﻿Additional scan result of Farbar Recovery Scan Tool (x86) Version:15-10-2015 01
Ran by Admin (2015-10-16 17:30:30)
Running from C:\Users\Admin\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 1 (X86) (2014-05-15 10:33:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-1349233872-4080188232-1638137599-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-1349233872-4080188232-1638137599-500 - Administrator - Disabled)
Anička (S-1-5-21-1349233872-4080188232-1638137599-1003 - Limited - Enabled) => C:\Users\Anička
Eliška (S-1-5-21-1349233872-4080188232-1638137599-1002 - Limited - Enabled) => C:\Users\Eliška
Guest (S-1-5-21-1349233872-4080188232-1638137599-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-1349233872-4080188232-1638137599-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
Aktualizace NVIDIA 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Avidemux 2.6 (32-bit) (HKLM\...\Avidemux 2.6) (Version: 2.6.8.9045 - )
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
Codec-TS SDK (HKLM\...\{28FB7853-A6ED-4F67-8635-9F0E863FC0AD}) (Version:  - ArcSoft)
FormatFactory 3.5.0.0 (HKLM\...\FormatFactory) (Version: 3.5.0.0 - Format Factory)
HP LaserJet M1120 MFP Series (HKLM\...\HP LaserJet M1120 MFP) (Version:  - )
hppusgM1120 (Version: 000.000.00005 - Hewlett-Packard) Hidden
iSlim 300X (HKLM\...\{7EF900F4-61A8-4D95-8A65-488D3BECA206}) (Version: 1.0.0.28 - )
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
K-Lite Codec Pack 9.3.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 9.3.0 - )
MarketResearch (Version: 90.0.136.000 - Hewlett-Packard) Hidden
Memostation 2013 (HKLM\...\{41FB29BC-F985-4334-BD3E-C2F0A173BFF7}_is1) (Version: 2013 - Memostation.net)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 41.0 (x86 cs) (HKLM\...\Mozilla Firefox 41.0 (x86 cs)) (Version: 41.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 41.0.0.5738 - Mozilla)
MrvlUsgTracking (Version: 1.0.4 - Marvell) Hidden
NVIDIA Ovladač HD audia 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM\...\{D5B94160-4A07-4956-9C73-8C5EEFEF180F}) (Version: 3.3.9567 - OpenOffice.org)
Ovládací panel NVIDIA 358.50 (Version: 358.50 - NVIDIA Corporation) Hidden
PDF reDirect (remove only) (HKLM\...\PDF reDirect) (Version: v2.2.6 - EXP Systems LLC)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 6.243.1025.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6201 - Realtek Semiconductor Corp.)
Scan To (Version: 1.0.2 - HP) Hidden
Seznam Instalátor (HKLM\...\ssinstall) (Version:  - Seznam.cz)
Skype™ 7.8 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
WinFast Multimedia Driver Installation  (HKLM\...\{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}) (Version:  - Multimedia)
WinFast PVR2 (HKU\S-1-5-21-1349233872-4080188232-1638137599-1000\...\{C92C584E-C781-475E-A8E2-C67D993A6B95}) (Version: 2.0.3.57 - Leadtek)
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

19-09-2015 08:46:00 Naplánovaný kontrolní bod
19-09-2015 15:56:18 Windows Update
20-09-2015 10:27:17 Naplánovaný kontrolní bod
20-09-2015 22:12:47 Windows Update
22-09-2015 13:46:07 Windows Update
23-09-2015 07:48:14 Naplánovaný kontrolní bod
23-09-2015 15:02:00 Windows Update
24-09-2015 07:43:17 Naplánovaný kontrolní bod
24-09-2015 18:52:17 Windows Update
25-09-2015 07:44:10 Naplánovaný kontrolní bod
25-09-2015 11:27:17 Windows Update
26-09-2015 08:51:13 Naplánovaný kontrolní bod
27-09-2015 09:58:45 Windows Update
28-09-2015 09:00:29 Naplánovaný kontrolní bod
28-09-2015 11:16:37 Windows Update
29-09-2015 09:09:12 Naplánovaný kontrolní bod
29-09-2015 12:18:17 Windows Update
12-10-2015 11:33:54 Instalace balíčku ovladače zařízení: NVIDIA Grafické adaptéry
12-10-2015 11:36:31 Instalace balíčku ovladače zařízení: NVIDIA Corporation Řadiče zvuku, videa a her
16-10-2015 17:10:38 Naplánovaný kontrolní bod

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2014-10-11 23:15 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C3AF200-FADC-49E5-880E-DEE192C8B79A} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {14A359DB-3856-4232-918C-819BA3CED6CE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-16] (Adobe Systems Incorporated)
Task: {2EDA6A81-ECC1-4D46-8C99-FEA81EB46C90} - \SPBIW_UpdateTask_Time_323436343037303138372d3437415a556c2a3223346c41 -> No File <==== ATTENTION
Task: {6A95A808-DF52-47F9-AB35-9BF8EBF66213} - \SUPERAntiSpyware Scheduled Task ffd45f03-9cb5-4455-a19f-cf259d152259 -> No File <==== ATTENTION
Task: {C0F86F3D-7E6E-4692-858F-3250AD0A0704} - \SUPERAntiSpyware Scheduled Task cdb1c853-9347-49d3-9b54-097090e03982 -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{51E04949-6895-40C7-BF86-63B994B17111}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (Whitelisted) ==============

2007-07-01 19:50 - 2007-07-01 19:50 - 00064976 _____ () C:\Windows\System32\PDFreDirectMonNT.dll
2007-11-02 14:52 - 2007-11-02 14:52 - 00036864 _____ () C:\Program Files\HP\HP UT\bin\hppusg.exe
2007-11-02 14:52 - 2007-11-02 14:52 - 00057344 _____ () C:\Program Files\HP\HP UT\bin\HPUsageTracking.dll
2007-11-02 14:52 - 2007-11-02 14:52 - 00065536 _____ () C:\Program Files\HP\HP UT\bin\HPTools.dll
2007-11-02 14:52 - 2007-11-02 14:52 - 00114688 _____ () C:\Program Files\HP\HP UT\bin\HPToolkit.dll
2007-11-02 14:52 - 2007-11-02 14:52 - 00036864 _____ () C:\Program Files\HP\HP UT\bin\Enumeration.dll
2007-11-02 14:52 - 2007-11-02 14:52 - 00016384 _____ () C:\Program Files\HP\HP UT\bin\HPStreamsInterface.dll
2007-12-14 12:51 - 2007-12-14 12:51 - 00163840 _____ () C:\Windows\system32\hppatusg01.dll
2014-05-15 14:12 - 2009-04-01 14:07 - 00303188 _____ () C:\Program Files\WinFast\WFDTV\RTL283XACCESS.dll
2014-05-15 14:12 - 2008-12-02 11:04 - 00007680 _____ () C:\Program Files\WinFast\WFDTV\WIZLANGCZE.dll
2014-05-15 14:12 - 2010-11-15 11:05 - 00073728 _____ () C:\Program Files\WinFast\WFDTV\RCConfig\RCKeysInfoIO.dll
2011-01-17 16:19 - 2014-05-15 14:35 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Admin\Downloads\The Fireman's Ball 1967 Full Comedy Drama Movie.mp4:TOC.WMV

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1349233872-4080188232-1638137599-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
HKU\S-1-5-21-1349233872-4080188232-1638137599-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{9F31BB75-396C-4415-A745-92F2F825754B}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B6981E90-620A-4056-9666-16E8E7A77044}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{64032A69-1B41-4F55-9D3D-41C1D430AC81}] => (Allow) LPort=80
FirewallRules: [{1576CAA4-AC37-41A9-8299-A37C4882DEEC}] => (Allow) LPort=80
FirewallRules: [{E1A8E7A0-53E4-4563-8A4A-F4D4032F3A14}] => (Allow) LPort=80
FirewallRules: [{5D23C943-F65D-410A-B1C4-5C5CDD840B8F}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{835E1A98-AFC3-4B1B-BF5C-70A6640F0290}] => (Allow) C:\Hry_Vista\Simcity_2013\SimCity 2013 Offline\SimCity\SimCity.exe
FirewallRules: [{C6801BB4-2258-4A0F-AB0C-A277BB71BA03}] => (Allow) C:\Hry_Vista\Simcity_2013\SimCity 2013 Offline\SimCity\SimCity.exe
FirewallRules: [{D91E3C91-DFA7-4F25-BB82-E406B84A3CE7}] => (Allow) C:\Games\SimCity 2013 Offline\SimCity\SimCity.exe
FirewallRules: [{C54BCECC-DC9C-48B0-9160-8E80B0509311}] => (Allow) C:\Games\SimCity 2013 Offline\SimCity\SimCity.exe
FirewallRules: [TCP Query User{39CBB8BB-813C-4767-8FD6-F2CDE1A64BF8}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{0904EA5A-3645-40C4-9F13-1FDB1F2DE66A}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{C162F869-179D-43B0-9BDF-DB45DAEF7E4E}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{150FE324-79C7-426D-B0BA-93930DD59712}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{466C6EE4-247A-476C-8768-8A1A4233F4BB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{AEB2D013-D861-42D4-BAF0-AE7CB4A6FB50}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{6885EC38-9FF3-4112-A54D-830BE90345A9}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{05771E6A-AD9F-4157-84B3-C750810D9F77}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{DAE12383-0574-4F7F-AC0F-95237E73E468}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{A34406E2-C935-4E0B-B13A-1C637D4FFBD3}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{D7912899-BBED-436C-A43A-03E27FA68663}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{ECF412E0-8167-49A3-9642-E6DB9FD57FF7}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [{E302FFCB-E06A-4ABD-8056-8934CBF216AF}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/12/2015 11:43:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/12/2015 11:25:24 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070003

Error: (10/12/2015 11:05:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/29/2015 07:12:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/29/2015 07:12:13 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/29/2015 06:00:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/29/2015 05:59:07 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/29/2015 05:54:10 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/29/2015 05:01:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/29/2015 04:56:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
