03-09 08:33 - 00022528 _____ C:\Users\Dios\Desktop\Passwords_09032016.xlsx
2017-02-17 09:39 - 2013-10-30 08:15 - 00000000 ____D C:\Users\Dios\AppData\Roaming\Nitro
2017-02-16 22:59 - 2016-09-15 07:11 - 00000000 ____D C:\Users\Dios
2017-02-16 13:21 - 2014-03-20 17:19 - 00064512 _____ C:\Users\Dios\Desktop\Půjčky_VC(HP).xls
2017-02-15 14:37 - 2012-08-03 20:17 - 00000000 ____D C:\Users\Dios\AppData\Local\The Witcher
2017-02-13 06:23 - 2016-07-16 12:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-02-11 10:52 - 2016-11-01 09:00 - 00002201 _____ C:\Users\Public\Desktop\Money S3.lnk
2017-02-09 09:28 - 2017-01-20 09:53 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2017-02-09 09:16 - 2017-01-20 09:58 - 00102608 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2017-02-09 09:16 - 2017-01-20 09:58 - 00008298 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-01 08:22 - 2013-02-27 06:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
==================== Files in the root of some directories =======
2016-03-07 09:59 - 2016-03-07 10:33 - 0000034 _____ () C:\Users\Dios\AppData\Roaming\AdobeWLCMCache.dat
2016-07-12 11:32 - 2016-07-12 11:32 - 0009317 _____ () C:\Users\Dios\AppData\Roaming\Hodnoty oddělené čárkami (Windows).EML
2014-01-22 07:15 - 2015-08-17 08:45 - 0024299 _____ () C:\Users\Dios\AppData\Roaming\Microsoft Excel 97-2003.ADR
2016-07-12 10:03 - 2016-08-17 08:01 - 0009306 _____ () C:\Users\Dios\AppData\Roaming\Microsoft Excel 97-2003.EML
2017-03-02 12:45 - 2017-03-02 12:45 - 0029696 _____ () C:\Users\Dios\AppData\Local\MSGBOX.EXE
2014-07-17 06:43 - 2016-01-21 08:53 - 0007614 _____ () C:\Users\Dios\AppData\Local\resmon.resmoncfg
2012-01-26 19:25 - 2012-01-26 19:41 - 0001223 _____ () C:\ProgramData\hpzinstall.log
2012-09-14 10:29 - 2014-07-29 09:10 - 0000299 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-27 07:24
==================== End of FRST.txt ============================
Re: Prosím o kontrolu logu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-03-2017
Ran by Dios (02-03-2017 12:55:20)
Running from C:\Users\Dios\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-15 07:12:12)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2675517426-136286855-1641891982-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2675517426-136286855-1641891982-503 - Limited - Disabled)
Dios (S-1-5-21-2675517426-136286855-1641891982-1001 - Administrator - Enabled) => C:\Users\Dios
Guest (S-1-5-21-2675517426-136286855-1641891982-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2675517426-136286855-1641891982-1007 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Disabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Internet Security (Disabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.0.2 - )
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.12 - ArcSoft)
ArcSoft TotalMedia (x32 Version: 1.0.48.25 - ArcSoft) Hidden
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft)
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.8.0.0182 - Disc Soft Ltd)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bentley V8i (SELECTseries 3) - Autodesk® RealDWG™ 2014 (HKLM-x32\...\{23E55F00-CE7A-4860-AF2A-69F3A5F8E54A}) (Version: 08.11.09.459 - Bentley Systems, Incorporated)
Bentley View V8i (SELECTseries 3) 08.11.09.459 (HKLM-x32\...\{ED98991E-E69D-44E1-828F-3F1C23FD95E0}) (Version: 08.11.09.459 - Bentley Systems, Incorporated)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.02.000.55 - Atheros Communications)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Build Trial Package (HKLM-x32\...\{09A9CD6B-8C7B-43C1-B05D-02087226EA41}) (Version: 1.4.0 - Software Imaging)
Business Functions (HKLM-x32\...\Business Functions_is1) (Version: - Business Functions Ltd)
C310 (x32 Version: 140.0.304.000 - Hewlett-Packard) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 2 (x32 Version: 1.00.0000 - Activision) Hidden
Canon MF Toolbox 4.9.1.1.mf12 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf12 - CANON INC.)
Canon MF5900 Series (HKLM\...\{47C39213-7CE2-4eb0-A112-11671C0072A0}) (Version: 3.9.0.0 - CANON INC.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Corel Applications (HKLM-x32\...\Corel Applications) (Version: - )
Cortona3D Viewer (HKLM\...\{DEACDFFA-D424-416F-B849-FA282F55B2CE}) (Version: 7.0.188 - ParallelGraphics)
CryptoPlus CS v1.0e (HKLM-x32\...\CryptoPlus CS v1.0e) (Version: 2.0.8 - Monet+,a.s.)
CryptoPlus CS v1.0e x64 (HKLM\...\CryptoPlus CS v1.0e) (Version: 2.0.8 - Monet+,a.s.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0002 - Microsoft Corporation)
DIY DataRecovery CHK-Mate (HKLM-x32\...\CHK-Mate_is1) (Version: 1.0 - DIY DataRecovery.nl)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DraftSight x64 (HKLM\...\{18D88174-BDBF-4BBF-B05C-3C75F609E44A}) (Version: 12.1.1077 - Dassault Systemes)
EGR-ShellExtension (HKLM-x32\...\EGR-ShellExtension) (Version: 1.2.0.101 - EasternGraphics)
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 17.101 (20170201_17) - CÍGLER SOFTWARE, a.s.)
Elevated Installer (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Evernote v. 5.6.4 (HKLM-x32\...\{DFDF0BE2-2D71-11E4-9454-00163E98E7D6}) (Version: 5.6.4.4632 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Firebird 1.5.5 (HKLM-x32\...\FBDBServer_1_5_is1) (Version: - Firebird Project)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{9fbf4745-0038-4ed3-aee1-87af9b9ef8f1}) (Version: 5.1.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Pro (HKLM-x32\...\{5BAA8884-F661-464B-B5B2-5C6C632BFC21}) (Version: 7.1.4.1529 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP 3D DriveGuard (HKLM\...\{04927A60-31CD-4614-A25C-055B1AD3A8CE}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP DayStarter (HKLM\...\{483D5A49-A26B-4CB8-AA2D-0D1811322061}) (Version: 2.0.0.12 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6A9C9BE1-14A3-42ED-A388-42E30A1412E9}) (Version: 1.2.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{B1FE3DA1-15C1-4AEB-85A6-883F8C4AFD42}) (Version: 2.0.2.1 - Hewlett-Packard Company)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP HotKey Support (HKLM\...\{7D1C63D1-6520-49DA-B738-958133526E80}) (Version: 4.0.10.1 - Hewlett-Packard Company)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP LaserJet 400 MFP M425 (HKLM-x32\...\{568705AA-DD8A-4134-B8B9-9609721FBBCE}) (Version: 15.0.15188.1460 - Hewlett-Packard)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
HP Photo Creations (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\HP Photo Creations) (Version: 1.0.0.17422 - HP)
HP Photosmart Prem C310 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{4E484899-4F93-4086-88BA-56BDDF47A776}) (Version: 14.0 - HP)
HP Power Assistant (HKLM\...\{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}) (Version: 2.0.2.0 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{6B5E7B4F-64A2-4DEB-B210-0DD92F940A01}) (Version: 3.0.3.9925 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP SoftPaq Download Manager (HKLM-x32\...\{FE465061-894A-4023-8580-56FCDD4F23F9}) (Version: 3.4.4.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{03619AEC-00EE-43CB-9F4F-25BE4C8C90D2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.3.50.9 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{E1BB50BA-7CCB-47CD-9FE3-03AAE6EEF862}) (Version: 12.5.32.203 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{EE5F1911-EA95-4F1A-AF97-495972F5032D}) (Version: 2.4.3.1 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50058.0 - Sonix)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM425DSService (x32 Version: 001.001.05874 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPDXP (x32 Version: 3.0.26.11 - HP) Hidden
HPLaserJet400MFP-M425_HelpLearnCenter_SI (HKLM-x32\...\{55D8D1AB-94C2-498F-A165-608B834A30EA}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJDXPHelper (x32 Version: 140.069.007 - HP) Hidden
HPLJUTCore (x32 Version: 014.000.0001 - HP) Hidden
HPLJUTM425 (x32 Version: 3.00.0003 - HP) Hidden
hppFaxDrvM425 (x32 Version: 003.000.00002 - Hewlett-Packard) Hidden
hppFaxDrvM425 (x32 Version: 004.000.00001 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM425LaserJetService (x32 Version: 001.019.00639 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
hppSendFaxM425 (x32 Version: 003.000.00002 - Hewlett-Packard) Hidden
hppSendFaxM425 (x32 Version: 004.000.00001 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 140.040.00231 - Hewlett Packard) Hidden
hpStatusAlertsM425 (x32 Version: 050.034.00131 - Hewlett-Packard) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
iCloud (HKLM\...\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}) (Version: 6.1.2.13 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
Incomedia WebSite X5 v11 - Home (HKLM-x32\...\{C5743DB8-7BDF-47D3-8D41-0BBD487B48A1}_is1) (Version: 11.0.6.27 - Incomedia s.r.l.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2559 - Intel Corporation)
InterBase 6 Client Open Edition - 6.0.2.0 (HKLM-x32\...\InterBase 6 Client Open Edition - 6.0.2.0) (Version: - InterBase Installation Info)
Internet Manager (HKLM-x32\...\Tmobile_Czech Estoril Internet Manager_is1) (Version: - T-mobile)
iPhone Converter version 1.3.2.0 (HKLM\...\{B27852AB-618E-4879-AEBF-D183F25543E8}_is1) (Version: - )
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
Knihovna TurboFLOORPLANu (HKLM-x32\...\TurboFloorPlan-5.0.0) (Version: 5.0 - Špinar software s.r.o.)
KROSplus (HKLM-x32\...\{5553C7DB-998F-4029-9E7E-F323A326C4B8}) (Version: 13.00 - KROS a.s.)
Licenční server verze 3.002 (HKLM-x32\...\Licenční server verze 3.002) (Version: - )
LJDXPHelperUI (x32 Version: 140.069.007 - HP) Hidden
Magic Academy 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft CAPICOM 2.1.0.2 SDK (HKLM-x32\...\{2FF43F5D-5729-4E02-A548-310E30A5F29B}) (Version: 2.1.0.2 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Project Professional 2003 (HKLM-x32\...\{903B0405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 CSY (HKLM\...\{0A8A841B-29C4-4947-BF59-241216B4D904}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ Run Time Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Mobipocket Creator 4.2 (HKLM-x32\...\{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}) (Version: 4.2.41 - Mobipocket.com)
Mobipocket Reader 6.2 (HKLM-x32\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Mozilla Firefox 51.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 cs)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
NemKalk 7.13 (HKLM-x32\...\NemKalk7_is1) (Version: - )
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nitro Pro 8 (HKLM\...\{522D6D76-B109-4C83-BA3C-D26D08391EBC}) (Version: 8.0.10.7 - Nitro)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Norton Internet Security (HKLM-x32\...\NIS) (Version: 22.9.0.71 - Symantec Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
pCon.planner STD (64 bit) (HKLM\...\{6DDB6C07-B345-4B5F-B573-EE9DAEEB328C}) (Version: 7.3.0.104 - EasternGraphics)
PČS SmartClient (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\ee485056d1c5a354) (Version: 2.1.9.10 - Pojišťovna České spořitelny)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.33 - PDF Complete, Inc)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.316.1 - Tracker Software Products Ltd)
PDF-XChange 4 Pro (HKLM\...\{E38531EE-318C-4EFB-A36B-1A57BFBDAB3C}_is1) (Version: 4.199.199.0 - Tracker Software Products Ltd)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Poker at bet365 (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\bet365poker) (Version: - )
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poradce, verze 1.38/1 (HKLM-x32\...\Hledik - Poradce) (Version: 1.38/1 - )
PS_AIO_07_C310_SW_Min (x32 Version: 140.0.304.000 - Hewlett-Packard) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.58.411.2012 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.36.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.36.0 - Renesas Electronics Corporation) Hidden
RTS Stavitel+ 2014 (HKLM-x32\...\RTS Stavitel+_is1) (Version: - )
RTS Stavitel+ 2016 (HKLM-x32\...\RTS Stavitel +_is1) (Version: 2016 - RTS, a.s.)
Safari (HKLM-x32\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 1.0.1 - HP)
SDK (x32 Version: 2.24.025 - Portrait Displays, Inc.) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Simulace_PCS (HKLM-x32\...\{FA632E53-37C3-44E4-BAE7-AEC897066D98}) (Version: 1.0.0 - Microsoft)
SketchUp 8 (HKLM-x32\...\{8EB62C87-AAA6-4850-A5BC-64155884B973}) (Version: 3.0.16846 - Trimble Navigation Limited)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
SmartMaps OCX pro Money S3, verze 2.0.2.5 (HKLM-x32\...\OCXMaps_is1) (Version: 2.0.2.5 - PLANstudio s.r.o.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Software602 Form Filler (HKLM-x32\...\{00160B3F-653A-4EA7-947E-4000D3551E9E}) (Version: 4.60 - Software602 a.s.)
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
SpellForce (HKLM-x32\...\SpellForce) (Version: SpellForce v1.52 - JoWooD Productions Software AG)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.0 - Synaptics Incorporated)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\GOGPACKWITCHEREEDC_is1) (Version: 2.0.0.12 - GOG.com)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Total Uninstall 6.14.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.14.0 - Gavrila Martau)
TP-LINK Wireless Client Utility (HKLM-x32\...\{3BD98AAF-61B5-46E0-A6C8-593C242C7C48}) (Version: 7.0 - TP-LINK)
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
TurboFloorPlan 3D Home and Landscape Pro 2015 (HKLM-x32\...\{0BD6EB74-8B4F-4D3A-89B6-3F6CDEB024E0}) (Version: 17.5.5 - IMSI Design, LLC)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Update Manager (x32 Version: 4.60 - Corel Corporation) Hidden
Validity Fingerprint Sensor Driver (HKLM\...\{61D3AB5C-02B5-47FC-906A-C49A0954C7C6}) (Version: 4.3.126.0 - Validity Sensors, Inc.)
VIP Access SDK x64(1.0.0.50) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.0.50 - Symantec Inc.)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{c77bad57-f913-4ac3-9061-6dfd6c0aa40a}) (Version: 1.3.0.16 - Western Digital Technologies, Inc.)
WD Drive Utilities (x32 Version: 1.3.0.16 - Western Digital Technologies, Inc.) Hidden
WD Quick View (HKLM-x32\...\{D5DEF2D5-FE04-484D-A6C9-2A105443F56A}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{83270912-15C7-4336-822E-E8F1B1BBCA60}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{72fda14f-5a07-49d5-b7f7-202377e9b522}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
WhatsApp (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\WhatsApp) (Version: 0.2.936 - WhatsApp)
WildTangent Games App for HP (x32 Version: 4.0.11.14 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )
World Cup Cricket 20-20 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Xobni (HKLM-x32\...\XobniMain) (Version: 1.9.5.13282 - Xobni Corp.)
Xobni Core (x32 Version: 1.0.0 - Xobni, Inc.) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-4E247109415D}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{6614FE97-812C-4B8B-AD6F-83D07279BF02}\InprocServer32 -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna, a.s.)
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{8616ED07-7CEA-47D2-912D-79BF20C02290}\InprocServer32 -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna, a.s.)
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{DEDBE4C9-9E87-40C5-B437-9AAB7EB9C667}\InprocServer32 -> C:\Program Files (x86)\EasternGraphics\EGR-ShellExtension\Win64\egr_se.dll (EasternGraphics)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00EACC91-72CB-4287-A5B3-589EA0B84631} - System32\Tasks\Norton Internet Security\Norton Internet Security Autofix => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {0D14F5E4-34D1-4B83-9EBA-076F63DA92EC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {0EB3F797-3153-42EE-83F8-33A48FEF6CD3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {11CD153F-E397-42E8-A7B0-10FAE7C11B2C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {13AC7145-1FBA-46A7-A3A9-C97140E8677A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {19DBF2CF-532C-4BDE-B83D-96A86004AEC5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {1CF937A7-D431-4525-A15C-B73D4FDEF5D9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-09] (Google Inc.)
Task: {1FDB43C4-6513-4AFC-AD54-9DDD0CFCA801} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
Task: {21648002-EF6B-4979-AFB9-4E42A76800E2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {2397CEB9-5D33-42A2-9054-38AB725F53C4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {28C80EA7-8FB6-47D6-9357-2F0951D02257} - System32\Tasks\{EF787000-3D6D-4AE4-BEE9-9052554AC2C3} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {28FDF4E0-7377-419E-BB38-80438399D8B9} - System32\Tasks\{EE6F22C5-F4D1-4C67-9E35-791420DD6AA0} => pcalua.exe -a C:\Users\Dios\Downloads\money-s3-15001-cz.exe
Task: {2A14E61F-A20C-454D-8EAB-31EBAC488FE3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {2BC2DF81-B4CB-4D10-A2EB-D15B5C47C91F} - System32\Tasks\{FE3F8665-DAE0-4E76-B886-ACC0EAAB75FB} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {2CC8864E-8C66-45D9-858F-377810887C2A} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2014-10-19] (Hewlett Packard)
Task: {2D9BAFA4-EFE4-44AA-A2B8-DDF5C072EDAA} - System32\Tasks\{58F91570-BD51-4FA2-8CE0-39BAFF42BD10} => pcalua.exe -a C:\Users\Dios\Downloads\KROS\setup.exe -d C:\Users\Dios\Downloads\KROS
Task: {2DCD9098-44E9-4E30-B5C4-ACF669EE1AD1} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {2E46169E-0629-4BA9-BC81-5E8195E25116} - System32\Tasks\{C2E35031-C64B-4A5E-8CC9-BEF6E2FAD49B} => pcalua.exe -a C:\Users\Dios\Downloads\lhm.exe -d C:\Users\Dios\Downloads
Task: {2EB7BB99-4969-4C42-9D95-F35ACA0AB939} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {34A292FD-C8BC-4352-882B-DFEDA33C4C48} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2017-02-20] (Symantec Corporation)
Task: {387C4F88-E263-4B19-B26C-1C604AFFFE4A} - System32\Tasks\{FF1B34E8-53F3-4B17-8202-37D9E19CE6F7} => pcalua.exe -a "C:\Users\Dios\Downloads\setup (1).exe" -d C:\Users\Dios\Desktop
Task: {3FEBE1CC-4573-4376-AE0E-B5E1C6545F44} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-wintip77@seznam.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07] (Adobe Systems Incorporated)
Task: {4051F94C-B1E1-4D1B-B782-1DA823DD1C00} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {44301198-A6A4-40F8-AA1C-1CA5DB4FE74E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {453A5020-823E-4BDC-AF4E-5F06EB0AA7F6} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {48CEFDD3-610C-4EC9-ADA5-7B4FDDA0F57F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {4926A6CF-84ED-42B1-B37B-4C9D50F95633} - System32\Tasks\{11E919B2-5102-4BBB-8FE1-18624ACE226F} => pcalua.exe -a "C:\Program Files\Kooperativa\Isos\Isos.exe" -d "C:\Program Files\Kooperativa\Isos"
Task: {4CA41BB2-25BD-4C62-8CF7-D4A37FC2CD55} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-01] (Adobe Systems Incorporated)
Task: {4DFBF331-BD08-4581-B1AE-AA7A9A412324} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {53C6A5A5-C9F0-4450-A84C-B8A379CF9F83} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {543BF91C-250C-4DA8-9180-692E914C7A95} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {553D8821-C40C-4A33-A2D0-BE488D981A4E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {5B3C61DB-82EF-4C41-B146-F70F7614C9FF} - System32\Tasks\{937AA0AD-51E2-42F1-AE16-88C6D955819C} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {5C501CBF-C134-4AB3-9C12-EF945C9DD8CB} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {617236B5-E2D1-4937-8F2C-561FC673DC46} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {655696FD-6E0F-40F7-8494-63FF9EB6E048} - System32\Tasks\{69C21F3A-A387-47D0-AC54-2EA612C38533} => pcalua.exe -a C:\Users\Dios\Downloads\setup(1).exe -d C:\Users\Dios\Downloads
Task: {68E0BF27-F7C4-43F4-94C3-2AEAFAD659A3} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {6B6B1663-4E77-4477-B035-50E11065C3C9} - System32\Tasks\{FFE2CB74-D788-4D21-BF63-179CDAFFAC79} => pcalua.exe -a "C:\Users\Dios\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2HS9EG6L\setup (1).exe" -d C:\Users\Dios\Desktop
Task: {6EC465ED-4ED8-4243-AAD0-B0099DCB0688} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {73699B69-355D-44AC-ABF6-65F37806389F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {73A0A03A-E7C8-4260-8714-7CCE42763C8F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {759DC2FE-59D0-449E-9D0D-1197160407BE} - System32\Tasks\{697CE3AF-4540-465F-B96D-5A33DEFA1F4E} => pcalua.exe -a C:\Users\Dios\Downloads\KoopP7BNExtern(1).exe -d C:\Users\Dios\Downloads
Task: {77539CF2-CB8F-401F-B9FA-D1BD30F8ED4E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {7BCE7805-937D-4253-A665-B812D4239A0B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {81A6567A-DDCA-4B5A-A18C-3E9AAC439B9A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-02-10] (HP Inc.)
Task: {8448FD24-8653-446F-8CCC-1793C2FF091D} - System32\Tasks\{B3B1FFFB-DC50-44A3-9C1E-827F3A87E88E} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {89B17A91-70C4-43F0-AA9F-E146FBB747AE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {8C00EF0D-FA6C-4CE0-AC32-84BF692B83F9} - System32\Tasks\{B0ED6832-3EA1-43CA-894A-3F21177A2A2B} => pcalua.exe -a "C:\Users\Public\Documents\CIGLER SOFTWARE\Money S3\Data\WebSetup\WebSetup.exe" -d "C:\Users\Public\Documents\CIGLER SOFTWARE\Money S3\Data\WebSetup\"
Task: {92DCA977-47C4-4B0A-9528-588FB1BEBB9A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {948DCE32-8B90-46CC-99B6-CA99C995E405} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {94D846E5-1A3A-49CD-A43D-A8BBDEF241D0} - System32\Tasks\{189E6F36-CE0A-4B3C-86BD-0E4A5A2CF7A0} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {9AD13E91-0E20-4A99-9FDF-230FFC79ECD8} - System32\Tasks\{5D495734-0F2B-4248-B3E0-D9B7FF99922A} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDFThumbnailHelper.exe [2012-12-13] (Nitro PDF)
Task: {9FFC5797-49EF-4C66-B38B-69C317D136B5} - System32\Tasks\{F48DC0B4-6AB4-47A0-8771-94549BFDD3F5} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {A07A9045-DDA5-4532-ADA1-BC67BC10D910} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {A19FAF4F-634B-47CD-864F-B26BEE24A121} - System32\Tasks\{E1C70DDC-32BA-4136-A49A-5C045321F25F} => pcalua.exe -a "C:\Users\Dios\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KBX0RBYK\setup.exe" -d C:\Users\Dios\Desktop
Task: {A7347BBA-B303-454E-825B-ADFDE08C571A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-09] (Google Inc.)
Task: {A87A1EE4-83C5-4971-910B-3722E134C230} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-02-23] (Microsoft Corporation)
Task: {A9E776EA-59B6-42BF-9383-2F7A0AB7BA04} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\WSCStub.exe [2017-02-20] (Symantec Corporation)
Task: {ACF8DCC0-3C7F-4E63-B707-A899AC15629F} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [2016-01-18] (Tracker Software Products (Canada) Ltd.)
Task: {AD5FD70B-DA4D-4B64-BBD4-4355F36CD895} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {AF250386-88B7-4599-883D-F226BEEBE6E2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {B08AEDE6-9E56-482C-B72E-E9308E29C1D3} - System32\Tasks\{1BFED272-CEE7-4749-97E7-F084335F0742} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {B220650D-6D58-4A0D-B5AA-CA7E8C3B2A0E} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-01-17] (Apple Inc.)
Task: {B4485AC6-7356-446F-9E04-7C080A4AD350} - System32\Tasks\{C3CEA077-CE2A-4AD7-8BA1-456456B2A88E} => pcalua.exe -a "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\uninst.exe" -d "C:\Program Files (x86)\Alcohol Soft\Alcohol 52"
Task: {B474D138-49BD-4920-B44F-19A5974E7197} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {B8F13DFF-7CDD-4E7D-BE1A-80EA1BE1A15B} - System32\Tasks\HPCeeScheduleForDios => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {B953CB77-4E6B-477B-8D63-6B0DCE9123C0} - System32\Tasks\{9BBE0796-780A-4AAE-B2BE-1C98851546B0} => pcalua.exe -a C:\Users\Dios\Downloads\setup.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {BF01B1F0-5900-42E6-AF12-D4D18461CB6F} - System32\Tasks\{A3948E18-38A2-4928-9087-46697B834183} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {BFBD1FB1-9F3C-4DA7-BFBA-ABF11B1B09C6} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {C028799B-C998-4A85-8F4E-D6CE375967FE} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {C1AFC45C-7C97-45D5-939F-E43B04C598AF} - System32\Tasks\{BB051987-A088-4E1F-842C-5A0DC6BEF7A0} => C:\Program Files (x86)\CgmBetSystems\CgmBets.exe
Task: {C8C351ED-5619-4833-A61A-20B2367E6525} - System32\Tasks\{268E1EE0-42FD-4B44-9333-7BCD88F8A02F} => pcalua.exe -a C:\Users\Dios\Downloads\setup(3).exe -d C:\Users\Dios\Downloads
Task: {CAC31A8E-DF7D-46F1-896D-A2DF6CB6F688} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {D0E6AE5E-3816-4E21-ABC9-6FBB167A77AD} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {D43C9CCB-0FD8-4FCB-A60B-E1BF2CAB3C7B} - System32\Tasks\{1E699CF4-E78B-4C3D-BFDC-A8DBEA7BB5C9} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {D515AFB1-1FE7-4F28-B472-58C498C9BF7D} - System32\Tasks\{1DC39F61-91E6-4776-B509-ED13DD51BBAD} => pcalua.exe -a C:\Users\Dios\Downloads\Hamachi-1.0.1.5.exe -d C:\Users\Dios\Downloads
Task: {DB3803A4-CC04-4FEB-980F-1B2AF403C1D3} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {DBCA48B7-C3C3-42EE-997A-6D1B6BDB3096} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {E07D6744-D2D2-4698-BB63-4B33446981A2} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-25] ()
Task: {E096A7F9-FD4E-4A4C-9D88-76632BA6DE08} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {E189E19D-5F0D-4762-8CF8-C6917C5066B2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {E3B7BFE2-5312-4561-B5BB-72046D814703} - System32\Tasks\{6030F4DE-A10B-409D-9B44-05E0D1AE28E4} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {ED832A5F-631C-484C-BD26-FA1D8318DFA2} - System32\Tasks\{2E49A9EB-3280-4B40-A217-E2C09E93F899} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {F08D3DE8-1186-419E-A12F-D8B945111A52} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-01-16] ()
Task: {F1D62EFA-C438-4A47-89DE-FAD6AEB2784E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {F8FD7813-91EE-4334-8F05-3820DD9C61EC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F9A298AD-FC4D-418B-8C5B-6B2A472C1A13} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {FC6FA7D2-B87F-461D-A0DD-FA86C0AD12CA} - System32\Tasks\{059E4574-2046-4A5F-B5AE-4BE5372B4716} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {FD2F0EAA-DEC4-4B2D-B250-91A6FB0BAE7E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForDios.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Dios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD\SpellForce - Platinum Edition\JoWooD Homepage.lnk -> hxxp://www.jowood.co
Shortcut: C:\Users\Dios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD\SpellForce - Platinum Edition\SpellForce - Platinum Edition Homepage.lnk -> hxxp://spellforce.jowood.com/?rid=1221&lang=e
Shortcut: C:\Users\Dios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD\SpellForce - Platinum Edition\SpellForce Forum.lnk -> hxxp://spellforce.jowood.com/forum
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-15 08:20 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-12 12:59 - 2012-09-29 12:25 - 00409088 _____ () C:\WINDOWS\System32\HPM1210LM.DLL
2013-10-02 11:36 - 2012-12-07 10:42 - 00065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1120PP.DLL
2012-05-03 09:40 - 2012-09-29 12:25 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-16 19:27 - 2012-09-30 12:00 - 01469856 _____ () C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe
2016-09-02 06:37 - 2014-12-11 10:24 - 00076584 _____ () C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
2016-12-15 08:20 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-15 08:20 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-15 09:11 - 2016-09-15 09:11 - 00959168 _____ () C:\Users\Dios\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-09-16 19:27 - 2012-09-30 12:00 - 03076512 _____ () C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe
2016-09-15 07:52 - 2016-09-15 07:52 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 11:59 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 11:58 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 11:58 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 11:58 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 11:58 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 11:58 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-03-02 07:04 - 2017-03-02 07:06 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-06-07 13:39 - 2016-06-07 13:41 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-04 07:40 - 2016-03-04 07:42 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-09-16 19:27 - 2011-10-11 12:00 - 00045056 _____ () C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\Mtp32.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2015-11-11 03:41 - 2015-11-11 03:41 - 00756376 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2016-09-15 09:10 - 2016-09-15 09:10 - 00679624 _____ () C:\Users\Dios\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:A66CF953 [187]
AlternateDataStreams: C:\ProgramData\TEMP:C05ABBB5 [156]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\business24.cz -> hxxps://www.business24.cz
IE trusted site: HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\ppe.cz -> hxxps://www.ppe.cz
IE trusted site: HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\servis24.cz -> hxxps://www.servis24.cz
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2015-04-19 07:30 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dios\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: 602XML Updater => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Dios^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Kooperativa - PDF Server.lnk => C:\windows\pss\Kooperativa - PDF Server.lnk.Startup
MSCONFIG\startupreg: DTRun => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
MSCONFIG\startupreg: HPPowerAssistant => C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
MSCONFIG\startupreg: HPQuickWebProxy => "c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: WD Quick View => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "AthBtTray"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "StatusAlerts"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SFAUpdater"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "NUSB3MON"
HKLM\...\StartupApproved\Run32: => "Tmobile_Czech Estoril ModemListener"
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{0BC50696-A532-4D6E-927C-6AF387D98BB5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5E1B9ABA-C53E-4023-A5C6-41E4E82E5DA2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BE61E9F3-D8B9-4595-9B25-A28F831BF78D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0DB3444C-177A-4A09-A5B6-03E96F9CF71F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F1F9D9CF-0B24-46C4-8A09-9B79EE999573}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller(1).exe
FirewallRules: [{6FBF6BAE-31AE-481C-886B-CF7E583CE24E}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller(1).exe
FirewallRules: [{9A8536AC-8E2A-4703-A928-96A7EE35A2A7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{615CDE9A-4762-467C-A13B-F9D4042F1CF7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{540AFD97-B033-47BE-B751-5950FC568776}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2DB7AF22-2457-4032-ACFC-D93728FEEA0B}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{B6AF7F7D-C636-4AB2-A251-04ADFD3B7A60}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{D85EF344-42D8-4474-BADC-A61B7E1456A1}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller.exe
FirewallRules: [{01DE0466-9EA5-4F9E-8143-2212DD0804A5}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller.exe
FirewallRules: [UDP Query User{4A1A6B8A-F5B4-4928-8851-F7F28DF643E8}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{3D63E791-3AA1-4099-B434-CBBEE191D316}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{81CAFB65-7BA1-4297-99B1-107F3AE42E8D}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{096858B8-6DC5-46F1-840F-BEB3E40E59C3}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{DE23D481-FE65-4B52-BCA7-EEB6B0C3728C}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{D598719A-B177-4E28-892C-878CBBAE11E9}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{ACCFD7FB-1587-479D-AB4F-5EDF0153501A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{EB59E3EC-49F9-4D68-AB8A-EAD9708DF1BC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{8058241D-9DBD-4A4B-9614-4472DB73EE45}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{D615243A-5072-4E99-A51C-1FF41EA3A7EE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{45390CF1-7620-438D-95C8-5F1A123795A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{55FEE721-9CAF-4CA0-8992-B7111C8140A7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{12420971-C9FB-489B-9839-6DC57444C75C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{24F71D6E-8E23-4582-8440-DD7DB596CD6E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{1F4C35B0-7A96-45C9-BBCF-0549AA0514BF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{916A2433-703D-4CF9-B412-4D3ADA0619E8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{8F626E39-DFAD-4EBC-94AC-7D47A6AA65FC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{A390EEFF-C960-4853-9F79-EC6D2C5AB6D1}] => (Allow) G:\setup\hpznui40.exe
FirewallRules: [{384A3614-750B-4805-83CC-B6569C7F7B53}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7C3324F8-73A8-4125-BDAF-6AD490A4BDF4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2E4C564C-2A35-44E5-9422-DF9411373FC8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{035113F2-39A1-49A0-AF50-0097DFFD49B5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B74A65B5-E411-4E48-83C1-C2ABCDDBCAC3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{915EDE72-61AA-4668-B29E-D43DBEEF312E}] => (Allow) LPort=1900
FirewallRules: [{E8D16D2C-1296-483B-AAFD-4CD58A6DCB27}] => (Allow) LPort=2869
FirewallRules: [{26BF4BD7-019E-4B1F-8E41-CAB70586A44A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B537BC04-32E5-4EC1-8C25-F988A09ED77E}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{6201D615-F4BE-403C-A61D-49B069FE9C96}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{7EFD56E7-D8E0-48E8-AF32-14290E96D86F}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{B14C08F5-9E4D-473D-B914-36518E83CF6F}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{80606333-A321-4B7A-B7B1-16FF85C8D084}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1D8527A8-3BE0-49E4-826F-57893F9D556A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2E9445BE-F188-4065-A150-4C02E8CB1C1F}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{BDE595B0-9B7F-4A90-9239-F368946CD6D6}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{84F0E771-AD35-420B-B56D-A115A642BE1C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5C4C34A9-7F88-4782-BCE6-243AAF7382AD}] => (Block) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Restore Points =========================
11-02-2017 09:48:31 Naplánovaný kontrolní bod
18-02-2017 12:56:35 Naplánovaný kontrolní bod
23-02-2017 10:51:58 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/02/2017 10:30:44 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll na řádku 3.
Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version v prvku assemblyIdentity je neplatná.
Error: (03/02/2017 10:29:27 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (4852) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Dios\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1811 (0xfffff8ed).
Error: (03/02/2017 09:54:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: SPIKL)
Description: Balíček Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe+App se ukončil, protože jeho pozastavování trvalo moc dlouho.
Error: (03/02/2017 08:01:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SPIKL)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (03/02/2017 07:43:00 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll na řádku 3.
Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version v prvku assemblyIdentity je neplatná.
Error: (03/02/2017 07:00:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iCloudServices.exe, verze: 55.1.0.136, časové razítko: 0x58791a03
Název chybujícího modulu: ntdll.dll, verze: 10.0.14393.479, časové razítko: 0x58256ca0
Kód výjimky: 0xc0000374
Posun chyby: 0x000d9d11
ID chybujícího procesu: 0x2250
Čas spuštění chybující aplikace: 0x01d293193dcb114f
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: d0cf004c-895b-4600-bce3-b11eff2c460d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/02/2017 07:00:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iCloudPhotos.exe, verze: 105.0.0.178, časové razítko: 0x58791a03
Název chybujícího modulu: iCloudPhotos_main.dll, verze: 105.0.0.178, časové razítko: 0x587e691b
Kód výjimky: 0xc0000005
Posun chyby: 0x000f48bc
ID chybujícího procesu: 0x10e0
Čas spuštění chybující aplikace: 0x01d293193f485211
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos_main.dll
ID zprávy: 4cb77f6b-2250-4619-b22e-347a36134133
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/02/2017 07:00:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iCloudDrive.exe, verze: 1.6.10.167, časové razítko: 0x58791a03
Název chybujícího modulu: iCloudDrive_main.dll, verze: 1.6.10.167, časové razítko: 0x587e6920
Kód výjimky: 0xc0000005
Posun chyby: 0x0010025c
ID chybujícího procesu: 0x470
Čas spuštění chybující aplikace: 0x01d293193e783e70
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive_main.dll
ID zprávy: 16f8356c-2cb2-4719-b4ae-52bd2100dec8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/01/2017 10:41:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15610
Error: (03/01/2017 10:41:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15610
System errors:
=============
Error: (03/02/2017 07:31:47 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Zprostředkovatel času, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.
Error: (03/02/2017 07:31:47 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Klient DHCP, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.
Error: (03/02/2017 07:29:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Centrum zabezpečení byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (03/02/2017 07:29:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Zprostředkovatel času byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (03/02/2017 07:29:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 100 milisekund: Restartovat službu.
Error: (03/02/2017 07:29:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Zprostředkovatel domácích skupin byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (03/02/2017 07:29:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Protokol událostí systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (03/02/2017 07:29:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Klient DHCP byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (03/02/2017 07:24:58 AM) (Source: DCOM) (EventID: 10010) (User: SPIKL)
Description: Server {9E6E74C7-0E85-4D14-8851-7635E2C1C528} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/02/2017 07:17:20 AM) (Source: DCOM) (EventID: 10010) (User: SPIKL)
Description: Server {21F282D1-A881-49E1-9A3A-26E44E39B86C} se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===================================
Date: 2017-01-20 10:00:17.546
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 10:00:15.026
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 10:00:11.629
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 10:00:07.323
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:21.812
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:14.880
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:14.010
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:13.462
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:13.126
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:13.007
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 66%
Total physical RAM: 4030.36 MB
Available physical RAM: 1362.08 MB
Total Virtual: 8126.36 MB
Available Virtual: 4441.71 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:573.86 GB) (Free:17.59 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.12 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: C2E30232)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=573.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)
==================== End of Addition.txt ============================
Ran by Dios (02-03-2017 12:55:20)
Running from C:\Users\Dios\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-15 07:12:12)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2675517426-136286855-1641891982-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2675517426-136286855-1641891982-503 - Limited - Disabled)
Dios (S-1-5-21-2675517426-136286855-1641891982-1001 - Administrator - Enabled) => C:\Users\Dios
Guest (S-1-5-21-2675517426-136286855-1641891982-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2675517426-136286855-1641891982-1007 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Disabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Internet Security (Disabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.0.2 - )
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.12 - ArcSoft)
ArcSoft TotalMedia (x32 Version: 1.0.48.25 - ArcSoft) Hidden
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft)
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.8.0.0182 - Disc Soft Ltd)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bentley V8i (SELECTseries 3) - Autodesk® RealDWG™ 2014 (HKLM-x32\...\{23E55F00-CE7A-4860-AF2A-69F3A5F8E54A}) (Version: 08.11.09.459 - Bentley Systems, Incorporated)
Bentley View V8i (SELECTseries 3) 08.11.09.459 (HKLM-x32\...\{ED98991E-E69D-44E1-828F-3F1C23FD95E0}) (Version: 08.11.09.459 - Bentley Systems, Incorporated)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.02.000.55 - Atheros Communications)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Build Trial Package (HKLM-x32\...\{09A9CD6B-8C7B-43C1-B05D-02087226EA41}) (Version: 1.4.0 - Software Imaging)
Business Functions (HKLM-x32\...\Business Functions_is1) (Version: - Business Functions Ltd)
C310 (x32 Version: 140.0.304.000 - Hewlett-Packard) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 2 (x32 Version: 1.00.0000 - Activision) Hidden
Canon MF Toolbox 4.9.1.1.mf12 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf12 - CANON INC.)
Canon MF5900 Series (HKLM\...\{47C39213-7CE2-4eb0-A112-11671C0072A0}) (Version: 3.9.0.0 - CANON INC.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Corel Applications (HKLM-x32\...\Corel Applications) (Version: - )
Cortona3D Viewer (HKLM\...\{DEACDFFA-D424-416F-B849-FA282F55B2CE}) (Version: 7.0.188 - ParallelGraphics)
CryptoPlus CS v1.0e (HKLM-x32\...\CryptoPlus CS v1.0e) (Version: 2.0.8 - Monet+,a.s.)
CryptoPlus CS v1.0e x64 (HKLM\...\CryptoPlus CS v1.0e) (Version: 2.0.8 - Monet+,a.s.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0002 - Microsoft Corporation)
DIY DataRecovery CHK-Mate (HKLM-x32\...\CHK-Mate_is1) (Version: 1.0 - DIY DataRecovery.nl)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DraftSight x64 (HKLM\...\{18D88174-BDBF-4BBF-B05C-3C75F609E44A}) (Version: 12.1.1077 - Dassault Systemes)
EGR-ShellExtension (HKLM-x32\...\EGR-ShellExtension) (Version: 1.2.0.101 - EasternGraphics)
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 17.101 (20170201_17) - CÍGLER SOFTWARE, a.s.)
Elevated Installer (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Evernote v. 5.6.4 (HKLM-x32\...\{DFDF0BE2-2D71-11E4-9454-00163E98E7D6}) (Version: 5.6.4.4632 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Firebird 1.5.5 (HKLM-x32\...\FBDBServer_1_5_is1) (Version: - Firebird Project)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{9fbf4745-0038-4ed3-aee1-87af9b9ef8f1}) (Version: 5.1.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Pro (HKLM-x32\...\{5BAA8884-F661-464B-B5B2-5C6C632BFC21}) (Version: 7.1.4.1529 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP 3D DriveGuard (HKLM\...\{04927A60-31CD-4614-A25C-055B1AD3A8CE}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP DayStarter (HKLM\...\{483D5A49-A26B-4CB8-AA2D-0D1811322061}) (Version: 2.0.0.12 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6A9C9BE1-14A3-42ED-A388-42E30A1412E9}) (Version: 1.2.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{B1FE3DA1-15C1-4AEB-85A6-883F8C4AFD42}) (Version: 2.0.2.1 - Hewlett-Packard Company)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP HotKey Support (HKLM\...\{7D1C63D1-6520-49DA-B738-958133526E80}) (Version: 4.0.10.1 - Hewlett-Packard Company)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP LaserJet 400 MFP M425 (HKLM-x32\...\{568705AA-DD8A-4134-B8B9-9609721FBBCE}) (Version: 15.0.15188.1460 - Hewlett-Packard)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
HP Photo Creations (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\HP Photo Creations) (Version: 1.0.0.17422 - HP)
HP Photosmart Prem C310 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{4E484899-4F93-4086-88BA-56BDDF47A776}) (Version: 14.0 - HP)
HP Power Assistant (HKLM\...\{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}) (Version: 2.0.2.0 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{6B5E7B4F-64A2-4DEB-B210-0DD92F940A01}) (Version: 3.0.3.9925 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP SoftPaq Download Manager (HKLM-x32\...\{FE465061-894A-4023-8580-56FCDD4F23F9}) (Version: 3.4.4.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{03619AEC-00EE-43CB-9F4F-25BE4C8C90D2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.3.50.9 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{E1BB50BA-7CCB-47CD-9FE3-03AAE6EEF862}) (Version: 12.5.32.203 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{EE5F1911-EA95-4F1A-AF97-495972F5032D}) (Version: 2.4.3.1 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50058.0 - Sonix)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM425DSService (x32 Version: 001.001.05874 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPDXP (x32 Version: 3.0.26.11 - HP) Hidden
HPLaserJet400MFP-M425_HelpLearnCenter_SI (HKLM-x32\...\{55D8D1AB-94C2-498F-A165-608B834A30EA}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJDXPHelper (x32 Version: 140.069.007 - HP) Hidden
HPLJUTCore (x32 Version: 014.000.0001 - HP) Hidden
HPLJUTM425 (x32 Version: 3.00.0003 - HP) Hidden
hppFaxDrvM425 (x32 Version: 003.000.00002 - Hewlett-Packard) Hidden
hppFaxDrvM425 (x32 Version: 004.000.00001 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM425LaserJetService (x32 Version: 001.019.00639 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
hppSendFaxM425 (x32 Version: 003.000.00002 - Hewlett-Packard) Hidden
hppSendFaxM425 (x32 Version: 004.000.00001 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 140.040.00231 - Hewlett Packard) Hidden
hpStatusAlertsM425 (x32 Version: 050.034.00131 - Hewlett-Packard) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
iCloud (HKLM\...\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}) (Version: 6.1.2.13 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
Incomedia WebSite X5 v11 - Home (HKLM-x32\...\{C5743DB8-7BDF-47D3-8D41-0BBD487B48A1}_is1) (Version: 11.0.6.27 - Incomedia s.r.l.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2559 - Intel Corporation)
InterBase 6 Client Open Edition - 6.0.2.0 (HKLM-x32\...\InterBase 6 Client Open Edition - 6.0.2.0) (Version: - InterBase Installation Info)
Internet Manager (HKLM-x32\...\Tmobile_Czech Estoril Internet Manager_is1) (Version: - T-mobile)
iPhone Converter version 1.3.2.0 (HKLM\...\{B27852AB-618E-4879-AEBF-D183F25543E8}_is1) (Version: - )
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
Knihovna TurboFLOORPLANu (HKLM-x32\...\TurboFloorPlan-5.0.0) (Version: 5.0 - Špinar software s.r.o.)
KROSplus (HKLM-x32\...\{5553C7DB-998F-4029-9E7E-F323A326C4B8}) (Version: 13.00 - KROS a.s.)
Licenční server verze 3.002 (HKLM-x32\...\Licenční server verze 3.002) (Version: - )
LJDXPHelperUI (x32 Version: 140.069.007 - HP) Hidden
Magic Academy 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft CAPICOM 2.1.0.2 SDK (HKLM-x32\...\{2FF43F5D-5729-4E02-A548-310E30A5F29B}) (Version: 2.1.0.2 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Project Professional 2003 (HKLM-x32\...\{903B0405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 CSY (HKLM\...\{0A8A841B-29C4-4947-BF59-241216B4D904}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ Run Time Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Mobipocket Creator 4.2 (HKLM-x32\...\{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}) (Version: 4.2.41 - Mobipocket.com)
Mobipocket Reader 6.2 (HKLM-x32\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Mozilla Firefox 51.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 cs)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
NemKalk 7.13 (HKLM-x32\...\NemKalk7_is1) (Version: - )
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nitro Pro 8 (HKLM\...\{522D6D76-B109-4C83-BA3C-D26D08391EBC}) (Version: 8.0.10.7 - Nitro)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Norton Internet Security (HKLM-x32\...\NIS) (Version: 22.9.0.71 - Symantec Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
pCon.planner STD (64 bit) (HKLM\...\{6DDB6C07-B345-4B5F-B573-EE9DAEEB328C}) (Version: 7.3.0.104 - EasternGraphics)
PČS SmartClient (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\ee485056d1c5a354) (Version: 2.1.9.10 - Pojišťovna České spořitelny)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.33 - PDF Complete, Inc)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.316.1 - Tracker Software Products Ltd)
PDF-XChange 4 Pro (HKLM\...\{E38531EE-318C-4EFB-A36B-1A57BFBDAB3C}_is1) (Version: 4.199.199.0 - Tracker Software Products Ltd)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Poker at bet365 (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\bet365poker) (Version: - )
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poradce, verze 1.38/1 (HKLM-x32\...\Hledik - Poradce) (Version: 1.38/1 - )
PS_AIO_07_C310_SW_Min (x32 Version: 140.0.304.000 - Hewlett-Packard) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.58.411.2012 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.36.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.36.0 - Renesas Electronics Corporation) Hidden
RTS Stavitel+ 2014 (HKLM-x32\...\RTS Stavitel+_is1) (Version: - )
RTS Stavitel+ 2016 (HKLM-x32\...\RTS Stavitel +_is1) (Version: 2016 - RTS, a.s.)
Safari (HKLM-x32\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 1.0.1 - HP)
SDK (x32 Version: 2.24.025 - Portrait Displays, Inc.) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Simulace_PCS (HKLM-x32\...\{FA632E53-37C3-44E4-BAE7-AEC897066D98}) (Version: 1.0.0 - Microsoft)
SketchUp 8 (HKLM-x32\...\{8EB62C87-AAA6-4850-A5BC-64155884B973}) (Version: 3.0.16846 - Trimble Navigation Limited)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
SmartMaps OCX pro Money S3, verze 2.0.2.5 (HKLM-x32\...\OCXMaps_is1) (Version: 2.0.2.5 - PLANstudio s.r.o.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Software602 Form Filler (HKLM-x32\...\{00160B3F-653A-4EA7-947E-4000D3551E9E}) (Version: 4.60 - Software602 a.s.)
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
SpellForce (HKLM-x32\...\SpellForce) (Version: SpellForce v1.52 - JoWooD Productions Software AG)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.0 - Synaptics Incorporated)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\GOGPACKWITCHEREEDC_is1) (Version: 2.0.0.12 - GOG.com)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Total Uninstall 6.14.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.14.0 - Gavrila Martau)
TP-LINK Wireless Client Utility (HKLM-x32\...\{3BD98AAF-61B5-46E0-A6C8-593C242C7C48}) (Version: 7.0 - TP-LINK)
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
TurboFloorPlan 3D Home and Landscape Pro 2015 (HKLM-x32\...\{0BD6EB74-8B4F-4D3A-89B6-3F6CDEB024E0}) (Version: 17.5.5 - IMSI Design, LLC)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Update Manager (x32 Version: 4.60 - Corel Corporation) Hidden
Validity Fingerprint Sensor Driver (HKLM\...\{61D3AB5C-02B5-47FC-906A-C49A0954C7C6}) (Version: 4.3.126.0 - Validity Sensors, Inc.)
VIP Access SDK x64(1.0.0.50) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.0.50 - Symantec Inc.)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{c77bad57-f913-4ac3-9061-6dfd6c0aa40a}) (Version: 1.3.0.16 - Western Digital Technologies, Inc.)
WD Drive Utilities (x32 Version: 1.3.0.16 - Western Digital Technologies, Inc.) Hidden
WD Quick View (HKLM-x32\...\{D5DEF2D5-FE04-484D-A6C9-2A105443F56A}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{83270912-15C7-4336-822E-E8F1B1BBCA60}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{72fda14f-5a07-49d5-b7f7-202377e9b522}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
WhatsApp (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\WhatsApp) (Version: 0.2.936 - WhatsApp)
WildTangent Games App for HP (x32 Version: 4.0.11.14 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )
World Cup Cricket 20-20 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Xobni (HKLM-x32\...\XobniMain) (Version: 1.9.5.13282 - Xobni Corp.)
Xobni Core (x32 Version: 1.0.0 - Xobni, Inc.) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-4E247109415D}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{6614FE97-812C-4B8B-AD6F-83D07279BF02}\InprocServer32 -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna, a.s.)
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{8616ED07-7CEA-47D2-912D-79BF20C02290}\InprocServer32 -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna, a.s.)
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{DEDBE4C9-9E87-40C5-B437-9AAB7EB9C667}\InprocServer32 -> C:\Program Files (x86)\EasternGraphics\EGR-ShellExtension\Win64\egr_se.dll (EasternGraphics)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00EACC91-72CB-4287-A5B3-589EA0B84631} - System32\Tasks\Norton Internet Security\Norton Internet Security Autofix => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {0D14F5E4-34D1-4B83-9EBA-076F63DA92EC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {0EB3F797-3153-42EE-83F8-33A48FEF6CD3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {11CD153F-E397-42E8-A7B0-10FAE7C11B2C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {13AC7145-1FBA-46A7-A3A9-C97140E8677A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {19DBF2CF-532C-4BDE-B83D-96A86004AEC5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {1CF937A7-D431-4525-A15C-B73D4FDEF5D9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-09] (Google Inc.)
Task: {1FDB43C4-6513-4AFC-AD54-9DDD0CFCA801} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
Task: {21648002-EF6B-4979-AFB9-4E42A76800E2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {2397CEB9-5D33-42A2-9054-38AB725F53C4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {28C80EA7-8FB6-47D6-9357-2F0951D02257} - System32\Tasks\{EF787000-3D6D-4AE4-BEE9-9052554AC2C3} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {28FDF4E0-7377-419E-BB38-80438399D8B9} - System32\Tasks\{EE6F22C5-F4D1-4C67-9E35-791420DD6AA0} => pcalua.exe -a C:\Users\Dios\Downloads\money-s3-15001-cz.exe
Task: {2A14E61F-A20C-454D-8EAB-31EBAC488FE3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {2BC2DF81-B4CB-4D10-A2EB-D15B5C47C91F} - System32\Tasks\{FE3F8665-DAE0-4E76-B886-ACC0EAAB75FB} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {2CC8864E-8C66-45D9-858F-377810887C2A} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2014-10-19] (Hewlett Packard)
Task: {2D9BAFA4-EFE4-44AA-A2B8-DDF5C072EDAA} - System32\Tasks\{58F91570-BD51-4FA2-8CE0-39BAFF42BD10} => pcalua.exe -a C:\Users\Dios\Downloads\KROS\setup.exe -d C:\Users\Dios\Downloads\KROS
Task: {2DCD9098-44E9-4E30-B5C4-ACF669EE1AD1} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {2E46169E-0629-4BA9-BC81-5E8195E25116} - System32\Tasks\{C2E35031-C64B-4A5E-8CC9-BEF6E2FAD49B} => pcalua.exe -a C:\Users\Dios\Downloads\lhm.exe -d C:\Users\Dios\Downloads
Task: {2EB7BB99-4969-4C42-9D95-F35ACA0AB939} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {34A292FD-C8BC-4352-882B-DFEDA33C4C48} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2017-02-20] (Symantec Corporation)
Task: {387C4F88-E263-4B19-B26C-1C604AFFFE4A} - System32\Tasks\{FF1B34E8-53F3-4B17-8202-37D9E19CE6F7} => pcalua.exe -a "C:\Users\Dios\Downloads\setup (1).exe" -d C:\Users\Dios\Desktop
Task: {3FEBE1CC-4573-4376-AE0E-B5E1C6545F44} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-wintip77@seznam.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07] (Adobe Systems Incorporated)
Task: {4051F94C-B1E1-4D1B-B782-1DA823DD1C00} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {44301198-A6A4-40F8-AA1C-1CA5DB4FE74E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {453A5020-823E-4BDC-AF4E-5F06EB0AA7F6} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {48CEFDD3-610C-4EC9-ADA5-7B4FDDA0F57F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {4926A6CF-84ED-42B1-B37B-4C9D50F95633} - System32\Tasks\{11E919B2-5102-4BBB-8FE1-18624ACE226F} => pcalua.exe -a "C:\Program Files\Kooperativa\Isos\Isos.exe" -d "C:\Program Files\Kooperativa\Isos"
Task: {4CA41BB2-25BD-4C62-8CF7-D4A37FC2CD55} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-01] (Adobe Systems Incorporated)
Task: {4DFBF331-BD08-4581-B1AE-AA7A9A412324} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {53C6A5A5-C9F0-4450-A84C-B8A379CF9F83} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {543BF91C-250C-4DA8-9180-692E914C7A95} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {553D8821-C40C-4A33-A2D0-BE488D981A4E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {5B3C61DB-82EF-4C41-B146-F70F7614C9FF} - System32\Tasks\{937AA0AD-51E2-42F1-AE16-88C6D955819C} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {5C501CBF-C134-4AB3-9C12-EF945C9DD8CB} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {617236B5-E2D1-4937-8F2C-561FC673DC46} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {655696FD-6E0F-40F7-8494-63FF9EB6E048} - System32\Tasks\{69C21F3A-A387-47D0-AC54-2EA612C38533} => pcalua.exe -a C:\Users\Dios\Downloads\setup(1).exe -d C:\Users\Dios\Downloads
Task: {68E0BF27-F7C4-43F4-94C3-2AEAFAD659A3} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {6B6B1663-4E77-4477-B035-50E11065C3C9} - System32\Tasks\{FFE2CB74-D788-4D21-BF63-179CDAFFAC79} => pcalua.exe -a "C:\Users\Dios\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2HS9EG6L\setup (1).exe" -d C:\Users\Dios\Desktop
Task: {6EC465ED-4ED8-4243-AAD0-B0099DCB0688} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {73699B69-355D-44AC-ABF6-65F37806389F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {73A0A03A-E7C8-4260-8714-7CCE42763C8F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {759DC2FE-59D0-449E-9D0D-1197160407BE} - System32\Tasks\{697CE3AF-4540-465F-B96D-5A33DEFA1F4E} => pcalua.exe -a C:\Users\Dios\Downloads\KoopP7BNExtern(1).exe -d C:\Users\Dios\Downloads
Task: {77539CF2-CB8F-401F-B9FA-D1BD30F8ED4E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {7BCE7805-937D-4253-A665-B812D4239A0B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {81A6567A-DDCA-4B5A-A18C-3E9AAC439B9A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-02-10] (HP Inc.)
Task: {8448FD24-8653-446F-8CCC-1793C2FF091D} - System32\Tasks\{B3B1FFFB-DC50-44A3-9C1E-827F3A87E88E} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {89B17A91-70C4-43F0-AA9F-E146FBB747AE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {8C00EF0D-FA6C-4CE0-AC32-84BF692B83F9} - System32\Tasks\{B0ED6832-3EA1-43CA-894A-3F21177A2A2B} => pcalua.exe -a "C:\Users\Public\Documents\CIGLER SOFTWARE\Money S3\Data\WebSetup\WebSetup.exe" -d "C:\Users\Public\Documents\CIGLER SOFTWARE\Money S3\Data\WebSetup\"
Task: {92DCA977-47C4-4B0A-9528-588FB1BEBB9A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {948DCE32-8B90-46CC-99B6-CA99C995E405} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {94D846E5-1A3A-49CD-A43D-A8BBDEF241D0} - System32\Tasks\{189E6F36-CE0A-4B3C-86BD-0E4A5A2CF7A0} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {9AD13E91-0E20-4A99-9FDF-230FFC79ECD8} - System32\Tasks\{5D495734-0F2B-4248-B3E0-D9B7FF99922A} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDFThumbnailHelper.exe [2012-12-13] (Nitro PDF)
Task: {9FFC5797-49EF-4C66-B38B-69C317D136B5} - System32\Tasks\{F48DC0B4-6AB4-47A0-8771-94549BFDD3F5} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {A07A9045-DDA5-4532-ADA1-BC67BC10D910} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {A19FAF4F-634B-47CD-864F-B26BEE24A121} - System32\Tasks\{E1C70DDC-32BA-4136-A49A-5C045321F25F} => pcalua.exe -a "C:\Users\Dios\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KBX0RBYK\setup.exe" -d C:\Users\Dios\Desktop
Task: {A7347BBA-B303-454E-825B-ADFDE08C571A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-09] (Google Inc.)
Task: {A87A1EE4-83C5-4971-910B-3722E134C230} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-02-23] (Microsoft Corporation)
Task: {A9E776EA-59B6-42BF-9383-2F7A0AB7BA04} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\WSCStub.exe [2017-02-20] (Symantec Corporation)
Task: {ACF8DCC0-3C7F-4E63-B707-A899AC15629F} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [2016-01-18] (Tracker Software Products (Canada) Ltd.)
Task: {AD5FD70B-DA4D-4B64-BBD4-4355F36CD895} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {AF250386-88B7-4599-883D-F226BEEBE6E2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {B08AEDE6-9E56-482C-B72E-E9308E29C1D3} - System32\Tasks\{1BFED272-CEE7-4749-97E7-F084335F0742} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {B220650D-6D58-4A0D-B5AA-CA7E8C3B2A0E} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-01-17] (Apple Inc.)
Task: {B4485AC6-7356-446F-9E04-7C080A4AD350} - System32\Tasks\{C3CEA077-CE2A-4AD7-8BA1-456456B2A88E} => pcalua.exe -a "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\uninst.exe" -d "C:\Program Files (x86)\Alcohol Soft\Alcohol 52"
Task: {B474D138-49BD-4920-B44F-19A5974E7197} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {B8F13DFF-7CDD-4E7D-BE1A-80EA1BE1A15B} - System32\Tasks\HPCeeScheduleForDios => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {B953CB77-4E6B-477B-8D63-6B0DCE9123C0} - System32\Tasks\{9BBE0796-780A-4AAE-B2BE-1C98851546B0} => pcalua.exe -a C:\Users\Dios\Downloads\setup.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {BF01B1F0-5900-42E6-AF12-D4D18461CB6F} - System32\Tasks\{A3948E18-38A2-4928-9087-46697B834183} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {BFBD1FB1-9F3C-4DA7-BFBA-ABF11B1B09C6} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {C028799B-C998-4A85-8F4E-D6CE375967FE} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {C1AFC45C-7C97-45D5-939F-E43B04C598AF} - System32\Tasks\{BB051987-A088-4E1F-842C-5A0DC6BEF7A0} => C:\Program Files (x86)\CgmBetSystems\CgmBets.exe
Task: {C8C351ED-5619-4833-A61A-20B2367E6525} - System32\Tasks\{268E1EE0-42FD-4B44-9333-7BCD88F8A02F} => pcalua.exe -a C:\Users\Dios\Downloads\setup(3).exe -d C:\Users\Dios\Downloads
Task: {CAC31A8E-DF7D-46F1-896D-A2DF6CB6F688} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {D0E6AE5E-3816-4E21-ABC9-6FBB167A77AD} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {D43C9CCB-0FD8-4FCB-A60B-E1BF2CAB3C7B} - System32\Tasks\{1E699CF4-E78B-4C3D-BFDC-A8DBEA7BB5C9} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {D515AFB1-1FE7-4F28-B472-58C498C9BF7D} - System32\Tasks\{1DC39F61-91E6-4776-B509-ED13DD51BBAD} => pcalua.exe -a C:\Users\Dios\Downloads\Hamachi-1.0.1.5.exe -d C:\Users\Dios\Downloads
Task: {DB3803A4-CC04-4FEB-980F-1B2AF403C1D3} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {DBCA48B7-C3C3-42EE-997A-6D1B6BDB3096} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {E07D6744-D2D2-4698-BB63-4B33446981A2} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-25] ()
Task: {E096A7F9-FD4E-4A4C-9D88-76632BA6DE08} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {E189E19D-5F0D-4762-8CF8-C6917C5066B2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {E3B7BFE2-5312-4561-B5BB-72046D814703} - System32\Tasks\{6030F4DE-A10B-409D-9B44-05E0D1AE28E4} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {ED832A5F-631C-484C-BD26-FA1D8318DFA2} - System32\Tasks\{2E49A9EB-3280-4B40-A217-E2C09E93F899} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {F08D3DE8-1186-419E-A12F-D8B945111A52} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-01-16] ()
Task: {F1D62EFA-C438-4A47-89DE-FAD6AEB2784E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {F8FD7813-91EE-4334-8F05-3820DD9C61EC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F9A298AD-FC4D-418B-8C5B-6B2A472C1A13} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {FC6FA7D2-B87F-461D-A0DD-FA86C0AD12CA} - System32\Tasks\{059E4574-2046-4A5F-B5AE-4BE5372B4716} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {FD2F0EAA-DEC4-4B2D-B250-91A6FB0BAE7E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForDios.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Dios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD\SpellForce - Platinum Edition\JoWooD Homepage.lnk -> hxxp://www.jowood.co
Shortcut: C:\Users\Dios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD\SpellForce - Platinum Edition\SpellForce - Platinum Edition Homepage.lnk -> hxxp://spellforce.jowood.com/?rid=1221&lang=e
Shortcut: C:\Users\Dios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD\SpellForce - Platinum Edition\SpellForce Forum.lnk -> hxxp://spellforce.jowood.com/forum
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-15 08:20 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-12 12:59 - 2012-09-29 12:25 - 00409088 _____ () C:\WINDOWS\System32\HPM1210LM.DLL
2013-10-02 11:36 - 2012-12-07 10:42 - 00065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1120PP.DLL
2012-05-03 09:40 - 2012-09-29 12:25 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-16 19:27 - 2012-09-30 12:00 - 01469856 _____ () C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe
2016-09-02 06:37 - 2014-12-11 10:24 - 00076584 _____ () C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
2016-12-15 08:20 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-15 08:20 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-15 09:11 - 2016-09-15 09:11 - 00959168 _____ () C:\Users\Dios\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-09-16 19:27 - 2012-09-30 12:00 - 03076512 _____ () C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe
2016-09-15 07:52 - 2016-09-15 07:52 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 11:59 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 11:58 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 11:58 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 11:58 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 11:58 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 11:58 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-03-02 07:04 - 2017-03-02 07:06 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-06-07 13:39 - 2016-06-07 13:41 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-04 07:40 - 2016-03-04 07:42 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-09-16 19:27 - 2011-10-11 12:00 - 00045056 _____ () C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\Mtp32.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2015-11-11 03:41 - 2015-11-11 03:41 - 00756376 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2016-09-15 09:10 - 2016-09-15 09:10 - 00679624 _____ () C:\Users\Dios\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:A66CF953 [187]
AlternateDataStreams: C:\ProgramData\TEMP:C05ABBB5 [156]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\business24.cz -> hxxps://www.business24.cz
IE trusted site: HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\ppe.cz -> hxxps://www.ppe.cz
IE trusted site: HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\servis24.cz -> hxxps://www.servis24.cz
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2015-04-19 07:30 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dios\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: 602XML Updater => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Dios^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Kooperativa - PDF Server.lnk => C:\windows\pss\Kooperativa - PDF Server.lnk.Startup
MSCONFIG\startupreg: DTRun => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
MSCONFIG\startupreg: HPPowerAssistant => C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
MSCONFIG\startupreg: HPQuickWebProxy => "c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: WD Quick View => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "AthBtTray"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "StatusAlerts"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SFAUpdater"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "NUSB3MON"
HKLM\...\StartupApproved\Run32: => "Tmobile_Czech Estoril ModemListener"
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{0BC50696-A532-4D6E-927C-6AF387D98BB5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5E1B9ABA-C53E-4023-A5C6-41E4E82E5DA2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BE61E9F3-D8B9-4595-9B25-A28F831BF78D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0DB3444C-177A-4A09-A5B6-03E96F9CF71F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F1F9D9CF-0B24-46C4-8A09-9B79EE999573}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller(1).exe
FirewallRules: [{6FBF6BAE-31AE-481C-886B-CF7E583CE24E}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller(1).exe
FirewallRules: [{9A8536AC-8E2A-4703-A928-96A7EE35A2A7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{615CDE9A-4762-467C-A13B-F9D4042F1CF7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{540AFD97-B033-47BE-B751-5950FC568776}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2DB7AF22-2457-4032-ACFC-D93728FEEA0B}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{B6AF7F7D-C636-4AB2-A251-04ADFD3B7A60}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{D85EF344-42D8-4474-BADC-A61B7E1456A1}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller.exe
FirewallRules: [{01DE0466-9EA5-4F9E-8143-2212DD0804A5}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller.exe
FirewallRules: [UDP Query User{4A1A6B8A-F5B4-4928-8851-F7F28DF643E8}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{3D63E791-3AA1-4099-B434-CBBEE191D316}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{81CAFB65-7BA1-4297-99B1-107F3AE42E8D}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{096858B8-6DC5-46F1-840F-BEB3E40E59C3}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{DE23D481-FE65-4B52-BCA7-EEB6B0C3728C}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{D598719A-B177-4E28-892C-878CBBAE11E9}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{ACCFD7FB-1587-479D-AB4F-5EDF0153501A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{EB59E3EC-49F9-4D68-AB8A-EAD9708DF1BC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{8058241D-9DBD-4A4B-9614-4472DB73EE45}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{D615243A-5072-4E99-A51C-1FF41EA3A7EE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{45390CF1-7620-438D-95C8-5F1A123795A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{55FEE721-9CAF-4CA0-8992-B7111C8140A7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{12420971-C9FB-489B-9839-6DC57444C75C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{24F71D6E-8E23-4582-8440-DD7DB596CD6E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{1F4C35B0-7A96-45C9-BBCF-0549AA0514BF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{916A2433-703D-4CF9-B412-4D3ADA0619E8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{8F626E39-DFAD-4EBC-94AC-7D47A6AA65FC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{A390EEFF-C960-4853-9F79-EC6D2C5AB6D1}] => (Allow) G:\setup\hpznui40.exe
FirewallRules: [{384A3614-750B-4805-83CC-B6569C7F7B53}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7C3324F8-73A8-4125-BDAF-6AD490A4BDF4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2E4C564C-2A35-44E5-9422-DF9411373FC8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{035113F2-39A1-49A0-AF50-0097DFFD49B5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B74A65B5-E411-4E48-83C1-C2ABCDDBCAC3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{915EDE72-61AA-4668-B29E-D43DBEEF312E}] => (Allow) LPort=1900
FirewallRules: [{E8D16D2C-1296-483B-AAFD-4CD58A6DCB27}] => (Allow) LPort=2869
FirewallRules: [{26BF4BD7-019E-4B1F-8E41-CAB70586A44A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B537BC04-32E5-4EC1-8C25-F988A09ED77E}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{6201D615-F4BE-403C-A61D-49B069FE9C96}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{7EFD56E7-D8E0-48E8-AF32-14290E96D86F}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{B14C08F5-9E4D-473D-B914-36518E83CF6F}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{80606333-A321-4B7A-B7B1-16FF85C8D084}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1D8527A8-3BE0-49E4-826F-57893F9D556A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2E9445BE-F188-4065-A150-4C02E8CB1C1F}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{BDE595B0-9B7F-4A90-9239-F368946CD6D6}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{84F0E771-AD35-420B-B56D-A115A642BE1C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5C4C34A9-7F88-4782-BCE6-243AAF7382AD}] => (Block) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Restore Points =========================
11-02-2017 09:48:31 Naplánovaný kontrolní bod
18-02-2017 12:56:35 Naplánovaný kontrolní bod
23-02-2017 10:51:58 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/02/2017 10:30:44 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll na řádku 3.
Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version v prvku assemblyIdentity je neplatná.
Error: (03/02/2017 10:29:27 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (4852) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Dios\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1811 (0xfffff8ed).
Error: (03/02/2017 09:54:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: SPIKL)
Description: Balíček Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe+App se ukončil, protože jeho pozastavování trvalo moc dlouho.
Error: (03/02/2017 08:01:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SPIKL)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (03/02/2017 07:43:00 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll na řádku 3.
Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version v prvku assemblyIdentity je neplatná.
Error: (03/02/2017 07:00:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iCloudServices.exe, verze: 55.1.0.136, časové razítko: 0x58791a03
Název chybujícího modulu: ntdll.dll, verze: 10.0.14393.479, časové razítko: 0x58256ca0
Kód výjimky: 0xc0000374
Posun chyby: 0x000d9d11
ID chybujícího procesu: 0x2250
Čas spuštění chybující aplikace: 0x01d293193dcb114f
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: d0cf004c-895b-4600-bce3-b11eff2c460d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/02/2017 07:00:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iCloudPhotos.exe, verze: 105.0.0.178, časové razítko: 0x58791a03
Název chybujícího modulu: iCloudPhotos_main.dll, verze: 105.0.0.178, časové razítko: 0x587e691b
Kód výjimky: 0xc0000005
Posun chyby: 0x000f48bc
ID chybujícího procesu: 0x10e0
Čas spuštění chybující aplikace: 0x01d293193f485211
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos_main.dll
ID zprávy: 4cb77f6b-2250-4619-b22e-347a36134133
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/02/2017 07:00:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iCloudDrive.exe, verze: 1.6.10.167, časové razítko: 0x58791a03
Název chybujícího modulu: iCloudDrive_main.dll, verze: 1.6.10.167, časové razítko: 0x587e6920
Kód výjimky: 0xc0000005
Posun chyby: 0x0010025c
ID chybujícího procesu: 0x470
Čas spuštění chybující aplikace: 0x01d293193e783e70
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive_main.dll
ID zprávy: 16f8356c-2cb2-4719-b4ae-52bd2100dec8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/01/2017 10:41:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15610
Error: (03/01/2017 10:41:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15610
System errors:
=============
Error: (03/02/2017 07:31:47 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Zprostředkovatel času, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.
Error: (03/02/2017 07:31:47 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Klient DHCP, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.
Error: (03/02/2017 07:29:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Centrum zabezpečení byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (03/02/2017 07:29:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Zprostředkovatel času byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (03/02/2017 07:29:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 100 milisekund: Restartovat službu.
Error: (03/02/2017 07:29:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Zprostředkovatel domácích skupin byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (03/02/2017 07:29:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Protokol událostí systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (03/02/2017 07:29:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Klient DHCP byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (03/02/2017 07:24:58 AM) (Source: DCOM) (EventID: 10010) (User: SPIKL)
Description: Server {9E6E74C7-0E85-4D14-8851-7635E2C1C528} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/02/2017 07:17:20 AM) (Source: DCOM) (EventID: 10010) (User: SPIKL)
Description: Server {21F282D1-A881-49E1-9A3A-26E44E39B86C} se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===================================
Date: 2017-01-20 10:00:17.546
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 10:00:15.026
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 10:00:11.629
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 10:00:07.323
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:21.812
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:14.880
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:14.010
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:13.462
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:13.126
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:13.007
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 66%
Total physical RAM: 4030.36 MB
Available physical RAM: 1362.08 MB
Total Virtual: 8126.36 MB
Available Virtual: 4441.71 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:573.86 GB) (Free:17.59 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.12 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: C2E30232)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=573.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)
==================== End of Addition.txt ============================
Re: Prosím o kontrolu logu
Na plose, tam kde mas umisteny FRST vytvor TXT soubor, ktery pojmenujes fixlist.txt a do nej vloz nasledujici text:
( Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopíruj).
( Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopíruj).
start
CreateRestorePoint:
CloseProcesses:
Hosts:
EmptyTemp:
HKLM-x32\...\Run: [] => [X]
GroupPolicyScripts: Restriction <======= ATTENTION
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.tipmatchbets.com/?cz&page=di ... egory=chat
Toolbar: HKLM-x32 - No Name - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\EX64.SYS [X]
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-4E247109415D}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
Task: {0EB3F797-3153-42EE-83F8-33A48FEF6CD3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {387C4F88-E263-4B19-B26C-1C604AFFFE4A} - System32\Tasks\{FF1B34E8-53F3-4B17-8202-37D9E19CE6F7} => pcalua.exe -a "C:\Users\Dios\Downloads\setup (1).exe" -d C:\Users\Dios\Desktop
Task: {4051F94C-B1E1-4D1B-B782-1DA823DD1C00} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4DFBF331-BD08-4581-B1AE-AA7A9A412324} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {553D8821-C40C-4A33-A2D0-BE488D981A4E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {655696FD-6E0F-40F7-8494-63FF9EB6E048} - System32\Tasks\{69C21F3A-A387-47D0-AC54-2EA612C38533} => pcalua.exe -a C:\Users\Dios\Downloads\setup(1).exe -d C:\Users\Dios\Downloads
Task: {6B6B1663-4E77-4477-B035-50E11065C3C9} - System32\Tasks\{FFE2CB74-D788-4D21-BF63-179CDAFFAC79} => pcalua.exe -a "C:\Users\Dios\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2HS9EG6L\setup (1).exe" -d C:\Users\Dios\Desktop
Task: {6EC465ED-4ED8-4243-AAD0-B0099DCB0688} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {73699B69-355D-44AC-ABF6-65F37806389F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {7BCE7805-937D-4253-A665-B812D4239A0B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {89B17A91-70C4-43F0-AA9F-E146FBB747AE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {A19FAF4F-634B-47CD-864F-B26BEE24A121} - System32\Tasks\{E1C70DDC-32BA-4136-A49A-5C045321F25F} => pcalua.exe -a "C:\Users\Dios\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KBX0RBYK\setup.exe" -d C:\Users\Dios\Desktop
Task: {A7347BBA-B303-454E-825B-ADFDE08C571A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-09] (Google Inc.)
Task: {C8C351ED-5619-4833-A61A-20B2367E6525} - System32\Tasks\{268E1EE0-42FD-4B44-9333-7BCD88F8A02F} => pcalua.exe -a C:\Users\Dios\Downloads\setup(3).exe -d C:\Users\Dios\Downloads
Task: {E189E19D-5F0D-4762-8CF8-C6917C5066B2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F8FD7813-91EE-4334-8F05-3820DD9C61EC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F9A298AD-FC4D-418B-8C5B-6B2A472C1A13} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:A66CF953 [187]
AlternateDataStreams: C:\ProgramData\TEMP:C05ABBB5 [156]
FirewallRules: [{F1F9D9CF-0B24-46C4-8A09-9B79EE999573}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller(1).exe
FirewallRules: [{6FBF6BAE-31AE-481C-886B-CF7E583CE24E}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller(1).exe
FirewallRules: [{D85EF344-42D8-4474-BADC-A61B7E1456A1}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller.exe
FirewallRules: [{01DE0466-9EA5-4F9E-8143-2212DD0804A5}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller.exe
end
Re: Prosím o kontrolu logu
Fix result of Farbar Recovery Scan Tool (x64) Version: 01-03-2017
Ran by Dios (03-03-2017 06:47:19) Run:2
Running from C:\Users\Dios\Desktop
Loaded Profiles: Dios (Available Profiles: Dios & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
Hosts:
EmptyTemp:
HKLM-x32\...\Run: [] => [X]
GroupPolicyScripts: Restriction <======= ATTENTION
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.tipmatchbets.com/?cz&page=di ... egory=chat
Toolbar: HKLM-x32 - No Name - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\EX64.SYS [X]
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-4E247109415D}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
Task: {0EB3F797-3153-42EE-83F8-33A48FEF6CD3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {387C4F88-E263-4B19-B26C-1C604AFFFE4A} - System32\Tasks\{FF1B34E8-53F3-4B17-8202-37D9E19CE6F7} => pcalua.exe -a "C:\Users\Dios\Downloads\setup (1).exe" -d C:\Users\Dios\Desktop
Task: {4051F94C-B1E1-4D1B-B782-1DA823DD1C00} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4DFBF331-BD08-4581-B1AE-AA7A9A412324} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {553D8821-C40C-4A33-A2D0-BE488D981A4E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {655696FD-6E0F-40F7-8494-63FF9EB6E048} - System32\Tasks\{69C21F3A-A387-47D0-AC54-2EA612C38533} => pcalua.exe -a C:\Users\Dios\Downloads\setup(1).exe -d C:\Users\Dios\Downloads
Task: {6B6B1663-4E77-4477-B035-50E11065C3C9} - System32\Tasks\{FFE2CB74-D788-4D21-BF63-179CDAFFAC79} => pcalua.exe -a "C:\Users\Dios\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2HS9EG6L\setup (1).exe" -d C:\Users\Dios\Desktop
Task: {6EC465ED-4ED8-4243-AAD0-B0099DCB0688} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {73699B69-355D-44AC-ABF6-65F37806389F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {7BCE7805-937D-4253-A665-B812D4239A0B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {89B17A91-70C4-43F0-AA9F-E146FBB747AE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {A19FAF4F-634B-47CD-864F-B26BEE24A121} - System32\Tasks\{E1C70DDC-32BA-4136-A49A-5C045321F25F} => pcalua.exe -a "C:\Users\Dios\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KBX0RBYK\setup.exe" -d C:\Users\Dios\Desktop
Task: {A7347BBA-B303-454E-825B-ADFDE08C571A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-09] (Google Inc.)
Task: {C8C351ED-5619-4833-A61A-20B2367E6525} - System32\Tasks\{268E1EE0-42FD-4B44-9333-7BCD88F8A02F} => pcalua.exe -a C:\Users\Dios\Downloads\setup(3).exe -d C:\Users\Dios\Downloads
Task: {E189E19D-5F0D-4762-8CF8-C6917C5066B2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F8FD7813-91EE-4334-8F05-3820DD9C61EC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F9A298AD-FC4D-418B-8C5B-6B2A472C1A13} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:A66CF953 [187]
AlternateDataStreams: C:\ProgramData\TEMP:C05ABBB5 [156]
FirewallRules: [{F1F9D9CF-0B24-46C4-8A09-9B79EE999573}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller(1).exe
FirewallRules: [{6FBF6BAE-31AE-481C-886B-CF7E583CE24E}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller(1).exe
FirewallRules: [{D85EF344-42D8-4474-BADC-A61B7E1456A1}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller.exe
FirewallRules: [{01DE0466-9EA5-4F9E-8143-2212DD0804A5}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller.exe
end
*****************
Restore point was successfully created.
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{BFC32E1D-EE75-4A48-BC60-104E11EE2431} => value removed successfully
HKCR\Wow6432Node\CLSID\{BFC32E1D-EE75-4A48-BC60-104E11EE2431} => key not found.
HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect => key removed successfully
HKLM\System\CurrentControlSet\Services\NAVENG => could not remove key. Access Denied.
HKLM\System\CurrentControlSet\Services\NAVEX15 => could not remove key. Access Denied.
HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-4E247109415D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0EB3F797-3153-42EE-83F8-33A48FEF6CD3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0EB3F797-3153-42EE-83F8-33A48FEF6CD3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{387C4F88-E263-4B19-B26C-1C604AFFFE4A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{387C4F88-E263-4B19-B26C-1C604AFFFE4A} => key removed successfully
C:\WINDOWS\System32\Tasks\{FF1B34E8-53F3-4B17-8202-37D9E19CE6F7} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FF1B34E8-53F3-4B17-8202-37D9E19CE6F7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4051F94C-B1E1-4D1B-B782-1DA823DD1C00} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4051F94C-B1E1-4D1B-B782-1DA823DD1C00} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4DFBF331-BD08-4581-B1AE-AA7A9A412324} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DFBF331-BD08-4581-B1AE-AA7A9A412324} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{553D8821-C40C-4A33-A2D0-BE488D981A4E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{553D8821-C40C-4A33-A2D0-BE488D981A4E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{655696FD-6E0F-40F7-8494-63FF9EB6E048} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{655696FD-6E0F-40F7-8494-63FF9EB6E048} => key removed successfully
C:\WINDOWS\System32\Tasks\{69C21F3A-A387-47D0-AC54-2EA612C38533} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{69C21F3A-A387-47D0-AC54-2EA612C38533} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B6B1663-4E77-4477-B035-50E11065C3C9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B6B1663-4E77-4477-B035-50E11065C3C9} => key removed successfully
C:\WINDOWS\System32\Tasks\{FFE2CB74-D788-4D21-BF63-179CDAFFAC79} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FFE2CB74-D788-4D21-BF63-179CDAFFAC79} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6EC465ED-4ED8-4243-AAD0-B0099DCB0688} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6EC465ED-4ED8-4243-AAD0-B0099DCB0688} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73699B69-355D-44AC-ABF6-65F37806389F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73699B69-355D-44AC-ABF6-65F37806389F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7BCE7805-937D-4253-A665-B812D4239A0B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BCE7805-937D-4253-A665-B812D4239A0B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89B17A91-70C4-43F0-AA9F-E146FBB747AE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89B17A91-70C4-43F0-AA9F-E146FBB747AE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A19FAF4F-634B-47CD-864F-B26BEE24A121} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A19FAF4F-634B-47CD-864F-B26BEE24A121} => key removed successfully
C:\WINDOWS\System32\Tasks\{E1C70DDC-32BA-4136-A49A-5C045321F25F} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E1C70DDC-32BA-4136-A49A-5C045321F25F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A7347BBA-B303-454E-825B-ADFDE08C571A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7347BBA-B303-454E-825B-ADFDE08C571A} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8C351ED-5619-4833-A61A-20B2367E6525} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8C351ED-5619-4833-A61A-20B2367E6525} => key removed successfully
C:\WINDOWS\System32\Tasks\{268E1EE0-42FD-4B44-9333-7BCD88F8A02F} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{268E1EE0-42FD-4B44-9333-7BCD88F8A02F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E189E19D-5F0D-4762-8CF8-C6917C5066B2} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E189E19D-5F0D-4762-8CF8-C6917C5066B2} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F8FD7813-91EE-4334-8F05-3820DD9C61EC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8FD7813-91EE-4334-8F05-3820DD9C61EC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F9A298AD-FC4D-418B-8C5B-6B2A472C1A13} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9A298AD-FC4D-418B-8C5B-6B2A472C1A13} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully.
C:\ProgramData\TEMP => ":A66CF953" ADS removed successfully.
C:\ProgramData\TEMP => ":C05ABBB5" ADS removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F1F9D9CF-0B24-46C4-8A09-9B79EE999573} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6FBF6BAE-31AE-481C-886B-CF7E583CE24E} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D85EF344-42D8-4474-BADC-A61B7E1456A1} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{01DE0466-9EA5-4F9E-8143-2212DD0804A5} => value removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10692428 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 49693339 B
Java, Flash, Steam htmlcache => 825 B
Windows/system/drivers => 105806 B
Edge => 200 B
Chrome => 100352 B
Firefox => 177981076 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6866 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 37168 B
LocalService => 57914417 B
NetworkService => 0 B
Dios => 22314984 B
DefaultAppPool => 6866 B
RecycleBin => 0 B
EmptyTemp: => 304.1 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 03-03-2017 06:55:38)
Result of scheduled keys to remove after reboot:
HKLM\System\CurrentControlSet\Services\NAVENG => could not remove key. Access Denied.
HKLM\System\CurrentControlSet\Services\NAVEX15 => could not remove key. Access Denied.
==== End of Fixlog 06:55:38 ====
Ran by Dios (03-03-2017 06:47:19) Run:2
Running from C:\Users\Dios\Desktop
Loaded Profiles: Dios (Available Profiles: Dios & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
Hosts:
EmptyTemp:
HKLM-x32\...\Run: [] => [X]
GroupPolicyScripts: Restriction <======= ATTENTION
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.tipmatchbets.com/?cz&page=di ... egory=chat
Toolbar: HKLM-x32 - No Name - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\EX64.SYS [X]
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-4E247109415D}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
Task: {0EB3F797-3153-42EE-83F8-33A48FEF6CD3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {387C4F88-E263-4B19-B26C-1C604AFFFE4A} - System32\Tasks\{FF1B34E8-53F3-4B17-8202-37D9E19CE6F7} => pcalua.exe -a "C:\Users\Dios\Downloads\setup (1).exe" -d C:\Users\Dios\Desktop
Task: {4051F94C-B1E1-4D1B-B782-1DA823DD1C00} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4DFBF331-BD08-4581-B1AE-AA7A9A412324} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {553D8821-C40C-4A33-A2D0-BE488D981A4E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {655696FD-6E0F-40F7-8494-63FF9EB6E048} - System32\Tasks\{69C21F3A-A387-47D0-AC54-2EA612C38533} => pcalua.exe -a C:\Users\Dios\Downloads\setup(1).exe -d C:\Users\Dios\Downloads
Task: {6B6B1663-4E77-4477-B035-50E11065C3C9} - System32\Tasks\{FFE2CB74-D788-4D21-BF63-179CDAFFAC79} => pcalua.exe -a "C:\Users\Dios\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2HS9EG6L\setup (1).exe" -d C:\Users\Dios\Desktop
Task: {6EC465ED-4ED8-4243-AAD0-B0099DCB0688} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {73699B69-355D-44AC-ABF6-65F37806389F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {7BCE7805-937D-4253-A665-B812D4239A0B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {89B17A91-70C4-43F0-AA9F-E146FBB747AE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {A19FAF4F-634B-47CD-864F-B26BEE24A121} - System32\Tasks\{E1C70DDC-32BA-4136-A49A-5C045321F25F} => pcalua.exe -a "C:\Users\Dios\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KBX0RBYK\setup.exe" -d C:\Users\Dios\Desktop
Task: {A7347BBA-B303-454E-825B-ADFDE08C571A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-09] (Google Inc.)
Task: {C8C351ED-5619-4833-A61A-20B2367E6525} - System32\Tasks\{268E1EE0-42FD-4B44-9333-7BCD88F8A02F} => pcalua.exe -a C:\Users\Dios\Downloads\setup(3).exe -d C:\Users\Dios\Downloads
Task: {E189E19D-5F0D-4762-8CF8-C6917C5066B2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F8FD7813-91EE-4334-8F05-3820DD9C61EC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F9A298AD-FC4D-418B-8C5B-6B2A472C1A13} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:A66CF953 [187]
AlternateDataStreams: C:\ProgramData\TEMP:C05ABBB5 [156]
FirewallRules: [{F1F9D9CF-0B24-46C4-8A09-9B79EE999573}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller(1).exe
FirewallRules: [{6FBF6BAE-31AE-481C-886B-CF7E583CE24E}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller(1).exe
FirewallRules: [{D85EF344-42D8-4474-BADC-A61B7E1456A1}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller.exe
FirewallRules: [{01DE0466-9EA5-4F9E-8143-2212DD0804A5}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller.exe
end
*****************
Restore point was successfully created.
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{BFC32E1D-EE75-4A48-BC60-104E11EE2431} => value removed successfully
HKCR\Wow6432Node\CLSID\{BFC32E1D-EE75-4A48-BC60-104E11EE2431} => key not found.
HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect => key removed successfully
HKLM\System\CurrentControlSet\Services\NAVENG => could not remove key. Access Denied.
HKLM\System\CurrentControlSet\Services\NAVEX15 => could not remove key. Access Denied.
HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-4E247109415D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0EB3F797-3153-42EE-83F8-33A48FEF6CD3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0EB3F797-3153-42EE-83F8-33A48FEF6CD3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{387C4F88-E263-4B19-B26C-1C604AFFFE4A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{387C4F88-E263-4B19-B26C-1C604AFFFE4A} => key removed successfully
C:\WINDOWS\System32\Tasks\{FF1B34E8-53F3-4B17-8202-37D9E19CE6F7} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FF1B34E8-53F3-4B17-8202-37D9E19CE6F7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4051F94C-B1E1-4D1B-B782-1DA823DD1C00} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4051F94C-B1E1-4D1B-B782-1DA823DD1C00} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4DFBF331-BD08-4581-B1AE-AA7A9A412324} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DFBF331-BD08-4581-B1AE-AA7A9A412324} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{553D8821-C40C-4A33-A2D0-BE488D981A4E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{553D8821-C40C-4A33-A2D0-BE488D981A4E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{655696FD-6E0F-40F7-8494-63FF9EB6E048} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{655696FD-6E0F-40F7-8494-63FF9EB6E048} => key removed successfully
C:\WINDOWS\System32\Tasks\{69C21F3A-A387-47D0-AC54-2EA612C38533} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{69C21F3A-A387-47D0-AC54-2EA612C38533} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B6B1663-4E77-4477-B035-50E11065C3C9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B6B1663-4E77-4477-B035-50E11065C3C9} => key removed successfully
C:\WINDOWS\System32\Tasks\{FFE2CB74-D788-4D21-BF63-179CDAFFAC79} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FFE2CB74-D788-4D21-BF63-179CDAFFAC79} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6EC465ED-4ED8-4243-AAD0-B0099DCB0688} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6EC465ED-4ED8-4243-AAD0-B0099DCB0688} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73699B69-355D-44AC-ABF6-65F37806389F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73699B69-355D-44AC-ABF6-65F37806389F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7BCE7805-937D-4253-A665-B812D4239A0B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BCE7805-937D-4253-A665-B812D4239A0B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89B17A91-70C4-43F0-AA9F-E146FBB747AE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89B17A91-70C4-43F0-AA9F-E146FBB747AE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A19FAF4F-634B-47CD-864F-B26BEE24A121} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A19FAF4F-634B-47CD-864F-B26BEE24A121} => key removed successfully
C:\WINDOWS\System32\Tasks\{E1C70DDC-32BA-4136-A49A-5C045321F25F} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E1C70DDC-32BA-4136-A49A-5C045321F25F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A7347BBA-B303-454E-825B-ADFDE08C571A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7347BBA-B303-454E-825B-ADFDE08C571A} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8C351ED-5619-4833-A61A-20B2367E6525} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8C351ED-5619-4833-A61A-20B2367E6525} => key removed successfully
C:\WINDOWS\System32\Tasks\{268E1EE0-42FD-4B44-9333-7BCD88F8A02F} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{268E1EE0-42FD-4B44-9333-7BCD88F8A02F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E189E19D-5F0D-4762-8CF8-C6917C5066B2} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E189E19D-5F0D-4762-8CF8-C6917C5066B2} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F8FD7813-91EE-4334-8F05-3820DD9C61EC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8FD7813-91EE-4334-8F05-3820DD9C61EC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F9A298AD-FC4D-418B-8C5B-6B2A472C1A13} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9A298AD-FC4D-418B-8C5B-6B2A472C1A13} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully.
C:\ProgramData\TEMP => ":A66CF953" ADS removed successfully.
C:\ProgramData\TEMP => ":C05ABBB5" ADS removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F1F9D9CF-0B24-46C4-8A09-9B79EE999573} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6FBF6BAE-31AE-481C-886B-CF7E583CE24E} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D85EF344-42D8-4474-BADC-A61B7E1456A1} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{01DE0466-9EA5-4F9E-8143-2212DD0804A5} => value removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10692428 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 49693339 B
Java, Flash, Steam htmlcache => 825 B
Windows/system/drivers => 105806 B
Edge => 200 B
Chrome => 100352 B
Firefox => 177981076 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6866 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 37168 B
LocalService => 57914417 B
NetworkService => 0 B
Dios => 22314984 B
DefaultAppPool => 6866 B
RecycleBin => 0 B
EmptyTemp: => 304.1 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 03-03-2017 06:55:38)
Result of scheduled keys to remove after reboot:
HKLM\System\CurrentControlSet\Services\NAVENG => could not remove key. Access Denied.
HKLM\System\CurrentControlSet\Services\NAVEX15 => could not remove key. Access Denied.
==== End of Fixlog 06:55:38 ====
Re: Prosím o kontrolu logu
Stáhni AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Ulož na plochu
Ukonči všechny programy
Klikni nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vlož.
nasledne tento tool MBAM: http://forum.viry.cz/viewtopic.php?f=29&t=144868
-Nainstaluj,dej úplný sken
-Log zkopíruj sem.
Ulož na plochu
Ukonči všechny programy
Klikni nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vlož.
nasledne tento tool MBAM: http://forum.viry.cz/viewtopic.php?f=29&t=144868
-Nainstaluj,dej úplný sken
-Log zkopíruj sem.
Re: Prosím o kontrolu logu
Ahoj, posílám logy:
# AdwCleaner v6.044 - Logfile created 03/03/2017 at 08:34:43
# Updated on 28/02/2017 by Malwarebytes
# Database : 2017-03-02.1 [Server]
# Operating System : Windows 10 Pro (X64)
# Username : Dios - SPIKL
# Running from : C:\Users\Dios\Desktop\adwcleaner_6.044.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder deleted: C:\ProgramData\apn
[-] Folder deleted: C:\Users\Dios\AppData\Local\Geckofx
***** [ Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
[-] Firefox preferences cleaned: "browser.search.hiddenOneOffs" - "Seznam,DuckDuckGo,Heuréka,Mapy.cz,Slunečnice,Wikipedie (cs)"
[-] [C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: slunecnice.cz
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1709 Bytes] - [28/06/2016 20:32:10]
C:\AdwCleaner\AdwCleaner[C2].txt - [1163 Bytes] - [03/03/2017 08:34:43]
C:\AdwCleaner\AdwCleaner[R0].txt - [1035 Bytes] - [01/12/2015 09:49:16]
C:\AdwCleaner\AdwCleaner[S0].txt - [1094 Bytes] - [01/12/2015 09:55:30]
C:\AdwCleaner\AdwCleaner[S1].txt - [1510 Bytes] - [28/06/2016 20:28:40]
C:\AdwCleaner\AdwCleaner[S2].txt - [1714 Bytes] - [03/03/2017 08:33:51]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1528 Bytes] ##########
# AdwCleaner v6.044 - Logfile created 03/03/2017 at 08:34:43
# Updated on 28/02/2017 by Malwarebytes
# Database : 2017-03-02.1 [Server]
# Operating System : Windows 10 Pro (X64)
# Username : Dios - SPIKL
# Running from : C:\Users\Dios\Desktop\adwcleaner_6.044.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder deleted: C:\ProgramData\apn
[-] Folder deleted: C:\Users\Dios\AppData\Local\Geckofx
***** [ Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
[-] Firefox preferences cleaned: "browser.search.hiddenOneOffs" - "Seznam,DuckDuckGo,Heuréka,Mapy.cz,Slunečnice,Wikipedie (cs)"
[-] [C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: slunecnice.cz
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1709 Bytes] - [28/06/2016 20:32:10]
C:\AdwCleaner\AdwCleaner[C2].txt - [1163 Bytes] - [03/03/2017 08:34:43]
C:\AdwCleaner\AdwCleaner[R0].txt - [1035 Bytes] - [01/12/2015 09:49:16]
C:\AdwCleaner\AdwCleaner[S0].txt - [1094 Bytes] - [01/12/2015 09:55:30]
C:\AdwCleaner\AdwCleaner[S1].txt - [1510 Bytes] - [28/06/2016 20:28:40]
C:\AdwCleaner\AdwCleaner[S2].txt - [1714 Bytes] - [03/03/2017 08:33:51]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1528 Bytes] ##########
Re: Prosím o kontrolu logu
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 03.03.17
Čas skenování: 17:09
Logovací soubor: mbam.txt
Správce: Ano
-Informace o softwaru-
Verze: 3.0.6.1469
Verze komponentů: 1.0.75
Aktualizovat verzi balíku komponent: 1.0.1417
Licence: Zkušební
-Systémová informace-
OS: Windows 10
CPU: x64
Systém souborů: NTFS
Uživatel: SPIKL\Dios
-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 649534
Uplynulý čas: 5 hod, 8 min, 37 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 1
PUP.Optional.DriverIdentifier, HKLM\SOFTWARE\CLASSES\driveruploader, V karanténě, [3272], [368278],1.0.1417
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 1
PUP.Optional.DriverIdentifier, C:\Users\Dios\AppData\Roaming\driveridentifier, V karanténě, [3272], [368279],1.0.1417
Soubor: 2
PUP.Optional.DriverIdentifier, C:\Users\Dios\AppData\Roaming\driveridentifier\log.txt, V karanténě, [3272], [368279],1.0.1417
PUP.Optional.InstallCore, C:\PROGRAMDATA\MARTAU\TOTAL UNINSTALL 6\BACKUP\SMART FILE ADVISOR 1.1.8.ANALYZED.ZIP, V karanténě, [8], [300952],1.0.1417
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 03.03.17
Čas skenování: 17:09
Logovací soubor: mbam.txt
Správce: Ano
-Informace o softwaru-
Verze: 3.0.6.1469
Verze komponentů: 1.0.75
Aktualizovat verzi balíku komponent: 1.0.1417
Licence: Zkušební
-Systémová informace-
OS: Windows 10
CPU: x64
Systém souborů: NTFS
Uživatel: SPIKL\Dios
-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 649534
Uplynulý čas: 5 hod, 8 min, 37 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 1
PUP.Optional.DriverIdentifier, HKLM\SOFTWARE\CLASSES\driveruploader, V karanténě, [3272], [368278],1.0.1417
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 1
PUP.Optional.DriverIdentifier, C:\Users\Dios\AppData\Roaming\driveridentifier, V karanténě, [3272], [368279],1.0.1417
Soubor: 2
PUP.Optional.DriverIdentifier, C:\Users\Dios\AppData\Roaming\driveridentifier\log.txt, V karanténě, [3272], [368279],1.0.1417
PUP.Optional.InstallCore, C:\PROGRAMDATA\MARTAU\TOTAL UNINSTALL 6\BACKUP\SMART FILE ADVISOR 1.1.8.ANALYZED.ZIP, V karanténě, [8], [300952],1.0.1417
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Re: Prosím o kontrolu logu
jak se chova pc?
Re: Prosím o kontrolu logu
Je to lepší, třeba ten excel už vypadá že je OK. Jinak stále pomalejší náběh Mozilly, Outlooku, Průzkumníka......
U té Mozilly trvá samotné otevření okna, následně trvá než se vůbec načte dom.stránka. Včera zamrzl FlashPlayer a nešel ukončit ani ve správci.
Díky.
U té Mozilly trvá samotné otevření okna, následně trvá než se vůbec načte dom.stránka. Včera zamrzl FlashPlayer a nešel ukončit ani ve správci.
Díky.
Re: Prosím o kontrolu logu
vytvor prosim znovu logy ( oba) z FRST.
Re: Prosím o kontrolu logu
Log FRTS se neobjevil (prázdný text.dokument). Vkládám zatím pouze Addition log a frts bude následovat.
Díky
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-03-2017
Ran by Dios (05-03-2017 17:16:03)
Running from C:\Users\Dios\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-15 07:12:12)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2675517426-136286855-1641891982-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2675517426-136286855-1641891982-503 - Limited - Disabled)
Dios (S-1-5-21-2675517426-136286855-1641891982-1001 - Administrator - Enabled) => C:\Users\Dios
Guest (S-1-5-21-2675517426-136286855-1641891982-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2675517426-136286855-1641891982-1007 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Disabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Internet Security (Disabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.0.2 - )
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.12 - ArcSoft)
ArcSoft TotalMedia (x32 Version: 1.0.48.25 - ArcSoft) Hidden
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft)
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.8.0.0182 - Disc Soft Ltd)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bentley V8i (SELECTseries 3) - Autodesk® RealDWG™ 2014 (HKLM-x32\...\{23E55F00-CE7A-4860-AF2A-69F3A5F8E54A}) (Version: 08.11.09.459 - Bentley Systems, Incorporated)
Bentley View V8i (SELECTseries 3) 08.11.09.459 (HKLM-x32\...\{ED98991E-E69D-44E1-828F-3F1C23FD95E0}) (Version: 08.11.09.459 - Bentley Systems, Incorporated)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.02.000.55 - Atheros Communications)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Build Trial Package (HKLM-x32\...\{09A9CD6B-8C7B-43C1-B05D-02087226EA41}) (Version: 1.4.0 - Software Imaging)
Business Functions (HKLM-x32\...\Business Functions_is1) (Version: - Business Functions Ltd)
C310 (x32 Version: 140.0.304.000 - Hewlett-Packard) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 2 (x32 Version: 1.00.0000 - Activision) Hidden
Canon MF Toolbox 4.9.1.1.mf12 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf12 - CANON INC.)
Canon MF5900 Series (HKLM\...\{47C39213-7CE2-4eb0-A112-11671C0072A0}) (Version: 3.9.0.0 - CANON INC.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Corel Applications (HKLM-x32\...\Corel Applications) (Version: - )
Cortona3D Viewer (HKLM\...\{DEACDFFA-D424-416F-B849-FA282F55B2CE}) (Version: 7.0.188 - ParallelGraphics)
CryptoPlus CS v1.0e (HKLM-x32\...\CryptoPlus CS v1.0e) (Version: 2.0.8 - Monet+,a.s.)
CryptoPlus CS v1.0e x64 (HKLM\...\CryptoPlus CS v1.0e) (Version: 2.0.8 - Monet+,a.s.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0002 - Microsoft Corporation)
DIY DataRecovery CHK-Mate (HKLM-x32\...\CHK-Mate_is1) (Version: 1.0 - DIY DataRecovery.nl)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DraftSight x64 (HKLM\...\{18D88174-BDBF-4BBF-B05C-3C75F609E44A}) (Version: 12.1.1077 - Dassault Systemes)
EGR-ShellExtension (HKLM-x32\...\EGR-ShellExtension) (Version: 1.2.0.101 - EasternGraphics)
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 17.101 (20170201_17) - CÍGLER SOFTWARE, a.s.)
Elevated Installer (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Evernote v. 5.6.4 (HKLM-x32\...\{DFDF0BE2-2D71-11E4-9454-00163E98E7D6}) (Version: 5.6.4.4632 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Firebird 1.5.5 (HKLM-x32\...\FBDBServer_1_5_is1) (Version: - Firebird Project)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{9fbf4745-0038-4ed3-aee1-87af9b9ef8f1}) (Version: 5.1.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Pro (HKLM-x32\...\{5BAA8884-F661-464B-B5B2-5C6C632BFC21}) (Version: 7.1.4.1529 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP 3D DriveGuard (HKLM\...\{04927A60-31CD-4614-A25C-055B1AD3A8CE}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP DayStarter (HKLM\...\{483D5A49-A26B-4CB8-AA2D-0D1811322061}) (Version: 2.0.0.12 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6A9C9BE1-14A3-42ED-A388-42E30A1412E9}) (Version: 1.2.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{B1FE3DA1-15C1-4AEB-85A6-883F8C4AFD42}) (Version: 2.0.2.1 - Hewlett-Packard Company)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP HotKey Support (HKLM\...\{7D1C63D1-6520-49DA-B738-958133526E80}) (Version: 4.0.10.1 - Hewlett-Packard Company)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP LaserJet 400 MFP M425 (HKLM-x32\...\{568705AA-DD8A-4134-B8B9-9609721FBBCE}) (Version: 15.0.15188.1460 - Hewlett-Packard)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
HP Photo Creations (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\HP Photo Creations) (Version: 1.0.0.17422 - HP)
HP Photosmart Prem C310 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{4E484899-4F93-4086-88BA-56BDDF47A776}) (Version: 14.0 - HP)
HP Power Assistant (HKLM\...\{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}) (Version: 2.0.2.0 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{6B5E7B4F-64A2-4DEB-B210-0DD92F940A01}) (Version: 3.0.3.9925 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP SoftPaq Download Manager (HKLM-x32\...\{FE465061-894A-4023-8580-56FCDD4F23F9}) (Version: 3.4.4.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{03619AEC-00EE-43CB-9F4F-25BE4C8C90D2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.3.50.9 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{E1BB50BA-7CCB-47CD-9FE3-03AAE6EEF862}) (Version: 12.5.32.203 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{EE5F1911-EA95-4F1A-AF97-495972F5032D}) (Version: 2.4.3.1 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50058.0 - Sonix)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM425DSService (x32 Version: 001.001.05874 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPDXP (x32 Version: 3.0.26.11 - HP) Hidden
HPLaserJet400MFP-M425_HelpLearnCenter_SI (HKLM-x32\...\{55D8D1AB-94C2-498F-A165-608B834A30EA}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJDXPHelper (x32 Version: 140.069.007 - HP) Hidden
HPLJUTCore (x32 Version: 014.000.0001 - HP) Hidden
HPLJUTM425 (x32 Version: 3.00.0003 - HP) Hidden
hppFaxDrvM425 (x32 Version: 003.000.00002 - Hewlett-Packard) Hidden
hppFaxDrvM425 (x32 Version: 004.000.00001 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM425LaserJetService (x32 Version: 001.019.00639 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
hppSendFaxM425 (x32 Version: 003.000.00002 - Hewlett-Packard) Hidden
hppSendFaxM425 (x32 Version: 004.000.00001 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 140.040.00231 - Hewlett Packard) Hidden
hpStatusAlertsM425 (x32 Version: 050.034.00131 - Hewlett-Packard) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
iCloud (HKLM\...\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}) (Version: 6.1.2.13 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
Incomedia WebSite X5 v11 - Home (HKLM-x32\...\{C5743DB8-7BDF-47D3-8D41-0BBD487B48A1}_is1) (Version: 11.0.6.27 - Incomedia s.r.l.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2559 - Intel Corporation)
InterBase 6 Client Open Edition - 6.0.2.0 (HKLM-x32\...\InterBase 6 Client Open Edition - 6.0.2.0) (Version: - InterBase Installation Info)
Internet Manager (HKLM-x32\...\Tmobile_Czech Estoril Internet Manager_is1) (Version: - T-mobile)
iPhone Converter version 1.3.2.0 (HKLM\...\{B27852AB-618E-4879-AEBF-D183F25543E8}_is1) (Version: - )
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
Knihovna TurboFLOORPLANu (HKLM-x32\...\TurboFloorPlan-5.0.0) (Version: 5.0 - Špinar software s.r.o.)
KROSplus (HKLM-x32\...\{5553C7DB-998F-4029-9E7E-F323A326C4B8}) (Version: 13.00 - KROS a.s.)
Licenční server verze 3.002 (HKLM-x32\...\Licenční server verze 3.002) (Version: - )
LJDXPHelperUI (x32 Version: 140.069.007 - HP) Hidden
Magic Academy 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes verze 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft CAPICOM 2.1.0.2 SDK (HKLM-x32\...\{2FF43F5D-5729-4E02-A548-310E30A5F29B}) (Version: 2.1.0.2 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Project Professional 2003 (HKLM-x32\...\{903B0405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 CSY (HKLM\...\{0A8A841B-29C4-4947-BF59-241216B4D904}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ Run Time Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Mobipocket Creator 4.2 (HKLM-x32\...\{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}) (Version: 4.2.41 - Mobipocket.com)
Mobipocket Reader 6.2 (HKLM-x32\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Mozilla Firefox 51.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 cs)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
NemKalk 7.13 (HKLM-x32\...\NemKalk7_is1) (Version: - )
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nitro Pro 8 (HKLM\...\{522D6D76-B109-4C83-BA3C-D26D08391EBC}) (Version: 8.0.10.7 - Nitro)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Norton Internet Security (HKLM-x32\...\NIS) (Version: 22.9.0.71 - Symantec Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
pCon.planner STD (64 bit) (HKLM\...\{6DDB6C07-B345-4B5F-B573-EE9DAEEB328C}) (Version: 7.3.0.104 - EasternGraphics)
PČS SmartClient (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\ee485056d1c5a354) (Version: 2.1.9.10 - Pojišťovna České spořitelny)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.33 - PDF Complete, Inc)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.316.1 - Tracker Software Products Ltd)
PDF-XChange 4 Pro (HKLM\...\{E38531EE-318C-4EFB-A36B-1A57BFBDAB3C}_is1) (Version: 4.199.199.0 - Tracker Software Products Ltd)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Poker at bet365 (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\bet365poker) (Version: - )
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poradce, verze 1.38/1 (HKLM-x32\...\Hledik - Poradce) (Version: 1.38/1 - )
PS_AIO_07_C310_SW_Min (x32 Version: 140.0.304.000 - Hewlett-Packard) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.58.411.2012 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.36.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.36.0 - Renesas Electronics Corporation) Hidden
RTS Stavitel+ 2014 (HKLM-x32\...\RTS Stavitel+_is1) (Version: - )
RTS Stavitel+ 2016 (HKLM-x32\...\RTS Stavitel +_is1) (Version: 2016 - RTS, a.s.)
Safari (HKLM-x32\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 1.0.1 - HP)
SDK (x32 Version: 2.24.025 - Portrait Displays, Inc.) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Simulace_PCS (HKLM-x32\...\{FA632E53-37C3-44E4-BAE7-AEC897066D98}) (Version: 1.0.0 - Microsoft)
SketchUp 8 (HKLM-x32\...\{8EB62C87-AAA6-4850-A5BC-64155884B973}) (Version: 3.0.16846 - Trimble Navigation Limited)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
SmartMaps OCX pro Money S3, verze 2.0.2.5 (HKLM-x32\...\OCXMaps_is1) (Version: 2.0.2.5 - PLANstudio s.r.o.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Software602 Form Filler (HKLM-x32\...\{00160B3F-653A-4EA7-947E-4000D3551E9E}) (Version: 4.60 - Software602 a.s.)
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
SpellForce (HKLM-x32\...\SpellForce) (Version: SpellForce v1.52 - JoWooD Productions Software AG)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.0 - Synaptics Incorporated)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\GOGPACKWITCHEREEDC_is1) (Version: 2.0.0.12 - GOG.com)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Total Uninstall 6.14.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.14.0 - Gavrila Martau)
TP-LINK Wireless Client Utility (HKLM-x32\...\{3BD98AAF-61B5-46E0-A6C8-593C242C7C48}) (Version: 7.0 - TP-LINK)
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
TurboFloorPlan 3D Home and Landscape Pro 2015 (HKLM-x32\...\{0BD6EB74-8B4F-4D3A-89B6-3F6CDEB024E0}) (Version: 17.5.5 - IMSI Design, LLC)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Update Manager (x32 Version: 4.60 - Corel Corporation) Hidden
Validity Fingerprint Sensor Driver (HKLM\...\{61D3AB5C-02B5-47FC-906A-C49A0954C7C6}) (Version: 4.3.126.0 - Validity Sensors, Inc.)
VIP Access SDK x64(1.0.0.50) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.0.50 - Symantec Inc.)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{c77bad57-f913-4ac3-9061-6dfd6c0aa40a}) (Version: 1.3.0.16 - Western Digital Technologies, Inc.)
WD Drive Utilities (x32 Version: 1.3.0.16 - Western Digital Technologies, Inc.) Hidden
WD Quick View (HKLM-x32\...\{D5DEF2D5-FE04-484D-A6C9-2A105443F56A}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{83270912-15C7-4336-822E-E8F1B1BBCA60}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{72fda14f-5a07-49d5-b7f7-202377e9b522}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
WhatsApp (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\WhatsApp) (Version: 0.2.936 - WhatsApp)
WildTangent Games App for HP (x32 Version: 4.0.11.14 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )
World Cup Cricket 20-20 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Xobni (HKLM-x32\...\XobniMain) (Version: 1.9.5.13282 - Xobni Corp.)
Xobni Core (x32 Version: 1.0.0 - Xobni, Inc.) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{6614FE97-812C-4B8B-AD6F-83D07279BF02}\InprocServer32 -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna, a.s.)
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{8616ED07-7CEA-47D2-912D-79BF20C02290}\InprocServer32 -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna, a.s.)
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{DEDBE4C9-9E87-40C5-B437-9AAB7EB9C667}\InprocServer32 -> C:\Program Files (x86)\EasternGraphics\EGR-ShellExtension\Win64\egr_se.dll (EasternGraphics)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0D14F5E4-34D1-4B83-9EBA-076F63DA92EC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {106E7DD4-E989-4692-8C55-5BBD2F763B40} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {11CD153F-E397-42E8-A7B0-10FAE7C11B2C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {13AC7145-1FBA-46A7-A3A9-C97140E8677A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {19DBF2CF-532C-4BDE-B83D-96A86004AEC5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {1CF937A7-D431-4525-A15C-B73D4FDEF5D9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-09] (Google Inc.)
Task: {1FDB43C4-6513-4AFC-AD54-9DDD0CFCA801} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
Task: {21648002-EF6B-4979-AFB9-4E42A76800E2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {2397CEB9-5D33-42A2-9054-38AB725F53C4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {28C80EA7-8FB6-47D6-9357-2F0951D02257} - System32\Tasks\{EF787000-3D6D-4AE4-BEE9-9052554AC2C3} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {28FDF4E0-7377-419E-BB38-80438399D8B9} - System32\Tasks\{EE6F22C5-F4D1-4C67-9E35-791420DD6AA0} => pcalua.exe -a C:\Users\Dios\Downloads\money-s3-15001-cz.exe
Task: {2A14E61F-A20C-454D-8EAB-31EBAC488FE3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {2BC2DF81-B4CB-4D10-A2EB-D15B5C47C91F} - System32\Tasks\{FE3F8665-DAE0-4E76-B886-ACC0EAAB75FB} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {2CC8864E-8C66-45D9-858F-377810887C2A} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2014-10-19] (Hewlett Packard)
Task: {2D9BAFA4-EFE4-44AA-A2B8-DDF5C072EDAA} - System32\Tasks\{58F91570-BD51-4FA2-8CE0-39BAFF42BD10} => pcalua.exe -a C:\Users\Dios\Downloads\KROS\setup.exe -d C:\Users\Dios\Downloads\KROS
Task: {2DCD9098-44E9-4E30-B5C4-ACF669EE1AD1} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {2E46169E-0629-4BA9-BC81-5E8195E25116} - System32\Tasks\{C2E35031-C64B-4A5E-8CC9-BEF6E2FAD49B} => pcalua.exe -a C:\Users\Dios\Downloads\lhm.exe -d C:\Users\Dios\Downloads
Task: {2EB7BB99-4969-4C42-9D95-F35ACA0AB939} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3FEBE1CC-4573-4376-AE0E-B5E1C6545F44} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-wintip77@seznam.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07] (Adobe Systems Incorporated)
Task: {44301198-A6A4-40F8-AA1C-1CA5DB4FE74E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {453A5020-823E-4BDC-AF4E-5F06EB0AA7F6} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {48CEFDD3-610C-4EC9-ADA5-7B4FDDA0F57F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {4926A6CF-84ED-42B1-B37B-4C9D50F95633} - System32\Tasks\{11E919B2-5102-4BBB-8FE1-18624ACE226F} => pcalua.exe -a "C:\Program Files\Kooperativa\Isos\Isos.exe" -d "C:\Program Files\Kooperativa\Isos"
Task: {4CA41BB2-25BD-4C62-8CF7-D4A37FC2CD55} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-01] (Adobe Systems Incorporated)
Task: {53C6A5A5-C9F0-4450-A84C-B8A379CF9F83} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {543BF91C-250C-4DA8-9180-692E914C7A95} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {5B3C61DB-82EF-4C41-B146-F70F7614C9FF} - System32\Tasks\{937AA0AD-51E2-42F1-AE16-88C6D955819C} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {5C501CBF-C134-4AB3-9C12-EF945C9DD8CB} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {617236B5-E2D1-4937-8F2C-561FC673DC46} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {68E0BF27-F7C4-43F4-94C3-2AEAFAD659A3} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {73A0A03A-E7C8-4260-8714-7CCE42763C8F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {759DC2FE-59D0-449E-9D0D-1197160407BE} - System32\Tasks\{697CE3AF-4540-465F-B96D-5A33DEFA1F4E} => pcalua.exe -a C:\Users\Dios\Downloads\KoopP7BNExtern(1).exe -d C:\Users\Dios\Downloads
Task: {77539CF2-CB8F-401F-B9FA-D1BD30F8ED4E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {81A6567A-DDCA-4B5A-A18C-3E9AAC439B9A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-02-10] (HP Inc.)
Task: {8448FD24-8653-446F-8CCC-1793C2FF091D} - System32\Tasks\{B3B1FFFB-DC50-44A3-9C1E-827F3A87E88E} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {8C00EF0D-FA6C-4CE0-AC32-84BF692B83F9} - System32\Tasks\{B0ED6832-3EA1-43CA-894A-3F21177A2A2B} => pcalua.exe -a "C:\Users\Public\Documents\CIGLER SOFTWARE\Money S3\Data\WebSetup\WebSetup.exe" -d "C:\Users\Public\Documents\CIGLER SOFTWARE\Money S3\Data\WebSetup\"
Task: {92DCA977-47C4-4B0A-9528-588FB1BEBB9A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {948DCE32-8B90-46CC-99B6-CA99C995E405} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {94D846E5-1A3A-49CD-A43D-A8BBDEF241D0} - System32\Tasks\{189E6F36-CE0A-4B3C-86BD-0E4A5A2CF7A0} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {9AD13E91-0E20-4A99-9FDF-230FFC79ECD8} - System32\Tasks\{5D495734-0F2B-4248-B3E0-D9B7FF99922A} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDFThumbnailHelper.exe [2012-12-13] (Nitro PDF)
Task: {9FFC5797-49EF-4C66-B38B-69C317D136B5} - System32\Tasks\{F48DC0B4-6AB4-47A0-8771-94549BFDD3F5} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {A07A9045-DDA5-4532-ADA1-BC67BC10D910} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {A87A1EE4-83C5-4971-910B-3722E134C230} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-02-23] (Microsoft Corporation)
Task: {A9E776EA-59B6-42BF-9383-2F7A0AB7BA04} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\WSCStub.exe [2017-02-20] (Symantec Corporation)
Task: {ACF8DCC0-3C7F-4E63-B707-A899AC15629F} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [2016-01-18] (Tracker Software Products (Canada) Ltd.)
Task: {AF250386-88B7-4599-883D-F226BEEBE6E2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {B08AEDE6-9E56-482C-B72E-E9308E29C1D3} - System32\Tasks\{1BFED272-CEE7-4749-97E7-F084335F0742} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {B220650D-6D58-4A0D-B5AA-CA7E8C3B2A0E} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-01-17] (Apple Inc.)
Task: {B4485AC6-7356-446F-9E04-7C080A4AD350} - System32\Tasks\{C3CEA077-CE2A-4AD7-8BA1-456456B2A88E} => pcalua.exe -a "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\uninst.exe" -d "C:\Program Files (x86)\Alcohol Soft\Alcohol 52"
Task: {B474D138-49BD-4920-B44F-19A5974E7197} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {B8F13DFF-7CDD-4E7D-BE1A-80EA1BE1A15B} - System32\Tasks\HPCeeScheduleForDios => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {B953CB77-4E6B-477B-8D63-6B0DCE9123C0} - System32\Tasks\{9BBE0796-780A-4AAE-B2BE-1C98851546B0} => pcalua.exe -a C:\Users\Dios\Downloads\setup.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {BF01B1F0-5900-42E6-AF12-D4D18461CB6F} - System32\Tasks\{A3948E18-38A2-4928-9087-46697B834183} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {BFBD1FB1-9F3C-4DA7-BFBA-ABF11B1B09C6} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {C028799B-C998-4A85-8F4E-D6CE375967FE} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {C1AFC45C-7C97-45D5-939F-E43B04C598AF} - System32\Tasks\{BB051987-A088-4E1F-842C-5A0DC6BEF7A0} => C:\Program Files (x86)\CgmBetSystems\CgmBets.exe
Task: {CAC31A8E-DF7D-46F1-896D-A2DF6CB6F688} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {D0E6AE5E-3816-4E21-ABC9-6FBB167A77AD} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {D43C9CCB-0FD8-4FCB-A60B-E1BF2CAB3C7B} - System32\Tasks\{1E699CF4-E78B-4C3D-BFDC-A8DBEA7BB5C9} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {D449143A-6252-42C8-98FF-3D4E9513DC03} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2017-02-20] (Symantec Corporation)
Task: {D515AFB1-1FE7-4F28-B472-58C498C9BF7D} - System32\Tasks\{1DC39F61-91E6-4776-B509-ED13DD51BBAD} => pcalua.exe -a C:\Users\Dios\Downloads\Hamachi-1.0.1.5.exe -d C:\Users\Dios\Downloads
Task: {DB3803A4-CC04-4FEB-980F-1B2AF403C1D3} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {DBCA48B7-C3C3-42EE-997A-6D1B6BDB3096} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {E07D6744-D2D2-4698-BB63-4B33446981A2} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-25] ()
Task: {E096A7F9-FD4E-4A4C-9D88-76632BA6DE08} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {E3B7BFE2-5312-4561-B5BB-72046D814703} - System32\Tasks\{6030F4DE-A10B-409D-9B44-05E0D1AE28E4} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {ED832A5F-631C-484C-BD26-FA1D8318DFA2} - System32\Tasks\{2E49A9EB-3280-4B40-A217-E2C09E93F899} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {F08D3DE8-1186-419E-A12F-D8B945111A52} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-01-16] ()
Task: {F1D62EFA-C438-4A47-89DE-FAD6AEB2784E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {F794CEE7-3B12-43FB-B0E4-C438A8C9E799} - System32\Tasks\Norton Internet Security\Norton Internet Security Autofix => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {FC6FA7D2-B87F-461D-A0DD-FA86C0AD12CA} - System32\Tasks\{059E4574-2046-4A5F-B5AE-4BE5372B4716} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {FD2F0EAA-DEC4-4B2D-B250-91A6FB0BAE7E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForDios.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Dios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD\SpellForce - Platinum Edition\JoWooD Homepage.lnk -> hxxp://www.jowood.co
Shortcut: C:\Users\Dios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD\SpellForce - Platinum Edition\SpellForce - Platinum Edition Homepage.lnk -> hxxp://spellforce.jowood.com/?rid=1221&lang=e
Shortcut: C:\Users\Dios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD\SpellForce - Platinum Edition\SpellForce Forum.lnk -> hxxp://spellforce.jowood.com/forum
==================== Loaded Modules (Whitelisted) ==============
2015-10-12 12:59 - 2012-09-29 12:25 - 00409088 _____ () C:\WINDOWS\System32\HPM1210LM.DLL
2013-10-02 11:36 - 2012-12-07 10:42 - 00065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1120PP.DLL
2012-05-03 09:40 - 2012-09-29 12:25 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-16 19:27 - 2012-09-30 12:00 - 01469856 _____ () C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe
2016-09-02 06:37 - 2014-12-11 10:24 - 00076584 _____ () C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
2017-03-03 08:56 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-03 08:56 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-15 08:20 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-15 08:20 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-15 09:11 - 2016-09-15 09:11 - 00959168 _____ () C:\Users\Dios\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-12-15 08:20 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-15 07:52 - 2016-09-15 07:52 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 11:59 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 11:58 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 11:58 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 11:58 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 11:58 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 11:58 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-09-16 19:27 - 2012-09-30 12:00 - 03076512 _____ () C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe
2017-03-02 07:04 - 2017-03-02 07:06 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-03-02 07:04 - 2017-03-02 07:06 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-06-07 13:39 - 2016-06-07 13:41 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-04 07:40 - 2016-03-04 07:42 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-09-16 19:27 - 2011-10-11 12:00 - 00045056 _____ () C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\Mtp32.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-02-07 12:21 - 2014-10-31 16:37 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2017-02-07 12:21 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\business24.cz -> hxxps://www.business24.cz
IE trusted site: HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\ppe.cz -> hxxps://www.ppe.cz
IE trusted site: HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\servis24.cz -> hxxps://www.servis24.cz
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2017-03-03 06:49 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dios\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: 602XML Updater => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Dios^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Kooperativa - PDF Server.lnk => C:\windows\pss\Kooperativa - PDF Server.lnk.Startup
MSCONFIG\startupreg: DTRun => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
MSCONFIG\startupreg: HPPowerAssistant => C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
MSCONFIG\startupreg: HPQuickWebProxy => "c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: WD Quick View => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "AthBtTray"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "StatusAlerts"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SFAUpdater"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "NUSB3MON"
HKLM\...\StartupApproved\Run32: => "Tmobile_Czech Estoril ModemListener"
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{0BC50696-A532-4D6E-927C-6AF387D98BB5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5E1B9ABA-C53E-4023-A5C6-41E4E82E5DA2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BE61E9F3-D8B9-4595-9B25-A28F831BF78D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0DB3444C-177A-4A09-A5B6-03E96F9CF71F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9A8536AC-8E2A-4703-A928-96A7EE35A2A7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{615CDE9A-4762-467C-A13B-F9D4042F1CF7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{540AFD97-B033-47BE-B751-5950FC568776}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2DB7AF22-2457-4032-ACFC-D93728FEEA0B}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{B6AF7F7D-C636-4AB2-A251-04ADFD3B7A60}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{4A1A6B8A-F5B4-4928-8851-F7F28DF643E8}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{3D63E791-3AA1-4099-B434-CBBEE191D316}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{81CAFB65-7BA1-4297-99B1-107F3AE42E8D}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{096858B8-6DC5-46F1-840F-BEB3E40E59C3}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{DE23D481-FE65-4B52-BCA7-EEB6B0C3728C}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{D598719A-B177-4E28-892C-878CBBAE11E9}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{ACCFD7FB-1587-479D-AB4F-5EDF0153501A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{EB59E3EC-49F9-4D68-AB8A-EAD9708DF1BC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{8058241D-9DBD-4A4B-9614-4472DB73EE45}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{D615243A-5072-4E99-A51C-1FF41EA3A7EE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{45390CF1-7620-438D-95C8-5F1A123795A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{55FEE721-9CAF-4CA0-8992-B7111C8140A7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{12420971-C9FB-489B-9839-6DC57444C75C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{24F71D6E-8E23-4582-8440-DD7DB596CD6E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{1F4C35B0-7A96-45C9-BBCF-0549AA0514BF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{916A2433-703D-4CF9-B412-4D3ADA0619E8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{8F626E39-DFAD-4EBC-94AC-7D47A6AA65FC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{A390EEFF-C960-4853-9F79-EC6D2C5AB6D1}] => (Allow) G:\setup\hpznui40.exe
FirewallRules: [{384A3614-750B-4805-83CC-B6569C7F7B53}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7C3324F8-73A8-4125-BDAF-6AD490A4BDF4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2E4C564C-2A35-44E5-9422-DF9411373FC8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{035113F2-39A1-49A0-AF50-0097DFFD49B5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B74A65B5-E411-4E48-83C1-C2ABCDDBCAC3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{915EDE72-61AA-4668-B29E-D43DBEEF312E}] => (Allow) LPort=1900
FirewallRules: [{E8D16D2C-1296-483B-AAFD-4CD58A6DCB27}] => (Allow) LPort=2869
FirewallRules: [{26BF4BD7-019E-4B1F-8E41-CAB70586A44A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B537BC04-32E5-4EC1-8C25-F988A09ED77E}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{6201D615-F4BE-403C-A61D-49B069FE9C96}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{7EFD56E7-D8E0-48E8-AF32-14290E96D86F}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{B14C08F5-9E4D-473D-B914-36518E83CF6F}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{80606333-A321-4B7A-B7B1-16FF85C8D084}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1D8527A8-3BE0-49E4-826F-57893F9D556A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2E9445BE-F188-4065-A150-4C02E8CB1C1F}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{BDE595B0-9B7F-4A90-9239-F368946CD6D6}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{84F0E771-AD35-420B-B56D-A115A642BE1C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5C4C34A9-7F88-4782-BCE6-243AAF7382AD}] => (Block) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Restore Points =========================
11-02-2017 09:48:31 Naplánovaný kontrolní bod
18-02-2017 12:56:35 Naplánovaný kontrolní bod
23-02-2017 10:51:58 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/04/2017 08:30:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16109
Error: (03/04/2017 08:30:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16109
Error: (03/04/2017 08:30:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/04/2017 01:27:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3953
Error: (03/04/2017 01:27:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3953
Error: (03/04/2017 01:27:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/04/2017 10:46:53 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (03/04/2017 08:55:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iCloudPhotos.exe, verze: 105.0.0.178, časové razítko: 0x58791a03
Název chybujícího modulu: iCloudPhotos_main.dll, verze: 105.0.0.178, časové razítko: 0x587e691b
Kód výjimky: 0xc0000005
Posun chyby: 0x000f48bc
ID chybujícího procesu: 0x1e18
Čas spuštění chybující aplikace: 0x01d294bca104e2bd
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos_main.dll
ID zprávy: 6e611bb2-8959-47c3-91a2-58e6ed6413cd
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/03/2017 11:06:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SPIKL)
Description: Aplikaci Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (03/03/2017 10:58:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iCloudDrive.exe, verze: 1.6.10.167, časové razítko: 0x58791a03
Název chybujícího modulu: iCloudDrive_main.dll, verze: 1.6.10.167, časové razítko: 0x587e6920
Kód výjimky: 0xc0000005
Posun chyby: 0x0010025c
ID chybujícího procesu: 0x1148
Čas spuštění chybující aplikace: 0x01d29469098f2185
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive_main.dll
ID zprávy: a45a2865-0489-499d-a4d4-2df0a6a2e1ec
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (03/05/2017 12:54:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/04/2017 01:27:24 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom1.
Error: (03/04/2017 01:27:24 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom1.
Error: (03/04/2017 01:27:24 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom1.
Error: (03/04/2017 01:27:24 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom1.
Error: (03/04/2017 01:27:24 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom1.
Error: (03/04/2017 08:54:30 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/03/2017 11:06:41 PM) (Source: DCOM) (EventID: 10010) (User: SPIKL)
Description: Server App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/03/2017 11:00:17 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.
Error: (03/03/2017 11:00:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
CodeIntegrity:
===================================
Date: 2017-01-20 10:00:17.546
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 10:00:15.026
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 10:00:11.629
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 10:00:07.323
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:21.812
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:14.880
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:14.010
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:13.462
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:13.126
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:13.007
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 63%
Total physical RAM: 4030.36 MB
Available physical RAM: 1470.02 MB
Total Virtual: 8126.36 MB
Available Virtual: 3969.77 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:573.86 GB) (Free:20.38 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.12 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: C2E30232)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=573.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)
==================== End of Addition.txt ============================
Díky
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-03-2017
Ran by Dios (05-03-2017 17:16:03)
Running from C:\Users\Dios\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-15 07:12:12)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2675517426-136286855-1641891982-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2675517426-136286855-1641891982-503 - Limited - Disabled)
Dios (S-1-5-21-2675517426-136286855-1641891982-1001 - Administrator - Enabled) => C:\Users\Dios
Guest (S-1-5-21-2675517426-136286855-1641891982-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2675517426-136286855-1641891982-1007 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Disabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Internet Security (Disabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.0.2 - )
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.12 - ArcSoft)
ArcSoft TotalMedia (x32 Version: 1.0.48.25 - ArcSoft) Hidden
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft)
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.8.0.0182 - Disc Soft Ltd)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bentley V8i (SELECTseries 3) - Autodesk® RealDWG™ 2014 (HKLM-x32\...\{23E55F00-CE7A-4860-AF2A-69F3A5F8E54A}) (Version: 08.11.09.459 - Bentley Systems, Incorporated)
Bentley View V8i (SELECTseries 3) 08.11.09.459 (HKLM-x32\...\{ED98991E-E69D-44E1-828F-3F1C23FD95E0}) (Version: 08.11.09.459 - Bentley Systems, Incorporated)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.02.000.55 - Atheros Communications)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Build Trial Package (HKLM-x32\...\{09A9CD6B-8C7B-43C1-B05D-02087226EA41}) (Version: 1.4.0 - Software Imaging)
Business Functions (HKLM-x32\...\Business Functions_is1) (Version: - Business Functions Ltd)
C310 (x32 Version: 140.0.304.000 - Hewlett-Packard) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 2 (x32 Version: 1.00.0000 - Activision) Hidden
Canon MF Toolbox 4.9.1.1.mf12 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf12 - CANON INC.)
Canon MF5900 Series (HKLM\...\{47C39213-7CE2-4eb0-A112-11671C0072A0}) (Version: 3.9.0.0 - CANON INC.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Corel Applications (HKLM-x32\...\Corel Applications) (Version: - )
Cortona3D Viewer (HKLM\...\{DEACDFFA-D424-416F-B849-FA282F55B2CE}) (Version: 7.0.188 - ParallelGraphics)
CryptoPlus CS v1.0e (HKLM-x32\...\CryptoPlus CS v1.0e) (Version: 2.0.8 - Monet+,a.s.)
CryptoPlus CS v1.0e x64 (HKLM\...\CryptoPlus CS v1.0e) (Version: 2.0.8 - Monet+,a.s.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0002 - Microsoft Corporation)
DIY DataRecovery CHK-Mate (HKLM-x32\...\CHK-Mate_is1) (Version: 1.0 - DIY DataRecovery.nl)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DraftSight x64 (HKLM\...\{18D88174-BDBF-4BBF-B05C-3C75F609E44A}) (Version: 12.1.1077 - Dassault Systemes)
EGR-ShellExtension (HKLM-x32\...\EGR-ShellExtension) (Version: 1.2.0.101 - EasternGraphics)
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 17.101 (20170201_17) - CÍGLER SOFTWARE, a.s.)
Elevated Installer (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Evernote v. 5.6.4 (HKLM-x32\...\{DFDF0BE2-2D71-11E4-9454-00163E98E7D6}) (Version: 5.6.4.4632 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Firebird 1.5.5 (HKLM-x32\...\FBDBServer_1_5_is1) (Version: - Firebird Project)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{9fbf4745-0038-4ed3-aee1-87af9b9ef8f1}) (Version: 5.1.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Pro (HKLM-x32\...\{5BAA8884-F661-464B-B5B2-5C6C632BFC21}) (Version: 7.1.4.1529 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP 3D DriveGuard (HKLM\...\{04927A60-31CD-4614-A25C-055B1AD3A8CE}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP DayStarter (HKLM\...\{483D5A49-A26B-4CB8-AA2D-0D1811322061}) (Version: 2.0.0.12 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6A9C9BE1-14A3-42ED-A388-42E30A1412E9}) (Version: 1.2.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{B1FE3DA1-15C1-4AEB-85A6-883F8C4AFD42}) (Version: 2.0.2.1 - Hewlett-Packard Company)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP HotKey Support (HKLM\...\{7D1C63D1-6520-49DA-B738-958133526E80}) (Version: 4.0.10.1 - Hewlett-Packard Company)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP LaserJet 400 MFP M425 (HKLM-x32\...\{568705AA-DD8A-4134-B8B9-9609721FBBCE}) (Version: 15.0.15188.1460 - Hewlett-Packard)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
HP Photo Creations (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\HP Photo Creations) (Version: 1.0.0.17422 - HP)
HP Photosmart Prem C310 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{4E484899-4F93-4086-88BA-56BDDF47A776}) (Version: 14.0 - HP)
HP Power Assistant (HKLM\...\{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}) (Version: 2.0.2.0 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{6B5E7B4F-64A2-4DEB-B210-0DD92F940A01}) (Version: 3.0.3.9925 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP SoftPaq Download Manager (HKLM-x32\...\{FE465061-894A-4023-8580-56FCDD4F23F9}) (Version: 3.4.4.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{03619AEC-00EE-43CB-9F4F-25BE4C8C90D2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.3.50.9 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{E1BB50BA-7CCB-47CD-9FE3-03AAE6EEF862}) (Version: 12.5.32.203 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{EE5F1911-EA95-4F1A-AF97-495972F5032D}) (Version: 2.4.3.1 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50058.0 - Sonix)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM425DSService (x32 Version: 001.001.05874 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPDXP (x32 Version: 3.0.26.11 - HP) Hidden
HPLaserJet400MFP-M425_HelpLearnCenter_SI (HKLM-x32\...\{55D8D1AB-94C2-498F-A165-608B834A30EA}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJDXPHelper (x32 Version: 140.069.007 - HP) Hidden
HPLJUTCore (x32 Version: 014.000.0001 - HP) Hidden
HPLJUTM425 (x32 Version: 3.00.0003 - HP) Hidden
hppFaxDrvM425 (x32 Version: 003.000.00002 - Hewlett-Packard) Hidden
hppFaxDrvM425 (x32 Version: 004.000.00001 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM425LaserJetService (x32 Version: 001.019.00639 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
hppSendFaxM425 (x32 Version: 003.000.00002 - Hewlett-Packard) Hidden
hppSendFaxM425 (x32 Version: 004.000.00001 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 140.040.00231 - Hewlett Packard) Hidden
hpStatusAlertsM425 (x32 Version: 050.034.00131 - Hewlett-Packard) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
iCloud (HKLM\...\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}) (Version: 6.1.2.13 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
Incomedia WebSite X5 v11 - Home (HKLM-x32\...\{C5743DB8-7BDF-47D3-8D41-0BBD487B48A1}_is1) (Version: 11.0.6.27 - Incomedia s.r.l.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2559 - Intel Corporation)
InterBase 6 Client Open Edition - 6.0.2.0 (HKLM-x32\...\InterBase 6 Client Open Edition - 6.0.2.0) (Version: - InterBase Installation Info)
Internet Manager (HKLM-x32\...\Tmobile_Czech Estoril Internet Manager_is1) (Version: - T-mobile)
iPhone Converter version 1.3.2.0 (HKLM\...\{B27852AB-618E-4879-AEBF-D183F25543E8}_is1) (Version: - )
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
Knihovna TurboFLOORPLANu (HKLM-x32\...\TurboFloorPlan-5.0.0) (Version: 5.0 - Špinar software s.r.o.)
KROSplus (HKLM-x32\...\{5553C7DB-998F-4029-9E7E-F323A326C4B8}) (Version: 13.00 - KROS a.s.)
Licenční server verze 3.002 (HKLM-x32\...\Licenční server verze 3.002) (Version: - )
LJDXPHelperUI (x32 Version: 140.069.007 - HP) Hidden
Magic Academy 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes verze 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft CAPICOM 2.1.0.2 SDK (HKLM-x32\...\{2FF43F5D-5729-4E02-A548-310E30A5F29B}) (Version: 2.1.0.2 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Project Professional 2003 (HKLM-x32\...\{903B0405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 CSY (HKLM\...\{0A8A841B-29C4-4947-BF59-241216B4D904}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ Run Time Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Mobipocket Creator 4.2 (HKLM-x32\...\{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}) (Version: 4.2.41 - Mobipocket.com)
Mobipocket Reader 6.2 (HKLM-x32\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Mozilla Firefox 51.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 cs)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
NemKalk 7.13 (HKLM-x32\...\NemKalk7_is1) (Version: - )
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nitro Pro 8 (HKLM\...\{522D6D76-B109-4C83-BA3C-D26D08391EBC}) (Version: 8.0.10.7 - Nitro)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Norton Internet Security (HKLM-x32\...\NIS) (Version: 22.9.0.71 - Symantec Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
pCon.planner STD (64 bit) (HKLM\...\{6DDB6C07-B345-4B5F-B573-EE9DAEEB328C}) (Version: 7.3.0.104 - EasternGraphics)
PČS SmartClient (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\ee485056d1c5a354) (Version: 2.1.9.10 - Pojišťovna České spořitelny)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.33 - PDF Complete, Inc)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.316.1 - Tracker Software Products Ltd)
PDF-XChange 4 Pro (HKLM\...\{E38531EE-318C-4EFB-A36B-1A57BFBDAB3C}_is1) (Version: 4.199.199.0 - Tracker Software Products Ltd)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Poker at bet365 (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\bet365poker) (Version: - )
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poradce, verze 1.38/1 (HKLM-x32\...\Hledik - Poradce) (Version: 1.38/1 - )
PS_AIO_07_C310_SW_Min (x32 Version: 140.0.304.000 - Hewlett-Packard) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.58.411.2012 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.36.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.36.0 - Renesas Electronics Corporation) Hidden
RTS Stavitel+ 2014 (HKLM-x32\...\RTS Stavitel+_is1) (Version: - )
RTS Stavitel+ 2016 (HKLM-x32\...\RTS Stavitel +_is1) (Version: 2016 - RTS, a.s.)
Safari (HKLM-x32\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 1.0.1 - HP)
SDK (x32 Version: 2.24.025 - Portrait Displays, Inc.) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Simulace_PCS (HKLM-x32\...\{FA632E53-37C3-44E4-BAE7-AEC897066D98}) (Version: 1.0.0 - Microsoft)
SketchUp 8 (HKLM-x32\...\{8EB62C87-AAA6-4850-A5BC-64155884B973}) (Version: 3.0.16846 - Trimble Navigation Limited)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
SmartMaps OCX pro Money S3, verze 2.0.2.5 (HKLM-x32\...\OCXMaps_is1) (Version: 2.0.2.5 - PLANstudio s.r.o.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Software602 Form Filler (HKLM-x32\...\{00160B3F-653A-4EA7-947E-4000D3551E9E}) (Version: 4.60 - Software602 a.s.)
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
SpellForce (HKLM-x32\...\SpellForce) (Version: SpellForce v1.52 - JoWooD Productions Software AG)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.0 - Synaptics Incorporated)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\GOGPACKWITCHEREEDC_is1) (Version: 2.0.0.12 - GOG.com)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Total Uninstall 6.14.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.14.0 - Gavrila Martau)
TP-LINK Wireless Client Utility (HKLM-x32\...\{3BD98AAF-61B5-46E0-A6C8-593C242C7C48}) (Version: 7.0 - TP-LINK)
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
TurboFloorPlan 3D Home and Landscape Pro 2015 (HKLM-x32\...\{0BD6EB74-8B4F-4D3A-89B6-3F6CDEB024E0}) (Version: 17.5.5 - IMSI Design, LLC)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Update Manager (x32 Version: 4.60 - Corel Corporation) Hidden
Validity Fingerprint Sensor Driver (HKLM\...\{61D3AB5C-02B5-47FC-906A-C49A0954C7C6}) (Version: 4.3.126.0 - Validity Sensors, Inc.)
VIP Access SDK x64(1.0.0.50) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.0.50 - Symantec Inc.)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{c77bad57-f913-4ac3-9061-6dfd6c0aa40a}) (Version: 1.3.0.16 - Western Digital Technologies, Inc.)
WD Drive Utilities (x32 Version: 1.3.0.16 - Western Digital Technologies, Inc.) Hidden
WD Quick View (HKLM-x32\...\{D5DEF2D5-FE04-484D-A6C9-2A105443F56A}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{83270912-15C7-4336-822E-E8F1B1BBCA60}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{72fda14f-5a07-49d5-b7f7-202377e9b522}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
WhatsApp (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\WhatsApp) (Version: 0.2.936 - WhatsApp)
WildTangent Games App for HP (x32 Version: 4.0.11.14 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )
World Cup Cricket 20-20 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Xobni (HKLM-x32\...\XobniMain) (Version: 1.9.5.13282 - Xobni Corp.)
Xobni Core (x32 Version: 1.0.0 - Xobni, Inc.) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{6614FE97-812C-4B8B-AD6F-83D07279BF02}\InprocServer32 -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna, a.s.)
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{8616ED07-7CEA-47D2-912D-79BF20C02290}\InprocServer32 -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna, a.s.)
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{DEDBE4C9-9E87-40C5-B437-9AAB7EB9C667}\InprocServer32 -> C:\Program Files (x86)\EasternGraphics\EGR-ShellExtension\Win64\egr_se.dll (EasternGraphics)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0D14F5E4-34D1-4B83-9EBA-076F63DA92EC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {106E7DD4-E989-4692-8C55-5BBD2F763B40} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {11CD153F-E397-42E8-A7B0-10FAE7C11B2C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {13AC7145-1FBA-46A7-A3A9-C97140E8677A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {19DBF2CF-532C-4BDE-B83D-96A86004AEC5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {1CF937A7-D431-4525-A15C-B73D4FDEF5D9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-09] (Google Inc.)
Task: {1FDB43C4-6513-4AFC-AD54-9DDD0CFCA801} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
Task: {21648002-EF6B-4979-AFB9-4E42A76800E2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {2397CEB9-5D33-42A2-9054-38AB725F53C4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {28C80EA7-8FB6-47D6-9357-2F0951D02257} - System32\Tasks\{EF787000-3D6D-4AE4-BEE9-9052554AC2C3} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {28FDF4E0-7377-419E-BB38-80438399D8B9} - System32\Tasks\{EE6F22C5-F4D1-4C67-9E35-791420DD6AA0} => pcalua.exe -a C:\Users\Dios\Downloads\money-s3-15001-cz.exe
Task: {2A14E61F-A20C-454D-8EAB-31EBAC488FE3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {2BC2DF81-B4CB-4D10-A2EB-D15B5C47C91F} - System32\Tasks\{FE3F8665-DAE0-4E76-B886-ACC0EAAB75FB} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {2CC8864E-8C66-45D9-858F-377810887C2A} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2014-10-19] (Hewlett Packard)
Task: {2D9BAFA4-EFE4-44AA-A2B8-DDF5C072EDAA} - System32\Tasks\{58F91570-BD51-4FA2-8CE0-39BAFF42BD10} => pcalua.exe -a C:\Users\Dios\Downloads\KROS\setup.exe -d C:\Users\Dios\Downloads\KROS
Task: {2DCD9098-44E9-4E30-B5C4-ACF669EE1AD1} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {2E46169E-0629-4BA9-BC81-5E8195E25116} - System32\Tasks\{C2E35031-C64B-4A5E-8CC9-BEF6E2FAD49B} => pcalua.exe -a C:\Users\Dios\Downloads\lhm.exe -d C:\Users\Dios\Downloads
Task: {2EB7BB99-4969-4C42-9D95-F35ACA0AB939} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3FEBE1CC-4573-4376-AE0E-B5E1C6545F44} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-wintip77@seznam.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07] (Adobe Systems Incorporated)
Task: {44301198-A6A4-40F8-AA1C-1CA5DB4FE74E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {453A5020-823E-4BDC-AF4E-5F06EB0AA7F6} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {48CEFDD3-610C-4EC9-ADA5-7B4FDDA0F57F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {4926A6CF-84ED-42B1-B37B-4C9D50F95633} - System32\Tasks\{11E919B2-5102-4BBB-8FE1-18624ACE226F} => pcalua.exe -a "C:\Program Files\Kooperativa\Isos\Isos.exe" -d "C:\Program Files\Kooperativa\Isos"
Task: {4CA41BB2-25BD-4C62-8CF7-D4A37FC2CD55} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-01] (Adobe Systems Incorporated)
Task: {53C6A5A5-C9F0-4450-A84C-B8A379CF9F83} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {543BF91C-250C-4DA8-9180-692E914C7A95} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {5B3C61DB-82EF-4C41-B146-F70F7614C9FF} - System32\Tasks\{937AA0AD-51E2-42F1-AE16-88C6D955819C} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {5C501CBF-C134-4AB3-9C12-EF945C9DD8CB} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {617236B5-E2D1-4937-8F2C-561FC673DC46} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {68E0BF27-F7C4-43F4-94C3-2AEAFAD659A3} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {73A0A03A-E7C8-4260-8714-7CCE42763C8F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {759DC2FE-59D0-449E-9D0D-1197160407BE} - System32\Tasks\{697CE3AF-4540-465F-B96D-5A33DEFA1F4E} => pcalua.exe -a C:\Users\Dios\Downloads\KoopP7BNExtern(1).exe -d C:\Users\Dios\Downloads
Task: {77539CF2-CB8F-401F-B9FA-D1BD30F8ED4E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {81A6567A-DDCA-4B5A-A18C-3E9AAC439B9A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-02-10] (HP Inc.)
Task: {8448FD24-8653-446F-8CCC-1793C2FF091D} - System32\Tasks\{B3B1FFFB-DC50-44A3-9C1E-827F3A87E88E} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {8C00EF0D-FA6C-4CE0-AC32-84BF692B83F9} - System32\Tasks\{B0ED6832-3EA1-43CA-894A-3F21177A2A2B} => pcalua.exe -a "C:\Users\Public\Documents\CIGLER SOFTWARE\Money S3\Data\WebSetup\WebSetup.exe" -d "C:\Users\Public\Documents\CIGLER SOFTWARE\Money S3\Data\WebSetup\"
Task: {92DCA977-47C4-4B0A-9528-588FB1BEBB9A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {948DCE32-8B90-46CC-99B6-CA99C995E405} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {94D846E5-1A3A-49CD-A43D-A8BBDEF241D0} - System32\Tasks\{189E6F36-CE0A-4B3C-86BD-0E4A5A2CF7A0} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {9AD13E91-0E20-4A99-9FDF-230FFC79ECD8} - System32\Tasks\{5D495734-0F2B-4248-B3E0-D9B7FF99922A} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDFThumbnailHelper.exe [2012-12-13] (Nitro PDF)
Task: {9FFC5797-49EF-4C66-B38B-69C317D136B5} - System32\Tasks\{F48DC0B4-6AB4-47A0-8771-94549BFDD3F5} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {A07A9045-DDA5-4532-ADA1-BC67BC10D910} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {A87A1EE4-83C5-4971-910B-3722E134C230} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-02-23] (Microsoft Corporation)
Task: {A9E776EA-59B6-42BF-9383-2F7A0AB7BA04} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\WSCStub.exe [2017-02-20] (Symantec Corporation)
Task: {ACF8DCC0-3C7F-4E63-B707-A899AC15629F} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [2016-01-18] (Tracker Software Products (Canada) Ltd.)
Task: {AF250386-88B7-4599-883D-F226BEEBE6E2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {B08AEDE6-9E56-482C-B72E-E9308E29C1D3} - System32\Tasks\{1BFED272-CEE7-4749-97E7-F084335F0742} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {B220650D-6D58-4A0D-B5AA-CA7E8C3B2A0E} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-01-17] (Apple Inc.)
Task: {B4485AC6-7356-446F-9E04-7C080A4AD350} - System32\Tasks\{C3CEA077-CE2A-4AD7-8BA1-456456B2A88E} => pcalua.exe -a "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\uninst.exe" -d "C:\Program Files (x86)\Alcohol Soft\Alcohol 52"
Task: {B474D138-49BD-4920-B44F-19A5974E7197} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {B8F13DFF-7CDD-4E7D-BE1A-80EA1BE1A15B} - System32\Tasks\HPCeeScheduleForDios => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {B953CB77-4E6B-477B-8D63-6B0DCE9123C0} - System32\Tasks\{9BBE0796-780A-4AAE-B2BE-1C98851546B0} => pcalua.exe -a C:\Users\Dios\Downloads\setup.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {BF01B1F0-5900-42E6-AF12-D4D18461CB6F} - System32\Tasks\{A3948E18-38A2-4928-9087-46697B834183} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {BFBD1FB1-9F3C-4DA7-BFBA-ABF11B1B09C6} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {C028799B-C998-4A85-8F4E-D6CE375967FE} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {C1AFC45C-7C97-45D5-939F-E43B04C598AF} - System32\Tasks\{BB051987-A088-4E1F-842C-5A0DC6BEF7A0} => C:\Program Files (x86)\CgmBetSystems\CgmBets.exe
Task: {CAC31A8E-DF7D-46F1-896D-A2DF6CB6F688} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {D0E6AE5E-3816-4E21-ABC9-6FBB167A77AD} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {D43C9CCB-0FD8-4FCB-A60B-E1BF2CAB3C7B} - System32\Tasks\{1E699CF4-E78B-4C3D-BFDC-A8DBEA7BB5C9} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {D449143A-6252-42C8-98FF-3D4E9513DC03} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2017-02-20] (Symantec Corporation)
Task: {D515AFB1-1FE7-4F28-B472-58C498C9BF7D} - System32\Tasks\{1DC39F61-91E6-4776-B509-ED13DD51BBAD} => pcalua.exe -a C:\Users\Dios\Downloads\Hamachi-1.0.1.5.exe -d C:\Users\Dios\Downloads
Task: {DB3803A4-CC04-4FEB-980F-1B2AF403C1D3} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {DBCA48B7-C3C3-42EE-997A-6D1B6BDB3096} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {E07D6744-D2D2-4698-BB63-4B33446981A2} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-25] ()
Task: {E096A7F9-FD4E-4A4C-9D88-76632BA6DE08} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {E3B7BFE2-5312-4561-B5BB-72046D814703} - System32\Tasks\{6030F4DE-A10B-409D-9B44-05E0D1AE28E4} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {ED832A5F-631C-484C-BD26-FA1D8318DFA2} - System32\Tasks\{2E49A9EB-3280-4B40-A217-E2C09E93F899} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {F08D3DE8-1186-419E-A12F-D8B945111A52} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-01-16] ()
Task: {F1D62EFA-C438-4A47-89DE-FAD6AEB2784E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {F794CEE7-3B12-43FB-B0E4-C438A8C9E799} - System32\Tasks\Norton Internet Security\Norton Internet Security Autofix => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {FC6FA7D2-B87F-461D-A0DD-FA86C0AD12CA} - System32\Tasks\{059E4574-2046-4A5F-B5AE-4BE5372B4716} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {FD2F0EAA-DEC4-4B2D-B250-91A6FB0BAE7E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForDios.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Dios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD\SpellForce - Platinum Edition\JoWooD Homepage.lnk -> hxxp://www.jowood.co
Shortcut: C:\Users\Dios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD\SpellForce - Platinum Edition\SpellForce - Platinum Edition Homepage.lnk -> hxxp://spellforce.jowood.com/?rid=1221&lang=e
Shortcut: C:\Users\Dios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD\SpellForce - Platinum Edition\SpellForce Forum.lnk -> hxxp://spellforce.jowood.com/forum
==================== Loaded Modules (Whitelisted) ==============
2015-10-12 12:59 - 2012-09-29 12:25 - 00409088 _____ () C:\WINDOWS\System32\HPM1210LM.DLL
2013-10-02 11:36 - 2012-12-07 10:42 - 00065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1120PP.DLL
2012-05-03 09:40 - 2012-09-29 12:25 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-16 19:27 - 2012-09-30 12:00 - 01469856 _____ () C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe
2016-09-02 06:37 - 2014-12-11 10:24 - 00076584 _____ () C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
2017-03-03 08:56 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-03 08:56 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-15 08:20 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-15 08:20 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-15 09:11 - 2016-09-15 09:11 - 00959168 _____ () C:\Users\Dios\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-12-15 08:20 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-15 07:52 - 2016-09-15 07:52 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 11:59 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 11:58 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 11:58 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 11:58 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 11:58 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 11:58 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-09-16 19:27 - 2012-09-30 12:00 - 03076512 _____ () C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe
2017-03-02 07:04 - 2017-03-02 07:06 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-03-02 07:04 - 2017-03-02 07:06 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-06-07 13:39 - 2016-06-07 13:41 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-04 07:40 - 2016-03-04 07:42 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-09-16 19:27 - 2011-10-11 12:00 - 00045056 _____ () C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\Mtp32.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-02-07 12:21 - 2014-10-31 16:37 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2017-02-07 12:21 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\business24.cz -> hxxps://www.business24.cz
IE trusted site: HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\ppe.cz -> hxxps://www.ppe.cz
IE trusted site: HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\servis24.cz -> hxxps://www.servis24.cz
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2017-03-03 06:49 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dios\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: 602XML Updater => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Dios^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Kooperativa - PDF Server.lnk => C:\windows\pss\Kooperativa - PDF Server.lnk.Startup
MSCONFIG\startupreg: DTRun => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
MSCONFIG\startupreg: HPPowerAssistant => C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
MSCONFIG\startupreg: HPQuickWebProxy => "c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: WD Quick View => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "AthBtTray"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "StatusAlerts"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SFAUpdater"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "NUSB3MON"
HKLM\...\StartupApproved\Run32: => "Tmobile_Czech Estoril ModemListener"
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{0BC50696-A532-4D6E-927C-6AF387D98BB5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5E1B9ABA-C53E-4023-A5C6-41E4E82E5DA2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BE61E9F3-D8B9-4595-9B25-A28F831BF78D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0DB3444C-177A-4A09-A5B6-03E96F9CF71F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9A8536AC-8E2A-4703-A928-96A7EE35A2A7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{615CDE9A-4762-467C-A13B-F9D4042F1CF7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{540AFD97-B033-47BE-B751-5950FC568776}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2DB7AF22-2457-4032-ACFC-D93728FEEA0B}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{B6AF7F7D-C636-4AB2-A251-04ADFD3B7A60}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{4A1A6B8A-F5B4-4928-8851-F7F28DF643E8}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{3D63E791-3AA1-4099-B434-CBBEE191D316}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{81CAFB65-7BA1-4297-99B1-107F3AE42E8D}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{096858B8-6DC5-46F1-840F-BEB3E40E59C3}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{DE23D481-FE65-4B52-BCA7-EEB6B0C3728C}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{D598719A-B177-4E28-892C-878CBBAE11E9}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{ACCFD7FB-1587-479D-AB4F-5EDF0153501A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{EB59E3EC-49F9-4D68-AB8A-EAD9708DF1BC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{8058241D-9DBD-4A4B-9614-4472DB73EE45}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{D615243A-5072-4E99-A51C-1FF41EA3A7EE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{45390CF1-7620-438D-95C8-5F1A123795A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{55FEE721-9CAF-4CA0-8992-B7111C8140A7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{12420971-C9FB-489B-9839-6DC57444C75C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{24F71D6E-8E23-4582-8440-DD7DB596CD6E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{1F4C35B0-7A96-45C9-BBCF-0549AA0514BF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{916A2433-703D-4CF9-B412-4D3ADA0619E8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{8F626E39-DFAD-4EBC-94AC-7D47A6AA65FC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{A390EEFF-C960-4853-9F79-EC6D2C5AB6D1}] => (Allow) G:\setup\hpznui40.exe
FirewallRules: [{384A3614-750B-4805-83CC-B6569C7F7B53}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7C3324F8-73A8-4125-BDAF-6AD490A4BDF4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2E4C564C-2A35-44E5-9422-DF9411373FC8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{035113F2-39A1-49A0-AF50-0097DFFD49B5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B74A65B5-E411-4E48-83C1-C2ABCDDBCAC3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{915EDE72-61AA-4668-B29E-D43DBEEF312E}] => (Allow) LPort=1900
FirewallRules: [{E8D16D2C-1296-483B-AAFD-4CD58A6DCB27}] => (Allow) LPort=2869
FirewallRules: [{26BF4BD7-019E-4B1F-8E41-CAB70586A44A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B537BC04-32E5-4EC1-8C25-F988A09ED77E}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{6201D615-F4BE-403C-A61D-49B069FE9C96}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{7EFD56E7-D8E0-48E8-AF32-14290E96D86F}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{B14C08F5-9E4D-473D-B914-36518E83CF6F}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{80606333-A321-4B7A-B7B1-16FF85C8D084}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1D8527A8-3BE0-49E4-826F-57893F9D556A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2E9445BE-F188-4065-A150-4C02E8CB1C1F}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{BDE595B0-9B7F-4A90-9239-F368946CD6D6}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{84F0E771-AD35-420B-B56D-A115A642BE1C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5C4C34A9-7F88-4782-BCE6-243AAF7382AD}] => (Block) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Restore Points =========================
11-02-2017 09:48:31 Naplánovaný kontrolní bod
18-02-2017 12:56:35 Naplánovaný kontrolní bod
23-02-2017 10:51:58 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/04/2017 08:30:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16109
Error: (03/04/2017 08:30:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16109
Error: (03/04/2017 08:30:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/04/2017 01:27:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3953
Error: (03/04/2017 01:27:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3953
Error: (03/04/2017 01:27:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/04/2017 10:46:53 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (03/04/2017 08:55:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iCloudPhotos.exe, verze: 105.0.0.178, časové razítko: 0x58791a03
Název chybujícího modulu: iCloudPhotos_main.dll, verze: 105.0.0.178, časové razítko: 0x587e691b
Kód výjimky: 0xc0000005
Posun chyby: 0x000f48bc
ID chybujícího procesu: 0x1e18
Čas spuštění chybující aplikace: 0x01d294bca104e2bd
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos_main.dll
ID zprávy: 6e611bb2-8959-47c3-91a2-58e6ed6413cd
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/03/2017 11:06:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SPIKL)
Description: Aplikaci Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (03/03/2017 10:58:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iCloudDrive.exe, verze: 1.6.10.167, časové razítko: 0x58791a03
Název chybujícího modulu: iCloudDrive_main.dll, verze: 1.6.10.167, časové razítko: 0x587e6920
Kód výjimky: 0xc0000005
Posun chyby: 0x0010025c
ID chybujícího procesu: 0x1148
Čas spuštění chybující aplikace: 0x01d29469098f2185
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive_main.dll
ID zprávy: a45a2865-0489-499d-a4d4-2df0a6a2e1ec
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (03/05/2017 12:54:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/04/2017 01:27:24 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom1.
Error: (03/04/2017 01:27:24 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom1.
Error: (03/04/2017 01:27:24 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom1.
Error: (03/04/2017 01:27:24 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom1.
Error: (03/04/2017 01:27:24 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom1.
Error: (03/04/2017 08:54:30 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/03/2017 11:06:41 PM) (Source: DCOM) (EventID: 10010) (User: SPIKL)
Description: Server App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/03/2017 11:00:17 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.
Error: (03/03/2017 11:00:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
CodeIntegrity:
===================================
Date: 2017-01-20 10:00:17.546
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 10:00:15.026
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 10:00:11.629
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 10:00:07.323
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:21.812
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:14.880
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:14.010
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:13.462
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:13.126
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 09:58:13.007
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 63%
Total physical RAM: 4030.36 MB
Available physical RAM: 1470.02 MB
Total Virtual: 8126.36 MB
Available Virtual: 3969.77 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:573.86 GB) (Free:20.38 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.12 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: C2E30232)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=573.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)
==================== End of Addition.txt ============================
Re: Prosím o kontrolu logu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2017
Ran by Dios (administrator) on SPIKL (05-03-2017 17:24:57)
Running from C:\Users\Dios\Desktop
Loaded Profiles: Dios (Available Profiles: Dios & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\nis.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
() C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe
() C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
Failed to access process -> backgroundTaskHost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\nis.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
() C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\conathst.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-27] (IDT, Inc.)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-07] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2017-01-13] (Apple Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2015-05-20] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [NetLockMngr] => C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe [3076512 2012-09-30] ()
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Tmobile_Czech Estoril ModemListener] => C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe [159016 2014-12-11] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330176 2014-08-19] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [322352 2014-08-09] (BitTorrent, Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{010225A0-1DFD-CB3D-7CBF-F81DEAD6A5B5}: [NameServer] 62.141.0.1 213.162.65.1
Tcpip\..\Interfaces\{010225A2-1DFD-CB3D-7CBF-F81DEAD6A5B5}: [NameServer] 93.153.117.1 93.153.117.33
Tcpip\..\Interfaces\{20adc871-8488-4412-9121-2b7c6725d838}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{278401da-e960-4b4c-bcbc-f939ebbd7fd9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3b5a714d-352b-4aad-8581-cff6782c3e01}: [DhcpNameServer] 192.168.9.1 192.168.9.1
Tcpip\..\Interfaces\{44da3733-12ea-4092-ab15-cb3b918a7993}: [NameServer] 192.168.100.1,8.8.8.8
Tcpip\..\Interfaces\{c202a2a1-8152-4b98-9159-127249dde237}: [DhcpNameServer] 10.0.28.1
Tcpip\..\Interfaces\{d4f80e1b-eb6c-4a5f-a082-7407669bd57a}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-06-09] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-06-09] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: PDFXChange 4.0 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} -> C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-27] (Tracker Software Products Ltd.)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-07] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-09] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-07] (Atheros Commnucations)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-09] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
Toolbar: HKLM-x32 - PDFXChange 4.0 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-27] (Tracker Software Products Ltd.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-07] (Symantec Corporation)
FireFox:
========
FF DefaultProfile: h0iijypa.default-1414995702743
FF ProfilePath: C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743 [2017-03-05]
FF Homepage: Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743 -> hxxps://www.seznam.cz/
FF Extension: (iCloud Bookmarks) - C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\Extensions\firefoxdav@icloud.com [2016-10-20]
FF Extension: (QuickJava) - C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2016-10-10]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\features\{7a9acee5-4637-43f6-a7bf-c902825e3863}\disableSHA1rollout@mozilla.org.xpi [2017-03-03]
FF SearchPlugin: C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\searchplugins\firmycz.xml [2015-06-16]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.0.50\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.0.50\coFFAddon [2017-02-09]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.0.50\coFFAddon
FF HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-26] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-03-01] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-06-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-06-09] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-03-01] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-09] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2012-12-13] (Nitro PDF)
FF Plugin-x32: @parallelgraphics.com/Cortona -> C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll [2011-11-28] (ParallelGraphics)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Dios\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-04] (RocketLife, LLP)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2014-08-06] ()
FF Plugin HKU\S-1-5-21-2675517426-136286855-1641891982-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2675517426-136286855-1641891982-1001: @servis24.cz/PKIComponent -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [2016-12-01] (Česká spořitelna, a.s.)
FF Plugin HKU\S-1-5-21-2675517426-136286855-1641891982-1001: @servis24.cz/PKIComponent-x64 -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll [2014-10-01] (Česká spořitelna, a.s.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-09-17] (Apple Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default [2017-03-03]
CHR Extension: (Prezentace Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-13]
CHR Extension: (Dokumenty Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-13]
CHR Extension: (Disk Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-13]
CHR Extension: (YouTube) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-05]
CHR Extension: (Tabulky Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-13]
CHR Extension: (Norton Identity Safe) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-01-05]
CHR Extension: (Norton Security Toolbar) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-04-10]
CHR Extension: (Peněženka Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-05]
CHR Extension: (Gmail) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-05]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\Exts\Chrome.crx [2017-02-25]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\Exts\Chrome.crx [2017-02-25]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [693440 2016-01-28] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-07] (Atheros) [File not signed]
S3 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123392 2014-03-14] (Dassault Systèmes) [File not signed]
S3 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\bin\fbguard.exe [65536 2007-12-12] (The Firebird Project) [File not signed]
S3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\bin\fbserver.exe [1531989 2007-12-12] (The Firebird Project) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1039376 2017-01-16] (Garmin Ltd. or its subsidiaries)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [File not signed]
S3 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
S3 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-28] (Hewlett-Packard Company)
S3 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\NIS.exe [326160 2017-02-21] (Symantec Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software)
S3 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 SWLckServer; C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe [1469856 2012-09-30] () [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-03] (Synaptics Incorporated)
R2 Tmobile_Czech Estoril Modem Device Helper; C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe [76584 2014-12-11] ()
S3 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-05-20] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 xmengine service; C:\windows\SysWOW64\xmesrv.exe [34696 2009-10-09] (Monet+, a.s.)
S3 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ARCVCAM; C:\WINDOWS\system32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\BASHDefs\20170301.003\BHDrvx64.sys [1874136 2016-11-07] (Symantec Corporation)
R1 ccSet_NIS; C:\WINDOWS\system32\drivers\NISx64\1609000.047\ccSetx64.sys [174240 2017-02-07] (Symantec Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497312 2017-01-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-01-26] (Symantec Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2017-02-24] ()
S3 FsUsbExDisk; C:\windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-12-30] () [File not signed]
S3 GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [139632 2015-11-04] (Gemalto)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\IPSDefs\20170303.001\IDSvia64.sys [1038024 2017-02-08] (Symantec Corporation)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-03-03] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-03-03] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-03] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251840 2017-03-03] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92088 2017-03-05] (Malwarebytes)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Marvell Semiconductor, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 ROCKEYNT; C:\WINDOWS\system32\DRIVERS\Rockey4.sys [36904 2013-12-04] (Feitian Technologies Co., Ltd.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-03] (Synaptics Incorporated)
U5 SNP2UVC; C:\Windows\System32\Drivers\SNP2UVC.sys [2668424 2015-12-10] ()
R3 SNP2UVCW10; C:\WINDOWS\system32\DRIVERS\snp2uvcW10.sys [2530920 2015-12-21] (Sonix Tech. Co., Ltd.)
R3 SRTSP; C:\WINDOWS\System32\Drivers\NISx64\1609000.047\SRTSP64.SYS [760992 2017-02-07] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NISx64\1609000.047\SRTSPX64.SYS [49312 2017-02-07] (Symantec Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NISx64\1609000.047\SYMEFASI64.SYS [1716896 2017-02-07] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NISx64\1609000.047\SymELAM.sys [24616 2017-02-07] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102608 2017-02-09] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NISx64\1609000.047\Ironx64.SYS [291480 2017-02-07] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\NISx64\1609000.047\SYMNETS.SYS [567512 2017-02-07] (Symantec Corporation)
S3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [36736 2013-02-08] (The OpenVPN Project) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\EX64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-05 17:20 - 2017-03-05 17:24 - 00032388 _____ C:\Users\Dios\Desktop\FRST.txt
2017-03-05 17:17 - 2017-03-05 17:17 - 00057667 _____ C:\Users\Dios\Desktop\FRST3.txt
2017-03-05 17:16 - 2017-03-05 17:20 - 00070809 _____ C:\Users\Dios\Desktop\Addition.txt
2017-03-05 17:08 - 2017-03-05 17:08 - 00112640 _____ (forum.viry.cz) C:\Users\Dios\Downloads\FRSTLauncher.exe
2017-03-04 19:22 - 2017-03-05 13:16 - 1937712468 _____ C:\Users\Dios\Downloads\Doctor.Strange.2016.BRRip.XviD.AC3.CZ-AsiToBudePiRaTE.avi
2017-03-03 16:03 - 2017-03-03 16:03 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\21BE4EFF.sys
2017-03-03 16:01 - 2017-03-03 16:02 - 00278528 _____ C:\Users\Dios\Desktop\1. Oceňovací podklady.xls
2017-03-03 12:26 - 2017-03-03 12:26 - 00332520 _____ C:\Users\Dios\Downloads\dokument(12).PDF
2017-03-03 12:23 - 2017-03-03 12:24 - 00307061 _____ C:\Users\Dios\Downloads\dokument(11).PDF
2017-03-03 12:22 - 2017-03-03 12:22 - 00317507 _____ C:\Users\Dios\Downloads\dokument(10).PDF
2017-03-03 12:21 - 2017-03-03 12:21 - 00317507 _____ C:\Users\Dios\Downloads\dokument(9).PDF
2017-03-03 12:05 - 2017-03-03 12:05 - 03011107 _____ C:\Users\Dios\Downloads\vysvetleni-zmena c.1.pdf
2017-03-03 12:02 - 2017-03-03 12:02 - 04376858 _____ C:\Users\Dios\Downloads\prilohy ke změně c. 2.zip
2017-03-03 12:01 - 2017-03-03 12:05 - 00211915 _____ C:\Users\Dios\Downloads\zmena ZD c. 2.pdf
2017-03-03 11:59 - 2017-03-03 11:59 - 01237987 _____ C:\Users\Dios\Downloads\přiloha c. 5.2. ZD - VV.zip
2017-03-03 11:57 - 2017-03-03 11:58 - 49832748 _____ C:\Users\Dios\Downloads\priloha c. 5.1. ZD - 2.cast.zip
2017-03-03 11:55 - 2017-03-03 11:55 - 49984449 _____ C:\Users\Dios\Downloads\priloha c. 5.1. ZD - 1.cast.zip
2017-03-03 11:54 - 2017-03-03 11:54 - 01103395 _____ C:\Users\Dios\Downloads\priloha c. 4 SOD Postup vystavby.zip
2017-03-03 11:52 - 2017-03-03 14:10 - 00000000 ____D C:\Users\Dios\Desktop\UPOL_rekonstrukce areálových komunikací
2017-03-03 11:46 - 2017-03-03 11:47 - 00396895 _____ C:\Users\Dios\Downloads\ZD_, KV(1).pdf
2017-03-03 08:58 - 2017-03-03 22:57 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-03-03 08:57 - 2017-03-05 14:23 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-03 08:57 - 2017-03-03 22:56 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-03 08:57 - 2017-03-03 22:56 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-03-03 08:57 - 2017-03-03 22:56 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-03 08:56 - 2017-03-03 08:56 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-03 08:56 - 2017-03-03 08:56 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-03 08:56 - 2017-03-03 08:56 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-03 08:56 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-02 12:25 - 2017-03-02 12:25 - 00396895 _____ C:\Users\Dios\Downloads\ZD_, KV.pdf
2017-03-02 12:13 - 2017-03-05 17:09 - 02423808 ____C (Farbar) C:\Users\Dios\Desktop\FRST64.exe
2017-03-02 11:44 - 2017-03-02 11:44 - 00004988 _____ C:\Users\Dios\Documents\cc_20170302_114428.reg
2017-03-02 11:40 - 2017-03-02 11:40 - 00007818 _____ C:\Users\Dios\Documents\cc_20170302_114032.reg
2017-03-02 10:55 - 2017-03-02 10:55 - 00050618 _____ C:\Users\Dios\Documents\cc_20170302_105551.reg
2017-03-02 10:22 - 2017-03-02 10:23 - 00000000 ____D C:\Program Files\CCleaner
2017-03-02 10:22 - 2017-03-02 10:22 - 00002848 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-03-02 10:22 - 2017-03-02 10:22 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-03-02 10:22 - 2017-03-02 10:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-03-02 10:17 - 2017-03-02 10:17 - 00000000 ____D C:\Users\Dios\Downloads\CCleaner Professional & Business Edition v5.27.5976 (2017)(CZ,SK)
2017-03-02 07:03 - 2017-03-02 07:03 - 00001607 _____ C:\Users\Dios\Desktop\Platby_MPxVC_2017.lnk
2017-02-28 14:56 - 2017-02-28 14:56 - 00022920 _____ C:\Users\Dios\Downloads\cee-19981008_Novy_Matej.pdf
2017-02-28 14:49 - 2017-02-28 14:49 - 00000244 _____ C:\Users\Dios\Desktop\Práce ve výškách - SingingRock Outlet.URL
2017-02-28 14:17 - 2017-02-28 14:17 - 00114517 _____ C:\Users\Dios\Downloads\5556_1.pdf
2017-02-28 11:09 - 2017-02-28 11:09 - 00000000 ____D C:\Program Files\NortonInstaller
2017-02-28 10:43 - 2017-02-28 10:43 - 00072374 _____ C:\Users\Dios\Downloads\IrwPrintShoppingList.pdf
2017-02-27 12:45 - 2017-02-27 12:45 - 00153229 _____ C:\Users\Dios\Downloads\SC_CC_15x15_FY17_cz.pdf
2017-02-27 07:08 - 2017-02-27 07:20 - 00000000 ____D C:\Users\Dios\Downloads\Nocturnal.Animals.2016.BRRip.XviD.AC3.CZ-PiRaTE
2017-02-26 13:07 - 2017-02-26 13:07 - 00003404 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-02-25 20:39 - 2017-02-27 06:41 - 2971028847 _____ C:\Users\Dios\Downloads\Fantastická zvířata a kde je najít.mkv
2017-02-23 10:54 - 2017-02-23 10:54 - 00201881 _____ C:\Users\Dios\Downloads\98432-1468912.pdf
2017-02-23 10:53 - 2017-02-23 10:53 - 01569675 _____ C:\Users\Dios\Downloads\98431-1529786_zadávací dokumentace.pdf
2017-02-23 10:53 - 2017-02-23 10:53 - 01569575 _____ C:\Users\Dios\Downloads\98431-1529786.pdf
2017-02-23 10:46 - 2017-02-23 10:46 - 02234269 _____ C:\Users\Dios\Downloads\97802-6936461.pdf
2017-02-23 10:43 - 2017-02-23 10:43 - 02197263 _____ C:\Users\Dios\Downloads\97801-5119059.pdf
2017-02-23 10:42 - 2017-02-23 10:42 - 02162545 _____ C:\Users\Dios\Downloads\97799-2870263.pdf
2017-02-23 10:41 - 2017-02-23 10:41 - 00184852 _____ C:\Users\Dios\Downloads\97797-8421441(1).pdf
2017-02-23 10:17 - 2017-02-23 10:17 - 00162192 _____ C:\Users\Dios\Downloads\97798-6613698.pdf
2017-02-23 08:42 - 2017-02-23 08:42 - 00189715 _____ C:\Users\Dios\Downloads\97797-8421441_Zápis o předání a převzetí staveniště.pdf
2017-02-23 08:42 - 2017-02-23 08:42 - 00184852 _____ C:\Users\Dios\Downloads\97797-8421441.pdf
2017-02-23 08:38 - 2017-02-23 08:38 - 06017067 _____ C:\Users\Dios\Downloads\97794-7355759.pdf
2017-02-23 08:37 - 2017-02-23 08:37 - 00018514 _____ C:\Users\Dios\Downloads\98428-2287615.pdf
2017-02-23 08:31 - 2017-02-23 08:34 - 00031232 _____ C:\Users\Dios\Desktop\2. Rozpočet ukazatele.xls
2017-02-21 09:56 - 2017-02-21 09:57 - 00214438 _____ C:\Users\Dios\Downloads\IF_5546_3.pdf
2017-02-21 07:15 - 2017-02-21 07:49 - 1369619519 _____ C:\Users\Dios\Downloads\The.Girl.On.The.Train.2016.WEB-DL.AVC.CZ-AsiToBudePiRaTE.mp4
2017-02-18 12:45 - 2017-02-18 13:11 - 1127147918 _____ C:\Users\Dios\Downloads\Prazdniny v Provence (2016).avi
2017-02-17 13:05 - 2017-02-17 13:05 - 00000303 _____ C:\Users\Dios\Desktop\PTservis.txt
2017-02-17 12:35 - 2017-02-20 10:28 - 00042464 _____ C:\Users\Dios\Desktop\V.O. Opavská_porovnání.xlsx
2017-02-17 12:09 - 2017-02-17 12:09 - 00567465 _____ C:\Users\Dios\Downloads\dodatecna_informace_c2-rybnik_lhota.pdf
2017-02-17 10:12 - 2017-02-17 10:12 - 00099681 _____ C:\Users\Dios\Downloads\dokument(8).pdf
2017-02-17 08:27 - 2017-02-17 08:43 - 1743691776 _____ C:\Users\Dios\Downloads\Bezva ženská na krku (2016) (CZ).avi
2017-02-15 12:52 - 2017-02-15 13:12 - 00026080 _____ C:\Users\Dios\Desktop\Kompostové hospodářství_sledování fakturace.xlsx
2017-02-15 07:47 - 2017-02-15 07:54 - 00000000 ____D C:\Users\Dios\Downloads\Deepwater.Horizon.2016.BRRip.XViD.AC3.CZ-S1LV3R
2017-02-14 11:43 - 2017-02-14 11:43 - 04897565 _____ C:\Users\Dios\Downloads\P r i k a z_s m l o u v a_T D S+a d m_f i n a l_2.pdf
2017-02-14 09:46 - 2017-02-14 09:46 - 00104675 _____ C:\Users\Dios\Downloads\příkazní na výkon TDS-zverej.pdf
2017-02-13 18:18 - 2017-02-13 19:38 - 1549791232 _____ C:\Users\Dios\Downloads\Zúčtování.avi
2017-02-13 14:33 - 2017-02-13 14:33 - 00818926 _____ C:\Users\Dios\Downloads\Ceník_Olomouc_2017.pdf
2017-02-13 14:32 - 2017-02-13 14:32 - 00123708 _____ C:\Users\Dios\Downloads\WWWCENIKSTEPANOV2015.pdf
2017-02-13 14:29 - 2017-02-13 14:29 - 00832521 _____ C:\Users\Dios\Downloads\Cenik_2016.pdf
2017-02-13 13:41 - 2017-02-13 13:41 - 00704994 _____ C:\Users\Dios\Downloads\00_Vyzva_rybnik_Lhota(1).pdf
2017-02-13 13:38 - 2017-02-13 13:38 - 00527670 _____ C:\Users\Dios\Downloads\egadup6mgutm7rctjiq3p5rpp0_1483009720_Oznámení o vyloučení uchazeče z výběrového řízení.pdf
2017-02-13 12:47 - 2017-02-13 12:47 - 00443149 _____ C:\Users\Dios\Downloads\splatky_bez_navyseni_pravidla(1).pdf
2017-02-12 20:26 - 2017-02-12 21:33 - 00000000 ____D C:\Users\Dios\Downloads\Povinnost a čest Act of Valor (2012)
2017-02-12 20:19 - 2017-02-12 21:48 - 766113532 _____ C:\Users\Dios\Downloads\Trollové.avi
2017-02-11 14:36 - 2017-02-11 16:16 - 1278392984 _____ C:\Users\Dios\Downloads\Musim te svest cz xvid-calibrum2.avi
2017-02-11 10:39 - 2017-02-15 13:35 - 00011465 _____ C:\Users\Dios\Desktop\Dovolená.xlsx
2017-02-11 10:27 - 2017-02-11 11:59 - 1932204032 _____ C:\Users\Dios\Downloads\Kobry a užovky.avi
2017-02-09 16:09 - 2017-02-09 17:12 - 1014570955 _____ C:\Users\Dios\Downloads\Avatar.avi
2017-02-09 14:21 - 2017-02-09 14:21 - 06111589 _____ C:\Users\Dios\Downloads\Úprava prostranství před Priorem.pdf
2017-02-09 13:16 - 2017-02-09 13:16 - 00443149 _____ C:\Users\Dios\Downloads\splatky_bez_navyseni_pravidla.pdf
2017-02-09 10:04 - 2017-02-09 10:08 - 00000000 ____D C:\Users\Dios\Downloads\Storks.2016.BRRip.XviD.AC3.CZ.SK-PiRaTE
2017-02-09 09:34 - 2017-03-03 23:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2017-02-09 09:19 - 2017-02-09 09:19 - 00666620 _____ C:\Users\Dios\Downloads\00_Vyzva_-_demolice_M5-L11-oprava.pdf
2017-02-09 09:04 - 2017-02-09 09:40 - 00000000 ____D C:\Users\Dios\Desktop\Hygienické zařízení-apresski
2017-02-08 14:38 - 2017-02-08 15:21 - 736397312 _____ C:\Users\Dios\Downloads\jpa.avi
2017-02-07 12:53 - 2017-02-07 13:13 - 00327680 _____ C:\Users\Dios\Desktop\UPOL_Výkaz výměr_rev2_2003_poptávka.xls
2017-02-07 12:32 - 2017-02-07 12:32 - 00000000 ____D C:\Users\Dios\Documents\Wondershare
2017-02-07 12:29 - 2017-02-07 12:29 - 00000000 ____D C:\ProgramData\Wondershare
2017-02-07 12:28 - 2017-02-07 12:28 - 00000000 ____D C:\Users\Dios\AppData\Roaming\HMYGSetting
2017-02-07 12:21 - 2017-02-07 12:21 - 00000000 ____D C:\Users\Dios\AppData\Local\Wondershare
2017-02-07 12:20 - 2017-03-02 07:24 - 00000000 ____D C:\Users\Dios\.android
2017-02-07 12:12 - 2017-02-07 12:25 - 00000000 ____D C:\Users\Dios\Downloads\Eye.in.the.Sky.2015.BRRip.XviD.AC3.CZ-Ex
2017-02-07 09:19 - 2017-02-07 09:19 - 00000000 ____D C:\Users\Dios\Downloads\Blood.Father.2016.BDRip.x264.CZ
2017-02-07 09:15 - 2017-02-07 09:15 - 00000000 ____D C:\Users\Dios\Downloads\Wondershare MobileTrans v7.4.6.429 Final + Serials
2017-02-07 08:31 - 2017-02-07 08:41 - 00314498 _____ C:\Users\Dios\Desktop\S.M. Olomouc - 04 Výkaz výměr_rev1 - porovnání.xlsx
2017-02-06 14:49 - 2017-02-06 14:49 - 01812343 _____ C:\Users\Dios\Downloads\3963_3483_239_2016_mikulicova.pdf
2017-02-06 14:47 - 2017-02-06 14:47 - 00213446 _____ C:\Users\Dios\Downloads\3997_oceneni_bytu.pdf
2017-02-06 12:41 - 2017-02-06 12:41 - 00105359 _____ C:\Users\Dios\Downloads\dokument(7).pdf
2017-02-06 09:46 - 2017-02-06 09:46 - 00019524 _____ C:\Users\Dios\Downloads\cee-19891002_Vcelik_Tomas.pdf
2017-02-06 09:13 - 2017-02-06 09:13 - 00496908 _____ C:\Users\Dios\Downloads\PGY-cenik-2016.pdf
2017-02-06 09:04 - 2017-02-06 09:05 - 00176915 _____ C:\Users\Dios\Downloads\Ceník-2016-platnost-od-1.4.2016.pdf
2017-02-06 08:32 - 2017-02-06 08:45 - 1506766848 _____ C:\Users\Dios\Downloads\Jesse Stone Ztracen v Paradise.avi
2017-02-04 19:00 - 2017-02-04 21:41 - 976465920 _____ C:\Users\Dios\Downloads\Máma mezi Marťany.avi
2017-02-03 16:06 - 2017-02-03 17:17 - 1499277312 _____ C:\Users\Dios\Downloads\Toy.Story.3.480p.BRRip.XviD.AC3.CZ-lukasenko79.avi
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-05 17:27 - 2014-05-29 20:12 - 00000000 ____D C:\Users\Dios\AppData\Roaming\uTorrent
2017-03-05 17:24 - 2015-05-21 06:39 - 00000000 ___DC C:\FRST
2017-03-05 17:23 - 2014-07-23 13:21 - 00000000 ____D C:\Users\Dios\Desktop\Odvirování
2017-03-05 17:04 - 2016-11-16 06:52 - 00000000 ____D C:\Users\Dios\AppData\LocalLow\Mozilla
2017-03-05 17:03 - 2016-09-15 07:01 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-05 14:24 - 2012-02-11 08:08 - 00000000 ____D C:\Users\Dios\AppData\Roaming\vlc
2017-03-05 12:55 - 2016-01-04 07:30 - 00000000 ___RD C:\Users\Dios\iCloudDrive
2017-03-04 20:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-04 20:29 - 2015-04-16 11:10 - 00000000 ____D C:\KROSplusData
2017-03-04 18:56 - 2016-09-15 08:00 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-03-04 13:11 - 2016-12-20 10:48 - 00003228 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForDios
2017-03-04 13:11 - 2016-12-20 10:48 - 00000340 _____ C:\WINDOWS\Tasks\HPCeeScheduleForDios.job
2017-03-04 09:00 - 2012-01-05 19:01 - 00000000 ____D C:\Users\Dios\AppData\Local\Adobe
2017-03-04 08:55 - 2011-12-01 10:57 - 00000000 ____D C:\Users\Dios\AppData\Local\CrashDumps
2017-03-03 23:03 - 2016-09-15 07:10 - 02439140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-03 23:03 - 2016-07-16 23:25 - 00914338 _____ C:\WINDOWS\system32\perfh005.dat
2017-03-03 23:03 - 2016-07-16 23:25 - 00237032 _____ C:\WINDOWS\system32\perfc005.dat
2017-03-03 22:58 - 2012-01-06 20:56 - 00000000 ____D C:\Users\Dios\AppData\Local\Apple
2017-03-03 22:55 - 2016-09-15 08:00 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-03 22:53 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-03-03 17:30 - 2015-05-03 15:11 - 00000000 ____D C:\Users\Dios\Downloads\Other
2017-03-03 12:03 - 2012-09-27 10:25 - 00000000 ____D C:\Users\Dios\AppData\Local\GHISLER
2017-03-03 08:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-03 08:34 - 2015-12-01 09:49 - 00000000 ___DC C:\AdwCleaner
2017-03-03 08:22 - 2014-09-19 15:00 - 00001167 _____ C:\Users\Dios\Documents\RESUME.XLW
2017-03-03 07:20 - 2016-12-14 08:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-03 07:20 - 2014-08-09 18:45 - 00000000 ____D C:\Program Files (x86)\uTorrent
2017-03-03 06:58 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-03 06:52 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-03 06:52 - 2011-12-01 11:17 - 00000000 ____D C:\Users\Dios\AppData\LocalLow\Temp
2017-03-03 06:49 - 2009-07-14 04:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-03-02 11:54 - 2014-07-22 08:33 - 00000000 ____D C:\Program Files\trend micro
2017-03-02 10:29 - 2016-11-01 17:33 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-02 07:14 - 2017-01-18 13:52 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-03-02 07:08 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-01 14:47 - 2017-01-18 13:52 - 00003900 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-03-01 14:46 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-03-01 14:46 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-28 12:54 - 2016-01-11 13:53 - 00054660 _____ C:\Users\Dios\Desktop\Sledování cash flow II.xlsx
2017-02-28 12:47 - 2016-04-24 11:47 - 00027991 _____ C:\Users\Dios\Desktop\byt vybavení.xlsx
2017-02-27 08:59 - 2012-12-14 13:16 - 00002286 ____H C:\Users\Dios\Documents\Default.rdp
2017-02-26 18:03 - 2015-06-12 07:04 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-26 13:07 - 2017-01-20 09:58 - 00002484 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2017-02-26 13:07 - 2017-01-20 09:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2017-02-26 13:07 - 2016-03-22 07:33 - 00000000 ____D C:\WINDOWS\system32\Drivers\NISx64
2017-02-24 09:25 - 2016-07-19 09:13 - 00000000 ____D C:\Stavitel
2017-02-24 09:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-24 07:51 - 2016-09-02 06:37 - 00002209 _____ C:\Users\Public\Desktop\Internet Manager.lnk
2017-02-24 07:51 - 2016-09-02 06:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager
2017-02-23 19:07 - 2016-02-22 13:14 - 00000000 ____D C:\Users\Dios\Downloads\Filmy
2017-02-23 11:10 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 11:09 - 2013-07-21 05:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 10:56 - 2011-11-14 08:50 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 08:01 - 2015-10-09 20:19 - 00000000 ____D C:\Users\Dios\AppData\Local\Packages
2017-02-22 08:01 - 2012-12-11 14:12 - 00000000 ____D C:\Users\Dios\Downloads\iPod Photo Cache
2017-02-19 19:16 - 2016-03-09 08:33 - 00022528 _____ C:\Users\Dios\Desktop\Passwords_09032016.xlsx
2017-02-17 09:39 - 2013-10-30 08:15 - 00000000 ____D C:\Users\Dios\AppData\Roaming\Nitro
2017-02-16 22:59 - 2016-09-15 07:11 - 00000000 ____D C:\Users\Dios
2017-02-16 13:21 - 2014-03-20 17:19 - 00064512 _____ C:\Users\Dios\Desktop\Půjčky_VC(HP).xls
2017-02-15 14:37 - 2012-08-03 20:17 - 00000000 ____D C:\Users\Dios\AppData\Local\The Witcher
2017-02-13 06:23 - 2016-07-16 12:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-02-11 10:52 - 2016-11-01 09:00 - 00002201 _____ C:\Users\Public\Desktop\Money S3.lnk
2017-02-09 09:28 - 2017-01-20 09:53 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2017-02-09 09:16 - 2017-01-20 09:58 - 00102608 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2017-02-09 09:16 - 2017-01-20 09:58 - 00008298 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2016-03-07 09:59 - 2016-03-07 10:33 - 0000034 _____ () C:\Users\Dios\AppData\Roaming\AdobeWLCMCache.dat
2016-07-12 11:32 - 2016-07-12 11:32 - 0009317 _____ () C:\Users\Dios\AppData\Roaming\Hodnoty oddělené čárkami (Windows).EML
2014-01-22 07:15 - 2015-08-17 08:45 - 0024299 _____ () C:\Users\Dios\AppData\Roaming\Microsoft Excel 97-2003.ADR
2016-07-12 10:03 - 2016-08-17 08:01 - 0009306 _____ () C:\Users\Dios\AppData\Roaming\Microsoft Excel 97-2003.EML
2014-07-17 06:43 - 2016-01-21 08:53 - 0007614 _____ () C:\Users\Dios\AppData\Local\resmon.resmoncfg
2012-01-26 19:25 - 2012-01-26 19:41 - 0001223 _____ () C:\ProgramData\hpzinstall.log
2012-09-14 10:29 - 2014-07-29 09:10 - 0000299 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-27 07:24
==================== End of FRST.txt ============================
Ran by Dios (administrator) on SPIKL (05-03-2017 17:24:57)
Running from C:\Users\Dios\Desktop
Loaded Profiles: Dios (Available Profiles: Dios & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\nis.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
() C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe
() C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
Failed to access process -> backgroundTaskHost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\nis.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
() C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\conathst.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-27] (IDT, Inc.)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-07] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2017-01-13] (Apple Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2015-05-20] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [NetLockMngr] => C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe [3076512 2012-09-30] ()
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Tmobile_Czech Estoril ModemListener] => C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe [159016 2014-12-11] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330176 2014-08-19] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [322352 2014-08-09] (BitTorrent, Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{010225A0-1DFD-CB3D-7CBF-F81DEAD6A5B5}: [NameServer] 62.141.0.1 213.162.65.1
Tcpip\..\Interfaces\{010225A2-1DFD-CB3D-7CBF-F81DEAD6A5B5}: [NameServer] 93.153.117.1 93.153.117.33
Tcpip\..\Interfaces\{20adc871-8488-4412-9121-2b7c6725d838}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{278401da-e960-4b4c-bcbc-f939ebbd7fd9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3b5a714d-352b-4aad-8581-cff6782c3e01}: [DhcpNameServer] 192.168.9.1 192.168.9.1
Tcpip\..\Interfaces\{44da3733-12ea-4092-ab15-cb3b918a7993}: [NameServer] 192.168.100.1,8.8.8.8
Tcpip\..\Interfaces\{c202a2a1-8152-4b98-9159-127249dde237}: [DhcpNameServer] 10.0.28.1
Tcpip\..\Interfaces\{d4f80e1b-eb6c-4a5f-a082-7407669bd57a}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-06-09] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-06-09] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: PDFXChange 4.0 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} -> C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-27] (Tracker Software Products Ltd.)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-07] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-09] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-07] (Atheros Commnucations)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-09] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
Toolbar: HKLM-x32 - PDFXChange 4.0 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-27] (Tracker Software Products Ltd.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-07] (Symantec Corporation)
FireFox:
========
FF DefaultProfile: h0iijypa.default-1414995702743
FF ProfilePath: C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743 [2017-03-05]
FF Homepage: Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743 -> hxxps://www.seznam.cz/
FF Extension: (iCloud Bookmarks) - C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\Extensions\firefoxdav@icloud.com [2016-10-20]
FF Extension: (QuickJava) - C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2016-10-10]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\features\{7a9acee5-4637-43f6-a7bf-c902825e3863}\disableSHA1rollout@mozilla.org.xpi [2017-03-03]
FF SearchPlugin: C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\searchplugins\firmycz.xml [2015-06-16]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.0.50\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.0.50\coFFAddon [2017-02-09]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.0.50\coFFAddon
FF HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-26] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-03-01] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-06-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-06-09] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-03-01] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-09] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2012-12-13] (Nitro PDF)
FF Plugin-x32: @parallelgraphics.com/Cortona -> C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll [2011-11-28] (ParallelGraphics)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Dios\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-04] (RocketLife, LLP)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2014-08-06] ()
FF Plugin HKU\S-1-5-21-2675517426-136286855-1641891982-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2675517426-136286855-1641891982-1001: @servis24.cz/PKIComponent -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [2016-12-01] (Česká spořitelna, a.s.)
FF Plugin HKU\S-1-5-21-2675517426-136286855-1641891982-1001: @servis24.cz/PKIComponent-x64 -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll [2014-10-01] (Česká spořitelna, a.s.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-09-17] (Apple Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default [2017-03-03]
CHR Extension: (Prezentace Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-13]
CHR Extension: (Dokumenty Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-13]
CHR Extension: (Disk Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-13]
CHR Extension: (YouTube) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-05]
CHR Extension: (Tabulky Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-13]
CHR Extension: (Norton Identity Safe) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-01-05]
CHR Extension: (Norton Security Toolbar) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-04-10]
CHR Extension: (Peněženka Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-05]
CHR Extension: (Gmail) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-05]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\Exts\Chrome.crx [2017-02-25]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\Exts\Chrome.crx [2017-02-25]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [693440 2016-01-28] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-07] (Atheros) [File not signed]
S3 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123392 2014-03-14] (Dassault Systèmes) [File not signed]
S3 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\bin\fbguard.exe [65536 2007-12-12] (The Firebird Project) [File not signed]
S3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\bin\fbserver.exe [1531989 2007-12-12] (The Firebird Project) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1039376 2017-01-16] (Garmin Ltd. or its subsidiaries)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [File not signed]
S3 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
S3 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-28] (Hewlett-Packard Company)
S3 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\NIS.exe [326160 2017-02-21] (Symantec Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software)
S3 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 SWLckServer; C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe [1469856 2012-09-30] () [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-03] (Synaptics Incorporated)
R2 Tmobile_Czech Estoril Modem Device Helper; C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe [76584 2014-12-11] ()
S3 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-05-20] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 xmengine service; C:\windows\SysWOW64\xmesrv.exe [34696 2009-10-09] (Monet+, a.s.)
S3 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ARCVCAM; C:\WINDOWS\system32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\BASHDefs\20170301.003\BHDrvx64.sys [1874136 2016-11-07] (Symantec Corporation)
R1 ccSet_NIS; C:\WINDOWS\system32\drivers\NISx64\1609000.047\ccSetx64.sys [174240 2017-02-07] (Symantec Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497312 2017-01-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-01-26] (Symantec Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2017-02-24] ()
S3 FsUsbExDisk; C:\windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-12-30] () [File not signed]
S3 GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [139632 2015-11-04] (Gemalto)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\IPSDefs\20170303.001\IDSvia64.sys [1038024 2017-02-08] (Symantec Corporation)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-03-03] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-03-03] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-03] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251840 2017-03-03] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92088 2017-03-05] (Malwarebytes)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Marvell Semiconductor, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 ROCKEYNT; C:\WINDOWS\system32\DRIVERS\Rockey4.sys [36904 2013-12-04] (Feitian Technologies Co., Ltd.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-03] (Synaptics Incorporated)
U5 SNP2UVC; C:\Windows\System32\Drivers\SNP2UVC.sys [2668424 2015-12-10] ()
R3 SNP2UVCW10; C:\WINDOWS\system32\DRIVERS\snp2uvcW10.sys [2530920 2015-12-21] (Sonix Tech. Co., Ltd.)
R3 SRTSP; C:\WINDOWS\System32\Drivers\NISx64\1609000.047\SRTSP64.SYS [760992 2017-02-07] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NISx64\1609000.047\SRTSPX64.SYS [49312 2017-02-07] (Symantec Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NISx64\1609000.047\SYMEFASI64.SYS [1716896 2017-02-07] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NISx64\1609000.047\SymELAM.sys [24616 2017-02-07] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102608 2017-02-09] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NISx64\1609000.047\Ironx64.SYS [291480 2017-02-07] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\NISx64\1609000.047\SYMNETS.SYS [567512 2017-02-07] (Symantec Corporation)
S3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [36736 2013-02-08] (The OpenVPN Project) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\EX64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-05 17:20 - 2017-03-05 17:24 - 00032388 _____ C:\Users\Dios\Desktop\FRST.txt
2017-03-05 17:17 - 2017-03-05 17:17 - 00057667 _____ C:\Users\Dios\Desktop\FRST3.txt
2017-03-05 17:16 - 2017-03-05 17:20 - 00070809 _____ C:\Users\Dios\Desktop\Addition.txt
2017-03-05 17:08 - 2017-03-05 17:08 - 00112640 _____ (forum.viry.cz) C:\Users\Dios\Downloads\FRSTLauncher.exe
2017-03-04 19:22 - 2017-03-05 13:16 - 1937712468 _____ C:\Users\Dios\Downloads\Doctor.Strange.2016.BRRip.XviD.AC3.CZ-AsiToBudePiRaTE.avi
2017-03-03 16:03 - 2017-03-03 16:03 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\21BE4EFF.sys
2017-03-03 16:01 - 2017-03-03 16:02 - 00278528 _____ C:\Users\Dios\Desktop\1. Oceňovací podklady.xls
2017-03-03 12:26 - 2017-03-03 12:26 - 00332520 _____ C:\Users\Dios\Downloads\dokument(12).PDF
2017-03-03 12:23 - 2017-03-03 12:24 - 00307061 _____ C:\Users\Dios\Downloads\dokument(11).PDF
2017-03-03 12:22 - 2017-03-03 12:22 - 00317507 _____ C:\Users\Dios\Downloads\dokument(10).PDF
2017-03-03 12:21 - 2017-03-03 12:21 - 00317507 _____ C:\Users\Dios\Downloads\dokument(9).PDF
2017-03-03 12:05 - 2017-03-03 12:05 - 03011107 _____ C:\Users\Dios\Downloads\vysvetleni-zmena c.1.pdf
2017-03-03 12:02 - 2017-03-03 12:02 - 04376858 _____ C:\Users\Dios\Downloads\prilohy ke změně c. 2.zip
2017-03-03 12:01 - 2017-03-03 12:05 - 00211915 _____ C:\Users\Dios\Downloads\zmena ZD c. 2.pdf
2017-03-03 11:59 - 2017-03-03 11:59 - 01237987 _____ C:\Users\Dios\Downloads\přiloha c. 5.2. ZD - VV.zip
2017-03-03 11:57 - 2017-03-03 11:58 - 49832748 _____ C:\Users\Dios\Downloads\priloha c. 5.1. ZD - 2.cast.zip
2017-03-03 11:55 - 2017-03-03 11:55 - 49984449 _____ C:\Users\Dios\Downloads\priloha c. 5.1. ZD - 1.cast.zip
2017-03-03 11:54 - 2017-03-03 11:54 - 01103395 _____ C:\Users\Dios\Downloads\priloha c. 4 SOD Postup vystavby.zip
2017-03-03 11:52 - 2017-03-03 14:10 - 00000000 ____D C:\Users\Dios\Desktop\UPOL_rekonstrukce areálových komunikací
2017-03-03 11:46 - 2017-03-03 11:47 - 00396895 _____ C:\Users\Dios\Downloads\ZD_, KV(1).pdf
2017-03-03 08:58 - 2017-03-03 22:57 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-03-03 08:57 - 2017-03-05 14:23 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-03 08:57 - 2017-03-03 22:56 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-03 08:57 - 2017-03-03 22:56 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-03-03 08:57 - 2017-03-03 22:56 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-03 08:56 - 2017-03-03 08:56 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-03 08:56 - 2017-03-03 08:56 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-03 08:56 - 2017-03-03 08:56 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-03 08:56 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-02 12:25 - 2017-03-02 12:25 - 00396895 _____ C:\Users\Dios\Downloads\ZD_, KV.pdf
2017-03-02 12:13 - 2017-03-05 17:09 - 02423808 ____C (Farbar) C:\Users\Dios\Desktop\FRST64.exe
2017-03-02 11:44 - 2017-03-02 11:44 - 00004988 _____ C:\Users\Dios\Documents\cc_20170302_114428.reg
2017-03-02 11:40 - 2017-03-02 11:40 - 00007818 _____ C:\Users\Dios\Documents\cc_20170302_114032.reg
2017-03-02 10:55 - 2017-03-02 10:55 - 00050618 _____ C:\Users\Dios\Documents\cc_20170302_105551.reg
2017-03-02 10:22 - 2017-03-02 10:23 - 00000000 ____D C:\Program Files\CCleaner
2017-03-02 10:22 - 2017-03-02 10:22 - 00002848 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-03-02 10:22 - 2017-03-02 10:22 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-03-02 10:22 - 2017-03-02 10:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-03-02 10:17 - 2017-03-02 10:17 - 00000000 ____D C:\Users\Dios\Downloads\CCleaner Professional & Business Edition v5.27.5976 (2017)(CZ,SK)
2017-03-02 07:03 - 2017-03-02 07:03 - 00001607 _____ C:\Users\Dios\Desktop\Platby_MPxVC_2017.lnk
2017-02-28 14:56 - 2017-02-28 14:56 - 00022920 _____ C:\Users\Dios\Downloads\cee-19981008_Novy_Matej.pdf
2017-02-28 14:49 - 2017-02-28 14:49 - 00000244 _____ C:\Users\Dios\Desktop\Práce ve výškách - SingingRock Outlet.URL
2017-02-28 14:17 - 2017-02-28 14:17 - 00114517 _____ C:\Users\Dios\Downloads\5556_1.pdf
2017-02-28 11:09 - 2017-02-28 11:09 - 00000000 ____D C:\Program Files\NortonInstaller
2017-02-28 10:43 - 2017-02-28 10:43 - 00072374 _____ C:\Users\Dios\Downloads\IrwPrintShoppingList.pdf
2017-02-27 12:45 - 2017-02-27 12:45 - 00153229 _____ C:\Users\Dios\Downloads\SC_CC_15x15_FY17_cz.pdf
2017-02-27 07:08 - 2017-02-27 07:20 - 00000000 ____D C:\Users\Dios\Downloads\Nocturnal.Animals.2016.BRRip.XviD.AC3.CZ-PiRaTE
2017-02-26 13:07 - 2017-02-26 13:07 - 00003404 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-02-25 20:39 - 2017-02-27 06:41 - 2971028847 _____ C:\Users\Dios\Downloads\Fantastická zvířata a kde je najít.mkv
2017-02-23 10:54 - 2017-02-23 10:54 - 00201881 _____ C:\Users\Dios\Downloads\98432-1468912.pdf
2017-02-23 10:53 - 2017-02-23 10:53 - 01569675 _____ C:\Users\Dios\Downloads\98431-1529786_zadávací dokumentace.pdf
2017-02-23 10:53 - 2017-02-23 10:53 - 01569575 _____ C:\Users\Dios\Downloads\98431-1529786.pdf
2017-02-23 10:46 - 2017-02-23 10:46 - 02234269 _____ C:\Users\Dios\Downloads\97802-6936461.pdf
2017-02-23 10:43 - 2017-02-23 10:43 - 02197263 _____ C:\Users\Dios\Downloads\97801-5119059.pdf
2017-02-23 10:42 - 2017-02-23 10:42 - 02162545 _____ C:\Users\Dios\Downloads\97799-2870263.pdf
2017-02-23 10:41 - 2017-02-23 10:41 - 00184852 _____ C:\Users\Dios\Downloads\97797-8421441(1).pdf
2017-02-23 10:17 - 2017-02-23 10:17 - 00162192 _____ C:\Users\Dios\Downloads\97798-6613698.pdf
2017-02-23 08:42 - 2017-02-23 08:42 - 00189715 _____ C:\Users\Dios\Downloads\97797-8421441_Zápis o předání a převzetí staveniště.pdf
2017-02-23 08:42 - 2017-02-23 08:42 - 00184852 _____ C:\Users\Dios\Downloads\97797-8421441.pdf
2017-02-23 08:38 - 2017-02-23 08:38 - 06017067 _____ C:\Users\Dios\Downloads\97794-7355759.pdf
2017-02-23 08:37 - 2017-02-23 08:37 - 00018514 _____ C:\Users\Dios\Downloads\98428-2287615.pdf
2017-02-23 08:31 - 2017-02-23 08:34 - 00031232 _____ C:\Users\Dios\Desktop\2. Rozpočet ukazatele.xls
2017-02-21 09:56 - 2017-02-21 09:57 - 00214438 _____ C:\Users\Dios\Downloads\IF_5546_3.pdf
2017-02-21 07:15 - 2017-02-21 07:49 - 1369619519 _____ C:\Users\Dios\Downloads\The.Girl.On.The.Train.2016.WEB-DL.AVC.CZ-AsiToBudePiRaTE.mp4
2017-02-18 12:45 - 2017-02-18 13:11 - 1127147918 _____ C:\Users\Dios\Downloads\Prazdniny v Provence (2016).avi
2017-02-17 13:05 - 2017-02-17 13:05 - 00000303 _____ C:\Users\Dios\Desktop\PTservis.txt
2017-02-17 12:35 - 2017-02-20 10:28 - 00042464 _____ C:\Users\Dios\Desktop\V.O. Opavská_porovnání.xlsx
2017-02-17 12:09 - 2017-02-17 12:09 - 00567465 _____ C:\Users\Dios\Downloads\dodatecna_informace_c2-rybnik_lhota.pdf
2017-02-17 10:12 - 2017-02-17 10:12 - 00099681 _____ C:\Users\Dios\Downloads\dokument(8).pdf
2017-02-17 08:27 - 2017-02-17 08:43 - 1743691776 _____ C:\Users\Dios\Downloads\Bezva ženská na krku (2016) (CZ).avi
2017-02-15 12:52 - 2017-02-15 13:12 - 00026080 _____ C:\Users\Dios\Desktop\Kompostové hospodářství_sledování fakturace.xlsx
2017-02-15 07:47 - 2017-02-15 07:54 - 00000000 ____D C:\Users\Dios\Downloads\Deepwater.Horizon.2016.BRRip.XViD.AC3.CZ-S1LV3R
2017-02-14 11:43 - 2017-02-14 11:43 - 04897565 _____ C:\Users\Dios\Downloads\P r i k a z_s m l o u v a_T D S+a d m_f i n a l_2.pdf
2017-02-14 09:46 - 2017-02-14 09:46 - 00104675 _____ C:\Users\Dios\Downloads\příkazní na výkon TDS-zverej.pdf
2017-02-13 18:18 - 2017-02-13 19:38 - 1549791232 _____ C:\Users\Dios\Downloads\Zúčtování.avi
2017-02-13 14:33 - 2017-02-13 14:33 - 00818926 _____ C:\Users\Dios\Downloads\Ceník_Olomouc_2017.pdf
2017-02-13 14:32 - 2017-02-13 14:32 - 00123708 _____ C:\Users\Dios\Downloads\WWWCENIKSTEPANOV2015.pdf
2017-02-13 14:29 - 2017-02-13 14:29 - 00832521 _____ C:\Users\Dios\Downloads\Cenik_2016.pdf
2017-02-13 13:41 - 2017-02-13 13:41 - 00704994 _____ C:\Users\Dios\Downloads\00_Vyzva_rybnik_Lhota(1).pdf
2017-02-13 13:38 - 2017-02-13 13:38 - 00527670 _____ C:\Users\Dios\Downloads\egadup6mgutm7rctjiq3p5rpp0_1483009720_Oznámení o vyloučení uchazeče z výběrového řízení.pdf
2017-02-13 12:47 - 2017-02-13 12:47 - 00443149 _____ C:\Users\Dios\Downloads\splatky_bez_navyseni_pravidla(1).pdf
2017-02-12 20:26 - 2017-02-12 21:33 - 00000000 ____D C:\Users\Dios\Downloads\Povinnost a čest Act of Valor (2012)
2017-02-12 20:19 - 2017-02-12 21:48 - 766113532 _____ C:\Users\Dios\Downloads\Trollové.avi
2017-02-11 14:36 - 2017-02-11 16:16 - 1278392984 _____ C:\Users\Dios\Downloads\Musim te svest cz xvid-calibrum2.avi
2017-02-11 10:39 - 2017-02-15 13:35 - 00011465 _____ C:\Users\Dios\Desktop\Dovolená.xlsx
2017-02-11 10:27 - 2017-02-11 11:59 - 1932204032 _____ C:\Users\Dios\Downloads\Kobry a užovky.avi
2017-02-09 16:09 - 2017-02-09 17:12 - 1014570955 _____ C:\Users\Dios\Downloads\Avatar.avi
2017-02-09 14:21 - 2017-02-09 14:21 - 06111589 _____ C:\Users\Dios\Downloads\Úprava prostranství před Priorem.pdf
2017-02-09 13:16 - 2017-02-09 13:16 - 00443149 _____ C:\Users\Dios\Downloads\splatky_bez_navyseni_pravidla.pdf
2017-02-09 10:04 - 2017-02-09 10:08 - 00000000 ____D C:\Users\Dios\Downloads\Storks.2016.BRRip.XviD.AC3.CZ.SK-PiRaTE
2017-02-09 09:34 - 2017-03-03 23:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2017-02-09 09:19 - 2017-02-09 09:19 - 00666620 _____ C:\Users\Dios\Downloads\00_Vyzva_-_demolice_M5-L11-oprava.pdf
2017-02-09 09:04 - 2017-02-09 09:40 - 00000000 ____D C:\Users\Dios\Desktop\Hygienické zařízení-apresski
2017-02-08 14:38 - 2017-02-08 15:21 - 736397312 _____ C:\Users\Dios\Downloads\jpa.avi
2017-02-07 12:53 - 2017-02-07 13:13 - 00327680 _____ C:\Users\Dios\Desktop\UPOL_Výkaz výměr_rev2_2003_poptávka.xls
2017-02-07 12:32 - 2017-02-07 12:32 - 00000000 ____D C:\Users\Dios\Documents\Wondershare
2017-02-07 12:29 - 2017-02-07 12:29 - 00000000 ____D C:\ProgramData\Wondershare
2017-02-07 12:28 - 2017-02-07 12:28 - 00000000 ____D C:\Users\Dios\AppData\Roaming\HMYGSetting
2017-02-07 12:21 - 2017-02-07 12:21 - 00000000 ____D C:\Users\Dios\AppData\Local\Wondershare
2017-02-07 12:20 - 2017-03-02 07:24 - 00000000 ____D C:\Users\Dios\.android
2017-02-07 12:12 - 2017-02-07 12:25 - 00000000 ____D C:\Users\Dios\Downloads\Eye.in.the.Sky.2015.BRRip.XviD.AC3.CZ-Ex
2017-02-07 09:19 - 2017-02-07 09:19 - 00000000 ____D C:\Users\Dios\Downloads\Blood.Father.2016.BDRip.x264.CZ
2017-02-07 09:15 - 2017-02-07 09:15 - 00000000 ____D C:\Users\Dios\Downloads\Wondershare MobileTrans v7.4.6.429 Final + Serials
2017-02-07 08:31 - 2017-02-07 08:41 - 00314498 _____ C:\Users\Dios\Desktop\S.M. Olomouc - 04 Výkaz výměr_rev1 - porovnání.xlsx
2017-02-06 14:49 - 2017-02-06 14:49 - 01812343 _____ C:\Users\Dios\Downloads\3963_3483_239_2016_mikulicova.pdf
2017-02-06 14:47 - 2017-02-06 14:47 - 00213446 _____ C:\Users\Dios\Downloads\3997_oceneni_bytu.pdf
2017-02-06 12:41 - 2017-02-06 12:41 - 00105359 _____ C:\Users\Dios\Downloads\dokument(7).pdf
2017-02-06 09:46 - 2017-02-06 09:46 - 00019524 _____ C:\Users\Dios\Downloads\cee-19891002_Vcelik_Tomas.pdf
2017-02-06 09:13 - 2017-02-06 09:13 - 00496908 _____ C:\Users\Dios\Downloads\PGY-cenik-2016.pdf
2017-02-06 09:04 - 2017-02-06 09:05 - 00176915 _____ C:\Users\Dios\Downloads\Ceník-2016-platnost-od-1.4.2016.pdf
2017-02-06 08:32 - 2017-02-06 08:45 - 1506766848 _____ C:\Users\Dios\Downloads\Jesse Stone Ztracen v Paradise.avi
2017-02-04 19:00 - 2017-02-04 21:41 - 976465920 _____ C:\Users\Dios\Downloads\Máma mezi Marťany.avi
2017-02-03 16:06 - 2017-02-03 17:17 - 1499277312 _____ C:\Users\Dios\Downloads\Toy.Story.3.480p.BRRip.XviD.AC3.CZ-lukasenko79.avi
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-05 17:27 - 2014-05-29 20:12 - 00000000 ____D C:\Users\Dios\AppData\Roaming\uTorrent
2017-03-05 17:24 - 2015-05-21 06:39 - 00000000 ___DC C:\FRST
2017-03-05 17:23 - 2014-07-23 13:21 - 00000000 ____D C:\Users\Dios\Desktop\Odvirování
2017-03-05 17:04 - 2016-11-16 06:52 - 00000000 ____D C:\Users\Dios\AppData\LocalLow\Mozilla
2017-03-05 17:03 - 2016-09-15 07:01 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-05 14:24 - 2012-02-11 08:08 - 00000000 ____D C:\Users\Dios\AppData\Roaming\vlc
2017-03-05 12:55 - 2016-01-04 07:30 - 00000000 ___RD C:\Users\Dios\iCloudDrive
2017-03-04 20:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-04 20:29 - 2015-04-16 11:10 - 00000000 ____D C:\KROSplusData
2017-03-04 18:56 - 2016-09-15 08:00 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-03-04 13:11 - 2016-12-20 10:48 - 00003228 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForDios
2017-03-04 13:11 - 2016-12-20 10:48 - 00000340 _____ C:\WINDOWS\Tasks\HPCeeScheduleForDios.job
2017-03-04 09:00 - 2012-01-05 19:01 - 00000000 ____D C:\Users\Dios\AppData\Local\Adobe
2017-03-04 08:55 - 2011-12-01 10:57 - 00000000 ____D C:\Users\Dios\AppData\Local\CrashDumps
2017-03-03 23:03 - 2016-09-15 07:10 - 02439140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-03 23:03 - 2016-07-16 23:25 - 00914338 _____ C:\WINDOWS\system32\perfh005.dat
2017-03-03 23:03 - 2016-07-16 23:25 - 00237032 _____ C:\WINDOWS\system32\perfc005.dat
2017-03-03 22:58 - 2012-01-06 20:56 - 00000000 ____D C:\Users\Dios\AppData\Local\Apple
2017-03-03 22:55 - 2016-09-15 08:00 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-03 22:53 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-03-03 17:30 - 2015-05-03 15:11 - 00000000 ____D C:\Users\Dios\Downloads\Other
2017-03-03 12:03 - 2012-09-27 10:25 - 00000000 ____D C:\Users\Dios\AppData\Local\GHISLER
2017-03-03 08:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-03 08:34 - 2015-12-01 09:49 - 00000000 ___DC C:\AdwCleaner
2017-03-03 08:22 - 2014-09-19 15:00 - 00001167 _____ C:\Users\Dios\Documents\RESUME.XLW
2017-03-03 07:20 - 2016-12-14 08:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-03 07:20 - 2014-08-09 18:45 - 00000000 ____D C:\Program Files (x86)\uTorrent
2017-03-03 06:58 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-03 06:52 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-03 06:52 - 2011-12-01 11:17 - 00000000 ____D C:\Users\Dios\AppData\LocalLow\Temp
2017-03-03 06:49 - 2009-07-14 04:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-03-02 11:54 - 2014-07-22 08:33 - 00000000 ____D C:\Program Files\trend micro
2017-03-02 10:29 - 2016-11-01 17:33 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-02 07:14 - 2017-01-18 13:52 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-03-02 07:08 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-01 14:47 - 2017-01-18 13:52 - 00003900 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-03-01 14:46 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-03-01 14:46 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-28 12:54 - 2016-01-11 13:53 - 00054660 _____ C:\Users\Dios\Desktop\Sledování cash flow II.xlsx
2017-02-28 12:47 - 2016-04-24 11:47 - 00027991 _____ C:\Users\Dios\Desktop\byt vybavení.xlsx
2017-02-27 08:59 - 2012-12-14 13:16 - 00002286 ____H C:\Users\Dios\Documents\Default.rdp
2017-02-26 18:03 - 2015-06-12 07:04 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-26 13:07 - 2017-01-20 09:58 - 00002484 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2017-02-26 13:07 - 2017-01-20 09:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2017-02-26 13:07 - 2016-03-22 07:33 - 00000000 ____D C:\WINDOWS\system32\Drivers\NISx64
2017-02-24 09:25 - 2016-07-19 09:13 - 00000000 ____D C:\Stavitel
2017-02-24 09:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-24 07:51 - 2016-09-02 06:37 - 00002209 _____ C:\Users\Public\Desktop\Internet Manager.lnk
2017-02-24 07:51 - 2016-09-02 06:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager
2017-02-23 19:07 - 2016-02-22 13:14 - 00000000 ____D C:\Users\Dios\Downloads\Filmy
2017-02-23 11:10 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 11:09 - 2013-07-21 05:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 10:56 - 2011-11-14 08:50 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 08:01 - 2015-10-09 20:19 - 00000000 ____D C:\Users\Dios\AppData\Local\Packages
2017-02-22 08:01 - 2012-12-11 14:12 - 00000000 ____D C:\Users\Dios\Downloads\iPod Photo Cache
2017-02-19 19:16 - 2016-03-09 08:33 - 00022528 _____ C:\Users\Dios\Desktop\Passwords_09032016.xlsx
2017-02-17 09:39 - 2013-10-30 08:15 - 00000000 ____D C:\Users\Dios\AppData\Roaming\Nitro
2017-02-16 22:59 - 2016-09-15 07:11 - 00000000 ____D C:\Users\Dios
2017-02-16 13:21 - 2014-03-20 17:19 - 00064512 _____ C:\Users\Dios\Desktop\Půjčky_VC(HP).xls
2017-02-15 14:37 - 2012-08-03 20:17 - 00000000 ____D C:\Users\Dios\AppData\Local\The Witcher
2017-02-13 06:23 - 2016-07-16 12:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-02-11 10:52 - 2016-11-01 09:00 - 00002201 _____ C:\Users\Public\Desktop\Money S3.lnk
2017-02-09 09:28 - 2017-01-20 09:53 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2017-02-09 09:16 - 2017-01-20 09:58 - 00102608 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2017-02-09 09:16 - 2017-01-20 09:58 - 00008298 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2016-03-07 09:59 - 2016-03-07 10:33 - 0000034 _____ () C:\Users\Dios\AppData\Roaming\AdobeWLCMCache.dat
2016-07-12 11:32 - 2016-07-12 11:32 - 0009317 _____ () C:\Users\Dios\AppData\Roaming\Hodnoty oddělené čárkami (Windows).EML
2014-01-22 07:15 - 2015-08-17 08:45 - 0024299 _____ () C:\Users\Dios\AppData\Roaming\Microsoft Excel 97-2003.ADR
2016-07-12 10:03 - 2016-08-17 08:01 - 0009306 _____ () C:\Users\Dios\AppData\Roaming\Microsoft Excel 97-2003.EML
2014-07-17 06:43 - 2016-01-21 08:53 - 0007614 _____ () C:\Users\Dios\AppData\Local\resmon.resmoncfg
2012-01-26 19:25 - 2012-01-26 19:41 - 0001223 _____ () C:\ProgramData\hpzinstall.log
2012-09-14 10:29 - 2014-07-29 09:10 - 0000299 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-27 07:24
==================== End of FRST.txt ============================