﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-11-2015
Ran by Sumatra (2015-11-19 16:22:14)
Running from C:\Users\Sumatra\Downloads
Windows 8.1 (X64) (2015-01-24 02:34:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3991480556-1381850406-516042308-500 - Administrator - Disabled)
Guest (S-1-5-21-3991480556-1381850406-516042308-501 - Limited - Disabled)
Sumatra (S-1-5-21-3991480556-1381850406-516042308-1001 - Administrator - Enabled) => C:\Users\Sumatra

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 16.2.1 - Hewlett-Packard) Hidden
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
ACDSee 7.0 PowerPack (HKLM-x32\...\{B0625F16-B742-4F75-9FD8-20B47ACC7DE2}) (Version: 7.0.43 - ACD Systems Ltd.)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 9 ActiveX (HKLM-x32\...\ShockwaveFlash) (Version: 9 - Adobe Systems)
Adobe Reader XI (11.0.13) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Arena 3.5 (HKLM-x32\...\Arena 3.5_is1) (Version:  - )
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.909 - DsNET Corp)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.7.4023 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.2.5426 - CyberLink Corp.)
Cyberlink PhotoDirector (Version: 5.0.2.5426 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.7.4016 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.1.3004 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.1.3004 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4.4119 - CyberLink Corp.)
Deep Fritz 12 DL (HKLM-x32\...\Deep Fritz 12 DL) (Version: 12 DL - ChessBase GmbH)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
Foxit PhantomPDF (HKLM-x32\...\{00CD7D62-056A-4F0F-9143-44522D44E6DD}) (Version: 6.0.32.507 - Foxit Corporation)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - FreeCodecPack)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{4B4EDB7B-4F54-4B86-8A4A-E1C5803CA374}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{E1BB50BA-7CCB-47CD-9FE3-03AAE6EEF862}) (Version: 12.0.30.219 - Hewlett-Packard Company)
ICQ6.5 (HKLM-x32\...\{60DE4033-9503-48D1-A483-7846BD217CA9}) (Version: 6.5 - ICQ)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6496.0 - IDT)
Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 cs)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Nero 7 Ultra Edition (HKLM-x32\...\{CF097717-F174-4144-954A-FBC4BF301029}) (Version: 7.02.9753 - Nero AG)
NVIDIA Graphics Driver 335.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.58 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1507.63 - Trusteer)
PDFMate PDF Converter 1.7.1 (HKLM-x32\...\PDFMate PDF Converter_is1) (Version:  - pdfmate.com)
PDFMate PDF Converter Professional 1.7.5 (HKLM-x32\...\PDFMate PDF Converter Professional_is1) (Version:  - pdfmate.com)
Rapport (x32 Version: 3.5.1507.63 - Trusteer) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.30175 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.7316 - CyberLink Corp.) Hidden
Seznam Instalátor (HKLM-x32\...\ssinstall) (Version:  - Seznam.cz)
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
Spy Emergency (HKLM\...\Spy Emergency_is1) (Version:  - NETGATE Technologies s.r.o.)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.44109 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

14-10-2015 09:18:50 Windows Update
22-10-2015 20:35:29 Windows Update
15-11-2015 22:00:02 Windows Update
17-11-2015 18:21:04 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
19-11-2015 13:45:07 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {263560A3-CFD4-45CD-B6A6-FFC091C9394F} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {26AA4AC6-2CD2-4D5B-9B93-10DF1CD6627F} - System32\Tasks\HPCeeScheduleForSumatra => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {5316F717-8DE0-43E4-B561-56E729C6D043} - System32\Tasks\{2EB688B3-4A74-4583-B5DA-3C46C8CDB120} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.3.0.101/cs/eula?source=lightinstaller
Task: {58781922-F89B-40EF-8658-8B1031A37BC0} - System32\Tasks\{942F357A-F17A-4A50-AF37-0F3108E38379} => pcalua.exe -a "C:\Heroes 5 - datadisk CZ záplata (oprava chyb a vylepšení)\heroes_might_magic_5_3.01_cz.exe" -d "C:\Heroes 5 - datadisk CZ záplata (oprava chyb a vylepšení)"
Task: {5BDB5E3D-9B92-496A-BD93-4121BC9D3570} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-28] (Hewlett-Packard)
Task: {635F813B-E562-4797-87D3-8697E3AF5045} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {6B8FBC57-BEEA-46E6-9947-328250C08504} - System32\Tasks\{32B3F536-BE22-4B16-A5BE-6F830CB87594} => pcalua.exe -a C:\Users\Sumatra\AppData\Roaming\mystartsearch\UninstallManager.exe -c  -ptid=cvs
Task: {8810A39D-FA47-487D-A851-C5ACB87120F2} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-10] (Adobe Systems Incorporated)
Task: {8960FBE9-7075-47CA-8DC8-E6FA8BC75EDE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {9EDEE4F3-82C6-407E-893C-9C2F308F881A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {B9638105-6C89-481A-A758-84DB0CBA2093} - System32\Tasks\avastBCLRestartS-1-5-21-3991480556-1381850406-516042308-1001 => Firefox.exe 
Task: {BEF62D34-F932-4D91-8768-D0973FF68BC6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {E2600596-46B4-468B-ABDF-D2392F45DD27} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {E8121E1F-6172-4A67-946E-86C3251B59C5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-24] (Avast Software s.r.o.)
Task: {F092FBDA-3E24-470E-ABA2-B3FA7CE99C88} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {FA11A392-D853-4AFF-BEA8-D3C4D102B648} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2015-11-15] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForSumatra.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (Whitelisted) ==============

2014-12-27 01:26 - 2014-05-18 21:01 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-28 14:31 - 2014-03-28 14:31 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-12-27 01:46 - 2014-04-14 19:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-05-30 17:20 - 2007-11-02 14:20 - 00243712 _____ () C:\Program Files\NETGATE\Spy Emergency\SSLEAY32.dll
2015-05-30 17:20 - 2007-11-02 14:20 - 01403904 _____ () C:\Program Files\NETGATE\Spy Emergency\LIBEAY32.dll
2015-05-30 17:20 - 2007-09-04 13:25 - 00198144 _____ () C:\Program Files\NETGATE\Spy Emergency\unrar.dll
2014-03-28 14:36 - 2014-03-28 14:36 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2015-06-24 15:02 - 2015-06-24 15:02 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-24 15:02 - 2015-06-24 15:02 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-11-19 13:48 - 2015-11-19 13:48 - 02991104 _____ () C:\Program Files\AVAST Software\Avast\defs\15111900\algo.dll
2014-12-27 01:41 - 2014-03-31 10:56 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-07-21 16:02 - 2015-07-21 16:02 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2015-03-19 21:04 - 2015-03-19 21:04 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3991480556-1381850406-516042308-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3991480556-1381850406-516042308-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-3991480556-1381850406-516042308-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{9D5B29FE-DC67-403A-8865-2D6A26E1F2A9}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{69897BED-3A16-4FED-98F1-9FB029BEC291}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{6EF4DC14-67A1-41A2-874F-0A458B2E4AE6}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{C54FB771-3E4A-470B-8BBA-DC22E7B0CEE7}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{5961BB1D-B51E-4AAC-A4F8-38EE72E72436}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{A2FD5FAF-F344-43E7-AA35-AF93B62F2195}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{5FC67060-800B-4578-8594-1C849A16061B}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{A1BF49B7-A661-4B91-9799-2CADE93FF659}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1892E240-5127-4744-8D32-69615050E909}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AB08D840-27EA-45BC-89AA-602942E12551}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{934FF9D0-0B26-41A5-AAC1-78C15198883B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{39126F08-4BC6-42B6-8513-2C911CEB927A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{758D747A-BE74-4694-89E6-85D230C9D71D}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{04E4960E-2D53-4359-9D10-4A909D8AEBFA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2F48B0F5-E79F-4D74-86D1-D20853FC1E4D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{86181086-FBE1-4EF4-A409-B9389AAD6484}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D327F744-AD59-4EE5-B463-D9134ED15D14}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1A4D6AC8-F6D4-4E69-9438-53E3C3141FFB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{E8950F67-9031-4E42-AB7A-B356F7371CCA}C:\users\sumatra\downloads\programy\strong\strongdc.exe] => (Block) C:\users\sumatra\downloads\programy\strong\strongdc.exe
FirewallRules: [UDP Query User{E0B50757-03AE-4698-8B98-DC843F7829D7}C:\users\sumatra\downloads\programy\strong\strongdc.exe] => (Block) C:\users\sumatra\downloads\programy\strong\strongdc.exe
FirewallRules: [TCP Query User{77366F12-9865-4892-9EBB-2CEC06AD08C5}C:\strong\strongdc.exe] => (Block) C:\strong\strongdc.exe
FirewallRules: [UDP Query User{80AE8B19-C0F7-41D1-BF04-0002592C8886}C:\strong\strongdc.exe] => (Block) C:\strong\strongdc.exe
FirewallRules: [TCP Query User{D623610B-ED5E-450A-9291-6CB446F899BA}C:\users\sumatra\downloads\marias_talon_cz.exe] => (Block) C:\users\sumatra\downloads\marias_talon_cz.exe
FirewallRules: [UDP Query User{FC0379B7-24FF-42B9-B2AD-8F9365714ECE}C:\users\sumatra\downloads\marias_talon_cz.exe] => (Block) C:\users\sumatra\downloads\marias_talon_cz.exe
FirewallRules: [TCP Query User{DBBE0C7A-4168-4578-8DB5-E9E4D37C9313}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{1011E189-818B-4385-B706-AFCF82A0E5A6}C:\users\sumatra\appdata\local\temp\nsw33c.tmp\setupmarias_talon_cz.exe] => (Allow) C:\users\sumatra\appdata\local\temp\nsw33c.tmp\setupmarias_talon_cz.exe
FirewallRules: [UDP Query User{5D3EDF66-7336-4D87-B7B9-0095B0259ECC}C:\users\sumatra\appdata\local\temp\nsw33c.tmp\setupmarias_talon_cz.exe] => (Allow) C:\users\sumatra\appdata\local\temp\nsw33c.tmp\setupmarias_talon_cz.exe
FirewallRules: [TCP Query User{A7A087F1-015B-4C3E-9476-12A737807CF2}C:\users\sumatra\appdata\local\temp\nsla7cd.tmp\setupmarias_talon_cz.exe] => (Allow) C:\users\sumatra\appdata\local\temp\nsla7cd.tmp\setupmarias_talon_cz.exe
FirewallRules: [UDP Query User{C9AF4D4A-6D43-4B8B-BF52-8249F6EA5A6B}C:\users\sumatra\appdata\local\temp\nsla7cd.tmp\setupmarias_talon_cz.exe] => (Allow) C:\users\sumatra\appdata\local\temp\nsla7cd.tmp\setupmarias_talon_cz.exe
FirewallRules: [TCP Query User{8A4DA2FA-5134-4DFB-BEDD-30E2E68426B1}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{82547BFE-26BA-487B-9C2F-37DFB02DF936}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{12AA5554-1147-41B2-9C07-2701713F8ABD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{962F99EB-52F3-4FE5-964A-C837BD0A97EB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{40AB0BBC-9D6A-4F6A-960A-A17709F73717}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe
FirewallRules: [{07E50780-6187-4738-9421-5330C30EE028}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe
FirewallRules: [{4EA7C449-743E-453B-8D80-A0CBDA844F98}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [{4DB37367-328B-44E9-AFC2-837BC2007761}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [{F64AB26B-69BA-4022-A7C4-A4492FEFC3C8}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [{56D86EDA-F1A3-46F3-A37C-28E3217A8004}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [{EDB478EB-8C5E-4D0E-8A02-70BACC6DE876}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [{AE7C03D3-5E1B-4409-97A6-C30A1861974A}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [{3366C151-4195-4FC0-8564-E69DA8468679}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [{76D42CD0-E4C5-47A5-A509-8CC95A8366CE}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [{21934308-AF05-4828-A62B-3FE9224825E3}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{382AFB1A-865F-402E-B5A3-D54B59FC0FB4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{67AB5692-A784-4A20-AF83-38CA94C177F0}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{F804818A-95B9-4F93-89C1-A0C4147739DF}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/19/2015 03:09:03 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Nelze načíst informace registru o čítači výkonu pro WSearchIdxPi pro instanci   z důvodu následující chyby: Operace byla dokončena úspěšně.   0x0.

Error: (11/19/2015 03:09:02 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Sledování výkonu objektu indexovacího modulu nebylo inicializováno, protože nejsou načteny čítače nebo nebyl otevřen sdílený objekt paměti. Tato skutečnost má vliv pouze na dostupnost čítačů výkonu. Restartujte počítač.

Kontext: aplikace , katalog SystemIndex

Error: (11/19/2015 03:09:02 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Sledování výkonu služby indexovacího modulu nebylo inicializováno, protože nejsou načteny čítače nebo nebyl otevřen sdílený objekt paměti. Tato skutečnost má vliv pouze na dostupnost čítačů výkonu. Restartujte počítač.

Error: (11/19/2015 03:04:46 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Nelze načíst informace registru o čítači výkonu pro WSearchIdxPi pro instanci   z důvodu následující chyby: Operace byla dokončena úspěšně.   0x0.

Error: (11/19/2015 03:04:46 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Sledování výkonu objektu indexovacího modulu nebylo inicializováno, protože nejsou načteny čítače nebo nebyl otevřen sdílený objekt paměti. Tato skutečnost má vliv pouze na dostupnost čítačů výkonu. Restartujte počítač.

Kontext: aplikace , katalog SystemIndex

Error: (11/19/2015 03:04:45 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Sledování výkonu služby indexovacího modulu nebylo inicializováno, protože nejsou načteny čítače nebo nebyl otevřen sdílený objekt paměti. Tato skutečnost má vliv pouze na dostupnost čítačů výkonu. Restartujte počítač.

Error: (11/18/2015 04:08:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: regsvr32.exe, verze: 6.3.9600.17415, časové razítko: 0x54505249
Název chybujícího modulu: REI_Engine.dll_unloaded, verze: 1.8.2.6, časové razítko: 0x5640b6d1
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000041dfe6
ID chybujícího procesu: 0xb2c
Čas spuštění chybující aplikace: 0xregsvr32.exe0
Cesta k chybující aplikaci: regsvr32.exe1
Cesta k chybujícímu modulu: regsvr32.exe2
ID zprávy: regsvr32.exe3
Úplný název chybujícího balíčku: regsvr32.exe4
ID aplikace související s chybujícím balíčkem: regsvr32.exe5

Error: (11/18/2015 03:29:21 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8

Error: (11/17/2015 06:18:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest2 na řádku C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Součást 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.

Error: (11/17/2015 00:54:02 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8


System errors:
=============
Error: (11/19/2015 03:05:13 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě: 
%%1056

Error: (11/19/2015 03:04:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Adaptér výkonu rozhraní WMI byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (11/19/2015 03:04:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Update Mgr CateredtoYou byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/19/2015 03:04:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Service Mgr CateredtoYou byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/19/2015 03:04:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba WdsManPro Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/19/2015 03:04:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Reimage Real Time Protector byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/19/2015 03:04:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (11/19/2015 03:04:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Support Solutions Framework Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/19/2015 03:04:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) ME Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/19/2015 03:04:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================
  Date: 2015-06-24 18:32:40.990
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4460S CPU @ 2.90GHz
Percentage of memory in use: 35%
Total physical RAM: 8131.06 MB
Available physical RAM: 5270.01 MB
Total Virtual: 9411.06 MB
Available Virtual: 6398.29 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:916.34 GB) (Free:750.61 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:13.69 GB) (Free:1.71 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: EB93ED5D)

Partition: GPT.

==================== End of Addition.txt ============================