Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-07-2015
Ran by Uživatel at 2015-07-25 18:58:09
Running from C:\Users\Uživatel\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1584435170-2496586376-775780304-500 - Administrator - Disabled)
Guest (S-1-5-21-1584435170-2496586376-775780304-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1584435170-2496586376-775780304-1002 - Limited - Enabled)
Uživatel (S-1-5-21-1584435170-2496586376-775780304-1000 - Administrator - Enabled) => C:\Users\Uživatel
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1584435170-2496586376-775780304-1000\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Ashampoo WinOptimizer FREE v.1.0.0 (HKLM-x32\...\{4209F371-8668-980C-19C9-F8698AB75135}_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software)
Brothers In Arms (HKLM-x32\...\BrothersInArms) (Version: - Ubisoft)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-1584435170-2496586376-775780304-1000\...\Dropbox) (Version: 3.0.2 - Dropbox, Inc.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FilesFrog Update Checker (HKLM-x32\...\FilesFrog Update Checker) (Version: - ) <==== ATTENTION
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GamingWonderland Firefox Toolbar (HKLM-x32\...\GamingWonderlandbar Uninstall Firefox) (Version: - Mindspark Interactive Network) <==== ATTENTION
GamingWonderland Internet Explorer Toolbar (HKLM-x32\...\GamingWonderlandbar Uninstall Internet Explorer) (Version: 10.0 - Mindspark Interactive Network) <==== ATTENTION
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
IObit Toolbar v8.3 (HKLM-x32\...\{C2B52CD6-1031-4C90-BFDE-8F1C241D4292}) (Version: 8.3 - Spigot, Inc.) <==== ATTENTION
Java 7 Update 76 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217076FF}) (Version: 7.0.760 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (Czech) (HKLM-x32\...\{95120000-00AF-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1584435170-2496586376-775780304-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 cs)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6463 - Realtek Semiconductor Corp.)
SweetIM Bundle by SweetPacks (HKLM-x32\...\SweetIM Bundle by SweetPacks) (Version: 1.0.0.0 - SweetPacks LTD) <==== ATTENTION
SweetIM for Messenger 3.7 (x32 Version: 3.7.0007 - SweetIM Technologies Ltd.) Hidden <==== ATTENTION
SweetPacks Toolbar For Firefox 1.11.0.2 (x32 Version: - ) Hidden <==== ATTENTION
SweetPacks Updater (HKLM-x32\...\WNLT) (Version: 5.1.3.1 - ) <==== ATTENTION
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.5.2013.2 - URSoft, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1584435170-2496586376-775780304-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Uživatel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1584435170-2496586376-775780304-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Uživatel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1584435170-2496586376-775780304-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Uživatel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1584435170-2496586376-775780304-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Uživatel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1584435170-2496586376-775780304-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Uživatel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1584435170-2496586376-775780304-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uživatel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1584435170-2496586376-775780304-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uživatel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1584435170-2496586376-775780304-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uživatel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1584435170-2496586376-775780304-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uživatel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1584435170-2496586376-775780304-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uživatel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1584435170-2496586376-775780304-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uživatel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1584435170-2496586376-775780304-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uživatel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1584435170-2496586376-775780304-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Uživatel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
12-05-2015 13:19:15 Windows Update
13-05-2015 17:11:20 Windows Update
19-05-2015 18:50:38 Windows Update
20-05-2015 15:58:17 Windows Update
27-05-2015 18:40:04 Windows Update
02-06-2015 07:16:22 Windows Update
06-06-2015 18:34:13 Windows Update
06-06-2015 20:34:34 Windows Update
14-06-2015 10:57:04 Windows Update
14-06-2015 18:47:02 Windows Update
13-07-2015 07:23:01 Windows Update
23-07-2015 09:32:16 Windows Update
25-07-2015 13:41:07 Windows Update
25-07-2015 15:38:11 avast! antivirus system restore point
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0BF3406D-E1C8-48C0-B75E-9D464063E223} - System32\Tasks\{0B2F37B5-351E-49F1-A8F3-53AD47D5AF35} => pcalua.exe -a C:\Users\Uživatel\Downloads\GoogleEarthWin(2).exe -d C:\Users\Uživatel\Downloads
Task: {0F4FBBC7-1C16-4A37-B362-6071DCEF89F3} - System32\Tasks\{A20DD183-1284-47F9-9916-E7B58388A603} => E:\GTA San Andreas\GTA San Andreas\gta_sa.exe
Task: {110C7D88-23F0-4D47-BB6E-F8950F0DB4AF} - System32\Tasks\{A29352F7-EA43-4765-A01C-96310D4D4B09} => pcalua.exe -a "C:\Program Files (x86)\Ubisoft\Gearbox Software\BrothersInArms\System\Setup.exe" -c uninstall "BrothersInArms"
Task: {178584F7-1AF9-4727-9611-E854C470995C} - System32\Tasks\{29A277D4-9216-456C-8130-A186BEFF73F7} => pcalua.exe -a "D:\call of duty 2\DirectX\dxsetup.exe" -d "D:\call of duty 2\DirectX"
Task: {1C01E9BE-F5ED-499A-98EE-F3E6BB3E22DB} - System32\Tasks\{8CF58C9B-C0B2-4F57-9647-835B01F91FCC} => pcalua.exe -a "C:\Program Files (x86)\IObit\Advanced SystemCare 6\SecurityHole_Backup\KB2467173.exe" -d C:\Windows\system32 -c /quiet /norestart
Task: {20449A2D-BD39-43CD-B698-123DB1A25729} - System32\Tasks\{310391A6-CE75-4110-A77C-45A430B9B8D1} => C:\Program Files (x86)\City Interactive\Kobra 11 - Highway Nights\HighwayNights.exe [2010-04-26] (Synetic)
Task: {2954744D-F70D-46A8-BE0E-D7F7AB211D7F} - System32\Tasks\{C86D9F66-E0E0-41AB-8B19-80C025AC5860} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {51B10015-3DE0-40AA-8487-062C32E64980} - System32\Tasks\MetaCrawler => C:\Users\UIVATE~1\AppData\Roaming\METACR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {53371BF1-030E-44C9-A282-007F53EB1755} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{B9631E0A-31A0-4C4D-8208-FEEBBCDFEA15}.exe
Task: {5DCB5FBE-91AC-4B2C-838F-17D44C1D0E98} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1584435170-2496586376-775780304-1000
Task: {8B0D38C1-543C-41D7-B0C3-B3D3D8DEC4EF} - System32\Tasks\{12D77630-B818-4C3C-B787-F077E8057627} => C:\Games\World_of_Tanks\WOTLauncher.exe
Task: {9311DE78-3473-45CE-BD2F-831C047FBAA1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {960E8939-856B-48FC-869B-388C21F539C4} - System32\Tasks\{BC8E3C46-A236-4E50-A74E-AF9C482F38D2} => pcalua.exe -a C:\Users\Uživatel\Desktop\uninstall.exe -d C:\Users\Uživatel\Desktop
Task: {A74A75E9-0805-44FA-A27F-96302A9EF563} - System32\Tasks\avastBCLRestartS-1-5-21-1584435170-2496586376-775780304-1000 => Firefox.exe
Task: {BAC3A9C7-CF7C-4B84-A547-90239106481E} - System32\Tasks\{A35827D1-5D5A-4FAB-A5B2-C78B5BB848B6} => C:\Games\World_of_Tanks\WOTLauncher.exe
Task: {BB95EB46-259F-49E2-99D2-5C07F1E9E627} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-23] (Adobe Systems Incorporated)
Task: {C5499EEF-FC03-4675-A959-72E0A8A2C8BD} - System32\Tasks\{4C4F6258-8819-48D3-9AAC-A6DA17AC1142} => Chrome.exe
http://ui.skype.com/ui/0/6.14.59.104/cs ... rogressBar
Task: {D177B6AF-B816-4880-9717-1F56D8DC1B46} - System32\Tasks\{293BDE83-CB00-4479-A88A-0F54E49BF061} => C:\Games\World_of_Tanks\WOTLauncher.exe
Task: {D20FDDD4-E4AE-47EB-A6F6-35B69DD92E02} - System32\Tasks\{E5B67BAB-18A2-41AC-8CF2-FF4C2719EC89} => pcalua.exe -a C:\Users\Uživatel\AppData\Local\Temp\Temp2_gtasa.zip\gtasa120cz.exe
Task: {D6AB3ED5-79ED-451D-B62A-0A8B73D2197F} - System32\Tasks\{FC6E6A76-7645-4FE2-88AA-52A5DF0518F3} => pcalua.exe -a C:\Users\Uživatel\Desktop\google-earth_7.0.2.8415.exe -d C:\Users\Uživatel\Desktop
Task: {D98CE12A-EAF7-4B4A-8344-8FBCFDA29024} - System32\Tasks\{43EE3E9D-7ED0-4E5C-995A-52F688048E92} => Firefox.exe
http://ui.skype.com/ui/0/6.6.0.106/cs/a ... age=tsBing
Task: {DEF0FBE0-D57B-4E0B-A6C4-E636E6FB7A1A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1584435170-2496586376-775780304-1000Core => C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-19] (Facebook Inc.)
Task: {EEDC9008-B506-4C08-8FEB-6D29493213ED} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-25] (AVAST Software)
Task: {F09284BB-DA34-42CA-9440-4968F79D9477} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1584435170-2496586376-775780304-1000UA => C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-19] (Facebook Inc.)
Task: {F4510939-C4C5-4057-9E21-59A6F44606F2} - System32\Tasks\{9FBFDE00-7C46-43BE-962C-FAB28F41C8C5} => pcalua.exe -a C:\Users\Uživatel\Desktop\gtasa120cz.exe -d C:\Users\Uživatel\Desktop
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{B9631E0A-31A0-4C4D-8208-FEEBBCDFEA15}.exe <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1584435170-2496586376-775780304-1000Core.job => C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1584435170-2496586376-775780304-1000UA.job => C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\MetaCrawler.job => 0x0106010090A7AA0560250E468FCA9FE92FF217574600FE000000000044440000200000000014730F030007800013040000208021DF0707000600190012003100120070000000410043003A005C00550073006500720073005C005500490056004100540045007E0031005C0041007000700044006100740061005C0052006F0061006D0069006E0067005C004D00450054004100430052007E0031005C005500500044004100540045007E0031005C005500500044004100540045007E0031002E00450058004500000007002F0043006800650063006B0000000000090055007E01690076006100740065006C0000000000000008000000000000000000010030000000D207030007000000000000000C002100A00500003C0000000000000001000000010000000000000000000000
==================== Loaded Modules (Whitelisted) ==============
2015-06-01 19:28 - 2015-06-01 19:28 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-07-25 15:40 - 2015-07-25 15:40 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-25 15:40 - 2015-07-25 15:40 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-25 13:42 - 2015-07-25 13:42 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15072500\algo.dll
2015-07-25 15:41 - 2015-07-25 15:41 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-1584435170-2496586376-775780304-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1584435170-2496586376-775780304-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1584435170-2496586376-775780304-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1584435170-2496586376-775780304-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1584435170-2496586376-775780304-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1584435170-2496586376-775780304-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1584435170-2496586376-775780304-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1584435170-2496586376-775780304-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1584435170-2496586376-775780304-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1584435170-2496586376-775780304-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1584435170-2496586376-775780304-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1584435170-2496586376-775780304-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1584435170-2496586376-775780304-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1584435170-2496586376-775780304-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1584435170-2496586376-775780304-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1584435170-2496586376-775780304-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1584435170-2496586376-775780304-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1584435170-2496586376-775780304-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1584435170-2496586376-775780304-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1584435170-2496586376-775780304-1000\...\100sexlinks.com -> 100sexlinks.com
There are 4788 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1584435170-2496586376-775780304-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.169.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Uživatel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration Brothers In Arms.LNK => C:\Windows\pss\Registration Brothers In Arms.LNK.Startup
MSCONFIG\startupreg: 20131121 => C:\Program Files\AVAST Software\Avast\setup\emupdate\ac6b6f99-175e-423f-82aa-f44293e6a0cd.exe /check
MSCONFIG\startupreg: cz.seznam.software.autoupdate => "C:\Users\Uživatel\AppData\Roaming\Seznam.cz\szninstall.exe" -c
MSCONFIG\startupreg: cz.seznam.software.szndesktop => "C:\Users\Uživatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
MSCONFIG\startupreg: Facebook Update => "C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: GamingWonderland Home Page Guard 64 bit => "C:\PROGRA~2\GAMING~2\bar\1.bin\AppIntegrator64.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: Printsrv => c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: seznam-listicka-distribuce => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
MSCONFIG\startupreg: T-Mobile CManager => "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
MSCONFIG\startupreg: uTorrent => "C:\Users\Uživatel\AppData\Roaming\uTorrent\updates\3.4.2_37754.exe" /MINIMIZED
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F5886764-ADA5-42C6-B10C-9D3760E44545}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{A16CD5E1-41A3-44ED-8352-78303CCA3762}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{C4AE858F-B10F-4EB0-80B5-482356CBAF73}] => (Allow) LPort=8395
FirewallRules: [{5AD662D4-D7AE-4D27-84EC-828EF95F7CB9}] => (Allow) LPort=8395
FirewallRules: [{83A8515B-D93B-4B00-9C80-B381BE222BF7}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{9426C69B-AE85-4416-9A30-8747C81483CF}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [TCP Query User{672E4B99-7257-411E-A178-450B0C529E69}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{F80F806C-80B4-4B10-B190-70C1FDA04ECF}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{F8755A80-8411-41E3-BB79-A5BCB007D4F8}] => (Allow) C:\Users\Uživatel\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{D0AE7370-009D-4E00-AFDF-9BB5300114BE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{65975570-D68B-4E37-83F0-BBB3BBBB144B}] => (Allow) LPort=2869
FirewallRules: [{83764DC6-1CB0-48AE-A4D9-C5775C652D70}] => (Allow) LPort=1900
FirewallRules: [{73BF253B-E449-42A9-B8CD-EA1C54232F24}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{32E44D59-09A5-403C-AEC7-2D07BE17A0DA}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{984997B4-6D38-4BA9-8094-D66C7CC420D7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{FB57C56D-6875-4D78-A5F6-4175835E332F}C:\users\uživatel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\uživatel\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{70F79EFE-B7A9-452A-A18E-42B3D5279C2E}C:\users\uživatel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\uživatel\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{07EB0CC2-24A4-4680-A738-6838CF99F8A2}] => (Allow) C:\Users\Uživatel\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{889992AD-651F-4496-8B25-7DDD8C84C0FB}] => (Allow) C:\Users\Uživatel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{2C22C7B6-2CDA-4EB9-ABAD-565B75CD1CFE}] => (Allow) C:\Users\Uživatel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{94A003CB-5D7B-4CFA-80AA-49CA376B108B}C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.2_35702.exe] => (Block) C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.2_35702.exe
FirewallRules: [UDP Query User{9AB66D4B-160A-45F6-992D-54DEE7BEC72D}C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.2_35702.exe] => (Block) C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.2_35702.exe
FirewallRules: [TCP Query User{98495497-BFBD-49EB-8AD0-2FB34E0F4595}C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.2_35702.exe] => (Block) C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.2_35702.exe
FirewallRules: [UDP Query User{F6DC3729-40AC-4FD9-99C1-657D61075B5A}C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.2_35702.exe] => (Block) C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.2_35702.exe
FirewallRules: [TCP Query User{2FADC666-3801-41F2-A4A8-2F0DA077C213}C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.2_37754.exe] => (Block) C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.2_37754.exe
FirewallRules: [UDP Query User{3A38F3BD-FA73-486C-AE2A-734A5502CC8C}C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.2_37754.exe] => (Block) C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.2_37754.exe
FirewallRules: [TCP Query User{615EDA55-5468-4FFA-B255-5D1FE0C51897}C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.2_37754.exe] => (Block) C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.2_37754.exe
FirewallRules: [UDP Query User{F9284662-C9BC-4B10-B370-14E6F53B4DA3}C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.2_37754.exe] => (Block) C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.2_37754.exe
FirewallRules: [{637A5FE9-3BAB-4ACF-9F22-9E692DBB6EC3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{46BAEB6D-B285-4162-B185-0153F5C125F6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{90E9CF1F-F88E-4BAE-94B8-41945F4E7169}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E3FD4102-DEC2-4EC0-86C7-80F0CBE3030E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/25/2015 03:49:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program CCleaner64.exe verze 5.7.0.5261 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: e30
Čas spuštění: 01d0c6e06451fc5b
Čas ukončení: 234
Cesta k aplikaci: C:\Program Files\CCleaner\CCleaner64.exe
ID hlášení: e32f56de-32d3-11e5-bc96-80c16edf4170
Error: (07/25/2015 02:23:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.1.7601.17567 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 68c
Čas spuštění: 01d0c6d483bd2f9a
Čas ukončení: 92
Cesta k aplikaci: C:\Windows\Explorer.EXE
ID hlášení: ea1f2221-32c7-11e5-aeea-80c16edf4170
Error: (07/25/2015 01:57:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: Hodnota řetězce vysvětlujícího textu čítače výkonu v registru je nesprávně naformátovaná. Chybně vytvořený řetězec je . První hodnota DWORD v datové oblasti obsahuje hodnotu indexu chybně vytvořeného řetězce, zatímco druhá a třetí hodnota DWORD v datové oblasti obsahují poslední platné hodnoty indexu.
Error: (07/25/2015 01:56:33 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: Hodnota řetězce vysvětlujícího textu čítače výkonu v registru je nesprávně naformátovaná. Chybně vytvořený řetězec je . První hodnota DWORD v datové oblasti obsahuje hodnotu indexu chybně vytvořeného řetězce, zatímco druhá a třetí hodnota DWORD v datové oblasti obsahují poslední platné hodnoty indexu.
Error: (07/25/2015 01:38:46 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.
Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
Error: (07/25/2015 01:38:46 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.
Kontext: aplikace Windows
Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
Error: (07/25/2015 01:38:46 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.
Kontext: aplikace Windows, katalog SystemIndex
Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
Error: (07/25/2015 01:38:46 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.
Kontext: aplikace Windows, katalog SystemIndex
Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)
Error: (07/25/2015 01:38:44 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.
Kontext: aplikace Windows, katalog SystemIndex
Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
Error: (07/25/2015 01:38:44 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.
Kontext: aplikace Windows, katalog SystemIndex
Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)
System errors:
=============
Error: (07/25/2015 03:54:41 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:52:56, 25.7.2015) bylo neočekávané.
Error: (07/25/2015 03:06:30 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:04:20, 25.7.2015) bylo neočekávané.
Error: (07/25/2015 02:59:41 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (14:58:12, 25.7.2015) bylo neočekávané.
Error: (07/25/2015 02:38:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (14:36:35, 25.7.2015) bylo neočekávané.
Error: (07/25/2015 02:21:51 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (14:19:06, 25.7.2015) bylo neočekávané.
Error: (07/25/2015 01:57:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WMI Performance Adapter byla ukončena s následující chybou:
%%-2147467259
Error: (07/25/2015 01:56:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WMI Performance Adapter byla ukončena s následující chybou:
%%-2147467259
Error: (07/25/2015 01:51:05 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {BEBA2AA5-B5A7-4DD3-9AD6-43B24CDD3B7D}
Error: (07/25/2015 01:38:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (07/25/2015 01:38:46 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.
Microsoft Office:
=========================
CodeIntegrity Error:
===================================
Date: 2013-04-04 16:12:39.059
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\UIVATE~1\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-04-04 16:12:39.028
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\UIVATE~1\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-04-04 16:12:38.747
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-04-04 16:12:38.732
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU G630 @ 2.70GHz
Percentage of memory in use: 63%
Total physical RAM: 1952.83 MB
Available physical RAM: 705.36 MB
Total Virtual: 3905.66 MB
Available Virtual: 2278.71 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:386.89 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4A648E7F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of log ============================
