﻿Additional scan result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01
Ran by cesko (2016-03-20 12:46:24)
Running from C:\Windows\System32\config\systemprofile\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) (2011-08-10 14:29:34)
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3613717200-223133842-2651324926-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3613717200-223133842-2651324926-1003 - Limited - Enabled)
cesko (S-1-5-21-3613717200-223133842-2651324926-1000 - Administrator - Enabled)
Guest (S-1-5-21-3613717200-223133842-2651324926-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
AV: Microsoft Security Essentials (Disabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Disabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
AuthenTec Fingerprint Sensor Minimum Install (Version: 7.8.1 - AuthenTec, Inc.) Hidden
ccc-core-static (Version: 2007.0727.2307.39475 - Název společnosti:) Hidden
Google Update Helper (Version: 1.3.21.169 - Google Inc.) Hidden
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
InstantShareAlert (Version: 1.00.0000 - HP) Hidden
LightScribe  1.8.13.1 (Version: 1.8.13.1 - hxxp://www.lightscribe.com) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Motorola SM56 Speakerphone Modem (HKLM\...\SMSERIAL) (Version: 6.12.25.06 - Motorola Inc)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.51.01 - )
Sada Compatibility Pack pro systém Office 2007 (HKLM\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Skins (Version: 2007.0727.2307.39475 - ATI) Hidden
Skype™ 7.18 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {087291FF-36E9-4138-8F30-018F9C983D6C} - System32\Tasks\{D5F1BAF3-CB72-453A-A69E-CC8EE2C9F0EB} => pcalua.exe -a "C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe" -c -datfile hpqbud01.dat
Task: {096D526B-88C2-4AEF-A5B2-BF1850FA87CC} - System32\Tasks\ASC8_SkipUac_cesko => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe
Task: {0C3AF200-FADC-49E5-880E-DEE192C8B79A} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {168E4432-4277-4C84-874C-9B917B71FACF} - System32\Tasks\{C624543A-7380-4B33-B37C-81208C83C010} => pcalua.exe -a C:\Users\cesko\AppData\Local\Google\Chrome\Application\15.0.874.102\Installer\setup.exe -c --uninstall
Task: {190733BD-E1FE-48E3-B2C5-4EA27F8C8F4F} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {24134949-CE47-4D68-9659-C6D7DA7D284E} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3613717200-223133842-2651324926-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {42D72817-E0DA-453F-A558-63C9BED6EAC2} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3613717200-223133842-2651324926-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {52B48CAC-F936-47FB-AB52-8E2E024BEB47} - System32\Tasks\{75529389-8C18-4D4F-8DFA-BCCBD5D2C4F0} => pcalua.exe -a C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
Task: {620AAB79-E4C4-4ADB-8ED4-CB3262783B94} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-10] (Adobe Systems Incorporated)
Task: {6A5F4D3F-1CFE-4728-997F-7BDBC72E7A01} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3613717200-223133842-2651324926-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {904C4507-3C02-41BE-81E2-C20D77FBBFC9} - System32\Tasks\RealCreateProcessScheduledTask989233S-1-5-21-3613717200-223133842-2651324926-1000 => c:\program files\real\realplayer\update\realsched.exe
Task: {9A5323C8-D1C7-4666-8985-858A69033D1A} - System32\Tasks\Program k provádění aktualizací online Real Player => C:\Program Files\Real\RealPlayer\update\realsched.exe
Task: {AB422ED2-202D-44B6-8D81-2F2D277921B9} - System32\Tasks\{DE13602D-9FA0-4322-8437-4970459CE9E7} => pcalua.exe -a C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe -c /repair /x86 /lcid 1029 /parameterfolder ClientLP
Task: {AB9FA6EF-F256-4DDE-94AE-218721DA82F2} - \SW-Booster-S-1095609242 -> No File <==== ATTENTION
Task: {CEADAF9E-02CA-4043-95BE-9AEC71E632E7} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe
Task: {CFB60569-2758-4E9C-BE3C-D5F3D43D3463} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe
Task: {E47AAC6A-331F-4463-B43A-402924210987} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe
Task: {E668599B-408D-4F6B-AB9B-EA86FA28A907} - System32\Tasks\Maxthon Update => C:\Program Files\Maxthon\Bin\mxup.exe
Task: {EFCF1A88-B458-4841-BD44-DF63A3512892} - System32\Tasks\{B4A7FAA0-A196-40EC-9CB3-CA2573DF5B52} => c:\program files\maxthon3\bin\maxthon.exe
Task: {F06F537F-47F3-4D36-A242-9BFBAABB3AE9} - System32\Tasks\{4608FECC-73A9-4D9A-B042-2EA9E2ABD24F} => c:\program files\maxthon\bin\maxthon.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2007-03-02 10:44 - 2007-03-02 10:44 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 00091538 _____ () D:\Tor Browser\Browser\libssp-0.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 05057038 _____ () D:\Tor Browser\Browser\mozjs.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 01966080 _____ () D:\Tor Browser\Browser\TorBrowser\Tor\tor.exe
2000-01-01 01:00 - 2000-01-01 01:00 - 00715476 _____ () D:\Tor Browser\Browser\TorBrowser\Tor\libevent-2-0-5.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 00091538 _____ () D:\Tor Browser\Browser\TorBrowser\Tor\libssp-0.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 00519862 _____ () D:\Tor Browser\Browser\TorBrowser\Tor\libgcc_s_sjlj-1.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 00111104 _____ () D:\Tor Browser\Browser\TorBrowser\Tor\zlib1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\cesko\Downloads:Shareaza.GUID [16]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2016-03-20 12:21 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: ehTray.exe => C:\Windows\ehome\ehTray.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{A68971F7-2D9C-406A-800C-072C81006ED7}] => (Allow) LPort=80
FirewallRules: [{FE44D98F-FBAD-4D9F-8B23-C299EA9ADAC7}] => (Allow) LPort=80
FirewallRules: [{D412EB8F-0527-4E99-9C1A-1F12E1647BBB}] => (Allow) LPort=80
FirewallRules: [{5A21651F-C548-429A-B3EB-225F4C4540E0}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{6405C9F1-121D-411C-9558-F78E5DCC72A8}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{4936AC1F-0E5E-476D-B104-1162B5776E1D}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{0C53E12F-A718-4B90-B7AC-A520CD637164}] => (Allow) C:\Program Files\Maxthon\Bin\Maxthon.exe
FirewallRules: [{782783AF-101D-41D7-9846-131B9D8E8928}] => (Allow) C:\Program Files\Maxthon\Bin\MxUp.exe
FirewallRules: [{E5C4A66B-C739-408C-9FA8-13C042F7DB01}] => (Allow) C:\Program Files\Maxthon\Bin\MxUp.exe
FirewallRules: [{D45BB7F6-4A8A-4416-BC80-4FC9AC46A42E}] => (Allow) C:\Program Files\Maxthon\Bin\Maxthon.exe
FirewallRules: [TCP Query User{266F8B1A-A5AE-47E3-8410-6730628F5363}C:\program files\maxthon\bin\maxthon.exe] => (Allow) C:\program files\maxthon\bin\maxthon.exe
FirewallRules: [UDP Query User{AD0B2176-261F-4E49-A9B0-A93B3B4A33CC}C:\program files\maxthon\bin\maxthon.exe] => (Allow) C:\program files\maxthon\bin\maxthon.exe
FirewallRules: [{2AB344FC-179C-46E8-AE8D-C37840578C37}] => (Allow) C:\Users\cesko\AppData\Local\Oxy\Application\bin\oxy-downloader.exe
FirewallRules: [{E5E07950-A179-4B77-A143-72340D1D3BB6}] => (Allow) C:\Users\cesko\AppData\Local\Oxy\Application\bin\oxy-downloader.exe
FirewallRules: [{FCCD3461-665D-48AD-957D-739E5A109280}] => (Allow) LPort=9091
FirewallRules: [{B12BBD28-E70C-4AAF-AB7B-3AD657261A92}] => (Allow) C:\Users\cesko\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C8CCE885-71B8-4839-B0A0-FD646A9C6A35}] => (Allow) C:\Users\cesko\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{710DCE27-99B8-47D6-81A1-1F90B6F237E6}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{0E913FC6-8C89-4459-919C-305A360FEB44}C:\users\cesko\appdata\roaming\utox\utox.exe] => (Allow) C:\users\cesko\appdata\roaming\utox\utox.exe
FirewallRules: [UDP Query User{2E23EF2C-C0DC-4852-9347-6735028B71E8}C:\users\cesko\appdata\roaming\utox\utox.exe] => (Allow) C:\users\cesko\appdata\roaming\utox\utox.exe
FirewallRules: [{28B6D336-7AEF-404E-8C48-5E722F8E2BA7}] => (Allow) C:\program files\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{2BD2E642-D46F-411F-8D7A-A0DA26CB6765}] => (Allow) C:\program files\common files\tencent\qqdownload\131\bugreport_xf.exe
FirewallRules: [{B56A2B23-692C-432A-BF58-E3CE20DE241D}] => (Allow) C:\program files\common files\tencent\qqdownload\131\tencentdl.exe

==================== Restore Points =========================

