Poprosim o preventivku
Napsal: 31 pro 2017 21:09
dobry vecer a vsetko dobre do noveho roku
info.txt logfile of random's system information tool 1.10 2017-12-31 20:06:44
======MBR======
0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A3BF6BBD400008020210007BE122C0008000000F00A0000BE132C07FEFFFF00F80A00C29D772400FEFFFF27FEFFFF0098822400701C0000FEFFFF07FEFFFF00089F240050D14F55AA
======Uninstall list======
-->MsiExec /X{427867D2-9459-4C7B-81E8-2CA570596645}
64 Bit HP CIO Components Installer-->MsiExec.exe /I{FF21C3E6-97FD-474F-9518-8DCBE94C2854}
Adobe Acrobat Reader DC-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AC0F074E4100}
Adobe Flash Player 28 NPAPI-->C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_126_Plugin.exe -maintain plugin
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001824245926}
Apple Application Support (32-bit)-->MsiExec.exe /I{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}
Apple Application Support (64-bit)-->MsiExec.exe /I{691F30EB-9009-475A-B8A9-E1BF39598FD5}
Apple Mobile Device Support-->MsiExec.exe /I{3540181E-340A-4E7A-B409-31663472B2F7}
Apple Software Update-->MsiExec.exe /I{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}
AVG AntiVirus FREE-->C:\Program Files (x86)\AVG\Setup\avgsetupx.exe /mode=offline /uninstall=bav
AVG Web TuneUp-->C:\Program Files (x86)\AVG Web TuneUp\UNINSTALL.exe /PROMPT /UNINSTALL
AVG-->MsiExec.exe /I{E61E6143-4937-43FC-8C12-06B8A987484D}
Bonjour-->MsiExec.exe /X{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Classic Shell-->MsiExec.exe /X{98BB5224-BC5D-4028-9D20-536C1C263AA9}
Dolby Home Theater v4-->MsiExec.exe /X{B26438B4-BF51-49C3-9567-7F14A5E40CB9}
Energy Manager-->"C:\Program Files (x86)\InstallShield Installation Information\{AC768037-7079-4658-AC24-2897650E0ABE}\setup.exe" -runfromtemp -l0x041b -removeonly
Energy Manager-->MsiExec.exe /I{AC768037-7079-4658-AC24-2897650E0ABE}
FlightGear v2017.3.1-->"C:\Program Files\FlightGear 2017.3.1\unins000.exe"
FMW 1-->MsiExec.exe /I{36133E9F-B129-4206-9FB4-13F707787542}
Google Chrome-->MsiExec.exe /X{1B729E3D-B16D-3A41-A9AE-6AEC20C6580D}
Google Earth Pro-->MsiExec.exe /I{ECF2E224-42F5-4E50-B58E-94CA70E85697}
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HP Customer Participation Program 14.0-->C:\Program Files (x86)\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot
HP Deskjet F2200 All-In-One Driver Software 14.0 Rel. 6-->C:\Program Files (x86)\HP\Digital Imaging\{60D6AAC5-FDC1-49BA-867B-3135F4726156}\setup\hpzscr40.exe -datfile hposcr27.dat -onestop -forcereboot
HP Imaging Device Functions 14.0-->C:\Program Files (x86)\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photo Creations-->C:\Program Files (x86)\HP Photo Creations\uninst.exe
HP Solution Center 14.0-->C:\Program Files (x86)\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot
HP Update-->MsiExec.exe /X{912D30CF-F39E-4B31-AD9A-123C6B794EE2}
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->"C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\igxpin.exe" -uninstall
Intel(R) Rapid Storage Technology-->C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe -uninstall
Intel(R) Rapid Storage Technology-->MsiExec.exe /I{8B11A672-F039-4B14-867C-3F0209ADC85A}
Intel(R) SDK for OpenCL - CPU Only Runtime Package-->C:\Program Files (x86)\Intel\OpenCL SDK\3.0\Uninstall\setup.exe -uninstall
Intel(R) Update Manager-->MsiExec.exe /I{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}
Intel® Trusted Connect Service Client-->MsiExec.exe /I{44B72151-611E-429D-9765-9BA093D7E48A}
iTunes-->MsiExec.exe /I{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}
Java 7 Update 45 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86417045FF}
Java 7 Update 55-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217045FF}
K-Lite Codec Pack 10.2.0 Full-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
LibreOffice 5.0.4.2-->MsiExec.exe /I{14B5DDCF-61C4-4F1E-A621-844685D60B5A}
McAfee Security Scan Plus-->"C:\Program Files\McAfee Security Scan\uninstall.exe"
Microsoft ASP.NET MVC 4 Runtime-->MsiExec.exe /X{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005-->"C:\ProgramData\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005-->"C:\ProgramData\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005-->MsiExec.exe /X{929FBD26-9020-399B-9A7A-751D61F0B942}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005-->MsiExec.exe /X{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}
Mozilla Firefox 57.0.3 (x64 en-US)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
NVIDIA GeForce Experience 2.7.4.10-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Grafický ovládač 327.02-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{9FF4C2A1-3689-49F3-9CE7-A0E0AB8BF850}\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Ovládač 3D Vision 327.02-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{9FF4C2A1-3689-49F3-9CE7-A0E0AB8BF850}\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA PhysX-->MsiExec.exe /I{427867D2-9459-4C7B-81E8-2CA570596645}
NVIDIA Softvér systému s podporou technológie PhysX 9.13.0325-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{8510B691-17BB-4928-82E9-11BEAB7EA1A6}\NVI2.DLL",UninstallPackage Display.PhysX
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
OCR Software by I.R.I.S. 14.0-->C:\Program Files (x86)\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
QuickTime 7-->MsiExec.exe /I{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}
Realtek Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}\setup.exe" -runfromtemp -removeonly
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
Shop for HP Supplies-->C:\Program Files (x86)\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Skype Click to Call-->MsiExec.exe /X{6D1221A9-17BF-4EC0-81F2-27D30EC30701}
Skype™ 7.17-->MsiExec.exe /X{FC965A47-4839-40CA-B618-18F486F042C6}
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TomTom MyDrive Connect 4.1.6.3253-->C:\Program Files (x86)\MyDrive Connect\Uninstall TomTom MyDrive Connect.exe
Total Commander 64-bit (Remove or Repair)-->c:\totalcmd\tcunin64.exe
Visual Studio 2012 x64 Redistributables-->MsiExec.exe /I{8C775E70-A791-4DA8-BCC3-6AB7136F4484}
Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
Visual Studio C++ 10.0 Runtime-->MsiExec.exe /I{4412F224-3849-4461-A3E9-DEEF8D252790}
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776)-->C:\Program Files\DIFX\8C6574~1\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\acpivpc.inf_amd64_0801388e5591ee6b\acpivpc.inf
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733)-->C:\Program Files\DIFX\8C6574~1\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\wudfvhidmini.inf_amd64_4f86ecaa9af0d5de\wudfvhidmini.inf
WinRAR 5.01 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
======Hosts File======
::1 localhost
======System event log======
Computer Name: Admin-lenovo
Event Code: 16392
Message: The BITS service failed to start. Error 0x80080005.
Record Number: 54
Source Name: Microsoft-Windows-Bits-Client
Time Written: 20171220223139.988621-000
Event Type: Error
User: NT AUTHORITY\SYSTEM
Computer Name: Admin-lenovo
Event Code: 7030
Message: The Rozšírenia a oznámenia tlačiarne service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Record Number: 53
Source Name: Service Control Manager
Time Written: 20171220223131.422671-000
Event Type: Error
User:
Computer Name: Admin-lenovo
Event Code: 10010
Message: The server {A47979D2-C419-11D9-A5B4-001185AD2B89} did not register with DCOM within the required timeout.
Record Number: 51
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20171220223128.328881-000
Event Type: Error
User: NT AUTHORITY\SYSTEM
Computer Name: Admin-lenovo
Event Code: 10010
Message: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.
Record Number: 50
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20171220223126.797597-000
Event Type: Error
User: NT AUTHORITY\LOCAL SERVICE
Computer Name: Admin-lenovo
Event Code: 7023
Message: The IP Helper service terminated with the following error:
The device is not ready.
Record Number: 35
Source Name: Service Control Manager
Time Written: 20171220222934.119495-000
Event Type: Error
User:
=====Application event log=====
Computer Name: Admin-lenovo
Event Code: 4104
Message: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
Record Number: 51
Source Name: Microsoft-Windows-MSDTC 2
Time Written: 20171220225317.968098-000
Event Type: Error
User:
Computer Name: Admin-lenovo
Event Code: 4104
Message: Failed trying to get the state of the cluster node: ADMIN-LENOVO.The error code returned: 0x8007085A
Record Number: 50
Source Name: Microsoft-Windows-MSDTC Client 2
Time Written: 20171220225317.218066-000
Event Type: Warning
User:
Computer Name: Admin-lenovo
Event Code: 4104
Message: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
Record Number: 49
Source Name: Microsoft-Windows-MSDTC Client 2
Time Written: 20171220225317.171191-000
Event Type: Error
User:
Computer Name: Admin-lenovo
Event Code: 1534
Message: Profile notification of event Create for component {D63AA156-D534-4BAC-9BF1-55359CF5EC30} failed, error code is The system cannot find the path specified.
.
Record Number: 15
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20171220223625.339095-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Admin-lenovo
Event Code: 1534
Message: Profile notification of event Create for component {D63AA156-D534-4BAC-9BF1-55359CF5EC30} failed, error code is The system cannot find the path specified.
.
Record Number: 13
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20171220223624.037945-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
=====Security event log=====
Computer Name: Admin-lenovo
Event Code: 4688
Message: A new process has been created.
Creator Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7
Target Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0
Process Information:
New Process ID: 0x1a8
New Process Name: C:\Windows\System32\smss.exe
Token Elevation Type: %%1936
Mandatory Label: S-1-16-16384
Creator Process ID: 0x148
Creator Process Name: C:\Windows\System32\smss.exe
Process Command Line:
Token Elevation Type indicates the type of token that was assigned to the new process in accordance with User Account Control policy.
Type 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account or a service account.
Type 2 is an elevated token with no privileges removed or groups disabled. An elevated token is used when User Account Control is enabled and the user chooses to start the program using Run as administrator. An elevated token is also used when an application is configured to always require administrative privilege or to always require maximum privilege, and the user is a member of the Administrators group.
Type 3 is a limited token with administrative privileges removed and administrative groups disabled. The limited token is used when User Account Control is enabled, the application does not require administrative privilege, and the user does not choose to start the program using Run as administrator.
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20171220222807.600616-000
Event Type: Audit Success
User:
Computer Name: Admin-lenovo
Event Code: 4688
Message: A new process has been created.
Creator Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7
Target Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0
Process Information:
New Process ID: 0x198
New Process Name: C:\Windows\System32\setupcl.exe
Token Elevation Type: %%1936
Mandatory Label: S-1-16-16384
Creator Process ID: 0x148
Creator Process Name: C:\Windows\System32\smss.exe
Process Command Line:
Token Elevation Type indicates the type of token that was assigned to the new process in accordance with User Account Control policy.
Type 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account or a service account.
Type 2 is an elevated token with no privileges removed or groups disabled. An elevated token is used when User Account Control is enabled and the user chooses to start the program using Run as administrator. An elevated token is also used when an application is configured to always require administrative privilege or to always require maximum privilege, and the user is a member of the Administrators group.
Type 3 is a limited token with administrative privileges removed and administrative groups disabled. The limited token is used when User Account Control is enabled, the application does not require administrative privilege, and the user does not choose to start the program using Run as administrator.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20171220222806.598698-000
Event Type: Audit Success
User:
Computer Name: Admin-lenovo
Event Code: 4688
Message: A new process has been created.
Creator Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7
Target Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0
Process Information:
New Process ID: 0x154
New Process Name: C:\Windows\System32\autochk.exe
Token Elevation Type: %%1936
Mandatory Label: S-1-16-16384
Creator Process ID: 0x148
Creator Process Name: C:\Windows\System32\smss.exe
Process Command Line:
Token Elevation Type indicates the type of token that was assigned to the new process in accordance with User Account Control policy.
Type 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account or a service account.
Type 2 is an elevated token with no privileges removed or groups disabled. An elevated token is used when User Account Control is enabled and the user chooses to start the program using Run as administrator. An elevated token is also used when an application is configured to always require administrative privilege or to always require maximum privilege, and the user is a member of the Administrators group.
Type 3 is a limited token with administrative privileges removed and administrative groups disabled. The limited token is used when User Account Control is enabled, the application does not require administrative privilege, and the user does not choose to start the program using Run as administrator.
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20171220222802.671192-000
Event Type: Audit Success
User:
Computer Name: Admin-lenovo
Event Code: 4688
Message: A new process has been created.
Creator Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7
Target Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0
Process Information:
New Process ID: 0x148
New Process Name: C:\Windows\System32\smss.exe
Token Elevation Type: %%1936
Mandatory Label: S-1-16-16384
Creator Process ID: 0x4
Creator Process Name:
Process Command Line:
Token Elevation Type indicates the type of token that was assigned to the new process in accordance with User Account Control policy.
Type 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account or a service account.
Type 2 is an elevated token with no privileges removed or groups disabled. An elevated token is used when User Account Control is enabled and the user chooses to start the program using Run as administrator. An elevated token is also used when an application is configured to always require administrative privilege or to always require maximum privilege, and the user is a member of the Administrators group.
Type 3 is a limited token with administrative privileges removed and administrative groups disabled. The limited token is used when User Account Control is enabled, the application does not require administrative privilege, and the user does not choose to start the program using Run as administrator.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20171220222759.317846-000
Event Type: Audit Success
User:
Computer Name: Admin-lenovo
Event Code: 4826
Message: Boot Configuration Data loaded.
Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7
General Settings:
Load Options: -
Advanced Options: No
Configuration Access Policy: Default
System Event Logging: No
Kernel Debugging: No
VSM Launch Type: Off
Signature Settings:
Test Signing: No
Flight Signing: No
Disable Integrity Checks: No
HyperVisor Settings:
HyperVisor Load Options: -
HyperVisor Launch Type: Off
HyperVisor Debugging: No
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20171220222759.245972-000
Event Type: Audit Success
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"OS"=Windows_NT
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Skype\Phone\
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=3c03
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.10 2017-12-31 20:06:44
======MBR======
0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A3BF6BBD400008020210007BE122C0008000000F00A0000BE132C07FEFFFF00F80A00C29D772400FEFFFF27FEFFFF0098822400701C0000FEFFFF07FEFFFF00089F240050D14F55AA
======Uninstall list======
-->MsiExec /X{427867D2-9459-4C7B-81E8-2CA570596645}
64 Bit HP CIO Components Installer-->MsiExec.exe /I{FF21C3E6-97FD-474F-9518-8DCBE94C2854}
Adobe Acrobat Reader DC-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AC0F074E4100}
Adobe Flash Player 28 NPAPI-->C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_126_Plugin.exe -maintain plugin
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001824245926}
Apple Application Support (32-bit)-->MsiExec.exe /I{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}
Apple Application Support (64-bit)-->MsiExec.exe /I{691F30EB-9009-475A-B8A9-E1BF39598FD5}
Apple Mobile Device Support-->MsiExec.exe /I{3540181E-340A-4E7A-B409-31663472B2F7}
Apple Software Update-->MsiExec.exe /I{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}
AVG AntiVirus FREE-->C:\Program Files (x86)\AVG\Setup\avgsetupx.exe /mode=offline /uninstall=bav
AVG Web TuneUp-->C:\Program Files (x86)\AVG Web TuneUp\UNINSTALL.exe /PROMPT /UNINSTALL
AVG-->MsiExec.exe /I{E61E6143-4937-43FC-8C12-06B8A987484D}
Bonjour-->MsiExec.exe /X{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Classic Shell-->MsiExec.exe /X{98BB5224-BC5D-4028-9D20-536C1C263AA9}
Dolby Home Theater v4-->MsiExec.exe /X{B26438B4-BF51-49C3-9567-7F14A5E40CB9}
Energy Manager-->"C:\Program Files (x86)\InstallShield Installation Information\{AC768037-7079-4658-AC24-2897650E0ABE}\setup.exe" -runfromtemp -l0x041b -removeonly
Energy Manager-->MsiExec.exe /I{AC768037-7079-4658-AC24-2897650E0ABE}
FlightGear v2017.3.1-->"C:\Program Files\FlightGear 2017.3.1\unins000.exe"
FMW 1-->MsiExec.exe /I{36133E9F-B129-4206-9FB4-13F707787542}
Google Chrome-->MsiExec.exe /X{1B729E3D-B16D-3A41-A9AE-6AEC20C6580D}
Google Earth Pro-->MsiExec.exe /I{ECF2E224-42F5-4E50-B58E-94CA70E85697}
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HP Customer Participation Program 14.0-->C:\Program Files (x86)\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot
HP Deskjet F2200 All-In-One Driver Software 14.0 Rel. 6-->C:\Program Files (x86)\HP\Digital Imaging\{60D6AAC5-FDC1-49BA-867B-3135F4726156}\setup\hpzscr40.exe -datfile hposcr27.dat -onestop -forcereboot
HP Imaging Device Functions 14.0-->C:\Program Files (x86)\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photo Creations-->C:\Program Files (x86)\HP Photo Creations\uninst.exe
HP Solution Center 14.0-->C:\Program Files (x86)\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot
HP Update-->MsiExec.exe /X{912D30CF-F39E-4B31-AD9A-123C6B794EE2}
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->"C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\igxpin.exe" -uninstall
Intel(R) Rapid Storage Technology-->C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe -uninstall
Intel(R) Rapid Storage Technology-->MsiExec.exe /I{8B11A672-F039-4B14-867C-3F0209ADC85A}
Intel(R) SDK for OpenCL - CPU Only Runtime Package-->C:\Program Files (x86)\Intel\OpenCL SDK\3.0\Uninstall\setup.exe -uninstall
Intel(R) Update Manager-->MsiExec.exe /I{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}
Intel® Trusted Connect Service Client-->MsiExec.exe /I{44B72151-611E-429D-9765-9BA093D7E48A}
iTunes-->MsiExec.exe /I{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}
Java 7 Update 45 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86417045FF}
Java 7 Update 55-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217045FF}
K-Lite Codec Pack 10.2.0 Full-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
LibreOffice 5.0.4.2-->MsiExec.exe /I{14B5DDCF-61C4-4F1E-A621-844685D60B5A}
McAfee Security Scan Plus-->"C:\Program Files\McAfee Security Scan\uninstall.exe"
Microsoft ASP.NET MVC 4 Runtime-->MsiExec.exe /X{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005-->"C:\ProgramData\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005-->"C:\ProgramData\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005-->MsiExec.exe /X{929FBD26-9020-399B-9A7A-751D61F0B942}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005-->MsiExec.exe /X{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}
Mozilla Firefox 57.0.3 (x64 en-US)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
NVIDIA GeForce Experience 2.7.4.10-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Grafický ovládač 327.02-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{9FF4C2A1-3689-49F3-9CE7-A0E0AB8BF850}\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Ovládač 3D Vision 327.02-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{9FF4C2A1-3689-49F3-9CE7-A0E0AB8BF850}\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA PhysX-->MsiExec.exe /I{427867D2-9459-4C7B-81E8-2CA570596645}
NVIDIA Softvér systému s podporou technológie PhysX 9.13.0325-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{8510B691-17BB-4928-82E9-11BEAB7EA1A6}\NVI2.DLL",UninstallPackage Display.PhysX
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
OCR Software by I.R.I.S. 14.0-->C:\Program Files (x86)\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
QuickTime 7-->MsiExec.exe /I{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}
Realtek Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}\setup.exe" -runfromtemp -removeonly
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
Shop for HP Supplies-->C:\Program Files (x86)\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Skype Click to Call-->MsiExec.exe /X{6D1221A9-17BF-4EC0-81F2-27D30EC30701}
Skype™ 7.17-->MsiExec.exe /X{FC965A47-4839-40CA-B618-18F486F042C6}
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TomTom MyDrive Connect 4.1.6.3253-->C:\Program Files (x86)\MyDrive Connect\Uninstall TomTom MyDrive Connect.exe
Total Commander 64-bit (Remove or Repair)-->c:\totalcmd\tcunin64.exe
Visual Studio 2012 x64 Redistributables-->MsiExec.exe /I{8C775E70-A791-4DA8-BCC3-6AB7136F4484}
Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
Visual Studio C++ 10.0 Runtime-->MsiExec.exe /I{4412F224-3849-4461-A3E9-DEEF8D252790}
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776)-->C:\Program Files\DIFX\8C6574~1\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\acpivpc.inf_amd64_0801388e5591ee6b\acpivpc.inf
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733)-->C:\Program Files\DIFX\8C6574~1\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\wudfvhidmini.inf_amd64_4f86ecaa9af0d5de\wudfvhidmini.inf
WinRAR 5.01 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
======Hosts File======
::1 localhost
======System event log======
Computer Name: Admin-lenovo
Event Code: 16392
Message: The BITS service failed to start. Error 0x80080005.
Record Number: 54
Source Name: Microsoft-Windows-Bits-Client
Time Written: 20171220223139.988621-000
Event Type: Error
User: NT AUTHORITY\SYSTEM
Computer Name: Admin-lenovo
Event Code: 7030
Message: The Rozšírenia a oznámenia tlačiarne service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Record Number: 53
Source Name: Service Control Manager
Time Written: 20171220223131.422671-000
Event Type: Error
User:
Computer Name: Admin-lenovo
Event Code: 10010
Message: The server {A47979D2-C419-11D9-A5B4-001185AD2B89} did not register with DCOM within the required timeout.
Record Number: 51
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20171220223128.328881-000
Event Type: Error
User: NT AUTHORITY\SYSTEM
Computer Name: Admin-lenovo
Event Code: 10010
Message: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.
Record Number: 50
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20171220223126.797597-000
Event Type: Error
User: NT AUTHORITY\LOCAL SERVICE
Computer Name: Admin-lenovo
Event Code: 7023
Message: The IP Helper service terminated with the following error:
The device is not ready.
Record Number: 35
Source Name: Service Control Manager
Time Written: 20171220222934.119495-000
Event Type: Error
User:
=====Application event log=====
Computer Name: Admin-lenovo
Event Code: 4104
Message: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
Record Number: 51
Source Name: Microsoft-Windows-MSDTC 2
Time Written: 20171220225317.968098-000
Event Type: Error
User:
Computer Name: Admin-lenovo
Event Code: 4104
Message: Failed trying to get the state of the cluster node: ADMIN-LENOVO.The error code returned: 0x8007085A
Record Number: 50
Source Name: Microsoft-Windows-MSDTC Client 2
Time Written: 20171220225317.218066-000
Event Type: Warning
User:
Computer Name: Admin-lenovo
Event Code: 4104
Message: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
Record Number: 49
Source Name: Microsoft-Windows-MSDTC Client 2
Time Written: 20171220225317.171191-000
Event Type: Error
User:
Computer Name: Admin-lenovo
Event Code: 1534
Message: Profile notification of event Create for component {D63AA156-D534-4BAC-9BF1-55359CF5EC30} failed, error code is The system cannot find the path specified.
.
Record Number: 15
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20171220223625.339095-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Admin-lenovo
Event Code: 1534
Message: Profile notification of event Create for component {D63AA156-D534-4BAC-9BF1-55359CF5EC30} failed, error code is The system cannot find the path specified.
.
Record Number: 13
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20171220223624.037945-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
=====Security event log=====
Computer Name: Admin-lenovo
Event Code: 4688
Message: A new process has been created.
Creator Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7
Target Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0
Process Information:
New Process ID: 0x1a8
New Process Name: C:\Windows\System32\smss.exe
Token Elevation Type: %%1936
Mandatory Label: S-1-16-16384
Creator Process ID: 0x148
Creator Process Name: C:\Windows\System32\smss.exe
Process Command Line:
Token Elevation Type indicates the type of token that was assigned to the new process in accordance with User Account Control policy.
Type 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account or a service account.
Type 2 is an elevated token with no privileges removed or groups disabled. An elevated token is used when User Account Control is enabled and the user chooses to start the program using Run as administrator. An elevated token is also used when an application is configured to always require administrative privilege or to always require maximum privilege, and the user is a member of the Administrators group.
Type 3 is a limited token with administrative privileges removed and administrative groups disabled. The limited token is used when User Account Control is enabled, the application does not require administrative privilege, and the user does not choose to start the program using Run as administrator.
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20171220222807.600616-000
Event Type: Audit Success
User:
Computer Name: Admin-lenovo
Event Code: 4688
Message: A new process has been created.
Creator Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7
Target Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0
Process Information:
New Process ID: 0x198
New Process Name: C:\Windows\System32\setupcl.exe
Token Elevation Type: %%1936
Mandatory Label: S-1-16-16384
Creator Process ID: 0x148
Creator Process Name: C:\Windows\System32\smss.exe
Process Command Line:
Token Elevation Type indicates the type of token that was assigned to the new process in accordance with User Account Control policy.
Type 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account or a service account.
Type 2 is an elevated token with no privileges removed or groups disabled. An elevated token is used when User Account Control is enabled and the user chooses to start the program using Run as administrator. An elevated token is also used when an application is configured to always require administrative privilege or to always require maximum privilege, and the user is a member of the Administrators group.
Type 3 is a limited token with administrative privileges removed and administrative groups disabled. The limited token is used when User Account Control is enabled, the application does not require administrative privilege, and the user does not choose to start the program using Run as administrator.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20171220222806.598698-000
Event Type: Audit Success
User:
Computer Name: Admin-lenovo
Event Code: 4688
Message: A new process has been created.
Creator Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7
Target Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0
Process Information:
New Process ID: 0x154
New Process Name: C:\Windows\System32\autochk.exe
Token Elevation Type: %%1936
Mandatory Label: S-1-16-16384
Creator Process ID: 0x148
Creator Process Name: C:\Windows\System32\smss.exe
Process Command Line:
Token Elevation Type indicates the type of token that was assigned to the new process in accordance with User Account Control policy.
Type 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account or a service account.
Type 2 is an elevated token with no privileges removed or groups disabled. An elevated token is used when User Account Control is enabled and the user chooses to start the program using Run as administrator. An elevated token is also used when an application is configured to always require administrative privilege or to always require maximum privilege, and the user is a member of the Administrators group.
Type 3 is a limited token with administrative privileges removed and administrative groups disabled. The limited token is used when User Account Control is enabled, the application does not require administrative privilege, and the user does not choose to start the program using Run as administrator.
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20171220222802.671192-000
Event Type: Audit Success
User:
Computer Name: Admin-lenovo
Event Code: 4688
Message: A new process has been created.
Creator Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7
Target Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0
Process Information:
New Process ID: 0x148
New Process Name: C:\Windows\System32\smss.exe
Token Elevation Type: %%1936
Mandatory Label: S-1-16-16384
Creator Process ID: 0x4
Creator Process Name:
Process Command Line:
Token Elevation Type indicates the type of token that was assigned to the new process in accordance with User Account Control policy.
Type 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account or a service account.
Type 2 is an elevated token with no privileges removed or groups disabled. An elevated token is used when User Account Control is enabled and the user chooses to start the program using Run as administrator. An elevated token is also used when an application is configured to always require administrative privilege or to always require maximum privilege, and the user is a member of the Administrators group.
Type 3 is a limited token with administrative privileges removed and administrative groups disabled. The limited token is used when User Account Control is enabled, the application does not require administrative privilege, and the user does not choose to start the program using Run as administrator.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20171220222759.317846-000
Event Type: Audit Success
User:
Computer Name: Admin-lenovo
Event Code: 4826
Message: Boot Configuration Data loaded.
Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7
General Settings:
Load Options: -
Advanced Options: No
Configuration Access Policy: Default
System Event Logging: No
Kernel Debugging: No
VSM Launch Type: Off
Signature Settings:
Test Signing: No
Flight Signing: No
Disable Integrity Checks: No
HyperVisor Settings:
HyperVisor Load Options: -
HyperVisor Launch Type: Off
HyperVisor Debugging: No
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20171220222759.245972-000
Event Type: Audit Success
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"OS"=Windows_NT
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Skype\Phone\
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=3c03
-----------------EOF-----------------