﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Ondrej at 2015-03-27 16:39:12
Running from G:\!! Viry.cz !!
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 8.0 (Enabled - Out of date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Out of date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1086704486-2771090671-2040193798-1000\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
Adobe Reader XI (11.0.10) - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 16.18.9 (Version: 16.18.9 - NVIDIA Corporation) Hidden
AMD Catalyst Install Manager (HKLM\...\{1D1DCF8A-6961-F848-0DA0-5401969C44CE}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
ESET NOD32 Antivirus (HKLM\...\{0A550E73-F1EE-491C-B2D4-7AB832851AB2}) (Version: 8.0.304.1 - ESET, spol s r. o.)
Flvto Youtube Downloader (HKLM-x32\...\Flvto Youtube Downloader) (Version: 0.6.0 - Hotger)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
LibreOffice 4.4.0.3 (HKLM-x32\...\{8BEE1CDD-F95D-4759-952D-6B38DF99D1F0}) (Version: 4.4.0.3 - The Document Foundation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 sk) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 sk)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 (HKLM-x32\...\{76308844-456A-4D76-99CA-511F0DED1051}) (Version: 8.10.309 - Nero AG)
NVIDIA 3D Vision radič ovládača 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafický ovládač 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.25 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Ovládací panel NVIDIA 347.25 (Version: 347.25 - NVIDIA Corporation) Hidden
Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-1086704486-2771090671-2040193798-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

25-02-2015 22:20:33 Windows Update
02-03-2015 18:28:44 Operácia obnovovania
27-03-2015 16:09:01 Removed Skype Click to Call

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0F4B73A9-A180-45F2-B92A-03272D3452B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-08] (Google Inc.)
Task: {14A037E4-965E-44F4-8CEF-88E1E2CDBD0B} - System32\Tasks\OLHS => C:\Users\Ondrej\AppData\Roaming\OLHS.exe <==== ATTENTION
Task: {5C766115-8711-49D1-96A3-94790FD4B5B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-08] (Google Inc.)
Task: {724ABA04-BAA9-4761-9C05-AF0435B8A3A6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {C34AE6F9-4E3A-4847-8994-AD53975AAFBD} - System32\Tasks\GoogleUpdateTaskMachineUA1d043bf679302e4 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-08] (Google Inc.)
Task: {CBF262AD-9CAE-46A9-B9F9-82FE2F16C9AB} - System32\Tasks\{46EBABDE-8FB2-4672-A127-165AAB1AFFA6} => Firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.22.64.106&amp;LastError=404
Task: {FA2EBACC-4360-48FF-91FC-6F2EB20AB208} - System32\Tasks\CIUZJIT => C:\Users\Ondrej\AppData\Roaming\CIUZJIT.exe <==== ATTENTION
Task: C:\Windows\Tasks\CIUZJIT.job => C:\Users\Ondrej\AppData\Roaming\CIUZJIT.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d043bf679302e4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\OLHS.job => C:\Users\Ondrej\AppData\Roaming\OLHS.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) ==============

2015-02-04 06:20 - 2015-01-10 00:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-08-30 19:47 - 2013-08-30 19:47 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-22 14:41 - 2012-10-22 14:41 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-22 14:42 - 2012-10-22 14:42 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-02-12 18:44 - 2015-02-12 18:44 - 00410360 _____ () C:\Program Files (x86)\Reverse Page\bin\utilReversePage.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1086704486-2771090671-2040193798-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ondrej\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: Flvto Youtube Downloader => "D:\YT down\FlvtoYoutubeDownloader.exe" /minimize
MSCONFIG\startupreg: NBKeyScan => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: tsiVideo => C:\Windows\SysWOW64\rundll32.exe C:\Users\Ondrej\AppData\Local\Temp\\mdi264.dll,asdasd

==================== Accounts: =============================

Administrator (S-1-5-21-1086704486-2771090671-2040193798-500 - Administrator - Disabled)
Guest (S-1-5-21-1086704486-2771090671-2040193798-501 - Limited - Disabled)
Ondrej (S-1-5-21-1086704486-2771090671-2040193798-1000 - Administrator - Enabled) => C:\Users\Ondrej

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/27/2015 04:38:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/27/2015 04:27:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/27/2015 04:20:27 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (03/27/2015 04:20:27 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (03/27/2015 03:55:24 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Vyskytla sa nešpecifikovaná chyba počas obnovovania systému: (Operácia obnovovania). Ďalšie informácie: 0x80070005.

Error: (03/27/2015 03:55:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/27/2015 03:51:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/15/2015 06:45:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/09/2015 09:35:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/05/2015 01:54:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (03/27/2015 04:24:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (03/27/2015 04:24:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NMIndexingService sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (03/27/2015 04:24:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Util Reverse Page sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 5000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (03/27/2015 04:24:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Update Reverse Page sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 5000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (03/27/2015 04:24:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Network Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (03/27/2015 04:24:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Streamer Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (03/27/2015 04:24:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Nero BackItUp Scheduler 3 sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (03/27/2015 04:24:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA GeForce Experience Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (03/27/2015 04:24:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD FUEL Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (03/27/2015 04:24:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: AMD FX(tm)-6300 Six-Core Processor 
Percentage of memory in use: 33%
Total physical RAM: 4062.58 MB
Available physical RAM: 2700.29 MB
Total Pagefile: 8123.35 MB
Available Pagefile: 6674.4 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:58.5 GB) (Free:14.52 GB) NTFS
Drive d: () (Fixed) (Total:407.17 GB) (Free:333.24 GB) NTFS
Drive f: (ARCANIA - GOTHIC 4) (CDROM) (Total:7.91 GB) (Free:0 GB) UDF
Drive g: (VLADO) (Removable) (Total:14.72 GB) (Free:1.41 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 759B83BC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=58.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=407.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 14.7 GB) (Disk ID: F1A37298)
Partition 1: (Active) - (Size=14.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================