﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015
Ran by Michal at 2015-07-14 09:13:06
Running from C:\Users\Michal\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3052728683-791047638-3597169863-500 - Administrator - Disabled)
Guest (S-1-5-21-3052728683-791047638-3597169863-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3052728683-791047638-3597169863-1003 - Limited - Enabled)
Michal (S-1-5-21-3052728683-791047638-3597169863-1001 - Administrator - Enabled) => C:\Users\Michal

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3052728683-791047638-3597169863-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3052728683-791047638-3597169863-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.0.1.651 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.32.5220 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{3410BAF4-A49B-4FC3-A99F-D8EB30B06D35}) (Version: 0.9.32.5220 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Commandos: Behind Enemy Lines SK (HKLM-x32\...\Commandos: Behind Enemy Lines SK) (Version:  - )
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike(TM) (HKLM-x32\...\{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}) (Version: 1.0.0.0 - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Game Explorer Categories - casual (HKLM-x32\...\WildTangentGameProvider-asus-casual) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - enthusiast (HKLM-x32\...\WildTangentGameProvider-asus-enthusiast) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - family (HKLM-x32\...\WildTangentGameProvider-asus-family) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - kids (HKLM-x32\...\WildTangentGameProvider-asus-kids) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - touch (HKLM-x32\...\WildTangentGameProvider-asus-touch) (Version: 3.2.0.6 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HandBrake 0.10.0 (HKLM-x32\...\HandBrake) (Version: 0.10.0 - )
Heroes of Might and Magic III Complete CZ (HKLM-x32\...\Heroes of Might and Magic III Complete CZ) (Version:  - )
Chip (HKLM-x32\...\Steam App 275470) (Version:  - Coatsink)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
Maxx Audio Installer (x64) (Version: 1.6.5230.111 - Waves Audio Ltd.) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MU Online (HKLM-x32\...\MU Online 1.0.1) (Version: 1.0.1 - FunFirst)
MU Online (x32 Version: 1.0.1 - FunFirst) Hidden
Nosferatu: The Wrath of Malachi (HKLM-x32\...\Steam App 283290) (Version:  - Idol FX)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
QuestRun (HKLM-x32\...\Steam App 286120) (Version:  - Cuve Games)
RADical ROACH Deluxe Edition (HKLM-x32\...\Steam App 301750) (Version:  - Decaying Logic)
Realms of the Haunting (HKLM-x32\...\Steam App 292390) (Version:  - Gremlin Interactive)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.27040 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7514 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0150 - REALTEK Semiconductor Corp.)
Royal Quest (HKLM-x32\...\Steam App 295550) (Version:  - Katauri)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Steam(TM) (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\Steam App 323370) (Version:  - En Masse Entertainment)
The Culling Of The Cows (HKLM-x32\...\Steam App 297020) (Version:  - Decaying Logic)
TheBestMU Game Client (HKLM-x32\...\{FEED2D6B-4C1D-4B57-8E77-27A648E5EEA0}) (Version: 1.0.0 - TheBestMU)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
War Inc. Battlezone (HKLM-x32\...\Steam App 107900) (Version:  - Online Warmongers Group Inc.)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.2.301 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (ATP) Mouse  (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
XnView 2.25 (HKLM-x32\...\XnView_is1) (Version: 2.25 - Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

20-06-2015 12:50:20 Scheduled Checkpoint
27-06-2015 15:11:53 Scheduled Checkpoint
06-07-2015 13:37:28 Scheduled Checkpoint
08-07-2015 17:03:07 Installed MU Online
14-07-2015 01:23:33 zoek.exe restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-07-14 01:24 - 00000753 ____A C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost 

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {045EF2E8-81A4-42CF-88F9-2147DAF7F237} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
Task: {08F320F2-BD69-4226-A0C8-30DF76553EB8} - \1014avUpdateInfo No Task File <==== ATTENTION
Task: {175E0119-43D8-4537-926E-A0C1078A2889} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {1DA6DAEE-2C62-42FE-AC7B-4D40B4CEAF3F} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.)
Task: {270BC9AB-F1DC-404D-B8F6-7FF786BAE1AF} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {5044947F-263E-4937-9271-40F63121D50B} - \CodeItFast No Task File <==== ATTENTION
Task: {684B1DD7-F2F6-491E-9BE6-095772D37B95} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-03-31] (AsusTek)
Task: {724DF26C-0CD1-4900-A7B4-0E74C29E80C9} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-04-28] (Realtek Semiconductor)
Task: {8DDFE3CA-5FA7-4D21-9DC2-5D7AE1EA0DEF} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {A3B81FF1-6475-48E0-A2CE-83085FBAE493} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: {CD7CFF60-2F95-4EC4-B3E3-22DF31D7D07A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {DF676195-E9D0-49F9-8741-835B1D51DBFE} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-05-15] (Realtek Semiconductor)
Task: {E9C13E39-30A1-4A89-A77A-FE3B71EC7CD4} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {ECA57CA6-2229-4CF1-BF95-2EB419268029} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {ED842B61-B9C3-4BA9-8EF0-5EE68EA08148} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CodeItFast.job => c:\programdata\{f9cb3225-9dcf-be1d-f9cb-b32259dcc896}\689923946697359598b.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2014-02-25 23:14 - 2014-02-25 23:14 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-25 23:11 - 2014-02-25 23:11 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-25 23:17 - 2014-02-25 23:17 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-12-29 20:01 - 2009-12-09 22:20 - 00126976 _____ () C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\EnumDevLib.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Michal\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3052728683-791047638-3597169863-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Michal\AppData\Roaming\XnView\\xnview_wallpaper_20141223.bmp
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run32: => "ASUSPRP"
HKLM\...\StartupApproved\Run32: => "WebStorage"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "ba4c12bee3027d94da5c81db2d196bfd"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKU\S-1-5-21-3052728683-791047638-3597169863-1001\...\StartupApproved\StartupFolder: => "Clash of Clans.lnk"
HKU\S-1-5-21-3052728683-791047638-3597169863-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3052728683-791047638-3597169863-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3052728683-791047638-3597169863-1001\...\StartupApproved\Run: => "Shifters"
HKU\S-1-5-21-3052728683-791047638-3597169863-1001\...\StartupApproved\Run: => "ba4c12bee3027d94da5c81db2d196bfd"
HKU\S-1-5-21-3052728683-791047638-3597169863-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{03906929-132B-4195-A60A-C210863DAFD6}] => (Allow) C:\Users\Michal\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7015C47B-7A8A-4662-80A2-B104D5FDF780}] => (Allow) C:\Users\Michal\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{812EE95E-C3C6-4423-9F29-C13038428825}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{227E4590-9D1B-4F43-8483-7426731B90E1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{A5C2CB80-372F-4E40-BA9D-DE1BBB49905E}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{21AD0127-0FBC-4362-8AB9-786294B4817D}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{B5EB7A37-16DF-4A33-86D3-62A54348BE26}] => (Allow) LPort=1542
FirewallRules: [{911139F9-2933-41FC-9490-2BB3303D4FF3}] => (Allow) LPort=1542
FirewallRules: [{4933031F-B8F5-4755-B7AC-415C3756BBB3}] => (Allow) LPort=53
FirewallRules: [{88252E30-3452-4BC6-957E-DA3E98A0ED02}] => (Allow) D:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{CE39B562-87BA-4BCD-ACF5-12DB99C575F2}] => (Allow) D:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{D42EE95D-9B43-4271-AA2C-3E064A848C39}D:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{FD924729-D3D6-4B33-83C4-76B4DBDFB499}D:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{0402985E-836C-4A54-ACCF-76DAE46F07AA}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{49B90AF8-712C-49EB-A638-6D759961006D}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3475764C-AB5C-45D8-8F5C-C040C22EC038}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A41CEAAF-11C4-4214-8AC9-72AFFBD0529A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{22FA1AF5-8C8F-4087-82DC-A58B4FCC9785}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{DCA5F4AA-277E-4B3E-ABF7-510478BAB79B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{ACE36EF8-5380-48EC-BB0A-81D4803CD8CA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TERA\TERA-Launcher.exe
FirewallRules: [{5501C64D-904D-43DD-906D-247A4B6D7D5B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TERA\TERA-Launcher.exe
FirewallRules: [TCP Query User{A5E879A9-A5E1-4AEE-82A0-A73F7B94255F}C:\users\michal\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\michal\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{AFC292B7-9F85-4371-8768-727C53137825}C:\users\michal\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\michal\appdata\local\akamai\netsession_win.exe
FirewallRules: [{2944C1A0-BFAA-4D6B-BC9E-BEBE9B25BD84}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/13/2015 03:56:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: chrome.exe, verzia: 43.0.2357.81, časová značka: 0x555f6160
Názov chybujúceho modulu: chrome.dll, verzia: 43.0.2357.81, časová značka: 0x555f5db3
Kód výnimky: 0xc0000005
Odstup chyby: 0x0001c048
Identifikácia chybujúceho procesu: 0x79c
Čas spustenia chybujúcej aplikácie: 0xchrome.exe0
Cesta chybujúcej aplikácie: chrome.exe1
Cesta chybujúceho modulu: chrome.exe2
Identifikácia hlásenia: chrome.exe3
Celé meno chybujúceho balíka: chrome.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: chrome.exe5

Error: (07/12/2015 06:07:05 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: MISO)
Description: There was an error communicating to the Orion inference server

Error: (07/12/2015 06:07:05 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: NT AUTHORITY)
Description: There was an error communicating to the Orion inference server

Error: (07/12/2015 05:32:40 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: MISO)
Description: There was an error communicating to the Orion inference server

Error: (07/12/2015 05:32:40 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: NT AUTHORITY)
Description: There was an error communicating to the Orion inference server

Error: (07/12/2015 05:20:29 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: MISO)
Description: There was an error communicating to the Orion inference server

Error: (07/12/2015 05:20:29 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: NT AUTHORITY)
Description: There was an error communicating to the Orion inference server

Error: (07/12/2015 12:55:07 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: MISO)
Description: There was an error communicating to the Orion inference server

Error: (07/12/2015 12:55:07 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: NT AUTHORITY)
Description: There was an error communicating to the Orion inference server

Error: (07/11/2015 11:01:54 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Správca okien na pracovnej ploche zistil kritickú chybu (0x8898008d)


System errors:
=============
Error: (07/14/2015 01:51:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Služba Google Update (gupdate) zlyhalo kvôli nasledujúcej chybe: 
%%2

Error: (07/14/2015 01:49:31 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Defender Service bola ukončená s nasledujúcou chybou: 
%%2147942402

Error: (07/14/2015 01:49:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Ratty Coat zlyhalo kvôli nasledujúcej chybe: 
%%2

Error: (07/14/2015 01:37:11 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (07/14/2015 01:37:11 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (07/14/2015 01:37:11 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (07/14/2015 01:37:10 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (07/14/2015 01:37:10 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (07/14/2015 01:22:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BlueStacks Updater Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 2-krát.

Error: (07/14/2015 01:22:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BlueStacks Log Rotator Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 2-krát.


Microsoft Office:
=========================
Error: (07/13/2015 03:56:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe43.0.2357.81555f6160chrome.dll43.0.2357.81555f5db3c00000050001c04879c01d0bd0f1d5c5776C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\chrome.dll6214436b-2902-11e5-8292-3010b386d08d

Error: (07/12/2015 06:07:05 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: MISO)
Description: -2143485936

Error: (07/12/2015 06:07:05 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: NT AUTHORITY)
Description: -2143485936

Error: (07/12/2015 05:32:40 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: MISO)
Description: -2143485936

Error: (07/12/2015 05:32:40 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: NT AUTHORITY)
Description: -2143485936

Error: (07/12/2015 05:20:29 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: MISO)
Description: -2143485936

Error: (07/12/2015 05:20:29 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: NT AUTHORITY)
Description: -2143485936

Error: (07/12/2015 12:55:07 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: MISO)
Description: -2143485936

Error: (07/12/2015 12:55:07 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: NT AUTHORITY)
Description: -2143485936

Error: (07/11/2015 11:01:54 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d


CodeIntegrity Errors:
===================================
  Date: 2015-04-17 13:27:35.336
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Michal\Downloads\Wallhack 2014 Sxe 15.2\X-trap Kill\ehawzhbsz.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-17 13:27:35.144
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Michal\Downloads\Wallhack 2014 Sxe 15.2\X-trap Kill\ehawzhbsz.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-17 13:27:34.945
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Michal\Downloads\Wallhack 2014 Sxe 15.2\X-trap Kill\jecjmfil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-17 13:27:34.743
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Michal\Downloads\Wallhack 2014 Sxe 15.2\X-trap Kill\jecjmfil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-17 13:27:34.541
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Michal\Downloads\Wallhack 2014 Sxe 15.2\X-trap Kill\ttcooxyrq.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-17 13:27:34.343
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Michal\Downloads\Wallhack 2014 Sxe 15.2\X-trap Kill\ttcooxyrq.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-17 13:27:34.082
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Michal\Downloads\Wallhack 2014 Sxe 15.2\X-trap Kill\askubnh.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-17 13:27:33.883
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Michal\Downloads\Wallhack 2014 Sxe 15.2\X-trap Kill\askubnh.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-17 13:27:33.686
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Michal\Downloads\Wallhack 2014 Sxe 15.2\X-trap Kill\jazkss.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-17 13:27:33.485
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Michal\Downloads\Wallhack 2014 Sxe 15.2\X-trap Kill\jazkss.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Percentage of memory in use: 42%
Total physical RAM: 3982.53 MB
Available physical RAM: 2285.19 MB
Total Virtual: 5390.53 MB
Available Virtual: 3482.38 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:130.28 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:258.35 GB) (Free:186.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 167000E5)

Partition: GPT Partition Type.

==================== End of log ============================