﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2014 01
Ran by JCMEDIA at 2014-11-24 20:01:08
Running from C:\Users\JCMEDIA\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET personal firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.28 - GIGABYTE)
µTorrent (HKU\S-1-5-21-1475959662-3361656365-1343682757-1000\...\uTorrent) (Version: 3.4.2.31536 - BitTorrent Inc.)
Aktualizácie NVIDIA 1.12.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.12.12 - NVIDIA Corporation)
AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B12.0206.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Easy Tune 6 B12.1121.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B12.1121.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
ESET Smart Security (HKLM\...\{84CDA377-508A-41CC-B428-B4D02A060282}) (Version: 7.0.317.4 - ESET, spol s r. o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.65 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Middle Earth Shadow of Mordor (HKLM-x32\...\Middle Earth Shadow of Mordor_is1) (Version:  - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision radič ovládača 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.22 - NVIDIA Corporation)
NVIDIA Grafický ovládač 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.22 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 314.22 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.23.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.23.1 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Ovládací panel NVIDIA 314.22 (Version: 314.22 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.18.9.4384 - Enigma Software Group, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
WinRAR 5.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
XnView 2.25 (HKLM-x32\...\XnView_is1) (Version: 2.25 - Gougelet Pierre-e)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

20-11-2014 08:04:59 Windows Update
24-11-2014 14:13:01 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
24-11-2014 14:14:12 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
24-11-2014 17:28:19 Installed SpyHunter

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-08-24 17:17 - 00000768 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {757378DF-8CEA-4F7A-A497-564AA3BEC1C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {99E023E6-C47F-4625-B7D8-21B502C90687} - System32\Tasks\FRAPS => C:\Fraps\fraps.exe
Task: {B67749E1-E9D6-4511-AB29-155E07863F01} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {D7CBCFFD-89B4-4511-BE4C-7A00C8912C18} - System32\Tasks\{7C33429E-6ABE-4515-A121-16A7338918BF} => Chrome.exe http://ui.skype.com/ui/0/6.18.60.106/sk/abandoninstall?page=tsPlugin
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-07-30 08:45 - 2013-03-15 05:16 - 00086304 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-07-30 08:34 - 2012-07-18 10:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-11-21 18:09 - 2014-11-14 22:15 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\libglesv2.dll
2014-11-21 18:09 - 2014-11-14 22:15 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\libegl.dll
2014-11-21 18:09 - 2014-11-14 22:15 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\pdf.dll
2014-11-21 18:09 - 2014-11-14 22:15 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-1475959662-3361656365-1343682757-500 - Administrator - Disabled)
Guest (S-1-5-21-1475959662-3361656365-1343682757-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1475959662-3361656365-1343682757-1003 - Limited - Enabled)
JCMEDIA (S-1-5-21-1475959662-3361656365-1343682757-1000 - Administrator - Enabled) => C:\Users\JCMEDIA
UpdatusUser (S-1-5-21-1475959662-3361656365-1343682757-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/24/2014 05:38:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (11/24/2014 05:38:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (11/24/2014 05:35:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/24/2014 03:25:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: ShadowOfMordor.exe, verzia: 1.0.1636.20, časová značka: 0x541a5ec4
Názov chybového modulu: nvwgf2umx.dll, verzia: 9.18.13.1422, časová značka: 0x51427a68
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000086cbdf
Identifikácia chybného procesu: 0xa40
Čas spustenia chybnej aplikácie: 0xShadowOfMordor.exe0
Cesta chybnej aplikácie: ShadowOfMordor.exe1
Cesta chybného modulu: ShadowOfMordor.exe2
Identifikácia hlásenia: ShadowOfMordor.exe3

Error: (11/24/2014 03:22:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (11/24/2014 03:22:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (11/24/2014 03:18:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/24/2014 03:11:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Frozen Throne.exe version 1.5.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: c10

Start Time: 01d007f080d2e034

Termination Time: 0

Application Path: C:\Users\JCMEDIA\Desktop\Warcraft-3-+-Frozen-Throne-CZ-Full-Patched-1.26\Warcraft 3 + Frozen Throne CZ Full Patched 1.26\Warcraft III\Frozen Throne.exe

Report Id: cae8f959-73e3-11e4-8a15-94de806e1fa5

Error: (11/24/2014 11:02:01 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (11/24/2014 11:02:00 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.


System errors:
=============
Error: (11/24/2014 05:33:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby LiveUpdate zlyhalo kvôli nasledujúcej chybe: 
%%2

Error: (11/24/2014 11:03:06 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update sa pri spustení zablokovala.

Error: (11/23/2014 05:55:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Advanced SystemCare Service 7 sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (11/22/2014 06:02:06 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}

Error: (11/22/2014 01:33:54 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}

Error: (11/20/2014 02:03:02 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}

Error: (11/15/2014 02:43:12 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {EA022610-0748-4C24-B229-6C507EBDFDBB}

Error: (11/14/2014 09:51:33 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}

Error: (11/13/2014 11:25:33 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 23:24:08 on ‎13. ‎11. ‎2014 was unexpected.

Error: (11/07/2014 07:36:58 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}


Microsoft Office Sessions:
=========================
Error: (11/24/2014 05:38:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 01B8020000002D010000

Error: (11/24/2014 05:38:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 01B120200000000000000AF000000

Error: (11/24/2014 05:35:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/24/2014 03:25:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ShadowOfMordor.exe1.0.1636.20541a5ec4nvwgf2umx.dll9.18.13.142251427a68c0000005000000000086cbdfa4001d007f2698b6610C:\Program Files (x86)\Middle Earth Shadow of Mordor\x64\ShadowOfMordor.exeC:\Windows\system32\nvwgf2umx.dllca6814f4-73e5-11e4-baf3-94de806e1fa5

Error: (11/24/2014 03:22:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 01B8020000002D010000

Error: (11/24/2014 03:22:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 01B120200000000000000AF000000

Error: (11/24/2014 03:18:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/24/2014 03:11:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Frozen Throne.exe1.5.0.0c1001d007f080d2e0340C:\Users\JCMEDIA\Desktop\Warcraft-3-+-Frozen-Throne-CZ-Full-Patched-1.26\Warcraft 3 + Frozen Throne CZ Full Patched 1.26\Warcraft III\Frozen Throne.execae8f959-73e3-11e4-8a15-94de806e1fa5

Error: (11/24/2014 11:02:01 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 01B8020000002D010000

Error: (11/24/2014 11:02:00 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 01B120200000000000000AF000000


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 28%
Total physical RAM: 8137.73 MB
Available physical RAM: 5841.69 MB
Total Pagefile: 16273.65 MB
Available Pagefile: 13790.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.51 GB) (Free:796.97 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7397D944)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 9FF633C6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

==================== End Of Log ============================