Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-12-2017 01
Ran by Michal (25-12-2017 18:42:52)
Running from C:\Users\Michal\Desktop
Microsoft Windows 7 Professional  Service Pack 1 (X86) (2016-02-17 12:55:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2665996858-3576351067-2021870907-500 - Administrator - Disabled)
Guest (S-1-5-21-2665996858-3576351067-2021870907-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2665996858-3576351067-2021870907-1002 - Limited - Enabled)
Jana (S-1-5-21-2665996858-3576351067-2021870907-1000 - Administrator - Enabled) => C:\Users\Jana
Michal (S-1-5-21-2665996858-3576351067-2021870907-1003 - Administrator - Enabled) => C:\Users\Michal

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Backup and Sync from Google (HKLM\...\{908DB568-E5FA-40C7-A2AA-AB340190858B}) (Version: 3.38.7642.3857 - Google, Inc.)
Bluetooth Win7 Suite (HKLM\...\{101A497C-7EF6-4001-834D-E5FA1C70FEFA}) (Version: 7.4.0.96 - Meno vašej spoločnosti)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.196.8 - Broadcom Corporation)
Cambridge Advanced Learner's Dictionary (HKLM\...\Cambridge Advanced Learner's Dictionary) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0115 - Disc Soft Ltd)
FastStone Image Viewer 5.5 (HKLM\...\FastStone Image Viewer) (Version: 5.5 - FastStone Soft)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.3.0.118 - Foxit Software Inc.)
Google Earth Pro (HKLM\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 63.0.3239.84 - Spoločnosť Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.14.8.1075 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Launch Manager (HKLM\...\LManager) (Version: 5.1.7 - Acer Inc.)
Malwarebytes verzia 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Standard 2007 (HKLM\...\STANDARD) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
PSPad editor (HKLM\...\PSPad editor_is1) (Version: 4.6.0.2700 - Jan Fiala)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6374 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.18.0 - Synaptics Incorporated)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
WinRAR 5.30 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2665996858-3576351067-2021870907-1003_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files\PSPad editor\pspshellx32.dll ()
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-11-20] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-11-20] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-11-20] (Google)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files\Bluetooth Suite\BtvAppExt.dll [2011-09-16] (Atheros Commnucations)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [2016-01-08] (Foxit Software Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2017-11-20] (Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files\Bluetooth Suite\ShellContextExt.dll [2011-09-16] (Atheros Commnucations)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2017-11-20] (Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-02-27] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2665996858-3576351067-2021870907-1003: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files\PSPad editor\pspshellx32.dll [2014-11-02] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {132EE82F-FDEC-481A-A47A-4A26608F156D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {5897A3E8-F199-47B7-99ED-4537B38715EF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-17] (Google Inc.)
Task: {A80F94DB-7038-4926-B45B-C0F534AEBEA5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-17] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> {9D6B0768-E83D-4038-92F2-8BECC069254F}

==================== Loaded Modules (Whitelisted) ==============

2016-02-28 20:18 - 2014-11-02 18:44 - 000027136 _____ () C:\Program Files\PSPad editor\pspshellx32.dll
2016-02-22 07:57 - 2016-02-22 07:57 - 000169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0d288350c26a4fac94c8e1f2ee3e945c\IsdiInterop.ni.dll
2016-02-17 14:08 - 2010-11-06 00:50 - 000058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2017-12-17 13:43 - 2017-12-06 04:48 - 003062104 _____ () C:\Program Files\Google\Chrome\Application\63.0.3239.84\libglesv2.dll
2017-12-17 13:43 - 2017-12-06 04:48 - 000085848 _____ () C:\Program Files\Google\Chrome\Application\63.0.3239.84\libegl.dll
2017-12-25 18:35 - 2016-09-13 14:00 - 000109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-12-25 18:35 - 2016-09-13 14:00 - 000416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2017-12-25 18:35 - 2016-09-13 14:00 - 000167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-12-25 18:35 - 2017-05-12 11:36 - 000507464 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2017-12-21 14:29 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2665996858-3576351067-2021870907-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe
MSCONFIG\startupreg: EaseUS EPM Tray Agent => "C:\Program Files\EaseUS\EaseUS Partition Master 10.8\bin\TrayPopupE\TrayTipAgentE.exe"
MSCONFIG\startupreg: IAStorIcon => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{94FC1B9D-E143-44BD-BB14-6CAA912F730B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/25/2017 06:31:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SpyHunter4.exe version 4.22.8.4668 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: e70

Start Time: 01d37da5ed93926f

Termination Time: 6

Application Path: C:\Users\Michal\Desktop\SpyHunter v4.22.8.4668 Portable\SpyHunter\SpyHunter4.exe

Report Id: 6cb06294-e999-11e7-8e49-047d7b287c88

Error: (12/25/2017 02:25:27 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (12/25/2017 02:25:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (12/25/2017 02:17:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (12/25/2017 02:17:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (12/22/2017 11:09:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (12/22/2017 11:09:06 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (12/21/2017 07:15:28 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (12/21/2017 07:15:28 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (12/21/2017 06:44:17 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvorenie bodu obnovenia zlyhalo. (Proces = C:\Windows\system32\msiexec.exe /V; Popis = Removed SpyHunter; Chyba = 0x80070422).


System errors:
=============
Error: (12/25/2017 02:27:27 PM) (Source: HidBth) (EventID: 4) (User: )
Description: Počiatočné pripojenie k zariadeniu HID Bluetooth (7c:ed:8d:07:a2:bc) zlyhalo. Zariadenie sa odstránilo ako osobné alebo párové zariadenie. Zariadenie musíte preinštalovať.

Error: (12/25/2017 02:11:23 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: 
cdrom

Error: (12/25/2017 12:26:05 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Počas čakania na odpoveď transakcie od služby Netman bol dosiahnutý časový limit (30000 ms).

Error: (12/25/2017 12:02:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Služba Google Update (gupdate) zlyhalo kvôli nasledujúcej chybe: 
Služba neodpovedala na riadiaci alebo spúšťací pokyn načas.

Error: (12/25/2017 12:02:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Služba Google Update (gupdate) bol dosiahnutý časový limit (30000 ms).

Error: (12/25/2017 12:02:52 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (12/22/2017 11:06:43 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (12/22/2017 11:06:40 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (12/21/2017 10:07:26 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: 
cdrom

Error: (12/21/2017 06:45:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: 
cdrom


==================== Memory info =========================== 

Processor: Intel(R) Atom(TM) CPU N2800 @ 1.86GHz
Percentage of memory in use: 73%
Total physical RAM: 2036.3 MB
Available physical RAM: 540.26 MB
Total Virtual: 4072.6 MB
Available Virtual: 2059.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:49.95 GB) (Free:24.55 GB) NTFS
Drive d: () (Fixed) (Total:69.19 GB) (Free:27.99 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 336B3A6D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=69.2 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================