﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-07-2016
Ran by Adam (2016-07-26 20:44:59)
Running from C:\Users\Adam\Desktop
Windows 10 Pro Version 1511 (X64) (2016-03-06 19:17:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Adam (S-1-5-21-2220474723-2386241334-741522455-1000 - Administrator - Enabled) => C:\Users\Adam
Administrator (S-1-5-21-2220474723-2386241334-741522455-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2220474723-2386241334-741522455-503 - Limited - Disabled)
Guest (S-1-5-21-2220474723-2386241334-741522455-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aktualizace NVIDIA 2.11.3.5 (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
AMD Catalyst Install Manager (HKLM\...\{F564317A-AB84-BEE8-A670-B6C09BC08AFB}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.76 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0154 - Disc Soft Ltd)
DVConnect (HKLM-x32\...\{26022CEC-C8C4-485B-B5CB-1D65A6C387D5}) (Version:  - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HP Color LaserJet Pro MFP M176 (HKLM-x32\...\{7ef5f914-a8e1-4f35-8b91-5f5a3ea16c55}) (Version: 15.0.15188.1205 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPCLJProMFPM176 (HKLM-x32\...\{0115E132-220C-4D53-BB1E-4BF8C025D28F}) (Version: 1.00.0000 - Hewlett-Packard)
HPDXP (x32 Version: 3.0.26.40 - HP) Hidden
HPLJDXPHelper (x32 Version: 140.069.007 - HP) Hidden
HPLJUTCore (x32 Version: 014.000.0001 - HP) Hidden
HPLJUTM176 (x32 Version: 008.000.0001 - HP) Hidden
hppLaserJetService (x32 Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM176LaserJetService (x32 Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 140.040.00231 - Hewlett Packard) Hidden
hpStatusAlertsM176 (x32 Version: 080.046.00111 - Hewlett-Packard) Hidden
Intel(R) Network Connections 17.4.95.0 (HKLM\...\PROSetDX) (Version: 17.4.95.0 - Intel)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
KeyDominator1 (HKLM-x32\...\BloodyKeyboard) (Version: 16.03.0002 - Bloody)
LJDXPHelperUI (x32 Version: 140.069.007 - HP) Hidden
Mafia Game (HKLM-x32\...\Mafia Game) (Version:  - )
Mafia II (HKLM-x32\...\Mafia II_is1) (Version:  - )
Microsoft Office Language Pack 2013  - Czech/čeština (HKLM-x32\...\Office15.OMUI.cs-cz) (Version: 15.0.4454.1004 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft1.8.4 (HKLM-x32\...\Minecraft1.8.4) (Version:  - )
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 365.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 365.10 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 365.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 365.10 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 365.10 (Version: 365.10 - NVIDIA Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.8 - PowerISO Computing, Inc.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.0.2700 - Jan Fiala)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2220474723-2386241334-741522455-1000\...\Spotify) (Version: 1.0.33.106.g60b5d1f0 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Total CMA Pack 0.58 (HKLM-x32\...\Total CMA Pack) (Version: 0.58 - CMA)
Vulkan Run Time Libraries 1.0.8.1 (HKLM\...\VulkanRT1.0.8.1) (Version: 1.0.8.1 - LunarG, Inc.)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2220474723-2386241334-741522455-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2220474723-2386241334-741522455-1000_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B296D5E-3FE5-453D-A540-1BC60E1F6046} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {0B6D6F1A-080D-475D-9A67-192190E1AFC2} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {0D953275-1869-4CB9-A721-0CCE7D6AF4C9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {14388DFF-6157-4E78-94F3-573765E90E4C} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {14432F41-06A5-45E0-B900-5EA722903FF9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-07-13] (Microsoft Corporation)
Task: {2B618137-4D3A-45C6-8DE0-E57D866394F2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {362EA30B-97FF-4F14-8AA3-F5A1BAE18CC6} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {48B18913-D9A8-4578-986C-9B166E87C29C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {5F44F150-4F7C-4EEA-8B2E-276787FB2C67} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {7E3A2D3C-E016-4A97-8C67-14178F510CD8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {85691C86-8447-4272-AA0B-4380E9D539E9} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {8896161C-6C9C-486B-B6B7-C24EA1AFE946} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {8A76686D-6FFA-48DB-82B9-808E5D02F545} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {8B09945F-49A0-4BB5-8C7B-035C1B03A1C1} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {93E6F73C-47D2-4B32-8EA1-9D0F21E115BD} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {9BEE496B-DFB9-4E30-A9E0-08692BCEAAB3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-06] (Google Inc.)
Task: {9EBF7F6C-5F7F-40CD-8EBC-4093BB9CCC33} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {A3B0B33C-6E35-4639-A13A-15840C97418E} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {BC8FADB9-6808-43F9-8411-4CC0BFF24615} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {BDF375BD-E44A-4259-B860-07D8BE5A93C3} - System32\Tasks\Trigger KMS Activation => D:\Install\PC PROGRAMY\Microsoft Office 2013 Professional Plus CZ 32bit\aktivator - KMSnano v19 Final\TriggerKMS.exe [2013-02-03] ()
Task: {BE5EADB8-D4FC-4988-8FCC-CFBAEAA9D7A4} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {C0FC3847-F94C-4A15-9C8C-CEC66BF83312} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {C745AAB5-B4D5-481D-92C6-B1B2E06EC025} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {CC7B50BE-46BD-435C-BE6C-2067E94E6F90} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {CF346FFC-8966-4048-8044-76E4C7EDEE01} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {DEF20B0D-03C9-4824-90F6-084C1A7F45DC} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2014-10-19] (Hewlett Packard)
Task: {E0F43148-1654-447E-AD01-15055737E390} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-06] (Google Inc.)
Task: {EAF80AC0-19AD-4312-ACAC-3E962D5C75C3} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {F00E583D-A06D-46F6-AC20-F95CE9587E82} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F46AA318-A9C8-43AE-9E13-F33E209A2F62} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {FB62B965-7AAB-4031-89E2-1C003E2FA542} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\Adam\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=13472&utm_medium=desktop&x-pos=Metro

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-05-10 14:00 - 2016-04-27 14:18 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-05-10 14:01 - 2016-05-02 07:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-05-10 14:01 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-10 14:01 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-05-10 14:01 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-05-10 14:01 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-10 14:01 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-10 14:01 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-05-10 14:01 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-05-10 14:01 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-10 14:01 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-07-13 11:30 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 11:30 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-20 15:46 - 2016-05-20 15:46 - 00959168 _____ () C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-03-19 12:22 - 2014-11-02 19:45 - 00029184 _____ () C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2016-04-19 21:19 - 2016-04-19 21:19 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-03-06 23:47 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 11:32 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-13 11:30 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 11:31 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-13 11:30 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 11:30 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-19 21:19 - 2016-04-19 21:19 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 21:19 - 2016-04-19 21:19 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-05-10 14:01 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-05-20 15:46 - 2016-05-20 15:46 - 00679624 _____ () C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-03-29 20:22 - 2016-07-09 18:36 - 52042352 _____ () C:\Users\Adam\AppData\Roaming\Spotify\libcef.dll
2016-03-29 20:22 - 2016-07-09 18:36 - 01741936 _____ () C:\Users\Adam\AppData\Roaming\Spotify\libglesv2.dll
2016-03-29 20:22 - 2016-07-09 18:36 - 00087664 _____ () C:\Users\Adam\AppData\Roaming\Spotify\libegl.dll
2016-06-18 22:19 - 2016-06-15 11:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-18 22:19 - 2016-06-15 11:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2220474723-2386241334-741522455-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 62.240.163.170 - 62.204.224.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{D4296639-882F-4B0F-B247-B80B9791AA64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4305A840-9510-4C0C-844E-610D2DD0D0A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6E816871-35D6-4C18-8EE5-414763F4C9C9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{45A57B37-2DC7-433A-AE9E-14341AB6917D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{06FEEDEA-442D-4897-8220-6A845291A998}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0E9B5FD8-7269-4DFC-A38B-04A564005F19}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{13716AFE-A846-4EAC-B893-3A5CE675C63C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{07355083-7431-4EB8-990D-814AE0C7F32A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{163B91B2-41B0-4EA8-AAAC-C1956DB586CF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{923181EA-F46A-4BB1-B719-965F2316A59F}C:\users\adam\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\adam\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{CC896588-FF80-44D5-A02D-CC21552104DA}C:\users\adam\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\adam\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{E2F9E381-6D89-44DB-8041-D5EFD5E07C70}] => (Allow) D:\Program Files\GTA5.exe
FirewallRules: [{E4C3E08C-3824-4617-9EA2-AED42DD4A824}] => (Allow) D:\Program Files\GTA5.exe
FirewallRules: [{B71E19A6-4BAA-4AFD-A4B8-58543ED16C37}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{81CD2250-C505-48F6-BADE-4BA70F07C0AF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{B7AE5C14-CE92-42D7-AC16-C6898F6F1F2A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{FDA3C2D0-B759-4E9B-88D5-B5CA2AE8E30A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{CF0BFF52-7AAA-4FDE-85AA-707127D6E7F3}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M176\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{080BA2B3-274F-479B-9CE7-3542CFE9532B}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M176\bin\EWSProxy.exe
FirewallRules: [TCP Query User{41BC15F7-A04F-4126-BA70-78347A857AB3}C:\program files (x86)\total cma pack\totalcmd.exe] => (Allow) C:\program files (x86)\total cma pack\totalcmd.exe
FirewallRules: [UDP Query User{EF09C4A4-42C8-4533-9E6F-9E2619B9DFE3}C:\program files (x86)\total cma pack\totalcmd.exe] => (Allow) C:\program files (x86)\total cma pack\totalcmd.exe
FirewallRules: [TCP Query User{28E4F821-5E33-49B3-934B-917395E9CAA0}C:\users\adam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\adam\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{77A08CB9-8779-46F9-92C5-98B9A30C52C3}C:\users\adam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\adam\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{F0CED73A-D16D-41A5-BE88-EB504297C1F8}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{02DA8A72-9530-4A45-9AEC-CEE236B43A30}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{72140A1D-3A84-45D3-ACB3-96C29F21DC86}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{B7DFCD13-2365-4F9E-B1BB-AC0887203E55}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [{370F6865-B284-4525-ABE1-51FC478EB35B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D821DEEB-9A24-41FC-91E4-20ACCDBD8963}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D331147E-C069-47D7-8C45-F64FF07A19DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{838A0264-442E-4151-9436-C459E850F479}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CB1E7535-F91F-419B-8533-B326A92991DB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{909D0584-8C12-4DF8-B8A9-F6777903D631}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6F56AE11-E5FB-4C70-94AF-E71C7D4CCC67}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0564A2D7-EBC9-409E-85A3-CC7593255552}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B09FFC7D-7CE5-42D9-8587-3CDCD57FF5BB}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{9C84D8EE-5D4C-424A-8C98-534401282A75}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{A00B6794-523C-4024-A54F-6B5FFB911DF1}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{1F3E88D8-80FF-47F6-BF77-8054B05A249D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{4DD355B0-8B9D-4559-B449-0BB21E7027FF}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{FB375990-5C57-480B-B2CD-D24C16387A7E}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{6A4BC125-E00E-48A7-A3A8-AA2F559CE1C6}] => (Allow) D:\Program Files\SKYRIM\Steam.exe
FirewallRules: [{6BB01C4E-8164-4CF2-996D-E8B8CF1E9CF7}] => (Allow) D:\Program Files\SKYRIM\Steam.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: Sériový port sběrnice PCI
Description: Sériový port sběrnice PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/26/2016 08:23:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (07/26/2016 08:23:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (07/26/2016 08:23:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (07/26/2016 08:14:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADAM-PC)
Description: Aplikaci Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic se nepovedlo aktivovat, protože došlo k chybě: -2147023170. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (07/26/2016 08:14:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Music.UI.exe, verze: 3.6.2304.0, časové razítko: 0x5784c2ba
Název chybujícího modulu: Windows.UI.Xaml.dll, verze: 10.0.10586.494, časové razítko: 0x5775e900
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000517ad4
ID chybujícího procesu: 0x1a8c
Čas spuštění chybující aplikace: 0xMusic.UI.exe0
Cesta k chybující aplikaci: Music.UI.exe1
Cesta k chybujícímu modulu: Music.UI.exe2
ID zprávy: Music.UI.exe3
Úplný název chybujícího balíčku: Music.UI.exe4
ID aplikace související s chybujícím balíčkem: Music.UI.exe5

Error: (07/26/2016 07:21:33 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (07/26/2016 07:21:33 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (07/26/2016 07:21:33 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (07/26/2016 02:49:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (07/26/2016 02:49:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.


System errors:
=============
Error: (07/26/2016 08:17:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_ff4c1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (07/26/2016 08:17:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Úložiště uživatelských dat_ff4c1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (07/26/2016 08:17:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Data kontaktů_ff4c1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (07/26/2016 08:17:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_ff4c1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (07/26/2016 08:16:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/26/2016 08:16:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (07/26/2016 08:16:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Streamer Network Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/26/2016 08:16:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Network Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/26/2016 08:16:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Streamer Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/26/2016 08:16:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet Monitoring Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================
  Date: 2016-07-25 22:19:09.045
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-25 01:45:58.600
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-21 21:28:44.596
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-19 03:26:39.034
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-18 01:02:25.131
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-14 20:47:17.487
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-14 18:18:57.554
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-14 01:51:16.757
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-07-14 01:51:16.603
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-07-14 01:51:16.454
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll that did not meet the Microsoft signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 39%
Total physical RAM: 8150.33 MB
Available physical RAM: 4913.91 MB
Total Virtual: 16342.33 MB
Available Virtual: 12789.18 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.35 GB) (Free:19.22 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:931.5 GB) (Free:407.06 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 9A7A9074)
Partition 1: (Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 92506893)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================