﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Majo (2016-04-06 21:41:08)
Running from C:\Users\Majo\Desktop
Windows 7 Professional Service Pack 1 (X64) (2012-10-12 11:09:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-10045416-4287872468-1430362162-500 - Administrator - Disabled)
Guest (S-1-5-21-10045416-4287872468-1430362162-501 - Limited - Enabled)
Majo (S-1-5-21-10045416-4287872468-1430362162-1000 - Administrator - Enabled) => C:\Users\Majo
Mcx1-MAJO-PC (S-1-5-21-10045416-4287872468-1430362162-1010 - Limited - Enabled) => C:\Users\Mcx1-MAJO-PC

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\uTorrent) (Version: 3.4.6.42094 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MG3100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series) (Version:  - )
Canon MG3100 series On-screen Manual (HKLM-x32\...\Canon MG3100 series On-screen Manual) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)
Epson Event Manager (HKLM-x32\...\{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}) (Version: 2.40.0009 - SEIKO EPSON CORPORATION)
ESET NOD32 Antivirus (HKLM\...\{0A550E73-F1EE-491C-B2D4-7AB832851AB2}) (Version: 8.0.304.1 - ESET, spol s r. o.)
Etron USB3.0 Host Controller (x32 Version: 0.104 - Etron Technology) Hidden
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.110 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0011.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Hitman Absolution v1.0.446.0 (HKLM-x32\...\Hitman Absolution_is1) (Version:  - )
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418072F0}) (Version: 8.0.720.15 - Oracle Corporation)
Java 8 Update 74 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418074F0}) (Version: 8.0.740.2 - Oracle Corporation)
javas version 2.0.6.0 (HKLM-x32\...\javas 2.0.6.0_is1) (Version:  - Company: Pepinator)
Kanto Audio Editor version 1.0.0.0 (HKLM-x32\...\{BB637D24-B54A-4E13-87D2-BE745A1C0E92}_is1) (Version: 1.0.0.0 - Globosoft S.R.L.)
K-Lite Codec Pack 9.3.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.3.0 - )
Malwarebytes Anti-Malware verzia 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2013 Professional Plus (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.20.5318 - Electronic Arts, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7687 - Realtek Semiconductor Corp.)
Registrácia používateľa produktu Canon MG3100 series (HKLM-x32\...\Registrácia používateľa produktu Canon MG3100 series) (Version:  - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-041B-0000-0000000FF1CE}_Office15.PROPLUS_{E7AC0ACE-04DF-49FA-835F-0D66FF7E0D9F}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E93D8472-11CA-4A0C-B31F-C82C9E9AA1CC}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E93D8472-11CA-4A0C-B31F-C82C9E9AA1CC}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 32-Bit Edition (HKLM-x32\...\{90150000-012B-041B-0000-0000000FF1CE}_Office15.PROPLUS_{E93D8472-11CA-4A0C-B31F-C82C9E9AA1CC}) (Version:  - Microsoft)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR archivátor (HKLM\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {166806FC-7527-4180-BF17-812D46283007} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {18C55311-9B3D-4DCE-AE78-681E23135977} - System32\Tasks\{A4C9343E-E455-4D6E-A7BF-13EC45F0FEDF} => pcalua.exe -a C:\Users\Majo\Desktop\StarCraftII_CZ_1.17\StarCraftII_CZ_1.17.exe -d C:\Users\Majo\Desktop\StarCraftII_CZ_1.17
Task: {1BB6555C-621C-4ABA-8F38-89F595C6DDED} - System32\Tasks\GoogleUpdateTaskMachineCore1d0f17a9a082228 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {23C2ECA4-5A32-4948-8F33-B0F1CFA14EF8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {2B16F821-9BB9-4C4B-8105-995999FD0217} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e1bad67d9fd9 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {2E57D954-0C40-4332-B421-A419DC08F1D2} - System32\Tasks\{C86DB62F-5C9D-4D50-916C-A11A907E5059} => pcalua.exe -a "D:\Instalacky\Boris\Tomb Raider 2013 CZ\Mafia 1 – Plna Verze Hry – CZ\Mafia 1 – Plna Verze Hry – CZ\Setup.exe" -d "D:\Instalacky\Boris\Tomb Raider 2013 CZ\Mafia 1 – Plna Verze Hry – CZ\Mafia 1 – Plna Verze Hry – CZ"
Task: {3E7B36F4-46A0-4ECF-8EAF-3BD5C41A5238} - System32\Tasks\GoogleUpdateTaskMachineCore1d04123acc9274b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {3F2045DD-78E6-4F88-A3BC-803ADE7F238D} - System32\Tasks\GoogleUpdateTaskMachineCore1cf696642b75553 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {4308E426-89E1-4131-A0B9-CF52EBFE639E} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6966435d0da0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {4874554C-A87F-49EE-B558-5F800DB8646B} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e1bad6221102 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {4D396D90-6E32-4C89-B764-67D8EB6864D0} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bf9d288ecc6d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {5034CFC9-BF23-49D8-9680-B3BF62350A5F} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-MAJO-PC => C:\Windows\ehome\McxTask.exe [2009-07-14] (Microsoft Corporation)
Task: {50C2C904-96FA-425B-A27F-01F41DD8BC7E} - System32\Tasks\GoogleUpdateTaskMachineCore1d0900220db32 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {5EF1F95E-79C6-48C8-8B89-7C707D6BDD7A} - System32\Tasks\GoogleUpdateTaskMachineUA1d00065e077b5f0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {64C03434-98C9-470E-9909-7F6778C9CA56} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET NOD32 Antivirus 8.0\upgrade.exe [2015-11-23] (ESET)
Task: {71DF3E1F-2F83-427F-B16B-91D96FE38898} - \temp_89d4da5d-cc3f-4b02-acc7-6cd00e5003e3-2 -> No File <==== ATTENTION
Task: {73255364-4A0F-4486-8A02-81AD2D920C79} - \temp_89d4da5d-cc3f-4b02-acc7-6cd00e5003e3-6 -> No File <==== ATTENTION
Task: {7367094C-F17D-4EA7-ACE5-D8B5743D32B5} - \89d4da5d-cc3f-4b02-acc7-6cd00e5003e3-7 -> No File <==== ATTENTION
Task: {8FA796CA-FB77-4FAD-8F23-F3A838F2F3B6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-24] (Adobe Systems Incorporated)
Task: {94180B9F-8B25-4FF3-9FD3-718DEBA97BDE} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS\AutoKMS.exe
Task: {98B1F0FD-9252-4CD1-85FE-FA1368A73C53} - \89d4da5d-cc3f-4b02-acc7-6cd00e5003e3-5 -> No File <==== ATTENTION
Task: {A36EC522-0063-4D55-96BD-0C148286843A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {A42A9E55-1618-4EDD-AB91-949C4A71A4CB} - System32\Tasks\GoogleUpdateTaskMachineUA1d090029ff81e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {AA4B67AE-82BD-4E2D-8F75-3C4565C76D0D} - System32\Tasks\GoogleUpdateTaskMachineUA1d0f17a9a6a19b8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {AD430ACE-6B14-4893-A996-8075509A1489} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {B791802E-9ACB-4F39-8923-405E3D539AA9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {BBF1ADA2-8BFB-4DA2-A0A5-6697C34C1858} - System32\Tasks\GoogleUpdateTaskMachineUA1d15e8d558b16aa => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {C0B721E7-233D-47D0-AA27-C11386B19B13} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {C53BC5DD-2E7A-4936-949B-A9FF3F404D3B} - System32\Tasks\Driver Booster SkipUAC (Majo) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {FAA67B9A-788E-40CF-B2A1-F7352BBE78A1} - \89d4da5d-cc3f-4b02-acc7-6cd00e5003e3-6 -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d15e8d558b16aa.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2012-10-12 13:51 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2015-11-18 03:24 - 2015-11-18 03:24 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2013-10-06 23:12 - 2011-02-07 09:56 - 00138192 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-02-17 19:35 - 2012-05-06 19:20 - 00022336 _____ () C:\Program Files\CCleaner\branding.dll
2015-06-01 19:28 - 2015-06-01 19:28 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1051.dll
2016-03-29 10:13 - 2016-03-27 09:58 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.110\libglesv2.dll
2016-03-29 10:13 - 2016-03-27 09:58 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.110\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\123simsen.com -> www.123simsen.com

There are 7810 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-03-19 18:54 - 00000929 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 nlsk.neulion.com
146.185.131.14 mf.svc.nhl.com
146.185.131.14 mf.svc.nhl.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-10045416-4287872468-1430362162-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Majo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: EADM => "D:\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: uTorrent => "C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{F9754A87-24B8-41C3-8EB0-99FE7E89E5CE}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{2B298DFC-465A-4165-B0DC-D783F1E2E097}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{B20B4680-2444-4731-BC94-6D5D2C946730}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{62D34D3F-39EF-40FA-8BC0-62751339D805}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [TCP Query User{F4F5E916-5A3A-4711-9075-0120066F57F4}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{B723E072-DE3F-4AC3-8603-CE401CC44DF5}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{4FB6DC2B-79C3-420B-817C-C48B0D23D95C}] => (Allow) C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8B39A59C-B1E2-4514-A273-AC2383AED124}] => (Allow) C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{BAC91593-16CA-4BDD-92D1-8610AFFEBB57}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{E9BA57B3-DA39-4DAA-BB3E-8CDE2EAF6E20}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{3D26D49C-312C-4476-8BC0-6424CBFAB8B4}] => (Allow) D:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{21A260EB-2EBA-4B6B-8FD6-9DB978065A31}] => (Allow) D:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{97ABC44D-02E5-48D7-8F0C-EA0CA16F84BF}] => (Allow) D:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{96834CD0-BCE0-43C4-A32D-C164A19AF391}] => (Allow) D:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{5B44AE17-3739-4595-BFBF-5F24A3486F5C}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{7FFF6AFA-52B8-4805-B791-2F95DF6CDBC8}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{834EF6BD-A945-4BA5-9C20-17002E5E3471}] => (Allow) D:\Hry\FIFA 15\FIFA 14\Game\fifa14.exe
FirewallRules: [{82D019EF-BF4C-4B82-94AE-D237E821926A}] => (Allow) D:\Hry\FIFA 15\FIFA 14\Game\fifa14.exe
FirewallRules: [{F0996CBE-65F0-482C-B809-03BCB2953B1A}] => (Allow) D:\Hry\FIFA 15\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{FC798A61-836A-4D3F-A26E-BBA254CD56C7}] => (Allow) D:\Hry\FIFA 15\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [TCP Query User{0686A25E-CDBF-44BC-A854-1C5541D33B34}D:\hry\fifa 15\fifa 15\fifa15.exe] => (Allow) D:\hry\fifa 15\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{5D7EDC59-9FAF-4909-AE72-87B1971D7502}D:\hry\fifa 15\fifa 15\fifa15.exe] => (Allow) D:\hry\fifa 15\fifa 15\fifa15.exe
FirewallRules: [{41E3462D-3E78-4E7F-8BA5-92F33B01917B}] => (Allow) LPort=80
FirewallRules: [{15FB0215-ACD6-4D99-9128-91ADF09BD1A2}] => (Allow) LPort=443
FirewallRules: [{84FC330A-B611-498E-9F80-58DDD5EBF460}] => (Allow) LPort=20010
FirewallRules: [{8F0BF1A7-BC41-403F-B7F7-EDA75727D333}] => (Allow) LPort=3478
FirewallRules: [{2AB1BF6A-BB58-42C3-84B0-0322CC362AB6}] => (Allow) LPort=7850
FirewallRules: [{E3E78253-668A-4061-9C11-05028EA9AADE}] => (Allow) LPort=7852
FirewallRules: [{F764CD89-ACA1-44D2-9140-CADDE509D3E2}] => (Allow) LPort=7853
FirewallRules: [{9F7BBF60-C8A6-47DA-B2F1-F5F19A4A305F}] => (Allow) LPort=27022
FirewallRules: [{AB0CC684-AE8A-457F-9EE8-E4E69B4428E6}] => (Allow) LPort=6881
FirewallRules: [{30FABE6A-AF73-4867-9BE3-D733B1AED1D5}] => (Allow) LPort=33333
FirewallRules: [{2F719A79-6BB7-4A0C-86CB-1189EBD33E37}] => (Allow) LPort=20443
FirewallRules: [{A00E89CB-9496-4E8D-B751-D1CEDF98DD38}] => (Allow) LPort=8090
FirewallRules: [{964669D7-420F-40F6-ABA2-E7D824727950}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

05-04-2016 17:06:22 Plánovaný kontrolný bod
05-04-2016 22:44:23 Windows Update

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/06/2016 09:26:28 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/06/2016 09:26:28 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/06/2016 09:26:28 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (04/06/2016 09:19:27 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivácia licencie systému Windows zlyhala. Chyba: 0x80070005.

Error: (04/06/2016 09:16:22 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivácia licencie systému Windows zlyhala. Chyba: 0x80070005.

Error: (04/06/2016 09:08:45 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivácia licencie systému Windows zlyhala. Chyba: 0x80070005.

Error: (04/06/2016 08:28:23 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (04/06/2016 07:28:22 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (04/06/2016 06:28:22 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (04/06/2016 05:28:22 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005


System errors:
=============
Error: (04/06/2016 09:17:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (04/06/2016 09:14:35 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správca riadenia služieb sa po neočakávanom ukončení služby Windows Search pokúsil vykonať opravnú akciu (Reštartovať službu), ale táto činnosť zlyhala s nasledujúcou chybou: 
%%1056

Error: (04/06/2016 09:14:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Media Player - služba zdieľania v sieti sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (04/06/2016 09:14:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Software Protection sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (04/06/2016 09:14:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (04/06/2016 09:14:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Live ID Sign-in Assistant sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 10000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (04/06/2016 09:14:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD FUEL Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (04/06/2016 09:14:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (04/06/2016 09:14:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Print Spooler sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 60000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (04/06/2016 09:14:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Modules Installer sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.


CodeIntegrity:
===================================
  Date: 2014-10-07 20:33:00.165
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-10-07 20:32:59.581
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-05-27 20:47:49.334
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-27 20:47:17.850
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-27 20:45:56.412
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-27 20:33:41.197
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-27 20:33:16.164
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: AMD FX(tm)-4100 Quad-Core Processor 
Percentage of memory in use: 34%
Total physical RAM: 8173.43 MB
Available physical RAM: 5359.2 MB
Total Virtual: 16345.07 MB
Available Virtual: 13343.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:78.03 GB) (Free:2.52 GB) NTFS
Drive d: () (Fixed) (Total:853.39 GB) (Free:132.61 GB) NTFS
Drive j: (Tom Clancys Rainbow Six Siege) (CDROM) (Total:13.37 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CA5EC093)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=853.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================