Ran by mlnic (2015-11-07 17:36:20)
Running from C:\Users\mlnic\Desktop\Viry
Windows 10 Pro (X64) (2015-09-05 17:11:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4070881372-3982052430-2890770552-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4070881372-3982052430-2890770552-503 - Limited - Disabled)
Guest (S-1-5-21-4070881372-3982052430-2890770552-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4070881372-3982052430-2890770552-1003 - Limited - Enabled)
mlnic (S-1-5-21-4070881372-3982052430-2890770552-1001 - Administrator - Enabled) => C:\Users\mlnic
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 15.06 beta (x64) (HKLM\...\7-Zip) (Version: 15.06 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe Dreamweaver CC (HKLM-x32\...\{00E094E1-A852-11E2-803D-ACEA632352B4}) (Version: 13 - Adobe Systems Incorporated)
Age of Empires II HD (c) Microsoft Studios version 1 (HKLM-x32\...\QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1) (Version: 1 - )
Age of Empires III (HKLM-x32\...\InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Aktualizace NVIDIA 2.5.15.54 (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
APKtoW10M (HKLM-x32\...\{BB8477A2-E269-4151-95C4-B1B95C93A307}) (Version: 1.2.0 - Antonio de la Iglesia)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Caesar 3 (CZ Dabing) (HKLM-x32\...\FPD_C3_is1) (Version: 1.0 - Fénix ProDabing)
Caesar 3 (HKLM-x32\...\Caesar 3) (Version: - )
Call of Duty Advanced Warfare (HKLM-x32\...\Call of Duty Advanced Warfare_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP)
CesarFTP 0.99g (HKLM-x32\...\CesarFTP 0.99g_is1) (Version: - Alexandre Cesari)
Cities Skylines (HKLM-x32\...\Cities Skylines_is1) (Version: - )
Cities: Skylines - ČEŠTINA (HKU\S-1-5-21-4070881372-3982052430-2890770552-1001\...\Cities: Skylines - ČEŠTINA) (Version: - )
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
Command & Conquer Generals (HKLM-x32\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)
Command & Conquer Generals (x32 Version: 0.50.0000 - Electronic Arts) Hidden
CrystalDiskInfo 6.5.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.5.2 - Crystal Dew World)
DAEMON Tools Ultra (HKLM-x32\...\DAEMON Tools Ultra) (Version: 2.4.0.0280 - Disc Soft Ltd)
ELAN HIDI2C Filter Driver X64 13.6.2.2_WHQL (HKLM\...\Elantech) (Version: 13.6.2.2 - ELAN Microelectronic Corp.)
EPS Viewer (HKLM-x32\...\{32E05824-A0AC-4DFE-B965-5F52C28FBE9F}_is1) (Version: - IdeaMK)
Euro Truck Simulator 2 verze 1.21.1 (HKLM-x32\...\{C6B69A3F-471C-4472-B1DA-11A762D21F55}_is1) (Version: 1.21.1 - )
FastShare.cz verze 2.3.1 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.3.1 - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Intel Driver Update Utility (HKLM-x32\...\{ca4bc3a8-b99c-4416-90d8-351a8ceab458}) (Version: 2.2.0.2 - Intel)
Intel(R) Driver Update Utility 2.2 (x32 Version: 2.2.0.1 - Intel) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{560C0B14-F973-4361-B073-B45AF9D538CF}) (Version: 17.1.1531.1764 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
LTspice IV (HKLM-x32\...\LTspice IV) (Version: - )
LuaEdit 2010 (x86 - 3.0.10.0) (HKLM-x32\...\LuaEdit 2010_is1) (Version: - Open Source)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MATLAB R2012a (HKLM\...\Matlab R2012a) (Version: 7.14 - The MathWorks, Inc.)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4454.1004 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Remote (HKLM-x32\...\{7a1ad515-9199-47d6-aa40-6fdf2c857ff0}) (Version: 1.1.3.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 cs)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
MTA:SA v1.5.0 (HKLM-x32\...\MTA:SA 1.5) (Version: v1.5.0 - Multi Theft Auto)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 358.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.87 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 358.87 (Version: 358.87 - NVIDIA Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10143.21278 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Resource Hacker Version 4.2.5 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
Resource Tuner 2.04 (HKLM-x32\...\Resource Tuner_is1) (Version: 2.04 - Heaventools Software)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.8 - Rockstar Games)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
Sierra Utilities (HKLM-x32\...\Sierra Utilities) (Version: - )
SPINTIRES (HKLM-x32\...\{A913621A-6B59-2B42-48D6-2FDF3A865421}_is1) (Version: 1.0 - Oovee® Game Studios, IMGN.PRO (Coop-Land))
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
tcm851 6.23 (HKLM-x32\...\tcm851 6.23) (Version: - )
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52 - Ghisler Software GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware Player (HKLM\...\{DCA4824C-42E8-4911-9C10-5BB43A315625}) (Version: 12.0.0 - VMware, Inc.)
Windows Phone IP Over USB (HKLM-x32\...\{E7C8E5D3-9EDC-4430-8AEF-FD590937F55F}) (Version: 10.0.10240.0 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WinSCP 5.7.5 (HKLM-x32\...\winscp3_is1) (Version: 5.7.5 - Martin Prikryl)
Wolfenstein The Old Blood (HKLM-x32\...\Wolfenstein The Old Blood_is1) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4070881372-3982052430-2890770552-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\mlnic\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
==================== Restore Points =========================
06-11-2015 18:57:55 JRT Pre-Junkware Removal
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2015-11-07 13:51 - 00000753 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2FA8CC88-0EEB-43BC-9C85-600E73DEABE1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {3483974B-8636-47D4-8785-A9C5D493FA44} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {475C19CB-23B3-4F85-8899-C208493B0FAF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd)
Task: {624CEE01-9189-4309-BA4E-A7D83D3158FA} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {848EB274-D45D-427C-BC6B-5D105DC93404} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.)
Task: {ABBD72A8-075C-4B8C-9561-8C3C8D352A36} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.)
Task: {B21860AA-C608-415F-A543-EB4B25506198} - System32\Tasks\Microsoft Office 15 Sync Maintenance for KROPOVEZ-NTB-mlnic KROPOVEZ-NTB => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {B78CFFF3-FED7-4DC3-BCB7-213C67188C5A} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2015-09-16] ()
Task: {BD8BE2C3-F913-4AC7-8674-E0F8CF082427} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {D69EECC8-796A-46B3-934A-09C99D41F608} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-10-15] (Microsoft Corporation)
Task: {D7A57140-8856-49EF-AB4F-D12FD7F261B6} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {EE7FE751-FBCA-4A2A-B107-84C792493F16} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
Task: {F306B007-8B7B-444B-A73A-8E9F3B47D867} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-09-05 21:53 - 2015-07-15 03:04 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2015-11-05 18:45 - 2015-11-02 14:36 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-09 15:49 - 2015-09-09 15:49 - 00029184 _____ () C:\Windows\System32\ssm4mlm.dll
2015-09-05 21:53 - 2015-08-11 10:14 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2015-09-30 21:02 - 2015-09-17 07:48 - 02494712 _____ () C:\Windows\system32\CoreUIComponents.dll
2015-09-30 21:02 - 2015-09-17 07:48 - 02494712 _____ () C:\Windows\System32\CoreUIComponents.dll
2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-09-05 18:32 - 2015-10-14 13:08 - 00415128 _____ () C:\Windows\system32\igfxTray.exe
2015-09-30 21:01 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-09-30 21:02 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-09-30 21:01 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-09-30 21:01 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-30 21:02 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 14:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-24 19:28 - 2015-08-24 19:28 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-11-05 08:21 - 2015-11-05 08:21 - 08717824 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.21.12.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-11-05 08:21 - 2015-11-05 08:21 - 02371072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.21.12.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2015-08-14 13:03 - 2015-08-14 13:03 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2015-09-05 21:41 - 2015-10-12 04:05 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\Users\mlnic\Application Data:NT
AlternateDataStreams: C:\Users\mlnic\Application Data:NT2
AlternateDataStreams: C:\Users\mlnic\AppData\Roaming:NT
AlternateDataStreams: C:\Users\mlnic\AppData\Roaming:NT2
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4070881372-3982052430-2890770552-1001\Control Panel\Desktop\\Wallpaper -> c:\users\mlnic\onedrive\obrázky\fotky\passat\wp_20150821_16_36_31_pro.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4070881372-3982052430-2890770552-1001\...\StartupApproved\StartupFolder: => "m.vbs"
HKU\S-1-5-21-4070881372-3982052430-2890770552-1001\...\StartupApproved\StartupFolder: => "win1.EXE"
HKU\S-1-5-21-4070881372-3982052430-2890770552-1001\...\StartupApproved\Run: => "Remote Mouse"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{ECC4C983-4B3E-4909-A5B4-A8AA37839F37}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{5DA52F53-8A0F-4BF2-805C-FFA620CE923B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{AE379CAF-EA02-4DEE-ABF9-C19F4E5AE143}C:\program files (x86)\icecast\bin\icecast.exe] => (Allow) C:\program files (x86)\icecast\bin\icecast.exe
FirewallRules: [UDP Query User{C151EA31-61C8-4AFF-8B31-73865046D112}C:\program files (x86)\icecast\bin\icecast.exe] => (Allow) C:\program files (x86)\icecast\bin\icecast.exe
FirewallRules: [TCP Query User{56988C42-DC76-4BF0-94A2-495F0A76F66C}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{FEA5C4FB-1AEA-43C8-9660-6297AB2D9F77}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{CBFA317F-A763-4EE3-B1E2-6BCCF6FA8751}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{A4FB0ABE-2FF6-4A2F-8CFD-44693653A6E0}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{AB715D94-B270-42DB-BA6D-78B8D5F8A7A9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E8DD40FE-6609-4344-81C7-9F3AA4211509}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{963D6F70-214A-4BEC-AA9F-7A3399352D47}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D1BEA4C8-5881-4BE1-AC2D-8CEE65F17741}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E55C9FF5-A17D-41D4-81EB-AAFF1AD4058D}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{0DA52906-FB13-4992-B6E1-22EB93F0DA3E}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{203A2DAE-BC78-4C26-AAD7-2A9847CDA2A5}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{20C443C2-F0B6-47CE-9CCF-AF5083224229}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{48EEE1F1-0FC3-4A9D-AC3F-FD76738E7F08}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{299CD13C-EDFD-4F02-BA1E-CE9695A0466A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BB3A2B76-F000-41D8-8DBB-FE01DD598AF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7FD57C1B-3930-447F-A7AF-56A2576FFD44}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{CA528CB7-1866-4D02-99E1-CBDC98A98E5B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{451A8290-B4BC-4E58-9C21-4DAD934AD8CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{37463787-ABDD-45DE-B79C-4BA201385F9E}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{81DDCBA9-97D4-4F0C-854B-237D56D54955}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [TCP Query User{B7A8A932-6EC3-4514-A8D1-57E3057E19A2}C:\users\mlnic\desktop\cross server\server\server\mta server.exe] => (Allow) C:\users\mlnic\desktop\cross server\server\server\mta server.exe
FirewallRules: [UDP Query User{50E0778A-3B77-4E5E-9A34-4B154B36665B}C:\users\mlnic\desktop\cross server\server\server\mta server.exe] => (Allow) C:\users\mlnic\desktop\cross server\server\server\mta server.exe
FirewallRules: [TCP Query User{CD71BC72-1037-4C01-936D-75179F9ED70C}C:\users\mlnic\desktop\cross server\server ready\server ready\mta server.exe] => (Allow) C:\users\mlnic\desktop\cross server\server ready\server ready\mta server.exe
FirewallRules: [UDP Query User{239CA905-0F33-40CB-A01F-6C46D1122831}C:\users\mlnic\desktop\cross server\server ready\server ready\mta server.exe] => (Allow) C:\users\mlnic\desktop\cross server\server ready\server ready\mta server.exe
FirewallRules: [TCP Query User{A411495E-D8A2-4542-9BAB-FEE356F47FF8}C:\program files (x86)\cesarftp\server.exe] => (Allow) C:\program files (x86)\cesarftp\server.exe
FirewallRules: [UDP Query User{5C84535D-F0CB-4750-B2DC-2867F80AF79E}C:\program files (x86)\cesarftp\server.exe] => (Allow) C:\program files (x86)\cesarftp\server.exe
FirewallRules: [{2CCF1255-0962-46B0-BD73-BF1A771178BE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{57368EA8-8763-4E5B-AD74-A05251E5F43C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{42A21D32-0C8F-43CD-86CC-D146A49F1EAF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{264A5BB4-9B27-480E-AEC8-B0399C0DA823}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AE7EE5AC-2A71-4FF8-96B9-95D42FD40CDB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{CF964652-28C7-4794-874C-0E78837CEA86}E:\hry\spintires\spintires.exe] => (Allow) E:\hry\spintires\spintires.exe
FirewallRules: [UDP Query User{82AA9C26-489D-45D0-9B81-63A72B574120}E:\hry\spintires\spintires.exe] => (Allow) E:\hry\spintires\spintires.exe
FirewallRules: [{6591B958-1700-47CC-A60A-ADC5BF0B4C57}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{46D37B83-8957-4052-ABB1-0C63A4FBEE52}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{6127AE75-AF85-487E-9636-2B9F2EBF38D4}E:\hry\grand theft auto v 2\gta5.exe] => (Allow) E:\hry\grand theft auto v 2\gta5.exe
FirewallRules: [UDP Query User{C6988854-5324-42EA-9A29-AB2587AADC06}E:\hry\grand theft auto v 2\gta5.exe] => (Allow) E:\hry\grand theft auto v 2\gta5.exe
FirewallRules: [{131C31CE-8DE3-4261-B8DC-9B177AFD5EBB}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{6DED5DA6-D83E-4CFD-9DD8-D20C34C90950}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [TCP Query User{343ADC16-BA31-4CB4-B019-E72CCAADC480}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [UDP Query User{2499F429-8692-4A91-A17F-9F2BF931C08A}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [{FA1576B3-B13D-4232-BCB6-49CC574F08D4}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{7049F018-AC86-46EA-9434-A71B152368EA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{FFD90B5A-A790-43E1-A6D0-A9832E6C48AF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A22B7C5B-4AFD-489B-92DE-9DA4CE655191}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{4BD8030D-6246-4A3E-8A36-B84C9396E841}E:\hry\killing floor lepsi verze\system\killingfloor.exe] => (Allow) E:\hry\killing floor lepsi verze\system\killingfloor.exe
FirewallRules: [UDP Query User{CAC935B9-89B5-4365-9F50-C5417FDBC8D4}E:\hry\killing floor lepsi verze\system\killingfloor.exe] => (Allow) E:\hry\killing floor lepsi verze\system\killingfloor.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/07/2015 02:16:57 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (7384) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032
Error: (11/07/2015 02:16:57 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (7384) Pokus o vytvoření souboru C:\Windows\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (11/07/2015 02:16:46 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (7384) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032
Error: (11/07/2015 02:16:46 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (7384) Pokus o vytvoření souboru C:\Windows\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (11/07/2015 02:16:36 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (7384) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032
Error: (11/07/2015 02:16:36 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (7384) Pokus o vytvoření souboru C:\Windows\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (11/07/2015 02:16:26 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (7384) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032
Error: (11/07/2015 02:16:26 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (7384) Pokus o vytvoření souboru C:\Windows\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (11/07/2015 02:16:15 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (7384) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032
Error: (11/07/2015 02:16:15 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (7384) Pokus o vytvoření souboru C:\Windows\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).
System errors:
=============
Error: (11/07/2015 02:11:53 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo časového limitu (30000 ms).
Error: (11/07/2015 02:09:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba MBAMService neuspěla při spuštění v důsledku následující chyby:
%%1053
Error: (11/07/2015 02:09:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby MBAMService bylo dosaženo časového limitu (30000 ms).
Error: (11/07/2015 02:09:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Phone IP over USB Transport (IpOverUsbSvc) bylo dosaženo časového limitu (30000 ms).
Error: (11/07/2015 02:09:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Service KMSELDI neuspěla při spuštění v důsledku následující chyby:
%%1053
Error: (11/07/2015 02:09:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Service KMSELDI bylo dosaženo časového limitu (30000 ms).
Error: (11/07/2015 02:07:33 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Error: (11/07/2015 02:07:33 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Error: (11/07/2015 02:07:26 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Error: (11/07/2015 02:07:24 PM) (Source: DCOM) (EventID: 10010) (User: KROPOVEZ-NTB)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
CodeIntegrity:
===================================
Date: 2015-11-07 14:29:07.033
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-07 14:29:06.878
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-05 19:08:20.780
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-05 19:08:20.596
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-04 19:02:09.472
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-04 19:02:09.330
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-02 16:40:32.034
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-11-02 16:40:31.935
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-11-02 16:40:30.338
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-11-02 16:40:30.160
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 45%
Total physical RAM: 4015.42 MB
Available physical RAM: 2189.71 MB
Total Virtual: 8879.42 MB
Available Virtual: 7112.65 MB
==================== Drives ================================
Drive c: (Windows 10) (Fixed) (Total:466.31 GB) (Free:212.23 GB) NTFS
Drive e: (Zábava) (Fixed) (Total:443.23 GB) (Free:89.29 GB) NTFS
Drive w: (Windows 7) (Fixed) (Total:21.48 GB) (Free:2.13 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or

Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=21.5 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=443.2 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================