﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-08-2015
Ran by Roman (2015-08-17 22:28:03)
Running from C:\Users\Roman\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-884764461-3326907717-3377673253-500 - Administrator - Disabled)
Guest (S-1-5-21-884764461-3326907717-3377673253-501 - Limited - Disabled)
Roman (S-1-5-21-884764461-3326907717-3377673253-1002 - Administrator - Enabled) => C:\Users\Roman
Romanko (S-1-5-21-884764461-3326907717-3377673253-1005 - Administrator - Enabled) => C:\Users\Romanko
wormi_000 (S-1-5-21-884764461-3326907717-3377673253-1004 - Administrator - Enabled) => C:\Users\wormi_000

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Audition 3.0 (HKLM-x32\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Audition 3.0 Vista Compatibility (HKLM\...\{75d2897c-87aa-4a06-8710-3ebda9f02de0}.sdb) (Version:  - )
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 2.5.12.11 (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 - Game Of The Year Edition (HKLM-x32\...\Borderlands 2 - Game Of The Year Edition_is1) (Version: Borderlands 2 - Game Of The Year Edition - )
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Counter-Strike 1.6 (HKLM-x32\...\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}) (Version: 1.6 - )
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version:  - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dropbox (HKU\S-1-5-21-884764461-3326907717-3377673253-1002\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.11 - Lenovo)
Energy Management (x32 Version: 8.0.2.11 - Lenovo) Hidden
ESL Wire 1.18.0 (HKLM\...\ESL Wire_is1) (Version:  - Turtle Entertainment GmbH)
ExpressCache (HKLM\...\{6E55C9F8-138E-4128-8A9F-6464725BE98A}) (Version: 1.0.102.0 - Condusiv Technologies)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Pascal 2.6.4 (HKLM-x32\...\FreePascal_is1) (Version:  - Free Pascal Team)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.3 - Genesys Logic)
GhostMouse (HKLM-x32\...\GhostMouse_is1) (Version: Free V3.2.3 - ghost-mouse.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36943 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1304-148929CC1385}) (Version: 3.0.1304.0338 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10220 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.19.2 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5219.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5219.52 - CyberLink Corp.) Hidden
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0003 - Lenovo)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden
Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version:  - Line 6)
LiteMessenger (HKU\S-1-5-21-884764461-3326907717-3377673253-1002\...\693d1eeb92eaf5cb) (Version: 1.0.1.46 - Lubos)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.291 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Mi PC Suite (HKU\S-1-5-21-884764461-3326907717-3377673253-1002\...\MiPhoneManager) (Version:  - Xiaomi Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafický ovládač 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.60 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.0 - Lenovo)
Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)
Opera Stable 27.0.1689.76 (HKLM-x32\...\Opera 27.0.1689.76) (Version: 27.0.1689.76 - Opera Software ASA)
Opera Stable 27.0.1689.76 (HKLM-x32\...\Opera 27.0.1689.761) (Version: 27.0.1689.76 - Opera Software ASA)
Opera Stable 31.0.1889.99 (HKLM-x32\...\Opera 31.0.1889.99) (Version: 31.0.1889.99 - Opera Software)
osu! (HKLM-x32\...\{d365525e-68ee-43ae-abb0-65fab416f27d}) (Version: latest - ppy Pty Ltd)
Ovládací panel NVIDIA 355.60 (Version: 355.60 - NVIDIA Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Qualcomm Atheros Communications Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6923 - Realtek Semiconductor Corp.)
ReMouse Standard (HKLM-x32\...\ReMouse Standard_is1) (Version: Standard V3.5.3 - AutomaticSolution Software)
RivaTuner Statistics Server 6.2.0 (HKLM-x32\...\RTSS) (Version: 6.2.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Roll (HKLM-x32\...\RollerCoaster Tycoon Setup) (Version:  - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SteelSeries Engine 3.2.7 (HKLM\...\SteelSeries Engine 3) (Version: 3.2.7 - SteelSeries ApS)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
TeamSpeak 3 Client (HKU\S-1-5-21-884764461-3326907717-3377673253-1002\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43879 - TeamViewer)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Unity Web Player (HKU\S-1-5-21-884764461-3326907717-3377673253-1002\...\UnityWebPlayer) (Version: 5.0.0f4 - Unity Technologies ApS)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
UserGuide (x32 Version: 1.0.0.15 - Lenovo) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{87CEB7C0-1D35-11E2-8F19-F04DA23A5C58}) (Version: 12.0.394 - Sony)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Driver Package - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-884764461-3326907717-3377673253-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Roman\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-884764461-3326907717-3377673253-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Roman\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-884764461-3326907717-3377673253-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roman\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-884764461-3326907717-3377673253-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roman\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-884764461-3326907717-3377673253-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roman\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-884764461-3326907717-3377673253-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roman\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-884764461-3326907717-3377673253-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roman\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-884764461-3326907717-3377673253-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roman\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-884764461-3326907717-3377673253-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roman\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-884764461-3326907717-3377673253-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roman\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-884764461-3326907717-3377673253-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Roman\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

==================== Restore Points =========================

03-08-2015 12:21:19 Windows Update
06-08-2015 12:40:28 Windows Update
09-08-2015 16:32:07 Windows Update
12-08-2015 22:04:59 Windows Update
15-08-2015 22:10:38 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CF56F99-B68A-4F22-A6F8-C6DE33FFC759} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {13139985-EEBD-44E1-B04A-1873AEAB883F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-12] (Microsoft Corporation)
Task: {13230D31-9285-4098-BEF4-A7431F9BCFC0} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-07-01] ()
Task: {1799AC6A-8BE2-4EB6-BA69-402964214553} - System32\Tasks\HWID => C:\Program Files\HWMonitor_x64.exe [2014-05-05] (CPUID)
Task: {1C850A4B-D938-4607-82BC-F34181BC46B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-18] (Google Inc.)
Task: {28A1E99E-48EC-48E1-BB6B-554DC5CC1012} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-884764461-3326907717-3377673253-1002
Task: {443CE00F-C4A9-4AEF-8889-59BA7C2B4F67} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {55945B33-EA89-4648-AF0A-5E2F13729826} - System32\Tasks\{5C69BA86-606B-417F-8FCE-B7DB8B147223} => pcalua.exe -a F:\SETUP.EXE -d F:\ -c -autorun
Task: {5F792F0F-DEB9-4C52-8B2E-560239F0C532} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {71FAE3B3-C363-4694-95F6-660669B58B79} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-18] (Google Inc.)
Task: {8C6B3C33-D5AF-47EE-ABC2-5D1F4BE71681} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-07] (AVAST Software)
Task: {9CA62E9F-F494-49FA-87D4-2A4F4B46ED42} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {A78B6D1E-9C2D-48BD-B925-750D36E0302B} - System32\Tasks\UMonitor Task => C:\windows\system32\UMonit64.exe
Task: {A960985B-0AF5-48E6-83A7-7C58145380B0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {AF50EFD3-D62B-45DE-B73E-4EB3BDB875C0} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {C2C576BF-015D-43FE-940D-3478F18622B7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {D9730714-0275-4210-81AF-1BC9D673C545} - System32\Tasks\Opera scheduled Autoupdate 1410468338 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-30] (Opera Software)
Task: {FAE9DBFF-09F5-4D81-BEF4-16780996B340} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe [2015-08-15] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-884764461-3326907717-3377673253-1002Core1d0c24c68f82b7a.job => C:\Users\Roman\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-09-01 16:06 - 2015-08-07 06:34 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-12-16 21:50 - 2014-01-28 12:40 - 00663056 _____ () C:\Program Files\EslWire\service\WireHelperSvc.exe
2014-12-16 21:50 - 2014-10-09 16:22 - 00214016 _____ () C:\Program Files\EslWire\service\NocIPC64.dll
2014-07-11 22:51 - 2003-04-18 20:06 - 00008192 _____ () C:\WINDOWS\SysWOW64\srvany.exe
2014-07-11 22:51 - 2010-04-10 10:03 - 00077824 _____ () C:\WINDOWS\KMService.exe
2013-09-29 13:34 - 2013-09-29 13:34 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2013-09-29 13:34 - 2013-09-29 13:34 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-09-29 13:22 - 2013-04-09 08:39 - 00040960 _____ () C:\Windows\SysWOW64\UMonit64.exe
2015-08-07 12:16 - 2015-08-07 12:16 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-07 12:16 - 2015-08-07 12:16 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-17 20:52 - 2015-08-17 20:52 - 02961920 _____ () C:\Program Files\AVAST Software\Avast\defs\15081702\algo.dll
2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-03-30 19:55 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-04-18 14:38 - 2015-04-18 14:39 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-08-06 19:08 - 2015-08-06 19:08 - 58599032 _____ () C:\Program Files (x86)\Opera\31.0.1889.99\opera.dll
2015-08-06 19:08 - 2015-08-06 19:08 - 01781368 _____ () C:\Program Files (x86)\Opera\31.0.1889.99\libglesv2.dll
2015-08-06 19:08 - 2015-08-06 19:08 - 00081528 _____ () C:\Program Files (x86)\Opera\31.0.1889.99\libegl.dll
2014-09-01 15:35 - 2015-07-03 18:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 04:30 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-09-01 15:35 - 2015-08-12 20:26 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-20 04:30 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 04:30 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-09-01 15:35 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-09-01 15:35 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-09-01 15:35 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-09-01 15:35 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-09-01 15:35 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-09-01 15:35 - 2015-08-12 20:26 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-22 09:36 - 2015-07-27 03:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2014-09-01 15:35 - 2015-07-03 18:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade
AlternateDataStreams: C:\Users\Roman\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-884764461-3326907717-3377673253-1002\...\line6.net -> line6.net


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-884764461-3326907717-3377673253-1002\Control Panel\Desktop\\Wallpaper -> C:\Roman\plochapoz\1392191.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "SteelSeries Engine 3.lnk"
HKLM\...\StartupApproved\Run: => "OnekeyStudio"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "UpdateP2GShortCut"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-884764461-3326907717-3377673253-1002\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-884764461-3326907717-3377673253-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-884764461-3326907717-3377673253-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-884764461-3326907717-3377673253-1002\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-884764461-3326907717-3377673253-1002\...\StartupApproved\Run: => "MiPhoneManager"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E8EC1AC4-9AB5-4359-B7DE-882E5493862F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4E96E3C0-7384-426C-9EA9-9095895656A3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6E20078F-66B7-4433-8408-AFC75C536B87}] => (Allow) C:\Users\Roman\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{167F9ADE-1714-498A-A89C-C2AA13220CC5}] => (Allow) C:\Users\Roman\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [UDP Query User{6CDB918C-9ABA-46C4-A445-C3924BA972DF}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{844CD7F5-6A80-48F8-BAA8-25C5C4BC93FF}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{D270FBD9-53B3-4E29-BD9B-682013CC2125}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{2B9B1CEE-66D8-494F-9B79-3389E91C9046}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{07596489-CB20-490D-8373-BC8CAE4C28D4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{968B55F1-3C66-4860-B678-3D0B72D14144}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0530B3CC-DE17-49B1-9EEE-4886C69B9D6C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{44B1F247-AB52-4043-B2B7-55A5E4DEAC14}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{800FF19C-B316-4FBA-9FD8-D9B1C95E4A61}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{16892F33-E7DA-4E4B-B410-5641BAB4BD2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E58ED78B-BE10-4E74-9918-4359638F5AD2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{0D455FC0-6217-4310-8627-02464B03D5B7}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{A4673A3F-D4A7-4D39-8692-F2C5C8A9DE13}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{EFC2FDB8-6F5B-4982-B09F-BF43D04D12FE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6923A0D0-7D95-49D9-86B9-8C3BFA6D8DE9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{069F17F0-EE4F-4E31-A11F-83DAF45E8BA6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BFDB6CC1-3EAC-48B1-A9F0-FBD12BB0935C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7AF43F88-1101-4472-9EAB-33E4DA0B8709}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{2F9B70EC-24C0-46E3-862C-736C141FE285}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{9858585A-FF08-4A4A-A403-5FC34D1F4038}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
FirewallRules: [{13F11A6F-C38D-4D06-B8BC-113D1BFAF7D3}] => (Allow) C:\Program Files (x86)\2K Games\Borderlands 2 - Game Of The Year Edition\Binaries\Win32\borderlands2.exe
FirewallRules: [{57F3CCB6-1FA6-47E2-A169-C95F878D2AF2}] => (Allow) C:\Program Files (x86)\2K Games\Borderlands 2 - Game Of The Year Edition\Binaries\Win32\borderlands2.exe
FirewallRules: [{7C3F0BAB-47A0-4FFA-8A5D-256A57CB22A6}] => (Allow) C:\Program Files (x86)\2K Games\Borderlands 2 - Game Of The Year Edition\Binaries\Win32\borderlands2.exe
FirewallRules: [{03B11750-B947-4B9C-B83F-EDE4D3EB18FD}] => (Allow) C:\Program Files\EslWire\wire.exe
FirewallRules: [{E6E9C5E5-0E6C-4E13-8C41-E48F7252FBA3}] => (Allow) C:\Program Files\EslWire\wire.exe
FirewallRules: [TCP Query User{CFEC05BD-66B3-4D78-AD52-0F38A417B3AA}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe
FirewallRules: [UDP Query User{02933B25-27F9-4870-803F-2DBE5A9FFABA}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe
FirewallRules: [{11909AFA-694D-405A-BDB9-93089EFC099E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{12B267A3-56D9-494F-A2FE-6B87BF770B6E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{E89B5928-1A14-4DAC-90FE-B2BE7EAC5555}C:\users\roman\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\roman\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{BEFD54E1-F31D-4C97-8D2C-4300071D5B1A}C:\users\roman\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\roman\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{E3FE682A-9F8E-4B9D-A55F-16582189AB58}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{893A2E50-77F7-4768-A280-30293AB2B124}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{777ECB95-9833-453D-9D42-BD5AA6093673}] => (Block) C:\Program Files\Rockstar Games\Social Club\subprocess.exe
FirewallRules: [TCP Query User{96216096-8D51-4DD8-A3AC-70C835A14245}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{C3C1E827-F9E3-43E1-A894-2C209389D9F4}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{7E4F09B5-B338-4C12-A4D8-F10991ED3F2C}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{9CA7B1D3-27A9-49E3-ACC6-1E36998513EE}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{0DB9C20B-77D2-4A68-AA0A-B4ED2EE7B455}] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{D9CCA826-EB53-4754-B653-3C9D0F758307}] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{4243E4FC-0AD5-4385-9328-E045B9525D96}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{B2BBA480-3769-4AC4-91EF-AD80AB548B67}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [{F297A39A-3C6D-40ED-9AB6-AEF404467F0C}] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [{4FFFBB6C-B8D5-465E-8721-22F9D631C114}] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [{9787506E-FB01-4855-B238-59C332521210}] => (Allow) C:\Users\Roman\AppData\Local\MiPhoneManager\main\MiPCSuite.exe
FirewallRules: [TCP Query User{DC3331AA-2779-4E72-A230-44FBEA75ADEE}C:\users\roman\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\roman\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe
FirewallRules: [UDP Query User{2EE0F609-354C-440D-8C49-78BDF466B0AF}C:\users\roman\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\roman\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe
FirewallRules: [{AAB2648E-9E2F-4185-BF15-BBAD83C01A60}] => (Block) C:\users\roman\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe
FirewallRules: [{C7D7A836-FF54-447A-A050-B1EF8FB022ED}] => (Block) C:\users\roman\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe
FirewallRules: [{F9FF2652-ED5E-4B0D-944B-B31452077EF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2B477E8C-789B-42D2-BFAC-F67CAD881E95}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A3C5D09E-C682-4B3E-94B6-1CCDFC24CAA9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{2B3B91A3-A7C8-4D86-8111-10D65ED1193F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B77CA61F-E75F-4971-9C9F-18B45F00262C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6D8847E2-2108-4783-A540-8FAEC609F1B5}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{320C5E7E-A17C-4AF5-BBF2-5DF3D23E060B}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{6E49454B-736D-4912-8F8C-9274B8A2834B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{640EDEBD-1F20-4DFC-9768-04534504A506}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2491F300-ED5C-41D7-AC47-DC5B43FE62BD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{88146C78-C955-4CC2-8D87-D5C23E54A6CF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{21D75756-D32C-421F-B533-9BC2B2428779}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/17/2015 10:11:15 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Office 64-bit Components 2010 – Aktualizáciu Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition sa nepodarilo nainštalovať. Kód chyby je 1603. Inštalátor systému Windows umožňuje vytvárať denníky, ktoré vám môžu pomôcť pri odstraňovaní problémov s inštaláciou softvérových balíkov. Pokyny na zapnutie podpory zapisovania do denníka zobrazíte po kliknutí na nasledovné prepojenie: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/17/2015 09:05:54 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (08/17/2015 07:46:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program ts3client_win64.exe version 3.0.16.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: d38

Start Time: 01d0d91489dfb8e6

Termination Time: 4

Application Path: C:\Users\Roman\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe

Report Id: d19c45ba-4507-11e5-becb-28d2442cad63

Faulting package full name: 

Faulting package-relative application ID:

Error: (08/17/2015 07:07:59 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Office 64-bit Components 2010 – Aktualizáciu Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition sa nepodarilo nainštalovať. Kód chyby je 1603. Inštalátor systému Windows umožňuje vytvárať denníky, ktoré vám môžu pomôcť pri odstraňovaní problémov s inštaláciou softvérových balíkov. Pokyny na zapnutie podpory zapisovania do denníka zobrazíte po kliknutí na nasledovné prepojenie: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/17/2015 06:50:58 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Office 64-bit Components 2010 – Aktualizáciu Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition sa nepodarilo nainštalovať. Kód chyby je 1603. Inštalátor systému Windows umožňuje vytvárať denníky, ktoré vám môžu pomôcť pri odstraňovaní problémov s inštaláciou softvérových balíkov. Pokyny na zapnutie podpory zapisovania do denníka zobrazíte po kliknutí na nasledovné prepojenie: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/17/2015 06:46:23 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Office 64-bit Components 2010 – Aktualizáciu Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition sa nepodarilo nainštalovať. Kód chyby je 1603. Inštalátor systému Windows umožňuje vytvárať denníky, ktoré vám môžu pomôcť pri odstraňovaní problémov s inštaláciou softvérových balíkov. Pokyny na zapnutie podpory zapisovania do denníka zobrazíte po kliknutí na nasledovné prepojenie: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/17/2015 05:18:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15453

Error: (08/17/2015 05:18:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15453

Error: (08/17/2015 05:18:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/17/2015 05:18:42 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Office 64-bit Components 2010 – Aktualizáciu Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition sa nepodarilo nainštalovať. Kód chyby je 1603. Inštalátor systému Windows umožňuje vytvárať denníky, ktoré vám môžu pomôcť pri odstraňovaní problémov s inštaláciou softvérových balíkov. Pokyny na zapnutie podpory zapisovania do denníka zobrazíte po kliknutí na nasledovné prepojenie: http://go.microsoft.com/fwlink/?LinkId=23127


System errors:
=============
Error: (08/17/2015 10:11:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80070643: Aktualizácia pre produkt Microsoft Office 2010 (KB2553347) 32-bitové vydanie.

Error: (08/17/2015 09:01:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby VBoxAsw Support Driver zlyhalo kvôli nasledujúcej chybe: 
%%2

Error: (08/17/2015 09:00:57 PM) (Source: BTHUSB) (EventID: 30) (User: )
Description: Lokálny adaptér nepodporuje dôležitý stav radiča pri nedostatku energie. Minimálna požadovaná maska podporovaného stavu je 0x1f7fffff, k dispozícii je 0x1f3fffff. Funkcia kritického nedostatku energie sa vypne.

Error: (08/17/2015 09:00:25 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll

Error: (08/17/2015 09:00:25 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll

Error: (08/17/2015 09:00:23 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll

Error: (08/17/2015 09:00:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (08/17/2015 09:00:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Stereoscopic 3D Driver Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (08/17/2015 09:00:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (08/17/2015 09:00:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Display Driver Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


Microsoft Office:
=========================
Error: (08/17/2015 10:11:15 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Microsoft Office Office 64-bit Components 2010Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition1603(NULL)(NULL)(NULL)

Error: (08/17/2015 09:05:54 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (08/17/2015 07:46:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ts3client_win64.exe3.0.16.0d3801d0d91489dfb8e64C:\Users\Roman\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exed19c45ba-4507-11e5-becb-28d2442cad63

Error: (08/17/2015 07:07:59 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Microsoft Office Office 64-bit Components 2010Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition1603(NULL)(NULL)(NULL)

Error: (08/17/2015 06:50:58 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Microsoft Office Office 64-bit Components 2010Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition1603(NULL)(NULL)(NULL)

Error: (08/17/2015 06:46:23 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Microsoft Office Office 64-bit Components 2010Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition1603(NULL)(NULL)(NULL)

Error: (08/17/2015 05:18:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15453

Error: (08/17/2015 05:18:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15453

Error: (08/17/2015 05:18:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/17/2015 05:18:42 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Microsoft Office Office 64-bit Components 2010Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition1603(NULL)(NULL)(NULL)


CodeIntegrity:
===================================
  Date: 2015-08-17 19:46:14.409
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-17 19:46:11.705
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-17 14:50:14.869
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-17 14:49:10.682
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-17 12:17:49.300
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-17 12:17:07.139
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-17 11:48:02.708
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-17 11:47:22.585
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-17 11:44:10.647
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-17 11:43:19.826
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Percentage of memory in use: 45%
Total physical RAM: 7986.27 MB
Available physical RAM: 4365.35 MB
Total Virtual: 9266.27 MB
Available Virtual: 5011.82 MB

==================== Drives ================================

Drive c: (Windows8) (Fixed) (Total:889.27 GB) (Free:405.26 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.66 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 22.4 GB) (Disk ID: 5DE62CF6)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 5DE62CF7)

Partition: GPT.

==================== End of log ============================