Dobrý den, poprosil bych o kontrolu logu. Pořád mi zatěžuje systém proces NT Kernel & System. Zkoušel jsem aktualizovat ovladač grafické karty a nepomohlo. spouští se to samovolně, nepravidelně. příkládám i obrázek správce procesů. Předem děkuji za pomoc
info.txt logfile of random's system information tool 1.10 2017-03-19 16:26:04
======MBR======
0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A3DD0C2A100008020210007A3130D000800000020030000A3140D07EFFFFF0028030000E0661800EFFFFF07EFFFFF00086A180058065C0000000000000000000000000000000055AA
======Uninstall list======
-->C:\ProgramData\{4B36989F-BE86-4A21-94B1-AC154A69EA65}\WinThrusterSetup.exe
7-PDF Maker Version 1.0.3-->"D:\Programy\7-PDF Maker\unins000.exe"
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Flash Player 25 NPAPI-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_127_Plugin.exe -maintain plugin
Age of Empires® III: Complete Collection-->"D:\Programy\Steam\steam.exe" steam://uninstall/105450
ASUS GPU TweakII-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43} /l1033
ASUS Product Register Program-->MsiExec.exe /I{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}
Battlefield 4™-->"C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 4\Cleanup.exe" uninstall_game -autologging
Battlelog Web Plugins-->C:\Program Files (x86)\Battlelog Web Plugins\uninstall.exe
Beard and Hairstyle Set-->"D:\Filmy a Hry\The Witcher 3 - Wild Hunt\unins002.exe"
Call of Duty Black Ops III version 1.0.0-->"D:\Filmy a Hry\CoDBO3\Call of Duty Black Ops III\Uninstall\unins000.exe"
CCleaner-->"D:\Programy\Ccleaner\uninst.exe"
CDBurnerXP-->"C:\Program Files (x86)\CDBurnerXP\unins000.exe"
Common Desktop Agent-->MsiExec.exe /X{031A0E14-0413-4C97-9772-2639B782F46F}
CPUID CPU-Z 1.78-->"D:\Programy\CPU-Z\unins000.exe"
Crysis 2-->"C:\Program Files (x86)\Common Files\EAInstaller\Crysis 2\Cleanup.exe" uninstall_game -autologging
DAEMON Tools Lite-->D:\Programy\DAEMON Tools Lite\uninst.exe
Definition Update for Microsoft Office 2013 (KB3115404) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{52EF08F9-F296-48DC-A906-E03225E51C9B}" "1029" "0"
Defraggler-->"D:\Programy\\Defragler\uninst.exe"
Dying Light-->"D:\Filmy a Hry\Dying Light\unins000.exe"
Etron USB3.0 Host Controller-->"C:\Program Files (x86)\InstallShield Installation Information\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}\setup.exe" -runfromtemp -l0x0409 -removeonly
Etron USB3.0 Host Controller-->MsiExec.exe /I{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}
Far Cry Primal-->"D:\Filmy a Hry\Far.Cry.Primal-CPY\Far Cry Primal\unins000.exe"
FBReader for Windows-->"D:\Programy\FBReader\uninstall.exe"
Google Drive-->MsiExec.exe /X{07A12123-B717-496B-B471-48AF6407B433}
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel® Trusted Connect Service Client-->MsiExec.exe /I{B5E06417-A4AC-4225-B36E-7E34C91616E7}
IrfanView 64 (remove only)-->"C:\Program Files\IrfanView\iv_uninstall.exe"
Java 8 Update 101 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F64180101F0}
Java SE Development Kit 8 Update 101 (64-bit)-->MsiExec.exe /X{64A3A4F4-B792-11D6-A78A-00B0D0180101}
Java SE Development Kit 8 Update 91 (64-bit)-->MsiExec.exe /X{64A3A4F4-B792-11D6-A78A-00B0D0180910}
JCreator LE 3.50-->"D:\Programy\JCreatorV3LE\unins000.exe"
KMSnano 24-->"D:\Filmy a Hry\KMSnano\unins000.exe"
LibreOffice 5.1 Help Pack (Czech)-->MsiExec.exe /I{AD40820B-550D-44A1-9D5B-18A287D65D97}
LibreOffice 5.1.0.3-->MsiExec.exe /I{2F75F86D-8362-4F49-9536-D87DCBF6ABAE}
LogMeIn Hamachi-->C:\Windows\SysWOW64\\msiexec.exe /i {89E5827E-EAE7-47F2-A57F-52D92C671983} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{89E5827E-EAE7-47F2-A57F-52D92C671983}
Microsoft .NET Framework 4.5.2-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\\Setup.exe /repair /x86 /x64
Microsoft .NET Framework 4.5.2-->MsiExec.exe /X{26784146-6E05-3FF9-9335-786C7C0FB5BE}
Microsoft Access MUI (Czech) 2013-->MsiExec.exe /X{90150000-0015-0405-1000-0000000FF1CE}
Microsoft ASP.NET MVC 4 Runtime-->MsiExec.exe /X{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}
Microsoft Corporation-->MsiExec.exe /I{9C5A08BF-BB99-4998-81BD-F6CC32483B34}
Microsoft Corporation-->MsiExec.exe /I{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}
Microsoft DCF MUI (Czech) 2013-->MsiExec.exe /X{90150000-0090-0405-1000-0000000FF1CE}
Microsoft Excel MUI (Czech) 2013-->MsiExec.exe /X{90150000-0016-0405-1000-0000000FF1CE}
Microsoft Groove MUI (Czech) 2013-->MsiExec.exe /X{90150000-00BA-0405-1000-0000000FF1CE}
Microsoft InfoPath MUI (Czech) 2013-->MsiExec.exe /X{90150000-0044-0405-1000-0000000FF1CE}
Microsoft LifeCam-->MsiExec.exe /X{6965A8D2-465D-4F98-9FAA-0E9E2348F329}
Microsoft Lync MUI (Czech) 2013-->MsiExec.exe /X{90150000-012B-0405-1000-0000000FF1CE}
Microsoft Office 32-bit Components 2013-->MsiExec.exe /X{90150000-00C1-0000-1000-0000000FF1CE}
Microsoft Office Korrekturhilfen 2013 - Deutsch-->MsiExec.exe /X{90150000-001F-0407-1000-0000000FF1CE}
Microsoft Office OSM MUI (Czech) 2013-->MsiExec.exe /X{90150000-00E1-0405-1000-0000000FF1CE}
Microsoft Office OSM UX MUI (Czech) 2013-->MsiExec.exe /X{90150000-00E2-0405-1000-0000000FF1CE}
Microsoft Office Professional Plus 2013-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\setup.exe" /uninstall PROPLUSR /dll OSETUP.DLL
Microsoft Office Professional Plus 2013-->MsiExec.exe /X{91150000-0011-0000-1000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2013-->MsiExec.exe /X{90150000-002C-0405-1000-0000000FF1CE}
Microsoft Office Proofing Tools 2013 - English-->MsiExec.exe /X{90150000-001F-0409-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (Czech) 2013-->MsiExec.exe /X{90150000-00C1-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2013-->MsiExec.exe /X{90150000-006E-0405-1000-0000000FF1CE}
Microsoft OneNote MUI (Czech) 2013-->MsiExec.exe /X{90150000-00A1-0405-1000-0000000FF1CE}
Microsoft Outlook MUI (Czech) 2013-->MsiExec.exe /X{90150000-001A-0405-1000-0000000FF1CE}
Microsoft PowerPoint MUI (Czech) 2013-->MsiExec.exe /X{90150000-0018-0405-1000-0000000FF1CE}
Microsoft Publisher MUI (Czech) 2013-->MsiExec.exe /X{90150000-0019-0405-1000-0000000FF1CE}
Microsoft Security Client-->MsiExec.exe /X{5A8BF42D-86C1-459E-929A-BE3D67A60029}
Microsoft Security Essentials-->"C:\Program Files\Microsoft Security Client\Setup.exe" /x
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729-->MsiExec.exe /X{14297226-E0A0-3781-8911-E9D529552663}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610-->"C:\ProgramData\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610-->"C:\ProgramData\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501-->"C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501-->"C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005-->MsiExec.exe /X{929FBD26-9020-399B-9A7A-751D61F0B942}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005-->MsiExec.exe /X{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210-->"C:\ProgramData\Package Cache\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}\VC_redist.x64.exe" /uninstall
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210-->"C:\ProgramData\Package Cache\{23658c02-145e-483d-ba6b-1eb82c580529}\VC_redist.x86.exe" /uninstall
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24210-->MsiExec.exe /X{95265B86-188E-3F62-9CDB-60FCE59EC721}
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24210-->MsiExec.exe /X{C0B2C673-ECAA-372D-94E5-E89440D087AD}
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24210-->MsiExec.exe /X{D8C8656B-0BD8-39C3-B741-F889B7C144E5}
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24210-->MsiExec.exe /X{8FD71E98-EE44-3844-9DAD-9CB0BBBC603C}
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)-->C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)\install.exe
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)-->MsiExec.exe /X{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}
Microsoft Word MUI (Czech) 2013-->MsiExec.exe /X{90150000-001B-0405-1000-0000000FF1CE}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Minecraft-->MsiExec.exe /I{35D9277C-1EB7-4FBE-8B41-C520DE4F7A60}
Mozilla Firefox 45.0.1 (x64 cs)-->"D:\Programy\Mozilla\uninstall\helper.exe"
Mozilla Firefox 46.0.1 (x86 cs)-->"D:\Programy\Mozilla32\uninstall\helper.exe"
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština-->MsiExec.exe /X{90150000-001F-0405-1000-0000000FF1CE}
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina-->MsiExec.exe /X{90150000-001F-041B-1000-0000000FF1CE}
NVIDIA GeForce Experience 3.4.0.70-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Ovladač 3D Vision 378.78-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Ovladač HD audia 1.3.34.23-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Ovladač řídící jednotky 3D Vision 369.04-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA Ovladače grafiky 378.78-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Systémový software PhysX 9.16.0318-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX
Origin-->D:\Filmy a Hry\Origin\OriginUninstall.exe
PSPad editor-->"D:\Programy\PSPad editor\Uninst\unins000.exe"
PunkBuster Services-->D:\Program Files (x86)\Origin Games\Battlefield 4\pbsvc.exe -u
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Samsung Easy Document Creator-->"C:\Program Files (x86)\Samsung\Easy Document Creator\uninstall.exe"
Samsung Easy Printer Manager-->C:\Program Files (x86)\Samsung\Easy Printer Manager\uninst.exe /app_ipn:"C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe" /oem:Samsung /oem_ac:EPM /oem_aims:no
Samsung M2070 Series-->"C:\Program Files (x86)\Samsung\Samsung M2070 Series\Setup\Setup.exe" /R
Samsung Printer Diagnostics-->"C:\Program Files (x86)\Samsung\Samsung Printer Diagnostics\SEInstall\setup.exe" /R
Samsung Printer Live Update-->C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller\uninstall.exe
Samsung Scan Process Machine-->C:\Program Files (x86)\Common Files\Scan Process Machine\uninstall.exe
Security Update for Microsoft .NET Framework 4.5.2 (KB2972107)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {59923C0F-51CB-3F2C-8465-E69019472533}
Security Update for Microsoft .NET Framework 4.5.2 (KB2972216)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {47FA5DCB-D13C-331E-BC32-65E53BDD949C}
Security Update for Microsoft .NET Framework 4.5.2 (KB2978128)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {8B856ECB-ED10-3F9E-880D-03A278EF3FB6}
Security Update for Microsoft .NET Framework 4.5.2 (KB3023224)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {175C1563-5389-3174-A18B-A90AD45208D2}
Security Update for Microsoft .NET Framework 4.5.2 (KB3037581)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {99A495FF-BC65-375D-B3C9-934E1DE4F558}
Security Update for Microsoft .NET Framework 4.5.2 (KB3074230)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {73E43C35-D717-337B-9F50-66F5623A8E1C}
Security Update for Microsoft .NET Framework 4.5.2 (KB3074550)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {F403E543-04A6-3024-BE38-189172855D13}
Security Update for Microsoft .NET Framework 4.5.2 (KB3097996)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {CE42A318-3E62-3F40-B52A-9CE658805801}
Security Update for Microsoft .NET Framework 4.5.2 (KB3098781)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {CF7790C7-662A-3829-B49E-61578D4D9838}
Security Update for Microsoft .NET Framework 4.5.2 (KB3122656)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {0401CD26-A8CB-33EA-8338-9340FC8515BD}
Security Update for Microsoft .NET Framework 4.5.2 (KB3127229)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {D21BF446-9101-3327-BA36-0C74701B77DC}
Security Update for Microsoft .NET Framework 4.5.2 (KB3135996)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {0CA47C4C-98A6-3D92-8A97-E87DC34DB81A}
Security Update for Microsoft .NET Framework 4.5.2 (KB3135996v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {56DEA359-4DDF-34FA-8B4E-D98CFDB4263C}
Security Update for Microsoft .NET Framework 4.5.2 (KB3142033)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {357704F6-271F-3C50-B28A-039EA02C5D65}
Security Update for Microsoft .NET Framework 4.5.2 (KB3163251)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {EB00A8CD-33DB-3A8B-821B-47989E5FD1F7}
Security Update for Microsoft Office 2013 (KB2910941) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{43ECCB82-45DF-4800-8930-0689BF91F765}" "1029" "0"
Security Update for Microsoft Office 2013 (KB2956151) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-006E-0405-1000-0000000FF1CE}" "{E7A7C0B9-9725-468B-9B6F-1524DD7441FA}" "1029" "0"
Security Update for Microsoft Office 2013 (KB2956151) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0000-1000-0000000FF1CE}" "{E7A7C0B9-9725-468B-9B6F-1524DD7441FA}" "1029" "0"
Security Update for Microsoft Office 2013 (KB2956151) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{E7A7C0B9-9725-468B-9B6F-1524DD7441FA}" "1029" "0"
Security Update for Microsoft Word 2013 (KB2956163) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001A-0405-1000-0000000FF1CE}" "{39AA9341-DAA0-45E6-8171-E49E2A0D95F7}" "1029" "0"
Security Update for Microsoft Word 2013 (KB2956163) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001B-0405-1000-0000000FF1CE}" "{39AA9341-DAA0-45E6-8171-E49E2A0D95F7}" "1029" "0"
Security Update for Microsoft Word 2013 (KB2956163) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-012B-0405-1000-0000000FF1CE}" "{39AA9341-DAA0-45E6-8171-E49E2A0D95F7}" "1029" "0"
Security Update for Microsoft Word 2013 (KB2956163) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{39AA9341-DAA0-45E6-8171-E49E2A0D95F7}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0015-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0016-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0018-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0019-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001A-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001B-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0405-1000-0000000FF1CE}" "{1E8252A7-D489-4BB6-9694-93799FFD33ED}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0407-1000-0000000FF1CE}" "{DABB9E2A-F054-4F97-9EB2-6992316C6EC7}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0409-1000-0000000FF1CE}" "{835E4BED-E265-4103-AE14-0B4C70CF3FE8}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-041B-1000-0000000FF1CE}" "{4601BD00-BC9B-4CA2-940C-2552782C7347}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-002C-0405-1000-0000000FF1CE}" "{EC915383-0457-4D83-BE7A-009D7841E9C5}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0044-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-006E-0405-1000-0000000FF1CE}" "{3F685A71-DF4A-4AC0-A110-0FA0B7FFD86C}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0090-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00A1-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00BA-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0000-1000-0000000FF1CE}" "{1931508C-C004-4983-81E3-70BE6252904B}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0405-1000-0000000FF1CE}" "{6E88843F-58F2-45EB-8C4A-0DDFE45366E1}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00E1-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00E2-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-012B-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}" "1029" "0"
Skype™ 7.30-->MsiExec.exe /X{FC965A47-4839-40CA-B618-18F486F042C6}
Skyrim - Módy 1.00-->D:\Programy\Steam\steamapps\common\Skyrim\Uninstall.exe
Skyrim Script Extender (SKSE)-->"D:\Programy\Steam\steam.exe" steam://uninstall/365720
SNS Upload for Easy Document Creator-->MsiExec.exe /I{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}
SpeedFan (remove only)-->"D:\Programy\SpeedFan\uninstall.exe"
Steam-->D:\Programy\Steam\uninstall.exe
Temerian Armor Set-->"D:\Filmy a Hry\The Witcher 3 - Wild Hunt\unins001.exe"
The Elder Scrolls V: Skyrim-->"D:\Programy\Steam\steam.exe" steam://uninstall/72850
The Witcher 3: Wild Hunt - Free DLC program (16 DLC)-->"D:\Filmy a Hry\The Witcher 3 - Wild Hunt\unins004.exe"
The Witcher 3: Wild Hunt (Not-cracked Repack)-->"D:\Filmy a Hry\The Witcher 3 - Wild Hunt\unins000.exe"
Total War: WARHAMMER-->"D:\Programy\Steam\steam.exe" steam://uninstall/364360
Update for Microsoft Access 2013 (KB2956176) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0015-0405-1000-0000000FF1CE}" "{39042DCD-C595-47E7-A351-F177CF0C0F5C}" "1029" "0"
Update for Microsoft Access 2013 (KB2956176) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{39042DCD-C595-47E7-A351-F177CF0C0F5C}" "1029" "0"
Update for Microsoft Excel 2013 (KB2956145) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0016-0405-1000-0000000FF1CE}" "{5136F26A-1CD2-4BA4-A059-E25E58403B18}" "1029" "0"
Update for Microsoft Excel 2013 (KB2956145) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0018-0405-1000-0000000FF1CE}" "{5136F26A-1CD2-4BA4-A059-E25E58403B18}" "1029" "0"
Update for Microsoft Excel 2013 (KB2956145) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001B-0405-1000-0000000FF1CE}" "{5136F26A-1CD2-4BA4-A059-E25E58403B18}" "1029" "0"
Update for Microsoft Excel 2013 (KB2956145) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0405-1000-0000000FF1CE}" "{5136F26A-1CD2-4BA4-A059-E25E58403B18}" "1029" "0"
Update for Microsoft Excel 2013 (KB2956145) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{5136F26A-1CD2-4BA4-A059-E25E58403B18}" "1029" "0"
Update for Microsoft Lync 2013 (KB2956174) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0000-1000-0000000FF1CE}" "{E7396A71-6BAC-4A67-8B4F-384CA2257A41}" "1029" "0"
Update for Microsoft Lync 2013 (KB2956174) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-012B-0405-1000-0000000FF1CE}" "{E7396A71-6BAC-4A67-8B4F-384CA2257A41}" "1029" "0"
Update for Microsoft Lync 2013 (KB2956174) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{E7396A71-6BAC-4A67-8B4F-384CA2257A41}" "1029" "0"
Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{7A4AB8E1-C091-4BD3-B308-844BA6EE752A}" "1029" "0"
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}" "1029" "0"
Update for Microsoft Office 2013 (KB2760371) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{25DEA344-FF6F-41BD-B88F-5242BB8E80E1}" "1029" "0"
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{62857CDD-2985-4939-91BA-19ED0B0031A5}" "1029" "0"
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}" "1029" "0"
Update for Microsoft Office 2013 (KB2837654) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{2147FFF7-71C4-4306-AFE2-1AA7A6025BB1}" "1029" "0"
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{290D80DE-03AB-47EC-9402-108AF4CE4F66}" "1029" "0"
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{8116ED50-F1E7-49E1-9D8D-421497D34B0F}" "1029" "0"
Update for Microsoft Office 2013 (KB2880977) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{3FF26B00-AC61-487F-B03B-5D83415C5408}" "1029" "0"
Update for Microsoft Office 2013 (KB2881001) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{DF1B7B95-4A86-4605-A628-556394B5580A}" "1029" "0"
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0016-0405-1000-0000000FF1CE}" "{885C981B-F1E3-430A-A099-31CA9D28C251}" "1029" "0"
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{885C981B-F1E3-430A-A099-31CA9D28C251}" "1029" "0"
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{E919ACF4-A1D7-4CAA-A103-5EB115563721}" "1029" "0"
Update for Microsoft Office 2013 (KB2883095) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{EADBF225-163E-406B-B11A-26ECCCAB5A0E}" "1029" "0"
Update for Microsoft Office 2013 (KB2899498) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0016-0405-1000-0000000FF1CE}" "{D7FAA622-6BCF-4EDF-8C34-A48E1838D57B}" "1029" "0"
Update for Microsoft Office 2013 (KB2899498) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{D7FAA622-6BCF-4EDF-8C34-A48E1838D57B}" "1029" "0"
Update for Microsoft Office 2013 (KB2899522) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{A4E88D96-814F-4183-8DB2-BA3EC2B7E434}" "1029" "0"
Update for Microsoft Office 2013 (KB2920754) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{2513C305-E7E9-46F9-BECA-C6AC02D769B3}" "1029" "0"
Update for Microsoft Office 2013 (KB2920769) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{C906EC6B-8610-487F-8528-658FE2575C86}" "1029" "0"
Update for Microsoft Office 2013 (KB2956148) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{F499AD64-02E9-48E0-84BE-498FBCDC7A95}" "1029" "0"
Update for Microsoft Office 2013 (KB2956154) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{8AB3858C-5246-4C78-937F-86A38A494CAA}" "1029" "0"
Update for Microsoft Office 2013 (KB2956160) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-006E-0405-1000-0000000FF1CE}" "{BF379FBB-0ACA-47CB-86C6-12885C01505E}" "1029" "0"
Update for Microsoft Office 2013 (KB2956160) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{BF379FBB-0ACA-47CB-86C6-12885C01505E}" "1029" "0"
Update for Microsoft Office 2013 (KB2956167) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-006E-0405-1000-0000000FF1CE}" "{A2478F3C-B1C6-483C-B655-D39B75E9D02C}" "1029" "0"
Update for Microsoft Office 2013 (KB2956167) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0000-1000-0000000FF1CE}" "{A2478F3C-B1C6-483C-B655-D39B75E9D02C}" "1029" "0"
Update for Microsoft Office 2013 (KB2956167) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{A2478F3C-B1C6-483C-B655-D39B75E9D02C}" "1029" "0"
Update for Microsoft Office 2013 (KB2956168) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0405-1000-0000000FF1CE}" "{D285D043-0A8F-4358-B98F-C444872AEB51}" "1029" "0"
Update for Microsoft Office 2013 (KB2956168) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0407-1000-0000000FF1CE}" "{A578E179-A2BA-42CE-ABF4-1F71EF6BEB0C}" "1029" "0"
Update for Microsoft Office 2013 (KB2956168) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0409-1000-0000000FF1CE}" "{B6DACAB4-FD25-408D-AA58-F62B83A80233}" "1029" "0"
Update for Microsoft Office 2013 (KB2956168) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-041B-1000-0000000FF1CE}" "{EEAC4722-30BB-4C73-A7E7-4A6B731BE9A8}" "1029" "0"
Update for Microsoft Office 2013 (KB2956169) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{B5A6B49E-30F3-4D1D-8F9C-E53712D30996}" "1029" "0"
Update for Microsoft Office 2013 (KB2956171) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{A3DC29E8-0E97-448A-B9C0-9086CB8B3E86}" "1029" "0"
Update for Microsoft Office 2013 (KB2956177) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0000-1000-0000000FF1CE}" "{3F8EF29A-A7F8-48B0-BA19-01D0B88AB1B7}" "1029" "0"
Update for Microsoft Office 2013 (KB2956177) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{3F8EF29A-A7F8-48B0-BA19-01D0B88AB1B7}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0015-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0016-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0018-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0019-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001A-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001B-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0407-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0409-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-041B-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-002C-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0044-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-006E-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0090-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00A1-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00BA-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0000-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00E1-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00E2-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-012B-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft OneDrive for Business (KB2920746) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00BA-0405-1000-0000000FF1CE}" "{98F3EBD3-07A0-4239-85BB-7DB8A1185CA6}" "1029" "0"
Update for Microsoft OneDrive for Business (KB2920746) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0000-1000-0000000FF1CE}" "{98F3EBD3-07A0-4239-85BB-7DB8A1185CA6}" "1029" "0"
Update for Microsoft OneDrive for Business (KB2920746) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0405-1000-0000000FF1CE}" "{98F3EBD3-07A0-4239-85BB-7DB8A1185CA6}" "1029" "0"
Update for Microsoft OneDrive for Business (KB2920746) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{98F3EBD3-07A0-4239-85BB-7DB8A1185CA6}" "1029" "0"
Update for Microsoft OneNote 2013 (KB2956165) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00A1-0405-1000-0000000FF1CE}" "{91760BB8-6AB7-4252-BF92-EDCE196BCD8D}" "1029" "0"
Update for Microsoft OneNote 2013 (KB2956165) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0000-1000-0000000FF1CE}" "{91760BB8-6AB7-4252-BF92-EDCE196BCD8D}" "1029" "0"
Update for Microsoft OneNote 2013 (KB2956165) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{91760BB8-6AB7-4252-BF92-EDCE196BCD8D}" "1029" "0"
Update for Microsoft Outlook 2013 (KB2956170) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001A-0405-1000-0000000FF1CE}" "{79EC1590-20DA-4B91-8674-7FD28CB73EBA}" "1029" "0"
Update for Microsoft Outlook 2013 (KB2956170) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{79EC1590-20DA-4B91-8674-7FD28CB73EBA}" "1029" "0"
Update for Microsoft Outlook Social Connector 2013 (KB2737996) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001A-0405-1000-0000000FF1CE}" "{4DAEE65E-8D3C-409C-8836-1777D2165F22}" "1029" "0"
Update for Microsoft Outlook Social Connector 2013 (KB2737996) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{4DAEE65E-8D3C-409C-8836-1777D2165F22}" "1029" "0"
Update for Microsoft PowerPoint 2013 (KB2965206) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0018-0405-1000-0000000FF1CE}" "{2D6B72C2-F8EC-4FBC-ACBE-A83767F6F56B}" "1029" "0"
Update for Microsoft PowerPoint 2013 (KB2965206) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{2D6B72C2-F8EC-4FBC-ACBE-A83767F6F56B}" "1029" "0"
Update for Microsoft Project 2013 (KB2956187) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0000-1000-0000000FF1CE}" "{8E862B4E-0F3B-4B17-8E80-A0A81BE871C9}" "1029" "0"
Update for Microsoft Publisher 2013 (KB2883048) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0019-0405-1000-0000000FF1CE}" "{F24DFA32-C8EE-4AFB-89AB-07EE7A52E414}" "1029" "0"
Update for Microsoft Publisher 2013 (KB2883048) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{F24DFA32-C8EE-4AFB-89AB-07EE7A52E414}" "1029" "0"
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-006E-0405-1000-0000000FF1CE}" "{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}" "1029" "0"
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}" "1029" "0"
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}" "1029" "0"
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-012B-0405-1000-0000000FF1CE}" "{C224EEBF-D40A-4056-9DD3-EE74666F74AB}" "1029" "0"
Uplay-->D:\Programy\Ubisoft Game Launcher\Uninstall.exe
VLC media player-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Vulkan Run Time Libraries 1.0.39.1-->C:\Program Files (x86)\VulkanRT\1.0.39.1\UninstallVulkanRT.exe
Vulkan Run Time Libraries 1.0.8.1-->C:\Program Files (x86)\VulkanRT\1.0.8.1\UninstallVulkanRT.exe
War Thunder Launcher 1.0.1.738-->"D:\Filmy a Hry\WarThunder\unins000.exe"
Windows 7 USB/DVD Download Tool-->MsiExec.exe /X{CCF298AF-9CE1-4B26-B251-486E98A34789}
WinRAR 5.21 (64-bit)-->D:\Programy\WInrar\uninstall.exe
XSplit Gamecaster-->MsiExec.exe /X{4EDB1851-7427-4324-AAAA-9E3852C73DAE}
======System event log======
Computer Name: Jakub-PC
Event Code: 7036
Message: Stav služby SSDP Discovery byl změněn na: Spuštěno
Record Number: 46867
Source Name: Service Control Manager
Time Written: 20161006123357.587124-000
Event Type: Informace
User:
Computer Name: Jakub-PC
Event Code: 7036
Message: Stav služby Služba Zasílání zpráv o chybách systému Windows byl změněn na: Spuštěno
Record Number: 46866
Source Name: Service Control Manager
Time Written: 20161006123357.357124-000
Event Type: Informace
User:
Computer Name: Jakub-PC
Event Code: 7036
Message: Stav služby Služba Windows Media Player Network Sharing byl změněn na: Spuštěno
Record Number: 46865
Source Name: Service Control Manager
Time Written: 20161006123357.317124-000
Event Type: Informace
User:
Computer Name: Jakub-PC
Event Code: 7036
Message: Stav služby NVIDIA Streamer Network Service byl změněn na: Spuštěno
Record Number: 46864
Source Name: Service Control Manager
Time Written: 20161006123357.267124-000
Event Type: Informace
User:
Computer Name: Jakub-PC
Event Code: 7036
Message: Stav služby Windows Search byl změněn na: Spuštěno
Record Number: 46863
Source Name: Service Control Manager
Time Written: 20161006123357.167123-000
Event Type: Informace
User:
=====Application event log=====
Computer Name: Jakub-PC
Event Code: 1040
Message: Probíhá zahajování transakce Instalační služby systému Windows: d:\94a5d3c26934c6cfbd94a38bfa\vc_red.msi. ID procesu klienta: 2084
Record Number: 2261
Source Name: MsiInstaller
Time Written: 20160513160043.000000-000
Event Type: Informace
User: Jakub-PC\Jakub
Computer Name: Jakub-PC
Event Code: 10001
Message: Ukončování relace 0, zahájení 2016-05-13T16:00:32.497021400Z.
Record Number: 2260
Source Name: Microsoft-Windows-RestartManager
Time Written: 20160513160035.989221-000
Event Type: Informace
User: Jakub-PC\Jakub
Computer Name: Jakub-PC
Event Code: 1042
Message: Probíhá ukončování transakce Instalační služby systému Windows: c:\Windows\Installer\61636.msi. ID procesu klienta: 4548
Record Number: 2259
Source Name: MsiInstaller
Time Written: 20160513160035.000000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: Jakub-PC
Event Code: 1035
Message: Instalační služba systému Windows provedla opětovnou konfiguraci produktu. Název produktu: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219. Verze produktu: 10.0.40219. Jazyk produktu: 0. Výrobce: Microsoft Corporation. Stav opětovné konfigurace (úspěch nebo chyba): 0.
Record Number: 2258
Source Name: MsiInstaller
Time Written: 20160513160035.000000-000
Event Type: Informace
User: Jakub-PC\Jakub
Computer Name: Jakub-PC
Event Code: 11728
Message: Product: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 -- Configuration completed successfully.
Record Number: 2257
Source Name: MsiInstaller
Time Written: 20160513160035.000000-000
Event Type: Informace
User: Jakub-PC\Jakub
=====Security event log=====
Computer Name: 37L4247F27-25
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160422082515.040441-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247F27-25$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x1d0
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160422082515.040441-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.
Počet prvků: 0
ID zásady: 0x301aa
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160422082512.232436-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0
Typ přihlášení: 0
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x4
Název procesu:
Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160422082510.672433-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4608
Message: Spouští se systém Windows.
Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160422082510.594433-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=4
"OS"=Windows_NT
"Path"=C:\ProgramData\Oracle\Java\javapath;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Java\jdk1.8.0_101\bin;.;;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Skype\Phone\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_LEVEL"=6
"PROCESSOR_REVISION"=2a07
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"windows_tracing_flags"=3
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
NT Kernel & System
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
NT Kernel & System
- Přílohy
-
- Bez názvu.png (84.09 KiB) Zobrazeno 3548 x
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: NT Kernel & System
Zdravím!
Tento problém obvykle opravdu způsobuje ovladač gr. karty. Koukneme na to, zda tam nemáte nějaký šmejdík. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Tento problém obvykle opravdu způsobuje ovladač gr. karty. Koukneme na to, zda tam nemáte nějaký šmejdík. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: NT Kernel & System
Zde je log.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Jakub (administrator) on JAKUB-PC (19-03-2017 17:11:51)
Running from C:\Users\Jakub\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "D:\Programy\Mozilla32\firefox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
() C:\Windows\SysWOW64\ASGT.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(LogMeIn Inc.) D:\Programy\Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(LogMeIn, Inc.) D:\Programy\Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\SysWOW64\spdsvc.exe
(LogMeIn Inc.) D:\Programy\Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) D:\Programy\Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) D:\Programy\Mozilla\firefox.exe
(Mozilla Corporation) D:\Programy\Mozilla\firefox.exe
(BitTorrent Inc.) C:\Users\Jakub\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\Jakub\AppData\Roaming\uTorrent\updates\3.4.9_43388\utorrentie.exe
(BitTorrent Inc.) C:\Users\Jakub\AppData\Roaming\uTorrent\updates\3.4.9_43388\utorrentie.exe
(Jan Fiala) D:\Programy\PSPad editor\PSPad.exe
(forum.viry.cz) C:\Users\Jakub\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1354712 2016-08-30] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Programy\Hamachi\hamachi-2-ui.exe [5883912 2017-03-02] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {019e103c-2331-11e6-bf31-50e5493b0049} - G:\autorun.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {2a6ee064-1903-11e6-ab35-50e5493b0049} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {ec8a87cf-91d2-11e6-9004-50e5493b0049} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{6FE64A0E-B9BD-49E4-A0CF-899FD87E5417}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Programy\officy13\offices\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-26] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-26] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Programy\officy13\offices\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 44a9lnn6.default
FF ProfilePath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\44a9lnn6.default [2017-03-19]
FF Homepage: Mozilla\Firefox\Profiles\44a9lnn6.default -> hxxps://www.seznam.cz/
FF Extension: (Seznam lištička) - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\44a9lnn6.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Programy\officy13\offices\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
StartMenuInternet: FIREFOX.EXE - D:\Programy\Mozilla32\firefox.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-05-29] () [File not signed]
S3 Disc Soft Lite Bus Service; D:\Programy\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd)
R2 Hamachi2Svc; D:\Programy\Hamachi\x64\hamachi-2.exe [3416584 2017-03-02] (LogMeIn Inc.)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [120888 2016-08-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-08-30] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation)
S3 Origin Client Service; D:\Filmy a Hry\Origin\OriginClientService.exe [2122248 2017-02-26] (Electronic Arts)
S2 Origin Web Helper Service; D:\Filmy a Hry\Origin\OriginWebHelperService.exe [2184208 2017-02-26] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-05-03] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-05-03] ()
R2 Samsung Printer Dianostics Service; C:\Windows\SysWOW64\\spdsvc.exe [499000 2016-07-17] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-05-02] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-05-02] (Disc Soft Ltd)
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [342528 2013-11-06] (Intel(R) Corporation) [File not signed]
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-19 17:11 - 2017-03-19 17:12 - 00013824 _____ C:\Users\Jakub\Desktop\FRST.txt
2017-03-19 17:11 - 2017-03-19 17:11 - 00000000 ____D C:\FRST
2017-03-19 17:09 - 2017-03-19 17:10 - 00112640 _____ (forum.viry.cz) C:\Users\Jakub\Desktop\FRSTLauncher.exe
2017-03-19 17:08 - 2017-03-19 17:08 - 02424832 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2017-03-19 16:21 - 2017-03-19 16:26 - 00000000 ____D C:\rsit
2017-03-19 16:21 - 2017-03-19 16:25 - 00000000 ____D C:\Program Files\trend micro
2017-03-19 16:14 - 2017-03-19 16:14 - 00000000 ____D C:\Users\Jakub\AppData\LocalLow\uTorrent
2017-03-17 22:29 - 2017-02-23 09:17 - 00136064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-03-17 22:26 - 2017-02-23 23:56 - 00217528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-03-17 22:26 - 2017-02-23 23:56 - 00047664 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 40192056 _____ C:\Windows\system32\nvcompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 35272760 _____ C:\Windows\SysWOW64\nvcompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 34950592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 19007344 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 17281112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 16399408 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 14674712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 14429240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-03-17 22:26 - 2017-02-23 11:34 - 13377072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 11122912 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 11019888 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 09306312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 08990256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 03625408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 03185600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 01985080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437878.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437878.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 01051584 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00989120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00959424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00912440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00687408 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00611384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00576008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00503920 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00500792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00425288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00408272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00170360 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-03-15 18:58 - 2017-03-15 19:01 - 00001143 _____ C:\Users\Jakub\Downloads\KU1.java
2017-03-14 19:55 - 2017-03-14 19:55 - 00978560 _____ C:\Users\Jakub\Downloads\T-Mobile, KOVO HMMC-leták.pdf
2017-03-14 17:27 - 2017-03-14 17:27 - 06847064 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2017-03-09 08:58 - 2017-03-09 08:58 - 00000000 ____D C:\Users\Jakub\Desktop\Zakázaný ovoce
2017-03-08 23:40 - 2017-03-08 23:40 - 00000000 ____D C:\ProgramData\Steam
2017-03-08 23:22 - 2017-03-08 23:22 - 00000683 _____ C:\Users\Public\Desktop\Call of Duty Black Ops III.lnk
2017-03-08 23:22 - 2017-03-08 23:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-03-08 19:51 - 2017-03-08 19:51 - 00344064 _____ C:\Users\Jakub\Documents\Database1.accdb
2017-03-08 19:48 - 2017-03-08 19:48 - 00003482 _____ C:\Windows\System32\Tasks\Trigger KMS Activation
2017-03-08 19:48 - 2017-03-08 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSnano
2017-03-07 05:37 - 2017-03-07 05:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2017-03-05 13:10 - 2017-03-05 13:10 - 06022019 _____ C:\Users\Jakub\Downloads\video-1488715261.mp4
2017-03-02 16:58 - 2017-03-04 22:45 - 00000000 ____D C:\ProgramData\EA Logs
2017-03-02 16:58 - 2017-03-02 16:58 - 00000000 ____D C:\ProgramData\EA Core
2017-03-02 16:55 - 2017-03-02 16:55 - 00000934 _____ C:\Users\Public\Desktop\Crysis 2.lnk
2017-03-02 16:55 - 2017-03-02 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crysis 2
2017-03-02 16:54 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2017-02-25 08:00 - 2017-02-25 08:00 - 00000000 ____D C:\Users\Jakub\ansel
2017-02-24 16:51 - 2017-02-23 11:34 - 28223544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-02-24 16:51 - 2017-02-10 01:52 - 01983424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437866.dll
2017-02-24 16:51 - 2017-02-10 01:52 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437866.dll
2017-02-21 17:31 - 2017-02-21 17:31 - 00049884 _____ C:\Users\Jakub\Downloads\The-Flash-S03E09(0000280312).srt
2017-02-21 17:07 - 2017-02-21 17:07 - 00475749 _____ C:\Users\Jakub\Downloads\01 - Architektura operacnich systemu.pptx
2017-02-21 17:00 - 2017-02-21 17:00 - 01231039 _____ C:\Users\Jakub\Downloads\HPSim.zip
2017-02-21 16:01 - 2017-02-21 16:04 - 00000000 ____D C:\Program Files\FileViewPro
2017-02-21 15:59 - 2017-02-21 15:59 - 01838144 _____ (Solvusoft) C:\Users\Jakub\Downloads\Setup_FileViewPro_2016(1).exe
2017-02-20 20:44 - 2017-02-20 20:44 - 03897741 _____ C:\Users\Jakub\Downloads\Operační systémy 1.pdf
2017-02-20 20:44 - 2017-02-20 20:44 - 02076597 _____ C:\Users\Jakub\Downloads\DIMAN_i.pdf
2017-02-17 08:50 - 2017-03-19 15:40 - 00004946 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Jakub-PC-Jakub Jakub-PC
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-19 17:12 - 2016-04-22 14:39 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\uTorrent
2017-03-19 15:39 - 2016-05-02 17:16 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-19 09:39 - 2016-06-23 17:53 - 00000000 ____D C:\Users\Jakub\AppData\Local\Eclipse
2017-03-19 07:34 - 2016-11-15 19:45 - 00000000 ____D C:\Users\Jakub\AppData\LocalLow\Mozilla
2017-03-19 07:31 - 2009-07-14 05:45 - 00021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-19 07:31 - 2009-07-14 05:45 - 00021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-19 07:18 - 2016-08-20 19:48 - 00000000 ____D C:\Users\Jakub\AppData\Local\LogMeIn Hamachi
2017-03-19 07:16 - 2016-09-20 17:37 - 00003752 _____ C:\Windows\System32\Tasks\AutoKMS
2017-03-19 07:15 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-18 23:34 - 2016-04-22 10:51 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\vlc
2017-03-17 22:29 - 2016-05-02 17:30 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-03-17 22:29 - 2016-05-02 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-03-17 22:29 - 2016-05-02 17:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-03-17 22:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-03-17 22:28 - 2016-06-19 21:54 - 00000000 ____D C:\Users\Jakub\AppData\Local\CrashDumps
2017-03-17 22:19 - 2016-12-17 15:17 - 00004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:19 - 2016-11-05 16:37 - 00003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:19 - 2016-11-05 16:37 - 00001412 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-03-17 22:18 - 2016-11-05 16:37 - 00003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:37 - 00003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:37 - 00003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:37 - 00003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:36 - 00003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-05-02 17:15 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-03-17 22:18 - 2016-05-02 17:12 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-14 17:27 - 2016-04-23 10:44 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-14 17:27 - 2016-04-23 10:44 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-14 17:27 - 2016-04-23 10:44 - 00004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-14 17:27 - 2016-04-23 10:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-14 17:27 - 2016-04-23 10:44 - 00000000 ____D C:\Windows\system32\Macromed
2017-03-09 08:17 - 2009-07-14 05:45 - 05049784 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-08 20:27 - 2016-09-20 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-03-08 20:26 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-03-08 20:25 - 2016-09-20 17:33 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-03-08 20:25 - 2016-09-20 17:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-08 20:25 - 2011-04-12 09:45 - 00000000 ____D C:\Windows\ShellNew
2017-03-08 19:51 - 2016-04-22 10:51 - 00103216 _____ C:\Users\Jakub\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-07 12:00 - 2016-08-20 19:48 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2017-03-07 12:00 - 2016-08-20 19:48 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2017-03-07 05:37 - 2016-11-16 15:17 - 00000622 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2017-03-05 09:24 - 2011-04-12 09:34 - 00668138 _____ C:\Windows\system32\perfh005.dat
2017-03-05 09:24 - 2011-04-12 09:34 - 00140798 _____ C:\Windows\system32\perfc005.dat
2017-03-05 09:24 - 2009-07-14 06:13 - 01582262 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-04 23:10 - 2016-05-03 14:07 - 00000000 ____D C:\ProgramData\Origin
2017-03-04 23:09 - 2016-05-03 14:08 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Origin
2017-03-02 16:55 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-03-02 13:26 - 2016-08-20 19:48 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2017-02-28 16:27 - 2016-05-21 23:03 - 00000000 ____D C:\Users\Jakub\AppData\Local\Microsoft Help
2017-02-26 22:31 - 2016-05-03 15:35 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2017-02-26 22:31 - 2016-05-03 15:35 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2017-02-26 22:19 - 2016-05-03 14:08 - 00000000 ____D C:\Users\Jakub\AppData\Local\Origin
2017-02-25 08:00 - 2016-04-22 09:37 - 00000000 ____D C:\Users\Jakub
2017-02-23 23:56 - 2016-05-02 17:16 - 01600056 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01880512 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01468864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-02-23 15:30 - 2016-12-17 15:17 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-02-23 11:34 - 2016-11-05 16:46 - 00492744 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-02-23 11:34 - 2016-05-02 17:15 - 00042616 _____ C:\Windows\system32\nvinfo.pb
2017-02-23 11:34 - 2016-05-02 17:13 - 19883088 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-02-23 11:34 - 2016-05-02 17:13 - 04064088 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-02-23 11:34 - 2016-05-02 17:13 - 03583744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-02-23 09:43 - 2016-11-05 16:37 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-02-23 09:28 - 2016-05-02 17:30 - 00548288 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-02-23 09:28 - 2016-05-02 17:30 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 06401984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 02479160 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-02-23 07:38 - 2016-05-02 17:15 - 07807027 _____ C:\Windows\system32\nvcoproc.bin
2017-02-22 14:45 - 2016-10-25 17:09 - 00000000 ____D C:\Users\Jakub\AppData\Local\IIIQF
==================== Files in the root of some directories =======
2016-12-17 15:18 - 2017-02-02 20:05 - 0006140 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-17 15:18 - 2017-02-01 21:04 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
Some files in TEMP:
====================
2017-02-02 20:11 - 2017-02-09 23:39 - 0352704 _____ (NVIDIA Corporation) C:\Users\Jakub\AppData\Local\Temp\nvStInst.exe
2016-11-05 16:37 - 2017-01-20 19:39 - 0253376 _____ (NVIDIA Corporation) C:\Users\Jakub\AppData\Local\Temp\NvTelemetryAPI32.dll
2016-11-05 16:37 - 2017-01-20 19:39 - 0335296 _____ (NVIDIA Corporation) C:\Users\Jakub\AppData\Local\Temp\NvTelemetryAPI64.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Jakub\Desktop" je 238 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager
"C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"D:\Programy\Ccleaner\CCleaner64.exe" /MONITOR [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Jakub\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount
"D:\Programy\DAEMON Tools Lite\DTAgent.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gaijin.Net Agent
"C:\Users\Jakub\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam
"C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
"D:\Programy\Hamachi\hamachi-2-ui.exe" --auto-start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay
"C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000
C:\Windows\vVX1000.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Jakub (administrator) on JAKUB-PC (19-03-2017 17:11:51)
Running from C:\Users\Jakub\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "D:\Programy\Mozilla32\firefox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
() C:\Windows\SysWOW64\ASGT.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(LogMeIn Inc.) D:\Programy\Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(LogMeIn, Inc.) D:\Programy\Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\SysWOW64\spdsvc.exe
(LogMeIn Inc.) D:\Programy\Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) D:\Programy\Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) D:\Programy\Mozilla\firefox.exe
(Mozilla Corporation) D:\Programy\Mozilla\firefox.exe
(BitTorrent Inc.) C:\Users\Jakub\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\Jakub\AppData\Roaming\uTorrent\updates\3.4.9_43388\utorrentie.exe
(BitTorrent Inc.) C:\Users\Jakub\AppData\Roaming\uTorrent\updates\3.4.9_43388\utorrentie.exe
(Jan Fiala) D:\Programy\PSPad editor\PSPad.exe
(forum.viry.cz) C:\Users\Jakub\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1354712 2016-08-30] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Programy\Hamachi\hamachi-2-ui.exe [5883912 2017-03-02] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {019e103c-2331-11e6-bf31-50e5493b0049} - G:\autorun.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {2a6ee064-1903-11e6-ab35-50e5493b0049} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {ec8a87cf-91d2-11e6-9004-50e5493b0049} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{6FE64A0E-B9BD-49E4-A0CF-899FD87E5417}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Programy\officy13\offices\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-26] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-26] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Programy\officy13\offices\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 44a9lnn6.default
FF ProfilePath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\44a9lnn6.default [2017-03-19]
FF Homepage: Mozilla\Firefox\Profiles\44a9lnn6.default -> hxxps://www.seznam.cz/
FF Extension: (Seznam lištička) - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\44a9lnn6.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Programy\officy13\offices\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
StartMenuInternet: FIREFOX.EXE - D:\Programy\Mozilla32\firefox.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-05-29] () [File not signed]
S3 Disc Soft Lite Bus Service; D:\Programy\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd)
R2 Hamachi2Svc; D:\Programy\Hamachi\x64\hamachi-2.exe [3416584 2017-03-02] (LogMeIn Inc.)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [120888 2016-08-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-08-30] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation)
S3 Origin Client Service; D:\Filmy a Hry\Origin\OriginClientService.exe [2122248 2017-02-26] (Electronic Arts)
S2 Origin Web Helper Service; D:\Filmy a Hry\Origin\OriginWebHelperService.exe [2184208 2017-02-26] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-05-03] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-05-03] ()
R2 Samsung Printer Dianostics Service; C:\Windows\SysWOW64\\spdsvc.exe [499000 2016-07-17] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-05-02] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-05-02] (Disc Soft Ltd)
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [342528 2013-11-06] (Intel(R) Corporation) [File not signed]
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-19 17:11 - 2017-03-19 17:12 - 00013824 _____ C:\Users\Jakub\Desktop\FRST.txt
2017-03-19 17:11 - 2017-03-19 17:11 - 00000000 ____D C:\FRST
2017-03-19 17:09 - 2017-03-19 17:10 - 00112640 _____ (forum.viry.cz) C:\Users\Jakub\Desktop\FRSTLauncher.exe
2017-03-19 17:08 - 2017-03-19 17:08 - 02424832 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2017-03-19 16:21 - 2017-03-19 16:26 - 00000000 ____D C:\rsit
2017-03-19 16:21 - 2017-03-19 16:25 - 00000000 ____D C:\Program Files\trend micro
2017-03-19 16:14 - 2017-03-19 16:14 - 00000000 ____D C:\Users\Jakub\AppData\LocalLow\uTorrent
2017-03-17 22:29 - 2017-02-23 09:17 - 00136064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-03-17 22:26 - 2017-02-23 23:56 - 00217528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-03-17 22:26 - 2017-02-23 23:56 - 00047664 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 40192056 _____ C:\Windows\system32\nvcompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 35272760 _____ C:\Windows\SysWOW64\nvcompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 34950592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 19007344 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 17281112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 16399408 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 14674712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 14429240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-03-17 22:26 - 2017-02-23 11:34 - 13377072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 11122912 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 11019888 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 09306312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 08990256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 03625408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 03185600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 01985080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437878.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437878.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 01051584 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00989120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00959424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00912440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00687408 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00611384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00576008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00503920 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00500792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00425288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00408272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00170360 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-03-15 18:58 - 2017-03-15 19:01 - 00001143 _____ C:\Users\Jakub\Downloads\KU1.java
2017-03-14 19:55 - 2017-03-14 19:55 - 00978560 _____ C:\Users\Jakub\Downloads\T-Mobile, KOVO HMMC-leták.pdf
2017-03-14 17:27 - 2017-03-14 17:27 - 06847064 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2017-03-09 08:58 - 2017-03-09 08:58 - 00000000 ____D C:\Users\Jakub\Desktop\Zakázaný ovoce
2017-03-08 23:40 - 2017-03-08 23:40 - 00000000 ____D C:\ProgramData\Steam
2017-03-08 23:22 - 2017-03-08 23:22 - 00000683 _____ C:\Users\Public\Desktop\Call of Duty Black Ops III.lnk
2017-03-08 23:22 - 2017-03-08 23:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-03-08 19:51 - 2017-03-08 19:51 - 00344064 _____ C:\Users\Jakub\Documents\Database1.accdb
2017-03-08 19:48 - 2017-03-08 19:48 - 00003482 _____ C:\Windows\System32\Tasks\Trigger KMS Activation
2017-03-08 19:48 - 2017-03-08 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSnano
2017-03-07 05:37 - 2017-03-07 05:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2017-03-05 13:10 - 2017-03-05 13:10 - 06022019 _____ C:\Users\Jakub\Downloads\video-1488715261.mp4
2017-03-02 16:58 - 2017-03-04 22:45 - 00000000 ____D C:\ProgramData\EA Logs
2017-03-02 16:58 - 2017-03-02 16:58 - 00000000 ____D C:\ProgramData\EA Core
2017-03-02 16:55 - 2017-03-02 16:55 - 00000934 _____ C:\Users\Public\Desktop\Crysis 2.lnk
2017-03-02 16:55 - 2017-03-02 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crysis 2
2017-03-02 16:54 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2017-02-25 08:00 - 2017-02-25 08:00 - 00000000 ____D C:\Users\Jakub\ansel
2017-02-24 16:51 - 2017-02-23 11:34 - 28223544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-02-24 16:51 - 2017-02-10 01:52 - 01983424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437866.dll
2017-02-24 16:51 - 2017-02-10 01:52 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437866.dll
2017-02-21 17:31 - 2017-02-21 17:31 - 00049884 _____ C:\Users\Jakub\Downloads\The-Flash-S03E09(0000280312).srt
2017-02-21 17:07 - 2017-02-21 17:07 - 00475749 _____ C:\Users\Jakub\Downloads\01 - Architektura operacnich systemu.pptx
2017-02-21 17:00 - 2017-02-21 17:00 - 01231039 _____ C:\Users\Jakub\Downloads\HPSim.zip
2017-02-21 16:01 - 2017-02-21 16:04 - 00000000 ____D C:\Program Files\FileViewPro
2017-02-21 15:59 - 2017-02-21 15:59 - 01838144 _____ (Solvusoft) C:\Users\Jakub\Downloads\Setup_FileViewPro_2016(1).exe
2017-02-20 20:44 - 2017-02-20 20:44 - 03897741 _____ C:\Users\Jakub\Downloads\Operační systémy 1.pdf
2017-02-20 20:44 - 2017-02-20 20:44 - 02076597 _____ C:\Users\Jakub\Downloads\DIMAN_i.pdf
2017-02-17 08:50 - 2017-03-19 15:40 - 00004946 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Jakub-PC-Jakub Jakub-PC
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-19 17:12 - 2016-04-22 14:39 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\uTorrent
2017-03-19 15:39 - 2016-05-02 17:16 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-19 09:39 - 2016-06-23 17:53 - 00000000 ____D C:\Users\Jakub\AppData\Local\Eclipse
2017-03-19 07:34 - 2016-11-15 19:45 - 00000000 ____D C:\Users\Jakub\AppData\LocalLow\Mozilla
2017-03-19 07:31 - 2009-07-14 05:45 - 00021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-19 07:31 - 2009-07-14 05:45 - 00021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-19 07:18 - 2016-08-20 19:48 - 00000000 ____D C:\Users\Jakub\AppData\Local\LogMeIn Hamachi
2017-03-19 07:16 - 2016-09-20 17:37 - 00003752 _____ C:\Windows\System32\Tasks\AutoKMS
2017-03-19 07:15 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-18 23:34 - 2016-04-22 10:51 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\vlc
2017-03-17 22:29 - 2016-05-02 17:30 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-03-17 22:29 - 2016-05-02 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-03-17 22:29 - 2016-05-02 17:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-03-17 22:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-03-17 22:28 - 2016-06-19 21:54 - 00000000 ____D C:\Users\Jakub\AppData\Local\CrashDumps
2017-03-17 22:19 - 2016-12-17 15:17 - 00004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:19 - 2016-11-05 16:37 - 00003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:19 - 2016-11-05 16:37 - 00001412 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-03-17 22:18 - 2016-11-05 16:37 - 00003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:37 - 00003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:37 - 00003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:37 - 00003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:36 - 00003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-05-02 17:15 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-03-17 22:18 - 2016-05-02 17:12 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-14 17:27 - 2016-04-23 10:44 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-14 17:27 - 2016-04-23 10:44 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-14 17:27 - 2016-04-23 10:44 - 00004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-14 17:27 - 2016-04-23 10:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-14 17:27 - 2016-04-23 10:44 - 00000000 ____D C:\Windows\system32\Macromed
2017-03-09 08:17 - 2009-07-14 05:45 - 05049784 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-08 20:27 - 2016-09-20 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-03-08 20:26 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-03-08 20:25 - 2016-09-20 17:33 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-03-08 20:25 - 2016-09-20 17:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-08 20:25 - 2011-04-12 09:45 - 00000000 ____D C:\Windows\ShellNew
2017-03-08 19:51 - 2016-04-22 10:51 - 00103216 _____ C:\Users\Jakub\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-07 12:00 - 2016-08-20 19:48 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2017-03-07 12:00 - 2016-08-20 19:48 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2017-03-07 05:37 - 2016-11-16 15:17 - 00000622 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2017-03-05 09:24 - 2011-04-12 09:34 - 00668138 _____ C:\Windows\system32\perfh005.dat
2017-03-05 09:24 - 2011-04-12 09:34 - 00140798 _____ C:\Windows\system32\perfc005.dat
2017-03-05 09:24 - 2009-07-14 06:13 - 01582262 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-04 23:10 - 2016-05-03 14:07 - 00000000 ____D C:\ProgramData\Origin
2017-03-04 23:09 - 2016-05-03 14:08 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Origin
2017-03-02 16:55 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-03-02 13:26 - 2016-08-20 19:48 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2017-02-28 16:27 - 2016-05-21 23:03 - 00000000 ____D C:\Users\Jakub\AppData\Local\Microsoft Help
2017-02-26 22:31 - 2016-05-03 15:35 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2017-02-26 22:31 - 2016-05-03 15:35 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2017-02-26 22:19 - 2016-05-03 14:08 - 00000000 ____D C:\Users\Jakub\AppData\Local\Origin
2017-02-25 08:00 - 2016-04-22 09:37 - 00000000 ____D C:\Users\Jakub
2017-02-23 23:56 - 2016-05-02 17:16 - 01600056 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01880512 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01468864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-02-23 15:30 - 2016-12-17 15:17 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-02-23 11:34 - 2016-11-05 16:46 - 00492744 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-02-23 11:34 - 2016-05-02 17:15 - 00042616 _____ C:\Windows\system32\nvinfo.pb
2017-02-23 11:34 - 2016-05-02 17:13 - 19883088 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-02-23 11:34 - 2016-05-02 17:13 - 04064088 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-02-23 11:34 - 2016-05-02 17:13 - 03583744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-02-23 09:43 - 2016-11-05 16:37 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-02-23 09:28 - 2016-05-02 17:30 - 00548288 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-02-23 09:28 - 2016-05-02 17:30 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 06401984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 02479160 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-02-23 07:38 - 2016-05-02 17:15 - 07807027 _____ C:\Windows\system32\nvcoproc.bin
2017-02-22 14:45 - 2016-10-25 17:09 - 00000000 ____D C:\Users\Jakub\AppData\Local\IIIQF
==================== Files in the root of some directories =======
2016-12-17 15:18 - 2017-02-02 20:05 - 0006140 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-17 15:18 - 2017-02-01 21:04 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
Some files in TEMP:
====================
2017-02-02 20:11 - 2017-02-09 23:39 - 0352704 _____ (NVIDIA Corporation) C:\Users\Jakub\AppData\Local\Temp\nvStInst.exe
2016-11-05 16:37 - 2017-01-20 19:39 - 0253376 _____ (NVIDIA Corporation) C:\Users\Jakub\AppData\Local\Temp\NvTelemetryAPI32.dll
2016-11-05 16:37 - 2017-01-20 19:39 - 0335296 _____ (NVIDIA Corporation) C:\Users\Jakub\AppData\Local\Temp\NvTelemetryAPI64.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Jakub\Desktop" je 238 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager
"C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"D:\Programy\Ccleaner\CCleaner64.exe" /MONITOR [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Jakub\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount
"D:\Programy\DAEMON Tools Lite\DTAgent.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gaijin.Net Agent
"C:\Users\Jakub\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam
"C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
"D:\Programy\Hamachi\hamachi-2-ui.exe" --auto-start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay
"C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000
C:\Windows\vVX1000.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: NT Kernel & System
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: NT Kernel & System
Tak tady to je.
# AdwCleaner v6.044 - Log vytvořen 19/03/2017 v 19:57:43
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-03-18.1 [Místní]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Jakub - JAKUB-PC
# Spuštěno z : C:\Users\Jakub\Desktop\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\Users\Jakub\AppData\Local\FileViewPro
[-] Složka smazána: C:\Program Files\FileViewPro
[-] Složka smazána: C:\Users\Jakub\AppData\Local\Temp\FileViewPro
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{80107F16-CB2E-42AB-AB9D-6C11540D5A8B}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Applications\WinThrusterSetup.exe
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1468 Bajty] - [19/03/2017 19:57:43]
C:\AdwCleaner\AdwCleaner[S0].txt - [1905 Bajty] - [19/03/2017 18:46:41]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1614 Bajty] ##########
# AdwCleaner v6.044 - Log vytvořen 19/03/2017 v 19:57:43
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-03-18.1 [Místní]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Jakub - JAKUB-PC
# Spuštěno z : C:\Users\Jakub\Desktop\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\Users\Jakub\AppData\Local\FileViewPro
[-] Složka smazána: C:\Program Files\FileViewPro
[-] Složka smazána: C:\Users\Jakub\AppData\Local\Temp\FileViewPro
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{80107F16-CB2E-42AB-AB9D-6C11540D5A8B}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Applications\WinThrusterSetup.exe
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1468 Bajty] - [19/03/2017 19:57:43]
C:\AdwCleaner\AdwCleaner[S0].txt - [1905 Bajty] - [19/03/2017 18:46:41]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1614 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: NT Kernel & System
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: NT Kernel & System
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Jakub (administrator) on JAKUB-PC (19-03-2017 20:08:26)
Running from C:\Users\Jakub\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "D:\Programy\Mozilla32\firefox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
() C:\Windows\SysWOW64\ASGT.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(LogMeIn Inc.) D:\Programy\Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(LogMeIn, Inc.) D:\Programy\Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\SysWOW64\spdsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(LogMeIn Inc.) D:\Programy\Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) D:\Programy\Hamachi\x64\LMIGuardianSvc.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Mozilla Corporation) D:\Programy\Mozilla\firefox.exe
(Microsoft Corporation) D:\Programy\officy13\offices\Office15\MSOSYNC.EXE
(Mozilla Corporation) D:\Programy\Mozilla\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(forum.viry.cz) C:\Users\Jakub\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1354712 2016-08-30] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Programy\Hamachi\hamachi-2-ui.exe [5883912 2017-03-02] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {019e103c-2331-11e6-bf31-50e5493b0049} - G:\autorun.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {2a6ee064-1903-11e6-ab35-50e5493b0049} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {ec8a87cf-91d2-11e6-9004-50e5493b0049} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6FE64A0E-B9BD-49E4-A0CF-899FD87E5417}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Programy\officy13\offices\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-26] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-26] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Programy\officy13\offices\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 44a9lnn6.default
FF ProfilePath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\44a9lnn6.default [2017-03-19]
FF Homepage: Mozilla\Firefox\Profiles\44a9lnn6.default -> hxxps://www.seznam.cz/
FF Extension: (Seznam lištička) - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\44a9lnn6.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Programy\officy13\offices\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
StartMenuInternet: FIREFOX.EXE - D:\Programy\Mozilla32\firefox.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-05-29] () [File not signed]
S3 Disc Soft Lite Bus Service; D:\Programy\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd)
R2 Hamachi2Svc; D:\Programy\Hamachi\x64\hamachi-2.exe [3416584 2017-03-02] (LogMeIn Inc.)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [120888 2016-08-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-08-30] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation)
S3 Origin Client Service; D:\Filmy a Hry\Origin\OriginClientService.exe [2122248 2017-02-26] (Electronic Arts)
S2 Origin Web Helper Service; D:\Filmy a Hry\Origin\OriginWebHelperService.exe [2184208 2017-02-26] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-05-03] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-05-03] ()
R2 Samsung Printer Dianostics Service; C:\Windows\SysWOW64\\spdsvc.exe [499000 2016-07-17] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-05-02] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-05-02] (Disc Soft Ltd)
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [342528 2013-11-06] (Intel(R) Corporation) [File not signed]
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-19 18:45 - 2017-03-19 19:57 - 00000000 ____D C:\AdwCleaner
2017-03-19 18:44 - 2017-03-19 18:44 - 04031440 _____ C:\Users\Jakub\Desktop\adwcleaner_6.044.exe
2017-03-19 17:11 - 2017-03-19 20:08 - 00013693 _____ C:\Users\Jakub\Desktop\FRST.txt
2017-03-19 17:11 - 2017-03-19 17:11 - 00000000 ____D C:\FRST
2017-03-19 17:09 - 2017-03-19 17:10 - 00112640 _____ (forum.viry.cz) C:\Users\Jakub\Desktop\FRSTLauncher.exe
2017-03-19 17:08 - 2017-03-19 17:08 - 02424832 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2017-03-19 16:21 - 2017-03-19 16:26 - 00000000 ____D C:\rsit
2017-03-19 16:21 - 2017-03-19 16:25 - 00000000 ____D C:\Program Files\trend micro
2017-03-17 22:29 - 2017-02-23 09:17 - 00136064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-03-17 22:26 - 2017-02-23 23:56 - 00217528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-03-17 22:26 - 2017-02-23 23:56 - 00047664 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 40192056 _____ C:\Windows\system32\nvcompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 35272760 _____ C:\Windows\SysWOW64\nvcompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 34950592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 19007344 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 17281112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 16399408 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 14674712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 14429240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-03-17 22:26 - 2017-02-23 11:34 - 13377072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 11122912 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 11019888 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 09306312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 08990256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 03625408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 03185600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 01985080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437878.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437878.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 01051584 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00989120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00959424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00912440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00687408 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00611384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00576008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00503920 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00500792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00425288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00408272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00170360 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-03-15 18:58 - 2017-03-15 19:01 - 00001143 _____ C:\Users\Jakub\Downloads\KU1.java
2017-03-14 19:55 - 2017-03-14 19:55 - 00978560 _____ C:\Users\Jakub\Downloads\T-Mobile, KOVO HMMC-leták.pdf
2017-03-14 17:27 - 2017-03-14 17:27 - 06847064 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2017-03-09 08:58 - 2017-03-09 08:58 - 00000000 ____D C:\Users\Jakub\Desktop\Zakázaný ovoce
2017-03-08 23:40 - 2017-03-08 23:40 - 00000000 ____D C:\ProgramData\Steam
2017-03-08 23:22 - 2017-03-08 23:22 - 00000683 _____ C:\Users\Public\Desktop\Call of Duty Black Ops III.lnk
2017-03-08 23:22 - 2017-03-08 23:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-03-08 19:51 - 2017-03-08 19:51 - 00344064 _____ C:\Users\Jakub\Documents\Database1.accdb
2017-03-08 19:48 - 2017-03-08 19:48 - 00003482 _____ C:\Windows\System32\Tasks\Trigger KMS Activation
2017-03-08 19:48 - 2017-03-08 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSnano
2017-03-07 05:37 - 2017-03-07 05:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2017-03-05 13:10 - 2017-03-05 13:10 - 06022019 _____ C:\Users\Jakub\Downloads\video-1488715261.mp4
2017-03-02 16:58 - 2017-03-04 22:45 - 00000000 ____D C:\ProgramData\EA Logs
2017-03-02 16:58 - 2017-03-02 16:58 - 00000000 ____D C:\ProgramData\EA Core
2017-03-02 16:55 - 2017-03-02 16:55 - 00000934 _____ C:\Users\Public\Desktop\Crysis 2.lnk
2017-03-02 16:55 - 2017-03-02 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crysis 2
2017-03-02 16:54 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2017-02-25 08:00 - 2017-02-25 08:00 - 00000000 ____D C:\Users\Jakub\ansel
2017-02-24 16:51 - 2017-02-23 11:34 - 28223544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-02-24 16:51 - 2017-02-10 01:52 - 01983424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437866.dll
2017-02-24 16:51 - 2017-02-10 01:52 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437866.dll
2017-02-21 17:31 - 2017-02-21 17:31 - 00049884 _____ C:\Users\Jakub\Downloads\The-Flash-S03E09(0000280312).srt
2017-02-21 17:07 - 2017-02-21 17:07 - 00475749 _____ C:\Users\Jakub\Downloads\01 - Architektura operacnich systemu.pptx
2017-02-21 17:00 - 2017-02-21 17:00 - 01231039 _____ C:\Users\Jakub\Downloads\HPSim.zip
2017-02-21 15:59 - 2017-02-21 15:59 - 01838144 _____ (Solvusoft) C:\Users\Jakub\Downloads\Setup_FileViewPro_2016(1).exe
2017-02-20 20:44 - 2017-02-20 20:44 - 03897741 _____ C:\Users\Jakub\Downloads\Operační systémy 1.pdf
2017-02-20 20:44 - 2017-02-20 20:44 - 02076597 _____ C:\Users\Jakub\Downloads\DIMAN_i.pdf
2017-02-17 08:50 - 2017-03-19 20:00 - 00004948 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Jakub-PC-Jakub Jakub-PC
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-19 20:01 - 2016-08-20 19:48 - 00000000 ____D C:\Users\Jakub\AppData\Local\LogMeIn Hamachi
2017-03-19 20:00 - 2016-11-15 19:45 - 00000000 ____D C:\Users\Jakub\AppData\LocalLow\Mozilla
2017-03-19 20:00 - 2016-09-20 17:37 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2017-03-19 19:59 - 2016-05-02 17:16 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-19 19:59 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-19 18:10 - 2016-06-23 17:53 - 00000000 ____D C:\Users\Jakub\AppData\Local\Eclipse
2017-03-19 18:06 - 2016-04-22 14:39 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\uTorrent
2017-03-19 18:06 - 2016-04-22 10:51 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\vlc
2017-03-19 07:31 - 2009-07-14 05:45 - 00021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-19 07:31 - 2009-07-14 05:45 - 00021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-17 22:29 - 2016-05-02 17:30 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-03-17 22:29 - 2016-05-02 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-03-17 22:29 - 2016-05-02 17:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-03-17 22:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-03-17 22:28 - 2016-06-19 21:54 - 00000000 ____D C:\Users\Jakub\AppData\Local\CrashDumps
2017-03-17 22:19 - 2016-12-17 15:17 - 00004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:19 - 2016-11-05 16:37 - 00003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:19 - 2016-11-05 16:37 - 00001412 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-03-17 22:18 - 2016-11-05 16:37 - 00003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:37 - 00003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:37 - 00003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:37 - 00003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:36 - 00003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-05-02 17:15 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-03-17 22:18 - 2016-05-02 17:12 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-14 17:27 - 2016-04-23 10:44 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-14 17:27 - 2016-04-23 10:44 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-14 17:27 - 2016-04-23 10:44 - 00004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-14 17:27 - 2016-04-23 10:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-14 17:27 - 2016-04-23 10:44 - 00000000 ____D C:\Windows\system32\Macromed
2017-03-09 08:17 - 2009-07-14 05:45 - 05049784 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-08 20:27 - 2016-09-20 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-03-08 20:26 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-03-08 20:25 - 2016-09-20 17:33 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-03-08 20:25 - 2016-09-20 17:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-08 20:25 - 2011-04-12 09:45 - 00000000 ____D C:\Windows\ShellNew
2017-03-08 19:51 - 2016-04-22 10:51 - 00103216 _____ C:\Users\Jakub\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-07 12:00 - 2016-08-20 19:48 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2017-03-07 12:00 - 2016-08-20 19:48 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2017-03-07 05:37 - 2016-11-16 15:17 - 00000622 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2017-03-05 09:24 - 2011-04-12 09:34 - 00668138 _____ C:\Windows\system32\perfh005.dat
2017-03-05 09:24 - 2011-04-12 09:34 - 00140798 _____ C:\Windows\system32\perfc005.dat
2017-03-05 09:24 - 2009-07-14 06:13 - 01582262 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-04 23:10 - 2016-05-03 14:07 - 00000000 ____D C:\ProgramData\Origin
2017-03-04 23:09 - 2016-05-03 14:08 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Origin
2017-03-02 16:55 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-03-02 13:26 - 2016-08-20 19:48 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2017-02-28 16:27 - 2016-05-21 23:03 - 00000000 ____D C:\Users\Jakub\AppData\Local\Microsoft Help
2017-02-26 22:31 - 2016-05-03 15:35 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2017-02-26 22:31 - 2016-05-03 15:35 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2017-02-26 22:19 - 2016-05-03 14:08 - 00000000 ____D C:\Users\Jakub\AppData\Local\Origin
2017-02-25 08:00 - 2016-04-22 09:37 - 00000000 ____D C:\Users\Jakub
2017-02-23 23:56 - 2016-05-02 17:16 - 01600056 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01880512 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01468864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-02-23 15:30 - 2016-12-17 15:17 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-02-23 11:34 - 2016-11-05 16:46 - 00492744 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-02-23 11:34 - 2016-05-02 17:15 - 00042616 _____ C:\Windows\system32\nvinfo.pb
2017-02-23 11:34 - 2016-05-02 17:13 - 19883088 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-02-23 11:34 - 2016-05-02 17:13 - 04064088 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-02-23 11:34 - 2016-05-02 17:13 - 03583744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-02-23 09:43 - 2016-11-05 16:37 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-02-23 09:28 - 2016-05-02 17:30 - 00548288 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-02-23 09:28 - 2016-05-02 17:30 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 06401984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 02479160 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-02-23 07:38 - 2016-05-02 17:15 - 07807027 _____ C:\Windows\system32\nvcoproc.bin
2017-02-22 14:45 - 2016-10-25 17:09 - 00000000 ____D C:\Users\Jakub\AppData\Local\IIIQF
==================== Files in the root of some directories =======
2016-12-17 15:18 - 2017-02-02 20:05 - 0006140 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-17 15:18 - 2017-02-01 21:04 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
Some files in TEMP:
====================
2017-02-02 20:11 - 2017-02-09 23:39 - 0352704 _____ (NVIDIA Corporation) C:\Users\Jakub\AppData\Local\Temp\nvStInst.exe
2016-11-05 16:37 - 2017-01-20 19:39 - 0253376 _____ (NVIDIA Corporation) C:\Users\Jakub\AppData\Local\Temp\NvTelemetryAPI32.dll
2016-11-05 16:37 - 2017-01-20 19:39 - 0335296 _____ (NVIDIA Corporation) C:\Users\Jakub\AppData\Local\Temp\NvTelemetryAPI64.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Jakub\Desktop" je 241 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager
"C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"D:\Programy\Ccleaner\CCleaner64.exe" /MONITOR [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Jakub\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount
"D:\Programy\DAEMON Tools Lite\DTAgent.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gaijin.Net Agent
"C:\Users\Jakub\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam
"C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
"D:\Programy\Hamachi\hamachi-2-ui.exe" --auto-start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay
"C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000
C:\Windows\vVX1000.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Jakub (administrator) on JAKUB-PC (19-03-2017 20:08:26)
Running from C:\Users\Jakub\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "D:\Programy\Mozilla32\firefox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
() C:\Windows\SysWOW64\ASGT.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(LogMeIn Inc.) D:\Programy\Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(LogMeIn, Inc.) D:\Programy\Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\SysWOW64\spdsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(LogMeIn Inc.) D:\Programy\Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) D:\Programy\Hamachi\x64\LMIGuardianSvc.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Mozilla Corporation) D:\Programy\Mozilla\firefox.exe
(Microsoft Corporation) D:\Programy\officy13\offices\Office15\MSOSYNC.EXE
(Mozilla Corporation) D:\Programy\Mozilla\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(forum.viry.cz) C:\Users\Jakub\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1354712 2016-08-30] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Programy\Hamachi\hamachi-2-ui.exe [5883912 2017-03-02] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {019e103c-2331-11e6-bf31-50e5493b0049} - G:\autorun.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {2a6ee064-1903-11e6-ab35-50e5493b0049} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {ec8a87cf-91d2-11e6-9004-50e5493b0049} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6FE64A0E-B9BD-49E4-A0CF-899FD87E5417}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Programy\officy13\offices\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-26] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-26] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Programy\officy13\offices\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 44a9lnn6.default
FF ProfilePath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\44a9lnn6.default [2017-03-19]
FF Homepage: Mozilla\Firefox\Profiles\44a9lnn6.default -> hxxps://www.seznam.cz/
FF Extension: (Seznam lištička) - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\44a9lnn6.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Programy\officy13\offices\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
StartMenuInternet: FIREFOX.EXE - D:\Programy\Mozilla32\firefox.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-05-29] () [File not signed]
S3 Disc Soft Lite Bus Service; D:\Programy\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd)
R2 Hamachi2Svc; D:\Programy\Hamachi\x64\hamachi-2.exe [3416584 2017-03-02] (LogMeIn Inc.)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [120888 2016-08-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-08-30] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation)
S3 Origin Client Service; D:\Filmy a Hry\Origin\OriginClientService.exe [2122248 2017-02-26] (Electronic Arts)
S2 Origin Web Helper Service; D:\Filmy a Hry\Origin\OriginWebHelperService.exe [2184208 2017-02-26] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-05-03] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-05-03] ()
R2 Samsung Printer Dianostics Service; C:\Windows\SysWOW64\\spdsvc.exe [499000 2016-07-17] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-05-02] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-05-02] (Disc Soft Ltd)
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [342528 2013-11-06] (Intel(R) Corporation) [File not signed]
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-19 18:45 - 2017-03-19 19:57 - 00000000 ____D C:\AdwCleaner
2017-03-19 18:44 - 2017-03-19 18:44 - 04031440 _____ C:\Users\Jakub\Desktop\adwcleaner_6.044.exe
2017-03-19 17:11 - 2017-03-19 20:08 - 00013693 _____ C:\Users\Jakub\Desktop\FRST.txt
2017-03-19 17:11 - 2017-03-19 17:11 - 00000000 ____D C:\FRST
2017-03-19 17:09 - 2017-03-19 17:10 - 00112640 _____ (forum.viry.cz) C:\Users\Jakub\Desktop\FRSTLauncher.exe
2017-03-19 17:08 - 2017-03-19 17:08 - 02424832 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2017-03-19 16:21 - 2017-03-19 16:26 - 00000000 ____D C:\rsit
2017-03-19 16:21 - 2017-03-19 16:25 - 00000000 ____D C:\Program Files\trend micro
2017-03-17 22:29 - 2017-02-23 09:17 - 00136064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-03-17 22:26 - 2017-02-23 23:56 - 00217528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-03-17 22:26 - 2017-02-23 23:56 - 00047664 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 40192056 _____ C:\Windows\system32\nvcompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 35272760 _____ C:\Windows\SysWOW64\nvcompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 34950592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 19007344 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 17281112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 16399408 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 14674712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 14429240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-03-17 22:26 - 2017-02-23 11:34 - 13377072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 11122912 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 11019888 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 09306312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 08990256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 03625408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 03185600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 01985080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437878.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437878.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 01051584 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00989120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00959424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00912440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00687408 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00611384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00576008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00503920 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00500792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00425288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00408272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00170360 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-03-15 18:58 - 2017-03-15 19:01 - 00001143 _____ C:\Users\Jakub\Downloads\KU1.java
2017-03-14 19:55 - 2017-03-14 19:55 - 00978560 _____ C:\Users\Jakub\Downloads\T-Mobile, KOVO HMMC-leták.pdf
2017-03-14 17:27 - 2017-03-14 17:27 - 06847064 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2017-03-09 08:58 - 2017-03-09 08:58 - 00000000 ____D C:\Users\Jakub\Desktop\Zakázaný ovoce
2017-03-08 23:40 - 2017-03-08 23:40 - 00000000 ____D C:\ProgramData\Steam
2017-03-08 23:22 - 2017-03-08 23:22 - 00000683 _____ C:\Users\Public\Desktop\Call of Duty Black Ops III.lnk
2017-03-08 23:22 - 2017-03-08 23:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-03-08 19:51 - 2017-03-08 19:51 - 00344064 _____ C:\Users\Jakub\Documents\Database1.accdb
2017-03-08 19:48 - 2017-03-08 19:48 - 00003482 _____ C:\Windows\System32\Tasks\Trigger KMS Activation
2017-03-08 19:48 - 2017-03-08 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSnano
2017-03-07 05:37 - 2017-03-07 05:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2017-03-05 13:10 - 2017-03-05 13:10 - 06022019 _____ C:\Users\Jakub\Downloads\video-1488715261.mp4
2017-03-02 16:58 - 2017-03-04 22:45 - 00000000 ____D C:\ProgramData\EA Logs
2017-03-02 16:58 - 2017-03-02 16:58 - 00000000 ____D C:\ProgramData\EA Core
2017-03-02 16:55 - 2017-03-02 16:55 - 00000934 _____ C:\Users\Public\Desktop\Crysis 2.lnk
2017-03-02 16:55 - 2017-03-02 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crysis 2
2017-03-02 16:54 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2017-02-25 08:00 - 2017-02-25 08:00 - 00000000 ____D C:\Users\Jakub\ansel
2017-02-24 16:51 - 2017-02-23 11:34 - 28223544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-02-24 16:51 - 2017-02-10 01:52 - 01983424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437866.dll
2017-02-24 16:51 - 2017-02-10 01:52 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437866.dll
2017-02-21 17:31 - 2017-02-21 17:31 - 00049884 _____ C:\Users\Jakub\Downloads\The-Flash-S03E09(0000280312).srt
2017-02-21 17:07 - 2017-02-21 17:07 - 00475749 _____ C:\Users\Jakub\Downloads\01 - Architektura operacnich systemu.pptx
2017-02-21 17:00 - 2017-02-21 17:00 - 01231039 _____ C:\Users\Jakub\Downloads\HPSim.zip
2017-02-21 15:59 - 2017-02-21 15:59 - 01838144 _____ (Solvusoft) C:\Users\Jakub\Downloads\Setup_FileViewPro_2016(1).exe
2017-02-20 20:44 - 2017-02-20 20:44 - 03897741 _____ C:\Users\Jakub\Downloads\Operační systémy 1.pdf
2017-02-20 20:44 - 2017-02-20 20:44 - 02076597 _____ C:\Users\Jakub\Downloads\DIMAN_i.pdf
2017-02-17 08:50 - 2017-03-19 20:00 - 00004948 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Jakub-PC-Jakub Jakub-PC
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-19 20:01 - 2016-08-20 19:48 - 00000000 ____D C:\Users\Jakub\AppData\Local\LogMeIn Hamachi
2017-03-19 20:00 - 2016-11-15 19:45 - 00000000 ____D C:\Users\Jakub\AppData\LocalLow\Mozilla
2017-03-19 20:00 - 2016-09-20 17:37 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2017-03-19 19:59 - 2016-05-02 17:16 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-19 19:59 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-19 18:10 - 2016-06-23 17:53 - 00000000 ____D C:\Users\Jakub\AppData\Local\Eclipse
2017-03-19 18:06 - 2016-04-22 14:39 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\uTorrent
2017-03-19 18:06 - 2016-04-22 10:51 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\vlc
2017-03-19 07:31 - 2009-07-14 05:45 - 00021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-19 07:31 - 2009-07-14 05:45 - 00021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-17 22:29 - 2016-05-02 17:30 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-03-17 22:29 - 2016-05-02 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-03-17 22:29 - 2016-05-02 17:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-03-17 22:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-03-17 22:28 - 2016-06-19 21:54 - 00000000 ____D C:\Users\Jakub\AppData\Local\CrashDumps
2017-03-17 22:19 - 2016-12-17 15:17 - 00004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:19 - 2016-11-05 16:37 - 00003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:19 - 2016-11-05 16:37 - 00001412 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-03-17 22:18 - 2016-11-05 16:37 - 00003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:37 - 00003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:37 - 00003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:37 - 00003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:36 - 00003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-05-02 17:15 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-03-17 22:18 - 2016-05-02 17:12 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-14 17:27 - 2016-04-23 10:44 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-14 17:27 - 2016-04-23 10:44 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-14 17:27 - 2016-04-23 10:44 - 00004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-14 17:27 - 2016-04-23 10:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-14 17:27 - 2016-04-23 10:44 - 00000000 ____D C:\Windows\system32\Macromed
2017-03-09 08:17 - 2009-07-14 05:45 - 05049784 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-08 20:27 - 2016-09-20 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-03-08 20:26 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-03-08 20:25 - 2016-09-20 17:33 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-03-08 20:25 - 2016-09-20 17:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-08 20:25 - 2011-04-12 09:45 - 00000000 ____D C:\Windows\ShellNew
2017-03-08 19:51 - 2016-04-22 10:51 - 00103216 _____ C:\Users\Jakub\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-07 12:00 - 2016-08-20 19:48 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2017-03-07 12:00 - 2016-08-20 19:48 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2017-03-07 05:37 - 2016-11-16 15:17 - 00000622 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2017-03-05 09:24 - 2011-04-12 09:34 - 00668138 _____ C:\Windows\system32\perfh005.dat
2017-03-05 09:24 - 2011-04-12 09:34 - 00140798 _____ C:\Windows\system32\perfc005.dat
2017-03-05 09:24 - 2009-07-14 06:13 - 01582262 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-04 23:10 - 2016-05-03 14:07 - 00000000 ____D C:\ProgramData\Origin
2017-03-04 23:09 - 2016-05-03 14:08 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Origin
2017-03-02 16:55 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-03-02 13:26 - 2016-08-20 19:48 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2017-02-28 16:27 - 2016-05-21 23:03 - 00000000 ____D C:\Users\Jakub\AppData\Local\Microsoft Help
2017-02-26 22:31 - 2016-05-03 15:35 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2017-02-26 22:31 - 2016-05-03 15:35 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2017-02-26 22:19 - 2016-05-03 14:08 - 00000000 ____D C:\Users\Jakub\AppData\Local\Origin
2017-02-25 08:00 - 2016-04-22 09:37 - 00000000 ____D C:\Users\Jakub
2017-02-23 23:56 - 2016-05-02 17:16 - 01600056 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01880512 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01468864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-02-23 15:30 - 2016-12-17 15:17 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-02-23 11:34 - 2016-11-05 16:46 - 00492744 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-02-23 11:34 - 2016-05-02 17:15 - 00042616 _____ C:\Windows\system32\nvinfo.pb
2017-02-23 11:34 - 2016-05-02 17:13 - 19883088 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-02-23 11:34 - 2016-05-02 17:13 - 04064088 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-02-23 11:34 - 2016-05-02 17:13 - 03583744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-02-23 09:43 - 2016-11-05 16:37 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-02-23 09:28 - 2016-05-02 17:30 - 00548288 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-02-23 09:28 - 2016-05-02 17:30 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 06401984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 02479160 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-02-23 07:38 - 2016-05-02 17:15 - 07807027 _____ C:\Windows\system32\nvcoproc.bin
2017-02-22 14:45 - 2016-10-25 17:09 - 00000000 ____D C:\Users\Jakub\AppData\Local\IIIQF
==================== Files in the root of some directories =======
2016-12-17 15:18 - 2017-02-02 20:05 - 0006140 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-17 15:18 - 2017-02-01 21:04 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
Some files in TEMP:
====================
2017-02-02 20:11 - 2017-02-09 23:39 - 0352704 _____ (NVIDIA Corporation) C:\Users\Jakub\AppData\Local\Temp\nvStInst.exe
2016-11-05 16:37 - 2017-01-20 19:39 - 0253376 _____ (NVIDIA Corporation) C:\Users\Jakub\AppData\Local\Temp\NvTelemetryAPI32.dll
2016-11-05 16:37 - 2017-01-20 19:39 - 0335296 _____ (NVIDIA Corporation) C:\Users\Jakub\AppData\Local\Temp\NvTelemetryAPI64.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Jakub\Desktop" je 241 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager
"C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"D:\Programy\Ccleaner\CCleaner64.exe" /MONITOR [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Jakub\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount
"D:\Programy\DAEMON Tools Lite\DTAgent.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gaijin.Net Agent
"C:\Users\Jakub\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam
"C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
"D:\Programy\Hamachi\hamachi-2-ui.exe" --auto-start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay
"C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000
C:\Windows\vVX1000.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: NT Kernel & System
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {019e103c-2331-11e6-bf31-50e5493b0049} - G:\autorun.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {2a6ee064-1903-11e6-ab35-50e5493b0049} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {ec8a87cf-91d2-11e6-9004-50e5493b0049} - G:\HiSuiteDownLoader.exe
C:\Windows\System32\Tasks\AutoKMS
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: NT Kernel & System
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Jakub (19-03-2017 22:15:25) Run:1
Running from C:\Users\Jakub\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {019e103c-2331-11e6-bf31-50e5493b0049} - G:\autorun.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {2a6ee064-1903-11e6-ab35-50e5493b0049} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {ec8a87cf-91d2-11e6-9004-50e5493b0049} - G:\HiSuiteDownLoader.exe
C:\Windows\System32\Tasks\AutoKMS
EmptyTemp:
End
*****************
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{019e103c-2331-11e6-bf31-50e5493b0049} => key removed successfully
HKCR\CLSID\{019e103c-2331-11e6-bf31-50e5493b0049} => key not found.
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2a6ee064-1903-11e6-ab35-50e5493b0049} => key removed successfully
HKCR\CLSID\{2a6ee064-1903-11e6-ab35-50e5493b0049} => key not found.
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ec8a87cf-91d2-11e6-9004-50e5493b0049} => key removed successfully
HKCR\CLSID\{ec8a87cf-91d2-11e6-9004-50e5493b0049} => key not found.
C:\Windows\System32\Tasks\AutoKMS => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 80651725 B
Java, Flash, Steam htmlcache => 444729474 B
Windows/system/drivers => 531217 B
Edge => 0 B
Chrome => 0 B
Firefox => 344739843 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83693 B
systemprofile32 => 66356 B
LocalService => 66228 B
NetworkService => 208205392 B
Jakub => 1285806812 B
RecycleBin => 1417347 B
EmptyTemp: => 2.2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 22:15:42 ====
Ran by Jakub (19-03-2017 22:15:25) Run:1
Running from C:\Users\Jakub\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {019e103c-2331-11e6-bf31-50e5493b0049} - G:\autorun.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {2a6ee064-1903-11e6-ab35-50e5493b0049} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {ec8a87cf-91d2-11e6-9004-50e5493b0049} - G:\HiSuiteDownLoader.exe
C:\Windows\System32\Tasks\AutoKMS
EmptyTemp:
End
*****************
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{019e103c-2331-11e6-bf31-50e5493b0049} => key removed successfully
HKCR\CLSID\{019e103c-2331-11e6-bf31-50e5493b0049} => key not found.
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2a6ee064-1903-11e6-ab35-50e5493b0049} => key removed successfully
HKCR\CLSID\{2a6ee064-1903-11e6-ab35-50e5493b0049} => key not found.
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ec8a87cf-91d2-11e6-9004-50e5493b0049} => key removed successfully
HKCR\CLSID\{ec8a87cf-91d2-11e6-9004-50e5493b0049} => key not found.
C:\Windows\System32\Tasks\AutoKMS => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 80651725 B
Java, Flash, Steam htmlcache => 444729474 B
Windows/system/drivers => 531217 B
Edge => 0 B
Chrome => 0 B
Firefox => 344739843 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83693 B
systemprofile32 => 66356 B
LocalService => 66228 B
NetworkService => 208205392 B
Jakub => 1285806812 B
RecycleBin => 1417347 B
EmptyTemp: => 2.2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 22:15:42 ====
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: NT Kernel & System
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: NT Kernel & System
Ono se to vždycky objevilo v průběhu dne. Budu to sledovat a dám vědět. 
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: NT Kernel & System
OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: NT Kernel & System
Vypadá to, že je snad vše v pořádku. Kdyby se to přece jen zase objevilo, můžu napsat opět do tohoto téma a zbytečně nezakládat nové?
Kdyby se to přece jen zase objevilo, můžu napsat opět do tohoto téma a zbytečně nezakládat nové?-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: NT Kernel & System
Můžete, ale musíte požádat o odemčení. Vyřešená témata zamykáme, protože nám do nich vstupují cizí uživatelé. Jsem rád, že je to OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?