﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-08-2015
Ran by pogas (2015-08-20 22:31:47)
Running from C:\Users\pogas\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1446878920-724358766-291748155-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1446878920-724358766-291748155-503 - Limited - Disabled)
Guest (S-1-5-21-1446878920-724358766-291748155-501 - Limited - Disabled)
pogas (S-1-5-21-1446878920-724358766-291748155-1002 - Administrator - Enabled) => C:\Users\pogas

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.0.1.241 - Amazon)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{DA9FFDE7-5474-DE51-8729-76A31DB5682B}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.)
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version:  - )
Curse Client (HKU\S-1-5-21-1446878920-724358766-291748155-1002\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Firehawk Updater version 1.3.5679.3040 (HKLM-x32\...\{30EFD504-64D8-44D0-8195-42F214F1B792}_is1) (Version: 1.3.5679.3040 - The Firehawk Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 15.0.4737.1003 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.1.0 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 cs)) (Version: 38.2.0 - Mozilla)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Spotify (HKU\S-1-5-21-1446878920-724358766-291748155-1002\...\Spotify) (Version: 1.0.10.107.gd0dfca3a - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Turistické trasy 2.37 (HKLM-x32\...\Turistické trasy 2.37) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vuze Leap 1.3 (HKU\S-1-5-21-1446878920-724358766-291748155-1002\...\{a9a27088-7578-499d-ad2b-67ba95a4def4}) (Version: 1.3 - Azureus Software, Inc.)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1446878920-724358766-291748155-1002_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1446878920-724358766-291748155-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\pogas\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1446878920-724358766-291748155-1002_Classes\CLSID\{234a28dd-c8f0-4b6a-8c6e-0abc4d14240b}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1446878920-724358766-291748155-1002_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\pogas\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1446878920-724358766-291748155-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\pogas\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1446878920-724358766-291748155-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\pogas\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1446878920-724358766-291748155-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\pogas\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1446878920-724358766-291748155-1002_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\pogas\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1446878920-724358766-291748155-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\pogas\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1446878920-724358766-291748155-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\pogas\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1446878920-724358766-291748155-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\pogas\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1446878920-724358766-291748155-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\pogas\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

30-07-2015 16:00:38 Windows Update
06-08-2015 13:35:53 Windows Update
12-08-2015 16:17:41 Windows Update
12-08-2015 16:19:21 Windows Update
15-08-2015 23:07:50 Windows Update
19-08-2015 17:51:21 Windows Update
19-08-2015 17:54:31 Windows Update
20-08-2015 22:25:14 AA11

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {12BD9B74-CA09-4037-ADAA-8C626376BE6C} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {31FB2D84-ECA2-450A-AFF2-C8932D3D66A7} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-G3OIBRR-pogas DESKTOP-G3OIBRR => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-07-30] (Microsoft Corporation)
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {48D79F36-9178-44FA-AAFE-9F475EAE5B5B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-07-30] (Microsoft Corporation)
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-07-30] (Microsoft Corporation)
Task: {95A74134-5CAB-420F-9EE4-3CDBFC73E0D0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-01] (Microsoft Corporation)
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {BBE4EDAF-2684-44A9-AED0-E6D9A0B06B4C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-28] (Microsoft Corporation)
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5B59E09-044E-4F7D-BB50-82A5B83F46E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-30] (Google Inc.)
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {CB45081D-AE97-44C5-B6C9-BEC246638F8E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {D6E318A5-D31F-4FB7-8485-A86F71661F90} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-01] (Microsoft Corporation)
Task: {FE4328DF-B163-44A3-8400-6F65891F6ED8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-30] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => 0x000A01009B7D1BFEB1E4234D96C224369005C1FA46007003000000003C000A0020000000FEFFFFFF000000000013040000008021DF0708000400140012001C000000E3000000360043003A005C00500072006F006700720061006D002000460069006C00650073002000280078003800360029005C0047006F006F0067006C0065005C005500700064006100740065005C0047006F006F0067006C0065005500700064006100740065002E00650078006500000003002F0063000000000016004400450053004B0054004F0050002D00470033004F0049004200520052005C0070006F0067006100730000003B015500640072007E0175006A006500200073006F00660074007700610072006500200047006F006F0067006C006500200061006B007400750061006C0069007A006F00760061006E00FD002E0020004A0065002D006C00690020007400610074006F002000FA006C006F006800610020007A0061006B00E1007A00E1006E00610020006E00650062006F0020007A006100730074006100760065006E0061002C0020006E006500620075006400650020007600E1006101200073006F00660074007700610072006500200047006F006F0067006C00650020007500640072007E016F007600E1006E0020007600200061006B007400750061006C0069007A006F00760061006E00E9006D002000730074006100760075002E00200054006F0020007A006E0061006D0065006E00E1002C0020007E01650020006E0065006D0075007300ED0020006200FD00740020006F00700072006100760065006E00610020007A006A006900610174001B016E00E100200073006C0061006200E10020006D00ED007300740061002000760020007A006100620065007A00700065000D0165006E00ED00200061002000750072000D0169007400E9002000660075006E006B006300650020006E0065006D0075007300ED002000660075006E0067006F007600610074002E00200050006F006B007500640020007400750074006F002000FA006C006F006800750020007E01E10064006E00FD00200073006F00660074007700610072006500200047006F006F0067006C00650020006E00650070006F0075007E01ED007600E1002C002000730061006D00610020007300650020006F00640069006E007300740061006C0075006A0065002E000000000008000000000000000000020030000000CF0701000100000000000000000000000000000000000000000000000700000001000000000000000000000030000100DF0707001E0000000000000012001C0000000000000000000000000001000000010000000000000000000000
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-10 13:00 - 2015-07-10 13:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-07-30 16:30 - 2015-07-30 16:30 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-07-30 16:30 - 2015-07-30 16:30 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-07-30 16:15 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-07-30 16:30 - 2015-07-30 16:30 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-07-30 16:30 - 2015-07-30 16:30 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-07-30 16:30 - 2015-07-30 16:30 - 06576640 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:05 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-07-30 16:30 - 2015-07-30 16:30 - 01806848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-07-30 16:30 - 2015-07-30 16:30 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 18:05 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-02 19:42 - 2015-08-02 19:42 - 16942080 _____ () C:\Users\pogas\Desktop\TSMApplication.exe
2014-02-28 11:14 - 2015-08-04 18:49 - 00179176 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-08-04 15:43 - 2015-08-04 18:49 - 00103400 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-08-04 15:43 - 2015-08-04 18:49 - 00108008 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-08-04 15:46 - 2015-08-04 18:49 - 00312296 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-08-04 15:46 - 2015-08-04 18:49 - 00483816 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-06-05 15:48 - 2015-08-04 18:49 - 00318976 _____ () C:\Program Files\TeamSpeak 3 Client\ssleay32.dll
2014-06-05 15:48 - 2015-08-04 18:49 - 01718784 _____ () C:\Program Files\TeamSpeak 3 Client\LIBEAY32.dll
2015-07-30 22:39 - 2014-09-09 13:30 - 00603648 _____ () C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2015-08-11 21:29 - 2015-08-08 02:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-11 21:29 - 2015-08-08 02:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll
2015-08-11 21:29 - 2015-08-08 02:13 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\PepperFlash\pepflashplayer.dll
2015-07-30 16:15 - 2015-07-30 16:19 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2015-08-13 23:57 - 2015-08-13 23:57 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\libcef.dll
2015-08-13 23:57 - 2015-08-13 23:57 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\libGLESv2.dll
2015-08-13 23:57 - 2015-08-13 23:57 - 00909312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\platforms\qwindows.dll
2015-08-13 23:57 - 2015-08-13 23:57 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\libEGL.dll
2015-08-13 23:57 - 2015-08-13 23:57 - 00020992 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qgif.dll
2015-08-13 23:57 - 2015-08-13 23:57 - 00021504 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qico.dll
2015-08-13 23:57 - 2015-08-13 23:57 - 00205312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qjpeg.dll
2015-08-13 23:57 - 2015-08-13 23:57 - 00225792 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qmng.dll
2015-08-13 23:57 - 2015-08-13 23:57 - 00015872 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qsvg.dll
2015-08-13 23:57 - 2015-08-13 23:57 - 00312832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qtiff.dll
2015-08-13 23:57 - 2015-08-13 23:57 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\qml\QtQuick.2\qtquick2plugin.dll
2015-08-13 23:57 - 2015-08-13 23:57 - 00054272 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-08-13 23:57 - 2015-08-13 23:57 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\qml\QtQml\Models.2\modelsplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1446878920-724358766-291748155-1002\Control Panel\Desktop\\Wallpaper -> E:\Obrázky\wallpapers\11050770_10153261012182590_2128108328540061828_o.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{09C3B736-7EE1-497D-8541-81FCD6C39DE8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{9B146BC9-42C2-4944-9C7A-6ADC1889087A}] => (Allow) C:\Users\pogas\AppData\Roaming\Vuze Leap\VuzeLeap.exe
FirewallRules: [{BFD52CA7-5303-43C0-AB5F-A33238C52F37}] => (Allow) C:\Users\pogas\AppData\Roaming\Vuze Leap\VuzeLeap.exe
FirewallRules: [{2BB901D1-D5F6-4AF0-AA88-51A6B6FD5B9C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{C7C3D84C-58D5-4E6F-B135-CCF83A1E6608}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{17AB4221-5241-4D2D-BEBB-2B017699E445}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{7F0D616D-35C5-4750-A86E-6F2D7A6B52F4}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{F0DC35C5-5FD1-4229-A55C-478BE886F4CE}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [TCP Query User{BF9ACD7A-D4E1-4B40-B959-852292E2D9D8}C:\users\pogas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pogas\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{4A80F5F5-B5F6-4C3C-B7A2-82CED6471238}C:\users\pogas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pogas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{55A6BB40-BAC9-4119-985C-C3F7B16BFCA1}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE
FirewallRules: [{62911CBB-C393-47D7-BF12-59013AA62B3F}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE
FirewallRules: [{CC769895-A467-4A8F-A0D9-49948CFD5FCC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{90831A56-F7BC-4A0E-B1FC-BB2C9E804697}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FA03A4AB-F928-49C5-94C6-B7B7FE5A82A6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{43734570-2762-465D-A9B7-11572C4877A3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CDCD9CCC-832E-4A06-B8C2-66CBE4B1ADCC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/20/2015 10:25:17 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (08/20/2015 04:30:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VuzeLeap.exe, verze: 1.3.0.1, časové razítko: 0x54d8df08
Název chybujícího modulu: VuzeLeap.exe, verze: 1.3.0.1, časové razítko: 0x54d8df08
Kód výjimky: 0x40000015
Posun chyby: 0x00048057
ID chybujícího procesu: 0xc90
Čas spuštění chybující aplikace: 0xVuzeLeap.exe0
Cesta k chybující aplikaci: VuzeLeap.exe1
Cesta k chybujícímu modulu: VuzeLeap.exe2
ID zprávy: VuzeLeap.exe3
Úplný název chybujícího balíčku: VuzeLeap.exe4
ID aplikace související s chybujícím balíčkem: VuzeLeap.exe5

Error: (08/20/2015 04:05:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NetworkUXBroker.exe, verze: 10.0.10240.16384, časové razítko: 0x559f3aa6
Název chybujícího modulu: ntdll.dll, verze: 10.0.10240.16392, časové razítko: 0x55a864a2
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ea28c
ID chybujícího procesu: 0x710
Čas spuštění chybující aplikace: 0xNetworkUXBroker.exe0
Cesta k chybující aplikaci: NetworkUXBroker.exe1
Cesta k chybujícímu modulu: NetworkUXBroker.exe2
ID zprávy: NetworkUXBroker.exe3
Úplný název chybujícího balíčku: NetworkUXBroker.exe4
ID aplikace související s chybujícím balíčkem: NetworkUXBroker.exe5

Error: (08/20/2015 10:39:57 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8

Error: (08/20/2015 10:39:57 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 

Error: (08/20/2015 10:39:57 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL8

Error: (08/20/2015 10:39:57 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll8

Error: (08/20/2015 10:39:57 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll8

Error: (08/20/2015 10:39:57 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (08/20/2015 10:39:57 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8


System errors:
=============
Error: (08/20/2015 03:12:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby: 
%%1053

Error: (08/20/2015 03:12:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (08/20/2015 12:22:12 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-G3OIBRR)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (08/20/2015 12:22:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_Session6 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (08/20/2015 12:22:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Úložiště uživatelských dat_Session6 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (08/20/2015 12:22:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Data kontaktů_Session6 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (08/20/2015 12:22:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_Session6 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (08/19/2015 10:40:25 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-G3OIBRR)
Description: výchozí pro počítačMístníAktivace{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-G3OIBRRpogasS-1-5-21-1446878920-724358766-291748155-1002LocalHost (pomocí LRPC)Microsoft.WindowsStore_2015.8.12.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157

Error: (08/19/2015 12:08:21 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-G3OIBRR)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (08/19/2015 12:08:20 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Hostitel synchronizace_Session4 bylo dosaženo časového limitu (30000 ms).


Microsoft Office:
=========================
Error: (08/20/2015 10:25:17 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.

Error: (08/20/2015 04:30:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VuzeLeap.exe1.3.0.154d8df08VuzeLeap.exe1.3.0.154d8df084000001500048057c9001d0db53139534c9C:\Users\pogas\AppData\Roaming\Vuze Leap\VuzeLeap.exeC:\Users\pogas\AppData\Roaming\Vuze Leap\VuzeLeap.exeeb9b105c-9d17-4178-a2ca-3aec06b24a1a

Error: (08/20/2015 04:05:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: NetworkUXBroker.exe10.0.10240.16384559f3aa6ntdll.dll10.0.10240.1639255a864a2c000037400000000000ea28c71001d0db5144296ee3C:\WINDOWS\System32\NetworkUXBroker.exeC:\WINDOWS\SYSTEM32\ntdll.dll0be651c0-5bbf-4c45-87fe-3639e2e28a66

Error: (08/20/2015 10:39:57 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8

Error: (08/20/2015 10:39:57 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 

Error: (08/20/2015 10:39:57 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL8

Error: (08/20/2015 10:39:57 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll8

Error: (08/20/2015 10:39:57 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll8

Error: (08/20/2015 10:39:57 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (08/20/2015 10:39:57 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz
Percentage of memory in use: 49%
Total physical RAM: 8076.94 MB
Available physical RAM: 4114.61 MB
Total Virtual: 11871.91 MB
Available Virtual: 6405.43 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:465.22 GB) (Free:246 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 63B4D383)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of log ============================