Nadměrné využití CPU (Google Chrome..) , log

Zpráva

honza.minovsky

Dobrý den,
mám problém s mým notebookem, při používání banálních programů (itunes, google chrome..) vykazuje CPU nezvykle nedměrné využití (okolo 40%) , a celkově je počítač poslední dobou nějaký pomalý , obzvlášť pak při používání google chrome...
Mohl by se prosím někdo podívat na log z vámi doporučovaného programu adwcleaner ?
předem díky , Honza M.

log :

# AdwCleaner v5.006 - Logfile created 08/09/2015 at 17:55:50
# Updated 06/09/2015 by Xplode
# Database : 2015-09-07.1 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : honza - HONZAPC
# Running from : C:\Users\honza\Desktop\adwcleaner_5.006.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\SimilarSites
[-] Folder Deleted : C:\Program Files (x86)\Jelbrus Secure Web
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\Users\honza\AppData\Roaming\SimilarSites
[-] Folder Deleted : C:\Users\honza\AppData\Roaming\SpeedTestAnalysis
[-] Folder Deleted : C:\Users\honza\AppData\Roaming\webssearches
[-] Folder Deleted : C:\Users\honza\AppData\Roaming\Mozilla\Firefox\Profiles\39suwz9n.default\Extensions\faststartff@gmail.com

***** [ Files ] *****

[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml
[-] File Deleted : C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\and
[-] Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [speedtestanalysis@SpeedAnalysis.com]
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [speedtestanalysis@SpeedAnalysis.com]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{310D38FE-EB4C-467C-8781-B7C2AEB7847D}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{5054562D-5247-006A-76A7-7A786E7484D7}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key Deleted : HKCU\Software\Softonic
[!] Key Not Deleted : [x64] HKCU\Software\Softonic

***** [ Web browsers ] *****

[-] [C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : istart.webssearches.com
[-] [C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : webssearches

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3187 bytes] ##########

#2 Příspěvek od **Rudy** » 08 zář 2015 17:56

Zdravím!
Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

honza.minovsky

Dobrý večer, tady je FRST :

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-09-2015
Ran by honza (administrator) on HONZAPC (09-09-2015 00:21:45)
Running from C:\Users\honza\Desktop
Loaded Profiles: honza (Available Profiles: honza)
Platform: Windows 8.1 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Condusiv Technologies) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894152 2013-11-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-09-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_SRSSA] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-09-26] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-06-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1641368 2013-02-01] (Autodesk, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157968 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4034785289-3057718571-1925724539-1001\...\Run: [Akamai NetSession Interface] => C:\Users\honza\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4034785289-3057718571-1925724539-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1317256 2013-07-16] (Autodesk, Inc.)
HKU\S-1-5-21-4034785289-3057718571-1925724539-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-4034785289-3057718571-1925724539-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{6856EE92-B0FC-4F8C-8E18-516375DB8B30}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{6856EE92-B0FC-4F8C-8E18-516375DB8B30}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{BEBC4438-6D8A-48E4-A523-2C01BB35D68D}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-4034785289-3057718571-1925724539-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4034785289-3057718571-1925724539-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
SearchScopes: HKU\S-1-5-21-4034785289-3057718571-1925724539-1001 -> DefaultScope {6BC3C302-F956-441D-A5C3-66AB815E6A06} URL =
SearchScopes: HKU\S-1-5-21-4034785289-3057718571-1925724539-1001 -> {6BC3C302-F956-441D-A5C3-66AB815E6A06} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-19] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-19] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\honza\AppData\Roaming\Mozilla\Firefox\Profiles\39suwz9n.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-09-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-09-29] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-27] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-09-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Extension: NASA Night Launch - C:\Users\honza\AppData\Roaming\Mozilla\Firefox\Profiles\39suwz9n.default\Extensions\nasanightlaunch@example.com.xpi [2014-09-04]
FF Extension: Facebook Photo Zoom - C:\Users\honza\AppData\Roaming\Mozilla\Firefox\Profiles\39suwz9n.default\Extensions\{7c6cdf7c-8ea8-4be7-ae5a-0b3effe14d66}.xpi [2014-09-30]
FF Extension: Firefox Helper - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\6d0dae4ff09132e19156611c9127b773 [2015-08-21]
FF Extension: Firefox Helper - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\7f1fc06102a344fd3b2cbaf89127b773 [2015-08-21]
FF Extension: No Name - C:\Users\honza\AppData\Roaming\Mozilla\Firefox\Profiles\39suwz9n.default\extensions\faststartff@gmail.com [not found]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (APP) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.823\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Chrome PDF Viewer) - chrome-extension://mhjfbmdgcfjbbpaeojofohoefgiehjai/ No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\internal-nacl-plugin No File
CHR Plugin: (Chrome PDF Viewer) - internal-pdf-viewer No File
CHR Profile: C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-17]
CHR Extension: (Google Drive) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-17]
CHR Extension: (YouTube) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-17]
CHR Extension: (Google Search) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-17]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2014-02-02]
CHR Extension: (Google Docs Offline) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (Tiësto) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnmeobddjkkgkglnogihcaejaleikhdh [2014-02-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-17]
CHR Extension: (Gmail) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-17]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593152 2014-01-29] (Samsung Electronics CO., LTD.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100104 2013-09-05] (ELAN Microelectronics Corp.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-01-14] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 IntelliMemory; C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [55720 2012-12-21] (Condusiv Technologies)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-01-14] (Intel Corporation)
R2 mi-raysat_3dsmax2014_64; C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [86016 2011-09-15] () [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3020632 2014-04-04] (Samsung Electronics CO., LTD.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-02-18] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [22832 2013-07-24] (ELAN Microelectronic Corp.)
R1 intmfs; C:\Windows\System32\DRIVERS\intmfs.sys [29096 2012-12-21] (Condusiv Technologies)
R0 intmsd; C:\Windows\System32\DRIVERS\intmsd.sys [104872 2012-12-21] (Condusiv Technologies)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2013-04-19] (Windows (R) 2003 DDK 3790 provider)
R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-09 00:21 - 2015-09-09 00:22 - 00020060 _____ C:\Users\honza\Desktop\FRST.txt
2015-09-09 00:21 - 2015-09-09 00:22 - 00000000 ____D C:\FRST
2015-09-09 00:17 - 2015-09-09 00:17 - 02190336 _____ (Farbar) C:\Users\honza\Desktop\FRST64.exe
2015-09-08 17:50 - 2015-09-08 17:55 - 00000000 ____D C:\AdwCleaner
2015-09-08 00:31 - 2015-09-08 00:31 - 01654784 _____ C:\Users\honza\Desktop\adwcleaner_5.006.exe
2015-09-07 19:50 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-09-07 19:50 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-09-07 19:50 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-09-07 19:50 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-09-07 19:50 - 2014-11-15 21:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-09-07 19:50 - 2014-11-15 08:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-09-07 19:50 - 2014-11-14 08:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-09-07 19:50 - 2014-11-14 07:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-09-07 19:50 - 2014-11-10 20:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-09-07 19:50 - 2014-11-10 20:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-09-07 19:50 - 2014-11-10 04:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-09-07 19:50 - 2014-11-10 03:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-09-07 19:50 - 2014-11-10 03:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-09-07 19:50 - 2014-11-10 03:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-09-07 19:50 - 2014-11-10 03:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-09-07 19:50 - 2014-11-10 03:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-09-07 19:50 - 2014-11-10 03:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-09-07 19:50 - 2014-11-10 03:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-09-07 19:50 - 2014-11-10 02:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-09-07 19:50 - 2014-11-10 02:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-09-07 19:50 - 2014-11-08 06:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-09-07 19:50 - 2014-11-08 05:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-09-07 19:50 - 2014-11-08 05:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-09-07 19:50 - 2014-11-08 05:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-09-07 19:50 - 2014-11-08 05:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-09-07 19:50 - 2014-11-08 05:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-09-07 19:50 - 2014-11-08 05:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-09-07 19:50 - 2014-11-08 05:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-09-07 19:50 - 2014-11-08 05:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-09-07 19:50 - 2014-11-08 04:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-09-07 19:50 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-09-07 19:50 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-09-07 19:50 - 2014-11-08 04:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-09-07 19:50 - 2014-11-08 03:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-09-07 19:50 - 2014-11-08 03:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-09-07 19:50 - 2014-11-07 05:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-09-07 19:50 - 2014-11-07 05:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-09-07 19:50 - 2014-11-05 04:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-09-07 19:50 - 2014-11-05 04:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-09-07 19:50 - 2014-11-05 04:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-09-07 19:50 - 2014-11-05 03:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-09-07 19:50 - 2014-11-05 03:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-09-07 19:50 - 2014-11-05 03:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-09-07 19:50 - 2014-11-05 03:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-09-07 19:50 - 2014-11-05 03:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-09-07 19:50 - 2014-11-05 03:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-09-07 19:50 - 2014-11-05 03:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-09-07 19:50 - 2014-11-05 03:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-09-07 19:50 - 2014-11-05 03:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-09-07 19:50 - 2014-11-05 03:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-09-07 19:50 - 2014-11-05 03:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-09-07 19:50 - 2014-11-04 21:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-09-07 19:50 - 2014-11-04 08:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-09-07 19:50 - 2014-11-04 07:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-09-07 19:50 - 2014-10-29 05:05 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-09-07 19:50 - 2014-10-29 03:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-09-07 19:50 - 2014-10-29 03:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-09-07 19:50 - 2014-10-21 03:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-09-07 19:50 - 2014-10-21 03:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-09-07 19:50 - 2014-10-21 02:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-09-07 19:50 - 2014-10-21 02:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-09-07 19:50 - 2014-10-21 02:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-09-07 19:50 - 2014-10-21 02:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-09-07 19:50 - 2014-10-21 02:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-09-07 19:50 - 2014-10-17 06:56 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-09-07 19:50 - 2014-10-17 05:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-09-07 19:33 - 2014-11-17 22:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-09-07 19:33 - 2014-11-17 22:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-09-07 19:33 - 2014-11-14 08:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-09-07 19:33 - 2014-11-14 08:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-09-07 19:28 - 2015-06-10 00:39 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2015-09-07 19:28 - 2015-06-10 00:39 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2015-09-07 19:28 - 2015-06-10 00:38 - 01201664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-09-07 19:28 - 2015-05-01 03:13 - 06521800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2015-09-07 19:28 - 2015-05-01 03:13 - 01488000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-09-07 19:28 - 2015-05-01 03:13 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2015-08-28 18:21 - 2015-08-28 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-08-28 18:21 - 2015-08-28 18:21 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-08-24 19:04 - 2015-08-24 19:04 - 00003126 _____ C:\WINDOWS\System32\Tasks\advRecovery
2015-08-21 20:45 - 2015-08-21 20:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-20 23:41 - 2015-08-20 23:41 - 00000000 ___HD C:\$SysReset
2015-08-19 17:47 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-19 17:47 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-14 16:55 - 2015-08-20 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-14 16:55 - 2015-08-14 16:55 - 00001795 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-14 16:55 - 2015-08-14 16:55 - 00000000 ____D C:\Program Files\iPod
2015-08-13 10:54 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 10:54 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 09:17 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-13 09:17 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-13 09:17 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-13 09:17 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-13 09:17 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-13 09:17 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-13 09:17 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-13 09:17 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-13 09:17 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-13 09:17 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-13 09:17 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-13 09:17 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-13 09:17 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-13 09:16 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-13 09:16 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-13 09:16 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-13 09:16 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-13 09:16 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-13 09:16 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-13 09:16 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-13 09:16 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-13 09:16 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-13 09:16 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-13 09:16 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-13 09:16 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-13 09:16 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-13 09:16 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-13 09:16 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-13 09:16 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-13 09:16 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-13 09:16 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-13 09:16 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-13 09:16 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-13 09:16 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-13 09:16 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-13 09:16 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-13 09:16 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-13 09:16 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-13 09:16 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-13 09:16 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-13 09:16 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-13 09:16 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-13 09:15 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-13 09:15 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-13 09:15 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-13 09:15 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-13 09:15 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-13 09:15 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-13 09:15 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-13 09:15 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-13 09:15 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-13 09:15 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-13 09:14 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-13 09:14 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-13 09:14 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-13 09:14 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-13 09:14 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-13 09:14 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-13 09:14 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-13 09:14 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-13 09:14 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-13 09:14 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-13 09:14 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-13 09:12 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-13 09:12 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-13 09:12 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-13 09:12 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-13 09:12 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-13 09:11 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-13 09:11 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-13 09:11 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-13 09:11 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-13 09:10 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-13 09:10 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-13 09:10 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-13 09:10 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-13 09:10 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-13 09:10 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-13 09:10 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-13 09:10 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-13 09:10 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-13 09:10 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-13 09:09 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-13 09:09 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-13 09:09 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-13 09:09 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-13 09:09 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-13 09:09 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-13 09:09 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-13 09:09 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-09 00:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-08 23:49 - 2015-02-10 15:55 - 00003966 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0AAFD7A2-E01E-4CCE-A058-8374FE5AC3B8}
2015-09-08 19:23 - 2014-02-02 18:40 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-08 19:15 - 2014-11-30 19:52 - 01203103 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-08 19:06 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-09-08 18:44 - 2014-10-25 17:09 - 00000976 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-08 18:12 - 2013-10-06 17:00 - 12253696 ___SH C:\Users\honza\Desktop\Thumbs.db
2015-09-08 18:01 - 2014-09-24 18:23 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-08 18:01 - 2014-09-24 17:39 - 00739924 _____ C:\WINDOWS\system32\perfh005.dat
2015-09-08 18:01 - 2014-09-24 17:39 - 00151610 _____ C:\WINDOWS\system32\perfc005.dat
2015-09-08 17:59 - 2013-04-11 23:09 - 00000000 ____D C:\ProgramData\WinClon
2015-09-08 17:56 - 2014-10-25 17:09 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-08 17:56 - 2013-08-22 16:46 - 00360369 _____ C:\WINDOWS\setupact.log
2015-09-08 17:56 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-08 17:56 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-08 16:45 - 2013-10-04 18:38 - 00000000 ____D C:\Users\honza\AppData\Local\Adobe
2015-09-07 20:25 - 2013-10-05 21:18 - 00000000 ____D C:\Users\honza\Desktop\moje soubory
2015-09-07 19:51 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2015-09-07 19:51 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\setup
2015-09-07 19:51 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-07 12:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-09-07 12:19 - 2013-11-10 19:58 - 00000000 ____D C:\Users\honza\AppData\Roaming\vlc
2015-09-05 17:40 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-03 11:47 - 2013-10-04 18:49 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4034785289-3057718571-1925724539-1001
2015-09-03 10:46 - 2014-02-02 17:46 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-29 15:39 - 2014-02-02 17:42 - 00003948 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-29 15:39 - 2014-02-02 17:42 - 00003712 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-24 19:04 - 2013-04-11 22:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-08-24 19:04 - 2013-04-11 22:16 - 00000000 ____D C:\Program Files\Samsung
2015-08-24 19:04 - 2013-04-11 22:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-24 17:23 - 2015-07-16 23:27 - 00002996 _____ C:\WINDOWS\System32\Tasks\SUPatchForW10Up
2015-08-24 17:23 - 2013-04-11 23:10 - 00000000 ____D C:\ProgramData\Samsung
2015-08-23 09:37 - 2014-01-05 15:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-20 23:48 - 2015-04-07 19:28 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-08-20 23:48 - 2014-11-30 19:46 - 00000000 ____D C:\Users\honza
2015-08-20 23:46 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\registration
2015-08-20 22:32 - 2014-01-24 02:07 - 00000000 ____D C:\Users\honza\AppData\Roaming\iMobie
2015-08-20 22:31 - 2014-01-24 02:20 - 00000000 ____D C:\Program Files (x86)\iMobie
2015-08-16 09:33 - 2015-02-05 00:47 - 00000000 ____D C:\Users\honza\AppData\Roaming\Abvent_Artlantis5
2015-08-14 16:55 - 2015-02-08 23:11 - 00000000 ____D C:\Program Files\iTunes
2015-08-14 16:55 - 2015-01-30 17:05 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-14 16:54 - 2013-10-05 19:33 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-14 08:59 - 2014-06-22 13:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-14 08:59 - 2014-06-22 13:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-14 08:59 - 2013-08-22 16:44 - 05182136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-14 00:56 - 2015-04-16 02:08 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-14 00:56 - 2014-09-24 21:06 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-14 00:56 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 00:56 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 00:56 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-14 00:56 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-13 10:55 - 2013-10-06 19:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-13 10:55 - 2012-07-26 07:26 - 00000167 _____ C:\WINDOWS\win.ini
2015-08-13 10:54 - 2014-06-22 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-13 10:53 - 2013-10-09 00:14 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-13 10:50 - 2013-10-09 00:14 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-13 10:49 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 10:49 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-11 19:23 - 2014-02-02 18:40 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

==================== Files in the root of some directories =======

2013-10-04 18:38 - 2013-12-04 11:35 - 0002309 _____ () C:\Users\honza\AppData\Roaming\AbsoluteReminder.xml
2015-05-30 23:30 - 2015-05-31 01:23 - 0000132 _____ () C:\Users\honza\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2015-02-21 11:42 - 2015-02-21 11:42 - 0000000 _____ () C:\Users\honza\AppData\Roaming\E4F3.tmp
2013-11-12 15:06 - 2013-11-12 15:06 - 0007602 _____ () C:\Users\honza\AppData\Local\Resmon.ResmonCfg
2015-03-20 01:26 - 2015-03-20 01:26 - 0000000 _____ () C:\Users\honza\AppData\Local\{AD9526D0-1B49-4C5C-B7AC-E92BA0872E45}
2014-11-30 19:43 - 2014-11-30 19:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-04-11 23:16 - 2013-02-19 09:34 - 2064264 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2013-04-11 23:16 - 2013-01-12 16:51 - 0003004 _____ () C:\ProgramData\MakeMarkerFile.xml
2013-10-05 19:15 - 2013-10-05 19:15 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe

Some files in TEMP:
====================
C:\Users\honza\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\honza\AppData\Local\Temp\converter.exe
C:\Users\honza\AppData\Local\Temp\KMP_3.9.1.130.exe
C:\Users\honza\AppData\Local\Temp\KMP_3.9.1.131.exe
C:\Users\honza\AppData\Local\Temp\KMP_3.9.1.132.exe
C:\Users\honza\AppData\Local\Temp\KMP_3.9.1.134.exe
C:\Users\honza\AppData\Local\Temp\KMP_3.9.1.135.exe
C:\Users\honza\AppData\Local\Temp\KMP_3.9.1.136.exe
C:\Users\honza\AppData\Local\Temp\KMP_3.9.1.138.exe
C:\Users\honza\AppData\Local\Temp\sqlite3.dll
C:\Users\honza\AppData\Local\Temp\vcredist_vs2005_x86.exe
C:\Users\honza\AppData\Local\Temp\vcredist_vs2010_x64.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-09-08 18:55

==================== End of FRST.txt ============================

druhý log-
ADDITION :

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-09-2015
Ran by honza (2015-09-09 00:22:55)
Running from C:\Users\honza\Desktop
Windows 8.1 Pro (X64) (2014-11-30 17:55:18)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-4034785289-3057718571-1925724539-500 - Administrator - Disabled)
Guest (S-1-5-21-4034785289-3057718571-1925724539-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4034785289-3057718571-1925724539-1006 - Limited - Enabled)
honza (S-1-5-21-4034785289-3057718571-1925724539-1001 - Administrator - Enabled) => C:\Users\honza

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe InDesign CC 2014 (HKLM-x32\...\{CCDCB9C4-72BA-1014-A3F8-D123F2F18BC2}) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Adolix Split and Merge PDF v2.1 (HKLM-x32\...\Adolix Split and Merge PDF_is1) (Version: - Adolix Software)
Akamai NetSession Interface (HKU\S-1-5-21-4034785289-3057718571-1925724539-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Any Audio Converter 3.0.7 (HKLM-x32\...\Any Audio Converter_is1) (Version: - Any-Audio-Converter.com)
Anydata ADU890-WH (HKLM-x32\...\Anydata ADU890-WH) (Version: 0.01.31.09 - AnyDATA.NET, Inc)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Apple Mobile Device Support (HKLM\...\{06A333EA-4E9D-4848-865F-FE5A1E12AB30}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArchiCAD 17 CZE (HKLM\...\001FFF2FFF17FF00FF1101F01F02F000-R1) (Version: 17.0 - GRAPHISOFT)
ArchiCAD 18 CZE (HKLM\...\001FFF2FFF18FF00FF1101F01F02F000-R1) (Version: 18.0 - GRAPHISOFT)
Artlantis 5 Exporter for SketchUp Pro 2014 (HKLM-x32\...\Abvent_SkpPro2014toATL5) (Version: - )
Artlantis Studio 5.1.2.4 (64 bit) (HKLM\...\Artlantis Studio 5 (64 bit)) (Version: 5.1.2.4 - Abvent R&D)
AutoCAD 2014 – Čeština (Czech) (Version: 19.1.108.0 - Autodesk) Hidden
AutoCAD 2014 – Čeština (Czech) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 - English (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack – Čeština (Czech) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - English (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.6.12.800 - Autodesk)
Autodesk 3ds Max 2014 (HKLM\...\Autodesk 3ds Max 2014) (Version: 16.2.475.0 - Autodesk)
Autodesk 3ds Max 2014 (Version: 16.2.475.0 - Autodesk) Hidden
Autodesk 3ds Max 2014 64-bit Populate Data (HKLM\...\{7491836B-659E-47DD-ABBF-F875AD48FD10}) (Version: 1.0.0.1 - Autodesk)
Autodesk 3ds Max 2014 SP2 (HKLM\...\Autodesk 3ds Max 2014 HF1) (Version: 16.2.475.0 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 – Čeština (Czech) (HKLM\...\AutoCAD 2014 – Čeština (Czech)) (Version: 19.1.18.0 - Autodesk)
Autodesk AutoCAD 2014 – Čeština (Czech) SP1 (HKLM\...\AutoCAD 2014 – Čeština (Czech) SP1) (Version: 1 - Autodesk)
Autodesk AutoCAD 2014 Language Pack - English (HKLM\...\AutoCAD 2014 Language Pack - English) (Version: 19.1.18.0 - Autodesk)
Autodesk Backburner 2014 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 14.0.0.0 - Autodesk, Inc.)
Autodesk Composite 2014 (HKLM\...\Autodesk Composite 2014) (Version: 9.0.0.0 - Autodesk)
Autodesk Composite 2014 (Version: 9.0.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk DirectConnect 2014 64-bit (HKLM\...\Autodesk DirectConnect 2014 64-bit) (Version: 8.0.56.1 - Autodesk)
Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1 - Autodesk) Hidden
Autodesk Download Manager (HKLM-x32\...\{2F48C80C-3A76-495A-A4B5-C0CC946FEEBD}) (Version: 2.0.6.0 - Autodesk, Inc.)
Autodesk Essential Skills Movies for 3ds Max 2014 64-bit (HKLM\...\{E8814D63-BB76-4C89-A25E-264ECF11D00D}) (Version: 1.2.0.0 - Autodesk)
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2014 64-bit (HKLM\...\{009751C6-22D7-4548-A313-AD48FA57076F}) (Version: 16.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2014 (HKLM-x32\...\{A0633D4E-5AF2-4E3E-A70A-FE9C2BD8A958}) (Version: 4.0.32.600 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max 2014 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2014) (Version: 13.02.15161 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2014 (Version: 13.02.15161 - Autodesk) Hidden
Balíček ovladače systému Windows - Anydata (adusbnet) Net (11/30/2010 1.0.5.5) (HKLM\...\2D70ABD4660B7026CB5C4AE8D41B9BEF8067814F) (Version: 11/30/2010 1.0.5.5 - Anydata)
Balíček ovladače systému Windows - Anydata corporation (adusbser) Modem (12/03/2010 2.0.8.0) (HKLM\...\FBEF5F3C531F332C65A223F5D1A7C3A1A0111746) (Version: 12/03/2010 2.0.8.0 - Anydata corporation)
Balíček ovladače systému Windows - Anydata corporation (adusbser) Ports (12/03/2010 2.0.8.0) (HKLM\...\ADD65101CC3F2D125B65CD5B8A03323B853686E3) (Version: 12/03/2010 2.0.8.0 - Anydata corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
ETDWare X64 11.7.19.9_WHQL (HKLM\...\Elantech) (Version: 11.7.19.9 - ELAN Microelectronic Corp.)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
Fotogaléria (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google SketchUp 6 (HKLM-x32\...\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}) (Version: 6.0.01623 - Google)
Google SketchUp 6 (x32 Version: 6.4.247 - Google) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36843 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
IntelliMemory (HKLM\...\{40320F22-7D70-49DB-9D66-B6FAE5F36B47}) (Version: 1.0.32.0 - Condusiv Technologies)
iTunes (HKLM\...\{5AC8E601-667F-4CA0-90D8-B25E1C4B3387}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft Office 2010 pro podnikatele (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 cs)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
PDF Editor 4 (HKLM-x32\...\PDF Editor 4) (Version: - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PhoneClean 3.7.0 (HKLM-x32\...\{2FAFFE02-4D6B-4C0A-906B-1B33DAF0DD14}}_is1) (Version: 3.7.0 - iMobie Inc.)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.4.907.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7055 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.1.0.1 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.1.51 - Samsung Electronics CO., LTD.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
SRS Premium Sound (HKLM-x32\...\{E44F8A34-529E-4318-A0E1-1893C337A47F}) (Version: 1.00.4700 - DTS, Inc.)
Support Center FAQ (x32 Version: 1.0.11 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{D2B5F1E3-EA56-4D84-A453-A213B32974CB}) (Version: 2.1.25 - Samsung Electronics CO., LTD.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
V-Ray for SketchUp demo (HKLM-x32\...\V-Ray for SketchUp demo 2.00.24261) (Version: 2.00.24261 - Chaos Software, Ltd)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zoner 3D Photo Maker (HKLM-x32\...\Zoner 3D Photo Maker_is1) (Version: - ZONER software)
Zoner Photo Studio 14 (HKLM\...\ZonerPhotoStudio14_CZ_is1) (Version: 14.0.1.2 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4034785289-3057718571-1925724539-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4034785289-3057718571-1925724539-1001_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4034785289-3057718571-1925724539-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-4034785289-3057718571-1925724539-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4034785289-3057718571-1925724539-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\cs-CZ\acadficn.dll (Autodesk, Inc.)

==================== Restore Points =========================

24-08-2015 19:03:28 Odstraněno Recovery
02-09-2015 01:02:00 Naplánovaný kontrolní bod
07-09-2015 19:50:30 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1B299B7A-5C8D-4D4F-874B-A3104C29CC6B} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated)
Task: {365E18C4-6F8E-4E99-B57A-FF76339F8E1B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {45C8139D-B8C3-469A-857A-A798B160CE6D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5CBD96AD-DB81-4293-9132-D92F0C4CA527} - System32\Tasks\RtHDVBg_SRSSA => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-09-26] (Realtek Semiconductor)
Task: {748F0016-C49D-4039-A5CA-6E372F535619} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-09-30] (Realtek Semiconductor)
Task: {89D56AEE-1BD2-4A12-9B9F-1E1196B679E8} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-09-13] (Intel Corporation)
Task: {8C4FDDC0-2389-4171-82B6-62EC483589A6} - System32\Tasks\AdobeAAMUpdater-1.0-HonzaPC-honza => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {972CFBDD-B227-4DEF-8913-FC597BABC3DC} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-09-13] (Intel Corporation)
Task: {B036FA1A-F0A3-4DC1-8B00-DDD9123A16C1} - System32\Tasks\SUPatchForW10Up => %programdata%\Samsung\SamsungUpdatePatch\SUPatchForW10Up.exe
Task: {BAECE078-5029-49CC-9D7F-540C1897348A} - System32\Tasks\{EEE054A3-95CB-41A3-A771-CA226A837E2C} => pcalua.exe -a "C:\Program Files (x86)\Cenega Czech\Mafia\Game.exe" -d "C:\Program Files (x86)\Cenega Czech\Mafia"
Task: {C45485E0-906E-41EC-924B-791468B6D618} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {D6297864-660D-4591-ADA0-2FC393D1D5E3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E48609A9-507A-46E8-90B8-610238342795} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2014-10-29] (Samsung Electronics CO., LTD.)
Task: {E875064A-F87B-4461-9CAB-DCF9601BC8A6} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {F33BD624-85B1-49CA-B80E-0523355D167B} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2015-07-14] (SEC)
Task: {F404095A-57BF-49AC-B195-125C59D38019} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2014-01-29] (Samsung Electronics CO., LTD.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-01-08 16:33 - 2013-10-23 16:24 - 00087600 _____ () C:\WINDOWS\System32\cpwmon64.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00084800 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2011-09-15 06:19 - 2011-09-15 06:19 - 00086016 _____ () C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
2014-10-01 20:54 - 2014-10-01 20:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-10-29 17:19 - 2014-10-29 17:19 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00027968 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 01141056 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00025920 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00059712 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00102720 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2013-04-11 22:14 - 2013-01-14 20:25 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4034785289-3057718571-1925724539-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\honza\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ADSK DLMSession"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKU\S-1-5-21-4034785289-3057718571-1925724539-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-4034785289-3057718571-1925724539-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-4034785289-3057718571-1925724539-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-4034785289-3057718571-1925724539-1001\...\StartupApproved\Run: => "iCloudServices"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{AABD71E0-3503-4300-9C58-838ADFD8E372}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{A2553F71-F1B3-4005-888D-8146B56FB503}C:\program files\graphisoft\archicad 17\licensefilegenerator.exe] => (Allow) C:\program files\graphisoft\archicad 17\licensefilegenerator.exe
FirewallRules: [TCP Query User{ACA29C33-A7B9-4ADA-A05C-48FC0E5EC561}C:\program files\graphisoft\archicad 17\licensefilegenerator.exe] => (Allow) C:\program files\graphisoft\archicad 17\licensefilegenerator.exe
FirewallRules: [UDP Query User{9E03CC59-5514-4F64-AC50-18061E946183}C:\program files\graphisoft\archicad 17\gsquicktimeserver\gsqtserver.exe] => (Allow) C:\program files\graphisoft\archicad 17\gsquicktimeserver\gsqtserver.exe
FirewallRules: [TCP Query User{A9757257-C002-4004-AFDF-F95442BEC944}C:\program files\graphisoft\archicad 17\gsquicktimeserver\gsqtserver.exe] => (Allow) C:\program files\graphisoft\archicad 17\gsquicktimeserver\gsqtserver.exe
FirewallRules: [UDP Query User{35C21912-5408-4A9B-9E86-93A2B0EBB3C8}C:\program files\graphisoft\archicad 17\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 17\archicad.exe
FirewallRules: [TCP Query User{0FEAB93B-891B-47BF-B12B-A3947B2B0DAC}C:\program files\graphisoft\archicad 17\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 17\archicad.exe
FirewallRules: [{17104AE8-E792-46F1-A269-D57B3DAAB04E}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 17\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [{9C591E29-8F68-4C69-91F1-5AF69B1DEEDA}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 17\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [{6E196644-ED2D-437D-9BA4-8F92E7D47927}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 17\ArchiCAD.exe
FirewallRules: [{6BAA6991-FAD5-4F27-8A59-CD4D054061FD}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 17\ArchiCAD.exe
FirewallRules: [{EFF28BFF-DD47-4959-8D52-01FC988E1ABB}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{49C9C043-D01A-4A28-9CF0-32DC1CEC5099}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{708D1670-1D0A-4AD6-8CFC-0C1D6F801995}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{E779ABD0-9704-4DE3-B645-FB3114A0DA6F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [UDP Query User{CBE6E59A-AA9D-4C50-86A9-63AC7DD3085B}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe
FirewallRules: [TCP Query User{07C18A33-5C44-4783-9B2C-D225ACF4C0BE}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe
FirewallRules: [UDP Query User{E95D08D1-42E0-42D5-9576-E254011082DB}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{CC39B578-79EA-4F33-9748-C4F3DAEECC0F}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{13322880-CF44-4EF4-9509-76B80A3C2B04}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{1C10AE91-BFFF-4394-AE9E-2F0C52C1E0D3}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{5B15D34F-07ED-44E9-B103-6EF51E72A7F7}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{DEEFE475-24B4-42D4-A4F7-213CC911F3DE}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{46D90F6B-0258-4BE5-81DC-0FE5A4856E9E}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{2F33BC9D-712C-403B-B704-677A50F69BF8}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{2E01D5C2-FC6D-4C56-8CE1-21C0A6CD4D84}] => (Allow) C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64.exe
FirewallRules: [{1BC1959D-8128-4587-9A2A-921EBEDE87FA}] => (Allow) C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64.exe
FirewallRules: [{AC0D2BB5-0D4E-4667-81DF-1A2A5D9B218E}] => (Allow) C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
FirewallRules: [{6373CC57-610C-463D-9B38-0595B5A64AF4}] => (Allow) C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
FirewallRules: [UDP Query User{35CABF07-6FCC-477B-BC79-8C2F1ABAC60B}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{EB5D3AAE-9921-4F45-BE4C-0D9ABCFA3AB1}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{88789D90-F294-4DB7-9EC3-A6F6980DDBE4}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
FirewallRules: [{C834C2D0-AB00-4D93-AFF6-756EFD4F8B5B}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
FirewallRules: [{8C89CE4E-1C6B-45C9-8C01-AE41159CF81E}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
FirewallRules: [{358E87B6-980C-4516-ABD2-DC7E1FEC7452}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
FirewallRules: [{F079A4FC-7097-409C-9E0E-DD52DA766B77}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{08862488-5D1A-452F-A882-07E0388D41F8}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{4066566A-4466-4DF0-9C67-0738879A59FA}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [UDP Query User{B0AF2040-1614-4C3B-AEC4-C8F6203B4D62}C:\users\honza\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\honza\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{0E0A4B52-0634-44DD-9114-241FBBD4D382}C:\users\honza\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\honza\appdata\local\akamai\netsession_win.exe
FirewallRules: [{18C1C61F-7B7A-4DB6-8195-1F4FD3C7CF7C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{58A6F058-1270-4BD3-960F-1EDB6B9482FC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9B1A0AE9-C3ED-4920-A9C3-34A62FBE770B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C2EC52BA-B8FA-455F-96B1-BA63120138D1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{68829C76-843E-4F15-8286-5701B3A52797}] => (Allow) LPort=50248
FirewallRules: [{32DD1BF3-1487-49DF-8F80-6A0BAAC3E41D}] => (Allow) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
FirewallRules: [{A8D44ADB-D0C4-4D5F-A86F-5626FF454587}] => (Allow) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
FirewallRules: [{FBE8326C-7D08-47F7-9AAC-0B5A233A426C}] => (Allow) LPort=1900
FirewallRules: [{114D5263-662A-4EE5-95E7-8A237554019A}] => (Allow) LPort=2869
FirewallRules: [{EEB46C48-94C5-41DF-AE30-8F334D81483C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{AF195E90-D830-4963-9FF9-A752E92D48B5}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [TCP Query User{F0FEB942-5E8D-4182-A6FD-C380D7C76620}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{1F7E09B3-62B9-4435-A477-7A7693241868}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe
FirewallRules: [TCP Query User{B5D2B47F-F7E6-4B0A-8853-453FFF786BD6}C:\program files\artlantis studio 5\artlantis license manager.exe] => (Allow) C:\program files\artlantis studio 5\artlantis license manager.exe
FirewallRules: [UDP Query User{8D970B12-5CA0-4092-AEDF-CE7DCD970E85}C:\program files\artlantis studio 5\artlantis license manager.exe] => (Allow) C:\program files\artlantis studio 5\artlantis license manager.exe
FirewallRules: [{6F0F6576-5671-46D1-8285-CC5010676910}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2922763B-904B-4DB4-8E40-51F910DA4402}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C6477215-C3D5-4E44-A821-A091113127D5}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe
FirewallRules: [{716477D2-60B5-457C-87A8-A19A20402ECE}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe
FirewallRules: [{E3F3492C-738E-4F96-8F3D-467DAF9BA9E0}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\CineRender\CineRender 64bit.exe
FirewallRules: [{A050DEA2-2A2F-401C-856D-F9DAE6E35387}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\CineRender\CineRender 64bit.exe
FirewallRules: [TCP Query User{79F11827-C689-4136-B4D4-8DAB1C8DB1F1}C:\program files (x86)\sketchup\sketchup 2014\sketchup.exe] => (Allow) C:\program files (x86)\sketchup\sketchup 2014\sketchup.exe
FirewallRules: [UDP Query User{BEABEE9A-B0B6-4B8A-85CF-344623A23B28}C:\program files (x86)\sketchup\sketchup 2014\sketchup.exe] => (Allow) C:\program files (x86)\sketchup\sketchup 2014\sketchup.exe
FirewallRules: [TCP Query User{9CCF50B9-1783-499D-AE69-D7EE679E3E1B}C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe] => (Allow) C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe
FirewallRules: [UDP Query User{AB13128F-D137-4AA6-8155-74AD5E493F18}C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe] => (Allow) C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe
FirewallRules: [TCP Query User{B96A0E9A-C3A8-4C45-809E-BAFD181E5068}C:\program files (x86)\sketchup\sketchup 2014\sketchup.exe] => (Allow) C:\program files (x86)\sketchup\sketchup 2014\sketchup.exe
FirewallRules: [UDP Query User{0BC18730-9F12-425C-9EA4-DAF7C3A835AF}C:\program files (x86)\sketchup\sketchup 2014\sketchup.exe] => (Allow) C:\program files (x86)\sketchup\sketchup 2014\sketchup.exe
FirewallRules: [TCP Query User{122BEF38-EDC9-4234-8C54-D8CEFC10304B}C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe] => (Allow) C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe
FirewallRules: [UDP Query User{071CC3A0-CE45-4BD7-B0F3-ED2953ECE6AE}C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe] => (Allow) C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe
FirewallRules: [TCP Query User{A5D262BF-686C-421C-8856-085B7CE61B69}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe] => (Allow) C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe
FirewallRules: [UDP Query User{37B211FE-0CC6-4E83-BE3C-B89506A6B7C5}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe] => (Allow) C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe
FirewallRules: [TCP Query User{44AA07A5-5A6E-4E5A-A3C0-A8B119FA0678}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe] => (Allow) C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe
FirewallRules: [UDP Query User{CC35E395-56CE-4304-A56B-56D7554E997F}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe] => (Allow) C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe
FirewallRules: [{956F81B9-4A99-4A5B-94A1-E7EE09D01941}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{F64FA7F6-0C59-413B-B727-ECD9E7F28A2C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (09/09/2015 12:11:07 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1 se nezdařilo.
Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (09/08/2015 06:56:03 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Svazek \\?\Volume{42de27e2-5bc9-4a87-99a1-89cf03d419c9}\ nebyl optimalizován, protože byla zjištěna chyba: Parametr není správný. (0x80070057).

Error: (09/08/2015 06:56:02 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Svazek Windows RE tools nebyl optimalizován, protože byla zjištěna chyba: Parametr není správný. (0x80070057).

Error: (09/08/2015 04:46:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24

Error: (09/08/2015 04:46:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23

Error: (09/08/2015 04:46:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22

Error: (09/08/2015 04:46:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21

Error: (09/08/2015 04:46:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20

Error: (09/08/2015 04:46:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19

Error: (09/08/2015 04:46:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18

System errors:
=============
Error: (09/09/2015 12:11:25 AM) (Source: DCOM) (EventID: 10010) (User: HonzaPC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (09/09/2015 12:10:55 AM) (Source: DCOM) (EventID: 10010) (User: HonzaPC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (09/08/2015 05:56:57 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (09/08/2015 05:56:57 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (09/08/2015 05:56:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll

Error: (09/08/2015 05:56:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll

Error: (09/08/2015 05:56:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll

Error: (09/08/2015 05:56:19 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056

Error: (09/08/2015 05:55:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Office Software Protection Platform byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/08/2015 05:55:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Microsoft Office:
=========================
Error: (09/09/2015 12:11:07 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite2014\python\lib\distutils\command\wininst-8_d.exe

Error: (09/08/2015 06:56:03 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{42de27e2-5bc9-4a87-99a1-89cf03d419c9}\Parametr není správný. (0x80070057)

Error: (09/08/2015 06:56:02 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Windows RE toolsParametr není správný. (0x80070057)

Error: (09/08/2015 04:46:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24

Error: (09/08/2015 04:46:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23

Error: (09/08/2015 04:46:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22

Error: (09/08/2015 04:46:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21

Error: (09/08/2015 04:46:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20

Error: (09/08/2015 04:46:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19

Error: (09/08/2015 04:46:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18

CodeIntegrity:
===================================
Date: 2015-09-09 00:24:42.624
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-09 00:24:42.468
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-09 00:24:42.234
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-09 00:24:42.093
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-09 00:24:41.827
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-09 00:24:41.702
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-09 00:24:41.452
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-09 00:24:41.312
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-09 00:24:41.062
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-09 00:24:40.921
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3537U CPU @ 2.00GHz
Percentage of memory in use: 24%
Total physical RAM: 7813.53 MB
Available physical RAM: 5894.4 MB
Total Virtual: 9029.54 MB
Available Virtual: 7223.46 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:215.39 GB) (Free:10.36 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: F6E488FF)

Partition: GPT.

==================== End of Addition.txt ============================

#4 Příspěvek od **Rudy** » 12 zář 2015 18:34

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
SearchScopes: HKU\S-1-5-21-4034785289-3057718571-1925724539-1001 -> {6BC3C302-F956-441D-A5C3-66AB815E6A06} URL =
CHR Plugin: (Chrome PDF Viewer) - internal-pdf-viewer No File
C:\WINDOWS\system32\ApnDatabase.xml
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\honza\AppData\Roaming\E4F3.tmp
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
C:\Users\honza\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

honza.minovsky

tady to je

Fix result of Farbar Recovery Scan Tool (x64) Version:12-09-2015
Ran by honza (2015-09-12 20:12:29) Run:1
Running from C:\Users\honza\Desktop
Loaded Profiles: honza (Available Profiles: honza)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
SearchScopes: HKU\S-1-5-21-4034785289-3057718571-1925724539-1001 -> {6BC3C302-F956-441D-A5C3-66AB815E6A06} URL =
CHR Plugin: (Chrome PDF Viewer) - internal-pdf-viewer No File
C:\WINDOWS\system32\ApnDatabase.xml
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\honza\AppData\Roaming\E4F3.tmp
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
C:\Users\honza\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKU\S-1-5-21-4034785289-3057718571-1925724539-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6BC3C302-F956-441D-A5C3-66AB815E6A06}" => key removed successfully
HKCR\CLSID\{6BC3C302-F956-441D-A5C3-66AB815E6A06} => key not found.
C:\WINDOWS\system32\ApnDatabase.xml => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Users\honza\AppData\Roaming\E4F3.tmp => moved successfully
C:\ProgramData\MakeMarkerFile.exe => moved successfully
C:\Users\EasySurvey\EasySurvey.exe => moved successfully

"C:\Users\honza\AppData\Local\Temp" folder move:

Could not move "C:\Users\honza\AppData\Local\Temp" => Scheduled to move on reboot.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-09-12 20:13:32)<=

C:\Users\honza\AppData\Local\Temp => moved successfully

==== End of Fixlog 20:13:32 ====

#6 Příspěvek od **Rudy** » 12 zář 2015 19:32

Smazáno. Nastala nějaká změna?

honza.minovsky

Itunes - přehrávání hudby , 3 videa na YT a Facebook najednou , a využití cpu cca 20% , to je už možná trochu adekvátní.
Nechám tomu den, dva na zkoušku a dám vědět.

každopádně zatím moc děkuju za váš čas

#8 Příspěvek od **Rudy** » 12 zář 2015 20:40

20% je obvykle normál. Nechám to tu otevřené. Zatím není zač!

honza.minovsky

Tak po pár dnech se to jeví jako že lepší

ještě jednou díky za pomoc , vážim si toho !

téma můžete zamknout/smáznout.

s pozdravem Honza M.

#10 Příspěvek od **Rudy** » 15 zář 2015 16:37

Rádo se stalo!

VIRY.CZ

Nadměrné využití CPU (Google Chrome..) , log

Nadměrné využití CPU (Google Chrome..) , log

Re: Nadměrné využití CPU (Google Chrome..) , log

Re: Nadměrné využití CPU (Google Chrome..) , log

Re: Nadměrné využití CPU (Google Chrome..) , log

Re: Nadměrné využití CPU (Google Chrome..) , log

Re: Nadměrné využití CPU (Google Chrome..) , log

Re: Nadměrné využití CPU (Google Chrome..) , log

Re: Nadměrné využití CPU (Google Chrome..) , log

Re: Nadměrné využití CPU (Google Chrome..) , log

Re: Nadměrné využití CPU (Google Chrome..) , log