﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-06-2016 02
Ran by Tomáš (2016-06-06 20:42:36)
Running from C:\Users\Tomáš\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-05-02 17:24:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2046303120-218891254-975205269-500 - Administrator - Disabled)
Guest (S-1-5-21-2046303120-218891254-975205269-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2046303120-218891254-975205269-1071 - Limited - Enabled)
Tomáš (S-1-5-21-2046303120-218891254-975205269-1000 - Administrator - Enabled) => C:\Users\Tomáš

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{3605D89A-BD66-F5C5-779B-BE9110B41077}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Auto-diagnostika VAG-COM (VCDS) . (HKLM-x32\...\Auto-diagnostika VAG-COM (VCDS)) (Version: . - AutoComSoft)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.3.2223 - AVAST Software)
Balíček ovladače systému Windows - Ross-Tech USB Driver Package (06/16/2010 2.06.02) (HKLM\...\F2D626F9A8E5C6126BED6EBD3E3504D0B2AB8443) (Version: 06/16/2010 2.06.02 - Ross-Tech)
BitTorrent (HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\BitTorrent) (Version: 7.9.5.41866 - BitTorrent Inc.)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.96 - Atheros Communications)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version:  - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.8.50 - Conexant)
Čarovný_Minecraft (HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\Čarovný_Minecraft) (Version:  - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Java 7 Update 10 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417010FF}) (Version: 7.0.100 - Oracle)
Java 7 Update 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.70 - Oracle)
LenovoUsbDriver 1.0.7 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.0.7 - Lenovo)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{f9024a51-ab45-4a46-b597-ce12f74963c7}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 cs)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mumble 1.2.8 (HKLM-x32\...\{0E784CFD-CEB1-42E1-9C42-FC2497DD653E}) (Version: 1.2.8 - Thorvald Natvig)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Pomocník při upgradu na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17305 - Microsoft Corporation)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Sběratelská edice Heroes of Might and Magic V (HKLM-x32\...\{F68563C0-2CCD-4799-A014-017A370D627B}) (Version:  - )
ScanMaster-ELM 2.1.104.771 (HKLM\...\ScanMaster-ELM_is1) (Version: 2.1.104.771 - WGSoft.de)
ScanMasterELM Aktualizace (HKLM-x32\...\ScanMasterELM Aktualizace) (Version:  - )
Software602 Form Filler (HKLM-x32\...\{C680853D-3D54-40C9-BB13-FD1665556A18}) (Version: 4.56 - Software602 a.s.)
THE SETTLERS - Rise of an Empire (HKLM-x32\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 - Ghisler Software GmbH)
Unity Web Player (HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\UnityWebPlayer) (Version: 5.3.4f1 - Unity Technologies ApS)
Windows Movie Maker (HKLM\...\Windows Movie Maker) (Version: 6.0.6002.18005 - Microsoft Corporation)
WinRAR 4.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Zuma Deluxe 1.0 (HKLM-x32\...\Zuma Deluxe 1.0) (Version:  - )
Zuma's Revenge (HKLM-x32\...\Zuma's Revenge) (Version:  - islandGirl)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07FC09F7-6E32-487F-9D61-0C18D6B431F8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-23] (Adobe Systems Incorporated)
Task: {1F7B9F29-5038-43D2-B506-06DFF6621B09} - System32\Tasks\{B84D0897-781C-4149-B225-756166E8567A} => C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
Task: {1FCF1DC9-F3C5-413E-8B8A-4A40FB98A603} - System32\Tasks\{76D0C4F0-8CF1-4DA7-8A72-D083318EE796} => C:\Users\Tomáš\Downloads\grafikon.exe
Task: {2078D369-E208-4363-9643-185111F3AF88} - System32\Tasks\{F0B70089-25C1-40DE-B2E8-115E5D140A8F} => C:\Users\Tomáš\Downloads\grafikon.exe
Task: {33FC6291-88AA-4BD8-A71C-CD456FE6152A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {3460A8D0-3954-4FEE-89DF-F8D75083D885} - System32\Tasks\{D4398886-B6F1-416A-8C6D-7779251AAC32} => C:\Users\Tomáš\Downloads\grafikon.exe
Task: {4121D2CE-A24D-424C-B0C7-20D1B9BC1B11} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {497ABC90-2509-465E-A3AD-8201829509CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {4A1E49E5-DE72-44F0-B358-C1FC1269BB07} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-05] (AVAST Software)
Task: {4FAEAC6F-64EF-4CD8-A129-B371D097374A} - System32\Tasks\{2055F692-14A8-4693-9D88-3BE6DD941F97} => C:\Users\Tomáš\Downloads\grafikon.exe
Task: {57D03143-A07E-44CB-A184-7D70EF223B21} - \GoforFilesUpdate -> No File <==== ATTENTION
Task: {5CD711D7-D019-4AEC-A99A-CC1834E2E94C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-24] (AVAST Software)
Task: {7252BD8A-761A-4406-B7CA-E6A6139F45BD} - System32\Tasks\{3304CD0E-4D71-48E9-986B-114ACBC28655} => pcalua.exe -a "C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0KL81XS1\Firefox%20Setup%2012.0[1].exe" -d C:\Users\Tomáš\Desktop
Task: {7EA71D01-A655-4DB2-8534-FF0072ADAF53} - System32\Tasks\{EAE0762D-AD12-470A-B23D-5F35FBEC2D15} => pcalua.exe -a "F:\stolní počítač záloha\hry\hry od ruženy\Age of Empires II The age of Kings CZ + datadisk the Conquerors CZ\setup.exe" -d "F:\stolní počítač záloha\hry\hry od ruženy\Age of Empires II The age of Kings CZ + datadisk the Conquerors CZ"
Task: {8EE8398C-8723-4308-B3C3-C7AA9714B3CE} - System32\Tasks\{4967C185-45C2-44D0-8A41-CE0B1A8C2366} => pcalua.exe -a "C:\HRY\Youda_Farmer\Youda Farmer\Uninstall.exe" -d "C:\HRY\Youda_Farmer\Youda Farmer"
Task: {93BC5150-41D6-4034-B487-43990B094779} - System32\Tasks\{2DB83339-6101-4F7D-9B25-AC94AAF315B0} => C:\Users\Tomáš\Downloads\grafikon.exe
Task: {A4442A71-6099-43D0-9CFC-0E6B46410AD2} - System32\Tasks\{C4EDCCA4-CCD2-4602-9A03-F9F7A127FAC9} => C:\Users\Tomáš\Downloads\grafikon.exe
Task: {A7A4EF9A-EF70-4C6E-B003-B2A1EB89C950} - System32\Tasks\{472BD3E1-69E4-4A4B-B803-8F67D557EFFC} => C:\Program Files (x86)\Wandering Willows\Wandering Willows.exe
Task: {BF92911A-8AB2-4776-A06E-688D9E17D1AE} - System32\Tasks\{06B3943F-4E69-48DF-B9CA-1BC42E0131EC} => C:\Users\Tomáš\Downloads\grafikon.exe
Task: {DB46972B-1408-445E-93BF-8A98033DD80C} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2046303120-218891254-975205269-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {DB5CA4EF-8A43-4026-9F9D-E0F4FC7E400A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {E8AFA7E4-C5A8-495B-8FA7-1E44F2C8257A} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2046303120-218891254-975205269-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {ED1377C0-E2AA-4472-911C-B3C9144DEDB4} - System32\Tasks\{7EDAC074-73CB-4238-AA2F-C02CCE9714B5} => pcalua.exe -a "C:\Users\Tomáš\Downloads\Scanmaster-ELM-2.1-CZ-Aktualizace\ScanMasterELM_2.1 CZ Aktualizace.exe" -d C:\Users\Tomáš\Downloads\Scanmaster-ELM-2.1-CZ-Aktualizace
Task: {F3D9CC26-4693-4432-962A-4D0A467BFB15} - System32\Tasks\{0F1F0675-9190-4E67-98B7-1E386252A1AE} => pcalua.exe -a C:\HRY\Turbo_Pizza-setup.exe -d C:\HRY
Task: {F6860250-DFAC-4BF7-AFC1-F306511E1F45} - System32\Tasks\{2FD3570E-D8A2-4AB7-B95C-F861F2BF4A3F} => C:\Program Files (x86)\Wandering Willows\Wandering Willows.exe
Task: {FAA8CF43-F3F8-47C0-A90F-C6F304CEA02D} - System32\Tasks\{72209DE5-9F23-4A06-8AD7-00577633B89E} => pcalua.exe -a F:\software\oem\oemsetup.exe -d F:\software\oem

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2012-05-02 20:21 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2013-12-02 14:01 - 2012-09-18 16:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll
2013-12-02 14:01 - 2012-09-18 16:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2016-01-06 18:41 - 2016-01-06 18:41 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll
2016-03-11 22:31 - 2016-03-11 22:31 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-07-24 08:45 - 2015-07-24 08:45 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-24 08:45 - 2015-07-24 08:45 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-05 18:34 - 2016-06-05 18:34 - 02923008 _____ () C:\Program Files\AVAST Software\Avast\defs\16060500\algo.dll
2016-06-05 21:59 - 2016-06-05 21:59 - 02923008 _____ () C:\Program Files\AVAST Software\Avast\defs\16060501\algo.dll
2016-06-06 16:13 - 2016-06-06 16:13 - 02923008 _____ () C:\Program Files\AVAST Software\Avast\defs\16060600\algo.dll
2015-07-24 08:45 - 2015-07-24 08:45 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-03-23 14:51 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2046303120-218891254-975205269-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\flower_quest_wallpaper.bmp
DNS Servers: 10.10.5.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: BitTorrent => "C:\Users\Tomáš\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: My Farm Life 2 => wscript.exe //B "C:\Users\Tomáš\AppData\Roaming\My Farm Life 2.vbs"
MSCONFIG\startupreg: seznam-listicka-distribuce => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{48CE5104-8D46-4043-B83B-6C69D26F9219}C:\hry\stronghold crusader\stronghold crusader.exe] => (Allow) C:\hry\stronghold crusader\stronghold crusader.exe
FirewallRules: [UDP Query User{C4AE4D18-D6C6-4916-BA58-11586107C226}C:\hry\stronghold crusader\stronghold crusader.exe] => (Allow) C:\hry\stronghold crusader\stronghold crusader.exe
FirewallRules: [TCP Query User{2D1361C8-FADB-41B7-A848-D9CF6F42F8B0}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{7785E003-F5D0-4CAC-A632-E5A0AF653575}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{A587F5E1-F306-4132-91BA-7079FB3C72B8}] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{2DCEC242-470E-4C7B-85F4-DDC8DA60E531}] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{2468C4C0-33B9-451B-8619-69891DB09C22}C:\program files\age of empires ii\empires2.exe] => (Block) C:\program files\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{84489028-AA41-4814-984F-69B2FA491E5B}C:\program files\age of empires ii\empires2.exe] => (Block) C:\program files\age of empires ii\empires2.exe
FirewallRules: [TCP Query User{57F0591C-F039-4453-AF76-E908376F2042}C:\program files (x86)\ubisoft\heroes of might and magic v collector edition\bin\h5_game.exe] => (Block) C:\program files (x86)\ubisoft\heroes of might and magic v collector edition\bin\h5_game.exe
FirewallRules: [UDP Query User{B767A6C8-9494-4086-A832-113021CB7608}C:\program files (x86)\ubisoft\heroes of might and magic v collector edition\bin\h5_game.exe] => (Block) C:\program files (x86)\ubisoft\heroes of might and magic v collector edition\bin\h5_game.exe
FirewallRules: [{D3CF67DE-D0FA-4398-B71A-B262C51EF5B9}] => (Allow) C:\Program Files (x86)\Ubisoft\THE SETTLERS - Rise of an Empire\base\bin\Settlers6.exe
FirewallRules: [{E36E888C-23FF-4F78-96D0-6F4A52DEDAA4}] => (Allow) C:\Program Files (x86)\Ubisoft\THE SETTLERS - Rise of an Empire\base\bin\Settlers6.exe
FirewallRules: [TCP Query User{C3A1C92C-44E9-44B9-9310-93DBAF1D7952}C:\program files\age of empires ii\age2_x1.exe] => (Block) C:\program files\age of empires ii\age2_x1.exe
FirewallRules: [UDP Query User{9577BF02-B2D9-4A09-9E1D-62D35A65E644}C:\program files\age of empires ii\age2_x1.exe] => (Block) C:\program files\age of empires ii\age2_x1.exe
FirewallRules: [TCP Query User{20261E48-A0A6-477F-8BB8-053F04D42E8C}C:\program files\age of empires ii\age2_x1.exe] => (Block) C:\program files\age of empires ii\age2_x1.exe
FirewallRules: [UDP Query User{2CC5FB5E-0E7C-4070-9EE0-A2758A24E58B}C:\program files\age of empires ii\age2_x1.exe] => (Block) C:\program files\age of empires ii\age2_x1.exe
FirewallRules: [TCP Query User{A5DD0965-D9B3-4764-B724-6B390931737E}C:\program files (x86)\ubisoft\heroes of might and magic v collector edition\bin\h5_game.exe] => (Block) C:\program files (x86)\ubisoft\heroes of might and magic v collector edition\bin\h5_game.exe
FirewallRules: [UDP Query User{204FDE30-49F6-4415-930F-7443E46F3797}C:\program files (x86)\ubisoft\heroes of might and magic v collector edition\bin\h5_game.exe] => (Block) C:\program files (x86)\ubisoft\heroes of might and magic v collector edition\bin\h5_game.exe
FirewallRules: [TCP Query User{65E383DC-0B1A-4FF9-B88B-0CB5E216E4DD}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{90AA8870-09DF-456B-BDD2-D66B9C56191E}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{50C96464-DF11-4BBF-8834-E1D6F4C8C82A}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{B0839EED-3323-4F6E-9D36-B84CA6AAFDDB}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{3294A5DA-EF72-4B25-916F-8165B96BDD39}C:\program files\age of empires ii\empires2.exe] => (Block) C:\program files\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{5BD8A907-13D4-4914-9248-DB1AF7BB5292}C:\program files\age of empires ii\empires2.exe] => (Block) C:\program files\age of empires ii\empires2.exe
FirewallRules: [TCP Query User{9293E2F1-7C0D-497E-A987-5AB9FB5B0035}C:\hry\stronghold crusader\stronghold crusader.exe] => (Block) C:\hry\stronghold crusader\stronghold crusader.exe
FirewallRules: [UDP Query User{FFC69584-BC40-424D-A3B4-23332ADA55D1}C:\hry\stronghold crusader\stronghold crusader.exe] => (Block) C:\hry\stronghold crusader\stronghold crusader.exe
FirewallRules: [{1C5E2398-5046-42EA-8259-038DBCC2CDF1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9523BBB7-38FA-4F8F-BC3B-5D6E8109DCFC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{13E030A9-C045-4C6D-B19A-3EAA21C3D5DA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{BD4B9C80-4163-4C15-BB20-FFBAE29AAF45}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{DBBD5BAD-1062-402B-A70B-C663D9BE1608}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{2BA4CEDC-604C-475A-ACC7-2F93D30C73EB}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{BD2F087D-F158-4726-9DAE-CEA6D8C7C811}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{178B8DCC-36A5-4687-A8ED-CEB0A0B95E25}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{316DBABE-CA69-4548-A8B7-054897E12EB0}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{8916B0A9-57B6-4D18-A51A-62012D612D8A}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{ED5201D4-A443-4DC8-979D-14EC5D824E87}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{08221536-1D95-4030-B21F-0C8C122C8741}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{E3EFB832-E0F7-43BF-9166-61954BE0DC47}] => (Allow) C:\Users\Tomáš\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{674DD0E6-F986-4752-95EE-A6A1AE87FCEF}] => (Allow) C:\Users\Tomáš\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{DD3FC40A-FDDF-4520-8014-665EC71A4365}] => (Allow) C:\Users\Tomáš\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{7DA2E3C9-2E19-4F0E-AEA8-F9BA5DED5089}] => (Allow) C:\Users\Tomáš\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{4003890B-F37D-4891-BED2-4937C5642E52}] => (Allow) C:\Users\Tomáš\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B9531044-E747-4DB2-895B-1988E239ABA2}] => (Allow) C:\Users\Tomáš\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{49FC1675-A8FC-4F44-9E8F-2692471079B5}C:\hry\diablo ii\game.exe] => (Block) C:\hry\diablo ii\game.exe
FirewallRules: [UDP Query User{6BD7463B-3F51-4740-9913-C9E24818ADC8}C:\hry\diablo ii\game.exe] => (Block) C:\hry\diablo ii\game.exe
FirewallRules: [TCP Query User{72E0113F-1923-422E-8FD1-B196433EC755}C:\hry\diablo ii\game.exe] => (Block) C:\hry\diablo ii\game.exe
FirewallRules: [UDP Query User{8E9BBB27-384E-40F6-8BE1-C43B985C9C39}C:\hry\diablo ii\game.exe] => (Block) C:\hry\diablo ii\game.exe

==================== Restore Points =========================

25-04-2016 03:02:02 Windows Update
02-05-2016 17:13:47 Naplánovaný kontrolní bod
10-05-2016 21:37:54 Naplánovaný kontrolní bod
12-05-2016 13:07:02 Windows Update
22-05-2016 18:53:12 avast! antivirus system restore point
27-05-2016 00:19:33 Windows Update
31-05-2016 04:21:35 Windows Update
06-06-2016 04:35:02 Windows Update
06-06-2016 17:44:20 Instalace balíčku ovladače zařízení: Ross-Tech Řadiče USB (Universal Serial Bus)

==================== Faulty Device Manager Devices =============

Name: Síťový adaptér Ethernet
Description: Síťový adaptér Ethernet
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/06/2016 07:42:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IHR3040n.exe, verze: 1.0.0.1, časové razítko: 0x3e978d52
Název chybujícího modulu: kernel32.dll, verze: 6.1.7601.19135, časové razítko: 0x56a1c79d
Kód výjimky: 0xc0000005
Posun chyby: 0x00037fb6
ID chybujícího procesu: 0x98
Čas spuštění chybující aplikace: 0xIHR3040n.exe0
Cesta k chybující aplikaci: IHR3040n.exe1
Cesta k chybujícímu modulu: IHR3040n.exe2
ID zprávy: IHR3040n.exe3

Error: (06/06/2016 07:40:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IHR3040n.exe, verze: 1.0.0.1, časové razítko: 0x3e978d52
Název chybujícího modulu: kernel32.dll, verze: 6.1.7601.19135, časové razítko: 0x56a1c79d
Kód výjimky: 0xc0000005
Posun chyby: 0x00037fb6
ID chybujícího procesu: 0x1130
Čas spuštění chybující aplikace: 0xIHR3040n.exe0
Cesta k chybující aplikaci: IHR3040n.exe1
Cesta k chybujícímu modulu: IHR3040n.exe2
ID zprávy: IHR3040n.exe3

Error: (06/06/2016 07:16:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VagCom.exe, verze: 409.1.0.0, časové razítko: 0x4193fb13
Název chybujícího modulu: kernel32.dll, verze: 6.1.7601.19135, časové razítko: 0x56a1c79d
Kód výjimky: 0xc0000005
Posun chyby: 0x00037fb6
ID chybujícího procesu: 0x17a8
Čas spuštění chybující aplikace: 0xVagCom.exe0
Cesta k chybující aplikaci: VagCom.exe1
Cesta k chybujícímu modulu: VagCom.exe2
ID zprávy: VagCom.exe3

Error: (06/06/2016 07:14:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VagCom.exe, verze: 409.1.0.0, časové razítko: 0x4193fb13
Název chybujícího modulu: kernel32.dll, verze: 6.1.7601.19135, časové razítko: 0x56a1c79d
Kód výjimky: 0xc0000005
Posun chyby: 0x00037fb6
ID chybujícího procesu: 0xc04
Čas spuštění chybující aplikace: 0xVagCom.exe0
Cesta k chybující aplikaci: VagCom.exe1
Cesta k chybujícímu modulu: VagCom.exe2
ID zprávy: VagCom.exe3

Error: (06/06/2016 06:33:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VagCom.exe, verze: 409.1.0.0, časové razítko: 0x4193fb13
Název chybujícího modulu: kernel32.dll, verze: 6.1.7601.19135, časové razítko: 0x56a1c79d
Kód výjimky: 0xc0000005
Posun chyby: 0x00037fb6
ID chybujícího procesu: 0x13fc
Čas spuštění chybující aplikace: 0xVagCom.exe0
Cesta k chybující aplikaci: VagCom.exe1
Cesta k chybujícímu modulu: VagCom.exe2
ID zprávy: VagCom.exe3

Error: (06/06/2016 06:33:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VagCom.exe, verze: 409.1.0.0, časové razítko: 0x4193fb13
Název chybujícího modulu: kernel32.dll, verze: 6.1.7601.19135, časové razítko: 0x56a1c79d
Kód výjimky: 0xc0000005
Posun chyby: 0x00037fb6
ID chybujícího procesu: 0x13ec
Čas spuštění chybující aplikace: 0xVagCom.exe0
Cesta k chybující aplikaci: VagCom.exe1
Cesta k chybujícímu modulu: VagCom.exe2
ID zprávy: VagCom.exe3

Error: (06/06/2016 06:32:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VagCom.exe, verze: 409.1.0.0, časové razítko: 0x4193fb13
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19135, časové razítko: 0x56a1c6fa
Kód výjimky: 0xc0000005
Posun chyby: 0x0002e0f5
ID chybujícího procesu: 0x14a0
Čas spuštění chybující aplikace: 0xVagCom.exe0
Cesta k chybující aplikaci: VagCom.exe1
Cesta k chybujícímu modulu: VagCom.exe2
ID zprávy: VagCom.exe3

Error: (06/06/2016 04:44:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ScanMasterELM_2.1 CZ Aktualizace.exe, verze: 0.0.0.0, časové razítko: 0x50fd67e4
Název chybujícího modulu: ScanMasterELM_2.1 CZ Aktualizace.exe, verze: 0.0.0.0, časové razítko: 0x50fd67e4
Kód výjimky: 0xc0000005
Posun chyby: 0x00006dce
ID chybujícího procesu: 0x1314
Čas spuštění chybující aplikace: 0xScanMasterELM_2.1 CZ Aktualizace.exe0
Cesta k chybující aplikaci: ScanMasterELM_2.1 CZ Aktualizace.exe1
Cesta k chybujícímu modulu: ScanMasterELM_2.1 CZ Aktualizace.exe2
ID zprávy: ScanMasterELM_2.1 CZ Aktualizace.exe3

Error: (06/06/2016 05:21:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ScanMasterELM_2.1 CZ Aktualizace.exe, verze: 0.0.0.0, časové razítko: 0x50fd67e4
Název chybujícího modulu: ScanMasterELM_2.1 CZ Aktualizace.exe, verze: 0.0.0.0, časové razítko: 0x50fd67e4
Kód výjimky: 0xc0000005
Posun chyby: 0x00006dce
ID chybujícího procesu: 0x13b8
Čas spuštění chybující aplikace: 0xScanMasterELM_2.1 CZ Aktualizace.exe0
Cesta k chybující aplikaci: ScanMasterELM_2.1 CZ Aktualizace.exe1
Cesta k chybujícímu modulu: ScanMasterELM_2.1 CZ Aktualizace.exe2
ID zprávy: ScanMasterELM_2.1 CZ Aktualizace.exe3

Error: (06/06/2016 05:20:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ScanMasterELM_2.1 CZ Aktualizace.exe, verze: 0.0.0.0, časové razítko: 0x50fd67e4
Název chybujícího modulu: ScanMasterELM_2.1 CZ Aktualizace.exe, verze: 0.0.0.0, časové razítko: 0x50fd67e4
Kód výjimky: 0xc0000005
Posun chyby: 0x00006dce
ID chybujícího procesu: 0x139c
Čas spuštění chybující aplikace: 0xScanMasterELM_2.1 CZ Aktualizace.exe0
Cesta k chybující aplikaci: ScanMasterELM_2.1 CZ Aktualizace.exe1
Cesta k chybujícímu modulu: ScanMasterELM_2.1 CZ Aktualizace.exe2
ID zprávy: ScanMasterELM_2.1 CZ Aktualizace.exe3


System errors:
=============
Error: (06/06/2016 08:23:36 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR5.

Error: (06/06/2016 04:11:41 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby Netman bylo dosaženo časového limitu (30000 ms).

Error: (06/05/2016 09:55:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba atksgt neuspěla při spuštění v důsledku následující chyby: 
%%1275

Error: (06/05/2016 09:55:49 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Načtení ovladače atksgt.sys je blokováno.

Error: (06/05/2016 09:55:28 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (20:45:52, ‎5.‎6.‎2016) bylo neočekávané.

Error: (06/05/2016 06:30:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba atksgt neuspěla při spuštění v důsledku následující chyby: 
%%1275

Error: (06/05/2016 06:30:29 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Načtení ovladače atksgt.sys je blokováno.

Error: (06/02/2016 10:52:10 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (06/02/2016 07:42:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba atksgt neuspěla při spuštění v důsledku následující chyby: 
%%1275

Error: (06/02/2016 07:42:11 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Načtení ovladače atksgt.sys je blokováno.


CodeIntegrity:
===================================
  Date: 2015-03-23 13:44:41.904
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-23 13:44:39.189
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-06-08 09:06:45.371
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-06-08 09:06:45.151
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-06-08 09:04:03.632
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-06-08 09:04:03.362
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-06-08 07:49:10.628
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-06-08 07:49:10.408
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-06-07 21:44:52.135
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-06-07 21:44:51.850
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: AMD C-60 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 51%
Total physical RAM: 3818.9 MB
Available physical RAM: 1857.88 MB
Total Virtual: 9544.11 MB
Available Virtual: 7372.05 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:43 GB) NTFS
Drive i: () (Removable) (Total:14.42 GB) (Free:11.19 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 000E4534)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
 Could not read MBR for disk 2.

==================== End of Addition.txt ============================