Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-09-2016 Ran by Zuzka (28-09-2016 15:00:00) Running from C:\Users\Zuzka\Downloads Microsoft Windows 7 Starter Service Pack 1 (X86) (2014-05-18 13:42:16) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2978567687-4275224139-954450255-500 - Administrator - Disabled) Guest (S-1-5-21-2978567687-4275224139-954450255-501 - Limited - Disabled) Zuzka (S-1-5-21-2978567687-4275224139-954450255-1000 - Administrator - Enabled) => C:\Users\Zuzka ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.) Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.2.152.32 - Adobe Systems Incorporated) Adobe Reader 9.1 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated) ASUS WebStorage (HKLM\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.) AsusScreensaver (HKLM\...\{99E77016-BCF2-48C8-9119-43ECF5815F65}) (Version: 1.05 - AsusTek Computer Inc.) ASUSUpdate for Eee PC (HKLM\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 1.06.03 - ASUSTeK Computer Inc.) AsusVibe2.0 (HKLM\...\Asus Vibe2.0) (Version: 2.0.9.157 - ASUSTEK) Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.) Broadcom Wireless Network Adapter (HKLM\...\{4FCBCF89-1823-4D97-A6F2-0E8DD66E273A}) (Version: 1.00.0000 - AzureWave) CapsHook (HKLM\...\{4B5092B6-F231-4D18-83BC-2618B729CA45}) (Version: 1.0.0.7 - AsusTek Computer) CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform) CyberLink PowerRecover (HKLM\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.6.1622 - CyberLink Corp.) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden E-Cam (HKLM\...\{185AFA7A-F63E-450B-94AA-011CAC18090E}) (Version: 2.0.3.0 - AzureWave) Eee Docking 3.8.3 (HKLM\...\Eee Docking_is1) (Version: 3.8.3 - ASUSTek Computer Inc.) ExpressGateCloud (HKLM\...\InstallShield_{36B0DC39-3282-40EB-8587-B875CE46C3A7}) (Version: 2.7.29.198 - VideACE Co.) ExpressGateCloud (Version: 2.7.29.198 - VideACE Co.) Hidden FontResizer (HKLM\...\InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}) (Version: 1.01.0011 - ASUSTek) FontResizer (Version: 1.01.0011 - ASUSTek) Hidden Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation) Galeria fotografii usługi Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKLM\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.) Google Update Helper (Version: 1.3.21.169 - Google Inc.) Hidden Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden Hotkey Service (HKLM\...\{71C0E38E-09F2-4386-9977-404D4F6640CD}) (Version: 1.38 - AsusTek Computer Inc.) InstantOn (HKLM\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.0.0 - ASUS) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.2364 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.4.1002 - Intel Corporation) Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden LiveUpdate (HKLM\...\{38E5A3B1-ADF1-47E0-8024-76310A30EB36}) (Version: 1.28 - AsusTek Computer Inc.) Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation) Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation) Poczta usługi Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Ralink RT2860 Wireless LAN Card (HKLM\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.1.0 - Ralink) SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - ) Super Hybrid Engine (HKLM\...\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}) (Version: 2.17 - AsusTek Computer) syncables desktop SE (HKLM\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables) Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {39D378D1-783E-4CC8-AD1E-4B44A5351AC7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-29] (Google Inc.) Task: {78EED6D5-DE3D-41D9-B1CC-EF6A992001BA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd) Task: {95159D71-1C92-4CD8-9AC7-4941072454F1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe Task: {B4702D96-E6DA-4461-BB13-7C80502DA14D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-29] (Google Inc.) Task: {DC608725-F72A-4DBD-B354-A6E8B1CB28FB} - System32\Tasks\InsOnWMI => C:\Program Files\Common Files\InstantOn\InsOnWMI.exe [2011-04-12] (ASUS) Task: {F6C83B03-B2BB-433F-A28D-36BF5D265B81} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2011-04-30 03:19 - 2011-03-04 01:33 - 00224680 _____ () C:\windows\system32\AsusService.exe 2011-01-13 01:22 - 2011-01-13 01:22 - 00091464 _____ () C:\ExpressGateUtil\VAWinService.exe 2010-12-25 03:51 - 2010-12-25 03:51 - 00157000 _____ () C:\ExpressGateUtil\libexpat.dll 2011-01-04 02:08 - 2011-01-04 02:08 - 00061768 _____ () C:\ExpressGateUtil\netProfileDatabase.DLL 2010-09-02 13:08 - 2010-09-02 13:08 - 00118784 _____ () C:\Program Files\Asus\ASUS WebStorage\3.0.108.222\AsusWSShellExt.dll 2011-03-24 05:33 - 2011-03-24 05:33 - 00045448 _____ () C:\ExpressGateUtil\VAWinAgent.exe 2011-03-11 03:05 - 2011-03-11 03:05 - 00181664 _____ () C:\Program Files\Asus\LiveUpdate\Parser.dll 2016-09-21 21:40 - 2016-09-06 12:00 - 05197312 _____ () C:\Users\Zuzka\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll 2016-09-21 21:40 - 2016-09-06 12:00 - 00147456 _____ () C:\Users\Zuzka\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:04 - 2016-09-27 11:08 - 00000841 ____A C:\windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2978567687-4275224139-954450255-1000\Control Panel\Desktop\\Wallpaper -> %windir%\web\wallpaper\windows\img0.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\startupreg: Eee Docking => C:\Program Files\ASUS\Eee Docking\Eee Docking.exe autorun ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{9E347E69-2F34-460F-95E4-EDB5C0F589D5}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe FirewallRules: [{5BA3DCE5-D09F-4F46-A126-CF70A5710AED}] => (Allow) LPort=2869 FirewallRules: [{721C6277-BA36-4FEE-9DD7-60D859219D17}] => (Allow) LPort=1900 FirewallRules: [{A62C7B2E-9279-4CE7-A531-AAAC8C09FC83}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{A94B0FF9-66D6-4D2C-9453-8D75286A024D}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe FirewallRules: [{15BE2902-AAD5-49DB-9ADB-821A8720D7CF}] => (Allow) LPort=5353 FirewallRules: [{726224FF-487C-461D-ADD0-F5AE0DA8881E}] => (Allow) LPort=8182 FirewallRules: [{46F18146-1552-427F-A840-FBD34D87C64C}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{32AB94C7-9491-49FB-B201-91A76949FA5B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 23-07-2013 20:26:41 Nainstalováno rozhraní DirectX 23-06-2015 21:30:18 Sony PC Companion 20-07-2015 18:51:06 avast! antivirus system restore point 20-07-2015 19:02:17 Windows Update 22-10-2015 19:44:57 avast! antivirus system restore point 21-09-2016 20:01:09 avast! antivirus system restore point 27-09-2016 10:59:47 JRT Pre-Junkware Removal 27-09-2016 11:06:57 zoek.exe restore point ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Error: (09/28/2016 02:17:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo: cdrom ==================== Memory info =========================== Processor: Intel(R) Atom(TM) CPU N570 @ 1.66GHz Percentage of memory in use: 86% Total physical RAM: 1014.12 MB Available physical RAM: 140.64 MB Total Virtual: 2582.12 MB Available Virtual: 939.51 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:100 GB) (Free:52.55 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:183.07 GB) (Free:182.53 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: AE9B0ED5) Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=15 GB) - (Type=1B) Partition 3: (Not Active) - (Size=183.1 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=16 MB) - (Type=EF) ==================== End of Addition.txt ============================