VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

NT Kernel & System

https://forum.viry.cz:443/viewtopic.php?t=151678

Stránka 1 z 1

NT Kernel & System

Napsal: 19 bře 2017 16:32
od Rolandman
Dobrý den, poprosil bych o kontrolu logu. Pořád mi zatěžuje systém proces NT Kernel & System. Zkoušel jsem aktualizovat ovladač grafické karty a nepomohlo. spouští se to samovolně, nepravidelně. příkládám i obrázek správce procesů. Předem děkuji za pomoc

info.txt logfile of random's system information tool 1.10 2017-03-19 16:26:04

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A3DD0C2A100008020210007A3130D000800000020030000A3140D07EFFFFF0028030000E0661800EFFFFF07EFFFFF00086A180058065C0000000000000000000000000000000055AA

======Uninstall list======

-->C:\ProgramData\{4B36989F-BE86-4A21-94B1-AC154A69EA65}\WinThrusterSetup.exe
7-PDF Maker Version 1.0.3-->"D:\Programy\7-PDF Maker\unins000.exe"
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Flash Player 25 NPAPI-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_127_Plugin.exe -maintain plugin
Age of Empires® III: Complete Collection-->"D:\Programy\Steam\steam.exe" steam://uninstall/105450
ASUS GPU TweakII-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43} /l1033
ASUS Product Register Program-->MsiExec.exe /I{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}
Battlefield 4™-->"C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 4\Cleanup.exe" uninstall_game -autologging
Battlelog Web Plugins-->C:\Program Files (x86)\Battlelog Web Plugins\uninstall.exe
Beard and Hairstyle Set-->"D:\Filmy a Hry\The Witcher 3 - Wild Hunt\unins002.exe"
Call of Duty Black Ops III version 1.0.0-->"D:\Filmy a Hry\CoDBO3\Call of Duty Black Ops III\Uninstall\unins000.exe"
CCleaner-->"D:\Programy\Ccleaner\uninst.exe"
CDBurnerXP-->"C:\Program Files (x86)\CDBurnerXP\unins000.exe"
Common Desktop Agent-->MsiExec.exe /X{031A0E14-0413-4C97-9772-2639B782F46F}
CPUID CPU-Z 1.78-->"D:\Programy\CPU-Z\unins000.exe"
Crysis 2-->"C:\Program Files (x86)\Common Files\EAInstaller\Crysis 2\Cleanup.exe" uninstall_game -autologging
DAEMON Tools Lite-->D:\Programy\DAEMON Tools Lite\uninst.exe
Definition Update for Microsoft Office 2013 (KB3115404) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{52EF08F9-F296-48DC-A906-E03225E51C9B}" "1029" "0"
Defraggler-->"D:\Programy\\Defragler\uninst.exe"
Dying Light-->"D:\Filmy a Hry\Dying Light\unins000.exe"
Etron USB3.0 Host Controller-->"C:\Program Files (x86)\InstallShield Installation Information\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}\setup.exe" -runfromtemp -l0x0409 -removeonly
Etron USB3.0 Host Controller-->MsiExec.exe /I{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}
Far Cry Primal-->"D:\Filmy a Hry\Far.Cry.Primal-CPY\Far Cry Primal\unins000.exe"
FBReader for Windows-->"D:\Programy\FBReader\uninstall.exe"
Google Drive-->MsiExec.exe /X{07A12123-B717-496B-B471-48AF6407B433}
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel® Trusted Connect Service Client-->MsiExec.exe /I{B5E06417-A4AC-4225-B36E-7E34C91616E7}
IrfanView 64 (remove only)-->"C:\Program Files\IrfanView\iv_uninstall.exe"
Java 8 Update 101 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F64180101F0}
Java SE Development Kit 8 Update 101 (64-bit)-->MsiExec.exe /X{64A3A4F4-B792-11D6-A78A-00B0D0180101}
Java SE Development Kit 8 Update 91 (64-bit)-->MsiExec.exe /X{64A3A4F4-B792-11D6-A78A-00B0D0180910}
JCreator LE 3.50-->"D:\Programy\JCreatorV3LE\unins000.exe"
KMSnano 24-->"D:\Filmy a Hry\KMSnano\unins000.exe"
LibreOffice 5.1 Help Pack (Czech)-->MsiExec.exe /I{AD40820B-550D-44A1-9D5B-18A287D65D97}
LibreOffice 5.1.0.3-->MsiExec.exe /I{2F75F86D-8362-4F49-9536-D87DCBF6ABAE}
LogMeIn Hamachi-->C:\Windows\SysWOW64\\msiexec.exe /i {89E5827E-EAE7-47F2-A57F-52D92C671983} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{89E5827E-EAE7-47F2-A57F-52D92C671983}
Microsoft .NET Framework 4.5.2-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\\Setup.exe /repair /x86 /x64
Microsoft .NET Framework 4.5.2-->MsiExec.exe /X{26784146-6E05-3FF9-9335-786C7C0FB5BE}
Microsoft Access MUI (Czech) 2013-->MsiExec.exe /X{90150000-0015-0405-1000-0000000FF1CE}
Microsoft ASP.NET MVC 4 Runtime-->MsiExec.exe /X{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}
Microsoft Corporation-->MsiExec.exe /I{9C5A08BF-BB99-4998-81BD-F6CC32483B34}
Microsoft Corporation-->MsiExec.exe /I{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}
Microsoft DCF MUI (Czech) 2013-->MsiExec.exe /X{90150000-0090-0405-1000-0000000FF1CE}
Microsoft Excel MUI (Czech) 2013-->MsiExec.exe /X{90150000-0016-0405-1000-0000000FF1CE}
Microsoft Groove MUI (Czech) 2013-->MsiExec.exe /X{90150000-00BA-0405-1000-0000000FF1CE}
Microsoft InfoPath MUI (Czech) 2013-->MsiExec.exe /X{90150000-0044-0405-1000-0000000FF1CE}
Microsoft LifeCam-->MsiExec.exe /X{6965A8D2-465D-4F98-9FAA-0E9E2348F329}
Microsoft Lync MUI (Czech) 2013-->MsiExec.exe /X{90150000-012B-0405-1000-0000000FF1CE}
Microsoft Office 32-bit Components 2013-->MsiExec.exe /X{90150000-00C1-0000-1000-0000000FF1CE}
Microsoft Office Korrekturhilfen 2013 - Deutsch-->MsiExec.exe /X{90150000-001F-0407-1000-0000000FF1CE}
Microsoft Office OSM MUI (Czech) 2013-->MsiExec.exe /X{90150000-00E1-0405-1000-0000000FF1CE}
Microsoft Office OSM UX MUI (Czech) 2013-->MsiExec.exe /X{90150000-00E2-0405-1000-0000000FF1CE}
Microsoft Office Professional Plus 2013-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\setup.exe" /uninstall PROPLUSR /dll OSETUP.DLL
Microsoft Office Professional Plus 2013-->MsiExec.exe /X{91150000-0011-0000-1000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2013-->MsiExec.exe /X{90150000-002C-0405-1000-0000000FF1CE}
Microsoft Office Proofing Tools 2013 - English-->MsiExec.exe /X{90150000-001F-0409-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (Czech) 2013-->MsiExec.exe /X{90150000-00C1-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2013-->MsiExec.exe /X{90150000-006E-0405-1000-0000000FF1CE}
Microsoft OneNote MUI (Czech) 2013-->MsiExec.exe /X{90150000-00A1-0405-1000-0000000FF1CE}
Microsoft Outlook MUI (Czech) 2013-->MsiExec.exe /X{90150000-001A-0405-1000-0000000FF1CE}
Microsoft PowerPoint MUI (Czech) 2013-->MsiExec.exe /X{90150000-0018-0405-1000-0000000FF1CE}
Microsoft Publisher MUI (Czech) 2013-->MsiExec.exe /X{90150000-0019-0405-1000-0000000FF1CE}
Microsoft Security Client-->MsiExec.exe /X{5A8BF42D-86C1-459E-929A-BE3D67A60029}
Microsoft Security Essentials-->"C:\Program Files\Microsoft Security Client\Setup.exe" /x
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729-->MsiExec.exe /X{14297226-E0A0-3781-8911-E9D529552663}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610-->"C:\ProgramData\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610-->"C:\ProgramData\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501-->"C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501-->"C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005-->MsiExec.exe /X{929FBD26-9020-399B-9A7A-751D61F0B942}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005-->MsiExec.exe /X{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210-->"C:\ProgramData\Package Cache\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}\VC_redist.x64.exe" /uninstall
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210-->"C:\ProgramData\Package Cache\{23658c02-145e-483d-ba6b-1eb82c580529}\VC_redist.x86.exe" /uninstall
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24210-->MsiExec.exe /X{95265B86-188E-3F62-9CDB-60FCE59EC721}
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24210-->MsiExec.exe /X{C0B2C673-ECAA-372D-94E5-E89440D087AD}
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24210-->MsiExec.exe /X{D8C8656B-0BD8-39C3-B741-F889B7C144E5}
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24210-->MsiExec.exe /X{8FD71E98-EE44-3844-9DAD-9CB0BBBC603C}
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)-->C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)\install.exe
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)-->MsiExec.exe /X{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}
Microsoft Word MUI (Czech) 2013-->MsiExec.exe /X{90150000-001B-0405-1000-0000000FF1CE}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Minecraft-->MsiExec.exe /I{35D9277C-1EB7-4FBE-8B41-C520DE4F7A60}
Mozilla Firefox 45.0.1 (x64 cs)-->"D:\Programy\Mozilla\uninstall\helper.exe"
Mozilla Firefox 46.0.1 (x86 cs)-->"D:\Programy\Mozilla32\uninstall\helper.exe"
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština-->MsiExec.exe /X{90150000-001F-0405-1000-0000000FF1CE}
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina-->MsiExec.exe /X{90150000-001F-041B-1000-0000000FF1CE}
NVIDIA GeForce Experience 3.4.0.70-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Ovladač 3D Vision 378.78-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Ovladač HD audia 1.3.34.23-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Ovladač řídící jednotky 3D Vision 369.04-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA Ovladače grafiky 378.78-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Systémový software PhysX 9.16.0318-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX
Origin-->D:\Filmy a Hry\Origin\OriginUninstall.exe
PSPad editor-->"D:\Programy\PSPad editor\Uninst\unins000.exe"
PunkBuster Services-->D:\Program Files (x86)\Origin Games\Battlefield 4\pbsvc.exe -u
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Samsung Easy Document Creator-->"C:\Program Files (x86)\Samsung\Easy Document Creator\uninstall.exe"
Samsung Easy Printer Manager-->C:\Program Files (x86)\Samsung\Easy Printer Manager\uninst.exe /app_ipn:"C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe" /oem:Samsung /oem_ac:EPM /oem_aims:no
Samsung M2070 Series-->"C:\Program Files (x86)\Samsung\Samsung M2070 Series\Setup\Setup.exe" /R
Samsung Printer Diagnostics-->"C:\Program Files (x86)\Samsung\Samsung Printer Diagnostics\SEInstall\setup.exe" /R
Samsung Printer Live Update-->C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller\uninstall.exe
Samsung Scan Process Machine-->C:\Program Files (x86)\Common Files\Scan Process Machine\uninstall.exe
Security Update for Microsoft .NET Framework 4.5.2 (KB2972107)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {59923C0F-51CB-3F2C-8465-E69019472533}
Security Update for Microsoft .NET Framework 4.5.2 (KB2972216)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {47FA5DCB-D13C-331E-BC32-65E53BDD949C}
Security Update for Microsoft .NET Framework 4.5.2 (KB2978128)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {8B856ECB-ED10-3F9E-880D-03A278EF3FB6}
Security Update for Microsoft .NET Framework 4.5.2 (KB3023224)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {175C1563-5389-3174-A18B-A90AD45208D2}
Security Update for Microsoft .NET Framework 4.5.2 (KB3037581)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {99A495FF-BC65-375D-B3C9-934E1DE4F558}
Security Update for Microsoft .NET Framework 4.5.2 (KB3074230)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {73E43C35-D717-337B-9F50-66F5623A8E1C}
Security Update for Microsoft .NET Framework 4.5.2 (KB3074550)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {F403E543-04A6-3024-BE38-189172855D13}
Security Update for Microsoft .NET Framework 4.5.2 (KB3097996)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {CE42A318-3E62-3F40-B52A-9CE658805801}
Security Update for Microsoft .NET Framework 4.5.2 (KB3098781)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {CF7790C7-662A-3829-B49E-61578D4D9838}
Security Update for Microsoft .NET Framework 4.5.2 (KB3122656)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {0401CD26-A8CB-33EA-8338-9340FC8515BD}
Security Update for Microsoft .NET Framework 4.5.2 (KB3127229)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {D21BF446-9101-3327-BA36-0C74701B77DC}
Security Update for Microsoft .NET Framework 4.5.2 (KB3135996)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {0CA47C4C-98A6-3D92-8A97-E87DC34DB81A}
Security Update for Microsoft .NET Framework 4.5.2 (KB3135996v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {56DEA359-4DDF-34FA-8B4E-D98CFDB4263C}
Security Update for Microsoft .NET Framework 4.5.2 (KB3142033)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {357704F6-271F-3C50-B28A-039EA02C5D65}
Security Update for Microsoft .NET Framework 4.5.2 (KB3163251)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {EB00A8CD-33DB-3A8B-821B-47989E5FD1F7}
Security Update for Microsoft Office 2013 (KB2910941) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{43ECCB82-45DF-4800-8930-0689BF91F765}" "1029" "0"
Security Update for Microsoft Office 2013 (KB2956151) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-006E-0405-1000-0000000FF1CE}" "{E7A7C0B9-9725-468B-9B6F-1524DD7441FA}" "1029" "0"
Security Update for Microsoft Office 2013 (KB2956151) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0000-1000-0000000FF1CE}" "{E7A7C0B9-9725-468B-9B6F-1524DD7441FA}" "1029" "0"
Security Update for Microsoft Office 2013 (KB2956151) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{E7A7C0B9-9725-468B-9B6F-1524DD7441FA}" "1029" "0"
Security Update for Microsoft Word 2013 (KB2956163) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001A-0405-1000-0000000FF1CE}" "{39AA9341-DAA0-45E6-8171-E49E2A0D95F7}" "1029" "0"
Security Update for Microsoft Word 2013 (KB2956163) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001B-0405-1000-0000000FF1CE}" "{39AA9341-DAA0-45E6-8171-E49E2A0D95F7}" "1029" "0"
Security Update for Microsoft Word 2013 (KB2956163) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-012B-0405-1000-0000000FF1CE}" "{39AA9341-DAA0-45E6-8171-E49E2A0D95F7}" "1029" "0"
Security Update for Microsoft Word 2013 (KB2956163) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{39AA9341-DAA0-45E6-8171-E49E2A0D95F7}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0015-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0016-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0018-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0019-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001A-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001B-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0405-1000-0000000FF1CE}" "{1E8252A7-D489-4BB6-9694-93799FFD33ED}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0407-1000-0000000FF1CE}" "{DABB9E2A-F054-4F97-9EB2-6992316C6EC7}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0409-1000-0000000FF1CE}" "{835E4BED-E265-4103-AE14-0B4C70CF3FE8}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-041B-1000-0000000FF1CE}" "{4601BD00-BC9B-4CA2-940C-2552782C7347}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-002C-0405-1000-0000000FF1CE}" "{EC915383-0457-4D83-BE7A-009D7841E9C5}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0044-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-006E-0405-1000-0000000FF1CE}" "{3F685A71-DF4A-4AC0-A110-0FA0B7FFD86C}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0090-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00A1-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00BA-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0000-1000-0000000FF1CE}" "{1931508C-C004-4983-81E3-70BE6252904B}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0405-1000-0000000FF1CE}" "{6E88843F-58F2-45EB-8C4A-0DDFE45366E1}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00E1-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00E2-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-012B-0405-1000-0000000FF1CE}" "{010BF41A-4D78-40C3-90BA-117DF64A0AE2}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}" "1029" "0"
Skype™ 7.30-->MsiExec.exe /X{FC965A47-4839-40CA-B618-18F486F042C6}
Skyrim - Módy 1.00-->D:\Programy\Steam\steamapps\common\Skyrim\Uninstall.exe
Skyrim Script Extender (SKSE)-->"D:\Programy\Steam\steam.exe" steam://uninstall/365720
SNS Upload for Easy Document Creator-->MsiExec.exe /I{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}
SpeedFan (remove only)-->"D:\Programy\SpeedFan\uninstall.exe"
Steam-->D:\Programy\Steam\uninstall.exe
Temerian Armor Set-->"D:\Filmy a Hry\The Witcher 3 - Wild Hunt\unins001.exe"
The Elder Scrolls V: Skyrim-->"D:\Programy\Steam\steam.exe" steam://uninstall/72850
The Witcher 3: Wild Hunt - Free DLC program (16 DLC)-->"D:\Filmy a Hry\The Witcher 3 - Wild Hunt\unins004.exe"
The Witcher 3: Wild Hunt (Not-cracked Repack)-->"D:\Filmy a Hry\The Witcher 3 - Wild Hunt\unins000.exe"
Total War: WARHAMMER-->"D:\Programy\Steam\steam.exe" steam://uninstall/364360
Update for Microsoft Access 2013 (KB2956176) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0015-0405-1000-0000000FF1CE}" "{39042DCD-C595-47E7-A351-F177CF0C0F5C}" "1029" "0"
Update for Microsoft Access 2013 (KB2956176) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{39042DCD-C595-47E7-A351-F177CF0C0F5C}" "1029" "0"
Update for Microsoft Excel 2013 (KB2956145) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0016-0405-1000-0000000FF1CE}" "{5136F26A-1CD2-4BA4-A059-E25E58403B18}" "1029" "0"
Update for Microsoft Excel 2013 (KB2956145) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0018-0405-1000-0000000FF1CE}" "{5136F26A-1CD2-4BA4-A059-E25E58403B18}" "1029" "0"
Update for Microsoft Excel 2013 (KB2956145) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001B-0405-1000-0000000FF1CE}" "{5136F26A-1CD2-4BA4-A059-E25E58403B18}" "1029" "0"
Update for Microsoft Excel 2013 (KB2956145) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0405-1000-0000000FF1CE}" "{5136F26A-1CD2-4BA4-A059-E25E58403B18}" "1029" "0"
Update for Microsoft Excel 2013 (KB2956145) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{5136F26A-1CD2-4BA4-A059-E25E58403B18}" "1029" "0"
Update for Microsoft Lync 2013 (KB2956174) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0000-1000-0000000FF1CE}" "{E7396A71-6BAC-4A67-8B4F-384CA2257A41}" "1029" "0"
Update for Microsoft Lync 2013 (KB2956174) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-012B-0405-1000-0000000FF1CE}" "{E7396A71-6BAC-4A67-8B4F-384CA2257A41}" "1029" "0"
Update for Microsoft Lync 2013 (KB2956174) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{E7396A71-6BAC-4A67-8B4F-384CA2257A41}" "1029" "0"
Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{7A4AB8E1-C091-4BD3-B308-844BA6EE752A}" "1029" "0"
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}" "1029" "0"
Update for Microsoft Office 2013 (KB2760371) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{25DEA344-FF6F-41BD-B88F-5242BB8E80E1}" "1029" "0"
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{62857CDD-2985-4939-91BA-19ED0B0031A5}" "1029" "0"
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}" "1029" "0"
Update for Microsoft Office 2013 (KB2837654) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{2147FFF7-71C4-4306-AFE2-1AA7A6025BB1}" "1029" "0"
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{290D80DE-03AB-47EC-9402-108AF4CE4F66}" "1029" "0"
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{8116ED50-F1E7-49E1-9D8D-421497D34B0F}" "1029" "0"
Update for Microsoft Office 2013 (KB2880977) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{3FF26B00-AC61-487F-B03B-5D83415C5408}" "1029" "0"
Update for Microsoft Office 2013 (KB2881001) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{DF1B7B95-4A86-4605-A628-556394B5580A}" "1029" "0"
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0016-0405-1000-0000000FF1CE}" "{885C981B-F1E3-430A-A099-31CA9D28C251}" "1029" "0"
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{885C981B-F1E3-430A-A099-31CA9D28C251}" "1029" "0"
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{E919ACF4-A1D7-4CAA-A103-5EB115563721}" "1029" "0"
Update for Microsoft Office 2013 (KB2883095) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{EADBF225-163E-406B-B11A-26ECCCAB5A0E}" "1029" "0"
Update for Microsoft Office 2013 (KB2899498) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0016-0405-1000-0000000FF1CE}" "{D7FAA622-6BCF-4EDF-8C34-A48E1838D57B}" "1029" "0"
Update for Microsoft Office 2013 (KB2899498) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{D7FAA622-6BCF-4EDF-8C34-A48E1838D57B}" "1029" "0"
Update for Microsoft Office 2013 (KB2899522) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{A4E88D96-814F-4183-8DB2-BA3EC2B7E434}" "1029" "0"
Update for Microsoft Office 2013 (KB2920754) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{2513C305-E7E9-46F9-BECA-C6AC02D769B3}" "1029" "0"
Update for Microsoft Office 2013 (KB2920769) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{C906EC6B-8610-487F-8528-658FE2575C86}" "1029" "0"
Update for Microsoft Office 2013 (KB2956148) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{F499AD64-02E9-48E0-84BE-498FBCDC7A95}" "1029" "0"
Update for Microsoft Office 2013 (KB2956154) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{8AB3858C-5246-4C78-937F-86A38A494CAA}" "1029" "0"
Update for Microsoft Office 2013 (KB2956160) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-006E-0405-1000-0000000FF1CE}" "{BF379FBB-0ACA-47CB-86C6-12885C01505E}" "1029" "0"
Update for Microsoft Office 2013 (KB2956160) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{BF379FBB-0ACA-47CB-86C6-12885C01505E}" "1029" "0"
Update for Microsoft Office 2013 (KB2956167) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-006E-0405-1000-0000000FF1CE}" "{A2478F3C-B1C6-483C-B655-D39B75E9D02C}" "1029" "0"
Update for Microsoft Office 2013 (KB2956167) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0000-1000-0000000FF1CE}" "{A2478F3C-B1C6-483C-B655-D39B75E9D02C}" "1029" "0"
Update for Microsoft Office 2013 (KB2956167) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{A2478F3C-B1C6-483C-B655-D39B75E9D02C}" "1029" "0"
Update for Microsoft Office 2013 (KB2956168) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0405-1000-0000000FF1CE}" "{D285D043-0A8F-4358-B98F-C444872AEB51}" "1029" "0"
Update for Microsoft Office 2013 (KB2956168) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0407-1000-0000000FF1CE}" "{A578E179-A2BA-42CE-ABF4-1F71EF6BEB0C}" "1029" "0"
Update for Microsoft Office 2013 (KB2956168) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0409-1000-0000000FF1CE}" "{B6DACAB4-FD25-408D-AA58-F62B83A80233}" "1029" "0"
Update for Microsoft Office 2013 (KB2956168) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-041B-1000-0000000FF1CE}" "{EEAC4722-30BB-4C73-A7E7-4A6B731BE9A8}" "1029" "0"
Update for Microsoft Office 2013 (KB2956169) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{B5A6B49E-30F3-4D1D-8F9C-E53712D30996}" "1029" "0"
Update for Microsoft Office 2013 (KB2956171) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{A3DC29E8-0E97-448A-B9C0-9086CB8B3E86}" "1029" "0"
Update for Microsoft Office 2013 (KB2956177) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0000-1000-0000000FF1CE}" "{3F8EF29A-A7F8-48B0-BA19-01D0B88AB1B7}" "1029" "0"
Update for Microsoft Office 2013 (KB2956177) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{3F8EF29A-A7F8-48B0-BA19-01D0B88AB1B7}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0015-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0016-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0018-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0019-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001A-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001B-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0407-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0409-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-041B-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-002C-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0044-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-006E-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0090-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00A1-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00BA-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0000-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00E1-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00E2-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-012B-0405-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{C08DDD68-F534-45A4-B876-4B8C2C43A744}" "1029" "0"
Update for Microsoft OneDrive for Business (KB2920746) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00BA-0405-1000-0000000FF1CE}" "{98F3EBD3-07A0-4239-85BB-7DB8A1185CA6}" "1029" "0"
Update for Microsoft OneDrive for Business (KB2920746) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0000-1000-0000000FF1CE}" "{98F3EBD3-07A0-4239-85BB-7DB8A1185CA6}" "1029" "0"
Update for Microsoft OneDrive for Business (KB2920746) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0405-1000-0000000FF1CE}" "{98F3EBD3-07A0-4239-85BB-7DB8A1185CA6}" "1029" "0"
Update for Microsoft OneDrive for Business (KB2920746) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{98F3EBD3-07A0-4239-85BB-7DB8A1185CA6}" "1029" "0"
Update for Microsoft OneNote 2013 (KB2956165) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00A1-0405-1000-0000000FF1CE}" "{91760BB8-6AB7-4252-BF92-EDCE196BCD8D}" "1029" "0"
Update for Microsoft OneNote 2013 (KB2956165) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0000-1000-0000000FF1CE}" "{91760BB8-6AB7-4252-BF92-EDCE196BCD8D}" "1029" "0"
Update for Microsoft OneNote 2013 (KB2956165) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{91760BB8-6AB7-4252-BF92-EDCE196BCD8D}" "1029" "0"
Update for Microsoft Outlook 2013 (KB2956170) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001A-0405-1000-0000000FF1CE}" "{79EC1590-20DA-4B91-8674-7FD28CB73EBA}" "1029" "0"
Update for Microsoft Outlook 2013 (KB2956170) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{79EC1590-20DA-4B91-8674-7FD28CB73EBA}" "1029" "0"
Update for Microsoft Outlook Social Connector 2013 (KB2737996) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001A-0405-1000-0000000FF1CE}" "{4DAEE65E-8D3C-409C-8836-1777D2165F22}" "1029" "0"
Update for Microsoft Outlook Social Connector 2013 (KB2737996) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{4DAEE65E-8D3C-409C-8836-1777D2165F22}" "1029" "0"
Update for Microsoft PowerPoint 2013 (KB2965206) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0018-0405-1000-0000000FF1CE}" "{2D6B72C2-F8EC-4FBC-ACBE-A83767F6F56B}" "1029" "0"
Update for Microsoft PowerPoint 2013 (KB2965206) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{2D6B72C2-F8EC-4FBC-ACBE-A83767F6F56B}" "1029" "0"
Update for Microsoft Project 2013 (KB2956187) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00C1-0000-1000-0000000FF1CE}" "{8E862B4E-0F3B-4B17-8E80-A0A81BE871C9}" "1029" "0"
Update for Microsoft Publisher 2013 (KB2883048) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0019-0405-1000-0000000FF1CE}" "{F24DFA32-C8EE-4AFB-89AB-07EE7A52E414}" "1029" "0"
Update for Microsoft Publisher 2013 (KB2883048) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{F24DFA32-C8EE-4AFB-89AB-07EE7A52E414}" "1029" "0"
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-006E-0405-1000-0000000FF1CE}" "{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}" "1029" "0"
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}" "1029" "0"
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{91150000-0011-0000-1000-0000000FF1CE}" "{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}" "1029" "0"
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-012B-0405-1000-0000000FF1CE}" "{C224EEBF-D40A-4056-9DD3-EE74666F74AB}" "1029" "0"
Uplay-->D:\Programy\Ubisoft Game Launcher\Uninstall.exe
VLC media player-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Vulkan Run Time Libraries 1.0.39.1-->C:\Program Files (x86)\VulkanRT\1.0.39.1\UninstallVulkanRT.exe
Vulkan Run Time Libraries 1.0.8.1-->C:\Program Files (x86)\VulkanRT\1.0.8.1\UninstallVulkanRT.exe
War Thunder Launcher 1.0.1.738-->"D:\Filmy a Hry\WarThunder\unins000.exe"
Windows 7 USB/DVD Download Tool-->MsiExec.exe /X{CCF298AF-9CE1-4B26-B251-486E98A34789}
WinRAR 5.21 (64-bit)-->D:\Programy\WInrar\uninstall.exe
XSplit Gamecaster-->MsiExec.exe /X{4EDB1851-7427-4324-AAAA-9E3852C73DAE}

======System event log======

Computer Name: Jakub-PC
Event Code: 7036
Message: Stav služby SSDP Discovery byl změněn na: Spuštěno
Record Number: 46867
Source Name: Service Control Manager
Time Written: 20161006123357.587124-000
Event Type: Informace
User:

Computer Name: Jakub-PC
Event Code: 7036
Message: Stav služby Služba Zasílání zpráv o chybách systému Windows byl změněn na: Spuštěno
Record Number: 46866
Source Name: Service Control Manager
Time Written: 20161006123357.357124-000
Event Type: Informace
User:

Computer Name: Jakub-PC
Event Code: 7036
Message: Stav služby Služba Windows Media Player Network Sharing byl změněn na: Spuštěno
Record Number: 46865
Source Name: Service Control Manager
Time Written: 20161006123357.317124-000
Event Type: Informace
User:

Computer Name: Jakub-PC
Event Code: 7036
Message: Stav služby NVIDIA Streamer Network Service byl změněn na: Spuštěno
Record Number: 46864
Source Name: Service Control Manager
Time Written: 20161006123357.267124-000
Event Type: Informace
User:

Computer Name: Jakub-PC
Event Code: 7036
Message: Stav služby Windows Search byl změněn na: Spuštěno
Record Number: 46863
Source Name: Service Control Manager
Time Written: 20161006123357.167123-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: Jakub-PC
Event Code: 1040
Message: Probíhá zahajování transakce Instalační služby systému Windows: d:\94a5d3c26934c6cfbd94a38bfa\vc_red.msi. ID procesu klienta: 2084
Record Number: 2261
Source Name: MsiInstaller
Time Written: 20160513160043.000000-000
Event Type: Informace
User: Jakub-PC\Jakub

Computer Name: Jakub-PC
Event Code: 10001
Message: Ukončování relace 0, zahájení ‎2016‎-‎05‎-‎13T16:00:32.497021400Z.
Record Number: 2260
Source Name: Microsoft-Windows-RestartManager
Time Written: 20160513160035.989221-000
Event Type: Informace
User: Jakub-PC\Jakub

Computer Name: Jakub-PC
Event Code: 1042
Message: Probíhá ukončování transakce Instalační služby systému Windows: c:\Windows\Installer\61636.msi. ID procesu klienta: 4548
Record Number: 2259
Source Name: MsiInstaller
Time Written: 20160513160035.000000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Jakub-PC
Event Code: 1035
Message: Instalační služba systému Windows provedla opětovnou konfiguraci produktu. Název produktu: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219. Verze produktu: 10.0.40219. Jazyk produktu: 0. Výrobce: Microsoft Corporation. Stav opětovné konfigurace (úspěch nebo chyba): 0.
Record Number: 2258
Source Name: MsiInstaller
Time Written: 20160513160035.000000-000
Event Type: Informace
User: Jakub-PC\Jakub

Computer Name: Jakub-PC
Event Code: 11728
Message: Product: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 -- Configuration completed successfully.
Record Number: 2257
Source Name: MsiInstaller
Time Written: 20160513160035.000000-000
Event Type: Informace
User: Jakub-PC\Jakub

=====Security event log=====

Computer Name: 37L4247F27-25
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160422082515.040441-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247F27-25
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247F27-25$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x1d0
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160422082515.040441-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247F27-25
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.

Počet prvků: 0
ID zásady: 0x301aa
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160422082512.232436-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247F27-25
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 0

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160422082510.672433-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247F27-25
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160422082510.594433-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=4
"OS"=Windows_NT
"Path"=C:\ProgramData\Oracle\Java\javapath;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Java\jdk1.8.0_101\bin;.;;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Skype\Phone\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_LEVEL"=6
"PROCESSOR_REVISION"=2a07
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"windows_tracing_flags"=3
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log

-----------------EOF-----------------

Re: NT Kernel & System

Napsal: 19 bře 2017 17:06
od Rudy
Zdravím!
Tento problém obvykle opravdu způsobuje ovladač gr. karty. Koukneme na to, zda tam nemáte nějaký šmejdík. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Re: NT Kernel & System

Napsal: 19 bře 2017 17:21
od Rolandman
Zde je log.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Jakub (administrator) on JAKUB-PC (19-03-2017 17:11:51)
Running from C:\Users\Jakub\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "D:\Programy\Mozilla32\firefox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
() C:\Windows\SysWOW64\ASGT.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(LogMeIn Inc.) D:\Programy\Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(LogMeIn, Inc.) D:\Programy\Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\SysWOW64\spdsvc.exe
(LogMeIn Inc.) D:\Programy\Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) D:\Programy\Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) D:\Programy\Mozilla\firefox.exe
(Mozilla Corporation) D:\Programy\Mozilla\firefox.exe
(BitTorrent Inc.) C:\Users\Jakub\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\Jakub\AppData\Roaming\uTorrent\updates\3.4.9_43388\utorrentie.exe
(BitTorrent Inc.) C:\Users\Jakub\AppData\Roaming\uTorrent\updates\3.4.9_43388\utorrentie.exe
(Jan Fiala) D:\Programy\PSPad editor\PSPad.exe
(forum.viry.cz) C:\Users\Jakub\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1354712 2016-08-30] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Programy\Hamachi\hamachi-2-ui.exe [5883912 2017-03-02] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {019e103c-2331-11e6-bf31-50e5493b0049} - G:\autorun.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {2a6ee064-1903-11e6-ab35-50e5493b0049} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {ec8a87cf-91d2-11e6-9004-50e5493b0049} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{6FE64A0E-B9BD-49E4-A0CF-899FD87E5417}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Programy\officy13\offices\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-26] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-26] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Programy\officy13\offices\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 44a9lnn6.default
FF ProfilePath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\44a9lnn6.default [2017-03-19]
FF Homepage: Mozilla\Firefox\Profiles\44a9lnn6.default -> hxxps://www.seznam.cz/
FF Extension: (Seznam lištička) - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\44a9lnn6.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Programy\officy13\offices\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
StartMenuInternet: FIREFOX.EXE - D:\Programy\Mozilla32\firefox.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-05-29] () [File not signed]
S3 Disc Soft Lite Bus Service; D:\Programy\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd)
R2 Hamachi2Svc; D:\Programy\Hamachi\x64\hamachi-2.exe [3416584 2017-03-02] (LogMeIn Inc.)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [120888 2016-08-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-08-30] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation)
S3 Origin Client Service; D:\Filmy a Hry\Origin\OriginClientService.exe [2122248 2017-02-26] (Electronic Arts)
S2 Origin Web Helper Service; D:\Filmy a Hry\Origin\OriginWebHelperService.exe [2184208 2017-02-26] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-05-03] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-05-03] ()
R2 Samsung Printer Dianostics Service; C:\Windows\SysWOW64\\spdsvc.exe [499000 2016-07-17] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-05-02] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-05-02] (Disc Soft Ltd)
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [342528 2013-11-06] (Intel(R) Corporation) [File not signed]
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-19 17:11 - 2017-03-19 17:12 - 00013824 _____ C:\Users\Jakub\Desktop\FRST.txt
2017-03-19 17:11 - 2017-03-19 17:11 - 00000000 ____D C:\FRST
2017-03-19 17:09 - 2017-03-19 17:10 - 00112640 _____ (forum.viry.cz) C:\Users\Jakub\Desktop\FRSTLauncher.exe
2017-03-19 17:08 - 2017-03-19 17:08 - 02424832 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2017-03-19 16:21 - 2017-03-19 16:26 - 00000000 ____D C:\rsit
2017-03-19 16:21 - 2017-03-19 16:25 - 00000000 ____D C:\Program Files\trend micro
2017-03-19 16:14 - 2017-03-19 16:14 - 00000000 ____D C:\Users\Jakub\AppData\LocalLow\uTorrent
2017-03-17 22:29 - 2017-02-23 09:17 - 00136064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-03-17 22:26 - 2017-02-23 23:56 - 00217528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-03-17 22:26 - 2017-02-23 23:56 - 00047664 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 40192056 _____ C:\Windows\system32\nvcompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 35272760 _____ C:\Windows\SysWOW64\nvcompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 34950592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 19007344 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 17281112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 16399408 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 14674712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 14429240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-03-17 22:26 - 2017-02-23 11:34 - 13377072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 11122912 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 11019888 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 09306312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 08990256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 03625408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 03185600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 01985080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437878.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437878.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 01051584 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00989120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00959424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00912440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00687408 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00611384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00576008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00503920 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00500792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00425288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00408272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00170360 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-03-15 18:58 - 2017-03-15 19:01 - 00001143 _____ C:\Users\Jakub\Downloads\KU1.java
2017-03-14 19:55 - 2017-03-14 19:55 - 00978560 _____ C:\Users\Jakub\Downloads\T-Mobile, KOVO HMMC-leták.pdf
2017-03-14 17:27 - 2017-03-14 17:27 - 06847064 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2017-03-09 08:58 - 2017-03-09 08:58 - 00000000 ____D C:\Users\Jakub\Desktop\Zakázaný ovoce
2017-03-08 23:40 - 2017-03-08 23:40 - 00000000 ____D C:\ProgramData\Steam
2017-03-08 23:22 - 2017-03-08 23:22 - 00000683 _____ C:\Users\Public\Desktop\Call of Duty Black Ops III.lnk
2017-03-08 23:22 - 2017-03-08 23:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-03-08 19:51 - 2017-03-08 19:51 - 00344064 _____ C:\Users\Jakub\Documents\Database1.accdb
2017-03-08 19:48 - 2017-03-08 19:48 - 00003482 _____ C:\Windows\System32\Tasks\Trigger KMS Activation
2017-03-08 19:48 - 2017-03-08 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSnano
2017-03-07 05:37 - 2017-03-07 05:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2017-03-05 13:10 - 2017-03-05 13:10 - 06022019 _____ C:\Users\Jakub\Downloads\video-1488715261.mp4
2017-03-02 16:58 - 2017-03-04 22:45 - 00000000 ____D C:\ProgramData\EA Logs
2017-03-02 16:58 - 2017-03-02 16:58 - 00000000 ____D C:\ProgramData\EA Core
2017-03-02 16:55 - 2017-03-02 16:55 - 00000934 _____ C:\Users\Public\Desktop\Crysis 2.lnk
2017-03-02 16:55 - 2017-03-02 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crysis 2
2017-03-02 16:54 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2017-02-25 08:00 - 2017-02-25 08:00 - 00000000 ____D C:\Users\Jakub\ansel
2017-02-24 16:51 - 2017-02-23 11:34 - 28223544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-02-24 16:51 - 2017-02-10 01:52 - 01983424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437866.dll
2017-02-24 16:51 - 2017-02-10 01:52 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437866.dll
2017-02-21 17:31 - 2017-02-21 17:31 - 00049884 _____ C:\Users\Jakub\Downloads\The-Flash-S03E09(0000280312).srt
2017-02-21 17:07 - 2017-02-21 17:07 - 00475749 _____ C:\Users\Jakub\Downloads\01 - Architektura operacnich systemu.pptx
2017-02-21 17:00 - 2017-02-21 17:00 - 01231039 _____ C:\Users\Jakub\Downloads\HPSim.zip
2017-02-21 16:01 - 2017-02-21 16:04 - 00000000 ____D C:\Program Files\FileViewPro
2017-02-21 15:59 - 2017-02-21 15:59 - 01838144 _____ (Solvusoft) C:\Users\Jakub\Downloads\Setup_FileViewPro_2016(1).exe
2017-02-20 20:44 - 2017-02-20 20:44 - 03897741 _____ C:\Users\Jakub\Downloads\Operační systémy 1.pdf
2017-02-20 20:44 - 2017-02-20 20:44 - 02076597 _____ C:\Users\Jakub\Downloads\DIMAN_i.pdf
2017-02-17 08:50 - 2017-03-19 15:40 - 00004946 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Jakub-PC-Jakub Jakub-PC

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-19 17:12 - 2016-04-22 14:39 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\uTorrent
2017-03-19 15:39 - 2016-05-02 17:16 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-19 09:39 - 2016-06-23 17:53 - 00000000 ____D C:\Users\Jakub\AppData\Local\Eclipse
2017-03-19 07:34 - 2016-11-15 19:45 - 00000000 ____D C:\Users\Jakub\AppData\LocalLow\Mozilla
2017-03-19 07:31 - 2009-07-14 05:45 - 00021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-19 07:31 - 2009-07-14 05:45 - 00021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-19 07:18 - 2016-08-20 19:48 - 00000000 ____D C:\Users\Jakub\AppData\Local\LogMeIn Hamachi
2017-03-19 07:16 - 2016-09-20 17:37 - 00003752 _____ C:\Windows\System32\Tasks\AutoKMS
2017-03-19 07:15 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-18 23:34 - 2016-04-22 10:51 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\vlc
2017-03-17 22:29 - 2016-05-02 17:30 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-03-17 22:29 - 2016-05-02 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-03-17 22:29 - 2016-05-02 17:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-03-17 22:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-03-17 22:28 - 2016-06-19 21:54 - 00000000 ____D C:\Users\Jakub\AppData\Local\CrashDumps
2017-03-17 22:19 - 2016-12-17 15:17 - 00004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:19 - 2016-11-05 16:37 - 00003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:19 - 2016-11-05 16:37 - 00001412 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-03-17 22:18 - 2016-11-05 16:37 - 00003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:37 - 00003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:37 - 00003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:37 - 00003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:36 - 00003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-05-02 17:15 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-03-17 22:18 - 2016-05-02 17:12 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-14 17:27 - 2016-04-23 10:44 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-14 17:27 - 2016-04-23 10:44 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-14 17:27 - 2016-04-23 10:44 - 00004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-14 17:27 - 2016-04-23 10:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-14 17:27 - 2016-04-23 10:44 - 00000000 ____D C:\Windows\system32\Macromed
2017-03-09 08:17 - 2009-07-14 05:45 - 05049784 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-08 20:27 - 2016-09-20 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-03-08 20:26 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-03-08 20:25 - 2016-09-20 17:33 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-03-08 20:25 - 2016-09-20 17:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-08 20:25 - 2011-04-12 09:45 - 00000000 ____D C:\Windows\ShellNew
2017-03-08 19:51 - 2016-04-22 10:51 - 00103216 _____ C:\Users\Jakub\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-07 12:00 - 2016-08-20 19:48 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2017-03-07 12:00 - 2016-08-20 19:48 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2017-03-07 05:37 - 2016-11-16 15:17 - 00000622 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2017-03-05 09:24 - 2011-04-12 09:34 - 00668138 _____ C:\Windows\system32\perfh005.dat
2017-03-05 09:24 - 2011-04-12 09:34 - 00140798 _____ C:\Windows\system32\perfc005.dat
2017-03-05 09:24 - 2009-07-14 06:13 - 01582262 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-04 23:10 - 2016-05-03 14:07 - 00000000 ____D C:\ProgramData\Origin
2017-03-04 23:09 - 2016-05-03 14:08 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Origin
2017-03-02 16:55 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-03-02 13:26 - 2016-08-20 19:48 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2017-02-28 16:27 - 2016-05-21 23:03 - 00000000 ____D C:\Users\Jakub\AppData\Local\Microsoft Help
2017-02-26 22:31 - 2016-05-03 15:35 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2017-02-26 22:31 - 2016-05-03 15:35 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2017-02-26 22:19 - 2016-05-03 14:08 - 00000000 ____D C:\Users\Jakub\AppData\Local\Origin
2017-02-25 08:00 - 2016-04-22 09:37 - 00000000 ____D C:\Users\Jakub
2017-02-23 23:56 - 2016-05-02 17:16 - 01600056 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01880512 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01468864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-02-23 15:30 - 2016-12-17 15:17 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-02-23 11:34 - 2016-11-05 16:46 - 00492744 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-02-23 11:34 - 2016-05-02 17:15 - 00042616 _____ C:\Windows\system32\nvinfo.pb
2017-02-23 11:34 - 2016-05-02 17:13 - 19883088 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-02-23 11:34 - 2016-05-02 17:13 - 04064088 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-02-23 11:34 - 2016-05-02 17:13 - 03583744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-02-23 09:43 - 2016-11-05 16:37 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-02-23 09:28 - 2016-05-02 17:30 - 00548288 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-02-23 09:28 - 2016-05-02 17:30 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 06401984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 02479160 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-02-23 07:38 - 2016-05-02 17:15 - 07807027 _____ C:\Windows\system32\nvcoproc.bin
2017-02-22 14:45 - 2016-10-25 17:09 - 00000000 ____D C:\Users\Jakub\AppData\Local\IIIQF

==================== Files in the root of some directories =======

2016-12-17 15:18 - 2017-02-02 20:05 - 0006140 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-17 15:18 - 2017-02-01 21:04 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Some files in TEMP:
====================
2017-02-02 20:11 - 2017-02-09 23:39 - 0352704 _____ (NVIDIA Corporation) C:\Users\Jakub\AppData\Local\Temp\nvStInst.exe
2016-11-05 16:37 - 2017-01-20 19:39 - 0253376 _____ (NVIDIA Corporation) C:\Users\Jakub\AppData\Local\Temp\NvTelemetryAPI32.dll
2016-11-05 16:37 - 2017-01-20 19:39 - 0335296 _____ (NVIDIA Corporation) C:\Users\Jakub\AppData\Local\Temp\NvTelemetryAPI64.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jakub\Desktop" je 238 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager
"C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"D:\Programy\Ccleaner\CCleaner64.exe" /MONITOR [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Jakub\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount
"D:\Programy\DAEMON Tools Lite\DTAgent.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gaijin.Net Agent
"C:\Users\Jakub\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam
"C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
"D:\Programy\Hamachi\hamachi-2-ui.exe" --auto-start [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay
"C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000
C:\Windows\vVX1000.exe


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: NT Kernel & System

Napsal: 19 bře 2017 18:05
od Rudy
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: NT Kernel & System

Napsal: 19 bře 2017 20:03
od Rolandman
Tak tady to je.

# AdwCleaner v6.044 - Log vytvořen 19/03/2017 v 19:57:43
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-03-18.1 [Místní]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Jakub - JAKUB-PC
# Spuštěno z : C:\Users\Jakub\Desktop\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****

[-] Složka smazána: C:\Users\Jakub\AppData\Local\FileViewPro
[-] Složka smazána: C:\Program Files\FileViewPro
[-] Složka smazána: C:\Users\Jakub\AppData\Local\Temp\FileViewPro


***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{80107F16-CB2E-42AB-AB9D-6C11540D5A8B}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Applications\WinThrusterSetup.exe


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1468 Bajty] - [19/03/2017 19:57:43]
C:\AdwCleaner\AdwCleaner[S0].txt - [1905 Bajty] - [19/03/2017 18:46:41]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1614 Bajty] ##########

Re: NT Kernel & System

Napsal: 19 bře 2017 20:08
od Rudy
Dejte nový log FRST.

Re: NT Kernel & System

Napsal: 19 bře 2017 21:02
od Rolandman
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Jakub (administrator) on JAKUB-PC (19-03-2017 20:08:26)
Running from C:\Users\Jakub\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "D:\Programy\Mozilla32\firefox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
() C:\Windows\SysWOW64\ASGT.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(LogMeIn Inc.) D:\Programy\Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(LogMeIn, Inc.) D:\Programy\Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\SysWOW64\spdsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(LogMeIn Inc.) D:\Programy\Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) D:\Programy\Hamachi\x64\LMIGuardianSvc.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Mozilla Corporation) D:\Programy\Mozilla\firefox.exe
(Microsoft Corporation) D:\Programy\officy13\offices\Office15\MSOSYNC.EXE
(Mozilla Corporation) D:\Programy\Mozilla\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(forum.viry.cz) C:\Users\Jakub\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1354712 2016-08-30] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Programy\Hamachi\hamachi-2-ui.exe [5883912 2017-03-02] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {019e103c-2331-11e6-bf31-50e5493b0049} - G:\autorun.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {2a6ee064-1903-11e6-ab35-50e5493b0049} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {ec8a87cf-91d2-11e6-9004-50e5493b0049} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6FE64A0E-B9BD-49E4-A0CF-899FD87E5417}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Programy\officy13\offices\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-26] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-26] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Programy\officy13\offices\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 44a9lnn6.default
FF ProfilePath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\44a9lnn6.default [2017-03-19]
FF Homepage: Mozilla\Firefox\Profiles\44a9lnn6.default -> hxxps://www.seznam.cz/
FF Extension: (Seznam lištička) - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\44a9lnn6.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Programy\officy13\offices\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
StartMenuInternet: FIREFOX.EXE - D:\Programy\Mozilla32\firefox.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-05-29] () [File not signed]
S3 Disc Soft Lite Bus Service; D:\Programy\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd)
R2 Hamachi2Svc; D:\Programy\Hamachi\x64\hamachi-2.exe [3416584 2017-03-02] (LogMeIn Inc.)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [120888 2016-08-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-08-30] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation)
S3 Origin Client Service; D:\Filmy a Hry\Origin\OriginClientService.exe [2122248 2017-02-26] (Electronic Arts)
S2 Origin Web Helper Service; D:\Filmy a Hry\Origin\OriginWebHelperService.exe [2184208 2017-02-26] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-05-03] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-05-03] ()
R2 Samsung Printer Dianostics Service; C:\Windows\SysWOW64\\spdsvc.exe [499000 2016-07-17] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-05-02] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-05-02] (Disc Soft Ltd)
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [342528 2013-11-06] (Intel(R) Corporation) [File not signed]
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-19 18:45 - 2017-03-19 19:57 - 00000000 ____D C:\AdwCleaner
2017-03-19 18:44 - 2017-03-19 18:44 - 04031440 _____ C:\Users\Jakub\Desktop\adwcleaner_6.044.exe
2017-03-19 17:11 - 2017-03-19 20:08 - 00013693 _____ C:\Users\Jakub\Desktop\FRST.txt
2017-03-19 17:11 - 2017-03-19 17:11 - 00000000 ____D C:\FRST
2017-03-19 17:09 - 2017-03-19 17:10 - 00112640 _____ (forum.viry.cz) C:\Users\Jakub\Desktop\FRSTLauncher.exe
2017-03-19 17:08 - 2017-03-19 17:08 - 02424832 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2017-03-19 16:21 - 2017-03-19 16:26 - 00000000 ____D C:\rsit
2017-03-19 16:21 - 2017-03-19 16:25 - 00000000 ____D C:\Program Files\trend micro
2017-03-17 22:29 - 2017-02-23 09:17 - 00136064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-03-17 22:26 - 2017-02-23 23:56 - 00217528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-03-17 22:26 - 2017-02-23 23:56 - 00047664 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 40192056 _____ C:\Windows\system32\nvcompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 35272760 _____ C:\Windows\SysWOW64\nvcompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 34950592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 19007344 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 17281112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 16399408 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 14674712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 14429240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-03-17 22:26 - 2017-02-23 11:34 - 13377072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 11122912 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 11019888 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 09306312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 08990256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 03625408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 03185600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 01985080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437878.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437878.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 01051584 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00989120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00959424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00912440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00687408 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00611384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00576008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00503920 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00500792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00425288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00408272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00170360 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-03-17 22:26 - 2017-02-23 11:34 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-03-15 18:58 - 2017-03-15 19:01 - 00001143 _____ C:\Users\Jakub\Downloads\KU1.java
2017-03-14 19:55 - 2017-03-14 19:55 - 00978560 _____ C:\Users\Jakub\Downloads\T-Mobile, KOVO HMMC-leták.pdf
2017-03-14 17:27 - 2017-03-14 17:27 - 06847064 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2017-03-09 08:58 - 2017-03-09 08:58 - 00000000 ____D C:\Users\Jakub\Desktop\Zakázaný ovoce
2017-03-08 23:40 - 2017-03-08 23:40 - 00000000 ____D C:\ProgramData\Steam
2017-03-08 23:22 - 2017-03-08 23:22 - 00000683 _____ C:\Users\Public\Desktop\Call of Duty Black Ops III.lnk
2017-03-08 23:22 - 2017-03-08 23:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-03-08 19:51 - 2017-03-08 19:51 - 00344064 _____ C:\Users\Jakub\Documents\Database1.accdb
2017-03-08 19:48 - 2017-03-08 19:48 - 00003482 _____ C:\Windows\System32\Tasks\Trigger KMS Activation
2017-03-08 19:48 - 2017-03-08 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSnano
2017-03-07 05:37 - 2017-03-07 05:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2017-03-05 13:10 - 2017-03-05 13:10 - 06022019 _____ C:\Users\Jakub\Downloads\video-1488715261.mp4
2017-03-02 16:58 - 2017-03-04 22:45 - 00000000 ____D C:\ProgramData\EA Logs
2017-03-02 16:58 - 2017-03-02 16:58 - 00000000 ____D C:\ProgramData\EA Core
2017-03-02 16:55 - 2017-03-02 16:55 - 00000934 _____ C:\Users\Public\Desktop\Crysis 2.lnk
2017-03-02 16:55 - 2017-03-02 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crysis 2
2017-03-02 16:54 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2017-02-25 08:00 - 2017-02-25 08:00 - 00000000 ____D C:\Users\Jakub\ansel
2017-02-24 16:51 - 2017-02-23 11:34 - 28223544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-02-24 16:51 - 2017-02-10 01:52 - 01983424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437866.dll
2017-02-24 16:51 - 2017-02-10 01:52 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437866.dll
2017-02-21 17:31 - 2017-02-21 17:31 - 00049884 _____ C:\Users\Jakub\Downloads\The-Flash-S03E09(0000280312).srt
2017-02-21 17:07 - 2017-02-21 17:07 - 00475749 _____ C:\Users\Jakub\Downloads\01 - Architektura operacnich systemu.pptx
2017-02-21 17:00 - 2017-02-21 17:00 - 01231039 _____ C:\Users\Jakub\Downloads\HPSim.zip
2017-02-21 15:59 - 2017-02-21 15:59 - 01838144 _____ (Solvusoft) C:\Users\Jakub\Downloads\Setup_FileViewPro_2016(1).exe
2017-02-20 20:44 - 2017-02-20 20:44 - 03897741 _____ C:\Users\Jakub\Downloads\Operační systémy 1.pdf
2017-02-20 20:44 - 2017-02-20 20:44 - 02076597 _____ C:\Users\Jakub\Downloads\DIMAN_i.pdf
2017-02-17 08:50 - 2017-03-19 20:00 - 00004948 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Jakub-PC-Jakub Jakub-PC

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-19 20:01 - 2016-08-20 19:48 - 00000000 ____D C:\Users\Jakub\AppData\Local\LogMeIn Hamachi
2017-03-19 20:00 - 2016-11-15 19:45 - 00000000 ____D C:\Users\Jakub\AppData\LocalLow\Mozilla
2017-03-19 20:00 - 2016-09-20 17:37 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2017-03-19 19:59 - 2016-05-02 17:16 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-19 19:59 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-19 18:10 - 2016-06-23 17:53 - 00000000 ____D C:\Users\Jakub\AppData\Local\Eclipse
2017-03-19 18:06 - 2016-04-22 14:39 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\uTorrent
2017-03-19 18:06 - 2016-04-22 10:51 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\vlc
2017-03-19 07:31 - 2009-07-14 05:45 - 00021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-19 07:31 - 2009-07-14 05:45 - 00021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-17 22:29 - 2016-05-02 17:30 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-03-17 22:29 - 2016-05-02 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-03-17 22:29 - 2016-05-02 17:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-03-17 22:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-03-17 22:28 - 2016-06-19 21:54 - 00000000 ____D C:\Users\Jakub\AppData\Local\CrashDumps
2017-03-17 22:19 - 2016-12-17 15:17 - 00004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:19 - 2016-11-05 16:37 - 00003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:19 - 2016-11-05 16:37 - 00001412 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-03-17 22:18 - 2016-11-05 16:37 - 00003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:37 - 00003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:37 - 00003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:37 - 00003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-11-05 16:36 - 00003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-17 22:18 - 2016-05-02 17:15 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-03-17 22:18 - 2016-05-02 17:12 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-14 17:27 - 2016-04-23 10:44 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-14 17:27 - 2016-04-23 10:44 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-14 17:27 - 2016-04-23 10:44 - 00004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-14 17:27 - 2016-04-23 10:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-14 17:27 - 2016-04-23 10:44 - 00000000 ____D C:\Windows\system32\Macromed
2017-03-09 08:17 - 2009-07-14 05:45 - 05049784 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-08 20:27 - 2016-09-20 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-03-08 20:26 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-03-08 20:25 - 2016-09-20 17:33 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-03-08 20:25 - 2016-09-20 17:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-08 20:25 - 2011-04-12 09:45 - 00000000 ____D C:\Windows\ShellNew
2017-03-08 19:51 - 2016-04-22 10:51 - 00103216 _____ C:\Users\Jakub\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-07 12:00 - 2016-08-20 19:48 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2017-03-07 12:00 - 2016-08-20 19:48 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2017-03-07 05:37 - 2016-11-16 15:17 - 00000622 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2017-03-05 09:24 - 2011-04-12 09:34 - 00668138 _____ C:\Windows\system32\perfh005.dat
2017-03-05 09:24 - 2011-04-12 09:34 - 00140798 _____ C:\Windows\system32\perfc005.dat
2017-03-05 09:24 - 2009-07-14 06:13 - 01582262 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-04 23:10 - 2016-05-03 14:07 - 00000000 ____D C:\ProgramData\Origin
2017-03-04 23:09 - 2016-05-03 14:08 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Origin
2017-03-02 16:55 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-03-02 13:26 - 2016-08-20 19:48 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2017-02-28 16:27 - 2016-05-21 23:03 - 00000000 ____D C:\Users\Jakub\AppData\Local\Microsoft Help
2017-02-26 22:31 - 2016-05-03 15:35 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2017-02-26 22:31 - 2016-05-03 15:35 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2017-02-26 22:19 - 2016-05-03 14:08 - 00000000 ____D C:\Users\Jakub\AppData\Local\Origin
2017-02-25 08:00 - 2016-04-22 09:37 - 00000000 ____D C:\Users\Jakub
2017-02-23 23:56 - 2016-05-02 17:16 - 01600056 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01880512 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01468864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-02-23 19:35 - 2016-11-05 16:37 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-02-23 15:30 - 2016-12-17 15:17 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-02-23 11:34 - 2016-11-05 16:46 - 00492744 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-02-23 11:34 - 2016-05-02 17:15 - 00042616 _____ C:\Windows\system32\nvinfo.pb
2017-02-23 11:34 - 2016-05-02 17:13 - 19883088 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-02-23 11:34 - 2016-05-02 17:13 - 04064088 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-02-23 11:34 - 2016-05-02 17:13 - 03583744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-02-23 09:43 - 2016-11-05 16:37 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-02-23 09:28 - 2016-05-02 17:30 - 00548288 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-02-23 09:28 - 2016-05-02 17:30 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 06401984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 02479160 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-02-23 09:28 - 2016-05-02 17:15 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-02-23 07:38 - 2016-05-02 17:15 - 07807027 _____ C:\Windows\system32\nvcoproc.bin
2017-02-22 14:45 - 2016-10-25 17:09 - 00000000 ____D C:\Users\Jakub\AppData\Local\IIIQF

==================== Files in the root of some directories =======

2016-12-17 15:18 - 2017-02-02 20:05 - 0006140 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-17 15:18 - 2017-02-01 21:04 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Some files in TEMP:
====================
2017-02-02 20:11 - 2017-02-09 23:39 - 0352704 _____ (NVIDIA Corporation) C:\Users\Jakub\AppData\Local\Temp\nvStInst.exe
2016-11-05 16:37 - 2017-01-20 19:39 - 0253376 _____ (NVIDIA Corporation) C:\Users\Jakub\AppData\Local\Temp\NvTelemetryAPI32.dll
2016-11-05 16:37 - 2017-01-20 19:39 - 0335296 _____ (NVIDIA Corporation) C:\Users\Jakub\AppData\Local\Temp\NvTelemetryAPI64.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jakub\Desktop" je 241 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager
"C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"D:\Programy\Ccleaner\CCleaner64.exe" /MONITOR [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Jakub\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount
"D:\Programy\DAEMON Tools Lite\DTAgent.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gaijin.Net Agent
"C:\Users\Jakub\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam
"C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
"D:\Programy\Hamachi\hamachi-2-ui.exe" --auto-start [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay
"C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000
C:\Windows\vVX1000.exe


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: NT Kernel & System

Napsal: 19 bře 2017 22:06
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {019e103c-2331-11e6-bf31-50e5493b0049} - G:\autorun.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {2a6ee064-1903-11e6-ab35-50e5493b0049} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {ec8a87cf-91d2-11e6-9004-50e5493b0049} - G:\HiSuiteDownLoader.exe
C:\Windows\System32\Tasks\AutoKMS

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: NT Kernel & System

Napsal: 19 bře 2017 22:21
od Rolandman
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Jakub (19-03-2017 22:15:25) Run:1
Running from C:\Users\Jakub\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {019e103c-2331-11e6-bf31-50e5493b0049} - G:\autorun.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {2a6ee064-1903-11e6-ab35-50e5493b0049} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\...\MountPoints2: {ec8a87cf-91d2-11e6-9004-50e5493b0049} - G:\HiSuiteDownLoader.exe
C:\Windows\System32\Tasks\AutoKMS

EmptyTemp:
End
*****************

HKU\S-1-5-21-1969966608-1539205475-668869137-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{019e103c-2331-11e6-bf31-50e5493b0049} => key removed successfully
HKCR\CLSID\{019e103c-2331-11e6-bf31-50e5493b0049} => key not found.
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2a6ee064-1903-11e6-ab35-50e5493b0049} => key removed successfully
HKCR\CLSID\{2a6ee064-1903-11e6-ab35-50e5493b0049} => key not found.
HKU\S-1-5-21-1969966608-1539205475-668869137-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ec8a87cf-91d2-11e6-9004-50e5493b0049} => key removed successfully
HKCR\CLSID\{ec8a87cf-91d2-11e6-9004-50e5493b0049} => key not found.
C:\Windows\System32\Tasks\AutoKMS => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 80651725 B
Java, Flash, Steam htmlcache => 444729474 B
Windows/system/drivers => 531217 B
Edge => 0 B
Chrome => 0 B
Firefox => 344739843 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83693 B
systemprofile32 => 66356 B
LocalService => 66228 B
NetworkService => 208205392 B
Jakub => 1285806812 B

RecycleBin => 1417347 B
EmptyTemp: => 2.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:15:42 ====

Re: NT Kernel & System

Napsal: 20 bře 2017 18:03
od Rudy
Smazáno. Nastala nějaká změna?

Re: NT Kernel & System

Napsal: 20 bře 2017 20:38
od Rolandman
Ono se to vždycky objevilo v průběhu dne. Budu to sledovat a dám vědět. :)

Re: NT Kernel & System

Napsal: 20 bře 2017 21:04
od Rudy
OK.

Re: NT Kernel & System

Napsal: 21 bře 2017 16:19
od Rolandman
Vypadá to, že je snad vše v pořádku. :-) Kdyby se to přece jen zase objevilo, můžu napsat opět do tohoto téma a zbytečně nezakládat nové?

Re: NT Kernel & System

Napsal: 21 bře 2017 19:05
od Rudy
Můžete, ale musíte požádat o odemčení. Vyřešená témata zamykáme, protože nám do nich vstupují cizí uživatelé. Jsem rád, že je to OK. :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz