﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-04-2015
Ran by Admin at 2015-04-13 19:37:11
Running from C:\Users\Admin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Total Security (Disabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Disabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Comodo Defense+ (Enabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
FW: COMODO Firewall (Enabled) {C8870897-C358-086B-2944-184866CC6D0A}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\uTorrent) (Version: 3.4.2.39744 - BitTorrent Inc.)
360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 6.2.0.1027 - 360 Security Center)
3DMark (HKLM-x32\...\{66847f67-7331-422f-bc6c-d961c453d7df}) (Version: 1.5.884.0 - Futuremark)
3DMark (Version: 1.5.884.0 - Futuremark) Hidden
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Application Compatibility Toolkit (Version: 8.100.26641 - Microsoft) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Assessments on Client (x32 Version: 8.100.26866 - Microsoft) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
COMODO Firewall (HKLM\...\{68BE8BAB-5375-4C99-9116-1808F5968D40}) (Version: 8.1.0.4426 - COMODO Security Solutions Inc.)
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Crysis 3 v1.0.0.1 (HKLM-x32\...\Crysis 3_is1) (Version:  - )
Dying Light ver. 1.4.0.0 (HKLM-x32\...\{90098008-07WS-70NM-44T5-66JH8S9876UY}_is1) (Version: 1.4.0.0 - Warner Bros. Interactive Entertainment)
Fallout 3 (HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.7.0.3 - Bethesda Softworks)
Far Cry 4 (HKLM-x32\...\Far Cry 4_is1) (Version: 1.4.0 - Ubisoft)
Futuremark SystemInfo (HKLM-x32\...\{79659071-4B68-4EC8-833C-49C97B68FCD0}) (Version: 4.36.512.0 - Futuremark)
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto: Episodes From Liberty City (HKLM-x32\...\{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}) (Version: 1.1.0.0 - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.1 - IObit)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
KeePass Password Safe 2.29 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.29 - Dominik Reichl)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version:  - Tripwire Interactive)
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware verze 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
MegaDownloader 1.1 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.1 - Andres_age)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (HKLM-x32\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM-x32\...\{CEA86648-87FA-4775-8F3B-A57F720BAE85}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.0.2100.60 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 cs)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 13.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PWGen 2.5.4 (HKLM-x32\...\{8A5E6B59-2804-4677-8A5F-DEBC218CE4E0}_is1) (Version:  - Christian Thoeing)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7050 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Serious Sam 2 (HKLM-x32\...\SeriousSam2) (Version:  - )
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version:  - Croteam)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.0 - IObit)
SQL Server 2012 Common Files (x32 Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (x32 Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (x32 Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.0.2100.60 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (x32 Version: 11.0.2100.60 - Microsoft Corporation) Hidden
Stalker Call Of Pripyat 1.6.02 (HKLM-x32\...\Stalker Call Of Pripyat 1.6.02) (Version: 1.6.02 - Monster_CZ)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Telegram Desktop version 0.8.3 (HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.8.3 - Telegram Messenger LLP)
Toolkit Documentation (x32 Version: 8.100.26866 - Microsoft) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
User State Migration Tool (x32 Version: 8.100.25984 - Microsoft) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Volume Activation Management Tool (x32 Version: 8.100.26629 - Microsoft) Hidden
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Watch_Dogs (HKLM-x32\...\{9L5FE86L-0D8I-4HJ7-HKY5-DRTKE3G6QG2X}_is1) (Version: 1.05.324 - Ubisoft)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WPT Redistributables (x32 Version: 8.100.26866 - Microsoft) Hidden
WPTx64 (x32 Version: 8.100.26837 - Microsoft) Hidden
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.9 - ZONER software)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

03-04-2015 02:47:35 Naplánovaný kontrolní bod
04-04-2015 21:36:18 Installed Rockstar Games Social Club
04-04-2015 21:56:17 Installed Grand Theft Auto IV
04-04-2015 22:53:15 Installed Grand Theft Auto IV
04-04-2015 23:50:17 Installed Grand Theft Auto IV
05-04-2015 00:45:12 Removed COMODO Firewall
05-04-2015 02:06:26 Installed Grand Theft Auto: Episodes from Liberty City
05-04-2015 13:58:37 Installing COMODO Firewall
07-04-2015 23:59:32 SlimDrivers Installing Drivers
11-04-2015 01:25:09 3DMark
11-04-2015 01:26:48 Nainstalováno rozhraní DirectX
11-04-2015 18:39:28 Nainstalováno rozhraní DirectX
11-04-2015 18:42:01 Instalováno Fallout 3
11-04-2015 18:47:07 IObit Uninstaller restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03671ABE-B5F5-434A-B3E7-124C830DDF3D} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-03-03] (IObit)
Task: {2A6E2398-E6A4-45FB-9827-8873B35EB423} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2015-03-28] (Microsoft Corporation)
Task: {3C06250B-4C24-4275-A3FA-7A575DAB8379} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-04-02] (Microsoft Corporation)
Task: {3D6CF6D4-6131-467E-B856-6A6F4EC288A7} - System32\Tasks\Uninstaller_SkipUac_Admin => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-03-23] (IObit)
Task: {49369EB7-54ED-47FE-AF57-9A18B2744EC5} - System32\Tasks\adobe flash player updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-23] (Adobe Systems Incorporated)
Task: {57575DEF-5D33-4CCF-9375-FDDBF3820504} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-04-02] (Microsoft Corporation)
Task: {579782AA-1E45-471B-A9AF-0E6B4B60EC1A} - System32\Tasks\{75DF3B3D-7AF8-4DEE-BF0F-656A1D4C53F2} => pcalua.exe -a C:\Users\Admin\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveSetup.exe -c  /uninstall
Task: {91E282E9-65EA-445E-A25D-43776F1AE7AF} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-01-30] (COMODO)
Task: {92045A77-1CDF-4723-A71D-C584F466C374} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-01-30] (COMODO)
Task: {98BDA5CF-4F19-4E0A-9EAF-59F1136180AA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2015-03-28] (Microsoft Corporation)
Task: {AFEA780F-B929-400D-813B-12890180C711} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-03-27] (Microsoft Corporation)
Task: {B8767E18-18B2-4CE7-A598-113BD4675B85} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2015-03-28] (Microsoft Corporation)
Task: {DA6EA65A-9292-4700-87D2-5C7AAAC70751} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-04-02] (Microsoft Corporation)
Task: {DAF70C82-7129-4B5D-B5BE-19451C8AFA69} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-01-30] (COMODO)
Task: {EC377211-1EBB-47FD-AC9A-7570CA601729} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-04-02] (Microsoft Corporation)
Task: {F1266AB4-BA42-4E81-A579-8A5AC42FCED4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Admin.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Loaded Modules (whitelisted) ==============

2015-03-23 23:57 - 2015-04-02 15:43 - 00819824 _____ () C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
2014-07-04 22:33 - 2014-07-04 22:33 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 07:59 - 2013-07-26 07:59 - 00814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 07:59 - 2013-07-26 07:59 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-03-23 23:57 - 2015-04-02 15:43 - 01222768 _____ () C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
2015-03-23 23:57 - 2015-04-02 15:43 - 00548464 _____ () C:\Program Files (x86)\360\Total Security\safemon\wdui2.dll
2014-01-21 17:54 - 2015-03-24 22:05 - 01294336 _____ () C:\Hry\League of Legends\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2015-04-09 13:45 - 2015-04-09 13:45 - 02324472 _____ () C:\Hry\League of Legends\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.243\deploy\LoLLauncher.exe
2015-04-09 13:46 - 2015-04-09 13:46 - 03800568 _____ () C:\Hry\League of Legends\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.27\deploy\LoLPatcher.exe
2015-04-09 13:46 - 2015-04-09 13:46 - 01672184 _____ () C:\Hry\League of Legends\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.27\deploy\RiotLauncher.dll
2015-04-09 13:46 - 2015-04-09 13:46 - 03361272 _____ () C:\Hry\League of Legends\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.27\deploy\LoLPatcherUx.exe
2015-04-09 13:46 - 2015-04-09 13:46 - 43374072 _____ () C:\Hry\League of Legends\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.27\deploy\libcef.dll
2015-04-09 13:46 - 2015-04-09 13:46 - 01571832 _____ () C:\Hry\League of Legends\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.27\deploy\icui18n.dll
2015-04-09 13:46 - 2015-04-09 13:46 - 05088760 _____ () C:\Hry\League of Legends\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.27\deploy\v8.dll
2015-04-09 13:46 - 2015-04-09 13:46 - 01253880 _____ () C:\Hry\League of Legends\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.27\deploy\icuuc.dll
2015-04-09 13:46 - 2015-04-09 13:46 - 01760760 _____ () C:\Hry\League of Legends\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.27\deploy\RiotRadsIO.dll
2015-04-09 13:46 - 2015-04-09 13:46 - 01775096 _____ () C:\Hry\League of Legends\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.27\deploy\libglesv2.dll
2015-04-09 13:46 - 2015-04-09 13:46 - 00171512 _____ () C:\Hry\League of Legends\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.27\deploy\libegl.dll
2015-04-09 13:46 - 2015-04-09 13:46 - 01056248 _____ () C:\Hry\League of Legends\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.27\deploy\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\acmigration.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\aeinv.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\aepdu.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\aepic.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\appdrvrem01.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\appraiser.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\devinv.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\generaltel.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\hpotscl1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\hpovst01.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\hpowiav1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\hppldcoi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\HPZLLLHN.DLL:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\invagent.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\msctf.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\PortChanger.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\TsWpfWrp.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msctf.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\TsWpfWrp.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Dot4.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Dot4Prt.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Dot4usb.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SWDUMon.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbscan.sys:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\11002723_771666086243217_2043816741_o.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\1232224774GV_savedata_db_m65.rar:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\1232224774GV_savedata_db_m65.rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\adksetup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\adksetup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\autopsy-3.1.2-64bit.msi:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\autopsy-3.1.2-64bit.msi:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\AutoRun.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\AutoRun.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\AutoRun.ico:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\AutoRun.inf:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\avidemux_2.6.8_win64_v2.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\avidemux_2.6.8_win64_v2.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\ccsetup504.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\ccsetup504.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\cfw_installer_6106_53.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\cfw_installer_6106_53.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\Crysis.3.Update.v1.1.INTERNAL-RELOADED.rar:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\Crysis.3.Update.v1.1.INTERNAL-RELOADED.rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\dban-2.2.8_i586.iso:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\dban-2.2.8_i586.iso:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\derren brown - magie a manipulace mysli.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\derren.brown.mind.control.(2000).ell.1cd.(148402).zip:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\derren.brown.mind.control.(2000).ell.1cd.(148402).zip:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\Detection.msi:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\Detection.msi:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\driver_booster_setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\driver_booster_setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\EFLC Cesitna-CSP-Gta-cz.rar:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\EFLC Cesitna-CSP-Gta-cz.rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\FRST64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\FRST64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\G1976.rar:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\G1976.rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\gbooks.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\gbooks.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\Google Books Downloader Lite.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\Google Books Downloader Lite.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\GTA 4 cestina 2.0-gta-cz.rar:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\GTA 4 cestina 2.0-gta-cz.rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\GTA-IV-patch-+-crack-1.0.7.0-by-KillerDanda(1).rar:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\GTA-IV-patch-+-crack-1.0.7.0-by-KillerDanda(1).rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\GTA-IV-patch-+-crack-1.0.7.0-by-KillerDanda.rar:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\GTA-IV-patch-+-crack-1.0.7.0-by-KillerDanda.rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\gta4eflc update 1120.rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\GTAIVsaveWIN7_by zao.rar:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\GTAIVsaveWIN7_by zao.rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\harddriverecoveryutility-windows.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\harddriverecoveryutility-windows.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\Hirens.BootCD.15.2(1).zip:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\Hirens.BootCD.15.2(1).zip:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\IDEOLOGIE.docx:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\IDEOLOGIE.docx:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\jxpiinstall.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\KB3AIK_EN.iso:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\KB3AIK_EN.iso:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\KeePass-2.28-Setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\KeePass-2.28-Setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\KeePass-2.29-Setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\KeePass-2.29-Setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\MegaDownloader_v1.1.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\MegaDownloader_v1.1.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\mhdd32ver4.5iso.zip:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\mhdd32ver4.5iso.zip:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\MobaLiveCD_v2.1.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\MobaLiveCD_v2.1.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\P1190002.JPG:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\P1190014.JPG:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\Setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\Setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\Tajemná komnata.rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\[Guru3D]-3DMark-v1-5-884.zip:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\[Guru3D]-3DMark-v1-5-884.zip:$CmdZnID

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2560372422-2021965399-549226919-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"
HKLM\...\StartupApproved\Run: => "Classic Start Menu"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\StartupApproved\Run: => "Steam"

==================== Accounts: =============================

Admin (S-1-5-21-2560372422-2021965399-549226919-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2560372422-2021965399-549226919-500 - Administrator - Disabled)
Baruška (S-1-5-21-2560372422-2021965399-549226919-1007 - Limited - Enabled)
Guest (S-1-5-21-2560372422-2021965399-549226919-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/13/2015 06:09:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZalmanR1)
Description: Aplikaci Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (04/13/2015 04:53:42 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: ZalmanR1)
Description: Systém Windows vás nemůže přihlásit, protože nelze načíst váš profil. Zkontrolujte, zda jste připojeni k síti a zda síť pracuje správně.  

 PODROBNOSTI – Systém nemůže nalézt uvedený soubor.

Error: (04/13/2015 04:53:41 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: ZalmanR1)
Description: Systém Windows nemůže nalézt místní profil. Budete přihlášeni pomocí dočasného profilu. Změny profilu budou při vašem odhlášení ztraceny.

Error: (04/13/2015 04:11:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZalmanR1)
Description: Aplikaci Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (04/13/2015 03:57:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZalmanR1)
Description: Aplikaci Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (04/13/2015 06:22:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZalmanR1)
Description: Aplikaci Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (04/13/2015 00:39:15 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8

Error: (04/13/2015 00:39:15 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: SQLAgent$ADK8

Error: (04/13/2015 00:39:14 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 

Error: (04/13/2015 00:39:14 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$ADK8


System errors:
=============
Error: (04/13/2015 07:34:45 PM) (Source: DCOM) (EventID: 10010) (User: ZalmanR1)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (04/13/2015 07:34:45 PM) (Source: DCOM) (EventID: 10010) (User: ZalmanR1)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (04/13/2015 04:40:58 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (04/13/2015 07:00:11 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (04/13/2015 01:33:56 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (04/12/2015 09:01:25 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (04/12/2015 00:56:36 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Microsoft SQL Server 2012 Service Pack 2 (KB2958429).

Error: (04/12/2015 01:07:46 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (04/11/2015 06:52:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby: 
%%1053

Error: (04/11/2015 06:52:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).


Microsoft Office Sessions:
=========================
Error: (04/13/2015 06:09:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZalmanR1)
Description: Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel-2144927148

Error: (04/13/2015 04:53:42 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: ZalmanR1)
Description: Systém nemůže nalézt uvedený soubor.

Error: (04/13/2015 04:53:41 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: ZalmanR1)
Description: 

Error: (04/13/2015 04:11:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZalmanR1)
Description: Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel-2144927148

Error: (04/13/2015 03:57:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZalmanR1)
Description: Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel-2144927148

Error: (04/13/2015 06:22:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZalmanR1)
Description: Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel-2144927148

Error: (04/13/2015 00:39:15 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8

Error: (04/13/2015 00:39:15 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: SQLAgent$ADK8

Error: (04/13/2015 00:39:14 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 

Error: (04/13/2015 00:39:14 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$ADK8


CodeIntegrity Errors:
===================================
  Date: 2015-04-13 15:59:12.477
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-11 23:36:52.965
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-11 11:46:07.998
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-10 18:01:55.790
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdcsr.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-10 18:01:51.792
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdcsr.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-10 17:59:46.209
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdcsr.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-10 17:59:30.557
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdcsr.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-10 17:59:24.541
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdcsr.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-09 17:11:38.959
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-08 19:07:46.463
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: AMD FX(tm)-6300 Six-Core Processor 
Percentage of memory in use: 30%
Total physical RAM: 8093.5 MB
Available physical RAM: 5629.18 MB
Total Pagefile: 16285.5 MB
Available Pagefile: 12705.61 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.17 GB) (Free:308.32 GB) NTFS
Drive d: (Untitled) (Fixed) (Total:931.51 GB) (Free:337.14 GB) NTFS
Drive h: (My Passport) (Fixed) (Total:465.73 GB) (Free:191.57 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E3B86E78)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: B7F7BA07)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 465.7 GB) (Disk ID: 000521AB)
Partition 1: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================