Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zavirovaný ntb, nejdou služby googlu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
souko
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 02 úno 2016 23:19

Zavirovaný ntb, nejdou služby googlu

#1 Příspěvek od souko »

Zdravím,
na kamarádově notebooku nejdou služby google (google.cz, gmail, apod.), v žádném prohlížeči. A je o něco pomalejší. Plus tam měl malware Tencent, takže jestli byste nekoukli pls i na to.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Matěj at 2016-02-04 21:40:45
Microsoft Windows 7 Enterprise Service Pack 1
System drive C: has 322 GB (68%) free of 477 GB
Total RAM: 4010 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:41:09, on 4.2.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18163)
Boot mode: Normal

Running processes:
C:\Users\Matěj\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\Installer\chrmstp.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avpui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Matěj.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=90340616_hao_pg
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=90340616_hao_pg
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: VirtualKeyboardBrowserHelperObject - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Safe Money Plugin - {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [PWMTRV] rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [RIM PeerManager] "C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe"
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [ QQPCTray] "C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17058.221\QQPCTray.exe" /regrun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_70145597F79BFCFF97F80D4F76488927] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [BingSvc] C:\Users\Matěj\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Matěj\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Virtuální klávesnice - {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Kaspersky Anti-Virus 15.0.2 (AVP15.0.2) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Power Manager Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
O23 - Service: QQPCMgr RTP Service (QQPCRTP) - Tencent - C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17058.221\QQPCRtp.exe
O23 - Service: RIM MDNS - Apple Inc. - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
O23 - Service: BlackBerry Link Communication Manager (RIM Tunnel Service) - BlackBerry Limited - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14252 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
"C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17058.221\QQPCRtp.exe" -r
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {66FB42EA-97DF-4F00-B36A-42B19E4F2FA4}
C:\Windows\system32\printfilterpipelinesvc.exe -Embedding
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Users\Matěj\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe" -r
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
szndesktop.exe default start
"C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
"C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe"
\??\C:\Windows\system32\conhost.exe "5451757057517148792596432662050463590-578447507839267080-10882349041519500291
"C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2808
"C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe" service
"C:\Program Files\iPod\bin\iPodService.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
"C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome --force-configure-user-settings
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cachedir="C:\Users\Matěj\AppData\Local\Steam\htmlcache" -steampid=3552 -buildid=1451690000 -steamid="0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
"C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe"
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avpui.exe" -hidden
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7544.0.448510748\106154003" --disable-breakpad --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,24,52 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.4229 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-experimental-canvas-features --disable-direct-write --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Control2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Enable/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7544.4.1299987956\1316621023" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-experimental-canvas-features --disable-direct-write --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Control2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Enable/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7544.5.2115791155\1930526755" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-experimental-canvas-features --disable-direct-write --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Control2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Enable/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7544.6.1949358014\2038762782" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-experimental-canvas-features --disable-direct-write --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Control2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Enable/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7544.7.1411660382\341392907" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-experimental-canvas-features --disable-direct-write --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Control2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Enable/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7544.8.2045484402\238134038" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-experimental-canvas-features --disable-direct-write --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Control2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Enable/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7544.9.1726700595\643405159" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-experimental-canvas-features --disable-direct-write --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Control2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Enable/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7544.11.677160913\770776658" /prefetch:673131151
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe" -host
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "--user-data-dir=C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\..\data\libchinst\chromeprofile" "http://software.seznam.cz/listicka?browser=chrome#auto"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6880.0.1466542235\1905827896" --user-data-dir="C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\..\data\libchinst\chromeprofile" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,24,52 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.4229 --user-data-dir="C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\..\data\libchinst\chromeprofile" --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/*LocalNTPSuggestionsService/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A4/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --user-data-dir="C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\..\data\libchinst\chromeprofile" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6880.1.1986842159\1230432932" --font-cache-shared-handle=1992 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*LocalNTPSuggestionsService/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A4/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --user-data-dir="C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\..\data\libchinst\chromeprofile" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6880.2.1614383286\310432664" --font-cache-shared-handle=2748 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*LocalNTPSuggestionsService/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A4/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --user-data-dir="C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\..\data\libchinst\chromeprofile" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6880.3.226449861\1711385998" --font-cache-shared-handle=2844 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*LocalNTPSuggestionsService/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A4/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --user-data-dir="C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\..\data\libchinst\chromeprofile" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6880.4.1540695165\1590942166" --font-cache-shared-handle=2664 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*LocalNTPSuggestionsService/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A4/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --user-data-dir="C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\..\data\libchinst\chromeprofile" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6880.5.1740880825\1559224351" --font-cache-shared-handle=3004 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*LocalNTPSuggestionsService/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A4/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --user-data-dir="C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\..\data\libchinst\chromeprofile" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6880.7.1810171037\2124075610" --font-cache-shared-handle=4384 /prefetch:673131151
"C:\Users\Matěj\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Matěj\AppData\Roaming\Mozilla\Firefox\Profiles\w12zxkyw.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098]
"Description"=
"Path"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5]
"Description"=
"Path"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E]
"Description"=
"Path"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]
"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers
"Path"=C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL


C:\Users\Matěj\AppData\Roaming\Mozilla\Firefox\Profiles\w12zxkyw.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}]
电脑管家网页防火墙 - C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17058.221\TSWebMon64.dat [2016-01-17 415584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-25 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93BC2EA7-2F17-4729-948A-D2E03FFB2412}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB379017-4C03-4E00-8EDF-E6D6AF7CCF82}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-25 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93BC2EA7-2F17-4729-948A-D2E03FFB2412}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB379017-4C03-4E00-8EDF-E6D6AF7CCF82}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [2009-04-23 4349768]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2009-05-06 5830984]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2015-06-01 183216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2015-06-01 411056]
"Persistence"=C:\Windows\system32\igfxpers.exe [2015-06-01 453552]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-17 500208]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-12-09 170256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_70145597F79BFCFF97F80D4F76488927"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2016-02-03 748872]
"BingSvc"=C:\Users\Matěj\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-11 144008]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2016-01-15 23499656]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-12-14 3013712]
"cz.seznam.software.autoupdate"=C:\Users\Matěj\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-01-18 50615936]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2015-07-12 563416]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"PWMTRV"=rundll32 C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL,PwrMgrBkGndMonitor []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-13 5515496]
"RIMBBLaunchAgent.exe"=C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2014-10-31 443640]
"RIM PeerManager"=C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [2015-03-19 4861688]
"Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2013-12-27 570880]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
" QQPCTray"=C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17058.221\QQPCTray.exe [2016-01-17 355296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2015-06-01 451584]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\QQPCRTP]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-02-04 21:40:46 ----D---- C:\Program Files\trend micro
2016-02-04 21:40:45 ----D---- C:\rsit
2016-02-03 17:37:54 ----SHD---- C:\Config.Msi
2016-02-02 20:37:51 ----D---- C:\Users\Matěj\AppData\Roaming\Mozilla
2016-02-02 20:37:23 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-02 20:36:54 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-02-02 19:03:08 ----D---- C:\Program Files\Perfect Uninstaller
2016-02-01 22:15:32 ----D---- C:\Users\Matěj\AppData\Roaming\Systweak
2016-02-01 21:14:43 ----D---- C:\Users\Matěj\AppData\Roaming\Babylon
2016-02-01 21:14:43 ----D---- C:\ProgramData\Babylon
2016-02-01 19:33:06 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2016-02-01 19:23:37 ----D---- C:\KVRT_Data
2016-02-01 15:18:21 ----A---- C:\Windows\system32\klfphc.dll
2016-02-01 15:17:43 ----D---- C:\Windows\ELAMBKUP
2016-02-01 15:17:42 ----D---- C:\ProgramData\Kaspersky Lab
2016-02-01 15:17:42 ----D---- C:\Program Files (x86)\Kaspersky Lab
2016-02-01 15:17:34 ----A---- C:\ProgramData\ntuser.dat
2016-02-01 15:17:16 ----A---- C:\Windows\system32\drivers\klif.sys
2016-02-01 15:17:16 ----A---- C:\Windows\system32\drivers\klflt.sys
2016-02-01 15:17:15 ----A---- C:\Windows\system32\drivers\klhk.sys
2016-01-31 12:31:30 ----D---- C:\Program Files\iTunes
2016-01-31 12:31:30 ----D---- C:\Program Files\iPod
2016-01-31 12:31:30 ----D---- C:\Program Files (x86)\iTunes
2016-01-31 12:27:58 ----D---- C:\Program Files (x86)\Apple Software Update
2016-01-31 12:26:59 ----D---- C:\Program Files\Bonjour
2016-01-31 12:26:59 ----D---- C:\Program Files (x86)\Bonjour
2016-01-30 21:32:00 ----D---- C:\Program Files (x86)\ESET
2016-01-23 23:11:52 ----A---- C:\Windows\system32\FNTCACHE.DAT
2016-01-18 20:06:38 ----A---- C:\Windows\SYSWOW64\drivers\TsFltMgr.sys
2016-01-17 22:03:51 ----D---- C:\QMDownload
2016-01-17 21:58:32 ----A---- C:\Windows\SYSWOW64\drivers\TS888x64.sys
2016-01-17 16:58:43 ----A---- C:\Users\Matěj\AppData\Roaming\GiftBag.db
2016-01-17 16:58:20 ----A---- C:\Windows\system32\drivers\TAOKernel64.sys
2016-01-17 16:58:20 ----A---- C:\Windows\system32\drivers\TAOAccelerator64.sys
2016-01-17 16:58:09 ----D---- C:\Program Files\Common Files\Tencent
2016-01-17 16:58:06 ----D---- C:\ProgramData\TXQMPC
2016-01-17 16:57:57 ----A---- C:\Windows\system32\drivers\TSSKX64.sys
2016-01-17 16:57:32 ----A---- C:\Windows\system32\drivers\TFsFltX64.sys
2016-01-17 16:56:41 ----D---- C:\Program Files (x86)\Tencent
2016-01-17 16:56:36 ----D---- C:\Users\Matěj\AppData\Roaming\Tencent
2016-01-17 16:56:32 ----D---- C:\ProgramData\Tencent
2016-01-17 16:19:50 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2016-01-17 16:18:29 ----D---- C:\Program Files\Adobe
2016-01-17 16:17:01 ----D---- C:\Program Files\Common Files\Adobe
2016-01-17 16:16:06 ----D---- C:\Program Files (x86)\Adobe Media Player
2016-01-12 21:19:08 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-01-12 21:19:08 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-01-12 21:19:08 ----A---- C:\Windows\system32\iertutil.dll
2016-01-12 21:19:08 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-01-12 21:19:07 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-01-12 21:19:07 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-01-12 21:19:07 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-01-12 21:19:07 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-01-12 21:19:07 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-01-12 21:19:07 ----A---- C:\Windows\system32\iernonce.dll
2016-01-12 21:19:07 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-01-12 21:19:07 ----A---- C:\Windows\system32\ie4uinit.exe
2016-01-12 21:19:06 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-01-12 21:19:06 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-01-12 21:19:05 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-01-12 21:19:05 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-01-12 21:19:05 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-01-12 21:19:05 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-01-12 21:19:05 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-01-12 21:19:04 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-01-12 21:19:04 ----A---- C:\Windows\system32\occache.dll
2016-01-12 21:19:04 ----A---- C:\Windows\system32\iedkcs32.dll
2016-01-12 21:19:03 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-01-12 21:19:03 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-01-12 21:19:03 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-01-12 21:19:03 ----A---- C:\Windows\system32\urlmon.dll
2016-01-12 21:19:03 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-01-12 21:19:03 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-01-12 21:19:02 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-01-12 21:19:02 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-01-12 21:19:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-01-12 21:19:02 ----A---- C:\Windows\system32\msfeeds.dll
2016-01-12 21:19:02 ----A---- C:\Windows\system32\dxtrans.dll
2016-01-12 21:19:01 ----A---- C:\Windows\system32\iesetup.dll
2016-01-12 21:19:00 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-01-12 21:19:00 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-01-12 21:19:00 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-01-12 21:19:00 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-01-12 21:19:00 ----A---- C:\Windows\system32\vbscript.dll
2016-01-12 21:18:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-01-12 21:18:59 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-01-12 21:18:59 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-01-12 21:18:59 ----A---- C:\Windows\system32\jsproxy.dll
2016-01-12 21:18:58 ----A---- C:\Windows\system32\ieui.dll
2016-01-12 21:18:58 ----A---- C:\Windows\system32\dxtmsft.dll
2016-01-12 21:18:57 ----A---- C:\Windows\system32\mshtmled.dll
2016-01-12 21:18:57 ----A---- C:\Windows\system32\ieframe.dll
2016-01-12 21:18:56 ----A---- C:\Windows\system32\webcheck.dll
2016-01-12 21:18:56 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-01-12 21:18:56 ----A---- C:\Windows\system32\jscript9diag.dll
2016-01-12 21:18:56 ----A---- C:\Windows\system32\jscript.dll
2016-01-12 21:18:56 ----A---- C:\Windows\system32\ieUnatt.exe
2016-01-12 21:18:55 ----A---- C:\Windows\system32\wininet.dll
2016-01-12 21:18:55 ----A---- C:\Windows\system32\jscript9.dll
2016-01-12 21:18:55 ----A---- C:\Windows\system32\ieapfltr.dll
2016-01-12 21:18:54 ----A---- C:\Windows\system32\msrating.dll
2016-01-12 21:18:54 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-01-12 21:18:53 ----A---- C:\Windows\system32\mshtml.dll
2016-01-12 21:16:38 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2016-01-12 21:16:38 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2016-01-12 21:16:38 ----A---- C:\Windows\SYSWOW64\fixmapi.exe
2016-01-12 21:16:38 ----A---- C:\Windows\system32\mapistub.dll
2016-01-12 21:16:38 ----A---- C:\Windows\system32\mapi32.dll
2016-01-12 21:16:37 ----A---- C:\Windows\system32\fixmapi.exe
2016-01-12 21:12:36 ----A---- C:\Windows\system32\aeinv.dll
2016-01-12 21:12:31 ----A---- C:\Windows\system32\qedit.dll
2016-01-12 21:12:30 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-01-12 21:12:26 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-01-12 21:12:26 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-01-12 21:12:26 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-01-12 21:12:25 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-01-12 21:12:25 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-01-12 21:12:25 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-01-12 21:12:25 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-01-12 21:12:25 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-01-12 21:12:25 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-12 21:12:24 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-01-12 21:12:24 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-01-12 21:12:24 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-01-12 21:12:24 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-01-12 21:12:24 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-01-12 21:12:24 ----A---- C:\Windows\system32\mf.dll
2016-01-12 21:12:23 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-01-12 21:12:23 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-01-12 21:12:23 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-01-12 21:12:23 ----A---- C:\Windows\system32\wmpmde.dll
2016-01-12 21:12:23 ----A---- C:\Windows\system32\quartz.dll
2016-01-12 21:12:23 ----A---- C:\Windows\system32\mcmde.dll
2016-01-12 21:12:23 ----A---- C:\Windows\system32\evr.dll
2016-01-12 21:12:23 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-01-12 21:12:22 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-01-12 21:12:22 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2016-01-12 21:12:21 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-01-12 21:12:21 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-01-12 21:12:21 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-01-12 21:12:21 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-01-12 21:12:21 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-01-12 21:12:21 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-01-12 21:12:21 ----A---- C:\Windows\system32\mfplat.dll
2016-01-12 21:12:20 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-01-12 21:12:20 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-01-12 21:12:20 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-01-12 21:12:20 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-01-12 21:12:20 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-01-12 21:12:20 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-12 21:12:20 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-01-12 21:12:20 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-01-12 21:12:20 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-01-12 21:12:20 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-01-12 21:12:20 ----A---- C:\Windows\system32\devenum.dll
2016-01-12 21:12:19 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-01-12 21:12:19 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-01-12 21:12:19 ----A---- C:\Windows\SYSWOW64\qasf.dll
2016-01-12 21:12:19 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-01-12 21:12:19 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-01-12 21:12:19 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-01-12 21:12:19 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-01-12 21:12:19 ----A---- C:\Windows\system32\mfvdsp.dll
2016-01-12 21:12:18 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-01-12 21:12:18 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-01-12 21:12:18 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-01-12 21:12:18 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-01-12 21:12:18 ----A---- C:\Windows\system32\SysFxUI.dll
2016-01-12 21:12:18 ----A---- C:\Windows\system32\qdvd.dll
2016-01-12 21:12:18 ----A---- C:\Windows\system32\qasf.dll
2016-01-12 21:12:18 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-01-12 21:12:17 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-01-12 21:12:17 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-01-12 21:12:17 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-01-12 21:12:17 ----A---- C:\Windows\system32\rrinstaller.exe
2016-01-12 21:12:17 ----A---- C:\Windows\system32\mfps.dll
2016-01-12 21:12:16 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-01-12 21:12:16 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-01-12 21:12:16 ----A---- C:\Windows\SYSWOW64\ksuser.dll
2016-01-12 21:12:16 ----A---- C:\Windows\system32\mfpmp.exe
2016-01-12 21:12:16 ----A---- C:\Windows\system32\mferror.dll
2016-01-12 21:12:16 ----A---- C:\Windows\system32\ksuser.dll
2016-01-12 21:12:16 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-01-12 21:12:16 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2016-01-12 21:12:16 ----A---- C:\Windows\system32\drivers\drmk.sys
2016-01-12 21:11:48 ----A---- C:\Windows\system32\win32k.sys
2016-01-12 21:07:40 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-01-12 21:07:40 ----A---- C:\Windows\system32\advapi32.dll
2016-01-12 21:07:38 ----A---- C:\Windows\system32\invagent.dll
2016-01-12 21:07:38 ----A---- C:\Windows\system32\generaltel.dll
2016-01-12 21:07:38 ----A---- C:\Windows\system32\devinv.dll
2016-01-12 21:07:38 ----A---- C:\Windows\system32\appraiser.dll
2016-01-12 21:07:38 ----A---- C:\Windows\system32\aepic.dll
2016-01-12 21:07:38 ----A---- C:\Windows\system32\acmigration.dll
2016-01-12 21:07:37 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-01-12 21:07:35 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-01-12 21:07:35 ----A---- C:\Windows\system32\gdi32.dll
2016-01-12 21:07:28 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-01-12 21:07:26 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-01-12 21:07:26 ----A---- C:\Windows\system32\schannel.dll
2016-01-12 21:07:26 ----A---- C:\Windows\system32\rpcrt4.dll
2016-01-12 21:07:25 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-01-12 21:07:25 ----A---- C:\Windows\system32\ncrypt.dll
2016-01-12 21:07:25 ----A---- C:\Windows\system32\kernel32.dll
2016-01-12 21:07:24 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-01-12 21:07:24 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-01-12 21:07:24 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-01-12 21:07:24 ----A---- C:\Windows\system32\lsasrv.dll
2016-01-12 21:07:24 ----A---- C:\Windows\system32\kerberos.dll
2016-01-12 21:07:24 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-01-12 21:07:23 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-01-12 21:07:23 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-01-12 21:07:23 ----A---- C:\Windows\system32\ntdll.dll
2016-01-12 21:07:22 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-01-12 21:07:22 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-01-12 21:07:22 ----A---- C:\Windows\system32\winsrv.dll
2016-01-12 21:07:22 ----A---- C:\Windows\system32\wdigest.dll
2016-01-12 21:07:22 ----A---- C:\Windows\system32\TSpkg.dll
2016-01-12 21:07:22 ----A---- C:\Windows\system32\msv1_0.dll
2016-01-12 21:07:22 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-01-12 21:07:21 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-01-12 21:07:21 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-01-12 21:07:21 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-01-12 21:07:21 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-01-12 21:07:21 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-01-12 21:07:21 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-01-12 21:07:21 ----A---- C:\Windows\system32\sspicli.dll
2016-01-12 21:07:21 ----A---- C:\Windows\system32\secur32.dll
2016-01-12 21:07:21 ----A---- C:\Windows\system32\ntvdm64.dll
2016-01-12 21:07:21 ----A---- C:\Windows\system32\cryptbase.dll
2016-01-12 21:07:21 ----A---- C:\Windows\system32\credssp.dll
2016-01-12 21:07:20 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-01-12 21:07:20 ----A---- C:\Windows\system32\wow64win.dll
2016-01-12 21:07:20 ----A---- C:\Windows\system32\wow64.dll
2016-01-12 21:07:20 ----A---- C:\Windows\system32\sspisrv.dll
2016-01-12 21:07:20 ----A---- C:\Windows\system32\srcore.dll
2016-01-12 21:07:20 ----A---- C:\Windows\system32\smss.exe
2016-01-12 21:07:20 ----A---- C:\Windows\system32\lsass.exe
2016-01-12 21:07:20 ----A---- C:\Windows\system32\KernelBase.dll
2016-01-12 21:07:20 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-01-12 21:07:20 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-01-12 21:07:20 ----A---- C:\Windows\system32\csrsrv.dll
2016-01-12 21:07:20 ----A---- C:\Windows\system32\conhost.exe
2016-01-12 21:07:19 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-01-12 21:07:19 ----A---- C:\Windows\system32\wow64cpu.dll
2016-01-12 21:07:19 ----A---- C:\Windows\system32\srclient.dll
2016-01-12 21:07:19 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-01-12 21:07:18 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-01-12 21:07:18 ----A---- C:\Windows\system32\rstrui.exe
2016-01-12 21:07:18 ----A---- C:\Windows\system32\auditpol.exe
2016-01-12 21:07:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-12 21:07:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-12 21:07:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-12 21:07:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-12 21:07:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-12 21:07:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-12 21:07:17 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-12 21:07:17 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-12 21:07:17 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-12 21:07:17 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-12 21:07:17 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-12 21:07:17 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-12 21:07:17 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-12 21:07:17 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-12 21:07:17 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-12 21:07:17 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-01-12 21:07:17 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-01-12 21:07:17 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-01-12 21:07:17 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-01-12 21:07:17 ----A---- C:\Windows\system32\apisetschema.dll
2016-01-12 21:07:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-12 21:07:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-12 21:07:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-12 21:07:16 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-12 21:07:16 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-12 21:07:16 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-12 21:07:16 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-12 21:07:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-12 21:07:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-12 21:07:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-12 21:07:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-12 21:07:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-12 21:07:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-12 21:07:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-12 21:07:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-12 21:07:15 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-12 21:07:15 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-12 21:07:15 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-12 21:07:15 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-12 21:07:15 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-12 21:07:15 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-12 21:07:15 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-12 21:07:15 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-12 21:07:15 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-12 21:07:15 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-12 21:07:15 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-12 21:07:15 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-01-12 21:07:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-12 21:07:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-12 21:07:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-12 21:07:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-12 21:07:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-12 21:07:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-12 21:07:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-12 21:07:14 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-12 21:07:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-12 21:07:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-12 21:07:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-12 21:07:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-12 21:07:13 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-12 21:07:13 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-12 21:07:13 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-12 21:07:13 ----A---- C:\Windows\SYSWOW64\user.exe
2016-01-12 21:07:12 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-01-12 21:07:12 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-01-12 21:07:12 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-01-12 21:07:12 ----A---- C:\Windows\system32\msobjs.dll
2016-01-12 21:07:12 ----A---- C:\Windows\system32\msaudite.dll
2016-01-12 21:07:12 ----A---- C:\Windows\system32\adtschema.dll
2016-01-07 16:04:21 ----A---- C:\Windows\system32\icaapi.dll
2016-01-07 16:04:17 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2016-01-06 22:42:05 ----A---- C:\autoexec.bat
2016-01-06 22:33:12 ----D---- C:\Users\Matěj\AppData\Roaming\Anvsoft
2016-01-06 22:33:04 ----D---- C:\Program Files (x86)\Anvsoft
2016-01-06 22:13:50 ----D---- C:\Program Files (x86)\Konvertor
2016-01-06 21:57:18 ----D---- C:\Users\Matěj\AppData\Roaming\Opera Software
2016-01-06 21:54:58 ----D---- C:\Program Files (x86)\Opera
2016-01-06 21:54:46 ----D---- C:\Users\Matěj\AppData\Roaming\OpenCandy
Nahoru
souko
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 02 úno 2016 23:19

Re: Zavirovaný ntb, nejdou služby googlu

#2 Příspěvek od souko »

======List of files/folders modified in the last 1 month======

2016-02-04 21:40:53 ----D---- C:\Windows\Temp
2016-02-04 21:40:46 ----RD---- C:\Program Files
2016-02-04 21:17:02 ----D---- C:\Users\Matěj\AppData\Roaming\Skype
2016-02-04 21:08:32 ----D---- C:\Windows\system32\config
2016-02-04 20:47:21 ----D---- C:\Users\Matěj\AppData\Roaming\Seznam.cz
2016-02-04 20:45:25 ----A---- C:\Windows\SYSWOW64\log.txt
2016-02-04 20:42:10 ----D---- C:\Program Files (x86)\Steam
2016-02-04 20:42:08 ----SHD---- C:\System Volume Information
2016-02-03 17:38:41 ----SHD---- C:\Windows\Installer
2016-02-02 20:37:23 ----RD---- C:\Program Files (x86)
2016-02-02 19:30:23 ----D---- C:\Windows\system32\Tasks
2016-02-02 19:30:17 ----HD---- C:\ProgramData
2016-02-02 19:30:14 ----D---- C:\Windows\System32
2016-02-02 19:03:18 ----D---- C:\Windows\SysWOW64
2016-02-01 22:32:43 ----RD---- C:\Users
2016-02-01 20:57:26 ----D---- C:\Windows\system32\drivers
2016-02-01 20:28:28 ----D---- C:\Windows\Tasks
2016-02-01 19:37:10 ----D---- C:\Windows\Prefetch
2016-02-01 18:45:27 ----D---- C:\Windows\system32\catroot
2016-02-01 15:18:41 ----D---- C:\Windows\system32\DriverStore
2016-02-01 15:18:41 ----D---- C:\Windows\inf
2016-02-01 15:17:43 ----D---- C:\Windows
2016-02-01 14:27:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-01-31 12:31:30 ----D---- C:\Program Files\Common Files\Apple
2016-01-31 12:31:24 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2016-01-31 12:23:14 ----D---- C:\ProgramData\Skype
2016-01-31 12:21:48 ----RD---- C:\Program Files (x86)\Skype
2016-01-31 12:19:38 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-01-30 15:32:39 ----RSD---- C:\Windows\Fonts
2016-01-30 13:57:21 ----SHD---- C:\$Recycle.Bin
2016-01-25 22:32:21 ----D---- C:\Users\Matěj\AppData\Roaming\vlc
2016-01-25 21:09:32 ----D---- C:\Windows\system32\catroot2
2016-01-25 21:06:26 ----D---- C:\ProgramData\Adobe
2016-01-23 18:14:10 ----D---- C:\Windows\Downloaded Program Files
2016-01-23 18:14:09 ----D---- C:\Windows\Panther
2016-01-23 18:14:08 ----D---- C:\Windows\Logs
2016-01-23 18:14:08 ----D---- C:\Windows\debug
2016-01-18 20:49:29 ----D---- C:\Windows\rescache
2016-01-18 20:06:38 ----D---- C:\Windows\SYSWOW64\drivers
2016-01-17 22:04:38 ----D---- C:\Users\Matěj\AppData\Roaming\Adobe
2016-01-17 21:14:49 ----D---- C:\Program Files (x86)\Adobe
2016-01-17 21:12:07 ----D---- C:\Windows\system32\wdi
2016-01-17 16:58:09 ----D---- C:\Program Files\Common Files
2016-01-17 16:57:33 ----D---- C:\Program Files (x86)\Common Files
2016-01-17 16:25:50 ----D---- C:\Windows\winsxs
2016-01-14 23:02:54 ----D---- C:\Program Files\Microsoft Silverlight
2016-01-14 23:02:54 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-01-14 19:47:59 ----D---- C:\ProgramData\Microsoft Help
2016-01-14 19:43:45 ----D---- C:\Windows\system32\MRT
2016-01-14 19:31:57 ----A---- C:\Windows\system32\MRT.exe
2016-01-14 19:22:05 ----D---- C:\Windows\SYSWOW64\en-US
2016-01-14 19:22:05 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-01-14 19:22:05 ----D---- C:\Program Files\Internet Explorer
2016-01-14 19:22:04 ----D---- C:\Windows\system32\cs-CZ
2016-01-14 19:22:03 ----D---- C:\Windows\system32\en-US
2016-01-14 19:22:01 ----D---- C:\Program Files (x86)\Internet Explorer
2016-01-14 19:22:00 ----SD---- C:\Windows\system32\CompatTel
2016-01-14 19:22:00 ----D---- C:\Windows\system32\appraiser
2016-01-14 19:22:00 ----D---- C:\Windows\AppPatch
2016-01-12 22:44:16 ----D---- C:\ProgramData\Package Cache
2016-01-07 16:07:52 ----D---- C:\Program Files (x86)\Intel

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-04-25 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-04-25 272248]
R0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK); C:\Windows\system32\DRIVERS\cm_km_w.sys [2015-07-03 247016]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2015-07-03 478392]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-04-25 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-04-25 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-07-01 442264]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-11-26 27552]
R1 klhk;klhk; C:\Windows\system32\DRIVERS\klhk.sys [2015-07-03 225976]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2016-02-01 831672]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2015-07-03 39280]
R1 klpd;klpd; C:\Windows\system32\DRIVERS\klpd.sys [2015-07-03 24944]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2015-07-03 65208]
R1 Klwtp;Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [2015-07-03 85360]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2016-02-01 190648]
R1 LenovoVCD;LenovoVCD; \??\C:\Windows\SysWOW64\drivers\LenovoVCD.sys [2009-02-10 20296]
R1 TAOKernelDriver;Tencent Auto Optimize Platform.; \??\C:\Windows\system32\Drivers\TAOKernel64.sys [2016-01-17 131896]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [2015-01-29 20736]
R1 TSDefenseBt;TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17058.221\TSDefenseBT64.sys [2016-01-17 28984]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-04-25 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-04-25 89944]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-04-25 137288]
R2 kldisk;kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [2015-07-03 64368]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R2 QQSysMonX64;QQSysMonX64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17058.221\QQSysMonX64.sys [2016-01-17 138040]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2011-03-24 1576064]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2015-12-24 73888]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-06-01 5384176]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440]
R3 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2015-07-03 159960]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2015-07-03 40304]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2015-07-03 39280]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-03-23 77936]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 rimvndis;BlackBerry Virtual Private Network; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [2015-03-19 18432]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2012-12-10 44544]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-04-24 460528]
R3 TFsFlt;TFsFlt; C:\Windows\system32\Drivers\TFsFltX64.sys [2016-01-17 87864]
R4 TSSysKit;TSSysKit; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17058.221\TSSysKit64.sys [2016-01-17 87352]
S3 blackberryncm;BlackBerryNCM Service; C:\Windows\system32\DRIVERS\blackberryncm6_AMD64.sys [2014-09-08 25088]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2016-02-01 22704]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2014-05-06 79872]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-05-04 338536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 TAOAccelerator;Tencent TAOAccelerator driver.; \??\C:\Windows\system32\Drivers\TAOAccelerator64.sys [2016-01-17 88632]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]
S3 TSSKX64;TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [2016-01-17 38200]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-04-30 23200]
S4 klkbdflt2;Kaspersky Lab KlKbdFlt2; C:\Windows\system32\DRIVERS\klkbdflt2.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-07 77104]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-04-25 343336]
R2 AVP15.0.2;Služba Kaspersky Anti-Virus 15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe [2015-07-03 194000]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2015-12-24 170696]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-07 2375168]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-22 326168]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 QQPCRTP;QQPCMgr RTP Service; C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17058.221\QQPCRtp.exe [2016-01-17 301728]
R2 RIM MDNS;RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [2015-03-19 396024]
R2 RIM Tunnel Service;BlackBerry Link Communication Manager; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [2015-03-19 1354488]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-12-09 644880]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
R3 Power Manager DBC Service;Power Manager Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2015-01-29 1668848]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-12-14 836176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-25 107848]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-31 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-25 107848]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-02-13 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-12-12 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-01-24 146888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 PwmEWSvc;Cisco EnergyWise Enabler; C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [2015-01-29 1664752]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-04-21 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]

-----------------EOF-----------------
Nahoru
souko
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 02 úno 2016 23:19

Re: Zavirovaný ntb, nejdou služby googlu

#3 Příspěvek od souko »

info.txt logfile of random's system information tool 1.10 2016-02-04 21:41:13

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A89ACD07E00008020210007DF130C000800000020030000DF140C07FEFFFF002803000030353A000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

Adobe Acrobat Reader DC - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AC0F074E4100}
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{78DFDC88-FA40-408F-8397-1D7908A6DA21}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Flash Player 20 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_270_ActiveX.exe -maintain activex
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Photoshop CS5-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001824166751}
AMD Catalyst Install Manager-->msiexec /q/x{D017489D-7999-9A9A-41F9-A79CF32EDFAA} REBOOT=ReallySuppress
Any Video Converter 5.8.7-->"C:\Program Files (x86)\Anvsoft\Any Video Converter\unins000.exe"
Apple Mobile Device Support-->MsiExec.exe /I{3540181E-340A-4E7A-B409-31663472B2F7}
Apple Software Update-->MsiExec.exe /I{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -removeonly
Audacity 2.1.0-->"C:\Program Files (x86)\Audacity\unins000.exe"
Avast Free Antivirus-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall
BackyardNIKON 1.0.1-->"C:\Program Files (x86)\BackyardNIKONv101\unins000.exe"
Balíček ovladače systému Windows - Lenovo (ACPIVPC) System (12/25/2008 4.1.0.1)-->C:\PROGRA~1\DIFX\D375DF827135BC8C\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\vpc.inf_amd64_neutral_1ed76922725a9655\vpc.inf
BlackBerry 10 Desktop Software-->"C:\ProgramData\Package Cache\{a0642dd3-1105-464b-84c8-caaf676c39c8}\BlackBerryDesktopSoftware.exe" /uninstall
BlackBerry Blend-->MsiExec.exe /I{1DA42C01-4ED2-4B4E-B90C-18FCBA12FC41}
BlackBerry Communication Drivers-->MsiExec.exe /I{46CD5A63-0C1F-45C3-B643-CA87A17275C0}
BlackBerry Device Drivers-->MsiExec.exe /I{1F6490E5-7540-426D-BC1E-EB57B0BF0C38}
BlackBerry Link Remover-->MsiExec.exe /I{44D65CAB-1BC8-47B7-BF5B-3EB8B6BB0276}
BlackBerry Link-->MsiExec.exe /I{C42468F9-9812-4550-A54B-5DDB062EB10F}
Bonjour-->MsiExec.exe /X{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}
Camera Control Pro 2-->MsiExec.exe /X{FE96C49B-DB90-405E-A00E-09E38372F880}
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU64a.exe -U -G -IPILCC2wa.inf
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Definition Update for Microsoft Office 2010 (KB3114563) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{44ADC25A-6053-4962-8D42-384E4273F48B}" "1029" "0"
Dota 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/570
Energy Management-->"C:\Program Files (x86)\InstallShield Installation Information\{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}\setup.exe" -runfromtemp -l0x0005 -removeonly
ESET Online Scanner v3-->C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
Fotogalerie-->MsiExec.exe /X{F37D360D-9308-4BB1-8515-DC6B637B9486}
Fotolab Fotosvet-->"C:\Program Files\Fotolab\Fotolab Fotosvet\uninstall.exe"
Free Pascal 2.6.0-->"C:\FPC\2.6.0\unins000.exe"
GeoGet verze 2.9.2.759-->"C:\Program Files (x86)\GeoGet\unins000.exe"
Google Drive-->MsiExec.exe /X{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
HWiNFO32 Version 4.64-->"C:\Program Files (x86)\HWiNFO32\unins000.exe"
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
iTunes-->MsiExec.exe /I{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}
Kaspersky Total Security-->MsiExec.exe /I{02FECEE0-16B2-43DB-BC3B-C844477FC142}
Kaspersky Total Security-->MsiExec.exe /I{02FECEE0-16B2-43DB-BC3B-C844477FC142} REMOVE=ALL
Konvertor (remove only)-->C:\Program Files (x86)\Konvertor\uninstall_konvertor.exe
Lenovo Power Management Driver-->RunDll32.exe tpinspm.dll,Uninstall
Microsoft .NET Framework 4.5.2 (CSY)-->MsiExec.exe /X{C48AF3CF-C632-3C19-838E-7DAB7283D46A}
Microsoft .NET Framework 4.5.2 (čeština)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\CSY\\Setup.exe /repair /x86 /x64 /lcid 1029
Microsoft .NET Framework 4.5.2-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\\Setup.exe /repair /x86 /x64
Microsoft .NET Framework 4.5.2-->MsiExec.exe /X{26784146-6E05-3FF9-9335-786C7C0FB5BE}
Microsoft Office 2010 pro studenty a domácnosti-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall SINGLEIMAGE /dll OSETUP.DLL
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-1000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-1000-0000000FF1CE}
Microsoft Office Office 32-bit Components 2010-->MsiExec.exe /X{90140000-0043-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-1000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-1000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-1000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-1000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-1000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-1000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-1000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-1000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (Czech) 2010-->MsiExec.exe /X{90140000-0043-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-1000-0000000FF1CE}
Microsoft Office Single Image 2010-->MsiExec.exe /X{90140000-003D-0000-1000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-1000-0000000FF1CE}
Microsoft Security Client-->MsiExec.exe /X{D9FCBAAE-DB72-488B-96D0-0AA3C892C0D6}
Microsoft Security Essentials-->"C:\Program Files\Microsoft Security Client\Setup.exe" /x
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)-->c:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)\install.exe
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)-->MsiExec.exe /X{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Movie Maker-->MsiExec.exe /X{3D2CF65C-B544-4308-B996-700D3E5F6C4C}
Movie Maker-->MsiExec.exe /X{DD67BE4B-7E62-4215-AFA3-F123A800A389}
Mozilla Firefox 44.0 (x86 cs)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSVCRT110_amd64-->MsiExec.exe /I{E9FA781F-3E80-4399-825A-AD3E11C28C77}
MSVCRT110-->MsiExec.exe /I{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nikon Message Center 2-->MsiExec.exe /X{B014EE44-9197-4513-9613-71E6EB1B514E}
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
Photo Common-->MsiExec.exe /X{15BFD731-A10E-43E9-9D18-0F682BC0480F}
Photo Gallery-->MsiExec.exe /X{07AAB66E-4718-422D-9218-4AFB3C922A71}
Picasa 3-->"C:\Program Files (x86)\Google\Picasa3\Uninstall.exe"
Podpora aplikací Apple (32bitová)-->MsiExec.exe /I{C5815ACF-FD34-4553-8A22-C7411B7E662B}
Podpora aplikací Apple (64bitová)-->MsiExec.exe /I{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}
Power Manager-->C:\Program Files (x86)\InstallShield Installation Information\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}\Setup.exe -AddRemove
Prezi-->MsiExec.exe /I{63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}
Realtek PCIE Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{C1594429-8296-4652-BF54-9DBE4932A44C}\setup.exe" -runfromtemp -removeonly
Security Update for Microsoft .NET Framework 4.5.2 (KB2972107)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {59923C0F-51CB-3F2C-8465-E69019472533}
Security Update for Microsoft .NET Framework 4.5.2 (KB2972216)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {47FA5DCB-D13C-331E-BC32-65E53BDD949C}
Security Update for Microsoft .NET Framework 4.5.2 (KB2978128)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {8B856ECB-ED10-3F9E-880D-03A278EF3FB6}
Security Update for Microsoft .NET Framework 4.5.2 (KB2979578v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {48006B2D-366F-3386-92C7-785D3A523042}
Security Update for Microsoft .NET Framework 4.5.2 (KB3023224)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {175C1563-5389-3174-A18B-A90AD45208D2}
Security Update for Microsoft .NET Framework 4.5.2 (KB3035490)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {6F197100-4BF3-3105-AA93-C5731C4FA85F}
Security Update for Microsoft .NET Framework 4.5.2 (KB3037581)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {99A495FF-BC65-375D-B3C9-934E1DE4F558}
Security Update for Microsoft .NET Framework 4.5.2 (KB3074230)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {73E43C35-D717-337B-9F50-66F5623A8E1C}
Security Update for Microsoft .NET Framework 4.5.2 (KB3074550)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {F403E543-04A6-3024-BE38-189172855D13}
Security Update for Microsoft .NET Framework 4.5.2 (KB3097996)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {CE42A318-3E62-3F40-B52A-9CE658805801}
Security Update for Microsoft .NET Framework 4.5.2 (KB3098781)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {CF7790C7-662A-3829-B49E-61578D4D9838}
Security Update for Microsoft Access 2010 (KB3101544) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{A37C2019-B3DB-43EF-9CF6-BE1DEE72E783}" "1029" "0"
Security Update for Microsoft Access 2010 (KB3101544) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{A37C2019-B3DB-43EF-9CF6-BE1DEE72E783}" "1029" "0"
Security Update for Microsoft Excel 2010 (KB3114564) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{AD7D39D9-B2E6-4058-B141-BD715DB9B51A}" "1029" "0"
Security Update for Microsoft Excel 2010 (KB3114564) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{AD7D39D9-B2E6-4058-B141-BD715DB9B51A}" "1029" "0"
Security Update for Microsoft InfoPath 2010 (KB2878230) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{550AE396-58A2-4777-BC0E-30A3ECA49B7B}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2553313) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{A97FC79A-3344-410B-8E6B-95931B630C42}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2553313) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{A97FC79A-3344-410B-8E6B-95931B630C42}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{DEE523DB-C590-45D3-B658-73F93062D7B3}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2880971) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{C7B639A9-54A9-4B30-87AA-45BD4F06E1A6}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2881071) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{D458143D-EEDA-486F-8985-F16BF87AA315}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2920748) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{58C697C0-E8B1-4AF2-9352-292877352216}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2956073) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-1000-0000000FF1CE}" "{95FC4D5E-0C1A-435A-9759-E8656BCB358B}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2956073) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-1000-0000000FF1CE}" "{F51F47E8-881F-4BCC-BE51-1F708EE69531}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2956076) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-1000-0000000FF1CE}" "{0B1F2192-7506-4F63-A219-EB9A95874F74}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2965310) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{CB6C6466-E642-427B-9852-083E628D4E3A}" "1029" "0"
Security Update for Microsoft Office 2010 (KB3054848) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{A990ADB6-BBCD-492F-A075-19CE527E576C}" "1029" "0"
Security Update for Microsoft Office 2010 (KB3085528) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{BA91EE36-FCBC-4E9B-AF0E-7A7EEA4C451C}" "1029" "0"
Security Update for Microsoft Office 2010 (KB3085560) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-1000-0000000FF1CE}" "{D2748E34-2406-4F77-8640-0CD6148659BE}" "1029" "0"
Security Update for Microsoft Office 2010 (KB3114553) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{2446C120-AC16-4CBC-85AC-A68054529824}" "1029" "0"
Security Update for Microsoft Office 2010 (KB3114553) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{2446C120-AC16-4CBC-85AC-A68054529824}" "1029" "0"
Security Update for Microsoft OneNote 2010 (KB3054978) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{BBE632BA-8486-4200-84C0-CA582B8CAED8}" "1029" "0"
Security Update for Microsoft OneNote 2010 (KB3054978) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{BBE632BA-8486-4200-84C0-CA582B8CAED8}" "1029" "0"
Security Update for Microsoft PowerPoint 2010 (KB2920812) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0405-1000-0000000FF1CE}" "{6884A410-CA3C-418F-A7A1-4E091D64397D}" "1029" "0"
Security Update for Microsoft PowerPoint 2010 (KB3114396) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{27A82E8D-0578-446D-B435-E4BBAE2A6E55}" "1029" "0"
Security Update for Microsoft PowerPoint 2010 (KB3114396) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{27A82E8D-0578-446D-B435-E4BBAE2A6E55}" "1029" "0"
Security Update for Microsoft Publisher 2010 (KB2817478) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{668714F6-AC7B-4DA0-B1C7-0EBFB7EBC16C}" "1029" "0"
Security Update for Microsoft Publisher 2010 (KB2817478) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{668714F6-AC7B-4DA0-B1C7-0EBFB7EBC16C}" "1029" "0"
Security Update for Microsoft Visio 2010 (KB3114402) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{5B88FFB4-F3EB-4B39-95C6-E25C75897EB8}" "1029" "0"
Security Update for Microsoft Visio 2010 (KB3114402) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{5B88FFB4-F3EB-4B39-95C6-E25C75897EB8}" "1029" "0"
Security Update for Microsoft Word 2010 (KB2965313) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-1000-0000000FF1CE}" "{4247F659-1E13-4A1D-9E8A-2EB170959C8C}" "1029" "0"
Security Update for Microsoft Word 2010 (KB2965313) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0405-1000-0000000FF1CE}" "{4247F659-1E13-4A1D-9E8A-2EB170959C8C}" "1029" "0"
Security Update for Microsoft Word 2010 (KB3114557) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{4D8AE261-55D4-4058-A1B5-BC6A7E940FC7}" "1029" "0"
Security Update for Microsoft Word 2010 (KB3114557) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{4D8AE261-55D4-4058-A1B5-BC6A7E940FC7}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-1000-0000000FF1CE}" "{235F521F-C627-4957-A641-C4C161F78531}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-1000-0000000FF1CE}" "{EE3A99C9-FD8F-4923-9F82-27365DA4B873}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-1000-0000000FF1CE}" "{C814F7D9-CE9D-45AA-BA7C-88BDD0E1EB7C}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-041B-1000-0000000FF1CE}" "{2E7C03CB-FE0A-4B95-BA37-742CD596760C}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0405-1000-0000000FF1CE}" "{FF4FCFC2-4935-49E4-B35E-5FCF7343412B}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{A3364707-2F53-4C83-8F68-C9877A9080C7}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{F3FAAB68-7697-4B1F-A23A-72312565AEAB}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0405-1000-0000000FF1CE}" "{62E2481E-63BB-4481-A0CE-071D6D663B1B}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-1000-0000000FF1CE}" "{BFFA0FE1-0823-4382-9DD3-49DA02375BBA}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Skype™ 7.18-->MsiExec.exe /X{FC965A47-4839-40CA-B618-18F486F042C6}
Steam-->C:\Program Files (x86)\Steam\uninstall.exe
Stepok RAW Importer v2.5-->"C:\Program Files (x86)\Stepok RAW Importer\unins000.exe"
ThinkPad UltraNav Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
UmmyVideoDownloader-->"C:\Users\Matěj\AppData\Local\UmmyVideoDownloader\unins000.exe"
Update for Microsoft Excel 2010 (KB2956084) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0405-1000-0000000FF1CE}" "{41D80B8F-6F10-4FAF-B61B-4B4BF18179AF}" "1029" "0"
Update for Microsoft Excel 2010 (KB2956084) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0405-1000-0000000FF1CE}" "{41D80B8F-6F10-4FAF-B61B-4B4BF18179AF}" "1029" "0"
Update for Microsoft Excel 2010 (KB2956084) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0405-1000-0000000FF1CE}" "{41D80B8F-6F10-4FAF-B61B-4B4BF18179AF}" "1029" "0"
Update for Microsoft Filter Pack 2.0 (KB2881026) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{E51DB3F4-A162-484C-A673-40E18202B10A}" "1029" "0"
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}" "1029" "0"
Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{8C0FFF5F-4CC1-48F5-9B3F-8DE7DA2E116F}" "1029" "0"
Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-1000-0000000FF1CE}" "{8C0FFF5F-4CC1-48F5-9B3F-8DE7DA2E116F}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0405-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0405-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0405-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0405-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0405-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-041B-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0405-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0405-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0405-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553388) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{08E1BF53-B96E-4ADF-935F-A90F867E8F6B}" "1029" "0"
Update for Microsoft Office 2010 (KB2553388) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{08E1BF53-B96E-4ADF-935F-A90F867E8F6B}" "1029" "0"
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{79C725A1-3964-421C-A528-78C1C083C7C7}" "1029" "0"
Update for Microsoft Office 2010 (KB2589318) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{9466D7C3-A2C9-457A-8135-03F20F3268B4}" "1029" "0"
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}" "1029" "0"
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}" "1029" "0"
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{EBD18DE5-BC84-4B57-9A30-097044871F9A}" "1029" "0"
Update for Microsoft Office 2010 (KB2589386) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{B340E9EB-DDA6-40E7-8501-5B7BAEC6D25F}" "1029" "0"
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{4AD36582-256B-433D-8593-F31773A15CA4}" "1029" "0"
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{4AD36582-256B-433D-8593-F31773A15CA4}" "1029" "0"
Update for Microsoft Office 2010 (KB2687275) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{9505441B-65A1-4AD5-B727-0CE42D24D2B7}" "1029" "0"
Update for Microsoft Office 2010 (KB2791057) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{1723E390-6B61-4914-A64D-F16398FA940E}" "1029" "0"
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{07DC9C6C-E916-4F42-8677-716930ED0393}" "1029" "0"
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}" "1029" "0"
Update for Microsoft Office 2010 (KB2883019) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{956B3213-0246-42A8-A6FE-3EF7DC6E66A9}" "1029" "0"
Update for Microsoft Office 2010 (KB3054873) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{75A4ACD6-A407-41B3-8889-8AB7862A9D9D}" "1029" "0"
Update for Microsoft Office 2010 (KB3054886) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{4F55B2F9-E491-4630-A994-2F37D1AB3A77}" "1029" "0"
Update for Microsoft Office 2010 (KB3054886) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{4F55B2F9-E491-4630-A994-2F37D1AB3A77}" "1029" "0"
Update for Microsoft Office 2010 (KB3055042) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-1000-0000000FF1CE}" "{BABE5F32-A2B5-498E-BCB5-1325170A8F56}" "1029" "0"
Update for Microsoft Office 2010 (KB3055047) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{4BC0A78F-012B-47BF-80E8-963D44286558}" "1029" "0"
Update for Microsoft Office 2010 (KB3085512) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{D5ABEC62-5360-47E2-AB6C-642EF664A797}" "1029" "0"
Update for Microsoft Office 2010 (KB3114555) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{9557A4CC-8FE7-457E-A62E-0D8A7D81FA0A}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2956205) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0405-1000-0000000FF1CE}" "{60510C36-8FB9-4455-8104-89615C7AB795}" "1029" "0"
Update for Microsoft Outlook 2010 (KB2760779) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{60B4149F-719E-45A6-9B57-60367065CFB3}" "1029" "0"
Update for Microsoft Outlook 2010 (KB3114570) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-1000-0000000FF1CE}" "{B4BB10BB-74B8-43A8-8C80-4E72EAE37DA1}" "1029" "0"
Update for Microsoft Outlook 2010 (KB3114570) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{16DB0DCE-C50A-41D3-9488-461AA2FEEFA5}" "1029" "0"
Update for Microsoft Outlook Social Connector 2010 (KB2553308) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{9E5104CF-2AE5-4D90-8D5A-9BE468964D8B}" "1029" "0"
Update for Microsoft Project 2010 (KB3114419) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{89047C1C-6199-425A-81FB-28341A01951B}" "1029" "0"
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}" "1029" "0"
Update for Microsoft Visio Viewer 2010 (KB2881021) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{899F1A18-D860-4C63-B3C8-095B8E537D3D}" "1029" "0"
VLC media player-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Windows Live Communications Platform-->MsiExec.exe /I{41C61308-6CFD-4D54-AB6A-7136ED08A18E}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{9A470EA9-FF86-4C0E-992C-572BF2B9D6FF}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{CE52672C-A0E9-4450-8875-88A221D5CD50}
Windows Live Installer-->MsiExec.exe /I{659CB81C-B54E-4DF1-B618-F35777393A54}
Windows Live Photo Common-->MsiExec.exe /X{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}
Windows Live PIMT Platform-->MsiExec.exe /I{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}
Windows Live SOXE Definitions-->MsiExec.exe /I{D1893000-EA77-493C-8DDD-E262436E959B}
Windows Live SOXE-->MsiExec.exe /I{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{E100E2B5-F2EF-4955-AB7A-C3F2125A3BCD}
Windows Live UX Platform-->MsiExec.exe /I{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}
WinRAR 5.21 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
Zoner Photo Studio 17-->"C:\Program Files\Zoner\Photo Studio 17\unins000.exe"
Zoner Photo Studio 17-->"C:\Program Files\Zoner\Photo Studio 17\unins001.exe"
Zoner Photo Studio 18-->"C:\Program Files\Zoner\Photo Studio 18\unins000.exe"
电脑管家11.2-->"C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17058.221\Uninst.exe"

======System event log======

Computer Name: NBDOMACI
Event Code: 7036
Message: Stav služby Služba Profil uživatele byl změněn na: Spuštěno
Record Number: 10900
Source Name: Service Control Manager
Time Written: 20150528125750.232053-000
Event Type: Informace
User:

Computer Name: NBDOMACI
Event Code: 7036
Message: Stav služby Motivy byl změněn na: Spuštěno
Record Number: 10899
Source Name: Service Control Manager
Time Written: 20150528125750.216453-000
Event Type: Informace
User:

Computer Name: NBDOMACI
Event Code: 7036
Message: Stav služby Klient zásad skupiny byl změněn na: Spuštěno
Record Number: 10898
Source Name: Service Control Manager
Time Written: 20150528125750.185253-000
Event Type: Informace
User:

Computer Name: NBDOMACI
Event Code: 7036
Message: Stav služby Zvuk systému Windows byl změněn na: Spuštěno
Record Number: 10897
Source Name: Service Control Manager
Time Written: 20150528125749.608052-000
Event Type: Informace
User:

Computer Name: NBDOMACI
Event Code: 7036
Message: Stav služby Koncové vytváření služby Windows Audio byl změněn na: Spuštěno
Record Number: 10896
Source Name: Service Control Manager
Time Written: 20150528125749.155652-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: 37L4247F27-25
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 5
Source Name: Microsoft-Windows-WMI
Time Written: 20150421190952.000000-000
Event Type: Informace
User:

Computer Name: 37L4247F27-25
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20150421190948.000000-000
Event Type: Informace
User:

Computer Name: 37L4247F27-25
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.


Record Number: 3
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20150421190946.025674-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: 37L4247F27-25
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 2
Source Name: Microsoft-Windows-EventSystem
Time Written: 20150421190946.000000-000
Event Type: Informace
User:

Computer Name: 37L4247F27-25
Event Code: 1532
Message: Služba Profil uživatele byla zastavena.


Record Number: 1
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20101121035831.124372-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: 37L4247F27-25
Event Code: 4735
Message: Byla změněna zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247F27-25$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Změněné atributy:
Název účtu SAM: -
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150421190925.854839-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247F27-25
Event Code: 4731
Message: Byla vytvořena zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247F27-25$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Nová skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Atributy:
Název účtu SAM: Backup Operators
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150421190925.854839-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247F27-25
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.

Počet prvků: 0
ID zásady: 0x3066c
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150421190925.636438-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247F27-25
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 0

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150421190924.294836-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247F27-25
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150421190924.216836-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\FPC\2.6.0\bin\i386-Win32;C:\Program Files (x86)\Skype\Phone\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
"asl.log"=Destination=file

-----------------EOF-----------------
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7322
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Zavirovaný ntb, nejdou služby googlu

#4 Příspěvek od altrok »

Krasny den Vam preju :bye:


:arrow: Pokud je Vas log dlouhy a nevejde se do jednoho prispevku (je delsi nez 10.000 znaku), pridejte do nazvu tematu informaci o tom, ze je log dlouhy a je rozdelen do vice casti (napr. "virus, 3 posty"). Primarne resime temata bez odpovedi, takze ve Vasem pripade to vypada, ze se Vam jiz nektery z kolegu venuje a tema snadno zapadne.


:arrow: Neni bezne mit na soukromem PC operacni system MS Windows Enterprise :???:
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
souko
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 02 úno 2016 23:19

Re: Zavirovaný ntb, nejdou služby googlu

#5 Příspěvek od souko »

Dobře děkuji za info.

Dobře tak já se ho zeptám jak to má s tim systémem, ale myslím, že ho má legálně.

EDIT: Takže má to legálně, akorát vlastně, co přebývala licence do podniku.
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7322
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Zavirovaný ntb, nejdou služby googlu

#6 Příspěvek od altrok »

:arrow: V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

:arrow: Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
  • ukoncete vsechny programy
  • kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
  • kliknete na Scan, pote na Cleaning
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
souko
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 02 úno 2016 23:19

Re: Zavirovaný ntb, nejdou služby googlu

#7 Příspěvek od souko »

Teď už je Tencent pryč, jen pořád nejdou služby googlu.
# AdwCleaner v5.032 - Logfile created 06/02/2016 at 16:09:01
# Updated 31/01/2016 by Xplode
# Database : 2016-02-05.1 [Server]
# Operating system : Windows 7 Enterprise Service Pack 1 (x64)
# Username : Matěj - NBDOMACI
# Running from : C:\Users\Matěj\Downloads\adwcleaner_5.032.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : QQPCRTP
[-] Service Deleted : TAOAccelerator
[-] Service Deleted : TSDefenseBt
[!] Service Not Deleted : TSSysKit
[-] Service Deleted : QQSysMonX64
[-] Service Deleted : TFsFlt
[-] Service Deleted : TAOKernelDriver
[-] Service Deleted : TSSKX64

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\tencent
[-] Folder Deleted : C:\Program Files (x86)\Common Files\tencent
[#] Folder Deleted : C:\Program Files\Common Files\tencent
[-] Folder Deleted : C:\ProgramData\Babylon
[#] Folder Deleted : C:\ProgramData\tencent
[-] Folder Deleted : C:\ProgramData\TXQMPC
[-] Folder Deleted : C:\Users\Matěj\AppData\Local\Babylon
[-] Folder Deleted : C:\Users\Matěj\AppData\Local\Systweak
[-] Folder Deleted : C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm
[-] Folder Deleted : C:\Users\Matěj\AppData\LocalLow\tencent
[-] Folder Deleted : C:\Users\Matěj\AppData\Roaming\Babylon
[-] Folder Deleted : C:\Users\Matěj\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\Matěj\AppData\Roaming\Systweak
[-] Folder Deleted : C:\Users\Matěj\AppData\Roaming\tencent
[-] Folder Deleted : C:\Users\Matěj\AppData\Roaming\Mozilla\Firefox\Profiles\w12zxkyw.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\Users\Veřejné\AppData\Roaming\tencent
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\tencent

***** [ Files ] *****

[-] File Deleted : C:\Users\Matěj\AppData\Roaming\Mozilla\Firefox\Profiles\w12zxkyw.default\user.js
[-] File Deleted : C:\Windows\SysNative\drivers\TAOAccelerator64.sys
[-] File Deleted : C:\Windows\SysNative\drivers\TSSKX64.sys
[-] File Deleted : C:\Windows\SysNative\drivers\TAOKernel64.sys
[-] File Deleted : C:\Windows\SysNative\drivers\TFsFltX64.sys
[-] File Deleted : C:\Windows\SysWOW64\drivers\TsFltMgr.sys
[-] File Deleted : C:\Windows\SysWOW64\drivers\TS888x64.sys

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D4801E96-E7A1-45F6-B124-7A36DFB40B81}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QQPCMgr
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\Software\Microsoft\Internet Explorer\Main [Start Page]

***** [ Web browsers ] *****

[-] [C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fcfenmboojpjinhpgggodefccipikbpd
[-] [C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ooebklgpfnbcnpokahmdidgbmlcdepkm

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4377 bytes] ##########
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7322
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Zavirovaný ntb, nejdou služby googlu

#8 Příspěvek od altrok »

:arrow: Ulozte na plochu RogueKiller - http://www.bleepingcomputer.com/download/roguekiller/
  • spustte jako spravce
  • prijmete EULA podminky kliknutim na Accept
  • vpravo kliknete na Scan (potrva az nekolik desitek minut)
  • vpravo vyberte Report
  • vpravo dole Export TXT
  • report ulozte na plochu a jeho obsah vlozte do pristi odpovedi


:arrow: Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pozn. pri druhem a dalsim spusteni FRST je pro vytvoreni logu Addition.txt nutne tuto volbu explicitne zatrhnout pred zacatkem skenu.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
souko
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 02 úno 2016 23:19

Re: Zavirovaný ntb, nejdou služby googlu

#9 Příspěvek od souko »

Log z Rogue Killeru se bohužel podařilo smazat. :(

FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
Ran by Matěj (administrator) on NBDOMACI (06-02-2016 21:43:42)
Running from C:\Users\Matěj\Downloads
Loaded Profiles: Matěj (Available Profiles: Matěj & Veřejné)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(© 2015 Microsoft Corporation) C:\Users\Matěj\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
() C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avpui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4349768 2009-04-23] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [5830984 2009-05-06] (Lenovo (Beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2016-01-17] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-13] (Avast Software s.r.o.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443640 2014-10-31] (BlackBerry Limited)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4861688 2015-03-19] (BlackBerry Limited)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17058.221\QQPCTray.exe" /regrun
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\Run: [GoogleChromeAutoLaunch_70145597F79BFCFF97F80D4F76488927] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748872 2016-02-03] (Google Inc.)
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\Run: [BingSvc] => C:\Users\Matěj\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-11] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23499656 2016-01-15] (Google)
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Matěj\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50615936 2016-01-18] (Skype Technologies S.A.)
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\MountPoints2: {143688b5-c1f3-11e5-8073-0270627d0501} - D:\autorun.exe
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\MountPoints2: {7bb617ae-fb3f-11e4-8c58-e89a8f8e281b} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\start.exe
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\MountPoints2: {91e1e64b-fcad-11e4-9da2-e89a8f8e281b} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\setup.exe
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-25] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5E8E931C-CB8C-4EFA-9272-847093B9D5A0}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-1395220145-1857718944-4276470757-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M ... -SearchBox
SearchScopes: HKU\S-1-5-21-1395220145-1857718944-4276470757-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M ... -SearchBox
SearchScopes: HKU\S-1-5-21-1395220145-1857718944-4276470757-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-25] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-25] (Avast Software s.r.o.)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Matěj\AppData\Roaming\Mozilla\Firefox\Profiles\w12zxkyw.default
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com [2016-02-01] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com [2016-02-01] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2016-02-01] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2015-03-19] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Matěj\AppData\Roaming\Mozilla\Firefox\Profiles\w12zxkyw.default\user.js [2016-02-06]
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com [2016-02-01] [not signed]
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2016-02-01] [not signed]
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com [2016-02-01] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-14]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://facebook.com/" ... ching.com/"
CHR Profile: C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-25]
CHR Extension: (Dokumenty Google) - C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-25]
CHR Extension: (Disk Google) - C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Avast SafePrice) - C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-01-30]
CHR Extension: (Tabulky Google) - C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (AdBlock) - C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-05]
CHR Extension: (Avast Online Security) - C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-01-30]
CHR Extension: (BB10 / PlayBook App Manager) - C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmbaalodpmjjhpobkgljnelbpblnikkp [2015-05-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-06-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-03]
CHR Extension: (电脑管家上网防护) - C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-02-06]
CHR Extension: (Adblock ) - C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbieggejclnbaidmjajaklpankjlabnp [2015-04-25]
CHR Extension: (Gmail) - C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-25]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-25]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-25]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-25] (Avast Software s.r.o.)
R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe [194000 2015-07-03] (Kaspersky Lab ZAO)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2375168 2011-03-07] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [396024 2015-03-19] (Apple Inc.)
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1354488 2015-03-19] (BlackBerry Limited)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-25] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-25] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-25] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-01] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-25] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-25] ()
S3 blackberryncm; C:\Windows\System32\DRIVERS\blackberryncm6_AMD64.sys [25088 2014-09-08] (BlackBerry)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [247016 2015-07-03] (Kaspersky Lab UK Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-02-01] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2015-11-26] (REALiX(tm))
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-07-03] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [64368 2015-07-03] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [159960 2015-07-03] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [225976 2015-07-03] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [831672 2016-02-01] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39280 2015-07-03] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [40304 2015-07-03] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [39280 2015-07-03] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [24944 2015-07-03] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-07-03] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [85360 2015-07-03] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [190648 2016-02-01] (Kaspersky Lab ZAO)
R1 LenovoVCD; C:\Windows\SysWOW64\drivers\LenovoVCD.sys [20296 2009-02-10] () [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2014-05-06] (BlackBerry Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-03-19] (BlackBerry Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-06 21:43 - 2016-02-06 21:44 - 00025864 _____ C:\Users\Matěj\Downloads\FRST.txt
2016-02-06 21:43 - 2016-02-06 21:43 - 00000000 ____D C:\FRST
2016-02-06 21:42 - 2016-02-06 21:42 - 02370560 _____ (Farbar) C:\Users\Matěj\Downloads\FRST64.exe
2016-02-06 21:42 - 2016-02-06 21:42 - 01721856 _____ (Farbar) C:\Users\Matěj\Downloads\FRST.exe
2016-02-06 21:33 - 2016-02-06 21:33 - 00000912 _____ C:\Users\Matěj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2016-02-06 21:33 - 2016-02-06 21:33 - 00000904 _____ C:\Users\Matěj\Desktop\osu!.lnk
2016-02-06 21:30 - 2016-02-06 21:36 - 00000000 ____D C:\Users\Matěj\AppData\Local\osu!
2016-02-06 21:29 - 2016-02-06 21:30 - 00000000 ____D C:\Users\Matěj\Downloads\Localisation
2016-02-06 21:24 - 2016-02-06 21:28 - 04348472 _____ (ppy) C:\Users\Matěj\Downloads\osu!install.exe
2016-02-06 16:05 - 2016-02-06 16:09 - 00000000 ____D C:\AdwCleaner
2016-02-06 16:05 - 2016-02-06 16:05 - 01508352 _____ C:\Users\Matěj\Downloads\adwcleaner_5.032.exe
2016-02-04 21:40 - 2016-02-04 21:41 - 00000000 ____D C:\rsit
2016-02-04 21:40 - 2016-02-04 21:41 - 00000000 ____D C:\Program Files\trend micro
2016-02-04 21:40 - 2016-02-04 21:40 - 01222144 _____ C:\Users\Matěj\Downloads\RSITx64.exe
2016-02-02 20:51 - 2016-02-02 20:51 - 00002307 _____ C:\Users\Veřejné\Desktop\Ochrana financí.lnk
2016-02-02 20:37 - 2016-02-02 20:44 - 00000000 ____D C:\Users\Matěj\AppData\Local\Mozilla
2016-02-02 20:37 - 2016-02-02 20:37 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-02 20:37 - 2016-02-02 20:37 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-02 20:37 - 2016-02-02 20:37 - 00000000 ____D C:\Users\Matěj\AppData\Roaming\Mozilla
2016-02-02 20:37 - 2016-02-02 20:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-02 20:36 - 2016-02-02 20:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-02 20:33 - 2016-02-02 20:33 - 00242256 _____ C:\Users\Matěj\Downloads\Firefox Setup Stub 44.0.exe
2016-02-02 19:16 - 2016-02-02 19:16 - 00001641 _____ C:\Users\Matěj\Desktop\Trezor Kaspersky 1.lnk
2016-02-02 19:15 - 2016-02-02 19:15 - 1697644544 _____ C:\Trezor Kaspersky 1.kde
2016-02-02 19:03 - 2016-02-02 19:29 - 00000000 ____D C:\Program Files\Perfect Uninstaller
2016-02-02 19:03 - 2016-02-02 19:03 - 00000042 _____ C:\Windows\SysWOW64\AK083E209605E394C.lie
2016-02-02 19:01 - 2016-02-02 19:02 - 02669936 _____ (www.PerfectUninstaller.net ) C:\Users\Matěj\Downloads\PerfectUninstaller_Setup.exe
2016-02-01 22:12 - 2016-02-01 22:13 - 05822720 _____ (Advanced System Protector ) C:\Users\Matěj\Downloads\aspsetup (1).exe
2016-02-01 21:57 - 2016-02-01 21:57 - 05822720 _____ (Advanced System Protector ) C:\Users\Matěj\Downloads\aspsetup.exe
2016-02-01 21:43 - 2016-02-01 21:43 - 04707504 _____ (hxxp://www.specialuninstaller.com/ ) C:\Users\Matěj\Downloads\SpecialUninstaller_setup.exe
2016-02-01 21:14 - 2016-02-01 21:14 - 01078591 _____ C:\Users\Matěj\Downloads\Unlocker1.9.2.exe
2016-02-01 21:12 - 2016-02-01 21:40 - 00000000 ____D C:\Users\Public\Documents\Stronghold AntiMalware
2016-02-01 21:09 - 2016-02-01 21:11 - 07566832 _____ (Security Stronghold ) C:\Users\Matěj\Downloads\StrongholdAntiMalware.exe
2016-02-01 19:33 - 2016-02-01 19:33 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-02-01 19:32 - 2016-02-01 19:32 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Matěj\Downloads\SpyHunter-Installer (1).exe
2016-02-01 19:23 - 2016-02-01 19:25 - 00000000 ____D C:\KVRT_Data
2016-02-01 19:21 - 2016-02-01 19:23 - 91546008 _____ (Kaspersky Lab ZAO) C:\Users\Matěj\Downloads\KVRT.exe
2016-02-01 19:21 - 2016-02-01 19:21 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Matěj\Downloads\SpyHunter-Installer.exe
2016-02-01 15:19 - 2016-02-01 15:19 - 00002307 _____ C:\Users\Matěj\Desktop\Ochrana financí.lnk
2016-02-01 15:19 - 2016-02-01 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2016-02-01 15:19 - 2016-02-01 15:18 - 00002053 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2016-02-01 15:18 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2016-02-01 15:17 - 2016-02-06 20:58 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-02-01 15:17 - 2016-02-01 16:09 - 00831672 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2016-02-01 15:17 - 2016-02-01 15:17 - 00000000 ____D C:\Windows\ELAMBKUP
2016-02-01 15:17 - 2016-02-01 15:17 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-02-01 15:17 - 2015-07-03 02:20 - 00225976 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2016-02-01 15:17 - 2015-07-03 02:20 - 00159960 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2016-02-01 15:12 - 2016-02-01 15:13 - 01594840 _____ (Kaspersky Lab) C:\Users\Matěj\Downloads\kts15.0.2.361abccs_8421.exe
2016-01-31 12:31 - 2016-01-31 12:31 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-01-31 12:31 - 2016-01-31 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-01-31 12:31 - 2016-01-31 12:31 - 00000000 ____D C:\Program Files\iTunes
2016-01-31 12:31 - 2016-01-31 12:31 - 00000000 ____D C:\Program Files\iPod
2016-01-31 12:31 - 2016-01-31 12:31 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-01-31 12:28 - 2016-01-31 12:28 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-01-31 12:27 - 2016-01-31 12:27 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-01-31 12:26 - 2016-01-31 12:27 - 00000000 ____D C:\Program Files\Bonjour
2016-01-31 12:26 - 2016-01-31 12:27 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-01-31 12:19 - 2016-02-06 21:33 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-31 12:19 - 2016-01-31 12:19 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-30 21:32 - 2016-01-30 21:32 - 00000000 ____D C:\Program Files (x86)\ESET
2016-01-30 21:30 - 2016-01-30 21:30 - 02870984 _____ (ESET) C:\Users\Matěj\Downloads\esetsmartinstaller_csy.exe
2016-01-30 15:33 - 2016-01-30 15:33 - 00002935 _____ C:\Users\Matěj\Desktop\Microsoft PowerPoint 2010.lnk
2016-01-30 15:31 - 2016-01-30 15:31 - 00042752 _____ C:\Users\Matěj\Downloads\Bariol_Light.zip
2016-01-30 15:28 - 2016-01-30 15:28 - 00061479 _____ C:\Users\Matěj\Downloads\apple_myriad_pro_condensed.zip
2016-01-30 15:20 - 2016-01-30 15:20 - 00063322 _____ C:\Users\Matěj\Downloads\apple_myriad_pro_regular.zip
2016-01-30 15:14 - 2016-01-30 15:14 - 00013440 _____ C:\Users\Matěj\Downloads\Helvetica.zip
2016-01-30 14:53 - 2016-01-30 14:53 - 02326976 _____ (Beepa Pty Ltd) C:\Users\Matěj\Downloads\setup.exe
2016-01-30 14:19 - 2016-01-30 14:19 - 00000000 ____D C:\Users\Veřejné\AppData\Roaming\PwrMgr
2016-01-30 14:18 - 2016-01-30 14:19 - 00000000 ____D C:\Users\Veřejné\AppData\Roaming\Zoner
2016-01-30 14:18 - 2016-01-30 14:19 - 00000000 ____D C:\Users\Veřejné\AppData\Local\Zoner
2016-01-30 13:58 - 2016-02-02 20:58 - 00000000 ____D C:\Users\Veřejné\AppData\Roaming\Seznam.cz
2016-01-30 13:58 - 2016-01-30 13:58 - 00005120 _____ C:\Users\Veřejné\AppData\Roaming\GiftBag.db
2016-01-30 13:58 - 2016-01-30 13:58 - 00000000 ____D C:\Users\Veřejné\AppData\Roaming\AVAST Software
2016-01-30 13:58 - 2016-01-30 13:58 - 00000000 ____D C:\Users\Veřejné\AppData\Local\Research In Motion
2016-01-30 13:58 - 2016-01-30 13:58 - 00000000 ____D C:\Users\Veřejné\AppData\Local\Lenovo
2016-01-30 13:58 - 2016-01-30 13:58 - 00000000 ____D C:\Users\Veřejné\AppData\Local\Adobe
2016-01-30 13:57 - 2016-02-02 20:52 - 00110064 _____ C:\Users\Veřejné\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-30 13:57 - 2016-01-30 13:58 - 00000000 ____D C:\Users\Veřejné\AppData\Local\VirtualStore
2016-01-30 13:57 - 2016-01-30 13:57 - 00001397 _____ C:\Users\Veřejné\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-30 13:57 - 2016-01-30 13:57 - 00000020 ___SH C:\Users\Veřejné\ntuser.ini
2016-01-30 13:57 - 2016-01-30 13:57 - 00000000 _SHDL C:\Users\Veřejné\Šablony
2016-01-30 13:57 - 2016-01-30 13:57 - 00000000 _SHDL C:\Users\Veřejné\Soubory cookie
2016-01-30 13:57 - 2016-01-30 13:57 - 00000000 _SHDL C:\Users\Veřejné\Poslední
2016-01-30 13:57 - 2016-01-30 13:57 - 00000000 _SHDL C:\Users\Veřejné\Okolní tiskárny
2016-01-30 13:57 - 2016-01-30 13:57 - 00000000 _SHDL C:\Users\Veřejné\Okolní síť
2016-01-30 13:57 - 2016-01-30 13:57 - 00000000 _SHDL C:\Users\Veřejné\Nabídka Start
2016-01-30 13:57 - 2016-01-30 13:57 - 00000000 _SHDL C:\Users\Veřejné\Dokumenty
2016-01-30 13:57 - 2016-01-30 13:57 - 00000000 _SHDL C:\Users\Veřejné\Documents\Obrázky
2016-01-30 13:57 - 2016-01-30 13:57 - 00000000 _SHDL C:\Users\Veřejné\Documents\Hudba
2016-01-30 13:57 - 2016-01-30 13:57 - 00000000 _SHDL C:\Users\Veřejné\Documents\Filmy
2016-01-30 13:57 - 2016-01-30 13:57 - 00000000 _SHDL C:\Users\Veřejné\Data aplikací
2016-01-30 13:57 - 2016-01-30 13:57 - 00000000 _SHDL C:\Users\Veřejné\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-01-30 13:57 - 2016-01-30 13:57 - 00000000 _SHDL C:\Users\Veřejné\AppData\Local\Data aplikací
2016-01-30 13:57 - 2016-01-30 13:57 - 00000000 ____D C:\Users\Veřejné\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-01-30 13:57 - 2016-01-30 13:57 - 00000000 ____D C:\Users\Veřejné\AppData\Roaming\Apple Computer
2016-01-30 13:57 - 2016-01-30 13:57 - 00000000 ____D C:\Users\Veřejné\AppData\Roaming\Adobe
2016-01-30 13:57 - 2016-01-30 13:57 - 00000000 ____D C:\Users\Veřejné\AppData\Local\Google
2016-01-30 13:57 - 2016-01-30 13:57 - 00000000 ____D C:\Users\Veřejné
2016-01-30 13:57 - 2016-01-17 16:14 - 00000000 ____D C:\Users\Veřejné\AppData\Roaming\Macromedia
2016-01-30 13:57 - 2015-04-25 20:54 - 00000000 ____D C:\Users\Veřejné\AppData\Local\Microsoft Help
2016-01-30 13:57 - 2010-11-21 09:39 - 00000000 ____D C:\Users\Veřejné\AppData\Roaming\Media Center Programs
2016-01-28 21:07 - 2016-01-28 21:15 - 00001113 _____ C:\Users\Matěj\Desktop\radio.lnk
2016-01-28 21:07 - 2016-01-28 21:07 - 00013427 _____ C:\Users\Matěj\Downloads\radio1-192.mp3 – zástupce.lnk
2016-01-28 21:01 - 2016-01-28 21:01 - 00000151 _____ C:\Users\Matěj\Downloads\radio1-192.mp3.m3u
2016-01-27 23:07 - 2016-01-27 23:07 - 00001982 _____ C:\Users\Matěj\Desktop\FOTO – zástupce.lnk
2016-01-27 22:28 - 2016-01-27 22:28 - 11776512 _____ C:\Users\Matěj\Downloads\Ronda.pps
2016-01-23 23:11 - 2016-01-30 17:51 - 04979984 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-23 17:50 - 2016-01-23 18:10 - 00000000 ____D C:\Users\Matěj\Desktop\SDHC
2016-01-19 22:28 - 2016-01-19 22:29 - 00000030 _____ C:\Users\Matěj\Desktop\fotky.txt
2016-01-17 22:03 - 2016-01-17 22:03 - 00000000 ____D C:\QMDownload
2016-01-17 21:56 - 2016-01-17 21:56 - 00003502 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-NBDOMACI-Matěj
2016-01-17 21:29 - 2016-01-17 21:29 - 05029294 _____ C:\Users\Matěj\Downloads\panasonic-lumix-dmc-gx7-navod-k-obsluze.pdf
2016-01-17 17:12 - 2016-01-17 17:12 - 00000000 ____D C:\Users\Matěj\Documents\Adobe Scripts
2016-01-17 16:58 - 2016-01-17 16:58 - 00005120 _____ C:\Users\Matěj\AppData\Roaming\GiftBag.db
2016-01-17 16:19 - 2016-01-17 21:57 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-01-17 16:18 - 2016-01-17 16:18 - 00001075 _____ C:\Users\Matěj\Desktop\Adobe Photoshop CS5 (64 Bit).lnk
2016-01-17 16:18 - 2016-01-17 16:18 - 00000000 ____D C:\Program Files\Adobe
2016-01-17 16:17 - 2016-01-17 16:18 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-01-17 16:16 - 2016-01-17 16:16 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk
2016-01-17 16:16 - 2016-01-17 16:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2016-01-17 16:16 - 2016-01-17 16:16 - 00000000 ____D C:\Program Files (x86)\Adobe Media Player
2016-01-17 16:14 - 2016-01-17 16:14 - 00001523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
2016-01-17 16:14 - 2016-01-17 16:14 - 00000997 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2016-01-17 16:14 - 2016-01-17 16:14 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-01-17 16:14 - 2016-01-17 16:14 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-01-16 19:05 - 2016-01-16 19:09 - 88433910 _____ C:\Users\Matěj\Downloads\MATEJ_VYBER_UPRAVENO.zip
2016-01-16 19:05 - 2016-01-16 19:09 - 88432360 _____ C:\Users\Matěj\Downloads\MATEJ_VYBER_UPRAVENO (1).zip
2016-01-12 21:19 - 2015-12-24 00:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-01-12 21:19 - 2015-12-23 23:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-01-12 21:19 - 2015-12-12 19:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-01-12 21:19 - 2015-12-12 19:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-01-12 21:19 - 2015-12-12 19:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-01-12 21:19 - 2015-12-12 19:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-01-12 21:19 - 2015-12-12 19:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-12 21:19 - 2015-12-12 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-01-12 21:19 - 2015-12-12 19:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-01-12 21:19 - 2015-12-12 19:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-12 21:19 - 2015-12-12 19:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-01-12 21:19 - 2015-12-12 18:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-01-12 21:19 - 2015-12-12 18:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-01-12 21:19 - 2015-12-12 18:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-01-12 21:19 - 2015-12-12 18:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-12 21:19 - 2015-12-12 18:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-01-12 21:19 - 2015-12-12 18:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-01-12 21:19 - 2015-12-12 18:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-01-12 21:19 - 2015-12-12 18:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-01-12 21:19 - 2015-12-12 18:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-01-12 21:19 - 2015-12-12 18:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-01-12 21:19 - 2015-12-12 18:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-01-12 21:19 - 2015-12-12 18:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-01-12 21:19 - 2015-12-12 18:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-01-12 21:19 - 2015-12-12 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-12 21:19 - 2015-12-12 18:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-01-12 21:19 - 2015-12-12 18:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-01-12 21:19 - 2015-12-12 18:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-12 21:19 - 2015-12-12 18:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-01-12 21:19 - 2015-12-12 18:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-12 21:19 - 2015-12-12 18:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-01-12 21:19 - 2015-12-12 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-01-12 21:19 - 2015-12-12 18:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-01-12 21:19 - 2015-12-12 18:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-01-12 21:19 - 2015-12-12 18:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-12 21:19 - 2015-12-12 18:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-01-12 21:19 - 2015-12-12 18:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-01-12 21:19 - 2015-12-12 18:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-12 21:19 - 2015-12-12 18:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-01-12 21:19 - 2015-12-12 18:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-01-12 21:19 - 2015-12-12 18:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-12 21:19 - 2015-12-12 17:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-12 21:19 - 2015-12-12 17:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-12 21:18 - 2015-12-12 19:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-12 21:18 - 2015-12-12 19:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-01-12 21:18 - 2015-12-12 19:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-01-12 21:18 - 2015-12-12 19:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-12 21:18 - 2015-12-12 19:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-01-12 21:18 - 2015-12-12 19:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-01-12 21:18 - 2015-12-12 19:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-12 21:18 - 2015-12-12 19:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-01-12 21:18 - 2015-12-12 19:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-01-12 21:18 - 2015-12-12 18:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-01-12 21:18 - 2015-12-12 18:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-01-12 21:18 - 2015-12-12 18:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-12 21:18 - 2015-12-12 18:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-01-12 21:18 - 2015-12-12 18:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-01-12 21:18 - 2015-12-12 18:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-01-12 21:18 - 2015-12-12 18:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-12 21:18 - 2015-12-12 18:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-01-12 21:18 - 2015-12-12 18:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-12 21:18 - 2015-12-12 17:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-12 21:18 - 2015-12-12 17:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-12 21:18 - 2015-12-12 17:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-12 21:16 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-12 21:16 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-12 21:16 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-01-12 21:16 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-01-12 21:16 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-01-12 21:16 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-01-12 21:12 - 2015-12-11 19:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-12 21:12 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-01-12 21:12 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-12 21:12 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-12 21:12 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-12 21:12 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-12 21:12 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-12 21:12 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-01-12 21:12 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-12 21:12 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-12 21:12 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-12 21:12 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-12 21:12 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-12 21:12 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-01-12 21:12 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-12 21:12 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-12 21:12 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-12 21:12 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-12 21:12 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-12 21:12 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-12 21:12 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-12 21:12 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-12 21:12 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-01-12 21:12 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-12 21:12 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-12 21:12 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-12 21:12 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-01-12 21:12 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-12 21:12 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-12 21:12 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-12 21:12 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-12 21:12 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-12 21:12 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-12 21:12 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-01-12 21:12 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-01-12 21:12 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-01-12 21:12 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-01-12 21:12 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-12 21:12 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-12 21:12 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-12 21:12 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-12 21:12 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-12 21:12 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-12 21:12 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-12 21:12 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-12 21:12 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-12 21:12 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-12 21:12 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-12 21:12 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-12 21:12 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-12 21:12 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-12 21:12 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-12 21:12 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-12 21:12 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-12 21:12 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-12 21:12 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-12 21:12 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-12 21:12 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-12 21:12 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-12 21:12 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-12 21:12 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-12 21:12 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-12 21:12 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-12 21:12 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-12 21:12 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-12 21:12 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-12 21:12 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-12 21:12 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-12 21:12 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-12 21:12 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-12 21:12 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-12 21:12 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-12 21:12 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-12 21:12 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-12 21:12 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-12 21:12 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-12 21:12 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-12 21:12 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-12 21:11 - 2015-12-08 18:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-12 21:07 - 2015-12-30 20:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-12 21:07 - 2015-12-30 20:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-12 21:07 - 2015-12-30 20:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-01-12 21:07 - 2015-12-30 20:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-12 21:07 - 2015-12-30 20:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-01-12 21:07 - 2015-12-30 20:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-01-12 21:07 - 2015-12-30 20:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-01-12 21:07 - 2015-12-30 20:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-01-12 21:07 - 2015-12-30 20:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-01-12 21:07 - 2015-12-30 20:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-01-12 21:07 - 2015-12-30 20:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-01-12 21:07 - 2015-12-30 20:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-01-12 21:07 - 2015-12-30 20:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-12 21:07 - 2015-12-30 20:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-01-12 21:07 - 2015-12-30 20:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-01-12 21:07 - 2015-12-30 20:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-01-12 21:07 - 2015-12-30 20:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-01-12 21:07 - 2015-12-30 20:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-01-12 21:07 - 2015-12-30 19:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-01-12 21:07 - 2015-12-30 19:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-12 21:07 - 2015-12-30 19:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-01-12 21:07 - 2015-12-30 19:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-12 21:07 - 2015-12-30 19:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-01-12 21:07 - 2015-12-30 19:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-01-12 21:07 - 2015-12-30 19:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-01-12 21:07 - 2015-12-30 19:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-01-12 21:07 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-01-12 21:07 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-01-12 21:07 - 2015-12-30 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-01-12 21:07 - 2015-12-30 19:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-01-12 21:07 - 2015-12-30 19:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-12 21:07 - 2015-12-30 19:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-01-12 21:07 - 2015-12-30 19:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-01-12 21:07 - 2015-12-30 19:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-01-12 21:07 - 2015-12-30 19:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-01-12 21:07 - 2015-12-30 19:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-01-12 21:07 - 2015-12-30 19:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-01-12 21:07 - 2015-12-30 19:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-01-12 21:07 - 2015-12-30 19:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-01-12 21:07 - 2015-12-30 19:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-12 21:07 - 2015-12-30 19:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-01-12 21:07 - 2015-12-30 19:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-01-12 21:07 - 2015-12-30 19:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-12 21:07 - 2015-12-30 19:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-01-12 21:07 - 2015-12-30 19:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-01-12 21:07 - 2015-12-30 19:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-01-12 21:07 - 2015-12-30 19:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 18:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-01-12 21:07 - 2015-12-30 18:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-01-12 21:07 - 2015-12-30 18:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-01-12 21:07 - 2015-12-30 18:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-01-12 21:07 - 2015-12-30 18:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-12 21:07 - 2015-12-30 18:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-01-12 21:07 - 2015-12-30 18:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-12 21:07 - 2015-12-30 18:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-01-12 21:07 - 2015-12-30 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-01-12 21:07 - 2015-12-30 18:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-01-12 21:07 - 2015-12-30 18:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-01-12 21:07 - 2015-12-30 18:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-01-12 21:07 - 2015-12-30 18:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-01-12 21:07 - 2015-12-30 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-01-12 21:07 - 2015-12-30 18:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 18:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 18:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-12 21:07 - 2015-12-30 18:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-12 21:07 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-12 21:07 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-12 21:07 - 2015-12-08 20:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-12 21:07 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-12 21:07 - 2015-11-17 02:11 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-12 21:07 - 2015-11-17 02:08 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-12 21:07 - 2015-11-17 02:08 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-12 21:07 - 2015-11-17 02:08 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-12 21:07 - 2015-11-17 02:08 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-12 21:07 - 2015-11-17 02:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-12 21:07 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-07 21:15 - 2016-01-07 21:16 - 00545360 _____ C:\Users\Matěj\Downloads\3.kolo (1).pdf
2016-01-07 16:06 - 2016-01-07 16:07 - 07635472 _____ (Microsoft Corporation) C:\Users\Matěj\Downloads\GetWindows10-sds_____________ (1).exe
2016-01-07 16:06 - 2016-01-07 16:06 - 07635472 _____ (Microsoft Corporation) C:\Users\Matěj\Downloads\GetWindows10-sds_____________.exe
2016-01-07 16:04 - 2015-08-05 18:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2016-01-07 16:04 - 2015-08-05 18:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-06 21:42 - 2015-04-25 19:42 - 00000000 ____D C:\Users\Matěj\AppData\Roaming\Skype
2016-02-06 21:33 - 2015-04-25 14:46 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-06 20:51 - 2009-07-14 05:45 - 00022208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-06 20:51 - 2009-07-14 05:45 - 00022208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-06 20:47 - 2015-11-26 22:01 - 00000000 ____D C:\Users\Matěj\AppData\Roaming\Seznam.cz
2016-02-06 20:44 - 2015-06-24 19:25 - 00000000 ___RD C:\Users\Matěj\Disk Google
2016-02-06 20:43 - 2015-04-25 16:06 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-02-06 20:42 - 2015-11-24 17:11 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-06 20:41 - 2015-04-25 14:46 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-06 20:41 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-06 16:35 - 2015-12-28 23:57 - 00000000 ____D C:\Users\Matěj\Desktop\CS
2016-02-06 09:51 - 2010-11-21 09:33 - 00668376 _____ C:\Windows\system32\perfh005.dat
2016-02-06 09:51 - 2010-11-21 09:33 - 00141004 _____ C:\Windows\system32\perfc005.dat
2016-02-06 09:51 - 2009-07-14 06:13 - 01582262 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-06 09:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-03 22:38 - 2015-04-25 14:47 - 00002212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-03 22:38 - 2015-04-25 14:47 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-03 17:37 - 2015-06-24 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-02-01 21:34 - 2015-06-25 21:15 - 00000000 ____D C:\Users\Matěj\AppData\Local\CrashDumps
2016-02-01 20:28 - 2015-04-25 14:46 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-01 20:28 - 2015-04-25 14:46 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-01 16:09 - 2015-07-03 02:20 - 00190648 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2016-01-31 12:31 - 2015-04-25 15:02 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2016-01-31 12:31 - 2015-04-25 15:00 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-01-31 12:27 - 2015-04-25 15:01 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-01-31 12:23 - 2015-04-25 19:41 - 00000000 ____D C:\ProgramData\Skype
2016-01-31 12:21 - 2015-04-25 19:42 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-31 12:19 - 2015-04-22 17:40 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-31 12:19 - 2015-04-22 17:40 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-30 16:12 - 2015-04-21 21:47 - 00110064 _____ C:\Users\Matěj\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-28 21:19 - 2015-05-06 14:12 - 00002133 _____ C:\Users\Public\Desktop\Zoner Photo Studio 17.lnk
2016-01-25 22:32 - 2015-04-23 10:30 - 00000000 ____D C:\Users\Matěj\AppData\Roaming\vlc
2016-01-25 21:09 - 2015-04-23 09:05 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-25 21:06 - 2015-04-23 09:04 - 00000000 ____D C:\ProgramData\Adobe
2016-01-23 18:14 - 2015-07-11 17:41 - 00000000 ____D C:\Users\Matěj\AppData\Local\Downloaded Installations
2016-01-23 18:14 - 2015-04-21 21:08 - 00000000 ____D C:\Windows\Panther
2016-01-23 18:14 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-01-18 20:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-01-17 22:17 - 2016-01-06 21:54 - 00000000 ____D C:\Program Files (x86)\Opera
2016-01-17 22:04 - 2015-04-23 09:03 - 00000000 ____D C:\Users\Matěj\AppData\Local\Adobe
2016-01-17 22:04 - 2015-04-21 22:23 - 00000000 ____D C:\Users\Matěj\AppData\Roaming\Adobe
2016-01-17 21:14 - 2015-04-23 09:04 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-01-17 17:13 - 2015-04-21 20:15 - 00000000 ____D C:\Users\Matěj
2016-01-17 17:12 - 2015-04-21 20:15 - 00000000 ____D C:\Users\Matěj\AppData\Local\VirtualStore
2016-01-14 23:02 - 2015-04-22 13:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 23:02 - 2015-04-22 13:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-14 19:47 - 2015-04-22 13:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-14 19:43 - 2015-04-21 21:16 - 00000000 ____D C:\Windows\system32\MRT
2016-01-14 19:31 - 2015-04-21 21:16 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-14 19:22 - 2015-04-22 13:18 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-14 19:22 - 2015-04-22 13:18 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-12 22:44 - 2015-05-17 19:16 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-07 20:01 - 2015-06-18 18:02 - 00000000 ____D C:\Users\Matěj\Documents\škola
2016-01-07 16:07 - 2015-04-21 20:47 - 00000000 ____D C:\Program Files (x86)\Intel

==================== Files in the root of some directories =======

2016-01-17 16:58 - 2016-01-17 16:58 - 0005120 _____ () C:\Users\Matěj\AppData\Roaming\GiftBag.db
2015-07-11 17:44 - 2015-07-11 17:44 - 0000268 ___RH () C:\Users\Matěj\AppData\Roaming\Noise Gate
2015-07-11 17:44 - 2015-07-11 17:44 - 0000268 ___RH () C:\ProgramData\PDEs
2015-07-11 17:07 - 2015-07-11 17:44 - 0000020 ____H () C:\ProgramData\PKP_DLdy.DAT

Some files in TEMP:
====================
C:\Users\Matěj\AppData\Local\Temp\DeltaTB.exe
C:\Users\Matěj\AppData\Local\Temp\sqlite3.dll
C:\Users\Matěj\AppData\Local\Temp\{755E1A79-0F05-4F19-BC33-286DE60D6475}-GoogleUpdateSetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-30 18:33

==================== End of FRST.txt ============================
Nahoru
souko
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 02 úno 2016 23:19

Re: Zavirovaný ntb, nejdou služby googlu

#10 Příspěvek od souko »

Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
Ran by Matěj (2016-02-06 21:46:38)
Running from C:\Users\Matěj\Downloads
Windows 7 Enterprise Service Pack 1 (X64) (2015-04-21 19:15:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1395220145-1857718944-4276470757-500 - Administrator - Disabled)
Guest (S-1-5-21-1395220145-1857718944-4276470757-501 - Limited - Disabled)
Matěj (S-1-5-21-1395220145-1857718944-4276470757-1000 - Administrator - Enabled) => C:\Users\Matěj
Veřejné (S-1-5-21-1395220145-1857718944-4276470757-1001 - Limited - Enabled) => C:\Users\Veřejné

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Kaspersky Total Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Total Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Kaspersky Total Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.270 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{D017489D-7999-9A9A-41F9-A79CF32EDFAA}) (Version: 3.0.868.0 - Advanced Micro Devices, Inc.)
Any Video Converter 5.8.7 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
BackyardNIKON 1.0.1 (HKLM-x32\...\{D1912004-9E87-47E5-9F8D-EE9604EE6C42}_is1) (Version: 1.0.1 - O'Telescope Corporation)
Balíček ovladače systému Windows - Lenovo (ACPIVPC) System (12/25/2008 4.1.0.1) (HKLM\...\DF50FA3D6DBB43107366DA6745DAEBE067A1AD5C) (Version: 12/25/2008 4.1.0.1 - Lenovo)
BlackBerry 10 Desktop Software (HKLM-x32\...\{a0642dd3-1105-464b-84c8-caaf676c39c8}) (Version: 1.1.0.22 - BlackBerry)
BlackBerry Blend (x32 Version: 1.1.0.23 - BlackBerry Ltd.) Hidden
BlackBerry Communication Drivers (x32 Version: 8.0.0.119 - BlackBerry Ltd.) Hidden
BlackBerry Device Drivers (x32 Version: 8.0.0.119 - BlackBerry Ltd.) Hidden
BlackBerry Link (x32 Version: 1.2.4.28 - BlackBerry) Hidden
BlackBerry Link Remover (x32 Version: 1.2.4.0 - BlackBerry Ltd.) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Camera Control Pro 2 (HKLM-x32\...\{FE96C49B-DB90-405E-A00E-09E38372F880}) (Version: 2.22.0 - Nikon Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.27.0 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Energy Management (HKLM-x32\...\{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}) (Version: 4.2.1.4 - Lenovo)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotolab Fotosvet (HKLM-x32\...\Fotolab Fotosvet) (Version: 5.1.8 - CEWE Stiftung u Co. KGaA)
Free Pascal 2.6.0 (HKLM-x32\...\FreePascal_is1) (Version: - Free Pascal Team)
GeoGet verze 2.9.2.759 (HKLM-x32\...\GeoGet_is1) (Version: 2.9.2.759 - )
Google Drive (HKLM-x32\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HWiNFO32 Version 4.64 (HKLM-x32\...\HWiNFO32_is1) (Version: 4.64 - Martin Malík - REALiX)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.396 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 15.0.2.396 - Kaspersky Lab) Hidden
Konvertor (remove only) (HKLM-x32\...\Konvertor) (Version: 5.03.Build 7 - Logipole)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.11.06 - Lenovo)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 pro studenty a domácnosti (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 44.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 44.0 (x86 cs)) (Version: 44.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
osu! (HKLM-x32\...\{1bef06f9-5d8a-47b2-a6a3-e48631dfe0e1}) (Version: latest - ppy Pty Ltd)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.67.4 - Lenovo Group Limited)
Prezi (HKLM-x32\...\{63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}) (Version: 5.2.8 - Prezi.com)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.82 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Seznam Software (HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\SeznamInstall) (Version: - Seznam.cz)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stepok RAW Importer v2.5 (HKLM-x32\...\Stepok RAW Importer_is1) (Version: - Stepok Image Lab.)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )
UmmyVideoDownloader (HKLM-x32\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.5.0.5 - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_EN_is1) (Version: 17.0.1.9 - ZONER software)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_CZ_is1) (Version: 18.0.1.1 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {118D6985-E69D-45B4-89B2-A7572F9D69F3} - System32\Tasks\AdobeAAMUpdater-1.0-NBDOMACI-Matěj => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-17] (Adobe Systems Incorporated)
Task: {3CB44F2E-853D-42E8-8137-0349B5DD0565} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {41D90753-FF05-4219-AEF9-F42999720FFB} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-01-19] (AVAST Software)
Task: {4FDCDF7C-7D86-4501-8566-096CC5889E64} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-25] (Google Inc.)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {6C6C7CAD-4D8F-4CBD-841A-1B0590C63D06} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {7C20B362-F2A3-44E7-8C1E-444D9DE14236} - System32\Tasks\{687FF070-D031-4479-921A-C166523798F3} => pcalua.exe -a "C:\Users\Matěj\Desktop\Mafia 1 – Plna Verze Hry – CZ\Setup.exe" -d "C:\Users\Matěj\Desktop\Mafia 1 – Plna Verze Hry – CZ"
Task: {873CA1A2-F866-4B18-B4EF-37F7D122A194} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {B8DB7DE7-8C58-4ED6-9B2D-19B620F9E799} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {C066333E-01DF-4594-8228-351708A11F8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-25] (Google Inc.)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {E30B73AB-2E1F-4BFD-8BC4-77E38826897B} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2015-01-29] (Lenovo Group Limited)
Task: {F20BF634-AAB7-408B-A5F1-28806CEE277D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-31] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-03-20 17:12 - 2015-03-20 17:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-11-20 14:57 - 2015-11-20 14:57 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-11-26 22:02 - 2015-05-26 12:35 - 00079872 _____ () C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\4562libfoxloader-x64.dll
2015-04-21 22:06 - 2015-01-29 05:07 - 00105472 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2015-04-25 21:32 - 2008-06-18 06:35 - 00048128 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2015-04-21 22:36 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-11-26 22:02 - 2015-05-26 12:38 - 00457384 _____ () C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2015-11-26 22:02 - 2015-05-26 12:36 - 00073896 _____ () C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2015-04-25 16:05 - 2015-04-25 16:05 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-25 16:05 - 2015-04-25 16:05 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-02-06 12:16 - 2016-02-06 12:16 - 02819072 _____ () C:\Program Files\AVAST Software\Avast\defs\16020600\algo.dll
2016-02-06 20:43 - 2016-02-06 20:43 - 02819072 _____ () C:\Program Files\AVAST Software\Avast\defs\16020601\algo.dll
2015-11-26 22:02 - 2015-05-26 12:37 - 00078504 _____ () C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\4562libfoxloader.dll
2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2015-11-26 22:02 - 2015-05-26 12:38 - 00862888 _____ () C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2015-11-26 22:02 - 2015-02-17 09:35 - 00764416 _____ () C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\libchinst.dll
2015-05-06 14:12 - 2014-09-09 12:30 - 00603648 _____ () C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2015-03-19 11:22 - 2015-03-19 11:22 - 00094208 _____ () C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\libxpmux.dll
2015-04-25 16:05 - 2015-04-25 16:05 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-02-06 20:42 - 2016-02-06 20:42 - 00098816 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\win32api.pyd
2016-02-06 20:41 - 2016-02-06 20:41 - 00110080 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\pywintypes27.dll
2016-02-06 20:41 - 2016-02-06 20:41 - 00364544 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\pythoncom27.dll
2016-02-06 20:42 - 2016-02-06 20:42 - 00320512 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\win32com.shell.shell.pyd
2016-02-06 20:41 - 2016-02-06 20:41 - 00776704 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\_hashlib.pyd
2016-02-06 20:42 - 2016-02-06 20:42 - 01176576 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\wx._core_.pyd
2016-02-06 20:42 - 2016-02-06 20:42 - 00806400 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\wx._gdi_.pyd
2016-02-06 20:42 - 2016-02-06 20:42 - 00816128 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\wx._windows_.pyd
2016-02-06 20:42 - 2016-02-06 20:42 - 01067008 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\wx._controls_.pyd
2016-02-06 20:42 - 2016-02-06 20:42 - 00733184 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\wx._misc_.pyd
2016-02-06 20:41 - 2016-02-06 20:41 - 00682496 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\pysqlite2._sqlite.pyd
2016-02-06 20:41 - 2016-02-06 20:41 - 00088064 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\_ctypes.pyd
2016-02-06 20:42 - 2016-02-06 20:42 - 00119808 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\win32file.pyd
2016-02-06 20:42 - 2016-02-06 20:42 - 00108544 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\win32security.pyd
2016-02-06 20:41 - 2016-02-06 20:41 - 00007168 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\hashobjs_ext.pyd
2016-02-06 20:41 - 2016-02-06 20:41 - 00017920 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\thumbnails_ext.pyd
2016-02-06 20:42 - 2016-02-06 20:42 - 00088064 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\usb_ext.pyd
2016-02-06 20:42 - 2016-02-06 20:42 - 00167936 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\win32gui.pyd
2016-02-06 20:42 - 2016-02-06 20:42 - 00018432 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\win32event.pyd
2016-02-06 20:41 - 2016-02-06 20:41 - 00046080 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\_socket.pyd
2016-02-06 20:41 - 2016-02-06 20:41 - 01208320 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\_ssl.pyd
2016-02-06 20:41 - 2016-02-06 20:41 - 00128512 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\_elementtree.pyd
2016-02-06 20:41 - 2016-02-06 20:41 - 00127488 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\pyexpat.pyd
2016-02-06 20:41 - 2016-02-06 20:41 - 00013824 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\common.time34.pyd
2016-02-06 20:41 - 2016-02-06 20:41 - 00036864 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\_psutil_windows.pyd
2016-02-06 20:42 - 2016-02-06 20:42 - 00038912 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\win32inet.pyd
2016-02-06 20:42 - 2016-02-06 20:42 - 00525240 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\windows._lib_cacheinvalidation.pyd
2016-02-06 20:42 - 2016-02-06 20:42 - 00011264 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\win32crypt.pyd
2016-02-06 20:42 - 2016-02-06 20:42 - 00077312 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\wx._html2.pyd
2016-02-06 20:41 - 2016-02-06 20:41 - 00027136 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\_multiprocessing.pyd
2016-02-06 20:41 - 2016-02-06 20:41 - 00020480 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\_yappi.pyd
2016-02-06 20:42 - 2016-02-06 20:42 - 00035840 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\win32process.pyd
2016-02-06 20:41 - 2016-02-06 20:42 - 00686080 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\unicodedata.pyd
2016-02-06 20:42 - 2016-02-06 20:42 - 00078848 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\wx._animate.pyd
2016-02-06 20:42 - 2016-02-06 20:42 - 00123392 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\wx._wizard.pyd
2016-02-06 20:42 - 2016-02-06 20:42 - 00024064 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\win32pipe.pyd
2016-02-06 20:41 - 2016-02-06 20:41 - 00010240 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\select.pyd
2016-02-06 20:42 - 2016-02-06 20:42 - 00025600 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\win32pdh.pyd
2016-02-06 20:42 - 2016-02-06 20:42 - 00017408 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\win32profile.pyd
2016-02-06 20:42 - 2016-02-06 20:42 - 00022528 _____ () C:\Users\MATJ~1\AppData\Local\Temp\_MEI24282\win32ts.pyd
2016-02-03 22:37 - 2016-02-03 08:27 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libglesv2.dll
2016-02-03 22:37 - 2016-02-03 08:27 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Matěj\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6FD8B651-09F3-473A-B161-EE3B3646E878}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EDFAA3E0-5873-410C-82AB-B453C28FD95B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FDC31631-DE26-4954-B46F-985D46F3D8B9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{7BFB9805-E813-4A9F-93F8-BFB3CA414136}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Allow) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [UDP Query User{B6555C7F-EE6C-4674-9921-AAF29309D310}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Allow) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [{A76001EF-9807-4235-8581-53F7AB30ED34}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{59A1F61F-1698-4878-A6BB-2BD2DB280FB6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F3265FE8-08CE-484D-A93C-395E47784E8C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5DF5D97F-7253-4683-9DF2-13108CE4F372}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{6DCDEB6F-F3A0-493A-8E3F-B27172F0059C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{A28E4037-A8D3-4479-AD63-1E1341600380}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{6834B6C8-A1BD-4DDD-9C1F-45A203770785}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{D12A7933-CDD3-40E9-BF18-DB0828D53F4F}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{EE6625A5-E01A-47EB-8B21-B171F0C45EE8}] => (Block) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [{7FE84634-6E23-4B90-B36F-BA02EDD10BDF}] => (Block) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [{8AB5B024-C4CD-4490-9DA4-D6E7A2967742}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C1448B39-CC21-4D95-9EAC-A318AD009CB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0A5FCC05-FDB0-4F3B-94C6-BE928CEC1647}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{B57BB39F-6450-4019-83E6-66F72AAEB034}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe

==================== Restore Points =========================

31-01-2016 12:28:04 Installed iTunes
01-02-2016 22:31:49 Advanced System~Protector
02-02-2016 17:02:59 Windows Update
06-02-2016 12:34:19 Windows Update
06-02-2016 20:47:02 Windows Zálohování

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/06/2016 08:43:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/06/2016 08:30:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/06/2016 04:12:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/06/2016 12:15:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/06/2016 11:35:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/06/2016 11:02:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/06/2016 09:46:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/05/2016 10:22:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 6.1.7601.17567 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1620

Čas spuštění: 01d1605a51ef4bce

Čas ukončení: 60

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 8c2dbf48-cc4e-11e5-bdc7-0270a2710501

Error: (02/05/2016 10:15:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.1.7601.17567 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: eb4

Čas spuštění: 01d1600a2ccb62da

Čas ukončení: 2286

Cesta k aplikaci: C:\Windows\Explorer.EXE

ID hlášení: 8c277f7b-cc4d-11e5-bdc7-0270a2710501

Error: (02/05/2016 12:23:38 PM) (Source: ESENT) (EventID: 439) (User: )
Description: Windows (2944) Windows: Pro soubor C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk nelze zapsat stínové záhlaví. Chyba -1032


System errors:
=============
Error: (02/06/2016 08:44:09 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error: (02/06/2016 08:44:08 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error: (02/06/2016 08:44:07 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error: (02/06/2016 08:42:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníSpuštění{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)

Error: (02/06/2016 08:42:12 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (02/06/2016 08:41:12 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (20:31:47, ‎6.‎2.‎2016) bylo neočekávané.

Error: (02/06/2016 08:39:42 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error: (02/06/2016 08:39:24 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error: (02/06/2016 08:39:06 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error: (02/06/2016 08:38:48 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR1 má chybný blok.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 76%
Total physical RAM: 4009.98 MB
Available physical RAM: 927.6 MB
Total Virtual: 8018.18 MB
Available Virtual: 4404.54 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:308.72 GB) NTFS
Drive d: () (Fixed) (Total:465.57 GB) (Free:388.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7ED0AC89)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 07BF154E)

Partition: GPT.
Partition 2: (Not Active) - (Size=465.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7322
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Zavirovaný ntb, nejdou služby googlu

#11 Příspěvek od altrok »

:arrow: Odinstalujte
  • Seznam Software - pokud nepouzivate, protoze velice casto byva instalovan jako adware

:arrow: V PC mate nainstalovane 3 antiviry - dva odinstalujte a ponechejte si jen jeden!
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Kaspersky Total Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}


  • Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
  • ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
  • znovu spustte FRST a kliknete na Fix
  • po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17058.221\QQPCTray.exe" /regrun
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Matěj\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\MountPoints2: {143688b5-c1f3-11e5-8073-0270627d0501} - D:\autorun.exe
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\MountPoints2: {7bb617ae-fb3f-11e4-8c58-e89a8f8e281b} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\start.exe
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\MountPoints2: {91e1e64b-fcad-11e4-9da2-e89a8f8e281b} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\setup.exe
SearchScopes: HKU\S-1-5-21-1395220145-1857718944-4276470757-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Extension: (电脑管家上网防护) - C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-02-06]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-25]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-14]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2016-02-06 16:05 - 2016-02-06 16:09 - 00000000 ____D C:\AdwCleaner
2016-02-06 16:05 - 2016-02-06 16:05 - 01508352 _____ C:\Users\Matěj\Downloads\adwcleaner_5.032.exe
2016-02-04 21:40 - 2016-02-04 21:41 - 00000000 ____D C:\rsit
2016-02-04 21:40 - 2016-02-04 21:41 - 00000000 ____D C:\Program Files\trend micro
2016-02-04 21:40 - 2016-02-04 21:40 - 01222144 _____ C:\Users\Matěj\Downloads\RSITx64.exe
2016-02-01 19:21 - 2016-02-01 19:21 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Matěj\Downloads\SpyHunter-Installer.exe
2016-02-01 19:32 - 2016-02-01 19:32 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Matěj\Downloads\SpyHunter-Installer (1).exe
Task: {7C20B362-F2A3-44E7-8C1E-444D9DE14236} - System32\Tasks\{687FF070-D031-4479-921A-C166523798F3} => pcalua.exe -a "C:\Users\Matěj\Desktop\Mafia 1 – Plna Verze Hry – CZ\Setup.exe" -d "C:\Users\Matěj\Desktop\Mafia 1 – Plna Verze Hry – CZ"
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
souko
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 02 úno 2016 23:19

Re: Zavirovaný ntb, nejdou služby googlu

#12 Příspěvek od souko »

Omlouvám se za dlouhou dobu, kdy se to nikam nehnulo, ale kamarád byl na lyžáku pak zase já na víkend s kamarády pryč apod.

Takže log.
Fix result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
Ran by Matěj (2016-02-15 22:02:03) Run:1
Running from C:\Users\Matěj\Desktop
Loaded Profiles: Matěj (Available Profiles: Matěj & Veřejné)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17058.221\QQPCTray.exe" /regrun
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Matěj\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Matěj\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\MountPoints2: {143688b5-c1f3-11e5-8073-0270627d0501} - D:\autorun.exe
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\MountPoints2: {7bb617ae-fb3f-11e4-8c58-e89a8f8e281b} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\start.exe
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\...\MountPoints2: {91e1e64b-fcad-11e4-9da2-e89a8f8e281b} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\setup.exe
SearchScopes: HKU\S-1-5-21-1395220145-1857718944-4276470757-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Extension: (电脑管家上网防护) - C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-02-06]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-25]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-14]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2016-02-06 16:05 - 2016-02-06 16:09 - 00000000 ____D C:\AdwCleaner
2016-02-06 16:05 - 2016-02-06 16:05 - 01508352 _____ C:\Users\Matěj\Downloads\adwcleaner_5.032.exe
2016-02-04 21:40 - 2016-02-04 21:41 - 00000000 ____D C:\rsit
2016-02-04 21:40 - 2016-02-04 21:41 - 00000000 ____D C:\Program Files\trend micro
2016-02-04 21:40 - 2016-02-04 21:40 - 01222144 _____ C:\Users\Matěj\Downloads\RSITx64.exe
2016-02-01 19:21 - 2016-02-01 19:21 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Matěj\Downloads\SpyHunter-Installer.exe
2016-02-01 19:32 - 2016-02-01 19:32 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Matěj\Downloads\SpyHunter-Installer (1).exe
Task: {7C20B362-F2A3-44E7-8C1E-444D9DE14236} - System32\Tasks\{687FF070-D031-4479-921A-C166523798F3} => pcalua.exe -a "C:\Users\Matěj\Desktop\Mafia 1 – Plna Verze Hry – CZ\Setup.exe" -d "C:\Users\Matěj\Desktop\Mafia 1 – Plna Verze Hry – CZ"
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ QQPCTray => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value removed successfully
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value removed successfully
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value removed successfully
HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value removed successfully
"HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{143688b5-c1f3-11e5-8073-0270627d0501}" => key removed successfully
HKCR\CLSID\{143688b5-c1f3-11e5-8073-0270627d0501} => key not found.
"HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7bb617ae-fb3f-11e4-8c58-e89a8f8e281b}" => key removed successfully
HKCR\CLSID\{7bb617ae-fb3f-11e4-8c58-e89a8f8e281b} => key not found.
"HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91e1e64b-fcad-11e4-9da2-e89a8f8e281b}" => key removed successfully
HKCR\CLSID\{91e1e64b-fcad-11e4-9da2-e89a8f8e281b} => key not found.
"HKU\S-1-5-21-1395220145-1857718944-4276470757-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => key removed successfully
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => key removed successfully
Could not move "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx" => Scheduled to move on reboot.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => key removed successfully
Could not move "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx" => Scheduled to move on reboot.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\wrc@avast.com => value removed successfully

"C:\Program Files\AVAST Software\Avast\WebRep\FF" folder move:

Could not move "C:\Program Files\AVAST Software\Avast\WebRep\FF" => Scheduled to move on reboot.

klkbdflt2 => service not found.
VGPU => service removed successfully
C:\AdwCleaner => moved successfully
C:\Users\Matěj\Downloads\adwcleaner_5.032.exe => moved successfully
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\Matěj\Downloads\RSITx64.exe => moved successfully
C:\Users\Matěj\Downloads\SpyHunter-Installer.exe => moved successfully
C:\Users\Matěj\Downloads\SpyHunter-Installer (1).exe => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7C20B362-F2A3-44E7-8C1E-444D9DE14236}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C20B362-F2A3-44E7-8C1E-444D9DE14236}" => key removed successfully
C:\Windows\System32\Tasks\{687FF070-D031-4479-921A-C166523798F3} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{687FF070-D031-4479-921A-C166523798F3}" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 21.4 GB temporary data Removed.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-02-15 22:05:50)

"C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx" => Could not move
"C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx" => Could not move
"C:\Program Files\AVAST Software\Avast\WebRep\FF" => Could not move

==== End of Fixlog 22:05:51 ====
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7322
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Zavirovaný ntb, nejdou služby googlu

#13 Příspěvek od altrok »

:arrow: Jake problemy na tomto PC pozorujete ted?



:arrow: Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pozn. pri druhem a dalsim spusteni FRST je pro vytvoreni logu Addition.txt nutne tuto volbu explicitne zatrhnout pred zacatkem skenu.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
souko
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 02 úno 2016 23:19

Re: Zavirovaný ntb, nejdou služby googlu

#14 Příspěvek od souko »

Nyní již vše funguje.

Děkuji za pomoc.

Ať se daří
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7322
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Zavirovaný ntb, nejdou služby googlu

#15 Příspěvek od altrok »

Nemate zac, rad jsem pomohl :worship:


Mejte se krasne a treba zase nekdy :bye:
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“