Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2017
Ran by user (16-01-2017 22:01:19)
Running from C:\Users\user\Desktop
Windows 10 Home Version 1607 (X64) (2016-11-29 09:01:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-239169486-4084606830-2373920227-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-239169486-4084606830-2373920227-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-239169486-4084606830-2373920227-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-239169486-4084606830-2373920227-501 - Limited - Disabled)
user (S-1-5-21-239169486-4084606830-2373920227-1001 - Administrator - Enabled) => C:\Users\user

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Smart Security 10.0.386.1 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security 10.0.386.1 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personální firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.13.0.21 (Version: 2.13.0.21 - NVIDIA Corporation) Hidden
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
Balíček ovladače systému Windows - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Balíček ovladače systému Windows - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Besiege (HKLM\...\Steam App 346010) (Version:  - Spiderling Studios)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.3 - Lenovo)
Energy Management (x32 Version: 8.0.2.3 - Lenovo) Hidden
ESET Smart Security (HKLM\...\{E483B847-824D-4659-A760-0AC8FE24055E}) (Version: 10.0.386.1 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.71.1 - JMicron Technology Corp.)
Microsoft OneDrive (HKU\S-1-5-21-239169486-4084606830-2373920227-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
Opera Stable 42.0.2393.94 (HKLM-x32\...\Opera 42.0.2393.94) (Version: 42.0.2393.94 - Opera Software)
Ovládací panel NVIDIA 376.33 (Version: 376.33 - NVIDIA Corporation) Hidden
SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-239169486-4084606830-2373920227-1001\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM\...\Steam App 20920) (Version:  - CD PROJEKT RED)
trotux - Uninstall (HKLM-x32\...\{7C888716-E1E6-48CC-A72C-315914121581}) (Version:  - ) <==== ATTENTION
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
War Thunder Launcher 1.0.1.741 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-239169486-4084606830-2373920227-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
Xerox Phaser 3117 (HKLM-x32\...\Xerox Phaser 3117) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-239169486-4084606830-2373920227-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0ACB7A4F-B044-4EBC-AEFE-56D4DF41A376} - System32\Tasks\Cotagh Cache => C:\Program Files (x86)\Gcerlearacy\anogary.exe [2016-12-23] (Glarysoft Ltd)
Task: {414EE32C-B437-4A80-B15C-44FCD60AACF4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-27] (Google Inc.)
Task: {4B910745-08B9-4AE3-A344-D72565BFCD2C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-12] (NVIDIA Corporation)
Task: {4FED0928-988D-40C3-AC15-183259B567CC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {58110CED-8FB7-4B60-BFF1-0CAF39F29CA8} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-12] (NVIDIA Corporation)
Task: {612841E4-6B11-4C75-B173-BDE53EFCC8A6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-12] (NVIDIA Corporation)
Task: {7A6D7752-6E3C-495F-8C1B-70895576377D} - System32\Tasks\KMSAuto => C:\Windows\KMSAuto.exe [2015-09-22] (Ratiborus, MSFree Inc.)
Task: {A1218316-BD8A-4042-835B-A2D5739D1973} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-29] (Adobe Systems Incorporated)
Task: {A683426E-4156-42F5-B619-4B6056914597} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {C3A62073-E54D-42A5-B3E2-13477117E45F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-12] (NVIDIA Corporation)
Task: {C4B42F17-8E28-40C9-ACD8-D18DBB0B8519} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-12] (NVIDIA Corporation)
Task: {DFAC07A9-F073-4E70-A257-2448A4C4C0DB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-27] (Google Inc.)
Task: {E1EC419A-9374-464A-807B-A52BA2F38990} - System32\Tasks\645358227d80t6674307 => Rundll32.exe "C:\ProgramData\645358227d80t6674307\645358227d80t6674307.dll",DMT <==== ATTENTION
Task: {E616CA0C-B9F6-49A1-84AE-9B98568552AE} - System32\Tasks\Opera scheduled Autoupdate 1482760713 => C:\Program Files (x86)\Opera\launcher.exe [2016-12-19] (Opera Software)
Task: {EFAF9FA3-69A8-4E97-9666-3578D598E017} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-12] (NVIDIA Corporation)
Task: {F6D213DE-3347-43EF-AB40-6E5A2ED4ACC0} - System32\Tasks\149q243c324g399 => Rundll32.exe "C:\ProgramData\149q243c324g399\149q243c324g399.dll",hcsopx <==== ATTENTION
Task: {FFAAC675-4F01-4D11-BB14-08900EC2D696} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe [2016-12-29] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-12-14 18:12 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2007-03-23 17:36 - 2007-03-23 17:36 - 00022016 _____ () C:\Windows\System32\xrxs1l6.dll
2016-12-27 15:49 - 2016-12-12 04:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-27 15:49 - 2016-12-12 04:03 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-27 15:49 - 2016-12-12 04:03 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-11-29 10:15 - 2016-12-11 19:47 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-14 18:12 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-12-13 21:44 - 2016-12-13 21:44 - 01678560 _____ () C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-11-29 10:23 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 12:03 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 12:02 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 12:02 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 12:02 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 12:02 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 12:03 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-01-16 21:59 - 2017-01-16 21:59 - 00029696 _____ () C:\Users\user\AppData\Local\MSGBOX.EXE
2016-12-27 15:49 - 2016-12-12 04:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-12-27 15:49 - 2016-12-12 04:03 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-27 15:49 - 2016-12-12 04:03 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-27 15:49 - 2016-12-12 04:03 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-12-27 15:49 - 2016-12-12 04:03 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-12-27 15:49 - 2016-12-12 04:03 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-12-27 15:49 - 2016-12-12 04:03 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-12-27 15:49 - 2016-12-12 04:03 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-12-27 15:49 - 2016-12-12 04:03 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-12-27 15:49 - 2016-12-12 04:03 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-16 15:47 - 2016-12-16 15:47 - 00016384 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\b9c7f4f6a8200c8ef00bec9489e4cd49\PSIClient.ni.dll
2016-12-26 14:58 - 2016-12-19 08:20 - 68763736 _____ () C:\Program Files (x86)\Opera\42.0.2393.94\opera.dll
2016-12-13 21:44 - 2016-12-13 21:44 - 01244376 _____ () C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2016-12-26 14:58 - 2016-12-19 08:20 - 01893976 _____ () C:\Program Files (x86)\Opera\42.0.2393.94\libglesv2.dll
2016-12-26 14:58 - 2016-12-19 08:20 - 00086616 _____ () C:\Program Files (x86)\Opera\42.0.2393.94\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2016-12-23 23:05 - 00000918 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 clients2.google.com 
127.0.0.1 v1.ff.avast.com 
127.0.0.1 vlcproxy.ff.avast.com 

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-239169486-4084606830-2373920227-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{d1bb4c56-66ac-43ae-98e3-63e1705b078b}.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKU\S-1-5-21-239169486-4084606830-2373920227-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-239169486-4084606830-2373920227-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-239169486-4084606830-2373920227-1001\...\StartupApproved\Run: => "dpinst"
HKU\S-1-5-21-239169486-4084606830-2373920227-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-239169486-4084606830-2373920227-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{C8C410F5-6807-4E6E-AD1A-1BB50F62AA84}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{12E67B80-DA99-4DD9-805D-2A0D68C88D7A}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F98731CB-E9AD-413E-A364-CE23A8334F33}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2574AA14-93C8-4956-A735-3E4132A8BF38}] => C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{46A93866-7840-4063-9596-DCCFB41C95D3}] => C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{2DD0F0DB-B123-43C8-B8CF-32A259774C5B}] => C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{48221458-8E36-4BE4-998C-86746C2A33CF}] => C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [TCP Query User{668A5A15-B843-43F7-89F2-E1CEC6C279EE}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{17BB2EAF-E0F6-4EEC-9939-191B0999C0AA}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{5787A743-8388-4FB4-9CC2-D58D96D51F7E}] => C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{D2F169C5-2E9C-4C55-A72E-20C09A6B6323}] => C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{351CA061-EDE2-4257-81E9-7E25CEB8FA90}] => C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{7CF799C8-31FD-4903-B00B-B56D7B3B624D}] => C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D10EF2D3-BDC8-477E-8E52-0906E6722682}] => C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{C55ECC5B-3AEE-465F-8B6A-0169E456BD45}] => C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{5E68FDED-C984-4CEF-A703-6536ECA42D5C}] => C:\Program Files (x86)\Steam\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{771895DB-B1B2-4DC5-BB6F-EA85F4BFA7A0}] => C:\Program Files (x86)\Steam\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{3DA2AE86-1A6C-4FE7-9994-8CFA828F1869}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D324F022-9E8E-4F33-954A-FB4E6AE04FF9}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{728D7EAA-742F-4D8E-8D73-E32018E3AFE8}] => C:\Windows\system32\rundll32.exe
FirewallRules: [{023DCFF2-7DBC-4630-B9A2-76C52BD3EC78}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F5F2780A-A967-4C6B-8930-2D1668EE43FB}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0A064FF5-39AB-468C-A831-CB7C4EBCCF0D}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{43108C9B-7B1D-4488-B39E-14F46CA8D894}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{55DFD2B7-390D-4CBF-A410-F1A61CD18583}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{A9725A86-430C-47D6-B99E-E76C41629423}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3DC09B5F-D8B9-40B9-B396-60DB9DE7ED79}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EC141656-F2AA-4E97-A742-523A2D884F3E}] => C:\WarThunder\launcher.exe
FirewallRules: [{8D450321-D940-455D-97FF-F56B8C74091A}] => C:\WarThunder\launcher.exe
FirewallRules: [{CF81E6D4-F71D-4A48-B3A1-AE7CB09932A3}] => C:\WarThunder\run.exe
FirewallRules: [{6F3FB984-D5AE-4AB0-87DE-CDCAE2C553AB}] => C:\WarThunder\run.exe
FirewallRules: [{768BC7A7-C0F5-4884-B913-5D4961DB51C1}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{122D918A-D110-4CB2-AEA8-3C47D76B8D11}] => C:\Windows\System32\rundll32.exe

==================== Restore Points =========================

27-12-2016 14:35:25 Removed 7-Zip 16.04 (x64 edition)
04-01-2017 19:15:09 Naplánovaný kontrolní bod
11-01-2017 14:09:18 Windows Update
11-01-2017 14:09:33 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/15/2017 02:41:25 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-NTB)
Description: Aplikaci Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/12/2017 01:04:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-NTB)
Description: Aplikaci Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/11/2017 02:11:07 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (01/11/2017 02:09:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (01/11/2017 02:09:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (01/09/2017 11:31:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-NTB)
Description: Aplikaci Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/08/2017 01:48:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-NTB)
Description: Aplikaci Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/08/2017 01:48:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-NTB)
Description: Aplikaci Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/08/2017 12:03:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: microsoftedgecp.exe, verze: 11.0.14393.82, časové razítko: 0x57a55786
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000604
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x1838
Čas spuštění chybující aplikace: 0x01d2699ebfde326b
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 211d3b33-9209-45c2-ada0-be47697f85b4
Úplný název chybujícího balíčku: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: MicrosoftEdge

Error: (01/08/2017 12:03:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: microsoftedgecp.exe, verze: 11.0.14393.82, časové razítko: 0x57a55786
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000604
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x730
Čas spuštění chybující aplikace: 0x01d2699ec15f8397
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: c1a2f0df-189f-4230-90aa-bc71e1ba838c
Úplný název chybujícího balíčku: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: MicrosoftEdge


System errors:
=============
Error: (01/16/2017 09:53:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/16/2017 09:45:30 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/16/2017 09:44:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/16/2017 09:39:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/16/2017 08:29:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 a APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/16/2017 08:29:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Fogack byla ukončena s následující chybou: 
Uvedený modul nebyl nalezen.

Error: (01/16/2017 08:29:34 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Služba Themes závisí na následující službě: iThemes5. Tato služba pravděpodobně není nainstalována.

Error: (01/16/2017 08:29:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/16/2017 08:26:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/16/2017 08:24:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================
  Date: 2016-12-27 14:44:09.425
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
Percentage of memory in use: 22%
Total physical RAM: 8060.85 MB
Available physical RAM: 6209.51 MB
Total Virtual: 9340.85 MB
Available Virtual: 7562.37 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:223.08 GB) (Free:101.51 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 6DE28E0F)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================