Logfile of random's system information tool 1.14 (written by random/random)
Run by Adrian at 2017-01-23 19:55:08
Microsoft Windows 10 Home
System drive C: has 160 GB (23%) free of 703 GB
Total RAM: 3971 MB (55% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:55:14, on 23. 1. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
C:\PROGRA~2\RELEVA~1\rlvknlg32.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
C:\Program Files\trend micro\Adrian_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [AmIcoSinglun64] "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
O4 - HKLM\..\Run: [1.TPUReg] "C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe"
O4 - HKLM\..\Run: [TSVU] "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: Aktualizace oznámení.lnk = C:\Program Files\WinZip\WZUpdateNotifier.exe
O4 - Global Startup: FAH.lnk = C:\Program Files\WinZip\FAHConsole.exe
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O4 - Global Startup: WinZip Preloader.lnk = C:\Program Files\WinZip\WzPreloader.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files\Microsoft Office\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Poslat do On&eNotu - res://C:\Program Files\Microsoft Office\Office16\ONBttnIE.dll/105
O9 - Extra button: Poslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Poslat do On&eNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Connectify - Connectify - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Biometric and Context Agent Service (IntelBCAsvc) - Intel(R) Corporation - C:\Program Files\Intel\BCA\pabeSvc64.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: RelevantKnowledge - TMRG, Inc. - C:\Program Files (x86)\RelevantKnowledge\rlservice.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - Tempo Semiconductor Inc - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TEMPRO Service (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: Intel Security True Key Helper Service (TrueKeyServiceHelper) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WD SmartWare Drive Manager Service (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 16142 bytes
======Enumerating Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\igfxCUIService.exe
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe"
"C:\Program Files\Intel\BCA\pabeSvc64.exe"
"C:\Program Files (x86)\RelevantKnowledge\rlservice.exe" /service
"C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe"
"C:\Program Files\TOSHIBA\Teco\TecoService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files (x86)\Connectify\ConnectifyService.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Windows\system32\TODDSrv.exe
C:\Program Files (x86)\Connectify\ConnectifyD.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
C:\WINDOWS\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\igfxEM.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\igfxHK.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\system32\igfxTray.exe
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\fontdrvhost.exe
"C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe" /hide
C:\WINDOWS\system32\DllHost.exe /Processid:{49F6E667-6658-4BD1-9DE9-6AF87F9FAF85}
C:\WINDOWS\system32\DllHost.exe /Processid:{448AEE3B-DC65-4AF6-BF5F-DCE86D62B6C7}
C:\WINDOWS\system32\svchost.exe -k SDRSVC
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
"C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe" -boot
"C:\PROGRA~2\RELEVA~1\rlvknlg64.exe" 9264
"C:\PROGRA~2\RELEVA~1\rlvknlg32.exe" 9264
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\AUDIODG.EXE 0x5fc
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
C:\Windows\System32\smartscreen.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 652 656 664 8192 660
"C:\Users\Adrian\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Norton Security Scan for Adrian.job - C:\PROGRA~2\NORTON~2\Engine\431~1.3\Nss.exe /scan-quick /scheduled
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\AutoKMS - C:\Windows\AutoKMS.exe
C:\WINDOWS\system32\tasks\AutoKMSDaily - C:\Windows\AutoKMS.exe
C:\WINDOWS\system32\tasks\avast! Emergency Update - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\CreateChoiceProcessTask - C:\Windows\BrowserChoice\browserchoice.exe /launch
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\klcp_update - "C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe" /verysilent /update /freq=30
C:\WINDOWS\system32\tasks\McAfee Remediation (Prepare) - C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe /prepare
C:\WINDOWS\system32\tasks\Norton Security Scan for Adrian - C:\PROGRA~2\NORTON~2\Engine\431~1.3\Nss.exe /scan-quick /scheduled
C:\WINDOWS\system32\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3809139199-386801105-3546470006-1002 - C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe /bgrecordaliveevent
C:\WINDOWS\system32\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3809139199-386801105-3546470006-1002 - C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe /logoncheck
C:\WINDOWS\system32\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3809139199-386801105-3546470006-1002 - C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe /scheduledcheck
C:\WINDOWS\system32\tasks\Resolution+ Setting Task - C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe
C:\WINDOWS\system32\tasks\SafeZone scheduled Autoupdate 1470022667 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\Synaptics TouchPad Enhancements - "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{FE3A5D4E-4A52-446E-8C5A-03B0B574B1D7} - C:\Windows\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{5C80C53B-17E5-411D-A22C-873754AE0D62} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Kobra 11 Nitro\C11_PC.exe" -d "C:\Program Files\Kobra 11 Nitro"
C:\WINDOWS\system32\tasks\{8158CAA7-95C9-40B5-9406-F1C8E6C6635D} - C:\Windows\system32\pcalua.exe -a "C:\Users\Adrian\Documents\Torrent\Guitar Pro 5.2 (with complete RSE packs)\RSE_BASSES.exe" -d "C:\Users\Adrian\Documents\Torrent\Guitar Pro 5.2 (with complete RSE packs)"
C:\WINDOWS\system32\tasks\{A3512072-3EEB-4167-A9AD-1360A3259C53} - C:\Windows\system32\pcalua.exe -a "C:\Users\Adrian\Documents\Torrent\DVD Shrink 3,2 + CZ\DVDShrink32015.exe" -d "C:\Users\Adrian\Documents\Torrent\DVD Shrink 3,2 + CZ"
C:\WINDOWS\system32\tasks\TOSHIBA\CommonNotifier - C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
C:\WINDOWS\system32\tasks\TOSHIBA\Service Station - "C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe" /hide
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\Windows\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe RebootDialog
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\Windows\system32\MRT.exe /EHB /Q
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office 15 Subscription Heartbeat - %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 - "C:\Program Files\Microsoft Office\Office16\msoia.exe" scan upload mininterval:2880
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 - "C:\Program Files\Microsoft Office\Office16\msoia.exe" scan upload
=========Mozilla firefox=========
ProfilePath - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=22668"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.194 Plugin
"Path"=C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Skype for Business Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@photodex.com/PhotodexPresenter]
"Description"=Photodex Presenter Plugin
"Path"=C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.194 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\extensions\
trash
C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\searchplugins\
seznam-avast.xml
C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\extensions.json
Avast SafePrice - extension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Avast Online Security - extension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
Firefox Hotfix - extension - firefox-hotfix@mozilla.org - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\extensions\firefox-hotfix@mozilla.org.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\pluginreg.dat
Plugin - Adobe Acrobat - 15.23.20053.15062 - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Plugin - Google Update - 1.3.32.7 - C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
Plugin - Photodex Presenter Plugin - 6.0.0.3410 - C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll
Plugin - Nokia Suite Enabler Plugin - 1.0.0.1 - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
Plugin - Microsoft Office 2016 - 16.0.4266.1001 - C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL
Plugin - Silverlight Plug-In - 5.1.50901.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
Plugin - Microsoft Office 2016 - 16.0.4288.1000 - C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
Plugin - Adobe Acrobat - 15.23.20053.15062 - C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
Plugin - Java(TM) Platform SE 8 U91 - 11.91.2.14 - C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 8.0.910.14 - 11.91.2.14 - C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npdeployJava1.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Plugin - Shockwave Flash - 24.0.0.194 - C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll
Plugin - Unity Player - 5.3.2.31412 - C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
=========Google Chrome=========
C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension eofcbnmajmjmplflapaojjnihcjkigck 0 Avast SafePrice 12.0.155
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gomekmidlodglbbmalcneegieacbdmki 0 Avast Online Security 12.0.163
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.1
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5516.1005.0.3
Homepage:
default_search_provider.search_url:
C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-05-13 622984]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-12-13 236744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\PROGRA~1\MICROS~2\Office16\GROOVEEX.DLL [2016-11-16 2179376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15 988400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-05-13 521608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31 161448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-21 462400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL [2016-11-16 1524528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-21 173120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15 988400]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TSSSrv"=C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [2013-09-12 296520]
"TecoResident"=C:\Program Files\TOSHIBA\Teco\TecoResident.exe [2013-08-21 178016]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2013-08-13 354144]
"TCrdMain"=C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2013-08-18 2556768]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-05-02 2398776]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2016-05-03 391648]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-10-08 3954880]
"Connectify Hotspot"=C:\Program Files (x86)\Connectify\Connectify.exe [2016-12-14 4131384]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-07-29 554184]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-11-18 4179288]
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2014-11-19 1092448]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-12-06 9288408]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [2014-09-12 437248]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2002-04-12 383768]
"1.TPUReg"=C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2013-03-27 2216800]
"TSVU"=c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [2013-07-23 516512]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-20 9080768]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Aktualizace oznámení.lnk - C:\Program Files\WinZip\WZUpdateNotifier.exe
FAH.lnk - C:\Program Files\WinZip\FAHConsole.exe
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
WinZip Preloader.lnk - C:\Program Files\WinZip\WzPreloader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=%SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-01-23 19:55:08 ----D---- C:\rsit
2017-01-17 16:06:03 ----A---- C:\WINDOWS\SYSWOW64\rlls.dll
2017-01-17 16:06:03 ----A---- C:\WINDOWS\system32\rlls64.dll
2017-01-16 20:11:48 ----D---- C:\Program Files (x86)\RelevantKnowledge
2017-01-16 20:11:25 ----AD---- C:\Program Files (x86)\Beneton Movie GIF
2017-01-13 20:39:52 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-13 20:39:51 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-13 20:39:48 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-01-13 20:39:47 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-13 20:39:47 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-01-13 20:39:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2017-01-13 20:39:45 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2017-01-13 20:39:45 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-01-13 20:39:45 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-01-13 20:39:44 ----A---- C:\WINDOWS\system32\d2d1.dll
2017-01-13 20:39:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2017-01-13 20:39:43 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2017-01-13 20:39:43 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-13 20:39:38 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-13 20:39:15 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-01-13 20:39:03 ----A---- C:\WINDOWS\system32\rdpcore.dll
2017-01-13 20:39:03 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-13 20:39:02 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2017-01-13 20:39:01 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-01-13 20:39:01 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-13 20:39:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.CredDialogController.dll
2017-01-13 20:39:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2017-01-13 20:39:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2017-01-13 20:39:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2017-01-13 20:39:00 ----A---- C:\WINDOWS\system32\rdpencom.dll
2017-01-13 20:38:59 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-01-13 20:38:59 ----A---- C:\WINDOWS\system32\winlogon.exe
2017-01-13 20:38:59 ----A---- C:\WINDOWS\system32\D3D12.dll
2017-01-13 20:38:58 ----A---- C:\WINDOWS\SYSWOW64\offlinesam.dll
2017-01-13 20:38:58 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-01-13 20:38:58 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-01-13 20:38:58 ----A---- C:\WINDOWS\system32\samsrv.dll
2017-01-13 20:38:57 ----A---- C:\WINDOWS\system32\offlinesam.dll
2017-01-13 20:38:57 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-01-13 20:38:56 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2017-01-13 20:38:56 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2017-01-13 20:38:54 ----A---- C:\WINDOWS\system32\shell32.dll
2017-01-13 20:38:53 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-01-13 20:38:51 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-01-13 20:38:50 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-01-13 20:38:50 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-01-13 20:38:50 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-01-13 20:38:50 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-01-13 20:38:49 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2017-01-13 20:38:49 ----A---- C:\WINDOWS\SYSWOW64\MSVP9DEC.dll
2017-01-13 20:38:49 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2017-01-13 20:38:49 ----A---- C:\WINDOWS\system32\ImplatSetup.dll
2017-01-13 20:38:48 ----A---- C:\WINDOWS\SYSWOW64\WinSCard.dll
2017-01-13 20:38:48 ----A---- C:\WINDOWS\SYSWOW64\cryptui.dll
2017-01-13 20:38:48 ----A---- C:\WINDOWS\system32\wow64.dll
2017-01-13 20:38:48 ----A---- C:\WINDOWS\system32\WinSCard.dll
2017-01-13 20:38:48 ----A---- C:\WINDOWS\system32\cryptui.dll
2017-01-13 20:38:47 ----A---- C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-13 20:38:47 ----A---- C:\WINDOWS\system32\certprop.dll
2017-01-13 20:38:45 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2017-01-13 20:38:45 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2017-01-13 20:38:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-01-13 20:38:44 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-01-13 20:38:44 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-01-13 20:38:44 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2017-01-13 20:38:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-01-13 20:38:38 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-01-13 20:38:38 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-01-13 20:38:38 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-13 20:38:37 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-01-13 20:38:36 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-13 20:38:34 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2017-01-13 20:38:32 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-01-13 20:38:31 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-01-13 20:38:31 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-01-13 20:38:30 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-13 20:38:29 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2017-01-13 20:38:29 ----A---- C:\WINDOWS\system32\mspaint.exe
2017-01-13 20:38:29 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-13 20:38:28 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-01-13 20:38:28 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2017-01-13 20:38:27 ----A---- C:\WINDOWS\system32\twinui.dll
2017-01-13 20:38:26 ----A---- C:\WINDOWS\system32\winmde.dll
2017-01-13 20:38:26 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-13 20:38:26 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-01-13 20:38:25 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-01-13 20:38:21 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-01-13 20:38:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-13 20:38:17 ----A---- C:\WINDOWS\system32\usocore.dll
2017-01-13 20:38:16 ----A---- C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-13 20:38:16 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2017-01-13 20:38:16 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-13 20:38:15 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2017-01-13 20:38:15 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2017-01-13 20:38:15 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-01-13 20:38:14 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2017-01-13 20:38:14 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-13 20:38:13 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2017-01-13 20:38:13 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2017-01-13 20:38:13 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-01-13 20:38:13 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-13 20:38:12 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-01-13 20:38:12 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-01-13 20:38:12 ----A---- C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-13 20:38:11 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2017-01-13 20:38:11 ----A---- C:\WINDOWS\SYSWOW64\CloudBackupSettings.dll
2017-01-13 20:38:11 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-13 20:38:11 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-01-13 20:38:11 ----A---- C:\WINDOWS\system32\win32k.sys
2017-01-13 20:38:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-01-13 20:38:10 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-01-13 20:38:09 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-13 20:38:09 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2017-01-13 20:38:09 ----A---- C:\WINDOWS\system32\SRH.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\domgmt.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\AudioSes.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\AudioEng.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\aclui.dll
2017-01-13 20:38:07 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2017-01-13 20:38:07 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-13 20:38:07 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-01-13 20:38:07 ----A---- C:\WINDOWS\system32\ClipUp.exe
2017-01-13 20:38:06 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2017-01-13 20:38:06 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-01-13 20:38:05 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2017-01-13 20:38:05 ----A---- C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-13 20:38:05 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2017-01-13 20:38:04 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-01-13 20:38:04 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-13 20:38:04 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2017-01-13 20:38:03 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2017-01-13 20:38:03 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2017-01-13 20:38:03 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2017-01-13 20:38:03 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2017-01-13 20:38:03 ----A---- C:\WINDOWS\system32\cloudAP.dll
2017-01-13 20:38:02 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-01-13 20:38:02 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-13 20:38:02 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-13 20:38:02 ----A---- C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-13 20:38:02 ----A---- C:\WINDOWS\system32\fhcfg.dll
2017-01-13 20:38:02 ----A---- C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-13 20:38:00 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-01-13 20:38:00 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2017-01-13 20:37:59 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-01-13 20:37:48 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-13 20:37:47 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-13 20:37:46 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-01-13 20:37:43 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2017-01-13 20:37:43 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2017-01-13 20:37:43 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-01-13 20:37:43 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-01-13 20:37:42 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-01-13 20:37:39 ----A---- C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-13 20:37:39 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-13 20:37:38 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2017-01-13 20:37:37 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2017-01-13 20:37:36 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-01-13 20:37:36 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-01-13 20:37:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-13 20:37:35 ----A---- C:\WINDOWS\system32\provengine.dll
2017-01-13 20:37:34 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2017-01-13 20:37:33 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2017-01-13 20:37:33 ----A---- C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-13 20:37:33 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2017-01-04 18:48:50 ----AD---- C:\Program Files\CCleaner
2017-01-03 18:39:01 ----A---- C:\WINDOWS\system32\drivers\cnnctfy4.sys
2017-01-03 18:39:01 ----A---- C:\WINDOWS\system32\drivers\cfywlan2.sys
2017-01-03 18:38:58 ----AD---- C:\Program Files (x86)\Connectify
2017-01-03 18:36:46 ----D---- C:\ProgramData\Connectify
======List of files/folders modified in the last 1 month======
2017-01-23 19:55:13 ----D---- C:\Program Files\trend micro
2017-01-23 19:47:53 ----HD---- C:\ProgramData
2017-01-23 19:44:43 ----D---- C:\WINDOWS\Temp
2017-01-23 19:37:41 ----D---- C:\WINDOWS\system32\SleepStudy
2017-01-23 19:24:01 ----D---- C:\WINDOWS\system32\sru
2017-01-23 19:18:13 ----D---- C:\WINDOWS\system32\config
2017-01-23 19:11:54 ----D---- C:\WINDOWS\Prefetch
2017-01-23 19:02:02 ----RD---- C:\WINDOWS\Microsoft.NET
2017-01-23 18:50:17 ----D---- C:\WINDOWS\AppReadiness
2017-01-23 18:47:08 ----HD---- C:\Program Files\WindowsApps
2017-01-23 18:31:43 ----SHD---- C:\WINDOWS\Installer
2017-01-23 18:31:17 ----AD---- C:\WINDOWS\SysWOW64
2017-01-23 18:22:45 ----D---- C:\WINDOWS\system32\drivers
2017-01-19 21:32:01 ----D---- C:\WINDOWS\LiveKernelReports
2017-01-19 21:23:07 ----D---- C:\WINDOWS\System32
2017-01-17 18:13:48 ----D---- C:\Users\Adrian\AppData\Roaming\uTorrent
2017-01-17 16:19:47 ----D---- C:\WINDOWS\INF
2017-01-17 16:06:53 ----D---- C:\WINDOWS\system32\Macromed
2017-01-17 16:06:50 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-01-17 16:02:44 ----D---- C:\WINDOWS\WinSxS
2017-01-17 15:55:28 ----D---- C:\WINDOWS\system32\DriverStore
2017-01-17 15:53:39 ----D---- C:\Windows
2017-01-16 23:32:04 ----D---- C:\WINDOWS\system32\catroot2
2017-01-16 23:30:42 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-01-16 23:30:42 ----D---- C:\WINDOWS\system32\wbem
2017-01-16 23:30:42 ----D---- C:\WINDOWS\system32\oobe
2017-01-16 23:30:40 ----D---- C:\WINDOWS\ShellExperiences
2017-01-16 23:30:39 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-01-16 23:30:39 ----D---- C:\WINDOWS\Provisioning
2017-01-16 23:30:38 ----D---- C:\Program Files\Internet Explorer
2017-01-16 23:30:38 ----D---- C:\Program Files (x86)\Internet Explorer
2017-01-16 23:26:29 ----SD---- C:\Users\Adrian\AppData\Roaming\Microsoft
2017-01-16 20:11:48 ----RD---- C:\Program Files (x86)
2017-01-16 18:11:14 ----D---- C:\ProgramData\Microsoft Help
2017-01-16 18:08:33 ----D---- C:\WINDOWS\CbsTemp
2017-01-16 17:45:30 ----D---- C:\WINDOWS\system32\MRT
2017-01-16 17:35:00 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-01-16 17:27:12 ----A---- C:\WINDOWS\win.ini
2017-01-15 15:46:27 ----SHD---- C:\System Volume Information
2017-01-15 13:53:15 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-15 09:16:07 ----D---- C:\ProgramData\VSO
2017-01-13 17:35:22 ----D---- C:\WINDOWS\system32\Tasks
2017-01-07 20:48:36 ----D---- C:\WINDOWS\rescache
2017-01-06 19:39:19 ----D---- C:\WINDOWS\Tasks
2017-01-06 19:31:17 ----D---- C:\Program Files (x86)\Google
2017-01-04 21:52:51 ----D---- C:\Users\Adrian\AppData\Roaming\MPC-HC
2017-01-04 19:28:00 ----RSD---- C:\WINDOWS\assembly
2017-01-04 19:00:25 ----D---- C:\WINDOWS\debug
2017-01-04 18:59:16 ----D---- C:\WINDOWS\SoftwareDistribution
2017-01-04 18:52:49 ----D---- C:\Program Files\PDFCreator
2017-01-04 18:48:50 ----RD---- C:\Program Files
2017-01-03 23:23:09 ----AD---- C:\Program Files (x86)\HappyFoto-Designer
2017-01-03 19:16:24 ----D---- C:\Program Files\IDT
2017-01-03 18:48:07 ----D---- C:\WINDOWS\system32\LogFiles
2017-01-03 18:12:26 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-03 18:12:26 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-01-01 11:37:37 ----D---- C:\WINDOWS\SYSWOW64\oobe
2017-01-01 11:37:37 ----D---- C:\WINDOWS\SYSWOW64\en-US
2017-01-01 11:37:37 ----D---- C:\WINDOWS\SYSWOW64\Dism
2017-01-01 11:37:21 ----D---- C:\WINDOWS\system32\Sysprep
2017-01-01 11:37:21 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2017-01-01 11:37:20 ----D---- C:\WINDOWS\system32\en-US
2017-01-01 11:37:19 ----D---- C:\WINDOWS\system32\Dism
2017-01-01 11:37:09 ----D---- C:\WINDOWS\servicing
2017-01-01 11:37:08 ----D---- C:\WINDOWS\bcastdvr
2017-01-01 11:37:08 ----D---- C:\WINDOWS\AppPatch
2017-01-01 11:37:05 ----D---- C:\WINDOWS\system32\Boot
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-08-27 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-10-14 293352]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-07 644968]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2016-09-12 57400]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-08-27 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-08-27 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-09-18 969184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-09-28 513632]
R1 cfywlan2;@oem91.inf,%cfywlan2_Desc%;Connectify WLAN LightWeight Filter; C:\WINDOWS\system32\DRIVERS\cfywlan2.sys [2017-01-03 46088]
R1 cnnctfy4;@oem90.inf,%cnnctfy4_Desc%;Connectify LightWeight Filter; C:\WINDOWS\system32\DRIVERS\cnnctfy4.sys [2017-01-03 53216]
R1 dtsoftbus01;@oem38.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2015-01-12 283064]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-08-27 108816]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-08-27 163416]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 PEGAGFN;PEGAGFN; \??\C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [2009-09-11 14344]
R3 AmUStor;@oem9.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2013-06-25 109336]
R3 athr;@oem86.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2016-12-14 4251160]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-07-13 610336]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-10-05 84992]
R3 dtlitescsibus;@oem68.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-10-24 30264]
R3 dtliteusbbus;@oem72.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-10-24 47160]
R3 iwdbus;@oem32.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 38896]
R3 L1C;@oem35.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2013-07-18 130248]
R3 MarvinBus;@oem15.inf,%MarvinBus.SVCDESC%;Pinnacle Marvin Bus 64; C:\WINDOWS\System32\drivers\MarvinBus64.sys [2005-09-23 261120]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvtdwu.inf_amd64_b4dd93f8c89bf485\nvlddmkm.sys [2016-09-12 13754936]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-05-02 28216]
R3 nvvad_WaveExtensible;@oem42.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2016-04-14 56384]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-10-08 51392]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2015-07-23 561680]
R3 SynTP;@oem13.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-10-08 627392]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S2 athsgt;athsgt; C:\WINDOWS\system32\DRIVERS\athsgt.sys [2015-05-25 210944]
S2 limsgt;limsgt; C:\WINDOWS\system32\DRIVERS\limsgt.sys [2015-05-25 22528]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-08-27 37656]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-10-05 114176]
S3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2016-10-05 249856]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-10-05 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-11-11 967168]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-10-05 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iComp;Grabster AV 400 service; C:\WINDOWS\system32\DRIVERS\p2usbhum.sys [2012-11-30 1712424]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-10-17 39320]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-10-01 312448]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-08-27 197128]
R2 CDPUserSvc_3c1cbb5;CDPUserSvc_3c1cbb5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2016-12-14 257592]
R2 dts_apo_service;DTS APO Service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [2013-09-10 19792]
R2 GFNEXSrv;GFNEX Service; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [2013-03-27 163168]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-05-03 337888]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-04 131544]
R2 IntelBCAsvc;Intel(R) Biometric and Context Agent Service; C:\Program Files\Intel\BCA\pabeSvc64.exe [2016-05-06 3026584]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-04 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-04 390616]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-05-02 1881144]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-05-02 2522680]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-08-01 1365048]
R2 OneSyncSvc_3c1cbb5;Hostitel synchronizace_3c1cbb5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 RelevantKnowledge;RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [2013-08-17 186136]
R2 ScsiAccess;ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [2016-11-19 186760]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2015-07-23 350224]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-10-08 255168]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-05-02 3634232]
R3 PimIndexMaintenanceSvc_3c1cbb5;Data kontaktů_3c1cbb5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=%SystemRoot%\System32\CDPUserSvc.dll
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-11-18 1369432]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll"=%SystemRoot%\system32\FrameServer.dll
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\hvhostsvc.dll
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\irmon.dll
S3 MessagingService_3c1cbb5;Služba zasílání zpráv_3c1cbb5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-12-21 172488]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-31 242864]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\RMapi.dll
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll"=%systemroot%\system32\Windows.SharedPC.AccountManager.dll
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Moc prosím o preventivku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Moc prosím o preventivku
info.txt logfile of random's system information tool 1.14 2017-01-23 19:55:24
======MBR======
0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200EEFFFFFF01000000FFFFFFFF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA
======Uninstall list======
[20140322]-->"C:\Program Files (x86)\InstallShield Installation Information\{11D530CE-F649-45FA-84C0-5CD47F46CE2D}\setup.exe" -runfromtemp -l0x0409 -ADDREMOVE -removeonly <<Hidden
[2016/10/05 03:39:03]-->"C:\Program Files (x86)\TOSHIBA Games\Game Explorer Categories - genres\Uninstall.exe" <<Hidden
[2016/10/05 03:39:03]-->"C:\Program Files (x86)\TOSHIBA Games\Game Explorer Categories - main\Uninstall.exe" <<Hidden
[2016/11/07 19:53:55]-->C:\Program Files (x86)\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL <<Hidden
[2016/11/07 19:53:55]-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL <<Hidden
[2016/11/07 19:53:55]-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL <<Hidden
[2016/11/07 19:53:55]-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL <<Hidden
[2016/11/07 19:53:55]-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL <<Hidden
[2016/11/07 19:53:55]-->C:\WINDOWS\UNRecode.exe /UNINSTALL <<Hidden
Adobe Acrobat Reader DC - Czech [20170123]-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AC0F074E4100}
Adobe AIR [2016/11/07 22:13:35]-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR [20161105]-->MsiExec.exe /I{BBEC10F9-AC15-41EE-A271-0B1077F53740}
Adobe Flash Player 24 NPAPI [2017/01/17 16:06:58]-->C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_Plugin.exe -maintain plugin
Adobe Refresh Manager [20170113]-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001824211354}
Alcor Micro USB Card Reader [20140322]-->C:\Program Files (x86)\InstallShield Installation Information\{420ED767-62A5-462F-9DDA-AE3A95D4BF32}\setup.exe
Aloha TriPeaks [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Aloha TriPeaks\uninstall\uninstaller.exe"
Atheros Driver Installation Program [20140322]-->"C:\Program Files (x86)\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\setup.exe" -runfromtemp -removeonly
Avast Free Antivirus [2017/01/23 19:02:58]-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) [2016/10/05 03:38:47]-->C:\PROGRA~1\DIFX\F4092D~1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfdx6_95B9C4C4739674B910F22E6D0FB93B9D8DD7E72A\pccsmcfdx64.inf
Balíček ovladače systému Windows - TERRATEC (iComp) Media (05/12/2009 6.270.13.01) [2016/10/05 03:38:47]-->rundll32.exe C:\PROGRA~1\DIFX\ED00A7~1\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\grabster_av_400.inf_amd64_44af989246d0f13e\grabster_av_400.inf
Bejeweled 3 [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Bejeweled 3\uninstall\uninstaller.exe"
Beneton Movie GIF 1.1.2 [20170116]-->"C:\Program Files (x86)\Beneton Movie GIF\unins000.exe"
Capture NX-D [20151225]-->MsiExec.exe /X{794529D3-D489-4CF2-B2ED-CF241809E5EC}
CCleaner [2017/01/04 19:02:07]-->"C:\Program Files\CCleaner\uninst.exe"
Connectify 2016 [2017/01/04 19:02:07]-->C:\Program Files (x86)\Connectify\Uninstall.exe
CPUID HWMonitor 1.28 [20150901]-->"C:\Program Files\CPUID\HWMonitor\unins000.exe"
DAEMON Tools Lite [2016/10/24 21:06:51]-->C:\Program Files\DAEMON Tools Lite\uninst.exe
Definition Update for Microsoft Office 2016 (KB3115407) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{3DBF9257-2612-4385-BCE3-E9D4C41CC8CB}" "1029" "0"
Defraggler [2016/10/05 03:38:47]-->"C:\Program Files\Defraggler\uninst.exe"
DTS Sound [20140322]-->MsiExec.exe /X{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}
DVD Shrink 3.2 [2016/10/05 03:39:02]-->"C:\Program Files (x86)\DVD Shrink\unins000.exe"
DVDFab 9.1.7.1 (17/10/2014) [20150128]-->"C:\Program Files (x86)\DVDFab 9\unins000.exe"
Empress of the Deep - The Darkest Secret [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Empress of the Deep - The Darkest Secret\uninstall\uninstaller.exe"
Evernote [2016/10/05 03:39:02]-->C:\Program Files (x86)\Evernote_TLauncher\uninstall.exe
FormatFactory 3.6.0.0 [2016/10/05 03:39:02]-->C:\Program Files (x86)\FreeTime\FormatFactory\uninst.exe
Garmin City Navigator Europe NTU 2016.30 [20160523]-->MsiExec.exe /X{5E97BCC6-2F84-4966-9BC4-6CD97D6D3DC2}
Garmin USB Drivers [20150418]-->MsiExec.exe /X{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}
Google Chrome [20170106]-->"C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\setup.exe" --uninstall --multi-install --chrome --system-level --verbose-logging
Google Update Helper [20170106]-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Guitar Pro 5.2 [2016/10/05 03:39:02]-->"C:\Program Files (x86)\Guitar Pro 5\unins000.exe"
HappyFoto-Designer 5.4 [20150818]-->"C:\Program Files (x86)\HappyFoto-Designer\unins000.exe"
Hydrogen 0.9.6 preview release for windows [20161106]-->"C:\Program Files (x86)\Hydrogen\unins000.exe"
Chuzzle Deluxe [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Chuzzle Deluxe\uninstall\uninstaller.exe"
ICP 9.0 [20150728]-->"C:\Program Files\ImageConverter Plus\unins000.exe"
IDT Audio Driver [20140322]-->MsiExec.exe /X{588A747E-CFF6-46B3-9207-CD754F9473AF}
Intel Security True Key [2016/10/05 03:38:47]-->C:\Program Files\TrueKey\Mcafee.TrueKey.Uninstaller.Exe
Intel(R) Biometric and Context Agent [20160629]-->MsiExec.exe /X{C1424923-74F7-4399-B9D9-5F72FB1B9481}
Intel(R) Biometric and Context Agent Redistributables [20160629]-->MsiExec.exe /X{C3F24413-3E29-4979-A195-DEEB56F29B2A}
Intel(R) Management Engine Components [2016/10/05 03:39:03]-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics [2016/10/05 03:39:04]-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel(R) Rapid Storage Technology [20140322]-->MsiExec.exe /I{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}
Intel(R) Rapid Storage Technology [2016/10/05 03:38:47]-->"C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe" -uninstall
Intel® RealSense™ SDK 2014 Runtime (x64): Core [20160629]-->MsiExec.exe /X{37D41A97-6B02-4C30-8753-85107BE1D674}
Intel® Trusted Connect Service Client [20140322]-->MsiExec.exe /I{89AFB053-A343-46EF-97E4-D593AD7184E6}
Island Tribe [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Island Tribe\uninstall\uninstaller.exe"
JamManagerXT version 2.0 [20160725]-->"C:\Program Files (x86)\DigiTech\JamManagerXT\unins000.exe"
Java 8 Update 91 [20160421]-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218091F0}
Jewel Quest Solitaire 2 [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Jewel Quest Solitaire 2\uninstall\uninstaller.exe"
K-Lite Codec Pack 10.8.5 Standard [20141228]-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
Magic Academy [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Magic Academy\uninstall\uninstaller.exe"
MAGIX Burn routines [20150321]-->MsiExec.exe /X{712D74A5-4C3D-41E6-A850-1696E54B28CD}
MAGIX Video easy TERRATEC Edition [2016/10/05 03:39:02]-->"C:\Program Files (x86)\Common Files\MAGIX Services\Uninstall\{2FA06473-23F0-4372-8DD5-1EAE42503D93}\Video_easy_TERRATEC_Edition_setup.exe"
MAGIX Video easy TERRATEC Edition [20160201]-->MsiExec.exe /I{2FA06473-23F0-4372-8DD5-1EAE42503D93}
Microsoft Access MUI (Czech) 2016 [20160814]-->MsiExec.exe /X{90160000-0015-0405-1000-0000000FF1CE}
Microsoft ASP.NET MVC 4 Runtime [20150916]-->MsiExec.exe /X{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}
Microsoft DCF MUI (Czech) 2016 [20160814]-->MsiExec.exe /X{90160000-0090-0405-1000-0000000FF1CE}
Microsoft Excel MUI (Czech) 2016 [20170116]-->MsiExec.exe /X{90160000-0016-0405-1000-0000000FF1CE}
Microsoft Groove MUI (Czech) 2016 [20161217]-->MsiExec.exe /X{90160000-00BA-0405-1000-0000000FF1CE}
Microsoft InfoPath MUI (Czech) 2016 [20160814]-->MsiExec.exe /X{90160000-0044-0405-1000-0000000FF1CE}
Microsoft Office [20131128]-->MsiExec.exe /X{90150000-0138-0409-0000-0000000FF1CE}
Microsoft Office 32-bit Components 2016 [20170116]-->MsiExec.exe /X{90160000-00C1-0000-1000-0000000FF1CE}
Microsoft Office Korrekturhilfen 2016 – Deutsch [20170116]-->MsiExec.exe /X{90160000-001F-0407-1000-0000000FF1CE}
Microsoft Office OSM MUI (Czech) 2016 [20160814]-->MsiExec.exe /X{90160000-00E1-0405-1000-0000000FF1CE}
Microsoft Office OSM UX MUI (Czech) 2016 [20160814]-->MsiExec.exe /X{90160000-00E2-0405-1000-0000000FF1CE}
Microsoft Office Professional Plus 2016 [2017/01/16 18:27:30]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2016 [20170116]-->MsiExec.exe /X{90160000-0011-0000-1000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2016 [20160814]-->MsiExec.exe /X{90160000-002C-0405-1000-0000000FF1CE}
Microsoft Office Proofing Tools 2016 - English [20170116]-->MsiExec.exe /X{90160000-001F-0409-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (Czech) 2016 [20170116]-->MsiExec.exe /X{90160000-00C1-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2016 [20170116]-->MsiExec.exe /X{90160000-006E-0405-1000-0000000FF1CE}
Microsoft OneNote MUI (Czech) 2016 [20170116]-->MsiExec.exe /X{90160000-00A1-0405-1000-0000000FF1CE}
Microsoft Outlook MUI (Czech) 2016 [20170116]-->MsiExec.exe /X{90160000-001A-0405-1000-0000000FF1CE}
Microsoft PowerPoint MUI (Czech) 2016 [20170116]-->MsiExec.exe /X{90160000-0018-0405-1000-0000000FF1CE}
Microsoft Publisher MUI (Czech) 2016 [20161217]-->MsiExec.exe /X{90160000-0019-0405-1000-0000000FF1CE}
Microsoft Silverlight [20161013]-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Skype for Business MUI (Czech) 2016 [20170116]-->MsiExec.exe /X{90160000-012B-0405-1000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable [20151108]-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable [20160201]-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [20150321]-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [20150214]-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [20140322]-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [20140322]-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 [2016/10/05 03:39:03]-->"C:\ProgramData\Package Cache\{15134cb0-b767-4960-a911-f2d16ae54797}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 [2016/10/05 03:39:04]-->"C:\ProgramData\Package Cache\{d07b0db5-8dad-40e1-be90-88026298a46b}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 [2016/10/05 03:39:03]-->"C:\ProgramData\Package Cache\{22154f09-719a-4619-bb71-5b3356999fbf}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 [2016/10/05 03:39:03]-->"C:\ProgramData\Package Cache\{2749c485-3a8b-4533-92ff-7cf6e8221cff}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 [20151108]-->MsiExec.exe /X{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 [20140322]-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 [20151108]-->MsiExec.exe /X{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 [20140322]-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 [20151108]-->MsiExec.exe /X{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 [20140322]-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 [20151108]-->MsiExec.exe /X{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 [20140322]-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 [2016/10/05 03:39:03]-->"C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 [2016/10/05 03:39:04]-->"C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 [20151225]-->MsiExec.exe /X{929FBD26-9020-399B-9A7A-751D61F0B942}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 [20151225]-->MsiExec.exe /X{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 [20151225]-->MsiExec.exe /X{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 [20151225]-->MsiExec.exe /X{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}
Microsoft Word MUI (Czech) 2016 [20170116]-->MsiExec.exe /X{90160000-001B-0405-1000-0000000FF1CE}
Microsoft_VC100_CRT_SP1_x64 [20151118]-->MsiExec.exe /I{680EDA59-9266-44B4-949E-0C24F65DFF82}
Microsoft_VC100_CRT_SP1_x86 [20151118]-->MsiExec.exe /I{E3B64CC5-C011-40C0-92BC-7316CD5E5688}
Mozilla Firefox 50.1.0 (x86 cs) [2017/01/04 19:02:07]-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service [2016/12/21 22:40:47]-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MPEG Video Wizard DVD 5.0.1.104 (12/2011) [20160202]-->"C:\Program Files (x86)\Womble Multimedia\MPEG Video Wizard DVD 5.0\unins000.exe"
MS Video Player Components [2016/10/05 03:39:02]-->C:\Windows\UNWISE.EXE C:\Windows\Citi-Player.log
MSVC80_x64_v2 [20151118]-->MsiExec.exe /I{4D668D4F-FAA2-4726-834C-31F4614F312E}
MSVC80_x86_v2 [20151118]-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC90_x64 [20151118]-->MsiExec.exe /I{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}
MSVC90_x86 [20151118]-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSXML 4.0 SP3 Parser [20150321]-->MsiExec.exe /I{196467F1-C11F-4F76-858B-5812ADC83B94}
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština [20170116]-->MsiExec.exe /X{90160000-001F-0405-1000-0000000FF1CE}
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina [20170116]-->MsiExec.exe /X{90160000-001F-041B-1000-0000000FF1CE}
Native Instruments Traktor DJ Mixer v1.0 [2016/10/05 03:39:02]-->C:\PROGRA~2\NATIVE~1\TRAKTO~1\UNWISE.EXE C:\PROGRA~2\NATIVE~1\TRAKTO~1\INSTALL.LOG
Need for Speed Underground 2 [2016/10/05 03:39:03]-->C:\Program Files (x86)\EA GAMES\Need for Speed Underground 2\EAUninstall.exe
Nero 7 Premium [20161107]-->MsiExec.exe /I{4F2CE68F-EDBB-4592-BF07-5AC930A51029}
neroxml [20141228]-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nokia Connectivity Cable Driver [20151118]-->MsiExec.exe /I{29373274-977E-413C-A4DE-DC0F8E80C429}
Nokia Suite [20151118]-->MsiExec.exe /X{88B6F9DE-C80F-4A70-ACF6-BEE933679170}
Nokia Suite [2016/10/05 03:39:02]-->C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{88B6F9DE-C80F-4A70-ACF6-BEE933679170}\Installer.exe
NVIDIA Ovladače grafiky 368.22 [20160523]-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Systémový software PhysX 9.16.0318 [20160523]-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX
OpenAL [2016/10/05 03:39:02]-->"C:\Program Files (x86)\OpenAL\oalinst.exe" /U
Ovladače videa společnosti Pinnacle [20161017]-->MsiExec.exe /X{6DE721A5-5E89-4D74-994C-652BB3C0672E}
PC Connectivity Solution [20151118]-->MsiExec.exe /I{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}
PDFCreator [20160606]-->C:\Program Files\PDFCreator\unins000.exe
Peggle Nights [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Peggle Nights\uninstall\uninstaller.exe"
Photodex Presenter [2016/11/20 08:19:08]-->C:\Program Files (x86)\Photodex Presenter\remove.exe
Picture Control Utility 2 [20151225]-->MsiExec.exe /X{D4893C47-704F-4B84-8486-9DE4974ACA6F}
Pinnacle Studio 14 [20161017]-->MsiExec.exe /I{AADD1C8F-D59F-4D55-A726-768C71A205A8}
Pinnacle Studio Ultimate Collection Plugins [20161017]-->MsiExec.exe /I{F5C372A1-40F3-49DA-A049-F75CDE9177DC}
Plants vs. Zombies - Game of the Year [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Plants vs Zombies - Game of the Year\uninstall\uninstaller.exe"
Polar Bowler [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Polar Bowler\uninstall\uninstaller.exe"
Pomocník při upgradu na Windows 10 [2016/10/05 03:39:04]-->"C:\Windows10Upgrade\Windows10UpgraderApp.exe" /Uninstall
ProShow Producer [2016/12/21 18:28:36]-->C:\Program Files (x86)\Photodex\ProShow Producer\remove.exe
Qualcomm Atheros Bluetooth Suite (64) [20140322]-->MsiExec.exe /X{A84A4FB1-D703-48DB-89E0-68B6499D2801}
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver [20140322]-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -removeonly
RadioSure [2016/10/05 03:31:26]-->C:\Users\Adrian\AppData\Local\RadioSure\uninstall.exe
RealDownloader [20160725]-->MsiExec.exe /X{8D5E8DA1-0420-4A3B-9B29-8F3A00B32BDF}
Red Giant ToonIt Studio [2016/10/17 19:03:14]-->C:\WINDOWS\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 14\Plugins\RTFx\rgtoonitstudio.log
RelevantKnowledge [2017/01/17 16:06:03]-->C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe -bootremove -uninst:RelevantKnowledge
Revo Uninstaller 1.95 [2016/10/05 03:39:03]-->C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe
SafeZone Stable 1.51.2220.62 [2016/12/26 22:41:27]-->"C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" /uninstall
Security Update for Microsoft Office 2016 (KB3085538) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{5A84393A-E440-48A1-BB99-AD1244AC0C35}" "1029" "0"
Security Update for Microsoft Office 2016 (KB3085538) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{5A84393A-E440-48A1-BB99-AD1244AC0C35}" "1029" "0"
Security Update for Microsoft Office 2016 (KB3085635) 64-Bit Edition [2017/01/16 18:11:14]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-006E-0405-1000-0000000FF1CE}" "{0C1232DC-F66D-4C54-B5FB-FADF7C671AF0}" "1029" "0"
Security Update for Microsoft Office 2016 (KB3115135) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{02E071E3-BA0C-48C5-8D1E-6701065D1A3E}" "1029" "0"
Security Update for Microsoft Word 2016 (KB3128057) 64-Bit Edition [2017/01/16 17:33:23]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001A-0405-1000-0000000FF1CE}" "{7811C9C5-1869-425A-94E4-7BD94C881455}" "1029" "0"
Security Update for Microsoft Word 2016 (KB3128057) 64-Bit Edition [2017/01/16 17:48:24]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001B-0405-1000-0000000FF1CE}" "{7811C9C5-1869-425A-94E4-7BD94C881455}" "1029" "0"
Security Update for Microsoft Word 2016 (KB3128057) 64-Bit Edition [2017/01/16 17:48:43]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-012B-0405-1000-0000000FF1CE}" "{7811C9C5-1869-425A-94E4-7BD94C881455}" "1029" "0"
Security Update for Microsoft Word 2016 (KB3128057) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{7811C9C5-1869-425A-94E4-7BD94C881455}" "1029" "0"
Security Update for Microsoft Word 2016 (KB3128057) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{7811C9C5-1869-425A-94E4-7BD94C881455}" "1029" "0"
Security Update for Skype for Business 2016 (KB3115408) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{C5C666D0-D5BD-4FE8-BE51-938926DC58E1}" "1029" "0"
Sid Meier's Civilization IV Colonization [20161105]-->C:\Program Files (x86)\InstallShield Installation Information\{EF36A836-BF89-4A4F-B079-057B0C68C1E0}\setup.exe -runfromtemp -l0x0009 -removeonly
simplitec simplicheck [20150321]-->MsiExec.exe /X{1F52F36E-895D-4E01-B4D4-E23C4FA4193B}
SpeedFan (remove only) [2016/10/05 03:39:03]-->"C:\Program Files (x86)\SpeedFan\uninstall.exe"
Synaptics Pointing Device Driver [2016/10/05 03:24:26]-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TERRATEC Grabster AV 400 MX (64 Bit) [20160201]-->MsiExec.exe /I{0FB1F701-BA4B-403B-84DB-FB56D4EF5BC2}
Text-To-Speech-Runtime [20150321]-->MsiExec.exe /X{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}
TOSHIBA Addendum [20140322]-->"C:\Program Files (x86)\InstallShield Installation Information\{C1569944-FAD6-4B3B-85E5-C213C2FF8EFC}\setup.exe" -runfromtemp -l0x0409 -removeonly
TOSHIBA Desktop Assist [20160801]-->MsiExec.exe /X{C4CDCEF0-0A7A-4425-887C-33E39533D758}
TOSHIBA Display Utility [20140322]-->MsiExec.exe /X{5F6AC07E-50EF-422E-B56E-6521E5B35139}
TOSHIBA eco Utility [20140322]-->MsiExec.exe /X{5944B9D4-3C2A-48DE-931E-26B31714A2F7}
TOSHIBA Function Key [20140322]-->MsiExec.exe /X{16562A90-71BC-41A0-B890-D91B0C267120}
TOSHIBA Manuals [20140322]-->"C:\Program Files (x86)\InstallShield Installation Information\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}\setup.exe" -runfromtemp -l0x0409 -removeonly
TOSHIBA Password Utility [20140322]-->C:\Program Files (x86)\InstallShield Installation Information\{78931270-BC9E-441A-A52B-73ECD4ACFAB5}\setup.exe -runfromtemp -l0x0409
TOSHIBA PC Health Monitor [20160801]-->MsiExec.exe /X{B507386D-1F61-4E55-B05B-F56ACB0086B3}
TOSHIBA Recovery Media Creator [20131128]-->C:\Program Files (x86)\InstallShield Installation Information\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}\Setup.exe -runfromtemp -removeonly
TOSHIBA Service Station [20140322]-->MsiExec.exe /X{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}
TOSHIBA Start Screen Option [20140322]-->MsiExec.exe /X{06B71035-F19F-4F76-9875-FFCCD4FC3F83}
TOSHIBA System Driver [20140322]-->MsiExec.exe /X{1E6A96A1-2BAB-43EF-8087-30437593C66C}
TOSHIBA System Settings [20140322]-->MsiExec.exe /X{05A55927-DB9B-4E26-BA44-828EBFF829F0}
Toshiba TEMPRO [20151219]-->MsiExec.exe /X{F76F5214-83A8-4030-80C9-1EF57391D72A}
Trapcode Particular Studio [2016/10/17 19:03:42]-->C:\WINDOWS\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 14\Plugins\RTFx\tcparticularstudio.log
Trapcode Shine Studio [2016/10/17 19:03:05]-->C:\WINDOWS\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 14\Plugins\RTFx\tcshinestudio.log
Unity Web Player [2016/10/05 03:31:26]-->C:\Users\Adrian\AppData\Local\Unity\WebPlayer\Uninstall.exe /CurrentUser
Update for Microsoft Access 2016 (KB3115503) 64-Bit Edition [2017/01/16 18:11:00]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{E183D667-D01A-4D0C-BB7C-EDD0A7B9A452}" "1029" "0"
Update for Microsoft Access 2016 (KB3115503) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{E183D667-D01A-4D0C-BB7C-EDD0A7B9A452}" "1029" "0"
Update for Microsoft Excel 2016 (KB3141472) 64-Bit Edition [2017/01/16 17:46:50]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0016-0405-1000-0000000FF1CE}" "{29FC1F45-11AA-4BC9-97CB-B3C93F61379C}" "1029" "0"
Update for Microsoft Excel 2016 (KB3141472) 64-Bit Edition [2017/01/16 17:46:55]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0018-0405-1000-0000000FF1CE}" "{29FC1F45-11AA-4BC9-97CB-B3C93F61379C}" "1029" "0"
Update for Microsoft Excel 2016 (KB3141472) 64-Bit Edition [2017/01/16 17:48:24]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001B-0405-1000-0000000FF1CE}" "{29FC1F45-11AA-4BC9-97CB-B3C93F61379C}" "1029" "0"
Update for Microsoft Excel 2016 (KB3141472) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{29FC1F45-11AA-4BC9-97CB-B3C93F61379C}" "1029" "0"
Update for Microsoft Excel 2016 (KB3141472) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{29FC1F45-11AA-4BC9-97CB-B3C93F61379C}" "1029" "0"
Update for Microsoft Office 2016 (KB2910954) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{89B85BAE-5618-49A4-9C18-153202BDFC73}" "1029" "0"
Update for Microsoft Office 2016 (KB2910970) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{AAAF9852-CB71-4975-A7B4-0253B201E729}" "1029" "0"
Update for Microsoft Office 2016 (KB2910970) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{AAAF9852-CB71-4975-A7B4-0253B201E729}" "1029" "0"
Update for Microsoft Office 2016 (KB2910979) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{F556D361-9A36-47BC-94D8-9BC2C36EE333}" "1029" "0"
Update for Microsoft Office 2016 (KB2920678) 64-Bit Edition [2017/01/16 18:11:00]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{D6AE0D54-13A7-4B0D-A862-8AEF7D4796A6}" "1029" "0"
Update for Microsoft Office 2016 (KB2920678) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{D6AE0D54-13A7-4B0D-A862-8AEF7D4796A6}" "1029" "0"
Update for Microsoft Office 2016 (KB2920684) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{4D4432EE-ECE1-42CA-8B93-0916170C8252}" "1029" "0"
Update for Microsoft Office 2016 (KB2920712) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{A73D1FF5-0819-44C7-9294-FBDD4BA2F43B}" "1029" "0"
Update for Microsoft Office 2016 (KB2920720) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{8683D594-A08C-451F-82C3-51D6FB730A6C}" "1029" "0"
Update for Microsoft Office 2016 (KB2920724) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{AA7A282E-E962-4C45-9A74-16C49FD88FF1}" "1029" "0"
Update for Microsoft Office 2016 (KB3114709) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{B0D12818-1641-422F-9EB4-AC05243A4DD8}" "1029" "0"
Update for Microsoft Office 2016 (KB3114903) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{92281B72-2A8C-40A4-BD15-58CCDF7DEDB1}" "1029" "0"
Update for Microsoft Office 2016 (KB3115081) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{78D7B4DE-619F-4312-9707-DF354A48D110}" "1029" "0"
Update for Microsoft Office 2016 (KB3115100) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{5EA702B7-1613-4DCB-85E6-A9BD9327CE00}" "1029" "0"
Update for Microsoft Office 2016 (KB3115141) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{017D5158-921B-4578-A067-51B1824BC813}" "1029" "0"
Update for Microsoft Office 2016 (KB3115276) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{45610767-EC8C-44CD-9001-6845F626FCD5}" "1029" "0"
Update for Microsoft Office 2016 (KB3115278) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{82CCB421-CE9F-4A81-97F9-62AE1C8D4443}" "1029" "0"
Update for Microsoft Office 2016 (KB3115497) 64-Bit Edition [2017/01/16 17:46:50]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0016-0405-1000-0000000FF1CE}" "{B3E07438-40FC-4DAE-89E4-42BDE7309F3E}" "1029" "0"
Update for Microsoft Office 2016 (KB3115497) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{B3E07438-40FC-4DAE-89E4-42BDE7309F3E}" "1029" "0"
Update for Microsoft Office 2016 (KB3118262) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{7D634991-F4C0-4761-9F90-54F69A8199EB}" "1029" "0"
Update for Microsoft Office 2016 (KB3118263) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{94848838-9497-4F39-8294-CFB65614776A}" "1029" "0"
Update for Microsoft Office 2016 (KB3118264) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{B2437330-4140-4B97-8041-3D337D716DC9}" "1029" "0"
Update for Microsoft Office 2016 (KB3118324) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{255A6C61-37EB-4774-A5A4-3FB68B4EC351}" "1029" "0"
Update for Microsoft Office 2016 (KB3118338) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{2BDF2C08-EF2F-4099-8701-19E2D55B4DE4}" "1029" "0"
Update for Microsoft Office 2016 (KB3118338) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{2BDF2C08-EF2F-4099-8701-19E2D55B4DE4}" "1029" "0"
Update for Microsoft Office 2016 (KB3127982) 64-Bit Edition [2017/01/16 18:11:00]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{E99DC789-B370-4890-AF50-050D73E7E47C}" "1029" "0"
Update for Microsoft Office 2016 (KB3127982) 64-Bit Edition [2017/01/16 18:11:14]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-006E-0405-1000-0000000FF1CE}" "{E99DC789-B370-4890-AF50-050D73E7E47C}" "1029" "0"
Update for Microsoft Office 2016 (KB3127982) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{E99DC789-B370-4890-AF50-050D73E7E47C}" "1029" "0"
Update for Microsoft Office 2016 (KB3127983) 64-Bit Edition [2017/01/16 18:11:00]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{D23F101C-D088-4F47-8322-40893360C5FD}" "1029" "0"
Update for Microsoft Office 2016 (KB3127983) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{D23F101C-D088-4F47-8322-40893360C5FD}" "1029" "0"
Update for Microsoft Office 2016 (KB3127987) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{A000D80D-B929-4E84-BF46-AEA66BDE57C2}" "1029" "0"
Update for Microsoft Office 2016 (KB3127987) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{A000D80D-B929-4E84-BF46-AEA66BDE57C2}" "1029" "0"
Update for Microsoft Office 2016 (KB3127990) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{39BF944E-DB91-454D-96FB-8340166923C1}" "1029" "0"
Update for Microsoft Office 2016 (KB3127992) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{139BFCBD-3A22-4499-BDDA-010AF45F2569}" "1029" "0"
Update for Microsoft Office 2016 (KB3127992) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{139BFCBD-3A22-4499-BDDA-010AF45F2569}" "1029" "0"
Update for Microsoft Office 2016 (KB3128055) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{1A7DC839-B318-4E16-A27C-847DCE2B3197}" "1029" "0"
Update for Microsoft Office 2016 (KB3128055) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{1A7DC839-B318-4E16-A27C-847DCE2B3197}" "1029" "0"
Update for Microsoft Office 2016 (KB3128056) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{B4D4F607-8D6B-4933-9FC1-EF5FE3FF4495}" "1029" "0"
Update for Microsoft Office 2016 (KB3141451) 64-Bit Edition [2017/01/16 17:52:48]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001F-0405-1000-0000000FF1CE}" "{FE80B839-DCBF-4108-B921-8012603A2E62}" "1029" "0"
Update for Microsoft Office 2016 (KB3141451) 64-Bit Edition [2017/01/16 17:52:51]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001F-0407-1000-0000000FF1CE}" "{FE80B839-DCBF-4108-B921-8012603A2E62}" "1029" "0"
Update for Microsoft Office 2016 (KB3141451) 64-Bit Edition [2017/01/16 17:52:54]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001F-0409-1000-0000000FF1CE}" "{FE80B839-DCBF-4108-B921-8012603A2E62}" "1029" "0"
Update for Microsoft Office 2016 (KB3141451) 64-Bit Edition [2017/01/16 17:52:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001F-041B-1000-0000000FF1CE}" "{FE80B839-DCBF-4108-B921-8012603A2E62}" "1029" "0"
Update for Microsoft Office 2016 (KB3141451) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{FE80B839-DCBF-4108-B921-8012603A2E62}" "1029" "0"
Update for Microsoft Office 2016 (KB3141473) 64-Bit Edition [2017/01/16 18:10:45]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0405-1000-0000000FF1CE}" "{25433EC8-B7F8-4A99-A1E8-0E2A62FB8A90}" "1029" "0"
Update for Microsoft Office 2016 (KB3141473) 64-Bit Edition [2017/01/16 18:11:00]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{25433EC8-B7F8-4A99-A1E8-0E2A62FB8A90}" "1029" "0"
Update for Microsoft Office 2016 (KB3141473) 64-Bit Edition [2017/01/16 18:11:14]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-006E-0405-1000-0000000FF1CE}" "{25433EC8-B7F8-4A99-A1E8-0E2A62FB8A90}" "1029" "0"
Update for Microsoft Office 2016 (KB3141473) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{25433EC8-B7F8-4A99-A1E8-0E2A62FB8A90}" "1029" "0"
Update for Microsoft OneDrive for Business (KB3127993) 64-Bit Edition [2016/12/17 21:26:45]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00BA-0405-1000-0000000FF1CE}" "{441CC8AC-5E7C-45B0-9F42-3DE0779C4F84}" "1029" "0"
Update for Microsoft OneDrive for Business (KB3127993) 64-Bit Edition [2017/01/16 18:10:45]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0405-1000-0000000FF1CE}" "{441CC8AC-5E7C-45B0-9F42-3DE0779C4F84}" "1029" "0"
Update for Microsoft OneDrive for Business (KB3127993) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{441CC8AC-5E7C-45B0-9F42-3DE0779C4F84}" "1029" "0"
Update for Microsoft OneDrive for Business (KB3127993) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{441CC8AC-5E7C-45B0-9F42-3DE0779C4F84}" "1029" "0"
Update for Microsoft OneNote 2016 (KB3141455) 64-Bit Edition [2017/01/16 17:49:53]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00A1-0405-1000-0000000FF1CE}" "{41D0CE0F-F993-4E62-8DE4-87712DD24339}" "1029" "0"
Update for Microsoft OneNote 2016 (KB3141455) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{41D0CE0F-F993-4E62-8DE4-87712DD24339}" "1029" "0"
Update for Microsoft OneNote 2016 (KB3141455) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{41D0CE0F-F993-4E62-8DE4-87712DD24339}" "1029" "0"
Update for Microsoft Outlook 2016 (KB3141453) 64-Bit Edition [2017/01/16 17:33:23]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001A-0405-1000-0000000FF1CE}" "{C2AC43F3-3BB9-4059-BEE5-82F95DD9361B}" "1029" "0"
Update for Microsoft Outlook 2016 (KB3141453) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{C2AC43F3-3BB9-4059-BEE5-82F95DD9361B}" "1029" "0"
Update for Microsoft PowerPoint 2016 (KB3127981) 64-Bit Edition [2017/01/16 17:46:55]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0018-0405-1000-0000000FF1CE}" "{873C5316-48BA-4AC7-A6B4-109C1D5CC82C}" "1029" "0"
Update for Microsoft PowerPoint 2016 (KB3127981) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{873C5316-48BA-4AC7-A6B4-109C1D5CC82C}" "1029" "0"
Update for Microsoft PowerPoint 2016 (KB3127981) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{873C5316-48BA-4AC7-A6B4-109C1D5CC82C}" "1029" "0"
Update for Microsoft Project 2016 (KB3141459) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{2B08C80C-32F3-412F-8F1E-350FA72AA971}" "1029" "0"
Update for Microsoft Project 2016 (KB3141459) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{2B08C80C-32F3-412F-8F1E-350FA72AA971}" "1029" "0"
Update for Microsoft Publisher 2016 (KB3114368) 64-Bit Edition [2016/12/17 21:20:06]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0019-0405-1000-0000000FF1CE}" "{CE7F519F-34EB-4121-9170-0A1F53509666}" "1029" "0"
Update for Microsoft Publisher 2016 (KB3114368) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{CE7F519F-34EB-4121-9170-0A1F53509666}" "1029" "0"
Update for Microsoft Publisher 2016 (KB3114368) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{CE7F519F-34EB-4121-9170-0A1F53509666}" "1029" "0"
Update for Microsoft Visio 2016 (KB3128045) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{9E06EBEC-FD41-4727-BF64-BE5AC3A9F4A5}" "1029" "0"
Update for Microsoft Visio 2016 (KB3128045) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{9E06EBEC-FD41-4727-BF64-BE5AC3A9F4A5}" "1029" "0"
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition [2017/01/16 17:48:43]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-012B-0405-1000-0000000FF1CE}" "{801D5242-0189-4C99-977B-0C77DBD1F046}" "1029" "0"
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{801D5242-0189-4C99-977B-0C77DBD1F046}" "1029" "0"
Update Installer for WildTangent Games App [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildTangent Games\App\Uninstall.exe"
ViewNX-i [20151225]-->MsiExec.exe /X{C67A5551-26C1-4C7B-A9DF-AD148549D482}
Virtual Villagers 4 - The Tree of Life [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Virtual Villagers 4 - The Tree of Life\uninstall\uninstaller.exe"
VSO ConvertXToDVD [20150704]-->"C:\Program Files (x86)\VSO\ConvertX\5\unins000.exe"
Vulkan Run Time Libraries 1.0.11.1 [2016/10/05 03:38:47]-->C:\Program Files (x86)\VulkanRT\1.0.11.1\UninstallVulkanRT.exe
WD SmartWare [20161217]-->MsiExec.exe /X{604CB4FC-3D32-405F-A109-165F170529B6}
WildTangent Games [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Uninstall.exe"
WildTangent Games App (Toshiba Games) [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildTangent Games\Touchpoints\toshiba\Uninstall.exe"
Windows Driver Package - Digitech (usbser) Ports (04/24/2009 1.1.2600.0) [2016/10/05 03:38:47]-->C:\PROGRA~1\DIFX\E40478~1\DRIVER~1.EXE /u C:\Windows\System32\DriverStore\FileRepository\jamman.inf_amd64_45a890e19e31f99a\jamman.inf
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) [2016/10/05 03:38:47]-->rundll32.exe C:\PROGRA~1\DIFX\048B92~1\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\grmnusb.inf_amd64_d77b1dda68556870\grmnusb.inf
WinRAR 5.11 (32-bit) [2016/10/05 03:39:03]-->C:\Program Files (x86)\WinRAR\uninstall.exe
WinZip 20.0 [20160430]-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}
Xiph.Org Open Codecs 0.85.17777 [2016/10/05 03:39:02]-->C:\Program Files (x86)\Xiph.Org\Open Codecs\uninst.exe
Zoner Photo Studio 17 [20150214]-->"C:\Program Files\Zoner\Photo Studio 17\unins000.exe"
======System event log"======
Computer Name: Ochmánek
Event Code: 26
Message: Při spouštění byla použita jednorázová spouštěcí sekvence.
Record Number: 5
Source Name: Microsoft-Windows-Kernel-Boot
Time Written: 20161005021505.727231-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: Ochmánek
Event Code: 153
Message: Zabezpečení založené na virtualizaci (zásady: 0) je zakázáno se stavem STATUS_SUCCESS.
Record Number: 4
Source Name: Microsoft-Windows-Kernel-Boot
Time Written: 20161005021505.727178-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: Ochmánek
Event Code: 12
Message: Operační systém se spustil v systémovém čase 2016-10-05T02:15:05.498673500Z.
Record Number: 3
Source Name: Microsoft-Windows-Kernel-General
Time Written: 20161005021505.727121-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: Ochmánek
Event Code: 6005
Message: Služba Event Log byla spuštěna.
Record Number: 2
Source Name: EventLog
Time Written: 20161005021644.029733-000
Event Type: Informace
User:
Computer Name: Ochmánek
Event Code: 6009
Message: Microsoft (R) Windows (R) 10.00. 14393 Multiprocessor Free.
Record Number: 1
Source Name: EventLog
Time Written: 20161005021644.029733-000
Event Type: Informace
User:
=====Application event log"=====
Computer Name: Ochmánek
Event Code: 4097
Message: Úspěšná automatická aktualizace kořenového certifikátu jiného výrobce: Subjekt: <CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US> Kryptografický otisk SHA1: <4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5>.
Record Number: 5
Source Name: Microsoft-Windows-CAPI2
Time Written: 20161005021704.932593-000
Event Type: Informace
User:
Computer Name: Ochmánek
Event Code: 4097
Message: Úspěšná automatická aktualizace kořenového certifikátu jiného výrobce: Subjekt: <CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE> Kryptografický otisk SHA1: <B1BC968BD4F49D622AA89A81F2150152A41D829C>.
Record Number: 4
Source Name: Microsoft-Windows-CAPI2
Time Written: 20161005021701.202422-000
Event Type: Informace
User:
Computer Name: Ochmánek
Event Code: 5615
Message: Služba WMI (Windows Management Instrumentation) byla úspěšně spuštěna.
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20161005021651.827562-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: Ochmánek
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.
Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20161005021646.052508-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: OCHMANEK
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20161005021644.467253-000
Event Type: Informace
User:
=====Security event log"=====
Computer Name: Ochmánek
Event Code: 4688
Message: Byl vytvořen nový proces.
Tvůrčí subjekt:
ID zabezpečení: S-1-5-18
Název účtu: -
Doména účtu: -
Přihlašovací ID: 0x3E7
Cílový subjekt:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
Přihlašovací ID: 0x0
Informace o procesu:
ID nového procesu: 0x1a4
Název nového procesu: C:\Windows\System32\smss.exe
Typ zvýšení oprávnění tokenu: %%1936
Povinný štítek: S-1-16-16384
ID tvůrčího procesu: 0x14c
Název tvůrčího procesu: C:\Windows\System32\smss.exe
Příkazový řádek procesu:
Typ zvýšení oprávnění tokenu označuje typ tokenu, který byl přiřazen novému procesu v souladu se zásadami nástroje Řízení uživatelských účtů.
Typ 1 je úplný token, u kterého nebyla odebrána žádná oprávnění ani nebyly zakázány skupiny. Úplný token se používá pouze v případě, že je vypnut nástroj Řízení uživatelských účtů nebo pokud uživatel je integrovaný účet Administrator nebo účet služby.
Typ 2 je token se zvýšenými oprávněními, u kterého nebyla odebrána žádná oprávnění ani nebyly zakázány skupiny. Token se zvýšenými oprávněními se používá, pokud je zapnut nástroj Řízení uživatelských účtů a uživatel se rozhodne spustit program pomocí možnosti Spustit jako správce. Token se zvýšenými oprávněními se také používá, pokud je aplikace nakonfigurována tak, aby vždy vyžadovala oprávnění správce nebo maximální oprávnění, a uživatel je členem skupiny Administrators.
Typ 3 je omezený token s odebranými oprávněními správce a zakázanými skupinami pro správu. Omezený token se používá, pokud je zapnut nástroj Řízení uživatelských účtů, aplikace nevyžaduje oprávnění správce a uživatel se nerozhodne spustit program pomocí možnosti Spustit jako správce.
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20161005021551.922556-000
Event Type: Úspěšný audit
User:
Computer Name: Ochmánek
Event Code: 4688
Message: Byl vytvořen nový proces.
Tvůrčí subjekt:
ID zabezpečení: S-1-5-18
Název účtu: -
Doména účtu: -
Přihlašovací ID: 0x3E7
Cílový subjekt:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
Přihlašovací ID: 0x0
Informace o procesu:
ID nového procesu: 0x198
Název nového procesu: C:\Windows\System32\setupcl.exe
Typ zvýšení oprávnění tokenu: %%1936
Povinný štítek: S-1-16-16384
ID tvůrčího procesu: 0x14c
Název tvůrčího procesu: C:\Windows\System32\smss.exe
Příkazový řádek procesu:
Typ zvýšení oprávnění tokenu označuje typ tokenu, který byl přiřazen novému procesu v souladu se zásadami nástroje Řízení uživatelských účtů.
Typ 1 je úplný token, u kterého nebyla odebrána žádná oprávnění ani nebyly zakázány skupiny. Úplný token se používá pouze v případě, že je vypnut nástroj Řízení uživatelských účtů nebo pokud uživatel je integrovaný účet Administrator nebo účet služby.
Typ 2 je token se zvýšenými oprávněními, u kterého nebyla odebrána žádná oprávnění ani nebyly zakázány skupiny. Token se zvýšenými oprávněními se používá, pokud je zapnut nástroj Řízení uživatelských účtů a uživatel se rozhodne spustit program pomocí možnosti Spustit jako správce. Token se zvýšenými oprávněními se také používá, pokud je aplikace nakonfigurována tak, aby vždy vyžadovala oprávnění správce nebo maximální oprávnění, a uživatel je členem skupiny Administrators.
Typ 3 je omezený token s odebranými oprávněními správce a zakázanými skupinami pro správu. Omezený token se používá, pokud je zapnut nástroj Řízení uživatelských účtů, aplikace nevyžaduje oprávnění správce a uživatel se nerozhodne spustit program pomocí možnosti Spustit jako správce.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20161005021537.373224-000
Event Type: Úspěšný audit
User:
Computer Name: Ochmánek
Event Code: 4688
Message: Byl vytvořen nový proces.
Tvůrčí subjekt:
ID zabezpečení: S-1-5-18
Název účtu: -
Doména účtu: -
Přihlašovací ID: 0x3E7
Cílový subjekt:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
Přihlašovací ID: 0x0
Informace o procesu:
ID nového procesu: 0x158
Název nového procesu: C:\Windows\System32\autochk.exe
Typ zvýšení oprávnění tokenu: %%1936
Povinný štítek: S-1-16-16384
ID tvůrčího procesu: 0x14c
Název tvůrčího procesu: C:\Windows\System32\smss.exe
Příkazový řádek procesu:
Typ zvýšení oprávnění tokenu označuje typ tokenu, který byl přiřazen novému procesu v souladu se zásadami nástroje Řízení uživatelských účtů.
Typ 1 je úplný token, u kterého nebyla odebrána žádná oprávnění ani nebyly zakázány skupiny. Úplný token se používá pouze v případě, že je vypnut nástroj Řízení uživatelských účtů nebo pokud uživatel je integrovaný účet Administrator nebo účet služby.
Typ 2 je token se zvýšenými oprávněními, u kterého nebyla odebrána žádná oprávnění ani nebyly zakázány skupiny. Token se zvýšenými oprávněními se používá, pokud je zapnut nástroj Řízení uživatelských účtů a uživatel se rozhodne spustit program pomocí možnosti Spustit jako správce. Token se zvýšenými oprávněními se také používá, pokud je aplikace nakonfigurována tak, aby vždy vyžadovala oprávnění správce nebo maximální oprávnění, a uživatel je členem skupiny Administrators.
Typ 3 je omezený token s odebranými oprávněními správce a zakázanými skupinami pro správu. Omezený token se používá, pokud je zapnut nástroj Řízení uživatelských účtů, aplikace nevyžaduje oprávnění správce a uživatel se nerozhodne spustit program pomocí možnosti Spustit jako správce.
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20161005021532.693877-000
Event Type: Úspěšný audit
User:
Computer Name: Ochmánek
Event Code: 4688
Message: Byl vytvořen nový proces.
Tvůrčí subjekt:
ID zabezpečení: S-1-5-18
Název účtu: -
Doména účtu: -
Přihlašovací ID: 0x3E7
Cílový subjekt:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
Přihlašovací ID: 0x0
Informace o procesu:
ID nového procesu: 0x14c
Název nového procesu: C:\Windows\System32\smss.exe
Typ zvýšení oprávnění tokenu: %%1936
Povinný štítek: S-1-16-16384
ID tvůrčího procesu: 0x4
Název tvůrčího procesu:
Příkazový řádek procesu:
Typ zvýšení oprávnění tokenu označuje typ tokenu, který byl přiřazen novému procesu v souladu se zásadami nástroje Řízení uživatelských účtů.
Typ 1 je úplný token, u kterého nebyla odebrána žádná oprávnění ani nebyly zakázány skupiny. Úplný token se používá pouze v případě, že je vypnut nástroj Řízení uživatelských účtů nebo pokud uživatel je integrovaný účet Administrator nebo účet služby.
Typ 2 je token se zvýšenými oprávněními, u kterého nebyla odebrána žádná oprávnění ani nebyly zakázány skupiny. Token se zvýšenými oprávněními se používá, pokud je zapnut nástroj Řízení uživatelských účtů a uživatel se rozhodne spustit program pomocí možnosti Spustit jako správce. Token se zvýšenými oprávněními se také používá, pokud je aplikace nakonfigurována tak, aby vždy vyžadovala oprávnění správce nebo maximální oprávnění, a uživatel je členem skupiny Administrators.
Typ 3 je omezený token s odebranými oprávněními správce a zakázanými skupinami pro správu. Omezený token se používá, pokud je zapnut nástroj Řízení uživatelských účtů, aplikace nevyžaduje oprávnění správce a uživatel se nerozhodne spustit program pomocí možnosti Spustit jako správce.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20161005021532.565816-000
Event Type: Úspěšný audit
User:
Computer Name: Ochmánek
Event Code: 4826
Message: Načetla se konfigurační data spouštění.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: -
Doména účtu: -
ID přihlášení: 0x3E7
Obecné nastavení:
Možnosti načtení: -
Upřesňující možnosti: Ne
Zásady přístupu ke konfiguraci: Výchozí
Protokolování systémových událostí: Ne
Ladění jádra: Ne
Typ spuštění VSM: Vypnuto
Nastavení podpisu:
Testovací podepsání: Ne
Podepsání za běhu: Ne
Zakázat kontroly integrity: Ne
Nastavení HyperVisoru:
Možnosti načtení HyperVisoru: -
Typ spuštění HyperVisoru: Vypnuto
Ladění HyperVisoru: Ne
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20161005021532.523524-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"OS"=Windows_NT
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=3a09
"FP_NO_HOST_CHECK"=NO
"Path"=C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ImageConverter Plus;;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Pinnacle\Shared Files\
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
-----------------EOF-----------------
======MBR======
0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200EEFFFFFF01000000FFFFFFFF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA
======Uninstall list======
[20140322]-->"C:\Program Files (x86)\InstallShield Installation Information\{11D530CE-F649-45FA-84C0-5CD47F46CE2D}\setup.exe" -runfromtemp -l0x0409 -ADDREMOVE -removeonly <<Hidden
[2016/10/05 03:39:03]-->"C:\Program Files (x86)\TOSHIBA Games\Game Explorer Categories - genres\Uninstall.exe" <<Hidden
[2016/10/05 03:39:03]-->"C:\Program Files (x86)\TOSHIBA Games\Game Explorer Categories - main\Uninstall.exe" <<Hidden
[2016/11/07 19:53:55]-->C:\Program Files (x86)\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL <<Hidden
[2016/11/07 19:53:55]-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL <<Hidden
[2016/11/07 19:53:55]-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL <<Hidden
[2016/11/07 19:53:55]-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL <<Hidden
[2016/11/07 19:53:55]-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL <<Hidden
[2016/11/07 19:53:55]-->C:\WINDOWS\UNRecode.exe /UNINSTALL <<Hidden
Adobe Acrobat Reader DC - Czech [20170123]-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AC0F074E4100}
Adobe AIR [2016/11/07 22:13:35]-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR [20161105]-->MsiExec.exe /I{BBEC10F9-AC15-41EE-A271-0B1077F53740}
Adobe Flash Player 24 NPAPI [2017/01/17 16:06:58]-->C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_Plugin.exe -maintain plugin
Adobe Refresh Manager [20170113]-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001824211354}
Alcor Micro USB Card Reader [20140322]-->C:\Program Files (x86)\InstallShield Installation Information\{420ED767-62A5-462F-9DDA-AE3A95D4BF32}\setup.exe
Aloha TriPeaks [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Aloha TriPeaks\uninstall\uninstaller.exe"
Atheros Driver Installation Program [20140322]-->"C:\Program Files (x86)\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\setup.exe" -runfromtemp -removeonly
Avast Free Antivirus [2017/01/23 19:02:58]-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) [2016/10/05 03:38:47]-->C:\PROGRA~1\DIFX\F4092D~1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfdx6_95B9C4C4739674B910F22E6D0FB93B9D8DD7E72A\pccsmcfdx64.inf
Balíček ovladače systému Windows - TERRATEC (iComp) Media (05/12/2009 6.270.13.01) [2016/10/05 03:38:47]-->rundll32.exe C:\PROGRA~1\DIFX\ED00A7~1\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\grabster_av_400.inf_amd64_44af989246d0f13e\grabster_av_400.inf
Bejeweled 3 [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Bejeweled 3\uninstall\uninstaller.exe"
Beneton Movie GIF 1.1.2 [20170116]-->"C:\Program Files (x86)\Beneton Movie GIF\unins000.exe"
Capture NX-D [20151225]-->MsiExec.exe /X{794529D3-D489-4CF2-B2ED-CF241809E5EC}
CCleaner [2017/01/04 19:02:07]-->"C:\Program Files\CCleaner\uninst.exe"
Connectify 2016 [2017/01/04 19:02:07]-->C:\Program Files (x86)\Connectify\Uninstall.exe
CPUID HWMonitor 1.28 [20150901]-->"C:\Program Files\CPUID\HWMonitor\unins000.exe"
DAEMON Tools Lite [2016/10/24 21:06:51]-->C:\Program Files\DAEMON Tools Lite\uninst.exe
Definition Update for Microsoft Office 2016 (KB3115407) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{3DBF9257-2612-4385-BCE3-E9D4C41CC8CB}" "1029" "0"
Defraggler [2016/10/05 03:38:47]-->"C:\Program Files\Defraggler\uninst.exe"
DTS Sound [20140322]-->MsiExec.exe /X{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}
DVD Shrink 3.2 [2016/10/05 03:39:02]-->"C:\Program Files (x86)\DVD Shrink\unins000.exe"
DVDFab 9.1.7.1 (17/10/2014) [20150128]-->"C:\Program Files (x86)\DVDFab 9\unins000.exe"
Empress of the Deep - The Darkest Secret [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Empress of the Deep - The Darkest Secret\uninstall\uninstaller.exe"
Evernote [2016/10/05 03:39:02]-->C:\Program Files (x86)\Evernote_TLauncher\uninstall.exe
FormatFactory 3.6.0.0 [2016/10/05 03:39:02]-->C:\Program Files (x86)\FreeTime\FormatFactory\uninst.exe
Garmin City Navigator Europe NTU 2016.30 [20160523]-->MsiExec.exe /X{5E97BCC6-2F84-4966-9BC4-6CD97D6D3DC2}
Garmin USB Drivers [20150418]-->MsiExec.exe /X{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}
Google Chrome [20170106]-->"C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\setup.exe" --uninstall --multi-install --chrome --system-level --verbose-logging
Google Update Helper [20170106]-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Guitar Pro 5.2 [2016/10/05 03:39:02]-->"C:\Program Files (x86)\Guitar Pro 5\unins000.exe"
HappyFoto-Designer 5.4 [20150818]-->"C:\Program Files (x86)\HappyFoto-Designer\unins000.exe"
Hydrogen 0.9.6 preview release for windows [20161106]-->"C:\Program Files (x86)\Hydrogen\unins000.exe"
Chuzzle Deluxe [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Chuzzle Deluxe\uninstall\uninstaller.exe"
ICP 9.0 [20150728]-->"C:\Program Files\ImageConverter Plus\unins000.exe"
IDT Audio Driver [20140322]-->MsiExec.exe /X{588A747E-CFF6-46B3-9207-CD754F9473AF}
Intel Security True Key [2016/10/05 03:38:47]-->C:\Program Files\TrueKey\Mcafee.TrueKey.Uninstaller.Exe
Intel(R) Biometric and Context Agent [20160629]-->MsiExec.exe /X{C1424923-74F7-4399-B9D9-5F72FB1B9481}
Intel(R) Biometric and Context Agent Redistributables [20160629]-->MsiExec.exe /X{C3F24413-3E29-4979-A195-DEEB56F29B2A}
Intel(R) Management Engine Components [2016/10/05 03:39:03]-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics [2016/10/05 03:39:04]-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel(R) Rapid Storage Technology [20140322]-->MsiExec.exe /I{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}
Intel(R) Rapid Storage Technology [2016/10/05 03:38:47]-->"C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe" -uninstall
Intel® RealSense™ SDK 2014 Runtime (x64): Core [20160629]-->MsiExec.exe /X{37D41A97-6B02-4C30-8753-85107BE1D674}
Intel® Trusted Connect Service Client [20140322]-->MsiExec.exe /I{89AFB053-A343-46EF-97E4-D593AD7184E6}
Island Tribe [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Island Tribe\uninstall\uninstaller.exe"
JamManagerXT version 2.0 [20160725]-->"C:\Program Files (x86)\DigiTech\JamManagerXT\unins000.exe"
Java 8 Update 91 [20160421]-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218091F0}
Jewel Quest Solitaire 2 [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Jewel Quest Solitaire 2\uninstall\uninstaller.exe"
K-Lite Codec Pack 10.8.5 Standard [20141228]-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
Magic Academy [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Magic Academy\uninstall\uninstaller.exe"
MAGIX Burn routines [20150321]-->MsiExec.exe /X{712D74A5-4C3D-41E6-A850-1696E54B28CD}
MAGIX Video easy TERRATEC Edition [2016/10/05 03:39:02]-->"C:\Program Files (x86)\Common Files\MAGIX Services\Uninstall\{2FA06473-23F0-4372-8DD5-1EAE42503D93}\Video_easy_TERRATEC_Edition_setup.exe"
MAGIX Video easy TERRATEC Edition [20160201]-->MsiExec.exe /I{2FA06473-23F0-4372-8DD5-1EAE42503D93}
Microsoft Access MUI (Czech) 2016 [20160814]-->MsiExec.exe /X{90160000-0015-0405-1000-0000000FF1CE}
Microsoft ASP.NET MVC 4 Runtime [20150916]-->MsiExec.exe /X{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}
Microsoft DCF MUI (Czech) 2016 [20160814]-->MsiExec.exe /X{90160000-0090-0405-1000-0000000FF1CE}
Microsoft Excel MUI (Czech) 2016 [20170116]-->MsiExec.exe /X{90160000-0016-0405-1000-0000000FF1CE}
Microsoft Groove MUI (Czech) 2016 [20161217]-->MsiExec.exe /X{90160000-00BA-0405-1000-0000000FF1CE}
Microsoft InfoPath MUI (Czech) 2016 [20160814]-->MsiExec.exe /X{90160000-0044-0405-1000-0000000FF1CE}
Microsoft Office [20131128]-->MsiExec.exe /X{90150000-0138-0409-0000-0000000FF1CE}
Microsoft Office 32-bit Components 2016 [20170116]-->MsiExec.exe /X{90160000-00C1-0000-1000-0000000FF1CE}
Microsoft Office Korrekturhilfen 2016 – Deutsch [20170116]-->MsiExec.exe /X{90160000-001F-0407-1000-0000000FF1CE}
Microsoft Office OSM MUI (Czech) 2016 [20160814]-->MsiExec.exe /X{90160000-00E1-0405-1000-0000000FF1CE}
Microsoft Office OSM UX MUI (Czech) 2016 [20160814]-->MsiExec.exe /X{90160000-00E2-0405-1000-0000000FF1CE}
Microsoft Office Professional Plus 2016 [2017/01/16 18:27:30]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2016 [20170116]-->MsiExec.exe /X{90160000-0011-0000-1000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2016 [20160814]-->MsiExec.exe /X{90160000-002C-0405-1000-0000000FF1CE}
Microsoft Office Proofing Tools 2016 - English [20170116]-->MsiExec.exe /X{90160000-001F-0409-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (Czech) 2016 [20170116]-->MsiExec.exe /X{90160000-00C1-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2016 [20170116]-->MsiExec.exe /X{90160000-006E-0405-1000-0000000FF1CE}
Microsoft OneNote MUI (Czech) 2016 [20170116]-->MsiExec.exe /X{90160000-00A1-0405-1000-0000000FF1CE}
Microsoft Outlook MUI (Czech) 2016 [20170116]-->MsiExec.exe /X{90160000-001A-0405-1000-0000000FF1CE}
Microsoft PowerPoint MUI (Czech) 2016 [20170116]-->MsiExec.exe /X{90160000-0018-0405-1000-0000000FF1CE}
Microsoft Publisher MUI (Czech) 2016 [20161217]-->MsiExec.exe /X{90160000-0019-0405-1000-0000000FF1CE}
Microsoft Silverlight [20161013]-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Skype for Business MUI (Czech) 2016 [20170116]-->MsiExec.exe /X{90160000-012B-0405-1000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable [20151108]-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable [20160201]-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [20150321]-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [20150214]-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [20140322]-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [20140322]-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 [2016/10/05 03:39:03]-->"C:\ProgramData\Package Cache\{15134cb0-b767-4960-a911-f2d16ae54797}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 [2016/10/05 03:39:04]-->"C:\ProgramData\Package Cache\{d07b0db5-8dad-40e1-be90-88026298a46b}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 [2016/10/05 03:39:03]-->"C:\ProgramData\Package Cache\{22154f09-719a-4619-bb71-5b3356999fbf}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 [2016/10/05 03:39:03]-->"C:\ProgramData\Package Cache\{2749c485-3a8b-4533-92ff-7cf6e8221cff}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 [20151108]-->MsiExec.exe /X{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 [20140322]-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 [20151108]-->MsiExec.exe /X{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 [20140322]-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 [20151108]-->MsiExec.exe /X{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 [20140322]-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 [20151108]-->MsiExec.exe /X{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 [20140322]-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 [2016/10/05 03:39:03]-->"C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 [2016/10/05 03:39:04]-->"C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 [20151225]-->MsiExec.exe /X{929FBD26-9020-399B-9A7A-751D61F0B942}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 [20151225]-->MsiExec.exe /X{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 [20151225]-->MsiExec.exe /X{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 [20151225]-->MsiExec.exe /X{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}
Microsoft Word MUI (Czech) 2016 [20170116]-->MsiExec.exe /X{90160000-001B-0405-1000-0000000FF1CE}
Microsoft_VC100_CRT_SP1_x64 [20151118]-->MsiExec.exe /I{680EDA59-9266-44B4-949E-0C24F65DFF82}
Microsoft_VC100_CRT_SP1_x86 [20151118]-->MsiExec.exe /I{E3B64CC5-C011-40C0-92BC-7316CD5E5688}
Mozilla Firefox 50.1.0 (x86 cs) [2017/01/04 19:02:07]-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service [2016/12/21 22:40:47]-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MPEG Video Wizard DVD 5.0.1.104 (12/2011) [20160202]-->"C:\Program Files (x86)\Womble Multimedia\MPEG Video Wizard DVD 5.0\unins000.exe"
MS Video Player Components [2016/10/05 03:39:02]-->C:\Windows\UNWISE.EXE C:\Windows\Citi-Player.log
MSVC80_x64_v2 [20151118]-->MsiExec.exe /I{4D668D4F-FAA2-4726-834C-31F4614F312E}
MSVC80_x86_v2 [20151118]-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC90_x64 [20151118]-->MsiExec.exe /I{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}
MSVC90_x86 [20151118]-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSXML 4.0 SP3 Parser [20150321]-->MsiExec.exe /I{196467F1-C11F-4F76-858B-5812ADC83B94}
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština [20170116]-->MsiExec.exe /X{90160000-001F-0405-1000-0000000FF1CE}
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina [20170116]-->MsiExec.exe /X{90160000-001F-041B-1000-0000000FF1CE}
Native Instruments Traktor DJ Mixer v1.0 [2016/10/05 03:39:02]-->C:\PROGRA~2\NATIVE~1\TRAKTO~1\UNWISE.EXE C:\PROGRA~2\NATIVE~1\TRAKTO~1\INSTALL.LOG
Need for Speed Underground 2 [2016/10/05 03:39:03]-->C:\Program Files (x86)\EA GAMES\Need for Speed Underground 2\EAUninstall.exe
Nero 7 Premium [20161107]-->MsiExec.exe /I{4F2CE68F-EDBB-4592-BF07-5AC930A51029}
neroxml [20141228]-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nokia Connectivity Cable Driver [20151118]-->MsiExec.exe /I{29373274-977E-413C-A4DE-DC0F8E80C429}
Nokia Suite [20151118]-->MsiExec.exe /X{88B6F9DE-C80F-4A70-ACF6-BEE933679170}
Nokia Suite [2016/10/05 03:39:02]-->C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{88B6F9DE-C80F-4A70-ACF6-BEE933679170}\Installer.exe
NVIDIA Ovladače grafiky 368.22 [20160523]-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Systémový software PhysX 9.16.0318 [20160523]-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX
OpenAL [2016/10/05 03:39:02]-->"C:\Program Files (x86)\OpenAL\oalinst.exe" /U
Ovladače videa společnosti Pinnacle [20161017]-->MsiExec.exe /X{6DE721A5-5E89-4D74-994C-652BB3C0672E}
PC Connectivity Solution [20151118]-->MsiExec.exe /I{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}
PDFCreator [20160606]-->C:\Program Files\PDFCreator\unins000.exe
Peggle Nights [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Peggle Nights\uninstall\uninstaller.exe"
Photodex Presenter [2016/11/20 08:19:08]-->C:\Program Files (x86)\Photodex Presenter\remove.exe
Picture Control Utility 2 [20151225]-->MsiExec.exe /X{D4893C47-704F-4B84-8486-9DE4974ACA6F}
Pinnacle Studio 14 [20161017]-->MsiExec.exe /I{AADD1C8F-D59F-4D55-A726-768C71A205A8}
Pinnacle Studio Ultimate Collection Plugins [20161017]-->MsiExec.exe /I{F5C372A1-40F3-49DA-A049-F75CDE9177DC}
Plants vs. Zombies - Game of the Year [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Plants vs Zombies - Game of the Year\uninstall\uninstaller.exe"
Polar Bowler [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Polar Bowler\uninstall\uninstaller.exe"
Pomocník při upgradu na Windows 10 [2016/10/05 03:39:04]-->"C:\Windows10Upgrade\Windows10UpgraderApp.exe" /Uninstall
ProShow Producer [2016/12/21 18:28:36]-->C:\Program Files (x86)\Photodex\ProShow Producer\remove.exe
Qualcomm Atheros Bluetooth Suite (64) [20140322]-->MsiExec.exe /X{A84A4FB1-D703-48DB-89E0-68B6499D2801}
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver [20140322]-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -removeonly
RadioSure [2016/10/05 03:31:26]-->C:\Users\Adrian\AppData\Local\RadioSure\uninstall.exe
RealDownloader [20160725]-->MsiExec.exe /X{8D5E8DA1-0420-4A3B-9B29-8F3A00B32BDF}
Red Giant ToonIt Studio [2016/10/17 19:03:14]-->C:\WINDOWS\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 14\Plugins\RTFx\rgtoonitstudio.log
RelevantKnowledge [2017/01/17 16:06:03]-->C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe -bootremove -uninst:RelevantKnowledge
Revo Uninstaller 1.95 [2016/10/05 03:39:03]-->C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe
SafeZone Stable 1.51.2220.62 [2016/12/26 22:41:27]-->"C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" /uninstall
Security Update for Microsoft Office 2016 (KB3085538) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{5A84393A-E440-48A1-BB99-AD1244AC0C35}" "1029" "0"
Security Update for Microsoft Office 2016 (KB3085538) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{5A84393A-E440-48A1-BB99-AD1244AC0C35}" "1029" "0"
Security Update for Microsoft Office 2016 (KB3085635) 64-Bit Edition [2017/01/16 18:11:14]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-006E-0405-1000-0000000FF1CE}" "{0C1232DC-F66D-4C54-B5FB-FADF7C671AF0}" "1029" "0"
Security Update for Microsoft Office 2016 (KB3115135) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{02E071E3-BA0C-48C5-8D1E-6701065D1A3E}" "1029" "0"
Security Update for Microsoft Word 2016 (KB3128057) 64-Bit Edition [2017/01/16 17:33:23]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001A-0405-1000-0000000FF1CE}" "{7811C9C5-1869-425A-94E4-7BD94C881455}" "1029" "0"
Security Update for Microsoft Word 2016 (KB3128057) 64-Bit Edition [2017/01/16 17:48:24]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001B-0405-1000-0000000FF1CE}" "{7811C9C5-1869-425A-94E4-7BD94C881455}" "1029" "0"
Security Update for Microsoft Word 2016 (KB3128057) 64-Bit Edition [2017/01/16 17:48:43]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-012B-0405-1000-0000000FF1CE}" "{7811C9C5-1869-425A-94E4-7BD94C881455}" "1029" "0"
Security Update for Microsoft Word 2016 (KB3128057) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{7811C9C5-1869-425A-94E4-7BD94C881455}" "1029" "0"
Security Update for Microsoft Word 2016 (KB3128057) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{7811C9C5-1869-425A-94E4-7BD94C881455}" "1029" "0"
Security Update for Skype for Business 2016 (KB3115408) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{C5C666D0-D5BD-4FE8-BE51-938926DC58E1}" "1029" "0"
Sid Meier's Civilization IV Colonization [20161105]-->C:\Program Files (x86)\InstallShield Installation Information\{EF36A836-BF89-4A4F-B079-057B0C68C1E0}\setup.exe -runfromtemp -l0x0009 -removeonly
simplitec simplicheck [20150321]-->MsiExec.exe /X{1F52F36E-895D-4E01-B4D4-E23C4FA4193B}
SpeedFan (remove only) [2016/10/05 03:39:03]-->"C:\Program Files (x86)\SpeedFan\uninstall.exe"
Synaptics Pointing Device Driver [2016/10/05 03:24:26]-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TERRATEC Grabster AV 400 MX (64 Bit) [20160201]-->MsiExec.exe /I{0FB1F701-BA4B-403B-84DB-FB56D4EF5BC2}
Text-To-Speech-Runtime [20150321]-->MsiExec.exe /X{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}
TOSHIBA Addendum [20140322]-->"C:\Program Files (x86)\InstallShield Installation Information\{C1569944-FAD6-4B3B-85E5-C213C2FF8EFC}\setup.exe" -runfromtemp -l0x0409 -removeonly
TOSHIBA Desktop Assist [20160801]-->MsiExec.exe /X{C4CDCEF0-0A7A-4425-887C-33E39533D758}
TOSHIBA Display Utility [20140322]-->MsiExec.exe /X{5F6AC07E-50EF-422E-B56E-6521E5B35139}
TOSHIBA eco Utility [20140322]-->MsiExec.exe /X{5944B9D4-3C2A-48DE-931E-26B31714A2F7}
TOSHIBA Function Key [20140322]-->MsiExec.exe /X{16562A90-71BC-41A0-B890-D91B0C267120}
TOSHIBA Manuals [20140322]-->"C:\Program Files (x86)\InstallShield Installation Information\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}\setup.exe" -runfromtemp -l0x0409 -removeonly
TOSHIBA Password Utility [20140322]-->C:\Program Files (x86)\InstallShield Installation Information\{78931270-BC9E-441A-A52B-73ECD4ACFAB5}\setup.exe -runfromtemp -l0x0409
TOSHIBA PC Health Monitor [20160801]-->MsiExec.exe /X{B507386D-1F61-4E55-B05B-F56ACB0086B3}
TOSHIBA Recovery Media Creator [20131128]-->C:\Program Files (x86)\InstallShield Installation Information\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}\Setup.exe -runfromtemp -removeonly
TOSHIBA Service Station [20140322]-->MsiExec.exe /X{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}
TOSHIBA Start Screen Option [20140322]-->MsiExec.exe /X{06B71035-F19F-4F76-9875-FFCCD4FC3F83}
TOSHIBA System Driver [20140322]-->MsiExec.exe /X{1E6A96A1-2BAB-43EF-8087-30437593C66C}
TOSHIBA System Settings [20140322]-->MsiExec.exe /X{05A55927-DB9B-4E26-BA44-828EBFF829F0}
Toshiba TEMPRO [20151219]-->MsiExec.exe /X{F76F5214-83A8-4030-80C9-1EF57391D72A}
Trapcode Particular Studio [2016/10/17 19:03:42]-->C:\WINDOWS\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 14\Plugins\RTFx\tcparticularstudio.log
Trapcode Shine Studio [2016/10/17 19:03:05]-->C:\WINDOWS\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 14\Plugins\RTFx\tcshinestudio.log
Unity Web Player [2016/10/05 03:31:26]-->C:\Users\Adrian\AppData\Local\Unity\WebPlayer\Uninstall.exe /CurrentUser
Update for Microsoft Access 2016 (KB3115503) 64-Bit Edition [2017/01/16 18:11:00]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{E183D667-D01A-4D0C-BB7C-EDD0A7B9A452}" "1029" "0"
Update for Microsoft Access 2016 (KB3115503) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{E183D667-D01A-4D0C-BB7C-EDD0A7B9A452}" "1029" "0"
Update for Microsoft Excel 2016 (KB3141472) 64-Bit Edition [2017/01/16 17:46:50]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0016-0405-1000-0000000FF1CE}" "{29FC1F45-11AA-4BC9-97CB-B3C93F61379C}" "1029" "0"
Update for Microsoft Excel 2016 (KB3141472) 64-Bit Edition [2017/01/16 17:46:55]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0018-0405-1000-0000000FF1CE}" "{29FC1F45-11AA-4BC9-97CB-B3C93F61379C}" "1029" "0"
Update for Microsoft Excel 2016 (KB3141472) 64-Bit Edition [2017/01/16 17:48:24]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001B-0405-1000-0000000FF1CE}" "{29FC1F45-11AA-4BC9-97CB-B3C93F61379C}" "1029" "0"
Update for Microsoft Excel 2016 (KB3141472) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{29FC1F45-11AA-4BC9-97CB-B3C93F61379C}" "1029" "0"
Update for Microsoft Excel 2016 (KB3141472) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{29FC1F45-11AA-4BC9-97CB-B3C93F61379C}" "1029" "0"
Update for Microsoft Office 2016 (KB2910954) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{89B85BAE-5618-49A4-9C18-153202BDFC73}" "1029" "0"
Update for Microsoft Office 2016 (KB2910970) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{AAAF9852-CB71-4975-A7B4-0253B201E729}" "1029" "0"
Update for Microsoft Office 2016 (KB2910970) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{AAAF9852-CB71-4975-A7B4-0253B201E729}" "1029" "0"
Update for Microsoft Office 2016 (KB2910979) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{F556D361-9A36-47BC-94D8-9BC2C36EE333}" "1029" "0"
Update for Microsoft Office 2016 (KB2920678) 64-Bit Edition [2017/01/16 18:11:00]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{D6AE0D54-13A7-4B0D-A862-8AEF7D4796A6}" "1029" "0"
Update for Microsoft Office 2016 (KB2920678) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{D6AE0D54-13A7-4B0D-A862-8AEF7D4796A6}" "1029" "0"
Update for Microsoft Office 2016 (KB2920684) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{4D4432EE-ECE1-42CA-8B93-0916170C8252}" "1029" "0"
Update for Microsoft Office 2016 (KB2920712) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{A73D1FF5-0819-44C7-9294-FBDD4BA2F43B}" "1029" "0"
Update for Microsoft Office 2016 (KB2920720) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{8683D594-A08C-451F-82C3-51D6FB730A6C}" "1029" "0"
Update for Microsoft Office 2016 (KB2920724) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{AA7A282E-E962-4C45-9A74-16C49FD88FF1}" "1029" "0"
Update for Microsoft Office 2016 (KB3114709) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{B0D12818-1641-422F-9EB4-AC05243A4DD8}" "1029" "0"
Update for Microsoft Office 2016 (KB3114903) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{92281B72-2A8C-40A4-BD15-58CCDF7DEDB1}" "1029" "0"
Update for Microsoft Office 2016 (KB3115081) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{78D7B4DE-619F-4312-9707-DF354A48D110}" "1029" "0"
Update for Microsoft Office 2016 (KB3115100) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{5EA702B7-1613-4DCB-85E6-A9BD9327CE00}" "1029" "0"
Update for Microsoft Office 2016 (KB3115141) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{017D5158-921B-4578-A067-51B1824BC813}" "1029" "0"
Update for Microsoft Office 2016 (KB3115276) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{45610767-EC8C-44CD-9001-6845F626FCD5}" "1029" "0"
Update for Microsoft Office 2016 (KB3115278) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{82CCB421-CE9F-4A81-97F9-62AE1C8D4443}" "1029" "0"
Update for Microsoft Office 2016 (KB3115497) 64-Bit Edition [2017/01/16 17:46:50]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0016-0405-1000-0000000FF1CE}" "{B3E07438-40FC-4DAE-89E4-42BDE7309F3E}" "1029" "0"
Update for Microsoft Office 2016 (KB3115497) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{B3E07438-40FC-4DAE-89E4-42BDE7309F3E}" "1029" "0"
Update for Microsoft Office 2016 (KB3118262) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{7D634991-F4C0-4761-9F90-54F69A8199EB}" "1029" "0"
Update for Microsoft Office 2016 (KB3118263) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{94848838-9497-4F39-8294-CFB65614776A}" "1029" "0"
Update for Microsoft Office 2016 (KB3118264) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{B2437330-4140-4B97-8041-3D337D716DC9}" "1029" "0"
Update for Microsoft Office 2016 (KB3118324) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{255A6C61-37EB-4774-A5A4-3FB68B4EC351}" "1029" "0"
Update for Microsoft Office 2016 (KB3118338) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{2BDF2C08-EF2F-4099-8701-19E2D55B4DE4}" "1029" "0"
Update for Microsoft Office 2016 (KB3118338) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{2BDF2C08-EF2F-4099-8701-19E2D55B4DE4}" "1029" "0"
Update for Microsoft Office 2016 (KB3127982) 64-Bit Edition [2017/01/16 18:11:00]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{E99DC789-B370-4890-AF50-050D73E7E47C}" "1029" "0"
Update for Microsoft Office 2016 (KB3127982) 64-Bit Edition [2017/01/16 18:11:14]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-006E-0405-1000-0000000FF1CE}" "{E99DC789-B370-4890-AF50-050D73E7E47C}" "1029" "0"
Update for Microsoft Office 2016 (KB3127982) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{E99DC789-B370-4890-AF50-050D73E7E47C}" "1029" "0"
Update for Microsoft Office 2016 (KB3127983) 64-Bit Edition [2017/01/16 18:11:00]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{D23F101C-D088-4F47-8322-40893360C5FD}" "1029" "0"
Update for Microsoft Office 2016 (KB3127983) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{D23F101C-D088-4F47-8322-40893360C5FD}" "1029" "0"
Update for Microsoft Office 2016 (KB3127987) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{A000D80D-B929-4E84-BF46-AEA66BDE57C2}" "1029" "0"
Update for Microsoft Office 2016 (KB3127987) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{A000D80D-B929-4E84-BF46-AEA66BDE57C2}" "1029" "0"
Update for Microsoft Office 2016 (KB3127990) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{39BF944E-DB91-454D-96FB-8340166923C1}" "1029" "0"
Update for Microsoft Office 2016 (KB3127992) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{139BFCBD-3A22-4499-BDDA-010AF45F2569}" "1029" "0"
Update for Microsoft Office 2016 (KB3127992) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{139BFCBD-3A22-4499-BDDA-010AF45F2569}" "1029" "0"
Update for Microsoft Office 2016 (KB3128055) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{1A7DC839-B318-4E16-A27C-847DCE2B3197}" "1029" "0"
Update for Microsoft Office 2016 (KB3128055) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{1A7DC839-B318-4E16-A27C-847DCE2B3197}" "1029" "0"
Update for Microsoft Office 2016 (KB3128056) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{B4D4F607-8D6B-4933-9FC1-EF5FE3FF4495}" "1029" "0"
Update for Microsoft Office 2016 (KB3141451) 64-Bit Edition [2017/01/16 17:52:48]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001F-0405-1000-0000000FF1CE}" "{FE80B839-DCBF-4108-B921-8012603A2E62}" "1029" "0"
Update for Microsoft Office 2016 (KB3141451) 64-Bit Edition [2017/01/16 17:52:51]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001F-0407-1000-0000000FF1CE}" "{FE80B839-DCBF-4108-B921-8012603A2E62}" "1029" "0"
Update for Microsoft Office 2016 (KB3141451) 64-Bit Edition [2017/01/16 17:52:54]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001F-0409-1000-0000000FF1CE}" "{FE80B839-DCBF-4108-B921-8012603A2E62}" "1029" "0"
Update for Microsoft Office 2016 (KB3141451) 64-Bit Edition [2017/01/16 17:52:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001F-041B-1000-0000000FF1CE}" "{FE80B839-DCBF-4108-B921-8012603A2E62}" "1029" "0"
Update for Microsoft Office 2016 (KB3141451) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{FE80B839-DCBF-4108-B921-8012603A2E62}" "1029" "0"
Update for Microsoft Office 2016 (KB3141473) 64-Bit Edition [2017/01/16 18:10:45]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0405-1000-0000000FF1CE}" "{25433EC8-B7F8-4A99-A1E8-0E2A62FB8A90}" "1029" "0"
Update for Microsoft Office 2016 (KB3141473) 64-Bit Edition [2017/01/16 18:11:00]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{25433EC8-B7F8-4A99-A1E8-0E2A62FB8A90}" "1029" "0"
Update for Microsoft Office 2016 (KB3141473) 64-Bit Edition [2017/01/16 18:11:14]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-006E-0405-1000-0000000FF1CE}" "{25433EC8-B7F8-4A99-A1E8-0E2A62FB8A90}" "1029" "0"
Update for Microsoft Office 2016 (KB3141473) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{25433EC8-B7F8-4A99-A1E8-0E2A62FB8A90}" "1029" "0"
Update for Microsoft OneDrive for Business (KB3127993) 64-Bit Edition [2016/12/17 21:26:45]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00BA-0405-1000-0000000FF1CE}" "{441CC8AC-5E7C-45B0-9F42-3DE0779C4F84}" "1029" "0"
Update for Microsoft OneDrive for Business (KB3127993) 64-Bit Edition [2017/01/16 18:10:45]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0405-1000-0000000FF1CE}" "{441CC8AC-5E7C-45B0-9F42-3DE0779C4F84}" "1029" "0"
Update for Microsoft OneDrive for Business (KB3127993) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{441CC8AC-5E7C-45B0-9F42-3DE0779C4F84}" "1029" "0"
Update for Microsoft OneDrive for Business (KB3127993) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{441CC8AC-5E7C-45B0-9F42-3DE0779C4F84}" "1029" "0"
Update for Microsoft OneNote 2016 (KB3141455) 64-Bit Edition [2017/01/16 17:49:53]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00A1-0405-1000-0000000FF1CE}" "{41D0CE0F-F993-4E62-8DE4-87712DD24339}" "1029" "0"
Update for Microsoft OneNote 2016 (KB3141455) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{41D0CE0F-F993-4E62-8DE4-87712DD24339}" "1029" "0"
Update for Microsoft OneNote 2016 (KB3141455) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{41D0CE0F-F993-4E62-8DE4-87712DD24339}" "1029" "0"
Update for Microsoft Outlook 2016 (KB3141453) 64-Bit Edition [2017/01/16 17:33:23]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001A-0405-1000-0000000FF1CE}" "{C2AC43F3-3BB9-4059-BEE5-82F95DD9361B}" "1029" "0"
Update for Microsoft Outlook 2016 (KB3141453) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{C2AC43F3-3BB9-4059-BEE5-82F95DD9361B}" "1029" "0"
Update for Microsoft PowerPoint 2016 (KB3127981) 64-Bit Edition [2017/01/16 17:46:55]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0018-0405-1000-0000000FF1CE}" "{873C5316-48BA-4AC7-A6B4-109C1D5CC82C}" "1029" "0"
Update for Microsoft PowerPoint 2016 (KB3127981) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{873C5316-48BA-4AC7-A6B4-109C1D5CC82C}" "1029" "0"
Update for Microsoft PowerPoint 2016 (KB3127981) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{873C5316-48BA-4AC7-A6B4-109C1D5CC82C}" "1029" "0"
Update for Microsoft Project 2016 (KB3141459) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{2B08C80C-32F3-412F-8F1E-350FA72AA971}" "1029" "0"
Update for Microsoft Project 2016 (KB3141459) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{2B08C80C-32F3-412F-8F1E-350FA72AA971}" "1029" "0"
Update for Microsoft Publisher 2016 (KB3114368) 64-Bit Edition [2016/12/17 21:20:06]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0019-0405-1000-0000000FF1CE}" "{CE7F519F-34EB-4121-9170-0A1F53509666}" "1029" "0"
Update for Microsoft Publisher 2016 (KB3114368) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{CE7F519F-34EB-4121-9170-0A1F53509666}" "1029" "0"
Update for Microsoft Publisher 2016 (KB3114368) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{CE7F519F-34EB-4121-9170-0A1F53509666}" "1029" "0"
Update for Microsoft Visio 2016 (KB3128045) 64-Bit Edition [2017/01/16 18:10:59]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{9E06EBEC-FD41-4727-BF64-BE5AC3A9F4A5}" "1029" "0"
Update for Microsoft Visio 2016 (KB3128045) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{9E06EBEC-FD41-4727-BF64-BE5AC3A9F4A5}" "1029" "0"
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition [2017/01/16 17:48:43]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-012B-0405-1000-0000000FF1CE}" "{801D5242-0189-4C99-977B-0C77DBD1F046}" "1029" "0"
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition [2017/01/16 18:12:18]-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{801D5242-0189-4C99-977B-0C77DBD1F046}" "1029" "0"
Update Installer for WildTangent Games App [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildTangent Games\App\Uninstall.exe"
ViewNX-i [20151225]-->MsiExec.exe /X{C67A5551-26C1-4C7B-A9DF-AD148549D482}
Virtual Villagers 4 - The Tree of Life [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Virtual Villagers 4 - The Tree of Life\uninstall\uninstaller.exe"
VSO ConvertXToDVD [20150704]-->"C:\Program Files (x86)\VSO\ConvertX\5\unins000.exe"
Vulkan Run Time Libraries 1.0.11.1 [2016/10/05 03:38:47]-->C:\Program Files (x86)\VulkanRT\1.0.11.1\UninstallVulkanRT.exe
WD SmartWare [20161217]-->MsiExec.exe /X{604CB4FC-3D32-405F-A109-165F170529B6}
WildTangent Games [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildGames\Uninstall.exe"
WildTangent Games App (Toshiba Games) [2016/10/05 03:39:03]-->"C:\Program Files (x86)\WildTangent Games\Touchpoints\toshiba\Uninstall.exe"
Windows Driver Package - Digitech (usbser) Ports (04/24/2009 1.1.2600.0) [2016/10/05 03:38:47]-->C:\PROGRA~1\DIFX\E40478~1\DRIVER~1.EXE /u C:\Windows\System32\DriverStore\FileRepository\jamman.inf_amd64_45a890e19e31f99a\jamman.inf
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) [2016/10/05 03:38:47]-->rundll32.exe C:\PROGRA~1\DIFX\048B92~1\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\grmnusb.inf_amd64_d77b1dda68556870\grmnusb.inf
WinRAR 5.11 (32-bit) [2016/10/05 03:39:03]-->C:\Program Files (x86)\WinRAR\uninstall.exe
WinZip 20.0 [20160430]-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}
Xiph.Org Open Codecs 0.85.17777 [2016/10/05 03:39:02]-->C:\Program Files (x86)\Xiph.Org\Open Codecs\uninst.exe
Zoner Photo Studio 17 [20150214]-->"C:\Program Files\Zoner\Photo Studio 17\unins000.exe"
======System event log"======
Computer Name: Ochmánek
Event Code: 26
Message: Při spouštění byla použita jednorázová spouštěcí sekvence.
Record Number: 5
Source Name: Microsoft-Windows-Kernel-Boot
Time Written: 20161005021505.727231-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: Ochmánek
Event Code: 153
Message: Zabezpečení založené na virtualizaci (zásady: 0) je zakázáno se stavem STATUS_SUCCESS.
Record Number: 4
Source Name: Microsoft-Windows-Kernel-Boot
Time Written: 20161005021505.727178-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: Ochmánek
Event Code: 12
Message: Operační systém se spustil v systémovém čase 2016-10-05T02:15:05.498673500Z.
Record Number: 3
Source Name: Microsoft-Windows-Kernel-General
Time Written: 20161005021505.727121-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: Ochmánek
Event Code: 6005
Message: Služba Event Log byla spuštěna.
Record Number: 2
Source Name: EventLog
Time Written: 20161005021644.029733-000
Event Type: Informace
User:
Computer Name: Ochmánek
Event Code: 6009
Message: Microsoft (R) Windows (R) 10.00. 14393 Multiprocessor Free.
Record Number: 1
Source Name: EventLog
Time Written: 20161005021644.029733-000
Event Type: Informace
User:
=====Application event log"=====
Computer Name: Ochmánek
Event Code: 4097
Message: Úspěšná automatická aktualizace kořenového certifikátu jiného výrobce: Subjekt: <CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US> Kryptografický otisk SHA1: <4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5>.
Record Number: 5
Source Name: Microsoft-Windows-CAPI2
Time Written: 20161005021704.932593-000
Event Type: Informace
User:
Computer Name: Ochmánek
Event Code: 4097
Message: Úspěšná automatická aktualizace kořenového certifikátu jiného výrobce: Subjekt: <CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE> Kryptografický otisk SHA1: <B1BC968BD4F49D622AA89A81F2150152A41D829C>.
Record Number: 4
Source Name: Microsoft-Windows-CAPI2
Time Written: 20161005021701.202422-000
Event Type: Informace
User:
Computer Name: Ochmánek
Event Code: 5615
Message: Služba WMI (Windows Management Instrumentation) byla úspěšně spuštěna.
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20161005021651.827562-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: Ochmánek
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.
Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20161005021646.052508-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: OCHMANEK
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20161005021644.467253-000
Event Type: Informace
User:
=====Security event log"=====
Computer Name: Ochmánek
Event Code: 4688
Message: Byl vytvořen nový proces.
Tvůrčí subjekt:
ID zabezpečení: S-1-5-18
Název účtu: -
Doména účtu: -
Přihlašovací ID: 0x3E7
Cílový subjekt:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
Přihlašovací ID: 0x0
Informace o procesu:
ID nového procesu: 0x1a4
Název nového procesu: C:\Windows\System32\smss.exe
Typ zvýšení oprávnění tokenu: %%1936
Povinný štítek: S-1-16-16384
ID tvůrčího procesu: 0x14c
Název tvůrčího procesu: C:\Windows\System32\smss.exe
Příkazový řádek procesu:
Typ zvýšení oprávnění tokenu označuje typ tokenu, který byl přiřazen novému procesu v souladu se zásadami nástroje Řízení uživatelských účtů.
Typ 1 je úplný token, u kterého nebyla odebrána žádná oprávnění ani nebyly zakázány skupiny. Úplný token se používá pouze v případě, že je vypnut nástroj Řízení uživatelských účtů nebo pokud uživatel je integrovaný účet Administrator nebo účet služby.
Typ 2 je token se zvýšenými oprávněními, u kterého nebyla odebrána žádná oprávnění ani nebyly zakázány skupiny. Token se zvýšenými oprávněními se používá, pokud je zapnut nástroj Řízení uživatelských účtů a uživatel se rozhodne spustit program pomocí možnosti Spustit jako správce. Token se zvýšenými oprávněními se také používá, pokud je aplikace nakonfigurována tak, aby vždy vyžadovala oprávnění správce nebo maximální oprávnění, a uživatel je členem skupiny Administrators.
Typ 3 je omezený token s odebranými oprávněními správce a zakázanými skupinami pro správu. Omezený token se používá, pokud je zapnut nástroj Řízení uživatelských účtů, aplikace nevyžaduje oprávnění správce a uživatel se nerozhodne spustit program pomocí možnosti Spustit jako správce.
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20161005021551.922556-000
Event Type: Úspěšný audit
User:
Computer Name: Ochmánek
Event Code: 4688
Message: Byl vytvořen nový proces.
Tvůrčí subjekt:
ID zabezpečení: S-1-5-18
Název účtu: -
Doména účtu: -
Přihlašovací ID: 0x3E7
Cílový subjekt:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
Přihlašovací ID: 0x0
Informace o procesu:
ID nového procesu: 0x198
Název nového procesu: C:\Windows\System32\setupcl.exe
Typ zvýšení oprávnění tokenu: %%1936
Povinný štítek: S-1-16-16384
ID tvůrčího procesu: 0x14c
Název tvůrčího procesu: C:\Windows\System32\smss.exe
Příkazový řádek procesu:
Typ zvýšení oprávnění tokenu označuje typ tokenu, který byl přiřazen novému procesu v souladu se zásadami nástroje Řízení uživatelských účtů.
Typ 1 je úplný token, u kterého nebyla odebrána žádná oprávnění ani nebyly zakázány skupiny. Úplný token se používá pouze v případě, že je vypnut nástroj Řízení uživatelských účtů nebo pokud uživatel je integrovaný účet Administrator nebo účet služby.
Typ 2 je token se zvýšenými oprávněními, u kterého nebyla odebrána žádná oprávnění ani nebyly zakázány skupiny. Token se zvýšenými oprávněními se používá, pokud je zapnut nástroj Řízení uživatelských účtů a uživatel se rozhodne spustit program pomocí možnosti Spustit jako správce. Token se zvýšenými oprávněními se také používá, pokud je aplikace nakonfigurována tak, aby vždy vyžadovala oprávnění správce nebo maximální oprávnění, a uživatel je členem skupiny Administrators.
Typ 3 je omezený token s odebranými oprávněními správce a zakázanými skupinami pro správu. Omezený token se používá, pokud je zapnut nástroj Řízení uživatelských účtů, aplikace nevyžaduje oprávnění správce a uživatel se nerozhodne spustit program pomocí možnosti Spustit jako správce.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20161005021537.373224-000
Event Type: Úspěšný audit
User:
Computer Name: Ochmánek
Event Code: 4688
Message: Byl vytvořen nový proces.
Tvůrčí subjekt:
ID zabezpečení: S-1-5-18
Název účtu: -
Doména účtu: -
Přihlašovací ID: 0x3E7
Cílový subjekt:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
Přihlašovací ID: 0x0
Informace o procesu:
ID nového procesu: 0x158
Název nového procesu: C:\Windows\System32\autochk.exe
Typ zvýšení oprávnění tokenu: %%1936
Povinný štítek: S-1-16-16384
ID tvůrčího procesu: 0x14c
Název tvůrčího procesu: C:\Windows\System32\smss.exe
Příkazový řádek procesu:
Typ zvýšení oprávnění tokenu označuje typ tokenu, který byl přiřazen novému procesu v souladu se zásadami nástroje Řízení uživatelských účtů.
Typ 1 je úplný token, u kterého nebyla odebrána žádná oprávnění ani nebyly zakázány skupiny. Úplný token se používá pouze v případě, že je vypnut nástroj Řízení uživatelských účtů nebo pokud uživatel je integrovaný účet Administrator nebo účet služby.
Typ 2 je token se zvýšenými oprávněními, u kterého nebyla odebrána žádná oprávnění ani nebyly zakázány skupiny. Token se zvýšenými oprávněními se používá, pokud je zapnut nástroj Řízení uživatelských účtů a uživatel se rozhodne spustit program pomocí možnosti Spustit jako správce. Token se zvýšenými oprávněními se také používá, pokud je aplikace nakonfigurována tak, aby vždy vyžadovala oprávnění správce nebo maximální oprávnění, a uživatel je členem skupiny Administrators.
Typ 3 je omezený token s odebranými oprávněními správce a zakázanými skupinami pro správu. Omezený token se používá, pokud je zapnut nástroj Řízení uživatelských účtů, aplikace nevyžaduje oprávnění správce a uživatel se nerozhodne spustit program pomocí možnosti Spustit jako správce.
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20161005021532.693877-000
Event Type: Úspěšný audit
User:
Computer Name: Ochmánek
Event Code: 4688
Message: Byl vytvořen nový proces.
Tvůrčí subjekt:
ID zabezpečení: S-1-5-18
Název účtu: -
Doména účtu: -
Přihlašovací ID: 0x3E7
Cílový subjekt:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
Přihlašovací ID: 0x0
Informace o procesu:
ID nového procesu: 0x14c
Název nového procesu: C:\Windows\System32\smss.exe
Typ zvýšení oprávnění tokenu: %%1936
Povinný štítek: S-1-16-16384
ID tvůrčího procesu: 0x4
Název tvůrčího procesu:
Příkazový řádek procesu:
Typ zvýšení oprávnění tokenu označuje typ tokenu, který byl přiřazen novému procesu v souladu se zásadami nástroje Řízení uživatelských účtů.
Typ 1 je úplný token, u kterého nebyla odebrána žádná oprávnění ani nebyly zakázány skupiny. Úplný token se používá pouze v případě, že je vypnut nástroj Řízení uživatelských účtů nebo pokud uživatel je integrovaný účet Administrator nebo účet služby.
Typ 2 je token se zvýšenými oprávněními, u kterého nebyla odebrána žádná oprávnění ani nebyly zakázány skupiny. Token se zvýšenými oprávněními se používá, pokud je zapnut nástroj Řízení uživatelských účtů a uživatel se rozhodne spustit program pomocí možnosti Spustit jako správce. Token se zvýšenými oprávněními se také používá, pokud je aplikace nakonfigurována tak, aby vždy vyžadovala oprávnění správce nebo maximální oprávnění, a uživatel je členem skupiny Administrators.
Typ 3 je omezený token s odebranými oprávněními správce a zakázanými skupinami pro správu. Omezený token se používá, pokud je zapnut nástroj Řízení uživatelských účtů, aplikace nevyžaduje oprávnění správce a uživatel se nerozhodne spustit program pomocí možnosti Spustit jako správce.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20161005021532.565816-000
Event Type: Úspěšný audit
User:
Computer Name: Ochmánek
Event Code: 4826
Message: Načetla se konfigurační data spouštění.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: -
Doména účtu: -
ID přihlášení: 0x3E7
Obecné nastavení:
Možnosti načtení: -
Upřesňující možnosti: Ne
Zásady přístupu ke konfiguraci: Výchozí
Protokolování systémových událostí: Ne
Ladění jádra: Ne
Typ spuštění VSM: Vypnuto
Nastavení podpisu:
Testovací podepsání: Ne
Podepsání za běhu: Ne
Zakázat kontroly integrity: Ne
Nastavení HyperVisoru:
Možnosti načtení HyperVisoru: -
Typ spuštění HyperVisoru: Vypnuto
Ladění HyperVisoru: Ne
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20161005021532.523524-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"OS"=Windows_NT
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=3a09
"FP_NO_HOST_CHECK"=NO
"Path"=C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ImageConverter Plus;;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Pinnacle\Shared Files\
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Moc prosím o preventivku
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Moc prosím o preventivku
# AdwCleaner v6.042 - Log vytvořen 24/01/2017 v 22:56:07
# Aktualizováno dne 06/01/2017 z Malwarebytes
# Databáze : 2017-01-24.2 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Adrian - OCHMANEK
# Spuštěno z : C:\Users\Adrian\Desktop\adwcleaner_6.042.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služba smazána: RelevantKnowledge
***** [ Složky ] *****
[-] Složka smazána: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
[-] Složka smazána: C:\Program Files (x86)\RelevantKnowledge
***** [ Soubory ] *****
[#] Soubor smazán: C:\WINDOWS\SysNative\rlls64.dll
[#] Soubor smazán: C:\WINDOWS\SysWoW64\rlls.dll
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D08D9F98-1C78-4704-87E6-368B0023D831}
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1512 Bajty] - [24/01/2017 22:56:07]
C:\AdwCleaner\AdwCleaner[S0].txt - [1853 Bajty] - [24/01/2017 22:55:11]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1658 Bajty] ##########
# Aktualizováno dne 06/01/2017 z Malwarebytes
# Databáze : 2017-01-24.2 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Adrian - OCHMANEK
# Spuštěno z : C:\Users\Adrian\Desktop\adwcleaner_6.042.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služba smazána: RelevantKnowledge
***** [ Složky ] *****
[-] Složka smazána: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
[-] Složka smazána: C:\Program Files (x86)\RelevantKnowledge
***** [ Soubory ] *****
[#] Soubor smazán: C:\WINDOWS\SysNative\rlls64.dll
[#] Soubor smazán: C:\WINDOWS\SysWoW64\rlls.dll
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D08D9F98-1C78-4704-87E6-368B0023D831}
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1512 Bajty] - [24/01/2017 22:56:07]
C:\AdwCleaner\AdwCleaner[S0].txt - [1853 Bajty] - [24/01/2017 22:55:11]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1658 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Moc prosím o preventivku
Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=30&t=133101 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Moc prosím o preventivku
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-01-2017 01
Ran by Adrian (administrator) on OCHMANEK (25-01-2017 20:27:17)
Running from C:\Users\Adrian\Desktop
Loaded Profiles: Adrian (Available Profiles: Adrian)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Tempo Semiconductor Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(forum.viry.cz) C:\Users\Adrian\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954880 2015-10-08] (Synaptics Incorporated)
HKLM\...\Run: [Connectify Hotspot] => C:\Program Files (x86)\Connectify\Connectify.exe [4131384 2016-12-14] (Connectify)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [383768 2002-04-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-20] (AVAST Software)
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-18] (Disc Soft Ltd)
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [437248 2014-09-12] (ZONER software)
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {53e73317-9eb5-11e6-82d6-645a04383e85} - "I:\autorun.exe"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {7431c52d-9546-11e6-82d6-2025647b6c58} - "H:\Setup.exe"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {a34909a7-aa4c-11e6-82d9-2025647b6c58} - "E:\.autorun\autorun.exe"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {eb54649e-839d-11e4-8265-645a04383e85} - "G:\WD SmartWare.exe" autoplay=true
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => No File
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-27] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aktualizace oznámení.lnk [2016-04-30]
ShortcutTarget: Aktualizace oznámení.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-04-30]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk [2016-12-17]
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk [2016-12-17]
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-04-30]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1
Tcpip\..\Interfaces\{68eb3ac8-98e7-4d02-a1e3-5115d466c3de}: [DhcpNameServer] 192.168.15.1
Internet Explorer:
==================
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3809139199-386801105-3546470006-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-05-13] (RealDownloader)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-05-13] (RealDownloader)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-21] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-21] (Oracle Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: idumb2aa.default
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default [2017-01-25]
FF NewTab: Mozilla\Firefox\Profiles\idumb2aa.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\idumb2aa.default -> Seznam
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\idumb2aa.default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\idumb2aa.default -> Seznam
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\idumb2aa.default -> Seznam
FF Homepage: Mozilla\Firefox\Profiles\idumb2aa.default -> hxxps://www.seznam.cz/?clid=22668
FF Keyword.URL: Mozilla\Firefox\Profiles\idumb2aa.default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Extension: (Firefox Hotfix) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-30]
FF Extension: (Adblock Plus) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF SearchPlugin: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\searchplugins\seznam-avast.xml [2016-10-19]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-27]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-27]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-17] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2016-11-19] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-06] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3809139199-386801105-3546470006-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-01-22] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-12] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default [2017-01-06]
CHR Extension: (Prezentace Google) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-06]
CHR Extension: (Dokumenty Google) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-06]
CHR Extension: (Disk Google) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-06]
CHR Extension: (YouTube) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-06]
CHR Extension: (Avast SafePrice) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-01-06]
CHR Extension: (Tabulky Google) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-06]
CHR Extension: (Avast Online Security) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-01-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-06]
CHR Extension: (Gmail) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-06]
CHR Extension: (Chrome Media Router) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-06]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-10-01] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-27] (AVAST Software)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [257592 2016-12-14] (Connectify)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2016-11-19] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [350224 2015-07-23] (Tempo Semiconductor Inc.)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-10-08] (Synaptics Incorporated)
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [118856 2015-12-01] (Toshiba Europe GmbH)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [908256 2016-07-14] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-07-14] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-07-14] (McAfee, Inc.)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [130048 2010-01-21] (WDC) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S2 WDSmartWareBackgroundService; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-08-27] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-08-27] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-08-27] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-08-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-27] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-18] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-28] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-08-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-14] (AVAST Software)
S2 athsgt; C:\WINDOWS\System32\DRIVERS\athsgt.sys [210944 2015-05-25] () [File not signed]
R1 cfywlan2; C:\WINDOWS\system32\DRIVERS\cfywlan2.sys [46088 2017-01-03] (Connectify)
R1 cnnctfy4; C:\WINDOWS\system32\DRIVERS\cnnctfy4.sys [53216 2017-01-03] (Connectify)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-10-24] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47160 2016-10-24] (Disc Soft Ltd)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2015-01-12] (Disc Soft Ltd)
S3 iComp; C:\WINDOWS\system32\DRIVERS\p2usbhum.sys [1712424 2012-11-30] (Conexant Systems Inc.)
S2 limsgt; C:\WINDOWS\System32\DRIVERS\limsgt.sys [22528 2015-05-25] () [File not signed]
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvtdwu.inf_amd64_b4dd93f8c89bf485\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-10-08] (Synaptics Incorporated)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [561680 2015-07-23] (Tempo Semiconductor Inc.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-25 20:27 - 2017-01-25 20:27 - 00026147 _____ C:\Users\Adrian\Desktop\FRST.txt
2017-01-25 20:26 - 2017-01-25 20:27 - 00000000 ____D C:\FRST
2017-01-25 20:26 - 2017-01-25 20:26 - 00112640 _____ (forum.viry.cz) C:\Users\Adrian\Desktop\FRSTLauncher.exe
2017-01-25 20:22 - 2017-01-25 20:23 - 02420736 _____ (Farbar) C:\Users\Adrian\Desktop\FRST64.exe
2017-01-24 22:53 - 2017-01-24 22:56 - 00000000 ____D C:\AdwCleaner
2017-01-24 22:52 - 2017-01-24 22:53 - 03988944 _____ C:\Users\Adrian\Desktop\adwcleaner_6.042.exe
2017-01-23 19:55 - 2017-01-23 19:55 - 00000000 ____D C:\rsit
2017-01-23 19:54 - 2017-01-23 19:55 - 01323520 _____ C:\Users\Adrian\Desktop\RSITx64.exe
2017-01-17 16:06 - 2015-07-28 21:22 - 00859416 _____ (TMRG, Inc.) C:\WINDOWS\system32\rlls64.dll
2017-01-16 23:26 - 2017-01-16 23:27 - 02490368 _____ C:\Users\Adrian\Documents\Database1.accdb
2017-01-16 23:26 - 2017-01-16 23:26 - 00960634 _____ C:\Users\Adrian\Documents\Marketingové proj.accdt
2017-01-16 20:11 - 2017-01-16 20:11 - 00001195 _____ C:\Users\Adrian\Desktop\Beneton Movie GIF.lnk
2017-01-16 20:11 - 2017-01-16 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Beneton Movie GIF
2017-01-16 20:11 - 2017-01-16 20:11 - 00000000 ____D C:\Program Files (x86)\Beneton Movie GIF
2017-01-13 20:39 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-13 20:39 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-13 20:39 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-13 20:39 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-13 20:39 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-13 20:39 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-13 20:39 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-13 20:39 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-13 20:39 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-13 20:39 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-13 20:39 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-13 20:39 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-13 20:39 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-13 20:39 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-13 20:39 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-13 20:39 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-13 20:39 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-13 20:39 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-13 20:39 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-13 20:39 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-13 20:39 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-13 20:39 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-13 20:39 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-13 20:39 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-13 20:39 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-13 20:38 - 2017-01-13 20:43 - 00000000 ____D C:\Users\Adrian\Documents\HOLBIÁDA
2017-01-13 20:38 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-13 20:38 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-13 20:38 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-13 20:38 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-13 20:38 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-13 20:38 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-13 20:38 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-13 20:38 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-13 20:38 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-13 20:38 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-13 20:38 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-13 20:38 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-13 20:38 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-13 20:38 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-13 20:38 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-13 20:38 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-13 20:38 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-13 20:38 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-13 20:38 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-13 20:38 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-13 20:38 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-13 20:38 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-13 20:38 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-13 20:38 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-13 20:38 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-13 20:38 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-13 20:38 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-13 20:38 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-13 20:38 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-13 20:38 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-13 20:38 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-13 20:38 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-13 20:38 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-13 20:38 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-13 20:38 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-13 20:38 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-13 20:38 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-13 20:38 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-13 20:38 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-13 20:38 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-13 20:38 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-13 20:38 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-13 20:38 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-13 20:38 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-13 20:38 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-13 20:38 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-13 20:38 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-13 20:38 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-13 20:38 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-13 20:38 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-13 20:38 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-13 20:38 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-13 20:38 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-13 20:38 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-13 20:38 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-13 20:38 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-13 20:38 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-13 20:38 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-13 20:38 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-13 20:38 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-13 20:38 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-13 20:38 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-13 20:38 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-13 20:38 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-13 20:38 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-13 20:38 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-13 20:38 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-13 20:38 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-13 20:38 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-13 20:38 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-13 20:38 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-13 20:38 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-13 20:38 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-13 20:38 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-13 20:38 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-13 20:38 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-13 20:38 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-13 20:38 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-13 20:38 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-13 20:38 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-13 20:38 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-13 20:38 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-13 20:38 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-13 20:38 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-13 20:38 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-13 20:38 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-13 20:38 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-13 20:38 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-13 20:38 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-13 20:38 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-13 20:38 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-13 20:38 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-13 20:38 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-13 20:38 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-13 20:38 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-13 20:38 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-13 20:38 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-13 20:38 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-13 20:38 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-13 20:38 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-13 20:38 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-13 20:38 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-13 20:38 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-13 20:38 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-13 20:38 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-13 20:38 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-13 20:38 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-13 20:38 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-13 20:38 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-13 20:38 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-13 20:38 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-13 20:38 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-13 20:38 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-13 20:38 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-13 20:38 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-13 20:38 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-13 20:38 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-13 20:38 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-13 20:38 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-13 20:38 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-13 20:37 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-13 20:37 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-13 20:37 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-13 20:37 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-13 20:37 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-13 20:37 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-13 20:37 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-13 20:37 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-13 20:37 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-13 20:37 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-13 20:37 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-13 20:37 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-13 20:37 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-13 20:37 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-13 20:37 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-13 20:37 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-13 20:37 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-13 20:37 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-13 20:37 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-13 20:37 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-13 20:37 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-06 19:31 - 2017-01-17 16:04 - 00002455 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-06 19:31 - 2017-01-06 19:31 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-06 19:30 - 2017-01-06 19:39 - 00003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-01-06 19:30 - 2017-01-06 19:39 - 00003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-01-04 18:48 - 2017-01-04 18:48 - 00002858 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-01-04 18:48 - 2017-01-04 18:48 - 00000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-01-04 18:48 - 2017-01-04 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-01-04 18:48 - 2017-01-04 18:48 - 00000000 ____D C:\Program Files\CCleaner
2017-01-03 18:39 - 2017-01-03 18:39 - 00053216 _____ (Connectify) C:\WINDOWS\system32\Drivers\cnnctfy4.sys
2017-01-03 18:39 - 2017-01-03 18:39 - 00046088 _____ (Connectify) C:\WINDOWS\system32\Drivers\cfywlan2.sys
2017-01-03 18:39 - 2017-01-03 18:39 - 00000451 _____ C:\Users\Public\Desktop\Connectify Hotspot 2016.lnk
2017-01-03 18:39 - 2017-01-03 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connectify 2016
2017-01-03 18:38 - 2017-01-04 18:52 - 00000000 ____D C:\Program Files (x86)\Connectify
2017-01-03 18:36 - 2017-01-03 18:44 - 00000000 ____D C:\ProgramData\Connectify
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-25 20:27 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-25 20:26 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-25 20:24 - 2014-12-14 20:22 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\uTorrent
2017-01-25 20:22 - 2016-09-18 17:02 - 00000000 ____D C:\Users\Adrian\Desktop\Dokumenty Office
2017-01-25 20:20 - 2016-11-20 22:35 - 00000000 ____D C:\Users\Adrian\AppData\LocalLow\Mozilla
2017-01-25 08:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-25 08:55 - 2016-07-27 13:45 - 00000000 __SHD C:\Users\Adrian\IntelGraphicsProfiles
2017-01-24 23:30 - 2016-10-05 03:16 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-24 23:07 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-24 22:58 - 2016-10-11 19:14 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-24 22:58 - 2016-10-05 04:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-24 22:56 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-01-23 19:55 - 2015-01-08 00:31 - 00000000 ____D C:\Program Files\trend micro
2017-01-23 18:31 - 2015-12-22 13:07 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-19 21:33 - 2016-10-17 22:45 - 00000348 _____ C:\Users\Adrian\Desktop\Jednotka CD-ROM – zástupce.lnk
2017-01-17 16:19 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-17 16:07 - 2015-04-13 19:00 - 00000000 ____D C:\Users\Adrian\AppData\Local\Adobe
2017-01-17 16:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-17 16:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-17 16:04 - 2016-04-27 07:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-17 15:54 - 2016-10-05 03:15 - 00486928 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-16 23:30 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-16 23:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-16 23:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-16 23:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-16 23:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-16 17:45 - 2014-12-10 22:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-16 17:35 - 2014-12-10 22:26 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-16 17:27 - 2013-08-22 14:25 - 00000199 _____ C:\WINDOWS\win.ini
2017-01-15 13:53 - 2016-07-16 23:25 - 00476492 _____ C:\WINDOWS\system32\perfh005.dat
2017-01-15 13:53 - 2016-07-16 23:25 - 00091454 _____ C:\WINDOWS\system32\perfc005.dat
2017-01-15 13:53 - 2016-04-27 07:54 - 01499628 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-15 10:51 - 2015-01-07 21:24 - 00000168 _____ C:\Users\Adrian\AppData\default.pls
2017-01-15 09:17 - 2015-07-04 11:58 - 00000000 ____D C:\Users\Adrian\Documents\ConvertXtoDVD
2017-01-15 09:16 - 2015-07-04 09:44 - 00000000 ____D C:\ProgramData\VSO
2017-01-15 09:08 - 2014-12-14 20:46 - 00000000 ____D C:\Users\Adrian\Documents\Torrent
2017-01-13 17:35 - 2016-10-05 04:02 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-07 20:48 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-06 19:41 - 2015-04-13 19:01 - 00000000 ____D C:\Users\Adrian\AppData\Local\Google
2017-01-06 19:35 - 2014-12-10 17:47 - 00000000 ____D C:\Users\Adrian\AppData\Local\Packages
2017-01-06 19:31 - 2015-04-13 19:01 - 00000000 ____D C:\Program Files (x86)\Google
2017-01-04 21:52 - 2014-12-28 00:03 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\MPC-HC
2017-01-04 18:52 - 2016-06-06 19:08 - 00000000 ____D C:\Program Files\PDFCreator
2017-01-04 17:54 - 2016-05-10 14:26 - 00000000 ____D C:\Users\Adrian\Documents\všehochuť
2017-01-03 23:25 - 2016-10-05 03:28 - 00000000 ____D C:\Users\Adrian
2017-01-03 23:23 - 2015-08-18 14:27 - 00000000 ____D C:\Program Files (x86)\HappyFoto-Designer
2017-01-03 19:16 - 2016-10-05 03:22 - 00000000 ____D C:\Program Files\IDT
2017-01-03 18:12 - 2016-10-24 19:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-03 18:12 - 2015-01-08 01:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-01 11:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-01-01 11:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-01-01 11:37 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-01-01 11:37 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-01-01 11:37 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-01-01 11:37 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
==================== Files in the root of some directories =======
2015-12-25 19:57 - 2015-12-25 19:57 - 0000268 ___RH () C:\Users\Adrian\AppData\Roaming\Hybrid Synthesizers
2015-12-25 19:57 - 2015-12-25 19:57 - 0000268 ___RH () C:\Users\Adrian\AppData\Roaming\Image Capture
2015-07-04 09:44 - 2015-07-04 09:44 - 0099384 _____ () C:\Users\Adrian\AppData\Roaming\inst.exe
2015-07-04 09:44 - 2015-07-04 09:44 - 0007859 _____ () C:\Users\Adrian\AppData\Roaming\pcouffin.cat
2015-07-04 09:44 - 2015-07-04 09:44 - 0001167 _____ () C:\Users\Adrian\AppData\Roaming\pcouffin.inf
2015-07-04 09:44 - 2015-07-04 09:44 - 0000055 _____ () C:\Users\Adrian\AppData\Roaming\pcouffin.log
2015-07-04 09:44 - 2015-07-04 09:44 - 0082816 _____ (VSO Software) C:\Users\Adrian\AppData\Roaming\pcouffin.sys
2015-03-23 20:55 - 2015-03-23 21:09 - 0003072 _____ () C:\Users\Adrian\AppData\Local\file__0.localstorage
2015-06-08 21:06 - 2015-11-04 21:55 - 0007602 _____ () C:\Users\Adrian\AppData\Local\Resmon.ResmonCfg
2015-12-25 19:57 - 2015-12-25 19:57 - 0000268 ___RH () C:\ProgramData\Image Units
2015-12-25 19:57 - 2015-12-25 19:57 - 0000268 ___RH () C:\ProgramData\Importer
2015-12-25 19:57 - 2015-12-25 19:57 - 0000012 ___RH () C:\ProgramData\Keyboard Layouts
2015-12-25 19:57 - 2015-12-25 19:57 - 0000012 ___RH () C:\ProgramData\Legacy
2015-12-25 19:57 - 2015-12-25 19:57 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2015-12-25 19:57 - 2015-12-25 19:57 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
Some files in TEMP:
====================
2012-07-08 23:40 - 2012-07-08 23:40 - 1299920 _____ (Microsoft Corporation) C:\Users\ADMINI~1\AppData\Local\Temp\PresentationCore.dll
2012-07-08 23:40 - 2012-07-08 23:40 - 2040296 _____ (Microsoft Corporation) C:\Users\ADMINI~1\AppData\Local\Temp\PresentationFramework.dll
2012-07-08 23:40 - 2012-07-08 23:40 - 0232904 _____ (Microsoft Corporation) C:\Users\ADMINI~1\AppData\Local\Temp\ReachFramework.dll
2012-07-08 23:40 - 2012-07-08 23:40 - 0031200 _____ (Microsoft Corporation) C:\Users\ADMINI~1\AppData\Local\Temp\UIAutomationProvider.dll
2012-07-08 23:40 - 2012-07-08 23:40 - 0039376 _____ (Microsoft Corporation) C:\Users\ADMINI~1\AppData\Local\Temp\UIAutomationTypes.dll
2012-07-08 23:40 - 2012-07-08 23:40 - 0650168 _____ (Microsoft Corporation) C:\Users\ADMINI~1\AppData\Local\Temp\WindowsBase.dll
2012-07-08 23:40 - 2012-07-08 23:40 - 0035816 _____ (Microsoft Corporation) C:\Users\ADMINI~1\AppData\Local\Temp\WindowsFormsIntegration.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Norton Security Scan for Adrian.job => C:\PROGRA~2\NORTON~2\Engine\431~1.3\Nss.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Adrian\Desktop" je 246 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Ran by Adrian (administrator) on OCHMANEK (25-01-2017 20:27:17)
Running from C:\Users\Adrian\Desktop
Loaded Profiles: Adrian (Available Profiles: Adrian)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Tempo Semiconductor Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(forum.viry.cz) C:\Users\Adrian\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954880 2015-10-08] (Synaptics Incorporated)
HKLM\...\Run: [Connectify Hotspot] => C:\Program Files (x86)\Connectify\Connectify.exe [4131384 2016-12-14] (Connectify)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [383768 2002-04-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-20] (AVAST Software)
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-18] (Disc Soft Ltd)
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [437248 2014-09-12] (ZONER software)
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {53e73317-9eb5-11e6-82d6-645a04383e85} - "I:\autorun.exe"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {7431c52d-9546-11e6-82d6-2025647b6c58} - "H:\Setup.exe"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {a34909a7-aa4c-11e6-82d9-2025647b6c58} - "E:\.autorun\autorun.exe"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {eb54649e-839d-11e4-8265-645a04383e85} - "G:\WD SmartWare.exe" autoplay=true
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => No File
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-27] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aktualizace oznámení.lnk [2016-04-30]
ShortcutTarget: Aktualizace oznámení.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-04-30]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk [2016-12-17]
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk [2016-12-17]
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-04-30]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1
Tcpip\..\Interfaces\{68eb3ac8-98e7-4d02-a1e3-5115d466c3de}: [DhcpNameServer] 192.168.15.1
Internet Explorer:
==================
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3809139199-386801105-3546470006-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-05-13] (RealDownloader)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-05-13] (RealDownloader)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-21] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-21] (Oracle Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: idumb2aa.default
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default [2017-01-25]
FF NewTab: Mozilla\Firefox\Profiles\idumb2aa.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\idumb2aa.default -> Seznam
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\idumb2aa.default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\idumb2aa.default -> Seznam
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\idumb2aa.default -> Seznam
FF Homepage: Mozilla\Firefox\Profiles\idumb2aa.default -> hxxps://www.seznam.cz/?clid=22668
FF Keyword.URL: Mozilla\Firefox\Profiles\idumb2aa.default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Extension: (Firefox Hotfix) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-30]
FF Extension: (Adblock Plus) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF SearchPlugin: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\searchplugins\seznam-avast.xml [2016-10-19]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-27]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-27]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-17] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2016-11-19] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-06] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3809139199-386801105-3546470006-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-01-22] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-12] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default [2017-01-06]
CHR Extension: (Prezentace Google) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-06]
CHR Extension: (Dokumenty Google) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-06]
CHR Extension: (Disk Google) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-06]
CHR Extension: (YouTube) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-06]
CHR Extension: (Avast SafePrice) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-01-06]
CHR Extension: (Tabulky Google) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-06]
CHR Extension: (Avast Online Security) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-01-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-06]
CHR Extension: (Gmail) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-06]
CHR Extension: (Chrome Media Router) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-06]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-10-01] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-27] (AVAST Software)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [257592 2016-12-14] (Connectify)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2016-11-19] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [350224 2015-07-23] (Tempo Semiconductor Inc.)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-10-08] (Synaptics Incorporated)
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [118856 2015-12-01] (Toshiba Europe GmbH)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [908256 2016-07-14] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-07-14] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-07-14] (McAfee, Inc.)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [130048 2010-01-21] (WDC) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S2 WDSmartWareBackgroundService; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-08-27] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-08-27] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-08-27] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-08-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-27] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-18] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-28] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-08-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-14] (AVAST Software)
S2 athsgt; C:\WINDOWS\System32\DRIVERS\athsgt.sys [210944 2015-05-25] () [File not signed]
R1 cfywlan2; C:\WINDOWS\system32\DRIVERS\cfywlan2.sys [46088 2017-01-03] (Connectify)
R1 cnnctfy4; C:\WINDOWS\system32\DRIVERS\cnnctfy4.sys [53216 2017-01-03] (Connectify)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-10-24] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47160 2016-10-24] (Disc Soft Ltd)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2015-01-12] (Disc Soft Ltd)
S3 iComp; C:\WINDOWS\system32\DRIVERS\p2usbhum.sys [1712424 2012-11-30] (Conexant Systems Inc.)
S2 limsgt; C:\WINDOWS\System32\DRIVERS\limsgt.sys [22528 2015-05-25] () [File not signed]
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvtdwu.inf_amd64_b4dd93f8c89bf485\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-10-08] (Synaptics Incorporated)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [561680 2015-07-23] (Tempo Semiconductor Inc.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-25 20:27 - 2017-01-25 20:27 - 00026147 _____ C:\Users\Adrian\Desktop\FRST.txt
2017-01-25 20:26 - 2017-01-25 20:27 - 00000000 ____D C:\FRST
2017-01-25 20:26 - 2017-01-25 20:26 - 00112640 _____ (forum.viry.cz) C:\Users\Adrian\Desktop\FRSTLauncher.exe
2017-01-25 20:22 - 2017-01-25 20:23 - 02420736 _____ (Farbar) C:\Users\Adrian\Desktop\FRST64.exe
2017-01-24 22:53 - 2017-01-24 22:56 - 00000000 ____D C:\AdwCleaner
2017-01-24 22:52 - 2017-01-24 22:53 - 03988944 _____ C:\Users\Adrian\Desktop\adwcleaner_6.042.exe
2017-01-23 19:55 - 2017-01-23 19:55 - 00000000 ____D C:\rsit
2017-01-23 19:54 - 2017-01-23 19:55 - 01323520 _____ C:\Users\Adrian\Desktop\RSITx64.exe
2017-01-17 16:06 - 2015-07-28 21:22 - 00859416 _____ (TMRG, Inc.) C:\WINDOWS\system32\rlls64.dll
2017-01-16 23:26 - 2017-01-16 23:27 - 02490368 _____ C:\Users\Adrian\Documents\Database1.accdb
2017-01-16 23:26 - 2017-01-16 23:26 - 00960634 _____ C:\Users\Adrian\Documents\Marketingové proj.accdt
2017-01-16 20:11 - 2017-01-16 20:11 - 00001195 _____ C:\Users\Adrian\Desktop\Beneton Movie GIF.lnk
2017-01-16 20:11 - 2017-01-16 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Beneton Movie GIF
2017-01-16 20:11 - 2017-01-16 20:11 - 00000000 ____D C:\Program Files (x86)\Beneton Movie GIF
2017-01-13 20:39 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-13 20:39 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-13 20:39 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-13 20:39 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-13 20:39 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-13 20:39 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-13 20:39 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-13 20:39 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-13 20:39 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-13 20:39 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-13 20:39 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-13 20:39 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-13 20:39 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-13 20:39 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-13 20:39 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-13 20:39 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-13 20:39 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-13 20:39 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-13 20:39 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-13 20:39 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-13 20:39 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-13 20:39 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-13 20:39 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-13 20:39 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-13 20:39 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-13 20:38 - 2017-01-13 20:43 - 00000000 ____D C:\Users\Adrian\Documents\HOLBIÁDA
2017-01-13 20:38 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-13 20:38 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-13 20:38 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-13 20:38 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-13 20:38 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-13 20:38 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-13 20:38 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-13 20:38 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-13 20:38 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-13 20:38 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-13 20:38 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-13 20:38 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-13 20:38 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-13 20:38 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-13 20:38 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-13 20:38 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-13 20:38 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-13 20:38 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-13 20:38 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-13 20:38 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-13 20:38 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-13 20:38 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-13 20:38 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-13 20:38 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-13 20:38 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-13 20:38 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-13 20:38 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-13 20:38 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-13 20:38 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-13 20:38 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-13 20:38 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-13 20:38 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-13 20:38 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-13 20:38 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-13 20:38 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-13 20:38 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-13 20:38 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-13 20:38 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-13 20:38 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-13 20:38 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-13 20:38 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-13 20:38 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-13 20:38 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-13 20:38 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-13 20:38 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-13 20:38 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-13 20:38 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-13 20:38 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-13 20:38 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-13 20:38 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-13 20:38 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-13 20:38 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-13 20:38 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-13 20:38 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-13 20:38 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-13 20:38 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-13 20:38 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-13 20:38 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-13 20:38 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-13 20:38 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-13 20:38 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-13 20:38 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-13 20:38 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-13 20:38 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-13 20:38 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-13 20:38 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-13 20:38 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-13 20:38 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-13 20:38 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-13 20:38 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-13 20:38 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-13 20:38 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-13 20:38 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-13 20:38 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-13 20:38 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-13 20:38 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-13 20:38 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-13 20:38 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-13 20:38 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-13 20:38 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-13 20:38 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-13 20:38 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-13 20:38 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-13 20:38 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-13 20:38 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-13 20:38 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-13 20:38 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-13 20:38 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-13 20:38 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-13 20:38 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-13 20:38 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-13 20:38 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-13 20:38 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-13 20:38 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-13 20:38 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-13 20:38 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-13 20:38 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-13 20:38 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-13 20:38 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-13 20:38 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-13 20:38 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-13 20:38 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-13 20:38 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-13 20:38 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-13 20:38 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-13 20:38 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-13 20:38 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-13 20:38 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-13 20:38 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-13 20:38 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-13 20:38 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-13 20:38 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-13 20:38 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-13 20:38 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-13 20:38 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-13 20:38 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-13 20:38 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-13 20:38 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-13 20:38 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-13 20:38 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-13 20:37 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-13 20:37 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-13 20:37 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-13 20:37 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-13 20:37 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-13 20:37 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-13 20:37 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-13 20:37 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-13 20:37 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-13 20:37 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-13 20:37 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-13 20:37 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-13 20:37 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-13 20:37 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-13 20:37 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-13 20:37 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-13 20:37 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-13 20:37 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-13 20:37 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-13 20:37 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-13 20:37 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-06 19:31 - 2017-01-17 16:04 - 00002455 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-06 19:31 - 2017-01-06 19:31 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-06 19:30 - 2017-01-06 19:39 - 00003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-01-06 19:30 - 2017-01-06 19:39 - 00003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-01-04 18:48 - 2017-01-04 18:48 - 00002858 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-01-04 18:48 - 2017-01-04 18:48 - 00000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-01-04 18:48 - 2017-01-04 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-01-04 18:48 - 2017-01-04 18:48 - 00000000 ____D C:\Program Files\CCleaner
2017-01-03 18:39 - 2017-01-03 18:39 - 00053216 _____ (Connectify) C:\WINDOWS\system32\Drivers\cnnctfy4.sys
2017-01-03 18:39 - 2017-01-03 18:39 - 00046088 _____ (Connectify) C:\WINDOWS\system32\Drivers\cfywlan2.sys
2017-01-03 18:39 - 2017-01-03 18:39 - 00000451 _____ C:\Users\Public\Desktop\Connectify Hotspot 2016.lnk
2017-01-03 18:39 - 2017-01-03 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connectify 2016
2017-01-03 18:38 - 2017-01-04 18:52 - 00000000 ____D C:\Program Files (x86)\Connectify
2017-01-03 18:36 - 2017-01-03 18:44 - 00000000 ____D C:\ProgramData\Connectify
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-25 20:27 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-25 20:26 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-25 20:24 - 2014-12-14 20:22 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\uTorrent
2017-01-25 20:22 - 2016-09-18 17:02 - 00000000 ____D C:\Users\Adrian\Desktop\Dokumenty Office
2017-01-25 20:20 - 2016-11-20 22:35 - 00000000 ____D C:\Users\Adrian\AppData\LocalLow\Mozilla
2017-01-25 08:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-25 08:55 - 2016-07-27 13:45 - 00000000 __SHD C:\Users\Adrian\IntelGraphicsProfiles
2017-01-24 23:30 - 2016-10-05 03:16 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-24 23:07 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-24 22:58 - 2016-10-11 19:14 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-24 22:58 - 2016-10-05 04:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-24 22:56 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-01-23 19:55 - 2015-01-08 00:31 - 00000000 ____D C:\Program Files\trend micro
2017-01-23 18:31 - 2015-12-22 13:07 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-19 21:33 - 2016-10-17 22:45 - 00000348 _____ C:\Users\Adrian\Desktop\Jednotka CD-ROM – zástupce.lnk
2017-01-17 16:19 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-17 16:07 - 2015-04-13 19:00 - 00000000 ____D C:\Users\Adrian\AppData\Local\Adobe
2017-01-17 16:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-17 16:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-17 16:04 - 2016-04-27 07:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-17 15:54 - 2016-10-05 03:15 - 00486928 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-16 23:30 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-16 23:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-16 23:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-16 23:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-16 23:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-16 17:45 - 2014-12-10 22:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-16 17:35 - 2014-12-10 22:26 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-16 17:27 - 2013-08-22 14:25 - 00000199 _____ C:\WINDOWS\win.ini
2017-01-15 13:53 - 2016-07-16 23:25 - 00476492 _____ C:\WINDOWS\system32\perfh005.dat
2017-01-15 13:53 - 2016-07-16 23:25 - 00091454 _____ C:\WINDOWS\system32\perfc005.dat
2017-01-15 13:53 - 2016-04-27 07:54 - 01499628 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-15 10:51 - 2015-01-07 21:24 - 00000168 _____ C:\Users\Adrian\AppData\default.pls
2017-01-15 09:17 - 2015-07-04 11:58 - 00000000 ____D C:\Users\Adrian\Documents\ConvertXtoDVD
2017-01-15 09:16 - 2015-07-04 09:44 - 00000000 ____D C:\ProgramData\VSO
2017-01-15 09:08 - 2014-12-14 20:46 - 00000000 ____D C:\Users\Adrian\Documents\Torrent
2017-01-13 17:35 - 2016-10-05 04:02 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-07 20:48 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-06 19:41 - 2015-04-13 19:01 - 00000000 ____D C:\Users\Adrian\AppData\Local\Google
2017-01-06 19:35 - 2014-12-10 17:47 - 00000000 ____D C:\Users\Adrian\AppData\Local\Packages
2017-01-06 19:31 - 2015-04-13 19:01 - 00000000 ____D C:\Program Files (x86)\Google
2017-01-04 21:52 - 2014-12-28 00:03 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\MPC-HC
2017-01-04 18:52 - 2016-06-06 19:08 - 00000000 ____D C:\Program Files\PDFCreator
2017-01-04 17:54 - 2016-05-10 14:26 - 00000000 ____D C:\Users\Adrian\Documents\všehochuť
2017-01-03 23:25 - 2016-10-05 03:28 - 00000000 ____D C:\Users\Adrian
2017-01-03 23:23 - 2015-08-18 14:27 - 00000000 ____D C:\Program Files (x86)\HappyFoto-Designer
2017-01-03 19:16 - 2016-10-05 03:22 - 00000000 ____D C:\Program Files\IDT
2017-01-03 18:12 - 2016-10-24 19:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-03 18:12 - 2015-01-08 01:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-01 11:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-01-01 11:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-01-01 11:37 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-01-01 11:37 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-01-01 11:37 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-01-01 11:37 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
==================== Files in the root of some directories =======
2015-12-25 19:57 - 2015-12-25 19:57 - 0000268 ___RH () C:\Users\Adrian\AppData\Roaming\Hybrid Synthesizers
2015-12-25 19:57 - 2015-12-25 19:57 - 0000268 ___RH () C:\Users\Adrian\AppData\Roaming\Image Capture
2015-07-04 09:44 - 2015-07-04 09:44 - 0099384 _____ () C:\Users\Adrian\AppData\Roaming\inst.exe
2015-07-04 09:44 - 2015-07-04 09:44 - 0007859 _____ () C:\Users\Adrian\AppData\Roaming\pcouffin.cat
2015-07-04 09:44 - 2015-07-04 09:44 - 0001167 _____ () C:\Users\Adrian\AppData\Roaming\pcouffin.inf
2015-07-04 09:44 - 2015-07-04 09:44 - 0000055 _____ () C:\Users\Adrian\AppData\Roaming\pcouffin.log
2015-07-04 09:44 - 2015-07-04 09:44 - 0082816 _____ (VSO Software) C:\Users\Adrian\AppData\Roaming\pcouffin.sys
2015-03-23 20:55 - 2015-03-23 21:09 - 0003072 _____ () C:\Users\Adrian\AppData\Local\file__0.localstorage
2015-06-08 21:06 - 2015-11-04 21:55 - 0007602 _____ () C:\Users\Adrian\AppData\Local\Resmon.ResmonCfg
2015-12-25 19:57 - 2015-12-25 19:57 - 0000268 ___RH () C:\ProgramData\Image Units
2015-12-25 19:57 - 2015-12-25 19:57 - 0000268 ___RH () C:\ProgramData\Importer
2015-12-25 19:57 - 2015-12-25 19:57 - 0000012 ___RH () C:\ProgramData\Keyboard Layouts
2015-12-25 19:57 - 2015-12-25 19:57 - 0000012 ___RH () C:\ProgramData\Legacy
2015-12-25 19:57 - 2015-12-25 19:57 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2015-12-25 19:57 - 2015-12-25 19:57 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
Some files in TEMP:
====================
2012-07-08 23:40 - 2012-07-08 23:40 - 1299920 _____ (Microsoft Corporation) C:\Users\ADMINI~1\AppData\Local\Temp\PresentationCore.dll
2012-07-08 23:40 - 2012-07-08 23:40 - 2040296 _____ (Microsoft Corporation) C:\Users\ADMINI~1\AppData\Local\Temp\PresentationFramework.dll
2012-07-08 23:40 - 2012-07-08 23:40 - 0232904 _____ (Microsoft Corporation) C:\Users\ADMINI~1\AppData\Local\Temp\ReachFramework.dll
2012-07-08 23:40 - 2012-07-08 23:40 - 0031200 _____ (Microsoft Corporation) C:\Users\ADMINI~1\AppData\Local\Temp\UIAutomationProvider.dll
2012-07-08 23:40 - 2012-07-08 23:40 - 0039376 _____ (Microsoft Corporation) C:\Users\ADMINI~1\AppData\Local\Temp\UIAutomationTypes.dll
2012-07-08 23:40 - 2012-07-08 23:40 - 0650168 _____ (Microsoft Corporation) C:\Users\ADMINI~1\AppData\Local\Temp\WindowsBase.dll
2012-07-08 23:40 - 2012-07-08 23:40 - 0035816 _____ (Microsoft Corporation) C:\Users\ADMINI~1\AppData\Local\Temp\WindowsFormsIntegration.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Norton Security Scan for Adrian.job => C:\PROGRA~2\NORTON~2\Engine\431~1.3\Nss.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Adrian\Desktop" je 246 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Re: Moc prosím o preventivku
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-01-2017 01
Ran by Adrian (25-01-2017 20:30:07)
Running from C:\Users\Adrian\Desktop
Windows 10 Home Version 1607 (X64) (2016-10-05 03:07:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3809139199-386801105-3546470006-500 - Administrator - Disabled)
Adrian (S-1-5-21-3809139199-386801105-3546470006-1002 - Administrator - Enabled) => C:\Users\Adrian
DefaultAccount (S-1-5-21-3809139199-386801105-3546470006-503 - Limited - Disabled)
Guest (S-1-5-21-3809139199-386801105-3546470006-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.11.3.5 (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.8.1245.73583 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 4.8.1245.73583 - Alcor Micro Corp.) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Balíček ovladače systému Windows - TERRATEC (iComp) Media (05/12/2009 6.270.13.01) (HKLM\...\5A793AA8B7416EC143168BB99EFA1521069CF616) (Version: 05/12/2009 6.270.13.01 - TERRATEC )
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Beneton Movie GIF 1.1.2 (HKLM-x32\...\Beneton Movie GIF_is1) (Version: - Beneton Software)
Capture NX-D (HKLM\...\{794529D3-D489-4CF2-B2ED-CF241809E5EC}) (Version: 1.3.0 - Nikon Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Connectify 2016 (HKLM\...\Connectify) (Version: 2016.0.12.37996 - Connectify)
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0112 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
DVDFab 9.1.7.1 (17/10/2014) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH)
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Garmin City Navigator Europe NTU 2016.30 (HKLM-x32\...\{5E97BCC6-2F84-4966-9BC4-6CD97D6D3DC2}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)
HappyFoto-Designer 5.4 (HKLM-x32\...\HappyFoto-Designer_is1) (Version: - )
Hydrogen 0.9.6 preview release for windows (HKLM-x32\...\{B24839E5-A70C-48AD-B4D9-B9FB46B4B038}_is1) (Version: - hydrogen-music.org)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
ICP 9.0 (HKLM\...\ICP install2_is1) (Version: - )
IDT Audio Driver (HKLM\...\{588A747E-CFF6-46B3-9207-CD754F9473AF}) (Version: 6.10.6491.0 - IDT)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.4.129.1 - Intel Security)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
JamManagerXT version 2.0 (HKLM-x32\...\{777248DB-00AD-4567-9382-E991118BC6CC}_is1) (Version: 2.0 - Harman International, Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
K-Lite Codec Pack 10.8.5 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.8.5 - )
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
MAGIX Burn routines (HKLM\...\{712D74A5-4C3D-41E6-A850-1696E54B28CD}) (Version: 11.0.0.237 - MAGIX AG)
MAGIX Video easy TERRATEC Edition (HKLM-x32\...\MAGIX_{2FA06473-23F0-4372-8DD5-1EAE42503D93}) (Version: 3.0.1.50 - MAGIX AG)
MAGIX Video easy TERRATEC Edition (Version: 3.0.1.50 - MAGIX AG) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 cs)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MPEG Video Wizard DVD 5.0.1.104 (12/2011) (HKLM-x32\...\{9FD45917-95E6-449D-ACC9-01E634A34CBD}_is1) (Version: 5.0.1.104 - Womble Multimedia, Inc.)
MPEG Video Wizard DVD 5.0.1.104 (12/2011) (HKLM-x32\...\Mpeg Video Wizard DVD 5.0) (Version: 5.0.1.104 (12/2011) - Womble Multimedia, Inc.)
MS Video Player Components (HKLM-x32\...\MS Video Player Components) (Version: 4.50.x - HES Hermanns EDV-Service)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Native Instruments Traktor DJ Mixer v1.0 (HKLM-x32\...\Native Instruments Traktor DJ Mixer v1.0) (Version: - )
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version: - )
Nero 7 Premium (HKLM-x32\...\{4F2CE68F-EDBB-4592-BF07-5AC930A51029}) (Version: 7.02.6446 - Nero AG)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (x32 Version: 3.8.54.0 - Nokia) Hidden
NVIDIA Ovladače grafiky 368.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.22 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 369.09 (Version: 369.09 - NVIDIA Corporation) Hidden
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
Picture Control Utility 2 (HKLM\...\{D4893C47-704F-4B84-8486-9DE4974ACA6F}) (Version: 2.1.1 - Nikon Corporation)
Pinnacle Studio 14 (HKLM-x32\...\{AADD1C8F-D59F-4D55-A726-768C71A205A8}) (Version: 14.0.0.7255 - Pinnacle Systems)
Pinnacle Studio Ultimate Collection Plugins (HKLM-x32\...\{F5C372A1-40F3-49DA-A049-F75CDE9177DC}) (Version: 14.0.0.7255 - Pinnacle Systems)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pomocník při upgradu na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version: - Photodex Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
RadioSure (HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\RadioSure) (Version: - )
RealDownloader (x32 Version: 18.1.4.137 - RealNetworks, Inc.) Hidden
Red Giant ToonIt Studio (HKLM-x32\...\Red Giant ToonIt Studio) (Version: - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Sid Meier's Civilization IV Colonization (HKLM-x32\...\{EF36A836-BF89-4A4F-B079-057B0C68C1E0}) (Version: 1.00 - Firaxis Games)
simplitec simplicheck (HKLM-x32\...\{1F52F36E-895D-4E01-B4D4-E23C4FA4193B}) (Version: 1.3.10.0 - simplitec GmbH)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.3 - Synaptics Incorporated)
TERRATEC Grabster AV 400 MX (64 Bit) (HKLM-x32\...\{0FB1F701-BA4B-403B-84DB-FB56D4EF5BC2}) (Version: 6.27.013.01 - Your Company Name)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
TOSHIBA Addendum (HKLM-x32\...\{C1569944-FAD6-4B3B-85E5-C213C2FF8EFC}) (Version: 1.00 - TOSHIBA)
TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.08.6402 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{5F6AC07E-50EF-422E-B56E-6521E5B35139}) (Version: 1.1.12.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.346 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{B507386D-1F61-4E55-B05B-F56ACB0086B3}) (Version: 4.02.00.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.00.6403 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.9.2 - Toshiba Europe GmbH)
Trapcode Particular Studio (HKLM-x32\...\Trapcode Particular Studio) (Version: - )
Trapcode Shine Studio (HKLM-x32\...\Trapcode Shine Studio) (Version: - )
Unity Web Player (HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\UnityWebPlayer) (Version: 5.3.2f1 - Unity Technologies ApS)
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{801D5242-0189-4C99-977B-0C77DBD1F046}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{801D5242-0189-4C99-977B-0C77DBD1F046}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
ViewNX-i (HKLM\...\{C67A5551-26C1-4C7B-A9DF-AD148549D482}) (Version: 1.1.0 - Nikon Corporation)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.3.0.3 - VSO Software)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WD SmartWare (HKLM\...\{604CB4FC-3D32-405F-A109-165F170529B6}) (Version: 1.2.0.20 - Western Digital)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
Windows Driver Package - Digitech (usbser) Ports (04/24/2009 1.1.2600.0) (HKLM\...\9A5D99BED6F7F105B74795DCF16F3088223BEFBB) (Version: 04/24/2009 1.1.2600.0 - Digitech)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. )
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3809139199-386801105-3546470006-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04CA9461-6388-43F0-B5E0-2EC36B2E9277} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3809139199-386801105-3546470006-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {0829AE8E-F733-430D-B2E3-847AF3A35457} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3809139199-386801105-3546470006-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2016-05-13] (RealNetworks, Inc.)
Task: {16E729DC-E645-449A-A38F-CF89D1A95DCB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {1B5CC94F-674C-4D38-8F3B-436FF008C758} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2013-11-08] (TOSHIBA Corporation)
Task: {1BE2AB1A-F9E9-4744-8481-45E4BEDF2B16} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {2F36A096-3EDB-4A3E-B867-3FB88701E187} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {2FEF7E91-B824-43DF-B75E-906A1F440017} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3809139199-386801105-3546470006-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {300EF26B-908F-4882-AC68-4FC52940CE98} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-06] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3590303C-8B79-45B5-99C3-93EFC06D3E53} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {365171BA-B62C-4229-B6B2-AFE6FBCB82AF} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-17] (Adobe Systems Incorporated)
Task: {38010E29-D163-46B1-9AB3-80ECC2182F28} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe
Task: {3D196C61-22EE-4345-8B2E-B6ADACB6AB77} - System32\Tasks\{8158CAA7-95C9-40B5-9406-F1C8E6C6635D} => pcalua.exe -a "C:\Users\Adrian\Documents\Torrent\Guitar Pro 5.2 (with complete RSE packs)\RSE_BASSES.exe" -d "C:\Users\Adrian\Documents\Torrent\Guitar Pro 5.2 (with complete RSE packs)"
Task: {4273B9F3-99D3-47EE-B53F-2708E70A5A5C} - System32\Tasks\{A3512072-3EEB-4167-A9AD-1360A3259C53} => pcalua.exe -a "C:\Users\Adrian\Documents\Torrent\DVD Shrink 3,2 + CZ\DVDShrink32015.exe" -d "C:\Users\Adrian\Documents\Torrent\DVD Shrink 3,2 + CZ"
Task: {462CEE72-94B1-4AE3-ACAB-023E52148CAD} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {48813874-E4D4-4F1F-BB7A-EB7A455ABD7F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {4C7CD218-FCE3-4D27-9DE5-9B380C3D0459} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4F088631-4922-43E0-A0B0-A4FB2BC918F2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {545228FE-9DA7-4146-97CF-B2271F108E08} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {5BFDDEFC-BD85-4AD9-9CAA-1822BAF18475} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {5C6BFD7C-9657-4DE3-9130-CC7AE578DBA5} - System32\Tasks\{5C80C53B-17E5-411D-A22C-873754AE0D62} => pcalua.exe -a "C:\Program Files\Kobra 11 Nitro\C11_PC.exe" -d "C:\Program Files\Kobra 11 Nitro"
Task: {690D769E-589B-4363-B32D-F75103B7BCC1} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {6F76B7A8-8A90-4C90-8ECF-21D7DD027D54} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7119D0D4-39D5-4F0F-8C73-736BCDC146A5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {728E8CEC-2F7F-4C67-AAEF-6C2738CA0B18} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {832278B3-100D-491F-8132-B8FEC0A52D3B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {85F8A86C-491E-4D99-93E1-38D4D16E7A4B} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {88633597-7888-4220-97D6-67CE4B1BDD20} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {89E3BE63-D49F-443E-BD89-371B1105CDB8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-01-16] (Microsoft Corporation)
Task: {8D6F40F6-4BF5-4892-90D2-32C1F0FC8E4B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {952CDA20-00A6-4670-866D-693A8AA57925} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {9BAAAFC9-BC02-4AE2-830E-C44DD8AF2F10} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {9DB2278A-0050-449B-B4A4-5CE6ABC3D8C2} - System32\Tasks\Norton Security Scan for Adrian => C:\PROGRA~2\NORTON~2\Engine\431~1.3\Nss.exe
Task: {AEC9C407-CE6B-4E5B-A898-54A8D63D7F99} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {AF7971B4-8C0B-49B2-938B-B9B0D49738AC} - \avastBCLRestartS-1-5-21-3809139199-386801105-3546470006-1002 -> No File <==== ATTENTION
Task: {B04995A1-AE1F-4E29-A699-795CAF0E8F1C} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {B98222AB-E071-4ABC-A0F4-DFFF4D22A7AF} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2016-05-18] (McAfee, Inc.)
Task: {BB7DD9A9-2995-47D1-BE68-CED482D7C2D4} - System32\Tasks\SafeZone scheduled Autoupdate 1470022667 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {BD5C89BF-7CE7-49EF-9A96-460681A85CEF} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-11-14] ()
Task: {C0A4E158-2B28-4814-923C-D7CB4B1C48E1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-08-27] (AVAST Software)
Task: {C7827A64-57E8-4438-9B86-983F29B9E5FA} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-10-08] (Synaptics Incorporated)
Task: {D296287A-3055-4233-99F2-FED67C288FF7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {D831488A-92B6-49E4-B3CD-14443B685B14} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2015-12-01] (Toshiba Europe GmbH)
Task: {EF0EBB65-FB72-4748-B58F-D6D2189B5D44} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {F4205FD0-CE1F-4E14-A682-46200E70D573} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {F81718BB-2561-41B6-A844-EA71E5083EE2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-06] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Norton Security Scan for Adrian.job => C:\PROGRA~2\NORTON~2\Engine\431~1.3\Nss.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Ran by Adrian (25-01-2017 20:30:07)
Running from C:\Users\Adrian\Desktop
Windows 10 Home Version 1607 (X64) (2016-10-05 03:07:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3809139199-386801105-3546470006-500 - Administrator - Disabled)
Adrian (S-1-5-21-3809139199-386801105-3546470006-1002 - Administrator - Enabled) => C:\Users\Adrian
DefaultAccount (S-1-5-21-3809139199-386801105-3546470006-503 - Limited - Disabled)
Guest (S-1-5-21-3809139199-386801105-3546470006-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.11.3.5 (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.8.1245.73583 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 4.8.1245.73583 - Alcor Micro Corp.) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Balíček ovladače systému Windows - TERRATEC (iComp) Media (05/12/2009 6.270.13.01) (HKLM\...\5A793AA8B7416EC143168BB99EFA1521069CF616) (Version: 05/12/2009 6.270.13.01 - TERRATEC )
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Beneton Movie GIF 1.1.2 (HKLM-x32\...\Beneton Movie GIF_is1) (Version: - Beneton Software)
Capture NX-D (HKLM\...\{794529D3-D489-4CF2-B2ED-CF241809E5EC}) (Version: 1.3.0 - Nikon Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Connectify 2016 (HKLM\...\Connectify) (Version: 2016.0.12.37996 - Connectify)
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0112 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
DVDFab 9.1.7.1 (17/10/2014) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH)
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Garmin City Navigator Europe NTU 2016.30 (HKLM-x32\...\{5E97BCC6-2F84-4966-9BC4-6CD97D6D3DC2}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)
HappyFoto-Designer 5.4 (HKLM-x32\...\HappyFoto-Designer_is1) (Version: - )
Hydrogen 0.9.6 preview release for windows (HKLM-x32\...\{B24839E5-A70C-48AD-B4D9-B9FB46B4B038}_is1) (Version: - hydrogen-music.org)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
ICP 9.0 (HKLM\...\ICP install2_is1) (Version: - )
IDT Audio Driver (HKLM\...\{588A747E-CFF6-46B3-9207-CD754F9473AF}) (Version: 6.10.6491.0 - IDT)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.4.129.1 - Intel Security)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
JamManagerXT version 2.0 (HKLM-x32\...\{777248DB-00AD-4567-9382-E991118BC6CC}_is1) (Version: 2.0 - Harman International, Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
K-Lite Codec Pack 10.8.5 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.8.5 - )
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
MAGIX Burn routines (HKLM\...\{712D74A5-4C3D-41E6-A850-1696E54B28CD}) (Version: 11.0.0.237 - MAGIX AG)
MAGIX Video easy TERRATEC Edition (HKLM-x32\...\MAGIX_{2FA06473-23F0-4372-8DD5-1EAE42503D93}) (Version: 3.0.1.50 - MAGIX AG)
MAGIX Video easy TERRATEC Edition (Version: 3.0.1.50 - MAGIX AG) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 cs)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MPEG Video Wizard DVD 5.0.1.104 (12/2011) (HKLM-x32\...\{9FD45917-95E6-449D-ACC9-01E634A34CBD}_is1) (Version: 5.0.1.104 - Womble Multimedia, Inc.)
MPEG Video Wizard DVD 5.0.1.104 (12/2011) (HKLM-x32\...\Mpeg Video Wizard DVD 5.0) (Version: 5.0.1.104 (12/2011) - Womble Multimedia, Inc.)
MS Video Player Components (HKLM-x32\...\MS Video Player Components) (Version: 4.50.x - HES Hermanns EDV-Service)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Native Instruments Traktor DJ Mixer v1.0 (HKLM-x32\...\Native Instruments Traktor DJ Mixer v1.0) (Version: - )
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version: - )
Nero 7 Premium (HKLM-x32\...\{4F2CE68F-EDBB-4592-BF07-5AC930A51029}) (Version: 7.02.6446 - Nero AG)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (x32 Version: 3.8.54.0 - Nokia) Hidden
NVIDIA Ovladače grafiky 368.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.22 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 369.09 (Version: 369.09 - NVIDIA Corporation) Hidden
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
Picture Control Utility 2 (HKLM\...\{D4893C47-704F-4B84-8486-9DE4974ACA6F}) (Version: 2.1.1 - Nikon Corporation)
Pinnacle Studio 14 (HKLM-x32\...\{AADD1C8F-D59F-4D55-A726-768C71A205A8}) (Version: 14.0.0.7255 - Pinnacle Systems)
Pinnacle Studio Ultimate Collection Plugins (HKLM-x32\...\{F5C372A1-40F3-49DA-A049-F75CDE9177DC}) (Version: 14.0.0.7255 - Pinnacle Systems)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pomocník při upgradu na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version: - Photodex Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
RadioSure (HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\RadioSure) (Version: - )
RealDownloader (x32 Version: 18.1.4.137 - RealNetworks, Inc.) Hidden
Red Giant ToonIt Studio (HKLM-x32\...\Red Giant ToonIt Studio) (Version: - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Sid Meier's Civilization IV Colonization (HKLM-x32\...\{EF36A836-BF89-4A4F-B079-057B0C68C1E0}) (Version: 1.00 - Firaxis Games)
simplitec simplicheck (HKLM-x32\...\{1F52F36E-895D-4E01-B4D4-E23C4FA4193B}) (Version: 1.3.10.0 - simplitec GmbH)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.3 - Synaptics Incorporated)
TERRATEC Grabster AV 400 MX (64 Bit) (HKLM-x32\...\{0FB1F701-BA4B-403B-84DB-FB56D4EF5BC2}) (Version: 6.27.013.01 - Your Company Name)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
TOSHIBA Addendum (HKLM-x32\...\{C1569944-FAD6-4B3B-85E5-C213C2FF8EFC}) (Version: 1.00 - TOSHIBA)
TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.08.6402 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{5F6AC07E-50EF-422E-B56E-6521E5B35139}) (Version: 1.1.12.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.346 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{B507386D-1F61-4E55-B05B-F56ACB0086B3}) (Version: 4.02.00.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.00.6403 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.9.2 - Toshiba Europe GmbH)
Trapcode Particular Studio (HKLM-x32\...\Trapcode Particular Studio) (Version: - )
Trapcode Shine Studio (HKLM-x32\...\Trapcode Shine Studio) (Version: - )
Unity Web Player (HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\UnityWebPlayer) (Version: 5.3.2f1 - Unity Technologies ApS)
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{801D5242-0189-4C99-977B-0C77DBD1F046}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{801D5242-0189-4C99-977B-0C77DBD1F046}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
ViewNX-i (HKLM\...\{C67A5551-26C1-4C7B-A9DF-AD148549D482}) (Version: 1.1.0 - Nikon Corporation)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.3.0.3 - VSO Software)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WD SmartWare (HKLM\...\{604CB4FC-3D32-405F-A109-165F170529B6}) (Version: 1.2.0.20 - Western Digital)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
Windows Driver Package - Digitech (usbser) Ports (04/24/2009 1.1.2600.0) (HKLM\...\9A5D99BED6F7F105B74795DCF16F3088223BEFBB) (Version: 04/24/2009 1.1.2600.0 - Digitech)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. )
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3809139199-386801105-3546470006-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04CA9461-6388-43F0-B5E0-2EC36B2E9277} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3809139199-386801105-3546470006-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {0829AE8E-F733-430D-B2E3-847AF3A35457} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3809139199-386801105-3546470006-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2016-05-13] (RealNetworks, Inc.)
Task: {16E729DC-E645-449A-A38F-CF89D1A95DCB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {1B5CC94F-674C-4D38-8F3B-436FF008C758} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2013-11-08] (TOSHIBA Corporation)
Task: {1BE2AB1A-F9E9-4744-8481-45E4BEDF2B16} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {2F36A096-3EDB-4A3E-B867-3FB88701E187} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {2FEF7E91-B824-43DF-B75E-906A1F440017} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3809139199-386801105-3546470006-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {300EF26B-908F-4882-AC68-4FC52940CE98} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-06] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3590303C-8B79-45B5-99C3-93EFC06D3E53} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {365171BA-B62C-4229-B6B2-AFE6FBCB82AF} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-17] (Adobe Systems Incorporated)
Task: {38010E29-D163-46B1-9AB3-80ECC2182F28} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe
Task: {3D196C61-22EE-4345-8B2E-B6ADACB6AB77} - System32\Tasks\{8158CAA7-95C9-40B5-9406-F1C8E6C6635D} => pcalua.exe -a "C:\Users\Adrian\Documents\Torrent\Guitar Pro 5.2 (with complete RSE packs)\RSE_BASSES.exe" -d "C:\Users\Adrian\Documents\Torrent\Guitar Pro 5.2 (with complete RSE packs)"
Task: {4273B9F3-99D3-47EE-B53F-2708E70A5A5C} - System32\Tasks\{A3512072-3EEB-4167-A9AD-1360A3259C53} => pcalua.exe -a "C:\Users\Adrian\Documents\Torrent\DVD Shrink 3,2 + CZ\DVDShrink32015.exe" -d "C:\Users\Adrian\Documents\Torrent\DVD Shrink 3,2 + CZ"
Task: {462CEE72-94B1-4AE3-ACAB-023E52148CAD} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {48813874-E4D4-4F1F-BB7A-EB7A455ABD7F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {4C7CD218-FCE3-4D27-9DE5-9B380C3D0459} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4F088631-4922-43E0-A0B0-A4FB2BC918F2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {545228FE-9DA7-4146-97CF-B2271F108E08} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {5BFDDEFC-BD85-4AD9-9CAA-1822BAF18475} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {5C6BFD7C-9657-4DE3-9130-CC7AE578DBA5} - System32\Tasks\{5C80C53B-17E5-411D-A22C-873754AE0D62} => pcalua.exe -a "C:\Program Files\Kobra 11 Nitro\C11_PC.exe" -d "C:\Program Files\Kobra 11 Nitro"
Task: {690D769E-589B-4363-B32D-F75103B7BCC1} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {6F76B7A8-8A90-4C90-8ECF-21D7DD027D54} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7119D0D4-39D5-4F0F-8C73-736BCDC146A5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {728E8CEC-2F7F-4C67-AAEF-6C2738CA0B18} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {832278B3-100D-491F-8132-B8FEC0A52D3B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {85F8A86C-491E-4D99-93E1-38D4D16E7A4B} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {88633597-7888-4220-97D6-67CE4B1BDD20} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {89E3BE63-D49F-443E-BD89-371B1105CDB8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-01-16] (Microsoft Corporation)
Task: {8D6F40F6-4BF5-4892-90D2-32C1F0FC8E4B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {952CDA20-00A6-4670-866D-693A8AA57925} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {9BAAAFC9-BC02-4AE2-830E-C44DD8AF2F10} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {9DB2278A-0050-449B-B4A4-5CE6ABC3D8C2} - System32\Tasks\Norton Security Scan for Adrian => C:\PROGRA~2\NORTON~2\Engine\431~1.3\Nss.exe
Task: {AEC9C407-CE6B-4E5B-A898-54A8D63D7F99} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {AF7971B4-8C0B-49B2-938B-B9B0D49738AC} - \avastBCLRestartS-1-5-21-3809139199-386801105-3546470006-1002 -> No File <==== ATTENTION
Task: {B04995A1-AE1F-4E29-A699-795CAF0E8F1C} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {B98222AB-E071-4ABC-A0F4-DFFF4D22A7AF} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2016-05-18] (McAfee, Inc.)
Task: {BB7DD9A9-2995-47D1-BE68-CED482D7C2D4} - System32\Tasks\SafeZone scheduled Autoupdate 1470022667 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {BD5C89BF-7CE7-49EF-9A96-460681A85CEF} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-11-14] ()
Task: {C0A4E158-2B28-4814-923C-D7CB4B1C48E1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-08-27] (AVAST Software)
Task: {C7827A64-57E8-4438-9B86-983F29B9E5FA} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-10-08] (Synaptics Incorporated)
Task: {D296287A-3055-4233-99F2-FED67C288FF7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {D831488A-92B6-49E4-B3CD-14443B685B14} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2015-12-01] (Toshiba Europe GmbH)
Task: {EF0EBB65-FB72-4748-B58F-D6D2189B5D44} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {F4205FD0-CE1F-4E14-A682-46200E70D573} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {F81718BB-2561-41B6-A844-EA71E5083EE2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-06] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Norton Security Scan for Adrian.job => C:\PROGRA~2\NORTON~2\Engine\431~1.3\Nss.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Moc prosím o preventivku
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
Task: {16E729DC-E645-449A-A38F-CF89D1A95DCB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {2F36A096-3EDB-4A3E-B867-3FB88701E187} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {3D196C61-22EE-4345-8B2E-B6ADACB6AB77} - System32\Tasks\{8158CAA7-95C9-40B5-9406-F1C8E6C6635D} => pcalua.exe -a "C:\Users\Adrian\Documents\Torrent\Guitar Pro 5.2 (with complete RSE packs)\RSE_BASSES.exe" -d "C:\Users\Adrian\Documents\Torrent\Guitar Pro 5.2 (with complete RSE packs)"
Task: {4273B9F3-99D3-47EE-B53F-2708E70A5A5C} - System32\Tasks\{A3512072-3EEB-4167-A9AD-1360A3259C53} => pcalua.exe -a "C:\Users\Adrian\Documents\Torrent\DVD Shrink 3,2 + CZ\DVDShrink32015.exe" -d "C:\Users\Adrian\Documents\Torrent\DVD Shrink 3,2 + CZ"
Task: {48813874-E4D4-4F1F-BB7A-EB7A455ABD7F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {4C7CD218-FCE3-4D27-9DE5-9B380C3D0459} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4F088631-4922-43E0-A0B0-A4FB2BC918F2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {545228FE-9DA7-4146-97CF-B2271F108E08} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {6F76B7A8-8A90-4C90-8ECF-21D7DD027D54} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7119D0D4-39D5-4F0F-8C73-736BCDC146A5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {728E8CEC-2F7F-4C67-AAEF-6C2738CA0B18} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {85F8A86C-491E-4D99-93E1-38D4D16E7A4B} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {88633597-7888-4220-97D6-67CE4B1BDD20} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {8D6F40F6-4BF5-4892-90D2-32C1F0FC8E4B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {952CDA20-00A6-4670-866D-693A8AA57925} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {9BAAAFC9-BC02-4AE2-830E-C44DD8AF2F10} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
C:\Windows\AutoKMS.exe
Task: {AEC9C407-CE6B-4E5B-A898-54A8D63D7F99} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {AF7971B4-8C0B-49B2-938B-B9B0D49738AC} - \avastBCLRestartS-1-5-21-3809139199-386801105-3546470006-1002 -> No File <==== ATTENTION
Task: {B04995A1-AE1F-4E29-A699-795CAF0E8F1C} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {D296287A-3055-4233-99F2-FED67C288FF7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {EF0EBB65-FB72-4748-B58F-D6D2189B5D44} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {53e73317-9eb5-11e6-82d6-645a04383e85} - "I:\autorun.exe"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {7431c52d-9546-11e6-82d6-2025647b6c58} - "H:\Setup.exe"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {a34909a7-aa4c-11e6-82d9-2025647b6c58} - "E:\.autorun\autorun.exe"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {eb54649e-839d-11e4-8265-645a04383e85} - "G:\WD SmartWare.exe" autoplay=true
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Users\ADMINI~1\AppData\Local\Temp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Moc prosím o preventivku
Fix result of Farbar Recovery Scan Tool (x64) Version: 25-01-2017 01
Ran by Adrian (25-01-2017 21:44:42) Run:1
Running from C:\Users\Adrian\Desktop
Loaded Profiles: Adrian (Available Profiles: Adrian)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
Task: {16E729DC-E645-449A-A38F-CF89D1A95DCB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {2F36A096-3EDB-4A3E-B867-3FB88701E187} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {3D196C61-22EE-4345-8B2E-B6ADACB6AB77} - System32\Tasks\{8158CAA7-95C9-40B5-9406-F1C8E6C6635D} => pcalua.exe -a "C:\Users\Adrian\Documents\Torrent\Guitar Pro 5.2 (with complete RSE packs)\RSE_BASSES.exe" -d "C:\Users\Adrian\Documents\Torrent\Guitar Pro 5.2 (with complete RSE packs)"
Task: {4273B9F3-99D3-47EE-B53F-2708E70A5A5C} - System32\Tasks\{A3512072-3EEB-4167-A9AD-1360A3259C53} => pcalua.exe -a "C:\Users\Adrian\Documents\Torrent\DVD Shrink 3,2 + CZ\DVDShrink32015.exe" -d "C:\Users\Adrian\Documents\Torrent\DVD Shrink 3,2 + CZ"
Task: {48813874-E4D4-4F1F-BB7A-EB7A455ABD7F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {4C7CD218-FCE3-4D27-9DE5-9B380C3D0459} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4F088631-4922-43E0-A0B0-A4FB2BC918F2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {545228FE-9DA7-4146-97CF-B2271F108E08} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {6F76B7A8-8A90-4C90-8ECF-21D7DD027D54} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7119D0D4-39D5-4F0F-8C73-736BCDC146A5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {728E8CEC-2F7F-4C67-AAEF-6C2738CA0B18} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {85F8A86C-491E-4D99-93E1-38D4D16E7A4B} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {88633597-7888-4220-97D6-67CE4B1BDD20} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {8D6F40F6-4BF5-4892-90D2-32C1F0FC8E4B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {952CDA20-00A6-4670-866D-693A8AA57925} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {9BAAAFC9-BC02-4AE2-830E-C44DD8AF2F10} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
C:\Windows\AutoKMS.exe
Task: {AEC9C407-CE6B-4E5B-A898-54A8D63D7F99} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {AF7971B4-8C0B-49B2-938B-B9B0D49738AC} - \avastBCLRestartS-1-5-21-3809139199-386801105-3546470006-1002 -> No File <==== ATTENTION
Task: {B04995A1-AE1F-4E29-A699-795CAF0E8F1C} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {D296287A-3055-4233-99F2-FED67C288FF7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {EF0EBB65-FB72-4748-B58F-D6D2189B5D44} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {53e73317-9eb5-11e6-82d6-645a04383e85} - "I:\autorun.exe"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {7431c52d-9546-11e6-82d6-2025647b6c58} - "H:\Setup.exe"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {a34909a7-aa4c-11e6-82d9-2025647b6c58} - "E:\.autorun\autorun.exe"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {eb54649e-839d-11e4-8265-645a04383e85} - "G:\WD SmartWare.exe" autoplay=true
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Users\ADMINI~1\AppData\Local\Temp
EmptyTemp:
End
*****************
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16E729DC-E645-449A-A38F-CF89D1A95DCB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16E729DC-E645-449A-A38F-CF89D1A95DCB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F36A096-3EDB-4A3E-B867-3FB88701E187} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F36A096-3EDB-4A3E-B867-3FB88701E187} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D196C61-22EE-4345-8B2E-B6ADACB6AB77} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D196C61-22EE-4345-8B2E-B6ADACB6AB77} => key removed successfully
C:\WINDOWS\System32\Tasks\{8158CAA7-95C9-40B5-9406-F1C8E6C6635D} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8158CAA7-95C9-40B5-9406-F1C8E6C6635D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4273B9F3-99D3-47EE-B53F-2708E70A5A5C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4273B9F3-99D3-47EE-B53F-2708E70A5A5C} => key removed successfully
C:\WINDOWS\System32\Tasks\{A3512072-3EEB-4167-A9AD-1360A3259C53} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A3512072-3EEB-4167-A9AD-1360A3259C53} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48813874-E4D4-4F1F-BB7A-EB7A455ABD7F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48813874-E4D4-4F1F-BB7A-EB7A455ABD7F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4C7CD218-FCE3-4D27-9DE5-9B380C3D0459} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C7CD218-FCE3-4D27-9DE5-9B380C3D0459} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F088631-4922-43E0-A0B0-A4FB2BC918F2} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F088631-4922-43E0-A0B0-A4FB2BC918F2} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{545228FE-9DA7-4146-97CF-B2271F108E08} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{545228FE-9DA7-4146-97CF-B2271F108E08} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6F76B7A8-8A90-4C90-8ECF-21D7DD027D54} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F76B7A8-8A90-4C90-8ECF-21D7DD027D54} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7119D0D4-39D5-4F0F-8C73-736BCDC146A5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7119D0D4-39D5-4F0F-8C73-736BCDC146A5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{728E8CEC-2F7F-4C67-AAEF-6C2738CA0B18} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{728E8CEC-2F7F-4C67-AAEF-6C2738CA0B18} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85F8A86C-491E-4D99-93E1-38D4D16E7A4B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85F8A86C-491E-4D99-93E1-38D4D16E7A4B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{88633597-7888-4220-97D6-67CE4B1BDD20} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88633597-7888-4220-97D6-67CE4B1BDD20} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOONotify => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D6F40F6-4BF5-4892-90D2-32C1F0FC8E4B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D6F40F6-4BF5-4892-90D2-32C1F0FC8E4B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{952CDA20-00A6-4670-866D-693A8AA57925} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{952CDA20-00A6-4670-866D-693A8AA57925} => key removed successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9BAAAFC9-BC02-4AE2-830E-C44DD8AF2F10} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BAAAFC9-BC02-4AE2-830E-C44DD8AF2F10} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
"C:\Windows\AutoKMS.exe" => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AEC9C407-CE6B-4E5B-A898-54A8D63D7F99} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEC9C407-CE6B-4E5B-A898-54A8D63D7F99} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF7971B4-8C0B-49B2-938B-B9B0D49738AC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF7971B4-8C0B-49B2-938B-B9B0D49738AC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avastBCLRestartS-1-5-21-3809139199-386801105-3546470006-1002 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B04995A1-AE1F-4E29-A699-795CAF0E8F1C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B04995A1-AE1F-4E29-A699-795CAF0E8F1C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D296287A-3055-4233-99F2-FED67C288FF7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D296287A-3055-4233-99F2-FED67C288FF7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF0EBB65-FB72-4748-B58F-D6D2189B5D44} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF0EBB65-FB72-4748-B58F-D6D2189B5D44} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key removed successfully
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53e73317-9eb5-11e6-82d6-645a04383e85} => key removed successfully
HKCR\CLSID\{53e73317-9eb5-11e6-82d6-645a04383e85} => key not found.
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7431c52d-9546-11e6-82d6-2025647b6c58} => key removed successfully
HKCR\CLSID\{7431c52d-9546-11e6-82d6-2025647b6c58} => key not found.
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a34909a7-aa4c-11e6-82d9-2025647b6c58} => key removed successfully
HKCR\CLSID\{a34909a7-aa4c-11e6-82d9-2025647b6c58} => key not found.
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eb54649e-839d-11e4-8265-645a04383e85} => key removed successfully
HKCR\CLSID\{eb54649e-839d-11e4-8265-645a04383e85} => key not found.
"C:\Windows\system32\nvinitx.dll" => Value data removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
C:\Users\ADMINI~1\AppData\Local\Temp => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 225324424 B
Java, Flash, Steam htmlcache => 2352 B
Windows/system/drivers => 13060313 B
Edge => 4459996 B
Chrome => 13938400 B
Firefox => 378157160 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 6530 B
NetworkService => 0 B
Adrian => 127184233 B
RecycleBin => 100985910 B
EmptyTemp: => 823.1 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:45:26 ====
Ran by Adrian (25-01-2017 21:44:42) Run:1
Running from C:\Users\Adrian\Desktop
Loaded Profiles: Adrian (Available Profiles: Adrian)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
Task: {16E729DC-E645-449A-A38F-CF89D1A95DCB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {2F36A096-3EDB-4A3E-B867-3FB88701E187} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {3D196C61-22EE-4345-8B2E-B6ADACB6AB77} - System32\Tasks\{8158CAA7-95C9-40B5-9406-F1C8E6C6635D} => pcalua.exe -a "C:\Users\Adrian\Documents\Torrent\Guitar Pro 5.2 (with complete RSE packs)\RSE_BASSES.exe" -d "C:\Users\Adrian\Documents\Torrent\Guitar Pro 5.2 (with complete RSE packs)"
Task: {4273B9F3-99D3-47EE-B53F-2708E70A5A5C} - System32\Tasks\{A3512072-3EEB-4167-A9AD-1360A3259C53} => pcalua.exe -a "C:\Users\Adrian\Documents\Torrent\DVD Shrink 3,2 + CZ\DVDShrink32015.exe" -d "C:\Users\Adrian\Documents\Torrent\DVD Shrink 3,2 + CZ"
Task: {48813874-E4D4-4F1F-BB7A-EB7A455ABD7F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {4C7CD218-FCE3-4D27-9DE5-9B380C3D0459} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4F088631-4922-43E0-A0B0-A4FB2BC918F2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {545228FE-9DA7-4146-97CF-B2271F108E08} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {6F76B7A8-8A90-4C90-8ECF-21D7DD027D54} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7119D0D4-39D5-4F0F-8C73-736BCDC146A5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {728E8CEC-2F7F-4C67-AAEF-6C2738CA0B18} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {85F8A86C-491E-4D99-93E1-38D4D16E7A4B} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {88633597-7888-4220-97D6-67CE4B1BDD20} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {8D6F40F6-4BF5-4892-90D2-32C1F0FC8E4B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {952CDA20-00A6-4670-866D-693A8AA57925} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {9BAAAFC9-BC02-4AE2-830E-C44DD8AF2F10} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
C:\Windows\AutoKMS.exe
Task: {AEC9C407-CE6B-4E5B-A898-54A8D63D7F99} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {AF7971B4-8C0B-49B2-938B-B9B0D49738AC} - \avastBCLRestartS-1-5-21-3809139199-386801105-3546470006-1002 -> No File <==== ATTENTION
Task: {B04995A1-AE1F-4E29-A699-795CAF0E8F1C} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {D296287A-3055-4233-99F2-FED67C288FF7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {EF0EBB65-FB72-4748-B58F-D6D2189B5D44} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {53e73317-9eb5-11e6-82d6-645a04383e85} - "I:\autorun.exe"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {7431c52d-9546-11e6-82d6-2025647b6c58} - "H:\Setup.exe"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {a34909a7-aa4c-11e6-82d9-2025647b6c58} - "E:\.autorun\autorun.exe"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {eb54649e-839d-11e4-8265-645a04383e85} - "G:\WD SmartWare.exe" autoplay=true
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Users\ADMINI~1\AppData\Local\Temp
EmptyTemp:
End
*****************
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16E729DC-E645-449A-A38F-CF89D1A95DCB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16E729DC-E645-449A-A38F-CF89D1A95DCB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F36A096-3EDB-4A3E-B867-3FB88701E187} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F36A096-3EDB-4A3E-B867-3FB88701E187} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D196C61-22EE-4345-8B2E-B6ADACB6AB77} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D196C61-22EE-4345-8B2E-B6ADACB6AB77} => key removed successfully
C:\WINDOWS\System32\Tasks\{8158CAA7-95C9-40B5-9406-F1C8E6C6635D} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8158CAA7-95C9-40B5-9406-F1C8E6C6635D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4273B9F3-99D3-47EE-B53F-2708E70A5A5C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4273B9F3-99D3-47EE-B53F-2708E70A5A5C} => key removed successfully
C:\WINDOWS\System32\Tasks\{A3512072-3EEB-4167-A9AD-1360A3259C53} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A3512072-3EEB-4167-A9AD-1360A3259C53} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48813874-E4D4-4F1F-BB7A-EB7A455ABD7F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48813874-E4D4-4F1F-BB7A-EB7A455ABD7F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4C7CD218-FCE3-4D27-9DE5-9B380C3D0459} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C7CD218-FCE3-4D27-9DE5-9B380C3D0459} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F088631-4922-43E0-A0B0-A4FB2BC918F2} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F088631-4922-43E0-A0B0-A4FB2BC918F2} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{545228FE-9DA7-4146-97CF-B2271F108E08} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{545228FE-9DA7-4146-97CF-B2271F108E08} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6F76B7A8-8A90-4C90-8ECF-21D7DD027D54} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F76B7A8-8A90-4C90-8ECF-21D7DD027D54} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7119D0D4-39D5-4F0F-8C73-736BCDC146A5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7119D0D4-39D5-4F0F-8C73-736BCDC146A5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{728E8CEC-2F7F-4C67-AAEF-6C2738CA0B18} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{728E8CEC-2F7F-4C67-AAEF-6C2738CA0B18} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85F8A86C-491E-4D99-93E1-38D4D16E7A4B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85F8A86C-491E-4D99-93E1-38D4D16E7A4B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{88633597-7888-4220-97D6-67CE4B1BDD20} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88633597-7888-4220-97D6-67CE4B1BDD20} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOONotify => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D6F40F6-4BF5-4892-90D2-32C1F0FC8E4B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D6F40F6-4BF5-4892-90D2-32C1F0FC8E4B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{952CDA20-00A6-4670-866D-693A8AA57925} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{952CDA20-00A6-4670-866D-693A8AA57925} => key removed successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9BAAAFC9-BC02-4AE2-830E-C44DD8AF2F10} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BAAAFC9-BC02-4AE2-830E-C44DD8AF2F10} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
"C:\Windows\AutoKMS.exe" => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AEC9C407-CE6B-4E5B-A898-54A8D63D7F99} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEC9C407-CE6B-4E5B-A898-54A8D63D7F99} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF7971B4-8C0B-49B2-938B-B9B0D49738AC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF7971B4-8C0B-49B2-938B-B9B0D49738AC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avastBCLRestartS-1-5-21-3809139199-386801105-3546470006-1002 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B04995A1-AE1F-4E29-A699-795CAF0E8F1C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B04995A1-AE1F-4E29-A699-795CAF0E8F1C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D296287A-3055-4233-99F2-FED67C288FF7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D296287A-3055-4233-99F2-FED67C288FF7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF0EBB65-FB72-4748-B58F-D6D2189B5D44} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF0EBB65-FB72-4748-B58F-D6D2189B5D44} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key removed successfully
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53e73317-9eb5-11e6-82d6-645a04383e85} => key removed successfully
HKCR\CLSID\{53e73317-9eb5-11e6-82d6-645a04383e85} => key not found.
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7431c52d-9546-11e6-82d6-2025647b6c58} => key removed successfully
HKCR\CLSID\{7431c52d-9546-11e6-82d6-2025647b6c58} => key not found.
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a34909a7-aa4c-11e6-82d9-2025647b6c58} => key removed successfully
HKCR\CLSID\{a34909a7-aa4c-11e6-82d9-2025647b6c58} => key not found.
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eb54649e-839d-11e4-8265-645a04383e85} => key removed successfully
HKCR\CLSID\{eb54649e-839d-11e4-8265-645a04383e85} => key not found.
"C:\Windows\system32\nvinitx.dll" => Value data removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
C:\Users\ADMINI~1\AppData\Local\Temp => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 225324424 B
Java, Flash, Steam htmlcache => 2352 B
Windows/system/drivers => 13060313 B
Edge => 4459996 B
Chrome => 13938400 B
Firefox => 378157160 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 6530 B
NetworkService => 0 B
Adrian => 127184233 B
RecycleBin => 100985910 B
EmptyTemp: => 823.1 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:45:26 ====
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Moc prosím o preventivku
Smazáno. Log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Moc prosím o preventivku
Čili hotovo?
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Moc prosím o preventivku
Asi tak (pokud není ještě jiný problém).
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Moc prosím o preventivku
Ne není. Děkuju 
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Moc prosím o preventivku
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?