VIRY.CZ

Ahoj, můj NTB mi tak trochu vaří při větší zátěži. Předpokládám nějakou havěť. Můžete mi prosím pomoci?

FRTS:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-01-2015
Ran by Zuza (2016-01-17 19:08:40)
Running from C:\Users\Zuza\Desktop
Windows 8.1 (X64) (2015-01-10 23:07:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3291223764-2626844367-1379447934-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-3291223764-2626844367-1379447934-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3291223764-2626844367-1379447934-1004 - Limited - Enabled)
Zuza (S-1-5-21-3291223764-2626844367-1379447934-1005 - Administrator - Enabled) => C:\Users\Zuza

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 8.0 (Enabled - Out of date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Out of date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

«The Sims 3 Deluxe Edition» (build 9.0) (HKLM-x32\...\«The Sims 3 Deluxe Edition»_is1) (Version: - R.G. Catalyst)
µTorrent (HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.0.0.74 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{5BB304EB-8E5B-0F2D-66FA-6603D9BB3232}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CrystalDiskInfo 6.2.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.2.2 - Crystal Dew World)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3.4503 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3228 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.5.3304 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3305 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2.3302 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ESET Smart Security (HKLM\...\{E4BA35A7-9715-4405-951E-E60B4ED0C7B0}) (Version: 8.0.312.3 - ESET, spol s r. o.)
File Association Helper (HKLM\...\{C168639F-5810-4EC8-B1E8-0251AA8A771C}) (Version: 1.2.225.65451 - WinZip Computing International, LLC)
Fotogaléria (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.60.713 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.60.713 - DVDVideoSoft Ltd.)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.67.5221 - Gretech Corporation)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{394B14EA-B072-4440-9510-87797CB12371}) (Version: 2.20.21 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{4525FF56-E096-42F4-BB64-52AAA8B3D893}) (Version: 1.1.1.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7127.4628 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.54 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{3AF15EEA-8EDF-4393-BB6C-CF8A9986486A}) (Version: 7.3.35.20 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{7A75E042-0D30-43C2-BD2A-684F4BE38FF7}) (Version: 2.3.1 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.00.54 - Softex Inc.) Hidden
Inst5676 (Version: 8.00.54 - Softex Inc.) Hidden
Keyword Expander (HKLM-x32\...\{C5B3D2C3-C883-4325-9B3B-0D406E9D52E9}) (Version: 1.5 - Latshaw Systems)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware verze 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 15.0.4779.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.4 (x86 cs) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 cs)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.0.1 - Nikon)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Název společnosti:)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Pharaoh Gold Bundle (HKLM-x32\...\Pharaoh Gold Bundle_is1) (Version: - GOG.com)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.2 - Nikon)
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Ralink Bluetooth Stack64 (HKLM\...\{8A69F02D-A72B-AEE6-1CD3-6B05B9F9DD83}) (Version: 11.0.742.0 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.34.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.2 - Synaptics Incorporated)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.55.4 - Electronic Arts)
The Sims™ 3 Diesel Каталог (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Katy Perry Сладкие радости (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
The Sims™ 3 В сумерках (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
The Sims™ 3 Времена года (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Все возрасты (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Городская жизнь Каталог (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 Изысканная спальня Каталог (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Карьера (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.10.1 - Electronic Arts)
The Sims™ 3 Мир приключений (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.9.10 - Electronic Arts)
The Sims™ 3 Отдых на природе Каталог (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.3.2 - Electronic Arts)
The Sims™ 3 Питомцы (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Райские острова (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Сверхъестественное (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Скоростной режим Каталог (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.8.1 - Electronic Arts)
The Sims™ 3 Современная роскошь Каталог (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.9.6 - Electronic Arts)
The Sims™ 3 Стильные 70-е, 80-е, 90-е Каталог (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
The Sims™ 3 Студенческая жизнь (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 Шоу-бизнес (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
ViewNX 2 (HKLM-x32\...\{DDD62492-32A7-412B-8AF1-2CF032AD42E3}) (Version: 2.1.2 - Nikon)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinZip 19.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E4}) (Version: 19.0.11293 - WinZip Computing, S.L. )
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3291223764-2626844367-1379447934-1005_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05D6142E-A6DB-45DE-8FD7-091A395BD561} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {063DCE88-A2C9-4CB5-915D-D8F43840F053} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET Smart Security 8.0\upgrade.exe [2015-11-23] (ESET)
Task: {1538587E-44EF-4CF4-93A6-BF42EE20905D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-29] (Microsoft Corporation)
Task: {25E294A4-FFD2-4C2A-82FC-6FDFF8FBF7D6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-29] (Microsoft Corporation)
Task: {27155E5D-6736-4877-AD5A-5C98D1F9EB20} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-09-10] (Hewlett-Packard Development Company, L.P.)
Task: {2BF7782E-5A91-436A-85F8-93F0BABC6176} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-29] (Hewlett-Packard Company)
Task: {33EAAFE0-7613-4E63-97F9-5B7B09E2395C} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-07-26] (Synaptics Incorporated)
Task: {3711BE62-C3BA-44B4-9A3A-AC4942A1088D} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-01] (Adobe Systems Incorporated)
Task: {4C260C7D-377E-4585-A68F-0F5E6CC847CD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {4E0EEA23-1C19-41E5-A58F-90BB442EC8FA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-29] (Hewlett-Packard Company)
Task: {675A9936-25D8-438E-AE00-01EDBBE5B7BC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-15] (Google Inc.)
Task: {71B0D8D9-6A6D-4DCA-87BA-83D9E3742C3E} - System32\Tasks\GoogleUpdateTaskMachineCore1d091a3ee349dc7 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-15] (Google Inc.)
Task: {74875697-4FBC-41EE-BBCC-34440EB7C0E0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-12-15] (Microsoft Corporation)
Task: {89A0DC72-1947-4F8C-B075-529FDCA6CD86} - System32\Tasks\{C984E9F4-0B7F-4402-9CC3-7231C2C6C56B} => pcalua.exe -a "C:\Users\Zuza\Desktop\Sardínie fotky\DTLiteInstaller.exe" -d "C:\Users\Zuza\Desktop\Sardínie fotky"
Task: {99F5F7E5-6014-4756-9A25-45C902388AE5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {9F777252-539C-43CA-91DF-AF27A176D7A3} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bfe988cd2205 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-15] (Google Inc.)
Task: {AEFCEDC8-218B-428D-9F76-DC46D389F96B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {B09DF2F9-EA6F-4698-811D-C36490F81D1B} - System32\Tasks\GoogleUpdateTaskMachineCore1d049397e7a775b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-15] (Google Inc.)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {D45EB010-CB30-430F-AC09-43B631C5766A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-15] (Google Inc.)
Task: {DC6C8820-F01E-401A-A8F7-5160CEC13C63} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {DEBCFA59-78DD-4F70-99A0-36B9658FF577} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {ECF22F6B-5CB9-428E-AB03-0E794985A30B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {F4ED0168-253D-422A-B27E-D29CCDEB395C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-29] (Hewlett-Packard Company)
Task: {F5502C00-B17E-423A-98F1-320BAF182ADC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-14] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d049397e7a775b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d091a3ee349dc7.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bfe988cd2205.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2013-09-26 10:26 - 2013-09-26 10:26 - 00109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
2013-09-26 10:32 - 2013-09-26 10:32 - 00627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll
2013-09-26 10:28 - 2013-09-26 10:28 - 02540544 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2013-09-26 10:25 - 2013-09-26 10:25 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2013-09-26 10:25 - 2013-09-26 10:25 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2013-09-26 10:25 - 2013-09-26 10:25 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2013-09-26 10:39 - 2013-09-26 10:39 - 00306064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2013-09-26 10:39 - 2013-09-26 10:39 - 01298832 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2009-09-01 05:31 - 2009-09-01 05:31 - 00022016 _____ () C:\WINDOWS\System32\ssp2ml6.dll
2013-09-25 06:48 - 2013-09-25 06:48 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-01-15 18:56 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-04-16 16:42 - 2015-04-16 16:42 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2013-09-26 10:34 - 2013-09-26 10:34 - 00064000 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2015-04-16 16:41 - 2015-04-16 16:41 - 05842080 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2013-09-25 06:48 - 2013-09-25 06:48 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-04-01 10:09 - 2015-04-01 10:09 - 01064688 _____ () C:\Users\Zuza\AppData\Local\Temp\AppDownloader.exe
2015-04-28 21:36 - 2014-09-09 12:30 - 00603648 _____ () C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2013-11-27 18:27 - 2013-08-05 08:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 15:48 - 2013-08-05 15:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-04-20 06:16 - 2015-04-20 06:16 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-04-20 06:16 - 2015-04-20 06:16 - 00746672 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libglesv2.dll
2015-04-20 06:16 - 2015-04-20 06:16 - 00136368 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libegl.dll
2016-01-17 18:33 - 2016-01-17 18:33 - 00011264 _____ () C:\Users\Zuza\AppData\Local\Temp\nsx6F5C.tmp\System.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\...\sharepoint.com -> hxxps://ujak.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Zuza\Desktop\hi_there-wallpaper-1366x768.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{61FA4604-84E8-4939-9F8B-23CA6C541AFC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3C6E7C2B-3992-4C05-94EB-C3E7F3756247}] => (Allow) LPort=2869
FirewallRules: [{B276876D-B012-4701-B7A7-CEC1BDC86B40}] => (Allow) LPort=1900
FirewallRules: [{30D12ACB-BFF2-44B9-A281-45D3FB45ABE2}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{DFF66B1B-6367-47E3-8EC6-7C6F5A53001E}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{288654A0-5AA2-40DC-AAEC-9C5000F5B67F}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{89AE7FBF-6982-4B60-91AC-E45C7F2F92C1}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{13DBE631-DFB6-4DCE-A90B-DD39843AC33B}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{1A21C8D3-F846-4248-8EEE-DA70DFFAF860}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{9D9BA229-E960-4F83-BA20-8C2B1E5CC197}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8D3E47FC-3B05-4D35-90B0-88F7BF0A9DE1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9B15532D-0859-429E-8117-A2CDB6BB8EC0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E22BC07A-8402-4F68-B5B1-82C04F1B1AE9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7C606D7D-BFEB-4162-A508-068DBCA07891}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{18D34B68-C711-4FB0-BD19-AE2DC78DBE4D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{E315E153-5801-4454-9F33-0F6EAC90C0F7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{D1959196-73CE-4FAB-9EE1-3F88AF7232D3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{A3B289DA-7233-4D46-B049-14A00460ACA8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{26494C08-C161-4E2E-8CDC-F0B24FD83F0F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{5402C83C-C0A1-4F9D-9D0F-C16B92F086A9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3A1DB34B-53C5-4FC7-AB4D-A297F5CDD3F3}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{DE2BC018-905E-4E58-BF3D-7869A67C46DD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{5CA1EE45-1956-4D65-8481-B6FCBB3DB6DB}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{54D228EF-7F41-465C-8A51-717B5E5F8C19}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{CBFF8EBD-5500-4AA0-9CDE-33D849BE7FCA}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{2318365F-7986-45DB-A59C-FDF24D928212}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{6ECC6400-F2A3-4EF6-92A5-5BB9A1C607C6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FDA96AF1-08F3-4FBD-B0EC-087067FA920A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{60827C71-653B-4358-92DC-32073AADBB14}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [{6B0F16DD-9075-44D5-AFEE-1D083404DB6F}] => (Allow) C:\Users\Zuza\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E887331F-23B7-4F80-B85C-E44D9F0CF364}] => (Allow) C:\Users\Zuza\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C2D8BB19-1BF4-4780-99C0-8733B86EA54D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{91759883-34FE-4C13-8715-65C6E1521777}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5764A7D3-EC09-4F18-8FE4-A67FE179104E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{0C4C16C6-4B9C-4651-BFA0-78765F5ECE98}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{E224C277-F83D-4761-BB4B-93FA696C73F0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{826A453F-1640-4C2B-92D4-161D4132545C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{2D53051B-9A76-4BF4-89FA-9935FAF69B4B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

02-01-2016 12:55:14 Windows Update
10-01-2016 03:01:23 Naplánovaný kontrolní bod
14-01-2016 21:43:06 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/17/2016 12:28:48 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -2143485936

Error: (01/17/2016 12:28:48 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {FAA5F710-A726-4CC0-B88C-7BA12151B3D9}

Error: (01/17/2016 12:28:48 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {FAA5F710-A726-4CC0-B88C-7BA12151B3D9}

Error: (01/13/2016 10:40:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1516

Error: (01/13/2016 10:40:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1516

Error: (01/13/2016 10:40:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/11/2016 11:31:59 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (01/11/2016 09:30:28 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (01/10/2016 11:19:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3031

Error: (01/10/2016 11:19:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3031


System errors:
=============
Error: (01/17/2016 01:58:48 PM) (Source: DCOM) (EventID: 10010) (User: Petík)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (01/17/2016 01:58:17 PM) (Source: DCOM) (EventID: 10010) (User: Petík)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (01/17/2016 01:33:14 PM) (Source: DCOM) (EventID: 10010) (User: Petík)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (01/17/2016 01:32:44 PM) (Source: DCOM) (EventID: 10010) (User: Petík)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (01/16/2016 12:13:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CyberLink PowerDVD 12 Media Server Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/15/2016 11:42:21 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby HPWMISVC bylo dosaženo časového limitu (30000 ms).

Error: (01/15/2016 11:41:51 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby HPWMISVC bylo dosaženo časového limitu (30000 ms).

Error: (01/15/2016 03:30:09 AM) (Source: DCOM) (EventID: 10010) (User: Petík)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (01/15/2016 03:29:39 AM) (Source: DCOM) (EventID: 10010) (User: Petík)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (01/14/2016 09:43:56 PM) (Source: DCOM) (EventID: 10010) (User: Petík)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


==================== Memory info ===========================

Processor: AMD A10-4655M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 31%
Total physical RAM: 7366.26 MB
Available physical RAM: 5055.35 MB
Total Virtual: 8518.26 MB
Available Virtual: 6002.73 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:916.68 GB) (Free:516.79 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:14.06 GB) (Free:1.43 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (NIKON D5100) (Removable) (Total:14.83 GB) (Free:0.61 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: C04548ED)

Partition: GPT.

========================================================
Disk: 1 (Size: 14.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================




Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-01-2015
Ran by Zuza (administrator) on PETÍK (17-01-2016 19:06:46)
Running from C:\Users\Zuza\Desktop
Loaded Profiles: Zuza (Available Profiles: Zuza & Administrator)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(AMD) C:\Windows\System32\atieclxx.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(BitTorrent Inc.) C:\Users\Zuza\AppData\Roaming\uTorrent\uTorrent.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(BitTorrent Inc.) C:\Users\Zuza\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(BitTorrent Inc.) C:\Users\Zuza\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Disc Soft Ltd.) C:\Users\Zuza\Desktop\Sardínie fotky\DTLiteInstaller.exe
() C:\Users\Zuza\AppData\Local\Temp\AppDownloader.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-20] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2755640 2013-09-26] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-09-26] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-09-26] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2013-07-26] (Synaptics Incorporated)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-03-30] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-02] (CyberLink Corp.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [619008 2010-05-25] (Nikon Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2584240 2015-04-20] (Adobe Systems Incorporated)
HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\...\Run: [uTorrent] => C:\Users\Zuza\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-12-01] (BitTorrent Inc.)
HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{96FF67F8-899D-4558-94CF-09C06FFDE8C0}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{B22CE238-12EE-43E1-B0B2-463C560EFDA8}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcomp ... 0315__yaie
HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
SearchScopes: HKLM -> {EF4A2C97-65E2-41C5-A0EF-AC2A58B60CF9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {EF4A2C97-65E2-41C5-A0EF-AC2A58B60CF9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3291223764-2626844367-1379447934-1005 -> DefaultScope {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10099_swoc_campaign_150315__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3291223764-2626844367-1379447934-1005 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10099_swoc_campaign_150315__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3291223764-2626844367-1379447934-1005 -> {EF4A2C97-65E2-41C5-A0EF-AC2A58B60CF9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Zuza\AppData\Roaming\Mozilla\Firefox\Profiles\5n3v0ama.default
FF NewTab: hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcomp ... 0315__yaff
FF SelectedSearchEngine: Yahoo
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-01] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-04-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-01] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-04-20] (Adobe Systems)
FF SearchPlugin: C:\Users\Zuza\AppData\Roaming\Mozilla\Firefox\Profiles\5n3v0ama.default\searchplugins\google-default.xml [2015-03-16]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-29]
CHR Extension: (Dokumenty Google) - C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-29]
CHR Extension: (Disk Google) - C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-29]
CHR Extension: (YouTube) - C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-29]
CHR Extension: (Vyhledávání Google) - C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-29]
CHR Extension: (Tabulky Google) - C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-01]
CHR Extension: (Peněženka Google) - C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-29]
CHR Extension: (Gmail) - C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-29]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-25] (Advanced Micro Devices, Inc.) [File not signed]
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-09-26] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2802360 2015-11-24] (Microsoft Corporation)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-05] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-05] (CyberLink)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-08-29] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Development Company, L.P.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-09-26] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-22] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-23] (Advanced Micro Devices)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [222280 2015-03-10] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [64208 2015-03-10] (ESET)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-02] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290008 2013-07-05] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-07-26] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [34544 2013-07-26] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-17 19:06 - 2016-01-17 19:07 - 00021479 _____ C:\Users\Zuza\Desktop\FRST.txt
2016-01-17 19:06 - 2016-01-17 19:06 - 00000000 ____D C:\Users\Zuza\Desktop\FRST-OlderVersion
2016-01-17 18:38 - 2016-01-17 18:38 - 00000000 ____D C:\Users\Zuza\AppData\Roaming\DAEMON Tools Lite
2016-01-17 18:38 - 2016-01-17 18:38 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-01-17 18:35 - 2016-01-17 18:36 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-01-17 18:33 - 2016-01-17 18:33 - 00003186 _____ C:\WINDOWS\System32\Tasks\{C984E9F4-0B7F-4402-9CC3-7231C2C6C56B}
2016-01-17 13:20 - 2016-01-17 13:20 - 00000000 ____D C:\Sierra
2016-01-17 13:19 - 2016-01-17 13:19 - 00002034 _____ C:\Users\Public\Desktop\Pharaoh Gold.lnk
2016-01-17 13:19 - 2016-01-17 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-01-17 13:18 - 2016-01-17 13:18 - 00000000 ____D C:\Program Files (x86)\GOG.com
2016-01-15 23:41 - 2016-01-17 12:16 - 00000000 ____D C:\Users\Zuza\AppData\LocalLow\uTorrent
2016-01-14 21:24 - 2015-12-11 05:38 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-14 21:24 - 2015-12-11 05:00 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-14 21:24 - 2015-12-11 04:55 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-14 21:24 - 2015-12-11 04:50 - 20367360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-14 21:24 - 2015-12-11 04:45 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-14 21:24 - 2015-12-11 04:21 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-14 21:24 - 2015-12-11 04:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-01-14 21:24 - 2015-12-11 04:09 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-01-14 21:24 - 2015-12-11 04:09 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-14 21:24 - 2015-12-11 04:03 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-01-14 21:24 - 2015-12-11 03:59 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-14 21:24 - 2015-12-11 03:43 - 04610560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-14 21:24 - 2015-12-11 03:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-01-14 21:24 - 2015-12-11 03:38 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-01-14 21:24 - 2015-12-11 03:37 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-14 21:24 - 2015-12-11 03:35 - 12856320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-01-14 21:24 - 2015-12-11 03:26 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-01-14 21:24 - 2015-12-11 03:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-01-14 21:24 - 2015-12-11 03:12 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-01-14 21:24 - 2015-12-11 03:08 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-01-14 21:24 - 2015-12-11 03:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-01-14 21:23 - 2015-12-30 20:32 - 07453016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-14 21:23 - 2015-12-30 20:32 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-01-14 21:23 - 2015-12-30 20:32 - 01499912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-01-14 21:23 - 2015-12-10 01:40 - 00033456 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-01-14 21:23 - 2015-12-07 11:56 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 01798480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00498472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-01-14 21:23 - 2015-12-04 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-14 21:23 - 2015-12-03 20:42 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-01-14 21:23 - 2015-12-03 20:42 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-01-14 21:23 - 2015-12-03 20:42 - 00137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2016-01-14 21:23 - 2015-12-03 20:42 - 00106960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-01-14 21:23 - 2015-12-03 20:41 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-01-14 21:23 - 2015-12-03 19:52 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-01-14 21:23 - 2015-12-03 19:52 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2016-01-14 21:23 - 2015-12-03 19:52 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-01-14 21:23 - 2015-12-03 19:28 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-01-14 21:23 - 2015-12-03 19:28 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-01-14 21:23 - 2015-12-03 19:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-14 21:23 - 2015-12-03 19:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-14 21:23 - 2015-12-03 19:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-14 21:23 - 2015-12-03 19:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-14 21:23 - 2015-12-03 19:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-14 21:23 - 2015-12-03 18:58 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
2016-01-14 21:23 - 2015-12-03 18:51 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-01-14 21:23 - 2015-12-03 18:36 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-14 21:23 - 2015-12-03 18:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-14 21:23 - 2015-12-03 18:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-14 21:23 - 2015-12-03 18:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-14 21:23 - 2015-12-03 18:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-01-14 21:23 - 2015-12-03 18:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-14 21:23 - 2015-12-03 18:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-01-14 21:23 - 2015-12-03 18:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-01-14 21:23 - 2015-12-03 18:13 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-01-14 21:23 - 2015-12-03 18:07 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-14 21:23 - 2015-12-03 18:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-14 21:23 - 2015-12-03 18:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-01-14 21:23 - 2015-12-03 17:45 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-14 21:23 - 2015-12-03 17:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-14 21:23 - 2015-12-03 17:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-14 21:23 - 2015-12-02 16:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-14 21:23 - 2015-12-02 16:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-14 21:23 - 2015-11-17 22:07 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-14 21:23 - 2015-11-17 22:07 - 01164800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-14 21:23 - 2015-11-17 22:07 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-14 21:23 - 2015-11-17 22:07 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-14 21:23 - 2015-11-17 22:07 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-14 21:23 - 2015-11-17 22:07 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-14 21:23 - 2015-11-17 22:07 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-01-14 21:22 - 2015-12-08 20:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-14 21:22 - 2015-12-08 20:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-08 20:28 - 2016-01-08 20:28 - 00000000 ____D C:\Users\Zuza\Desktop\Nová složka (2)
2016-01-07 22:12 - 2016-01-15 23:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-04 19:58 - 2016-01-04 20:15 - 00012098 _____ C:\Users\Zuza\Desktop\Splácení auta.xlsx
2015-12-21 21:44 - 2015-12-23 00:48 - 00000000 ____D C:\Users\Zuza\Desktop\Pro babičkku

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-17 19:08 - 2015-01-11 22:50 - 00000000 ____D C:\Users\Zuza\AppData\Roaming\uTorrent
2016-01-17 19:07 - 2015-01-31 10:56 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-17 19:06 - 2015-07-16 18:04 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bfe988cd2205.job
2016-01-17 19:06 - 2015-01-10 23:24 - 00000000 ____D C:\FRST
2016-01-17 19:06 - 2015-01-10 23:23 - 02370560 _____ (Farbar) C:\Users\Zuza\Desktop\FRST64.exe
2016-01-17 19:03 - 2015-01-11 10:49 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-01-17 18:45 - 2015-01-11 00:21 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3291223764-2626844367-1379447934-1005
2016-01-17 18:31 - 2015-09-12 15:04 - 00000000 ____D C:\Users\Zuza\Desktop\Sardínie fotky
2016-01-17 14:25 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2016-01-17 14:15 - 2015-08-25 18:56 - 00000000 ____D C:\Users\Zuza\Desktop\Sardinie filmy
2016-01-17 14:15 - 2015-05-29 16:56 - 00000000 ____D C:\Users\Zuza\Downloads\Nové stahování 5
2016-01-17 13:19 - 2015-01-11 00:09 - 00000000 ____D C:\Users\Zuza\AppData\Local\VirtualStore
2016-01-17 13:01 - 2013-10-19 00:10 - 00768392 _____ C:\WINDOWS\system32\perfh005.dat
2016-01-17 13:01 - 2013-10-19 00:10 - 00166490 _____ C:\WINDOWS\system32\perfc005.dat
2016-01-17 13:01 - 2013-08-26 07:09 - 01883040 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-17 13:01 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-01-17 12:17 - 2015-01-14 20:20 - 00000000 ____D C:\Users\Zuza\AppData\Local\Adobe
2016-01-17 12:17 - 2014-08-29 07:06 - 00000000 ____D C:\Users\Zuza\Documents\Youcam
2016-01-15 23:39 - 2015-05-27 20:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-15 23:39 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-15 23:39 - 2013-08-22 15:44 - 05115656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-15 23:38 - 2015-05-27 20:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-15 23:38 - 2015-01-11 00:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-15 07:15 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-15 07:14 - 2015-01-17 01:14 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2016-01-15 07:14 - 2015-01-17 01:14 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-15 02:07 - 2015-05-29 16:44 - 00002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-14 22:29 - 2014-08-29 07:05 - 00000000 ____D C:\Users\Zuza\AppData\Local\Packages
2016-01-14 21:52 - 2015-05-27 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-14 21:52 - 2013-08-22 16:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-14 21:49 - 2015-01-12 20:24 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-14 21:44 - 2015-01-12 20:24 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-12 20:08 - 2015-09-29 18:47 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-12 20:07 - 2015-09-29 18:47 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-11 22:22 - 2015-11-30 22:23 - 00003348 _____ C:\WINDOWS\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2016-01-05 21:04 - 2015-01-13 20:27 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-05 21:04 - 2015-01-13 20:27 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-03 19:03 - 2014-11-24 19:42 - 00000000 ____D C:\Users\Zuza\Desktop\Magisterské
2016-01-01 23:07 - 2015-01-31 10:56 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-12-30 22:14 - 2015-01-11 00:11 - 00000000 ____D C:\Users\Zuza\AppData\Local\CyberLink
2015-12-30 22:14 - 2013-11-27 18:23 - 00000000 ____D C:\ProgramData\CyberLink
2015-12-30 17:12 - 2015-08-25 18:10 - 00000000 ____D C:\Users\Zuza\Desktop\Hudba Sardinie
2015-12-29 20:35 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-20 19:40 - 2015-04-04 07:31 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-12-20 19:40 - 2015-04-04 07:31 - 00000000 ___SD C:\WINDOWS\system32\GWX

==================== Files in the root of some directories =======

2015-04-19 20:11 - 2015-04-19 20:54 - 0000132 _____ () C:\Users\Zuza\AppData\Roaming\Adobe Formát BMP CS6 – předvolby
2015-04-19 20:36 - 2015-04-19 20:36 - 0000132 _____ () C:\Users\Zuza\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2015-04-03 19:29 - 2015-04-03 19:29 - 0000268 ___RH () C:\Users\Zuza\AppData\Roaming\Guides
2015-04-03 19:29 - 2015-04-03 19:29 - 0000268 ___RH () C:\Users\Zuza\AppData\Roaming\Guitar
2015-04-03 19:29 - 2015-04-03 19:29 - 0000268 ___RH () C:\Users\Zuza\AppData\Roaming\Guitars
2015-07-01 21:04 - 2015-07-01 21:08 - 0001480 _____ () C:\Users\Zuza\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2015-04-03 19:29 - 2015-04-03 19:29 - 0000268 ___RH () C:\ProgramData\Halftone
2015-04-03 19:29 - 2015-04-03 19:29 - 0000268 ___RH () C:\ProgramData\Help
2015-04-03 19:29 - 2015-04-03 19:29 - 0000268 ___RH () C:\ProgramData\Helper Scripts
2015-04-03 19:29 - 2015-04-03 19:29 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2015-04-03 19:29 - 2015-04-03 19:29 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2015-04-03 19:29 - 2015-04-03 19:29 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT

Some files in TEMP:
====================
C:\Users\Zuza\AppData\Local\Temp\AppDownloader.exe
C:\Users\Zuza\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Zuza\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Zuza\AppData\Local\Temp\InstHelper.exe
C:\Users\Zuza\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Zuza\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Zuza\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Zuza\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Zuza\AppData\Local\Temp\setup.exe
C:\Users\Zuza\AppData\Local\Temp\SetupO365ProPlusRetail.x86.cs-CZ_O365ProPlusRetail_DNK9M-3CKHP-DDRMD-YBHHG-CGWGP_act_1_.exe
C:\Users\Zuza\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Zuza\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Zuza\AppData\Local\Temp\sfamcc00003.dll
C:\Users\Zuza\AppData\Local\Temp\sfamcc00004.dll
C:\Users\Zuza\AppData\Local\Temp\sfextra.dll
C:\Users\Zuza\AppData\Local\Temp\SpOrder.dll
C:\Users\Zuza\AppData\Local\Temp\utt25F5.tmp.exe
C:\Users\Zuza\AppData\Local\Temp\uttB216.tmp.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-17 13:32

==================== End of FRST.txt ============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Hotovo, přeposílám log:

# AdwCleaner v5.029 - Logfile created 17/01/2016 at 21:38:26
# Updated 11/01/2016 by Xplode
# Database : 2016-01-15.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Zuza - PETÍK
# Running from : C:\Users\Zuza\Desktop\Sardínie fotky\adwcleaner_5.029.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\_acestream_cache_
[-] Folder Deleted : C:\Users\Zuza\AppData\LocalLow\.acestream
[-] Folder Deleted : C:\Users\Zuza\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\Zuza\AppData\Roaming\RPEng

***** [ Files ] *****

[-] File Deleted : C:\WINDOWS\SysWOW64\lavasofttcpservice.dll

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C168639F-5810-4EC8-B1E8-0251AA8A771C}

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1902 bytes] ##########

Dejte nový log FRST.

Děkuji,, posílám

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-01-2015
Ran by Zuza (administrator) on PETÍK (17-01-2016 22:28:02)
Running from C:\Users\Zuza\Desktop
Loaded Profiles: Zuza (Available Profiles: Zuza & Administrator)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(BitTorrent Inc.) C:\Users\Zuza\AppData\Roaming\uTorrent\uTorrent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(BitTorrent Inc.) C:\Users\Zuza\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(BitTorrent Inc.) C:\Users\Zuza\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-20] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2755640 2013-09-26] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-09-26] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-09-26] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2013-07-26] (Synaptics Incorporated)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-03-30] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-02] (CyberLink Corp.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [619008 2010-05-25] (Nikon Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2584240 2015-04-20] (Adobe Systems Incorporated)
HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\...\Run: [uTorrent] => C:\Users\Zuza\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-12-01] (BitTorrent Inc.)
HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{96FF67F8-899D-4558-94CF-09C06FFDE8C0}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{B22CE238-12EE-43E1-B0B2-463C560EFDA8}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcomp ... 0315__yaie
HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
SearchScopes: HKLM -> {EF4A2C97-65E2-41C5-A0EF-AC2A58B60CF9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {EF4A2C97-65E2-41C5-A0EF-AC2A58B60CF9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3291223764-2626844367-1379447934-1005 -> DefaultScope {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10099_swoc_campaign_150315__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3291223764-2626844367-1379447934-1005 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10099_swoc_campaign_150315__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3291223764-2626844367-1379447934-1005 -> {EF4A2C97-65E2-41C5-A0EF-AC2A58B60CF9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Zuza\AppData\Roaming\Mozilla\Firefox\Profiles\5n3v0ama.default
FF NewTab: hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcomp ... 0315__yaff
FF SelectedSearchEngine: Yahoo
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-01] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-04-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-01] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-04-20] (Adobe Systems)
FF SearchPlugin: C:\Users\Zuza\AppData\Roaming\Mozilla\Firefox\Profiles\5n3v0ama.default\searchplugins\google-default.xml [2015-03-16]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-29]
CHR Extension: (Dokumenty Google) - C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-29]
CHR Extension: (Disk Google) - C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-29]
CHR Extension: (YouTube) - C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-29]
CHR Extension: (Vyhledávání Google) - C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-29]
CHR Extension: (Tabulky Google) - C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-01]
CHR Extension: (Peněženka Google) - C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-29]
CHR Extension: (Gmail) - C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-29]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-25] (Advanced Micro Devices, Inc.) [File not signed]
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-09-26] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2802360 2015-11-24] (Microsoft Corporation)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-05] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-05] (CyberLink)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-08-29] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Development Company, L.P.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-09-26] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-22] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-23] (Advanced Micro Devices)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [222280 2015-03-10] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [64208 2015-03-10] (ESET)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-02] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290008 2013-07-05] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-07-26] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [34544 2013-07-26] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-17 21:32 - 2016-01-17 21:38 - 00000000 ____D C:\AdwCleaner
2016-01-17 19:06 - 2016-01-17 22:28 - 00021348 _____ C:\Users\Zuza\Desktop\FRST.txt
2016-01-17 19:06 - 2016-01-17 19:06 - 00000000 ____D C:\Users\Zuza\Desktop\FRST-OlderVersion
2016-01-17 18:38 - 2016-01-17 18:38 - 00000000 ____D C:\Users\Zuza\AppData\Roaming\DAEMON Tools Lite
2016-01-17 18:38 - 2016-01-17 18:38 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-01-17 18:35 - 2016-01-17 18:36 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-01-17 18:33 - 2016-01-17 18:33 - 00003186 _____ C:\WINDOWS\System32\Tasks\{C984E9F4-0B7F-4402-9CC3-7231C2C6C56B}
2016-01-17 13:20 - 2016-01-17 13:20 - 00000000 ____D C:\Sierra
2016-01-17 13:19 - 2016-01-17 13:19 - 00002034 _____ C:\Users\Public\Desktop\Pharaoh Gold.lnk
2016-01-17 13:19 - 2016-01-17 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-01-17 13:18 - 2016-01-17 13:18 - 00000000 ____D C:\Program Files (x86)\GOG.com
2016-01-15 23:41 - 2016-01-17 21:41 - 00000000 ____D C:\Users\Zuza\AppData\LocalLow\uTorrent
2016-01-14 21:24 - 2015-12-11 05:38 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-14 21:24 - 2015-12-11 05:00 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-14 21:24 - 2015-12-11 04:55 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-14 21:24 - 2015-12-11 04:50 - 20367360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-14 21:24 - 2015-12-11 04:45 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-14 21:24 - 2015-12-11 04:21 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-14 21:24 - 2015-12-11 04:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-01-14 21:24 - 2015-12-11 04:09 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-01-14 21:24 - 2015-12-11 04:09 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-14 21:24 - 2015-12-11 04:03 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-01-14 21:24 - 2015-12-11 03:59 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-14 21:24 - 2015-12-11 03:43 - 04610560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-14 21:24 - 2015-12-11 03:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-01-14 21:24 - 2015-12-11 03:38 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-01-14 21:24 - 2015-12-11 03:37 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-14 21:24 - 2015-12-11 03:35 - 12856320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-01-14 21:24 - 2015-12-11 03:26 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-01-14 21:24 - 2015-12-11 03:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-01-14 21:24 - 2015-12-11 03:12 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-01-14 21:24 - 2015-12-11 03:08 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-01-14 21:24 - 2015-12-11 03:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-01-14 21:23 - 2015-12-30 20:32 - 07453016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-14 21:23 - 2015-12-30 20:32 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-01-14 21:23 - 2015-12-30 20:32 - 01499912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-01-14 21:23 - 2015-12-10 01:40 - 00033456 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-01-14 21:23 - 2015-12-07 11:56 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 01798480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00498472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-14 21:23 - 2015-12-05 06:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-01-14 21:23 - 2015-12-05 06:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-01-14 21:23 - 2015-12-04 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-14 21:23 - 2015-12-03 20:42 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-01-14 21:23 - 2015-12-03 20:42 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-01-14 21:23 - 2015-12-03 20:42 - 00137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2016-01-14 21:23 - 2015-12-03 20:42 - 00106960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-01-14 21:23 - 2015-12-03 20:41 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-01-14 21:23 - 2015-12-03 19:52 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-01-14 21:23 - 2015-12-03 19:52 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2016-01-14 21:23 - 2015-12-03 19:52 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-01-14 21:23 - 2015-12-03 19:28 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-01-14 21:23 - 2015-12-03 19:28 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-01-14 21:23 - 2015-12-03 19:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-14 21:23 - 2015-12-03 19:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-14 21:23 - 2015-12-03 19:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-14 21:23 - 2015-12-03 19:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-14 21:23 - 2015-12-03 19:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-14 21:23 - 2015-12-03 18:58 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
2016-01-14 21:23 - 2015-12-03 18:51 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-01-14 21:23 - 2015-12-03 18:36 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-14 21:23 - 2015-12-03 18:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-14 21:23 - 2015-12-03 18:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-14 21:23 - 2015-12-03 18:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-14 21:23 - 2015-12-03 18:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-01-14 21:23 - 2015-12-03 18:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-14 21:23 - 2015-12-03 18:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-01-14 21:23 - 2015-12-03 18:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-01-14 21:23 - 2015-12-03 18:13 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-01-14 21:23 - 2015-12-03 18:07 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-14 21:23 - 2015-12-03 18:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-14 21:23 - 2015-12-03 18:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-01-14 21:23 - 2015-12-03 17:45 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-14 21:23 - 2015-12-03 17:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-14 21:23 - 2015-12-03 17:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-14 21:23 - 2015-12-02 16:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-14 21:23 - 2015-12-02 16:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-14 21:23 - 2015-11-17 22:07 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-14 21:23 - 2015-11-17 22:07 - 01164800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-14 21:23 - 2015-11-17 22:07 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-14 21:23 - 2015-11-17 22:07 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-14 21:23 - 2015-11-17 22:07 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-14 21:23 - 2015-11-17 22:07 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-14 21:23 - 2015-11-17 22:07 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-01-14 21:22 - 2015-12-08 20:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-14 21:22 - 2015-12-08 20:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-08 20:28 - 2016-01-08 20:28 - 00000000 ____D C:\Users\Zuza\Desktop\Nová složka (2)
2016-01-07 22:12 - 2016-01-15 23:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-04 19:58 - 2016-01-04 20:15 - 00012098 _____ C:\Users\Zuza\Desktop\Splácení auta.xlsx
2015-12-21 21:44 - 2015-12-23 00:48 - 00000000 ____D C:\Users\Zuza\Desktop\Pro babičkku

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-17 22:28 - 2015-09-12 15:04 - 00000000 ____D C:\Users\Zuza\Desktop\Sardínie fotky
2016-01-17 22:28 - 2015-01-10 23:24 - 00000000 ____D C:\FRST
2016-01-17 22:27 - 2015-01-11 22:50 - 00000000 ____D C:\Users\Zuza\AppData\Roaming\uTorrent
2016-01-17 22:07 - 2015-01-31 10:56 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-17 22:06 - 2015-07-16 18:04 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bfe988cd2205.job
2016-01-17 21:45 - 2015-01-11 10:49 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-01-17 21:41 - 2014-08-29 07:06 - 00000000 ____D C:\Users\Zuza\Documents\Youcam
2016-01-17 21:39 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-17 21:39 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-17 19:19 - 2015-01-11 00:21 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3291223764-2626844367-1379447934-1005
2016-01-17 19:09 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-17 19:06 - 2015-01-10 23:23 - 02370560 _____ (Farbar) C:\Users\Zuza\Desktop\FRST64.exe
2016-01-17 14:25 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2016-01-17 14:15 - 2015-08-25 18:56 - 00000000 ____D C:\Users\Zuza\Desktop\Sardinie filmy
2016-01-17 14:15 - 2015-05-29 16:56 - 00000000 ____D C:\Users\Zuza\Downloads\Nové stahování 5
2016-01-17 13:19 - 2015-01-11 00:09 - 00000000 ____D C:\Users\Zuza\AppData\Local\VirtualStore
2016-01-17 13:01 - 2013-10-19 00:10 - 00768392 _____ C:\WINDOWS\system32\perfh005.dat
2016-01-17 13:01 - 2013-10-19 00:10 - 00166490 _____ C:\WINDOWS\system32\perfc005.dat
2016-01-17 13:01 - 2013-08-26 07:09 - 01883040 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-17 13:01 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-01-17 12:17 - 2015-01-14 20:20 - 00000000 ____D C:\Users\Zuza\AppData\Local\Adobe
2016-01-15 23:39 - 2015-05-27 20:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-15 23:39 - 2013-08-22 15:44 - 05115656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-15 23:38 - 2015-05-27 20:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-15 23:38 - 2015-01-11 00:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-15 07:14 - 2015-01-17 01:14 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2016-01-15 07:14 - 2015-01-17 01:14 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-15 02:07 - 2015-05-29 16:44 - 00002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-14 22:29 - 2014-08-29 07:05 - 00000000 ____D C:\Users\Zuza\AppData\Local\Packages
2016-01-14 21:52 - 2015-05-27 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-14 21:52 - 2013-08-22 16:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-14 21:49 - 2015-01-12 20:24 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-14 21:44 - 2015-01-12 20:24 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-12 20:08 - 2015-09-29 18:47 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-12 20:07 - 2015-09-29 18:47 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-11 22:22 - 2015-11-30 22:23 - 00003348 _____ C:\WINDOWS\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2016-01-05 21:04 - 2015-01-13 20:27 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-05 21:04 - 2015-01-13 20:27 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-03 19:03 - 2014-11-24 19:42 - 00000000 ____D C:\Users\Zuza\Desktop\Magisterské
2016-01-01 23:07 - 2015-01-31 10:56 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-12-30 22:14 - 2015-01-11 00:11 - 00000000 ____D C:\Users\Zuza\AppData\Local\CyberLink
2015-12-30 22:14 - 2013-11-27 18:23 - 00000000 ____D C:\ProgramData\CyberLink
2015-12-30 17:12 - 2015-08-25 18:10 - 00000000 ____D C:\Users\Zuza\Desktop\Hudba Sardinie
2015-12-29 20:35 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-20 19:40 - 2015-04-04 07:31 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-12-20 19:40 - 2015-04-04 07:31 - 00000000 ___SD C:\WINDOWS\system32\GWX

==================== Files in the root of some directories =======

2015-04-19 20:11 - 2015-04-19 20:54 - 0000132 _____ () C:\Users\Zuza\AppData\Roaming\Adobe Formát BMP CS6 – předvolby
2015-04-19 20:36 - 2015-04-19 20:36 - 0000132 _____ () C:\Users\Zuza\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2015-04-03 19:29 - 2015-04-03 19:29 - 0000268 ___RH () C:\Users\Zuza\AppData\Roaming\Guides
2015-04-03 19:29 - 2015-04-03 19:29 - 0000268 ___RH () C:\Users\Zuza\AppData\Roaming\Guitar
2015-04-03 19:29 - 2015-04-03 19:29 - 0000268 ___RH () C:\Users\Zuza\AppData\Roaming\Guitars
2015-07-01 21:04 - 2015-07-01 21:08 - 0001480 _____ () C:\Users\Zuza\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2015-04-03 19:29 - 2015-04-03 19:29 - 0000268 ___RH () C:\ProgramData\Halftone
2015-04-03 19:29 - 2015-04-03 19:29 - 0000268 ___RH () C:\ProgramData\Help
2015-04-03 19:29 - 2015-04-03 19:29 - 0000268 ___RH () C:\ProgramData\Helper Scripts
2015-04-03 19:29 - 2015-04-03 19:29 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2015-04-03 19:29 - 2015-04-03 19:29 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2015-04-03 19:29 - 2015-04-03 19:29 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT

Some files in TEMP:
====================
C:\Users\Zuza\AppData\Local\Temp\AppDownloader.exe
C:\Users\Zuza\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Zuza\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Zuza\AppData\Local\Temp\InstHelper.exe
C:\Users\Zuza\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Zuza\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Zuza\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Zuza\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Zuza\AppData\Local\Temp\setup.exe
C:\Users\Zuza\AppData\Local\Temp\SetupO365ProPlusRetail.x86.cs-CZ_O365ProPlusRetail_DNK9M-3CKHP-DDRMD-YBHHG-CGWGP_act_1_.exe
C:\Users\Zuza\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Zuza\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Zuza\AppData\Local\Temp\sfamcc00003.dll
C:\Users\Zuza\AppData\Local\Temp\sfamcc00004.dll
C:\Users\Zuza\AppData\Local\Temp\sfextra.dll
C:\Users\Zuza\AppData\Local\Temp\SpOrder.dll
C:\Users\Zuza\AppData\Local\Temp\sqlite3.dll
C:\Users\Zuza\AppData\Local\Temp\utt25F5.tmp.exe
C:\Users\Zuza\AppData\Local\Temp\uttB216.tmp.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-17 13:32

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-01-2015
Ran by Zuza (2016-01-17 22:29:04)
Running from C:\Users\Zuza\Desktop
Windows 8.1 (X64) (2015-01-10 23:07:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3291223764-2626844367-1379447934-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-3291223764-2626844367-1379447934-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3291223764-2626844367-1379447934-1004 - Limited - Enabled)
Zuza (S-1-5-21-3291223764-2626844367-1379447934-1005 - Administrator - Enabled) => C:\Users\Zuza

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 8.0 (Enabled - Out of date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Out of date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

«The Sims 3 Deluxe Edition» (build 9.0) (HKLM-x32\...\«The Sims 3 Deluxe Edition»_is1) (Version: - R.G. Catalyst)
µTorrent (HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.0.0.74 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{5BB304EB-8E5B-0F2D-66FA-6603D9BB3232}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CrystalDiskInfo 6.2.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.2.2 - Crystal Dew World)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3.4503 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3228 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.5.3304 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3305 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2.3302 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ESET Smart Security (HKLM\...\{E4BA35A7-9715-4405-951E-E60B4ED0C7B0}) (Version: 8.0.312.3 - ESET, spol s r. o.)
Fotogaléria (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.60.713 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.60.713 - DVDVideoSoft Ltd.)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.67.5221 - Gretech Corporation)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{394B14EA-B072-4440-9510-87797CB12371}) (Version: 2.20.21 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{4525FF56-E096-42F4-BB64-52AAA8B3D893}) (Version: 1.1.1.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7127.4628 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.54 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{3AF15EEA-8EDF-4393-BB6C-CF8A9986486A}) (Version: 7.3.35.20 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{7A75E042-0D30-43C2-BD2A-684F4BE38FF7}) (Version: 2.3.1 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.00.54 - Softex Inc.) Hidden
Inst5676 (Version: 8.00.54 - Softex Inc.) Hidden
Keyword Expander (HKLM-x32\...\{C5B3D2C3-C883-4325-9B3B-0D406E9D52E9}) (Version: 1.5 - Latshaw Systems)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware verze 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 15.0.4779.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.4 (x86 cs) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 cs)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.0.1 - Nikon)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Název společnosti:)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Pharaoh Gold Bundle (HKLM-x32\...\Pharaoh Gold Bundle_is1) (Version: - GOG.com)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.2 - Nikon)
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Ralink Bluetooth Stack64 (HKLM\...\{8A69F02D-A72B-AEE6-1CD3-6B05B9F9DD83}) (Version: 11.0.742.0 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.34.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.2 - Synaptics Incorporated)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.55.4 - Electronic Arts)
The Sims™ 3 Diesel Каталог (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Katy Perry Сладкие радости (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
The Sims™ 3 В сумерках (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
The Sims™ 3 Времена года (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Все возрасты (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Городская жизнь Каталог (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 Изысканная спальня Каталог (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Карьера (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.10.1 - Electronic Arts)
The Sims™ 3 Мир приключений (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.9.10 - Electronic Arts)
The Sims™ 3 Отдых на природе Каталог (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.3.2 - Electronic Arts)
The Sims™ 3 Питомцы (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Райские острова (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Сверхъестественное (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Скоростной режим Каталог (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.8.1 - Electronic Arts)
The Sims™ 3 Современная роскошь Каталог (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.9.6 - Electronic Arts)
The Sims™ 3 Стильные 70-е, 80-е, 90-е Каталог (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
The Sims™ 3 Студенческая жизнь (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 Шоу-бизнес (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
ViewNX 2 (HKLM-x32\...\{DDD62492-32A7-412B-8AF1-2CF032AD42E3}) (Version: 2.1.2 - Nikon)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinZip 19.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E4}) (Version: 19.0.11293 - WinZip Computing, S.L. )
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3291223764-2626844367-1379447934-1005_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05D6142E-A6DB-45DE-8FD7-091A395BD561} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {063DCE88-A2C9-4CB5-915D-D8F43840F053} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET Smart Security 8.0\upgrade.exe [2015-11-23] (ESET)
Task: {1538587E-44EF-4CF4-93A6-BF42EE20905D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-29] (Microsoft Corporation)
Task: {25E294A4-FFD2-4C2A-82FC-6FDFF8FBF7D6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-29] (Microsoft Corporation)
Task: {27155E5D-6736-4877-AD5A-5C98D1F9EB20} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-09-10] (Hewlett-Packard Development Company, L.P.)
Task: {2BF7782E-5A91-436A-85F8-93F0BABC6176} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-29] (Hewlett-Packard Company)
Task: {33EAAFE0-7613-4E63-97F9-5B7B09E2395C} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-07-26] (Synaptics Incorporated)
Task: {3711BE62-C3BA-44B4-9A3A-AC4942A1088D} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-01] (Adobe Systems Incorporated)
Task: {4E0EEA23-1C19-41E5-A58F-90BB442EC8FA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-29] (Hewlett-Packard Company)
Task: {675A9936-25D8-438E-AE00-01EDBBE5B7BC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-15] (Google Inc.)
Task: {71B0D8D9-6A6D-4DCA-87BA-83D9E3742C3E} - System32\Tasks\GoogleUpdateTaskMachineCore1d091a3ee349dc7 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-15] (Google Inc.)
Task: {74875697-4FBC-41EE-BBCC-34440EB7C0E0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-12-15] (Microsoft Corporation)
Task: {89A0DC72-1947-4F8C-B075-529FDCA6CD86} - System32\Tasks\{C984E9F4-0B7F-4402-9CC3-7231C2C6C56B} => pcalua.exe -a "C:\Users\Zuza\Desktop\Sardínie fotky\DTLiteInstaller.exe" -d "C:\Users\Zuza\Desktop\Sardínie fotky"
Task: {8A1310D7-2B9F-4F91-B939-86FDB6C6E6EA} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {8EFC8B85-30BA-48BB-89BC-C5F10D3FC433} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {9F777252-539C-43CA-91DF-AF27A176D7A3} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bfe988cd2205 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-15] (Google Inc.)
Task: {AEFCEDC8-218B-428D-9F76-DC46D389F96B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {B09DF2F9-EA6F-4698-811D-C36490F81D1B} - System32\Tasks\GoogleUpdateTaskMachineCore1d049397e7a775b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-15] (Google Inc.)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {D45EB010-CB30-430F-AC09-43B631C5766A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-15] (Google Inc.)
Task: {DC6C8820-F01E-401A-A8F7-5160CEC13C63} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {DEBCFA59-78DD-4F70-99A0-36B9658FF577} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {ECF22F6B-5CB9-428E-AB03-0E794985A30B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {EF104FAA-E0C1-414E-9F78-5A07F539316F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-14] (Microsoft Corporation)
Task: {F4ED0168-253D-422A-B27E-D29CCDEB395C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-29] (Hewlett-Packard Company)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d049397e7a775b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d091a3ee349dc7.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bfe988cd2205.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2013-09-26 10:26 - 2013-09-26 10:26 - 00109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
2013-09-26 10:32 - 2013-09-26 10:32 - 00627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll
2013-09-26 10:28 - 2013-09-26 10:28 - 02540544 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2013-09-26 10:25 - 2013-09-26 10:25 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2013-09-26 10:25 - 2013-09-26 10:25 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2013-09-26 10:25 - 2013-09-26 10:25 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2013-09-26 10:39 - 2013-09-26 10:39 - 00306064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2013-09-26 10:39 - 2013-09-26 10:39 - 01298832 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2009-09-01 05:31 - 2009-09-01 05:31 - 00022016 _____ () C:\WINDOWS\System32\ssp2ml6.dll
2013-09-25 06:48 - 2013-09-25 06:48 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-01-15 18:56 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-04-16 16:42 - 2015-04-16 16:42 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2013-09-26 10:34 - 2013-09-26 10:34 - 00064000 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2015-04-16 16:41 - 2015-04-16 16:41 - 05842080 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2013-09-25 06:48 - 2013-09-25 06:48 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-11-27 18:27 - 2013-08-05 08:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 15:48 - 2013-08-05 15:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-04-28 21:36 - 2014-09-09 12:30 - 00603648 _____ () C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2015-04-20 06:16 - 2015-04-20 06:16 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-04-20 06:16 - 2015-04-20 06:16 - 00746672 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libglesv2.dll
2015-04-20 06:16 - 2015-04-20 06:16 - 00136368 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\...\sharepoint.com -> hxxps://ujak.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Zuza\Desktop\hi_there-wallpaper-1366x768.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{61FA4604-84E8-4939-9F8B-23CA6C541AFC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3C6E7C2B-3992-4C05-94EB-C3E7F3756247}] => (Allow) LPort=2869
FirewallRules: [{B276876D-B012-4701-B7A7-CEC1BDC86B40}] => (Allow) LPort=1900
FirewallRules: [{30D12ACB-BFF2-44B9-A281-45D3FB45ABE2}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{DFF66B1B-6367-47E3-8EC6-7C6F5A53001E}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{288654A0-5AA2-40DC-AAEC-9C5000F5B67F}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{89AE7FBF-6982-4B60-91AC-E45C7F2F92C1}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{13DBE631-DFB6-4DCE-A90B-DD39843AC33B}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{1A21C8D3-F846-4248-8EEE-DA70DFFAF860}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{9D9BA229-E960-4F83-BA20-8C2B1E5CC197}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8D3E47FC-3B05-4D35-90B0-88F7BF0A9DE1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9B15532D-0859-429E-8117-A2CDB6BB8EC0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E22BC07A-8402-4F68-B5B1-82C04F1B1AE9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7C606D7D-BFEB-4162-A508-068DBCA07891}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{18D34B68-C711-4FB0-BD19-AE2DC78DBE4D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{E315E153-5801-4454-9F33-0F6EAC90C0F7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{D1959196-73CE-4FAB-9EE1-3F88AF7232D3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{A3B289DA-7233-4D46-B049-14A00460ACA8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{26494C08-C161-4E2E-8CDC-F0B24FD83F0F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{5402C83C-C0A1-4F9D-9D0F-C16B92F086A9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3A1DB34B-53C5-4FC7-AB4D-A297F5CDD3F3}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{DE2BC018-905E-4E58-BF3D-7869A67C46DD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{5CA1EE45-1956-4D65-8481-B6FCBB3DB6DB}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{54D228EF-7F41-465C-8A51-717B5E5F8C19}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{CBFF8EBD-5500-4AA0-9CDE-33D849BE7FCA}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{2318365F-7986-45DB-A59C-FDF24D928212}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{6ECC6400-F2A3-4EF6-92A5-5BB9A1C607C6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FDA96AF1-08F3-4FBD-B0EC-087067FA920A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{60827C71-653B-4358-92DC-32073AADBB14}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [{6B0F16DD-9075-44D5-AFEE-1D083404DB6F}] => (Allow) C:\Users\Zuza\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E887331F-23B7-4F80-B85C-E44D9F0CF364}] => (Allow) C:\Users\Zuza\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C2D8BB19-1BF4-4780-99C0-8733B86EA54D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{91759883-34FE-4C13-8715-65C6E1521777}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5764A7D3-EC09-4F18-8FE4-A67FE179104E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{0C4C16C6-4B9C-4651-BFA0-78765F5ECE98}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{E224C277-F83D-4761-BB4B-93FA696C73F0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{826A453F-1640-4C2B-92D4-161D4132545C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{2D53051B-9A76-4BF4-89FA-9935FAF69B4B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

02-01-2016 12:55:14 Windows Update
10-01-2016 03:01:23 Naplánovaný kontrolní bod
14-01-2016 21:43:06 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/17/2016 12:28:48 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -2143485936

Error: (01/17/2016 12:28:48 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {FAA5F710-A726-4CC0-B88C-7BA12151B3D9}

Error: (01/17/2016 12:28:48 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {FAA5F710-A726-4CC0-B88C-7BA12151B3D9}

Error: (01/13/2016 10:40:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1516

Error: (01/13/2016 10:40:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1516

Error: (01/13/2016 10:40:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/11/2016 11:31:59 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (01/11/2016 09:30:28 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (01/10/2016 11:19:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3031

Error: (01/10/2016 11:19:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3031


System errors:
=============
Error: (01/17/2016 09:38:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (01/17/2016 09:38:52 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WSearch se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%50

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (01/17/2016 09:38:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Superfetch byla ukončena s následující chybou:
%%1062

Error: (01/17/2016 09:38:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Software Framework Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/17/2016 09:38:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Support Assistant Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (01/17/2016 09:38:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (01/17/2016 09:38:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HPWMISVC byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/17/2016 09:38:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office ClickToRun byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (01/17/2016 09:38:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bonjour Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/17/2016 09:38:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD FUEL Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


==================== Memory info ===========================

Processor: AMD A10-4655M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 29%
Total physical RAM: 7366.26 MB
Available physical RAM: 5203.45 MB
Total Virtual: 8518.26 MB
Available Virtual: 6237.2 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:916.68 GB) (Free:521.89 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:14.06 GB) (Free:1.43 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (NIKON D5100) (Removable) (Total:14.83 GB) (Free:0.61 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: C04548ED)

Partition: GPT.

========================================================
Disk: 1 (Size: 14.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\...\Run: [AdobeBridge] => [X]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bfe988cd2205.job
C:\Users\Zuza\AppData\Local\Temp
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d049397e7a775b.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d091a3ee349dc7.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
IE trusted site: HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\...\sharepoint.com -> hxxps://ujak.sharepoint.com
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Vše jsem udělala dle návodu. Zasílám log:

Fix result of Farbar Recovery Scan Tool (x64) Version:17-01-2015
Ran by Zuza (2016-01-18 20:57:29) Run:1
Running from C:\Users\Zuza\Desktop
Loaded Profiles: Zuza (Available Profiles: Zuza & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\...\Run: [AdobeBridge] => [X]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bfe988cd2205.job
C:\Users\Zuza\AppData\Local\Temp
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d049397e7a775b.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d091a3ee349dc7.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
IE trusted site: HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\...\sharepoint.com -> hxxps://ujak.sharepoint.com
End
*****************

HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\Software\Microsoft\Windows\CurrentVersion\Run\\Web Companion => value removed successfully
HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bfe988cd2205.job => moved successfully

"C:\Users\Zuza\AppData\Local\Temp" folder move:

Could not move "C:\Users\Zuza\AppData\Local\Temp" => Scheduled to move on reboot.

C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d049397e7a775b.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d091a3ee349dc7.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
"HKU\S-1-5-21-3291223764-2626844367-1379447934-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sharepoint.com" => key removed successfully

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-01-18 21:02:04)

C:\Users\Zuza\AppData\Local\Temp => moved successfully

==== End of Fixlog 21:02:04 ====

Smazáno. Nastala nějaká změna?

Stává se mi to jen při hraní LoL. Nevím, jeslti budu mít dnes čas, ale zkusím alespon 20 min hru a dám vědět. Pokud to nestihnu dnes, zkusím si udělat čas zítra. Bohužel mám ted strašně moc práce a na hraní nezbývá moc času.

Strašně děkuji za pomoc a dám vědět.

Ještě jednou moc děkuji

Zatím není zač! Problém ale může způsobovat i samotné chlazení (větrák, zanesený chladič).

Bohužel jsem se dnes ke hraní již nedostala, takže výsledek nevím. Pokud by se opravdu jednalo např o zanesený filtr, jak bych měla v tomto případě postupovat?

Děkuji

Chladič se musí vyčistit mechanicky. O0bvykle je k tomu třeba NB rozebrat. Takže zřejmě by vás neminul servis.