﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-04-2015 01
Ran by Admin at 2015-04-19 22:26:02
Running from C:\Users\Admin\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-2560372422-2021965399-549226919-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2560372422-2021965399-549226919-500 - Administrator - Disabled)
Baruška (S-1-5-21-2560372422-2021965399-549226919-1007 - Limited - Enabled)
Guest (S-1-5-21-2560372422-2021965399-549226919-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Total Security (Enabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Enabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Comodo Defense+ (Enabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
FW: COMODO Firewall (Enabled) {C8870897-C358-086B-2944-184866CC6D0A}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\uTorrent) (Version: 3.4.2.39744 - BitTorrent Inc.)
1400 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
1400_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
1400Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 6.2.0.1030 - 360 Security Center)
3DMark (HKLM-x32\...\{66847f67-7331-422f-bc6c-d961c453d7df}) (Version: 1.5.884.0 - Futuremark)
3DMark (Version: 1.5.884.0 - Futuremark) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Application Compatibility Toolkit (Version: 8.100.26641 - Microsoft) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Assessments on Client (x32 Version: 8.100.26866 - Microsoft) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
COMODO Firewall (HKLM\...\{68BE8BAB-5375-4C99-9116-1808F5968D40}) (Version: 8.1.0.4426 - COMODO Security Solutions Inc.)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Crysis 3 v1.0.0.1 (HKLM-x32\...\Crysis 3_is1) (Version:  - )
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Driver Booster 2.3 (HKLM-x32\...\Driver Booster_is1) (Version: 2.3 - IObit)
Dying Light ver. 1.4.0.0 (HKLM-x32\...\{90098008-07WS-70NM-44T5-66JH8S9876UY}_is1) (Version: 1.4.0.0 - Warner Bros. Interactive Entertainment)
Fallout 3 (HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.7.0.3 - Bethesda Softworks)
Far Cry 4 (HKLM-x32\...\Far Cry 4_is1) (Version: 1.4.0 - Ubisoft)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
Futuremark SystemInfo (HKLM-x32\...\{79659071-4B68-4EC8-833C-49C97B68FCD0}) (Version: 4.36.512.0 - Futuremark)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Grand Theft Auto: Episodes From Liberty City (HKLM-x32\...\{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}) (Version: 1.1.0.0 - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.1 - IObit)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
KC Softwares DUMo (HKLM-x32\...\KC Softwares DUMo_is1) (Version: 1.6.2.10 - KC Softwares)
KC Softwares SUMo (HKLM-x32\...\KC Softwares SUMo_is1) (Version: 3.13.6.260 - KC Softwares)
KeePass Password Safe 2.29 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.29 - Dominik Reichl)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version:  - Tripwire Interactive)
Killing Floor 2 - SDK (HKLM-x32\...\Steam App 232150) (Version:  - )
Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version:  - Tripwire Interactive)
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware verze 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (HKLM-x32\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{3965C9F9-9B9A-4391-AC4B-8388210D3AA0}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM-x32\...\{D958C1AC-7891-42B6-AFBE-FA9070FACE13}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.2.5058.0 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 cs)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 13.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
PWGen 2.5.4 (HKLM-x32\...\{8A5E6B59-2804-4677-8A5F-DEBC218CE4E0}_is1) (Version:  - Christian Thoeing)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7050 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Serious Sam 2 (HKLM-x32\...\SeriousSam2) (Version:  - )
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version:  - Croteam)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Service Pack 2 for SQL Server 2012 (KB2958429) (HKLM-x32\...\KB2958429) (Version: 11.2.5058.0 - Microsoft Corporation)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.0 - IObit)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
SQL Server 2012 Common Files (x32 Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (x32 Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (x32 Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.2.5058.0 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (x32 Version: 11.2.5058.0 - Microsoft Corporation) Hidden
Stalker Call Of Pripyat 1.6.02 (HKLM-x32\...\Stalker Call Of Pripyat 1.6.02) (Version: 1.6.02 - Monster_CZ)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Telegram Desktop version 0.8.7 (HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.8.7 - Telegram Messenger LLP)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
Toolkit Documentation (x32 Version: 8.100.26866 - Microsoft) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUSR_{2B44F588-2B80-4DD3-B577-B10B3C6865EA}) (Version:  - Microsoft)
User State Migration Tool (x32 Version: 8.100.25984 - Microsoft) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Volume Activation Management Tool (x32 Version: 8.100.26629 - Microsoft) Hidden
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Watch_Dogs (HKLM-x32\...\{9L5FE86L-0D8I-4HJ7-HKY5-DRTKE3G6QG2X}_is1) (Version: 1.05.324 - Ubisoft)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WPT Redistributables (x32 Version: 8.100.26866 - Microsoft) Hidden
WPTx64 (x32 Version: 8.100.26837 - Microsoft) Hidden
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.9 - ZONER software)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

11-04-2015 01:25:09 3DMark
11-04-2015 01:26:48 Nainstalováno rozhraní DirectX
11-04-2015 18:39:28 Nainstalováno rozhraní DirectX
11-04-2015 18:42:01 Instalováno Fallout 3
11-04-2015 18:47:07 IObit Uninstaller restore point
15-04-2015 15:05:57 IObit Uninstaller restore point
17-04-2015 00:06:22 Installed GTA San Andreas
18-04-2015 13:23:57 Installed Grand Theft Auto V
18-04-2015 23:44:47 Driver Booster : AMD High Definition Audio Device
18-04-2015 23:48:24 Installed HP Support Solutions Framework
20-04-2015 19:12:21 Nainstalováno rozhraní DirectX
21-04-2015 22:07:17 Installed LogMeIn Hamachi
23-04-2015 19:03:31 IObit Uninstaller restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03671ABE-B5F5-434A-B3E7-124C830DDF3D} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-03-03] (IObit)
Task: {0F3CE2C7-EC8A-42A5-BCB1-9A6E3153E8CF} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-04-18] (IObit)
Task: {2A6E2398-E6A4-45FB-9827-8873B35EB423} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2015-03-28] (Microsoft Corporation)
Task: {3C06250B-4C24-4275-A3FA-7A575DAB8379} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-04-02] (Microsoft Corporation)
Task: {49369EB7-54ED-47FE-AF57-9A18B2744EC5} - System32\Tasks\adobe flash player updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-18] (Adobe Systems Incorporated)
Task: {57575DEF-5D33-4CCF-9375-FDDBF3820504} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-04-02] (Microsoft Corporation)
Task: {579782AA-1E45-471B-A9AF-0E6B4B60EC1A} - System32\Tasks\{75DF3B3D-7AF8-4DEE-BF0F-656A1D4C53F2} => pcalua.exe -a C:\Users\Admin\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveSetup.exe -c  /uninstall
Task: {8054B265-5B22-41C6-83F4-2E0F1E69D023} - System32\Tasks\Driver Booster SkipUAC (Admin) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-04-18] (IObit)
Task: {91E282E9-65EA-445E-A25D-43776F1AE7AF} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-04-20] (COMODO)
Task: {92045A77-1CDF-4723-A71D-C584F466C374} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-04-20] (COMODO)
Task: {98BDA5CF-4F19-4E0A-9EAF-59F1136180AA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2015-03-28] (Microsoft Corporation)
Task: {B8767E18-18B2-4CE7-A598-113BD4675B85} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2015-03-28] (Microsoft Corporation)
Task: {B9351431-02F4-4B8B-BDA2-A907CA63BF44} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-04-18] (IObit)
Task: {D175A617-7E0C-4B31-9F3B-FBFD0DCF79C7} - System32\Tasks\Uninstaller_SkipUac_Admin => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-03-23] (IObit)
Task: {DA6EA65A-9292-4700-87D2-5C7AAAC70751} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-04-02] (Microsoft Corporation)
Task: {DAF70C82-7129-4B5D-B5BE-19451C8AFA69} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-04-20] (COMODO)
Task: {EC377211-1EBB-47FD-AC9A-7570CA601729} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-04-02] (Microsoft Corporation)
Task: {EE94C5F5-90E9-4B7B-96B7-1DB7AA3AEBA8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-16] (Microsoft Corporation)
Task: {F1266AB4-BA42-4E81-A579-8A5AC42FCED4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Admin.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Loaded Modules (whitelisted) ==============

2015-03-23 23:57 - 2015-04-21 00:22 - 00819824 _____ () C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
2014-07-04 22:33 - 2014-07-04 22:33 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 07:59 - 2013-07-26 07:59 - 00814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 07:59 - 2013-07-26 07:59 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-03-23 23:57 - 2015-04-21 00:22 - 01222768 _____ () C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
2015-03-23 23:57 - 2015-04-10 09:16 - 00548464 _____ () C:\Program Files (x86)\360\Total Security\safemon\wdui2.dll
2015-03-23 20:06 - 2015-03-31 16:45 - 00775680 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-03-23 20:06 - 2014-12-02 02:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-03-23 20:06 - 2015-04-20 19:23 - 02371776 _____ () C:\Program Files (x86)\Steam\video.dll
2015-03-23 20:06 - 2014-12-02 02:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-03-23 20:06 - 2014-12-02 02:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-03-23 20:06 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-03-23 20:06 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-03-23 20:06 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-03-23 20:06 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-03-23 20:06 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-03-23 20:06 - 2015-04-20 19:23 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-04-19 22:25 - 2015-04-19 22:25 - 00155232 ___HT () C:\Users\Admin\AppData\Local\Temp\~C7B4.tmp
2015-03-23 20:06 - 2015-03-31 16:45 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-03-23 20:06 - 2015-02-25 03:58 - 01709960 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2015-03-23 23:57 - 2015-04-21 00:22 - 03674736 _____ () C:\Program Files (x86)\360\Total Security\QHSafeMain.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\acmigration.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\aeinv.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\aepdu.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\aepic.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\appdrvrem01.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\appraiser.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\certcli.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\DelayAPO.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\devinv.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\dpapisrv.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\generaltel.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\hpotscl1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\hpovst01.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\hpowiav1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\hppldcoi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\HPZLLLHN.DLL:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ie4uinit.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\inetcomm.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\invagent.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\jscript.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\microsoft-windows-system-events.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\msctf.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\PhotoMetadataHandler.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\PortChanger.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\rascfg.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\RtNicProp64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\schannel.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\sechost.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SRH.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\storewuauth.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\tdh.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\tracerpt.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\TsWpfWrp.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wevtsvc.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\win32k.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Input.Inking.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wininet.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WinSetupUI.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wow64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wow64cpu.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wpdshext.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wuauclt.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wuaueng.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wucltux.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wups.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wups2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WUSettingsProvider.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\certcli.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\inetcomm.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msctf.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\pku2u.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\PrintConfig.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\rascfg.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\schannel.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\sechost.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\SRH.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\tdh.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\tracerpt.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\TsWpfWrp.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wininet.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wpdshext.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wups.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdacpksl.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\AtihdWB6.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bthhfenum.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\clfs.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Dot4.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Dot4Prt.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Dot4usb.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dumpsd.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Hamdrv.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\http.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndproxy.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Rt630x64.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdbus.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SWDUMon.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\udfs.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbscan.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vwififlt.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vwifimp.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wanarp.sys:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Desktop\adwcleaner_4.202.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Desktop\adwcleaner_4.202.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Desktop\gtavreviewheader.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Desktop\Hlas00003.3gp:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Desktop\video_2015-04-14_22-05-47.mov:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\10958700_769017893174703_200329094_n.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\10962006_771676516242174_309528695_n.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\10962055_1705094809716871_851055478_n.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\10968185_1705093516383667_2077305528_n.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\10979464_771670466242779_1996548684_n.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\11002723_771666086243217_2043816741_o.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\11006037_771664336243392_53824045_n.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\11040335_784713314938494_923767445_n.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\11041506_793197587440177_1686713377_n.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\11106434_806343692792233_595465251_n.jpg.png:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\11169133_919413401413060_1626888571_n.jpg:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\11169133_919413401413060_1626888571_n.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\1175489_610002932356319_166082306_n.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\12.Československo za stalinismu (1948-1953)1.doc.doc:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\12.Československo za stalinismu (1948-1953)1.doc.doc:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\1232224774GV_savedata_db_m65.rar:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\1232224774GV_savedata_db_m65.rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\13.Evropa a USA v 50. a 60. letech.doc:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\13.Evropa a USA v 50. a 60. letech.doc:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\15.První krize sovětského bloku.doc:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\15.První krize sovětského bloku.doc:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\16.Československo v letech 1953-1968.doc:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\16.Československo v letech 1953-1968.doc:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\17.Československá reforma a její potlačení.doc:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\17.Československá reforma a její potlačení.doc:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\198504_208169089210869_356584_n.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\226523_220302707997507_1267072_n.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\3DMGAME-Grand.Theft.Auto.V.Update.1.and.Crack.v1-3DM.7z:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\3DMGAME-Grand.Theft.Auto.V.Update.1.and.Crack.v1-3DM.7z:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\4.5.2015.doc:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\4.5.2015.doc:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\adksetup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\adksetup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\autopsy-3.1.2-64bit.msi:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\autopsy-3.1.2-64bit.msi:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\AutoRun.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\AutoRun.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\AutoRun.ico:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\AutoRun.inf:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\avidemux_2.6.8_win64_v2.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\avidemux_2.6.8_win64_v2.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\BootkitRemoval_x64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\BootkitRemoval_x64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\ccsetup504.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\ccsetup504.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\cfw_installer_6106_53.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\cfw_installer_6106_53.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\Crysis.3.Update.v1.1.INTERNAL-RELOADED.rar:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\Crysis.3.Update.v1.1.INTERNAL-RELOADED.rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\dban-2.2.8_i586.iso:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\dban-2.2.8_i586.iso:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\derren brown - magie a manipulace mysli.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\derren.brown.mind.control.(2000).ell.1cd.(148402).zip:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\derren.brown.mind.control.(2000).ell.1cd.(148402).zip:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\Detection.msi:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\Detection.msi:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\DLOspoluprac555.doc:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\driver_booster_setup(1).exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\driver_booster_setup(1).exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\driver_booster_setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\driver_booster_setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\drw_free.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\drw_free.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\Dualismus.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\Dualismus.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\dumo(1).exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\dumo(1).exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\dumo.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\dumo.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\Dying.Light.Update1.5.1-FTS.rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\EFLC Cesitna-CSP-Gta-cz.rar:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\EFLC Cesitna-CSP-Gta-cz.rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\Entity-CZ-Titulky-Horor-_-Drama,-Velká-Británie,-2012.avi:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\Entity-CZ-Titulky-Horor-_-Drama,-Velká-Británie,-2012.avi:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\G1976.rar:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\G1976.rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\gbooks.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\gbooks.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\Google Books Downloader Lite.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\Google Books Downloader Lite.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\GTA 4 cestina 2.0-gta-cz.rar:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\GTA 4 cestina 2.0-gta-cz.rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\GTA-IV-patch-+-crack-1.0.7.0-by-KillerDanda(1).rar:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\GTA-IV-patch-+-crack-1.0.7.0-by-KillerDanda(1).rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\GTA-IV-patch-+-crack-1.0.7.0-by-KillerDanda.rar:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\GTA-IV-patch-+-crack-1.0.7.0-by-KillerDanda.rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\GTA-San-Andreas-CRACK-100%.rar:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\GTA-San-Andreas-CRACK-100%.rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\gta4eflc update 1120.rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\GTAIVsaveWIN7_by zao.rar:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\GTAIVsaveWIN7_by zao.rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\hamachi.msi:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\hamachi.msi:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\harddriverecoveryutility-windows.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\harddriverecoveryutility-windows.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\Hirens.BootCD.15.2(1).zip:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\Hirens.BootCD.15.2(1).zip:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\HPSupportSolutionsFramework-11.51.0049(1).msi:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\HPSupportSolutionsFramework-11.51.0049(1).msi:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\HPSupportSolutionsFramework-11.51.0049.msi:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\HPSupportSolutionsFramework-11.51.0049.msi:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\IDEOLOGIE.docx:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\IDEOLOGIE.docx:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\iobituninstaller.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\iobituninstaller.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\jxpiinstall.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\KB3AIK_EN.iso:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\KB3AIK_EN.iso:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\KeePass-2.28-Setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\KeePass-2.28-Setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\KeePass-2.29-Setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\KeePass-2.29-Setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\ks45y67e.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\ks45y67e.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\Led.GV.part14.rar:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\Led.GV.part14.rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\mbar-1.09.1.1004.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\mbar-1.09.1.1004.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\MegaDownloader_v1.1.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\MegaDownloader_v1.1.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\mhdd32ver4.5iso.zip:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\mhdd32ver4.5iso.zip:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\MobaLiveCD_v2.1.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\MobaLiveCD_v2.1.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\P1190002.JPG:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\P1190014.JPG:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\rcsetup152.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\rcsetup152.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\remo-repair-mov.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\remo-repair-mov.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\rootkitremover(1).exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\rootkitremover(1).exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\rootkitremover.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\rootkitremover.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\sar_15_sfx(1).exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\sar_15_sfx(1).exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\sar_15_sfx.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\sar_15_sfx.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\Setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\Setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\Stereometrie+-+polohové+vlastnosti.docx:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\Stereometrie-krychle-šablona.doc:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\Stereometrie-krychle-šablona.doc:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\sumo.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\sumo.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\Tajemná komnata.rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\tdsskiller.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\tdsskiller.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\THDotS Model+Sound Pack.rar:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\THDotS Model+Sound Pack.rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\THDotS_991p_Eng_v4.w3x:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\THDotS_991p_Eng_v4.w3x:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\The Vampire Diaries_6x19_HDTV.23 April.en.zip:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\videorepair.zip:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\videorepair.zip:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\War3.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\Warcraft3TheFrozenThronev1.07NoCDFixedexeEng.rar:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\Warcraft3TheFrozenThronev1.07NoCDFixedexeEng.rar:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\[CzT]Grand_Theft_Auto_San_Andreas_1_08_2013_Android_.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\[Guru3D]-3DMark-v1-5-884.zip:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\[Guru3D]-3DMark-v1-5-884.zip:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Downloads\česko ve stalinismu.odt:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Downloads\česko ve stalinismu.odt:$CmdZnID

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2560372422-2021965399-549226919-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"
HKLM\...\StartupApproved\Run: => "Classic Start Menu"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [Wininit-Shutdown-In-Rule-TCP-RPC] => (Allow) %systemroot%\system32\wininit.exe
FirewallRules: [Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper] => (Allow) %systemroot%\system32\wininit.exe
FirewallRules: [ProximityUxHost-Sharing-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\proximityuxhost.exe
FirewallRules: [ProximityUxHost-Sharing-Out-TCP-NoScope] => (Allow) %SystemRoot%\system32\proximityuxhost.exe
FirewallRules: [NETDIS-DAS-In-UDP-Active] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [NETDIS-DAS-In-UDP] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [EventForwarder-In-TCP] => (Allow) %SystemRoot%\system32\NetEvtFwdr.exe
FirewallRules: [TPMVSCMGR-Server-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [TPMVSCMGR-Server-Out-TCP-NoScope] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [TPMVSCMGR-Server-In-TCP] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [TPMVSCMGR-Server-Out-TCP] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [PlayTo-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-UDP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-UDP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-Out-UDP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-Out-UDP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-RTSP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-RTSP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-RTSP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [WFDPRINT-DAFWSD-In-Active] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [WFDPRINT-DAFWSD-Out-Active] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [RemoteDesktop-Shadow-In-TCP] => (Allow) %SystemRoot%\system32\RdpSa.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{35FFFD2C-CD56-4A2F-A310-4BC89F151438}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BA126AC4-318F-41F1-B9B5-4752CCF911B2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5D09E645-414F-4AD5-85A2-6D8F0B5D5175}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{72DF78AC-E0C4-4548-9B2C-C9A809B359A5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4B9F961C-C405-4E44-AEA1-DFD040588F34}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2550B052-FD6D-4338-8847-CE1B8B70B389}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9CB64BDC-CFDB-4AD9-A52F-4BBC5EC84327}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{A6A3DDB3-2296-4F80-AAA6-44C47F1E66EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{5295B8CC-015C-4484-AC21-B5D991A24F75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{E9D076B1-A8EE-46E1-B6FD-900525612B01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [TCP Query User{5539A1A8-2B60-4F32-A105-9A8B791DFF0F}C:\hry\far cry 4\bin\farcry4.exe] => (Block) C:\hry\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{C73CD06D-C9E4-4837-B4E3-39B4C97C570E}C:\hry\far cry 4\bin\farcry4.exe] => (Block) C:\hry\far cry 4\bin\farcry4.exe
FirewallRules: [{FF1877B4-DCD7-484D-94D9-8325888154D0}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{949F9FE6-FAF2-4049-8E20-716B65638D40}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{9EA3290B-37F2-4F75-B376-AFC3A64706C0}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{E15D3541-9FA1-4472-BE26-2F9E15E0AFDE}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{E27FBE78-7F9E-4D3C-90DA-A0348DF2D1BB}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{26587939-3FCE-47A0-BDD3-99D76175F89C}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C1B139F7-239A-43D0-8914-6143B878E618}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{CDCC00E8-3D0A-4BF2-9A55-228509C2FA8F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{48ED71C4-ED31-4F13-BD28-B709E48CB09B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9B503DE9-D7F0-4919-AA89-88F80223A760}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{D419BE38-A5FB-489E-88A1-2831E79FE1B2}] => (Allow) C:\Program Files\Microsoft Office\Office15\outlook.exe
FirewallRules: [{F66DE5FC-611A-4871-B65E-EF076E6B0C4D}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [{0423F4D3-5D8A-49B9-8E9D-A6B365DD1B43}] => (Allow) C:\Hry\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{DD7A396A-15A3-49FC-AC08-C1D9AF864FF5}] => (Allow) C:\Hry\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{A6B7FA28-228E-46E8-B661-B0336E691295}] => (Allow) C:\Hry\GTA IV\EFLC\LaunchEFLC.exe
FirewallRules: [{5BF19C77-14B2-4119-8872-B3B4AABAA3E6}] => (Allow) C:\Hry\GTA IV\EFLC\LaunchEFLC.exe
FirewallRules: [{D27CFBA9-08E1-4AA0-801D-3C66B78CD26F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{3E42F069-2058-45CC-A671-FC1203F6C81F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{AE1FB6B6-D86F-4582-A59E-86F546988819}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{6AEA92E6-3CCC-45FD-B5BA-E210982E7B2F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{A49C97BD-FDA6-4CB5-BDF7-9313836C7190}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{7DAFF4FE-FC96-4F35-8584-20ABA15012CE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{101325C6-25B6-4ACE-976E-7A3495830054}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{B1D4B7A8-E7DF-4989-81CB-011C69AA4196}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{B67477F7-434B-4678-BDE6-F9CB188B94A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{F5C91A4B-3B4E-4213-97E2-14C75C1FD0C1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{A50366FA-8D16-4361-8BCA-450B88C2EBF0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{E7A322B1-FA1D-4BBB-B77F-DA25EF407F43}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{2919B67B-6429-462C-973C-EFDDC8E13261}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{80E64FA1-32AF-49C4-8FF2-813EF89D274C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{38A25821-D07E-4BD4-A502-1B8A8B10B1D9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{922E858E-3D74-40CB-9857-33BBB806E4DC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{22AFC9BB-A94C-4024-BD81-ED6DCC6D40B9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{C9987E19-5B01-497F-8447-BAC732182B18}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{5AA0EE6B-CA5F-4DA2-87CF-8680372AF761}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{8AF5C2DB-6EDD-4A7F-B912-9E56A18FC4A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{2F336433-F382-4DA8-8E5B-04CEE10B9457}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{996EA76C-8B8E-4755-8672-9971FF762CCB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{95556CCE-1AE7-4371-A766-3C04D7504342}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{A5E8CE23-E892-46EC-ADF2-760F527A2794}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{853A0840-1A7C-4308-9507-8542E66E90D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{8CE30B28-39CD-47AD-9D6C-0CE4A5557D57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFEditor.exe
FirewallRules: [{B960092A-4CE3-481F-957C-1F16BBD7FA59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFEditor.exe
FirewallRules: [{B424B44B-45A7-4404-9509-579517ED71D8}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{40EA3EC6-0648-4EF1-82D5-F73DB9EA62B4}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/19/2015 10:14:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZalmanR1)
Description: Aplikaci Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (04/19/2015 09:06:52 PM) (Source: MSSQL$ADK) (EventID: 17120) (User: )
Description: SQL Server could not spawn FRunCommunicationsManager thread. Check the SQL Server error log and the Windows event logs for information about possible related problems.

Error: (04/19/2015 09:06:52 PM) (Source: MSSQL$ADK) (EventID: 17826) (User: )
Description: Could not start the network library because of an internal error in the network library. To determine the cause, review the errors immediately preceding this one in the error log.

Error: (04/19/2015 09:06:52 PM) (Source: MSSQL$ADK) (EventID: 17182) (User: )
Description: TDSSNIClient initialization failed with error 0x80092004, status code 0x1. Reason: Initialization failed with an infrastructure error. Check for previous errors.

Error: (04/19/2015 09:06:52 PM) (Source: MSSQL$ADK) (EventID: 17182) (User: )
Description: TDSSNIClient initialization failed with error 0x80092004, status code 0x80. Reason: Unable to initialize SSL support.

Error: (04/19/2015 09:06:52 PM) (Source: MSSQL$ADK) (EventID: 17204) (User: )
Description: FCB::Open failed: Could not open file e:\sql11_main_t.obj.x86release\sql\mkmastr\databases\objfre\i386\MSDBData.mdf for file number 1.  OS error: 21(Zařízení není připraveno.).

Error: (04/19/2015 09:06:51 PM) (Source: MSSQL$ADK) (EventID: 17190) (User: )
Description: Initializing the FallBack certificate failed with error code: 1, state: 20, error number: 0.

Error: (04/19/2015 09:06:50 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Zprostředkovatel událostí CisWmi se pokusil zaregistrovat dotaz SELECT * FROM CisFileRatingChange, jehož cílová třída CisFileRatingChange v oboru názvů //./root/cis neexistuje. Dotaz bude ignorován.

Error: (04/19/2015 09:06:50 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Zprostředkovatel událostí CisWmi se pokusil zaregistrovat dotaz SELECT * FROM CisStatusChange, jehož cílová třída CisStatusChange v oboru názvů //./root/cis neexistuje. Dotaz bude ignorován.

Error: (04/19/2015 09:06:50 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Zprostředkovatel událostí CisWmi se pokusil zaregistrovat dotaz SELECT * FROM CisNotification, jehož cílová třída CisNotification v oboru názvů //./root/cis neexistuje. Dotaz bude ignorován.


System errors:
=============
Error: (04/19/2015 09:06:52 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba SQL Server (ADK) skončila s následující chybou specifickou pro službu: 
%%2148081668

Error: (04/19/2015 09:06:44 PM) (Source: Service Control Manager) (EventID: 7005) (User: )
Description: Volání LoadUserProfile skončilo neúspěšné s touto chybou: 
%%2

Error: (04/19/2015 09:03:03 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě: 
%%1056

Error: (04/19/2015 09:02:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Support Solutions Framework Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/19/2015 09:02:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LogMeIn Hamachi Tunneling Engine byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/19/2015 09:02:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (04/19/2015 09:02:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SQL Server VSS Writer byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/19/2015 09:02:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Secunia Update Agent byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/19/2015 09:02:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD FUEL Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/19/2015 09:02:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba zařazování tisku byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.


Microsoft Office Sessions:
=========================
Error: (04/19/2015 10:14:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZalmanR1)
Description: Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel-2144927148

Error: (04/19/2015 09:06:52 PM) (Source: MSSQL$ADK) (EventID: 17120) (User: )
Description: FRunCommunicationsManager

Error: (04/19/2015 09:06:52 PM) (Source: MSSQL$ADK) (EventID: 17826) (User: )
Description: 

Error: (04/19/2015 09:06:52 PM) (Source: MSSQL$ADK) (EventID: 17182) (User: )
Description: 800920041Initialization failed with an infrastructure error. Check for previous errors.

Error: (04/19/2015 09:06:52 PM) (Source: MSSQL$ADK) (EventID: 17182) (User: )
Description: 8009200480Unable to initialize SSL support.

Error: (04/19/2015 09:06:52 PM) (Source: MSSQL$ADK) (EventID: 17204) (User: )
Description: FCB::Open failede:\sql11_main_t.obj.x86release\sql\mkmastr\databases\objfre\i386\MSDBData.mdf121(Zařízení není připraveno.)

Error: (04/19/2015 09:06:51 PM) (Source: MSSQL$ADK) (EventID: 17190) (User: )
Description: 1200

Error: (04/19/2015 09:06:50 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: CisWmiSELECT * FROM CisFileRatingChangeCisFileRatingChange//./root/cis

Error: (04/19/2015 09:06:50 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: CisWmiSELECT * FROM CisStatusChangeCisStatusChange//./root/cis

Error: (04/19/2015 09:06:50 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: CisWmiSELECT * FROM CisNotificationCisNotification//./root/cis


CodeIntegrity Errors:
===================================
  Date: 2015-04-19 21:16:05.045
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-19 16:16:41.640
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-19 14:42:25.865
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-24 13:23:53.658
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-23 22:22:36.135
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-23 19:37:31.507
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-23 18:50:17.538
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-23 18:37:38.648
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-21 17:07:55.703
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-20 23:42:45.945
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: AMD FX(tm)-6300 Six-Core Processor 
Percentage of memory in use: 32%
Total physical RAM: 8093.5 MB
Available physical RAM: 5453.58 MB
Total Pagefile: 16285.5 MB
Available Pagefile: 11912.42 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.17 GB) (Free:225.29 GB) NTFS
Drive d: (Untitled) (Fixed) (Total:931.51 GB) (Free:337.14 GB) NTFS
Drive h: (My Passport) (Fixed) (Total:465.73 GB) (Free:191.57 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E3B86E78)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: B7F7BA07)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 465.7 GB) (Disk ID: 000521AB)
Partition 1: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================