Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2017
Ran by mistr (06-01-2017 07:00:14)
Running from C:\Users\mistr\Downloads
Windows 10 Pro Version 1607 (X64) (2016-09-27 15:33:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1510866125-211980250-1553948330-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1510866125-211980250-1553948330-503 - Limited - Disabled)
Guest (S-1-5-21-1510866125-211980250-1553948330-501 - Limited - Disabled)
mistr (S-1-5-21-1510866125-211980250-1553948330-1001 - Administrator - Enabled) => C:\Users\mistr

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Aktualizace NVIDIA 23.1.0.0 (Version: 23.1.0.0 - NVIDIA Corporation) Hidden
Ansel (Version: 376.19 - NVIDIA Corporation) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.0.6.9 - ASUSTek COMPUTER INC.)
ASUS GPU TweakII (x32 Version: 1.0.6.9 - ASUSTek COMPUTER INC.) Hidden
Bragi Updater 1.1.0 (only current user) (HKU\S-1-5-21-1510866125-211980250-1553948330-1001\...\2236fe7b-0124-5189-8691-9f23909db56e) (Version: 1.1.0 - Bragi GmbH)
calibre (HKLM-x32\...\{C5EAF3E8-7DA7-4E44-AF72-B3F124DDA463}) (Version: 2.60.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GX GAMING CAVIMANUS HEADSET (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006300}) (Version: 1.00.0019 - )
HD Tune Pro 5.60 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kingdom Come: Deliverance (Beta Access) (HKLM-x32\...\Steam App 286860) (Version:  - )
Kodi (HKU\S-1-5-21-1510866125-211980250-1553948330-1001\...\Kodi) (Version:  - XBMC-Foundation)
LIMBO (HKLM\...\Steam App 48000) (Version:  - Playdead)
Malwarebytes verze 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.7.133.0 - Microsoft Corporation)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.7571.2075 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1510866125-211980250-1553948330-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
NVIDIA GeForce Experience 3.2.0.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.0.96 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 376.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.19 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 376.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.19 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.0.0 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 376.19 (Version: 376.19 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.2 - pdfforge)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
SHIELD Streaming (Version: 7.1.0350 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-1510866125-211980250-1553948330-1001\...\Spotify) (Version: 1.0.44.100.ga60c0ce1 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.2 - TrueCrypt Foundation)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {20D6D11C-1BF0-4F47-BDD8-F48A2CE5BBEB} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\mistr\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {247C7F5C-4E6F-4732-AD83-9D3628179DDC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-12-13] (NVIDIA Corporation)
Task: {24E43803-0A6E-4F84-92C5-BEC93A5A588F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {6592B067-1339-4923-86F8-98A94CE862D1} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {67EC5D66-3EED-4FD0-B444-5246FFAED2D2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-04] (Microsoft Corporation)
Task: {7091D82F-5463-447E-9B28-0CE71EB91502} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-12-15] (Microsoft Corporation)
Task: {73D30C67-E8AB-495A-8660-EE2AE2DD563C} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-12-09] (Microsoft Corporation)
Task: {7791F27B-2B1B-4C86-8BE1-496BC93D3B44} - \59694v8a17h15 -> No File <==== ATTENTION
Task: {8B941773-4F5E-4465-BD0F-E37EE7597436} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-12-09] (Microsoft Corporation)
Task: {926D2833-525A-4C50-8F84-DFA492130809} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {92A74B7C-3260-44D8-AEAC-24045DC5A957} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2016-08-11] (AO Kaspersky Lab)
Task: {98571CF4-867D-4519-89A4-5577A25A8979} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-12-09] (Microsoft Corporation)
Task: {995C7097-9B09-4476-A6F5-F05733749699} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-12-09] (Microsoft Corporation)
Task: {9ED84DD6-829A-42A9-AC50-342C050A8332} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-24] (Google Inc.)
Task: {AED1EA20-C1BE-4203-A346-37BDB5E3BFF4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {B093CFC9-774C-443F-9A85-A65B28DC7AE7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {B7CFC00F-4227-46C6-869E-63212D67F63D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {BCC15DE4-EF06-4807-B0B6-2CD0AEE53116} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-24] (Google Inc.)
Task: {C8C65053-0EAD-4C05-BFE3-463766C3398C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {CB6C350D-FE4D-44BF-8131-59F4E2E72362} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-12-09] (Microsoft)
Task: {CEEE3CDA-44E2-4B5C-B252-91BE03B3814F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-13] (NVIDIA Corporation)
Task: {DAB12A01-ED1A-4F84-BEA0-D28F7F0629E0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {E3B58ABF-F41E-4BFB-8ED3-CF1451870BD9} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-13] (NVIDIA Corporation)
Task: {E7E76DA3-99F8-46EA-8994-EA32C0A4B41B} - \537r149o0m28 -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 17:43 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-01-04 16:47 - 2014-03-22 14:48 - 02854400 _____ () C:\ProgramData\537r149o0m28\537r149o0m28.dll
2015-05-29 10:28 - 2015-05-29 10:28 - 00048640 _____ () C:\Windows\SysWOW64\ASGT.exe
2017-01-04 18:37 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-01-04 18:37 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-01-04 18:37 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2016-09-27 17:48 - 2016-12-13 00:36 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-27 17:48 - 2016-12-13 00:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-27 16:25 - 2016-12-01 18:32 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-14 17:43 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-17 18:19 - 2016-12-17 18:19 - 01678560 _____ () C:\Users\mistr\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-09-27 17:21 - 2016-09-27 17:21 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-14 17:43 - 2016-12-09 10:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-10 17:40 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-10 17:40 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-10 17:40 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-10 17:40 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-10 17:40 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-10 17:40 - 2016-11-02 11:13 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2017-01-06 00:53 - 2017-01-06 06:59 - 00191488 _____ () C:\WINDOWS\TEMP\g7C6C.tmp.exe
2016-12-06 15:09 - 2016-12-06 15:09 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2015-08-05 16:41 - 2015-08-05 16:41 - 00057344 _____ () C:\Program Files (x86)\ASUS\GPU TweakII\Exeio.dll
2015-07-22 15:22 - 2015-07-22 15:22 - 01933312 _____ () C:\Program Files (x86)\ASUS\GPU TweakII\Vender.dll
2015-12-23 22:03 - 2016-12-13 00:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-27 17:48 - 2016-12-13 00:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-27 17:48 - 2016-12-13 00:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-17 18:19 - 2016-12-17 18:19 - 01244376 _____ () C:\Users\mistr\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-12-23 16:21 - 2015-12-23 16:20 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1510866125-211980250-1553948330-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mistr\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{EC1B491D-9410-4234-85A7-F5549EE1018B}] => E:\SteamLibrary\steamapps\common\Limbo\limbo.exe
FirewallRules: [{F5E267C6-DEAD-4839-A619-45D5211A0AAD}] => E:\SteamLibrary\steamapps\common\Limbo\limbo.exe
FirewallRules: [{7B10F701-CB58-463A-9456-2F99265FC5F5}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{C387023B-8FEA-4C09-83FE-31EC336792F9}] => E:\games\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{0E1434CC-E944-442B-BE2E-0F97B95C1A55}] => E:\games\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{D1BC61C1-02FD-4C5C-A69D-649905CFA6BA}] => E:\SteamLibrary\steamapps\common\Kingdom Come Deliverance\Bin\Win64\KingdomCome.exe
FirewallRules: [{0B59EDA2-95F9-445A-A5B7-5AACAF277FF8}] => E:\SteamLibrary\steamapps\common\Kingdom Come Deliverance\Bin\Win64\KingdomCome.exe
FirewallRules: [{0AFE4BE7-031E-449F-9726-B081B50FF00F}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D0A1FF7E-8160-4426-A704-35D516C8542D}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AEB92E95-B2F1-451F-90E3-CE21E18D2ED0}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{56C54D79-6D51-4279-A2F1-9B1DA6EE67A3}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{5ADFFA5F-9ACE-41D8-A4A9-F039EF147FB8}C:\program files (x86)\kodi\kodi.exe] => C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{21068E3D-8FE8-44C9-9DEC-7CCA8EB5A3A3}C:\program files (x86)\kodi\kodi.exe] => C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{29977B62-2A15-4185-9232-73C49EB3E7BC}] => C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{FE4DAE1A-F4EE-41A6-BD62-6850E5A9E2D4}] => C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{5A6A0BEE-547C-481D-B0E5-31DC70D28E8F}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{EE9F327C-9B99-4477-8487-AA80FFC154C7}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E7E6EFAA-05AB-4CD2-BBDA-A66D7DE2A9D9}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AF3DE6B2-216D-481E-BEB1-86724BE35F4C}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8254EDD0-D2DC-470D-8F23-73B60127C643}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{E3B6972E-897D-4E53-9E5E-A38BC52BA7F3}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D401D402-07EA-4A48-9EAE-A3EF33F97E4C}] => C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{7916F22D-69F0-4BE5-BDE9-ACCDAB0FB296}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{0C9B9B75-735B-48E1-A294-E0E8621DE32C}] => C:\Windows\System32\rundll32.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/06/2017 06:58:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-QCD0KA1)
Description: Aplikaci Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/05/2017 10:48:05 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: DESKTOP-QCD0KA1)
Description: Systém Windows nemůže nalézt místní profil. Budete přihlášeni pomocí dočasného profilu. Změny profilu budou při vašem odhlášení ztraceny.

Error: (01/05/2017 10:48:05 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: DESKTOP-QCD0KA1)
Description: Systém Windows zálohoval profil tohoto uživatele. Systém se automaticky pokusí použít zazálohovaný profil při příštím přihlášení uživatele.

Error: (01/05/2017 10:48:05 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: DESKTOP-QCD0KA1)
Description: Systém Windows nemůže načíst místně uložený profil. Možné příčiny této chyby zahrnují nedostatečná zabezpečovací práva nebo poškozený místní profil. 

 PODROBNOSTI – Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Error: (01/05/2017 10:48:05 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Systém Windows nemohl načíst registr. Tento problém je často způsoben nedostatkem paměti nebo nedostatečnými zabezpečovacími právy. 

 PODROBNOSTI – Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
 pro: C:\Users\mistr\ntuser.dat

Error: (01/05/2017 10:23:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: uTorrent.exe, verze: 2.2.1.25302, časové razítko: 0x4dd301c8
Název chybujícího modulu: GDI32.dll, verze: 10.0.14393.206, časové razítko: 0x57dad2ca
Kód výjimky: 0xc000041d
Posun chyby: 0x00003e82
ID chybujícího procesu: 0x2a38
Čas spuštění chybující aplikace: 0x01d2678fdb80c4d1
Cesta k chybující aplikaci: C:\Program Files (x86)\uTorrent\uTorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 172ac469-fcbc-437a-9577-ecd18890620b
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/05/2017 10:23:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: uTorrent.exe, verze: 2.2.1.25302, časové razítko: 0x4dd301c8
Název chybujícího modulu: ntdll.dll, verze: 10.0.14393.479, časové razítko: 0x58256ca0
Kód výjimky: 0xc0000005
Posun chyby: 0x00045b0e
ID chybujícího procesu: 0x2a38
Čas spuštění chybující aplikace: 0x01d2678fdb80c4d1
Cesta k chybující aplikaci: C:\Program Files (x86)\uTorrent\uTorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 5e88c98b-fdb7-47dd-9bbb-714b9f3be2c8
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/05/2017 07:43:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GPUTweakII.exe, verze: 1.0.6.9, časové razítko: 0x55c21ebd
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x10fc
Čas spuštění chybující aplikace: 0x01d267839e855548
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 3d92726a-8453-4a74-a61b-aa7c6aa8d4b8
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/05/2017 04:31:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamservice.exe, verze: 3.1.0.388, časové razítko: 0x58320f73
Název chybujícího modulu: ntdll.dll, verze: 10.0.14393.479, časové razítko: 0x5825887f
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000035793
ID chybujícího procesu: 0xa38
Čas spuštění chybující aplikace: 0x01d26768b5ad7624
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 43829aa3-0f33-4b73-8539-55f41910f671
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/05/2017 04:27:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: uTorrent.exe, verze: 2.2.1.25302, časové razítko: 0x4dd301c8
Název chybujícího modulu: ntdll.dll, verze: 10.0.14393.479, časové razítko: 0x58256ca0
Kód výjimky: 0xc0000005
Posun chyby: 0x00045b0e
ID chybujícího procesu: 0x29a8
Čas spuštění chybující aplikace: 0x01d266e2f2a870f4
Cesta k chybující aplikaci: C:\Program Files (x86)\uTorrent\uTorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 401663f9-151d-439c-a95c-61ff7abf1def
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (01/06/2017 06:59:04 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 a APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/06/2017 06:58:35 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-QCD0KA1)
Description: Server App.AppXdca9rykvbm0qn1fw9m2dbx828p2w3h8p.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/05/2017 11:30:38 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QCD0KA1)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C}
 a APPID 
{CE79BC8B-2980-4CA9-9570-6E0BF5B93BF2}
 uživateli DESKTOP-QCD0KA1\mistr (SID: S-1-5-21-1510866125-211980250-1553948330-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.WindowsCalculator_10.1612.3341.0_x64__8wekyb3d8bbwe – SID (S-1-15-2-466767348-3739614953-2700836392-1801644223-4227750657-1087833535-2488631167). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/05/2017 10:48:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 a APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/05/2017 10:48:34 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-QCD0KA1)
Description: Server {260EB9DE-5CBE-4BFF-A99A-3710AF55BF1E} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/05/2017 10:48:34 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-QCD0KA1)
Description: Server {260EB9DE-5CBE-4BFF-A99A-3710AF55BF1E} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/05/2017 10:48:34 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-QCD0KA1)
Description: Server {260EB9DE-5CBE-4BFF-A99A-3710AF55BF1E} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/05/2017 10:48:34 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-QCD0KA1)
Description: Server {260EB9DE-5CBE-4BFF-A99A-3710AF55BF1E} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/05/2017 10:48:34 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-QCD0KA1)
Description: Server {260EB9DE-5CBE-4BFF-A99A-3710AF55BF1E} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/05/2017 10:48:17 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QCD0KA1)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{260EB9DE-5CBE-4BFF-A99A-3710AF55BF1E}
 a APPID 
{260EB9DE-5CBE-4BFF-A99A-3710AF55BF1E}
 uživateli DESKTOP-QCD0KA1\mistr (SID: S-1-5-21-1510866125-211980250-1553948330-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ShellExperienceHost_10.0.14393.576_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================
  Date: 2016-12-29 17:36:07.607
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-12-29 17:36:07.385
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-10 20:08:10.072
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-10-27 18:57:29.404
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-10-27 18:57:29.142
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 12%
Total physical RAM: 16331.77 MB
Available physical RAM: 14348.8 MB
Total Virtual: 18763.77 MB
Available Virtual: 16699.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.7 GB) (Free:77.98 GB) NTFS
Drive g: (Data 3TB) (Fixed) (Total:2794.39 GB) (Free:2539.64 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 26E5DD0D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (Size: 1397.3 GB) (Disk ID: 0CD096AE)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================