Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2016
Ran by user (24-11-2016 18:42:00)
Running from C:\Users\user\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-06 08:21:39)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-266110419-2996082638-1198534969-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-266110419-2996082638-1198534969-503 - Limited - Disabled)
Guest (S-1-5-21-266110419-2996082638-1198534969-501 - Limited - Disabled)
user (S-1-5-21-266110419-2996082638-1198534969-1001 - Administrator - Enabled) => C:\Users\user

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Absolute Nature 4 for S.T.A.L.K.E.R - Call of Pripyat (HKLM-x32\...\Absolute Nature 4_is1) (Version:  - )
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Ansel (Version: 375.95 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Armored Warfare MyCom (HKU\S-1-5-21-266110419-2996082638-1198534969-1001\...\Armored Warfare MyCom) (Version: 1.100 - My.com B.V.)
Besiege (HKLM\...\Steam App 346010) (Version:  - Spiderling Studios)
BitTorrent (HKU\S-1-5-21-266110419-2996082638-1198534969-1001\...\BitTorrent) (Version: 7.9.9.42924 - BitTorrent Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.20 - Piriform)
Crysis WARHEAD(R) (HKLM-x32\...\Crysis WARHEAD(R)) (Version:  - Electronic Arts)
Crysis WARHEAD(R) Patch (HKLM-x32\...\Crysis WARHEAD(R) Patch) (Version:  - Electronic Arts)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0156 - Disc Soft Ltd)
Dark Souls 3 (HKLM-x32\...\Dark Souls 3_is1) (Version:  - )
Deus Ex Human Revolution - Directors Cut verze 2.0.0.0u1 (HKLM-x32\...\Deus Ex Human Revolution - Directors Cut_is1) (Version: 2.0.0.0u1 - Sqare Enix)
Geeks3D FurMark 1.17.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
iCloud (HKLM\...\{29AAC3D3-23FC-496D-8266-0E3833686758}) (Version: 6.0.2.10 - Apple Inc.)
iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.71.1 - JMicron Technology Corp.)
Lenovo Service Bridge (HKU\S-1-5-21-266110419-2996082638-1198534969-1001\...\dda9ca0b023f4c56) (Version: 1.6.4.0 - Lenovo)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.7466.2038 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
NVIDIA Ovladače grafiky 375.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.95 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7426.1015 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Opera Stable 41.0.2353.56 (HKLM-x32\...\Opera 41.0.2353.56) (Version: 41.0.2353.56 - Opera Software)
Ovládací panel NVIDIA 375.95 (Version: 375.95 - NVIDIA Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
S.T.A.L.K.E.R. Call of Pripyat (HKLM-x32\...\GOGPACKSTALKERCOP_is1) (Version: 2.0.0.12 - GOG.com)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
The Evil Within verze 1.05 (HKLM-x32\...\The Evil Within_is1) (Version: 1.05 - Bethesda Softworks)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-266110419-2996082638-1198534969-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-266110419-2996082638-1198534969-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0227F843-CC75-4F81-B9DB-CA0053E48F43} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {0640E518-002F-421A-A48B-4DD882739281} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {11EF106A-E386-463D-93B2-A3E4F9340BC9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-09] (Google Inc.)
Task: {31EEC4C8-509C-45FA-968C-3DBA7302AA82} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-11] (Adobe Systems Incorporated)
Task: {3CA6FA18-F001-463F-A7F2-74B12544F502} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-10-25] (NVIDIA Corporation)
Task: {41292DE5-E75C-4C89-8376-DA0968175AD7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-09] (Google Inc.)
Task: {44A556A2-94C4-48DF-A9DE-62084F0F2AD7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {707B18C2-F492-4016-888F-25E8AD637A57} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe [2016-11-11] (Adobe Systems Incorporated)
Task: {77F518B6-70C8-4EF6-81DB-9A8BA9EAADF9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-11-02] (Microsoft Corporation)
Task: {906CE724-FC3D-4078-9262-39C153428841} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {9FC03825-C69F-4797-9AFF-C291D16DCE48} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {B75D88AB-EE3A-4B3D-B8F4-FE70E7259A70} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-07-13] (Piriform Ltd)
Task: {BA6F5376-5255-4385-AB8B-9E9B25522EC8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {BF6F7011-8407-4F7E-8A96-30D6A75B21D4} - System32\Tasks\Opera scheduled Autoupdate 1470072443 => C:\Program Files (x86)\Opera\launcher.exe [2016-11-07] (Opera Software)
Task: {ECA8311D-49CF-4FB9-BD82-1E69D1EDED08} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {F59730CA-44FB-48D2-B786-77EE9F0C4802} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-266110419-2996082638-1198534969-1001 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-29 20:02 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2007-03-23 16:36 - 2007-03-23 16:36 - 00022016 _____ () C:\WINDOWS\System32\xrxs1l6.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 17:17 - 2016-10-05 17:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-06 08:17 - 2016-11-17 02:03 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-08-06 09:26 - 2016-08-06 09:26 - 00959168 _____ () C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-09-29 20:02 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-15 05:49 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-09 15:55 - 2016-11-02 11:30 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-09 15:54 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 15:55 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 15:55 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 15:55 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 15:55 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-07-13 20:42 - 2016-07-13 20:42 - 00050688 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2016-11-17 12:01 - 2016-11-17 12:02 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-11-17 12:01 - 2016-11-17 12:02 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-11-17 12:01 - 2016-11-17 12:02 - 41609728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-11-10 21:14 - 2016-11-10 21:13 - 66023632 _____ () C:\Program Files (x86)\Opera\41.0.2353.56\opera.dll
2016-08-06 09:26 - 2016-08-06 09:26 - 00679624 _____ () C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-11-10 21:14 - 2016-11-10 21:13 - 01888464 _____ () C:\Program Files (x86)\Opera\41.0.2353.56\libglesv2.dll
2016-11-10 21:14 - 2016-11-10 21:13 - 00094416 _____ () C:\Program Files (x86)\Opera\41.0.2353.56\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2015-10-30 08:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-266110419-2996082638-1198534969-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{562003e9-bf44-4d69-a7d1-a659ffc67cf7}.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-266110419-2996082638-1198534969-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-266110419-2996082638-1198534969-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-266110419-2996082638-1198534969-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-266110419-2996082638-1198534969-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-266110419-2996082638-1198534969-1001\...\StartupApproved\Run: => "World of Tanks"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B64ED6E9-85DB-46D1-8E94-F0CB27B1C49F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{FAEB13F4-DD0B-4F9A-8E13-1D684767D344}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{AFA96697-12BC-4BCA-88D4-E499AA0D2C28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{C75CA04C-1E9D-4D43-A8C6-0A1CD3684D6A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4BFBF875-2248-41EE-A8DF-CC85B3B32E41}] => (Allow) C:\Users\user\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{714EA87F-554E-419F-86E5-F1D53F2CA08D}] => (Allow) C:\Users\user\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{50E52280-45AB-49AE-9C24-845295522FF3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C7AA7D27-7D6A-4D1B-92E6-51C38FBC15FB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2F517BE4-0270-4A24-8706-6AED16D4018F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6116CB0C-69D6-429C-B391-44FFB4B6EFC7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A5754EC3-9348-4652-B6C0-2DE0D8E4AF1A}] => (Allow) C:\Program Files (x86)\INSIDE\Steam\Steam.exe
FirewallRules: [{97437EA7-18A1-487B-AB58-9FB3A6C2359F}] => (Allow) C:\Program Files (x86)\INSIDE\Steam\Steam.exe
FirewallRules: [{4C99DCC2-1AA0-4968-AC1E-4018DFBD6F38}] => (Allow) C:\Program Files (x86)\INSIDE\Steam\bin\steamwebhelper.exe
FirewallRules: [{7D8FAB3F-D7FC-4427-B6A1-4148A64E4C71}] => (Allow) C:\Program Files (x86)\INSIDE\Steam\bin\steamwebhelper.exe
FirewallRules: [{B6878B28-3ADC-44CF-B96D-160859820014}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DB99B303-D770-463A-BDDF-09D4E4FF2575}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0822B410-C739-423D-AFD3-EDAB1A0FF3FD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F1CA2452-A0E9-43B2-BB81-84DA147943E5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{E5C7C3D0-3F9F-4D80-9AB3-7A4BB562EE75}C:\users\user\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\user\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{FC344FF4-735A-4156-9863-2D58B1AEC596}C:\users\user\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\user\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{8A104527-E42A-4512-B956-1A4652443B43}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{8A3C620F-020F-40C9-884A-3F3B0977DC32}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{B97CFDB4-D0F4-40EA-89A0-307BAD4E7958}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{2F190B62-6DBF-4E25-BE9D-DD0B470F3439}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{11BC07F2-FFFE-42FF-9B04-1CE9F014AE08}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{C2D4CD69-ADF3-4288-86B0-88B8B918CB90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{A1CD623E-6155-4522-998B-DA9DC2027519}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{1A3E2EA8-EDE8-457A-AC30-75E106558DAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{B8C9026C-FF77-44FB-BFC5-3435083CC1C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{A31F09A7-5E80-43E2-8B56-018DE8118C40}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

18-11-2016 19:10:27 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/24/2016 06:23:55 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
   Spouštění asynchronní operace

Kontext:
   Aktuální stav: DoSnapshotSet

Error: (11/24/2016 06:23:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (11/24/2016 02:35:06 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/24/2016 06:29:06 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-JNS8GQP)
Description: Aplikaci Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (11/24/2016 06:29:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: DESKTOP-JNS8GQP)
Description: Aplikace Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy+WindowsDefaultLockScreen se nespustila ve stanovenou dobu.

Error: (11/24/2016 02:37:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10808469

Error: (11/24/2016 02:37:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10808469

Error: (11/24/2016 02:37:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/23/2016 10:27:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-JNS8GQP)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (11/23/2016 10:15:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-JNS8GQP)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (11/24/2016 06:34:24 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (11/24/2016 06:34:22 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (11/24/2016 06:34:20 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (11/24/2016 06:34:18 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (11/24/2016 06:32:16 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (11/24/2016 06:30:14 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (11/24/2016 06:28:42 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (11/24/2016 06:27:10 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (11/24/2016 06:25:07 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (11/24/2016 06:19:29 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-JNS8GQP)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 a APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 uživateli DESKTOP-JNS8GQP\user (SID: S-1-5-21-266110419-2996082638-1198534969-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================
  Date: 2016-11-24 18:39:20.653
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-24 18:39:20.652
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-24 18:38:31.387
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-24 18:38:31.385
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-24 17:56:47.165
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-24 17:56:47.161
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-24 17:56:34.098
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-24 17:56:34.094
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-24 17:56:34.086
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-24 17:56:34.082
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
Percentage of memory in use: 25%
Total physical RAM: 8060.85 MB
Available physical RAM: 6003.74 MB
Total Virtual: 9340.85 MB
Available Virtual: 7300.64 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:931.07 GB) (Free:854.58 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 70AA5BC0)
Partition 1: (Active) - (Size=931.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=454 MB) - (Type=27)

==================== End of Addition.txt ============================