﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-02-2017
Ran by Allonzo (26-02-2017 10:30:06)
Running from C:\Users\Allonzo\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-21 22:14:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2823601367-1896843323-1796517690-500 - Administrator - Disabled)
Allonzo (S-1-5-21-2823601367-1896843323-1796517690-1001 - Administrator - Enabled) => C:\Users\Allonzo
DefaultAccount (S-1-5-21-2823601367-1896843323-1796517690-503 - Limited - Disabled)
Guest (S-1-5-21-2823601367-1896843323-1796517690-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version:  - Skybox Labs)
AMD Catalyst Install Manager (HKLM\...\{00957033-C081-5235-665A-A014A6E2FF7B}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.70.1080 - AB Team, d.o.o.)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0222 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Heroes & Generals (HKLM\...\Steam App 227940) (Version:  - Reto-Moto)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 4.1.5.6 - PandoraTV)
Magic Duels (HKLM\...\Steam App 316010) (Version:  - Stainless Games Ltd.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.228 - McAfee, Inc.)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2823601367-1896843323-1796517690-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 cs)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6782 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
SafeFinder (HKLM-x32\...\{5AAF01F5-8828-46FA-8C9C-8A93E48C7436}) (Version: 1.0.0.0 - Linkury) <==== ATTENTION
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version:  - Ubisoft)
Tom Clancy's The Division PTS (HKLM-x32\...\Uplay Install 3502) (Version:  - Ubisoft)
TP-LINK TL-WN823N Driver (HKLM-x32\...\{CE194A8D-C8DF-47EB-AB04-5A54CDC1C5BD}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1C8B384F-E7A4-40B1-A2A2-298D46C933CA} - System32\Tasks\Microsoft Office 15 Sync Maintenance for X-COM-Allonzo X-com => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {423E6B9A-5903-439B-AA96-F40B40988843} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe 
Task: {6284ADB3-52E3-4303-83BF-4A4056F23DD2} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Allonzo\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {63A2E2B2-3C3F-4F53-BD65-74E110253C8A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {65E5149B-41DB-452A-9A90-81ECB9B4E535} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {D69A2B0E-5F5C-4061-94DC-806BE3CEB5DC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {F806EF03-6AFA-4229-81D5-AB902226432F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {F9C8FBC2-770E-4E6A-A57F-F7A2582C4AD8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 07:03 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 07:03 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-11-21 17:19 - 2016-11-21 17:19 - 00155016 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2017-02-22 18:03 - 2017-02-22 18:04 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-22 18:03 - 2017-02-22 18:04 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-22 18:03 - 2017-02-22 18:04 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 18:08 - 2017-02-06 18:08 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2016-09-21 23:48 - 2016-09-21 23:48 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 00:52 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 00:52 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 00:52 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 00:52 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 00:52 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 00:52 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-26 09:53 - 2017-02-26 09:53 - 04015056 _____ () C:\Users\Allonzo\Desktop\adwcleaner_6.043.exe
2017-01-23 05:29 - 2017-01-23 05:29 - 00055808 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.25.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Allonzo:Heroes & Generals [38]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2016-08-16 19:36 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts

 
127.0.0.1       localhost 

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2823601367-1896843323-1796517690-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-2823601367-1896843323-1796517690-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2823601367-1896843323-1796517690-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2AD23F36-BBFF-45CB-B4EE-42A6BA85C9D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8F02D210-F9C1-414F-9C07-FFB5D4AA3514}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E008B205-4054-4D48-8F82-5B116111B9F0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{EDA6B249-7899-4B9E-AFC7-3E71A61FF860}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F3621337-4FF3-4E9F-8521-33A31C4EACAE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{04267E52-0287-49E1-B72F-C550B249BCA2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{81E1E14B-FDD7-431E-8936-021B00ECA713}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{046BB00A-96AE-49DF-8363-EEB2C8CBA86C}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{54FD02DA-8FD4-44DB-BDE3-0A737447CFA5}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7A2F7828-EA10-4797-9FA5-164D9208114A}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{74041CFE-45F9-4A6B-8639-C37CE09197C2}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{A59A401D-D68F-42A7-937F-07FC1A9A59FD}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{2F00BEED-005C-4E96-A284-05197064E1A2}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{E8727B48-BF11-44DC-B40B-3A487ABCBE97}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{284402BC-1B04-49F8-9688-2A44ED1FB13F}D:\games\diablo iii\diablo iii.exe] => (Allow) D:\games\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{B1DACAEC-BF39-4AED-9D8B-992AE4B60AFF}D:\games\diablo iii\diablo iii.exe] => (Allow) D:\games\diablo iii\diablo iii.exe
FirewallRules: [{EEC9CB70-CECD-4E44-BFB1-1AB012AFE94F}] => (Allow) D:\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{56B7E9AE-46BD-4F70-BA52-C362E10C768F}] => (Allow) D:\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{1927C7B0-5865-4117-A722-47709FBEBB7B}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1873009B-2E29-48AD-ADB3-119679C86C8A}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{619D4411-9A7F-4EFB-9452-E5E6B9BA8241}] => (Allow) D:\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{CBC8BC91-03DD-4A14-B879-6995D1C0BEA0}] => (Allow) D:\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{35F9136B-7B5A-456E-9105-D749A9BCE3CB}] => (Allow) D:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{B95EE1DF-6B4E-4A4B-9EED-00D8899F8F74}] => (Allow) D:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [TCP Query User{BDEA720E-7297-4B09-A793-67A68C270AA0}D:\games\diablo iii\x64\diablo iii64.exe] => (Allow) D:\games\diablo iii\x64\diablo iii64.exe
FirewallRules: [UDP Query User{CCC6B2D6-B100-474E-8B3A-38260721B218}D:\games\diablo iii\x64\diablo iii64.exe] => (Allow) D:\games\diablo iii\x64\diablo iii64.exe
FirewallRules: [{F4B98678-828B-476F-ADF3-57592641C2D1}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe
FirewallRules: [{2641FC60-53DD-41B4-98DB-3801D1D91E82}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe
FirewallRules: [{D7B125ED-BAA7-4BBB-832C-3A5D62235935}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe
FirewallRules: [{F9898E0C-1023-4E55-9E63-ED4BBB9023EC}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe
FirewallRules: [{B5B7570E-9DF4-4C73-874B-5BB6AB121DCE}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe
FirewallRules: [{1F192229-495C-4D0A-9304-4EAE1D030064}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe
FirewallRules: [{4F87C3A6-B699-49A8-87DC-A6D27985F1DE}] => (Allow) D:\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{0266C507-3ADA-46A8-B7E0-A8AABD523C74}] => (Allow) D:\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [TCP Query User{0F1755AE-AF99-43C3-B752-9F3492D0B539}D:\torr\utorrent.exe] => (Allow) D:\torr\utorrent.exe
FirewallRules: [UDP Query User{60370882-0154-433A-93FC-089CC31B18E5}D:\torr\utorrent.exe] => (Allow) D:\torr\utorrent.exe

==================== Restore Points =========================

06-02-2017 05:56:16 Naplánovaný kontrolní bod
15-02-2017 10:36:39 Naplánovaný kontrolní bod
23-02-2017 05:06:30 Windows Update
26-02-2017 09:50:52 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: Časovač událostí s vysokou přesností
Description: Časovač událostí s vysokou přesností
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní systémová zařízení)
Service: 
Problem: : This device is disabled because the firmware of the device did not give it the required resources. (Code 29)
Resolution: Enable the device in the BIOS of the device.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/26/2017 10:30:05 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (02/26/2017 10:29:48 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (02/26/2017 10:29:39 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (02/26/2017 10:28:36 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (02/26/2017 10:15:22 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (02/26/2017 10:15:01 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (02/26/2017 10:12:18 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (02/26/2017 10:12:13 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (02/26/2017 10:12:00 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (02/26/2017 10:09:55 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error


System errors:
=============
Error: (02/26/2017 10:11:02 AM) (Source: DCOM) (EventID: 10010) (User: X-COM)
Description: Server {21F282D1-A881-49E1-9A3A-26E44E39B86C} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/26/2017 10:09:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba platformy připojených zařízení byla ukončena s následující chybou: 
Nespecifikovaná chyba

Error: (02/26/2017 06:47:30 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/25/2017 11:07:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 a APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/25/2017 11:07:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN se nepodařilo spustit.

Cesta k modulu: C:\WINDOWS\system32\Rtlihvs.dll
Kód chyby: 126

Error: (02/25/2017 11:06:24 PM) (Source: DCOM) (EventID: 10010) (User: X-COM)
Description: Server Windows.Networking.BackgroundTransfer.Internal.BackgroundTransferTask.ClassId.1 se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/25/2017 11:06:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/25/2017 06:27:51 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x0000000a (0xffffb88aac275042, 0x0000000000000002, 0x0000000000000000, 0xfffff80373be490a). Výpis byl uložen do: C:\WINDOWS\MEMORY.DMP. ID hlášení: 00306547-6183-428c-b16c-477226bf1d6d

Error: (02/25/2017 06:27:26 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN se nepodařilo spustit.

Cesta k modulu: C:\WINDOWS\system32\Rtlihvs.dll
Kód chyby: 126

Error: (02/25/2017 06:27:19 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (6:22:39, ‎25.‎02.‎2017) bylo neočekávané.


CodeIntegrity:
===================================
  Date: 2017-02-25 23:22:50.102
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-25 04:09:36.921
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-22 00:27:55.406
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-19 10:04:31.525
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-18 02:43:52.472
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-17 02:35:50.585
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-15 06:00:43.061
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-14 01:44:06.492
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-13 15:40:36.180
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-12 08:32:03.897
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: AMD Athlon(tm) X4 740 Quad Core Processor 
Percentage of memory in use: 21%
Total physical RAM: 8145.84 MB
Available physical RAM: 6420.27 MB
Total Virtual: 9425.84 MB
Available Virtual: 7645.33 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:488.59 GB) (Free:179.86 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:442.38 GB) (Free:251.33 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 350F029C)
Partition 1: (Not Active) - (Size=488.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=442.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: 99C499C4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

==================== End of Addition.txt ============================