Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2017 01 Ran by Arek (24-06-2017 15:27:02) Running from C:\Users\Arek\Desktop Windows 10 Pro Version 1607 (X64) (2017-02-04 00:43:18) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1312558640-571889949-1337027344-500 - Administrator - Disabled) Arek (S-1-5-21-1312558640-571889949-1337027344-1001 - Administrator - Enabled) => C:\Users\Arek DefaultAccount (S-1-5-21-1312558640-571889949-1337027344-503 - Limited - Disabled) defaultuser0 (S-1-5-21-1312558640-571889949-1337027344-1000 - Limited - Disabled) => C:\Users\defaultuser0 Guest (S-1-5-21-1312558640-571889949-1337027344-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: F-Secure Client Security 12.31 (Enabled - Up to date) {0F70A6C4-76E4-6A3B-2695-519F428B1C20} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: F-Secure Client Security 12.31 (Enabled - Up to date) {B4114720-50DE-65B5-1C25-6AED390C569D} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: F-Secure Client Security 12.31 (Enabled) {374B27E1-3C8B-6B63-0DCA-F8AABC585B5B} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - ) Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.126 - Adobe Systems Incorporated) Adobe Reader XI (11.0.20) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.) AIMP (HKLM-x32\...\AIMP) (Version: v4.12.1880, 06.01.2017 - AIMP DevTeam) Airytec Switch Off (HKLM\...\Airytec Switch Off) (Version: 3.5.1 - Airytec) Ansel (Version: 378.92 - NVIDIA Corporation) Hidden Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Ashes of the Singularity (HKLM\...\Steam App 228880) (Version: - Oxide Games) Ashes of the Singularity: Escalation (HKLM\...\Steam App 507490) (Version: - Stardock Entertainment) Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.01 - Ubisoft) Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft) Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft) Assassins Creed IV Black Flag wersja 1.0 (HKLM-x32\...\{57731D4F-9FDB-4BCF-8543-7B52152CA4CA}_is1) (Version: 1.0 - UBISOFT) Assassin's Creed Revelations (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.00 - Ubisoft) Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version: - Ubisoft) Assassins Creed Unity Update v1.5 (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRVbml0eQ==_is1) (Version: 1 - ) Assassin's Creed(R) III v1.02 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.02 - Ubisoft) BDAntiRansomware (HKLM\...\{BE40AB1F-558F-4434-B72F-461EF97E7796}_is1) (Version: 1.0.12.1 - Bitdefender) Call of Duty - Ghosts (HKLM-x32\...\Call of Duty - Ghosts_is1) (Version: - ) Call of Duty - Infinite Warfare (HKLM-x32\...\Call of Duty - Infinite Warfare_is1) (Version: - ) Call of Duty - Modern Warfare 3 (HKLM-x32\...\Call of Duty - Modern Warfare 3_is1) (Version: - ) Call of Duty Advanced Warfare (HKLM-x32\...\Call of Duty Advanced Warfare_is1) (Version: Call of Duty Advanced Warfare - ) Call of Duty Black Ops II (HKLM-x32\...\Call of Duty Black Ops II_is1) (Version: - ) Call of Duty: Black Ops III (HKLM\...\Q2FsbG9mRHV0eUJsYWNrT3BzSUlJ_is1) (Version: 1 - ) CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0229 - Disc Soft Ltd) F-Secure Client Security - DeepGuard (HKLM-x32\...\F-Secure HIPS) (Version: 5.0.707 - F-Secure Corporation) F-Secure Client Security - Kontrola urządzeń (HKLM-x32\...\F-Secure Device Control) (Version: 1.10.103 - F-Secure Corporation) F-Secure Client Security - Ochrona przed wirusami i szpiegami (HKLM-x32\...\F-Secure Anti-Virus) (Version: 9.52.239 - F-Secure Corporation) F-Secure Client Security - Ochrona przeglądania (HKLM-x32\...\F-Secure Browsing Protection) (Version: 2.01.483 - F-Secure Corporation) F-Secure Client Security - Osłona internetowa (HKLM-x32\...\F-Secure Internet Shield) (Version: 9.00 - F-Secure Corporation) F-Secure Client Security - Skanowanie poczty e-mail (HKLM-x32\...\F-Secure E-mail Scanning) (Version: 8.00.106 - F-Secure Corporation) F-Secure Client Security - Skanowanie ruchu w sieci Web (HKLM-x32\...\F-Secure Protocol Scanner) (Version: 3.01.276 - F-Secure Corporation) Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Insyde Airplane Mode HID Mini-Driver (HKLM\...\AirplaneModeHid) (Version: 1.4.0.3 - Insyde Corporation) Intel(R) Chipset Device Software (x32 Version: 10.1.1.38 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1039 - Intel Corporation) Intel(R) Online Connect Software Asset Manager (x32 Version: 3.4.2095 - Intel Corporation) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{5853172b-5520-4089-9ef4-e26c594382b3}) (Version: 19.30.0 - Intel Corporation) Just Cause 3 (HKLM\...\Steam App 225540) (Version: - Avalanche Studios) K-Lite Mega Codec Pack 12.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.9.0 - KLCP) Malwarebytes (wersja 3.0.6.1469) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 54.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 54.0 (x86 pl)) (Version: 54.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.0.6368 - Mozilla) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden NVIDIA GeForce Experience 3.1.0.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.0.44 - NVIDIA Corporation) NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 378.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.92 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.34.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.23 - NVIDIA Corporation) NVIDIA Sterownik graficzny 378.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.92 - NVIDIA Corporation) NvNodejs (Version: 3.1.0.44 - NVIDIA Corporation) Hidden NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden Obsługa programów Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Outils de vérification linguistique 2016 de Microsoft Office - Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Panel sterowania NVIDIA 378.92 (Version: 378.92 - NVIDIA Corporation) Hidden QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8004 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 7.1.0330 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.1.0.44 - NVIDIA Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.4.66 - Synaptics Incorporated) Total Uninstall 6.17.1 (HKLM\...\Total Uninstall 6_is1) (Version: 6.17.1 - Gavrila Martau) Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft) Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation) WinRAR 5.40 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0001CE02-7A81-4F93-89DC-CB2B82B5BDE6} - System32\Tasks\BDAntiCryptoWallTask => C:\Program Files\Bitdefender\Tools\BDAntiRansomware\BDAntiRansomware.exe [2016-05-16] () Task: {14E3DDB9-FDD6-4DA2-8777-7FEA56249438} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {470634FD-05BB-4819-A444-DBE3D7270A71} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => D:\Program Files\Microsoft Office 2016\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {4A8B51D5-D484-4D5B-9D8D-0132A68586E8} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-10-14] (Intel Corporation) Task: {7E5CA63F-853B-4D05-AD5A-78605A03F300} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {8AA81B62-DDA2-4508-97A1-D550FE1771FE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-18] (NVIDIA Corporation) Task: {8B9C15CD-A9E2-437E-A40B-9EBE4B14A21A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => D:\Program Files\Microsoft Office 2013\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {99224680-D295-4EAA-8B0A-BD45397907CA} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-18] (NVIDIA Corporation) Task: {A8CD90F6-26AE-4A15-85E1-ECE16A94CB3B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-18] (NVIDIA Corporation) Task: {AA39A4E9-11F2-4313-8438-822C8C341D1A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => D:\Program Files\Microsoft Office 2013\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {AB108F57-2120-420E-A280-82EC5C241559} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-14] (Adobe Systems Incorporated) Task: {B64849DC-1CE6-4051-81F7-1F1B157741AF} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-10-13] (Intel(R) Corporation) Task: {B865C378-5F2E-4012-BB9E-4039D536A815} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-18] (NVIDIA Corporation) Task: {BFF49C67-D98E-4731-8842-A547744EB59F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated) Task: {C691ADCB-10CF-4437-8B4D-52BF8DD00590} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => D:\Program Files\Microsoft Office 2016\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {C79B6CA5-EC78-4C56-9E8A-01D4D02166DF} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-02-01] () Task: {CFF1400B-07C3-4C42-8C0B-E592230F3C2B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-10-18] (NVIDIA Corporation) Task: {E5159EBB-8976-4111-8905-6F0D800CA1CC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-10-18] (NVIDIA Corporation) Task: {E636AF35-0CA7-43EC-9D10-663ECE08D791} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {F5B978ED-2117-4F6D-B35F-6FF7A992B963} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd) Task: {FF5AD71C-E66A-44B3-B14A-F83F4A7EEF36} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-10-14] (Intel Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-10-17 21:00 - 2016-10-17 21:00 - 00107752 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\libglog.dll 2016-10-17 21:00 - 2016-10-17 21:00 - 00412904 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\JsonCpp.dll 2017-02-04 03:23 - 2016-10-18 20:39 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-02-04 03:23 - 2016-10-18 20:39 - 04490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll 2017-02-04 03:24 - 2016-10-18 20:39 - 00420408 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll 2016-11-01 18:18 - 2016-11-01 18:18 - 00253664 _____ () C:\Program Files\Intel\Intel(R) Online Connect\CSLibWrapper.dll 2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll 2017-06-14 20:25 - 2017-06-03 12:01 - 02681200 _____ () C:\Windows\System32\CoreUIComponents.dll 2017-02-04 03:23 - 2017-03-17 01:16 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-02-04 03:16 - 2016-05-16 17:25 - 01318488 _____ () C:\Program Files\Bitdefender\Tools\BDAntiRansomware\BDAntiRansomware.exe 2017-02-04 03:16 - 2015-08-14 15:49 - 00614400 _____ () C:\Program Files\Bitdefender\Tools\BDAntiRansomware\BDMetrics.dll 2017-05-29 21:01 - 2017-02-20 12:34 - 00327648 _____ () c:\program files (x86)\f-secure\daas2\daas2_x64.dll 2017-02-04 02:44 - 2017-02-04 02:44 - 00959168 _____ () C:\Users\Arek\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll 2017-02-23 00:56 - 2017-02-23 00:56 - 08911560 _____ () D:\Program Files\Microsoft Office 2016\Office16\1033\GrooveIntlResource.dll 2017-01-16 15:30 - 2017-01-16 15:30 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-14 20:04 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-03-14 20:05 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-14 20:05 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-14 20:05 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-06-14 20:25 - 2017-06-03 10:47 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-06-14 20:25 - 2017-06-03 10:51 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-05-29 21:01 - 2017-02-20 12:34 - 00254944 _____ () c:\program files (x86)\f-secure\daas2\daas2.dll 2017-02-04 03:16 - 2016-04-15 18:11 - 00023968 _____ () C:\Program Files\Bitdefender\Tools\BDAntiRansomware\InjectionDll.dll 2016-11-08 20:40 - 2016-11-08 20:40 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2017-02-04 03:23 - 2016-10-18 20:39 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2017-02-04 03:23 - 2016-10-15 14:31 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2017-02-04 03:23 - 2016-10-15 14:31 - 00257592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2017-02-04 03:23 - 2016-10-15 14:31 - 02808256 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2017-02-04 03:23 - 2016-10-18 20:39 - 00901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-02-04 03:23 - 2016-10-18 20:39 - 03776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll 2017-02-04 03:23 - 2016-10-15 14:31 - 00246840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2017-02-04 03:23 - 2016-10-15 14:31 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2017-02-04 03:23 - 2016-10-15 14:31 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2017-02-04 03:23 - 2016-10-15 14:31 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node 2017-05-29 21:01 - 2017-02-20 12:13 - 00074720 _____ () C:\Program Files (x86)\F-Secure\Anti-Virus\FSAVHRES.eng ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-07-16 13:47 - 2017-02-12 18:49 - 00004872 _____ C:\Windows\system32\Drivers\etc\hosts 0.0.0.0 a.ads1.msn.com 0.0.0.0 a.ads2.msads.net 0.0.0.0 a.ads2.msn.com 0.0.0.0 a.rad.msn.com 0.0.0.0 a-0001.a-msedge.net 0.0.0.0 a-0002.a-msedge.net 0.0.0.0 a-0003.a-msedge.net 0.0.0.0 a-0004.a-msedge.net 0.0.0.0 a-0005.a-msedge.net 0.0.0.0 a-0006.a-msedge.net 0.0.0.0 a-0007.a-msedge.net 0.0.0.0 a-0008.a-msedge.net 0.0.0.0 a-0009.a-msedge.net 0.0.0.0 ac3.msn.com 0.0.0.0 ad.doubleclick.net 0.0.0.0 adnexus.net 0.0.0.0 adnxs.com 0.0.0.0 ads.msn.com 0.0.0.0 ads1.msads.net 0.0.0.0 ads1.msn.com 0.0.0.0 aidps.atdmt.com 0.0.0.0 aka-cdn-ns.adtech.de 0.0.0.0 a-msedge.net 0.0.0.0 apps.skype.com 0.0.0.0 az361816.vo.msecnd.net 0.0.0.0 az512334.vo.msecnd.net 0.0.0.0 b.ads1.msn.com 0.0.0.0 b.ads2.msads.net 0.0.0.0 b.rad.msn.com 0.0.0.0 bs.serving-sys.com There are 89 more lines. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1312558640-571889949-1337027344-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: ibtsiva => 2 MSCONFIG\Services: MBAMService => 3 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: Steam Client Service => 3 HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "WindowsDefender" HKU\S-1-5-21-1312558640-571889949-1337027344-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-1312558640-571889949-1337027344-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1312558640-571889949-1337027344-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-1312558640-571889949-1337027344-1001\...\StartupApproved\Run: => "Gaijin.Net Agent" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{7851E272-26D9-46F0-8314-8A586E5064AB}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{34CC8AAE-6FD3-4583-975C-5160AA0902F0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{1791BEE4-AA05-4E6E-8A74-482778FD5B80}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{16152C63-5757-4AB6-A1AB-EA0533C472E5}] => (Allow) D:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{F911E887-3ED6-4105-A2A7-DD96E152B6EC}] => (Allow) D:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{F90F46F8-68C1-4435-90C0-650D09DA02EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{5543FB77-680B-43DC-9A86-06381682F215}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{2DDF5C29-8A2A-4AF8-AEE7-6291220D826F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{04E0DC83-0028-47DC-ABF4-D2B1233D6547}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{D2E5C9CC-9C7F-4F8F-B56D-956DCA3A8AC9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{570F7DE6-21F6-4F5C-B464-994A88ACD87C}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{71B34F80-B4D4-4111-AFBA-9CC3AAEF434F}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{AFC2BCD0-E610-410C-91D0-E661C9ABF6CF}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{4B0A9A7C-2CAC-4112-9A76-7979B9AC9389}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{7CAACDCC-A911-495A-92E2-44BED3620D96}] => (Allow) D:\Program Files\Microsoft Office 2016\Office16\lync.exe FirewallRules: [{DD0A6FB6-68CF-4C0F-BC49-12861A18AE61}] => (Allow) D:\Program Files\Microsoft Office 2016\Office16\lync.exe FirewallRules: [{51A25B53-B65B-41A8-8E42-959A36D03A21}] => (Allow) D:\Program Files\Microsoft Office 2016\Office16\UcMapi.exe FirewallRules: [{2AE0DF9F-D680-4A5D-8CC3-B9CF4E9912F4}] => (Allow) D:\Program Files\Microsoft Office 2016\Office16\UcMapi.exe FirewallRules: [{F1D42BA1-04DE-4D06-9CD6-B05C434C537D}] => (Allow) D:\Program Files\Microsoft Office 2016\Office16\outlook.exe FirewallRules: [{4B7AC790-3AE2-4659-9E67-35096BE22373}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{12E5BF03-184C-4BC3-A8A8-9ECC6DAC6576}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{DB117756-464B-4C9E-B546-5EBF923318A8}] => (Allow) D:\Program Files\Microsoft Office 2013\Office15\lync.exe FirewallRules: [{ADFB8EB9-4FC0-4D5A-B3A0-66BC42323A08}] => (Allow) D:\Program Files\Microsoft Office 2013\Office15\lync.exe FirewallRules: [{D847A0C0-5394-4303-B87A-138CC846A565}] => (Allow) D:\Program Files\Microsoft Office 2013\Office15\UcMapi.exe FirewallRules: [{92920E73-71C3-4BA8-A7B1-8D3E3C401AB3}] => (Allow) D:\Program Files\Microsoft Office 2013\Office15\UcMapi.exe FirewallRules: [{6028BB99-330A-4368-B3CD-2323A00684F8}] => (Allow) D:\Program Files\Microsoft Office 2013\Office15\outlook.exe FirewallRules: [{137B4F11-635C-47E2-91EC-6BEE73108F6B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{0FE78AA6-C3D0-411F-AEA8-AAED76F5250E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [TCP Query User{EAFF88E2-A7C5-48C4-83EA-FAC0DA7ABC90}D:\program files (x86)\call of duty black ops ii\t6sp.exe] => (Allow) D:\program files (x86)\call of duty black ops ii\t6sp.exe FirewallRules: [UDP Query User{F75931D7-A960-478F-974E-3209D8BC5F26}D:\program files (x86)\call of duty black ops ii\t6sp.exe] => (Allow) D:\program files (x86)\call of duty black ops ii\t6sp.exe FirewallRules: [{4A29C9BA-101F-439F-A66E-49916C7D558B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{60E6D465-398E-4850-BE86-7EF7620A2377}] => (Block) C:\windows\system32\svchost.exe FirewallRules: [{2765E0F4-2918-4A46-B9C9-43CDD8FCBA2B}] => (Block) C:\windows\systemapps\microsoft.windows.cortana_cw5n1h2txyewy\searchui.exe FirewallRules: [{F5D0E299-296C-4CEF-8DF2-A1706D01FFA0}] => (Block) C:\Windows\explorer.exe FirewallRules: [{86D6B760-6014-4C87-B50D-3DB066F9D6D4}] => (Allow) D:\Assasin Creed\AssassinsCreed_Dx9.exe FirewallRules: [{12C12ED4-2102-4B3A-8194-2740A51BE7C4}] => (Allow) D:\Assasin Creed\AssassinsCreed_Dx9.exe FirewallRules: [{58610CC6-033B-4511-B61D-12CAA7BC10E8}] => (Allow) D:\Assasin Creed\AssassinsCreed_Dx10.exe FirewallRules: [{2254E149-A0AD-42F9-B95F-DF8EF507AB90}] => (Allow) D:\Assasin Creed\AssassinsCreed_Dx10.exe FirewallRules: [{B23F5141-4510-4804-B1DB-82BD10434A02}] => (Allow) D:\Assasin Creed\AssassinsCreed_Launcher.exe FirewallRules: [{18ED3F4C-2663-4D39-87B7-FEDE3460566C}] => (Allow) D:\Assasin Creed\AssassinsCreed_Launcher.exe FirewallRules: [{F4324599-61C1-45B7-8962-72213BC4AEA1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Ashes of the Singularity Escalation\AshesEscalation.exe FirewallRules: [{A90E6862-8CA6-410E-9AD4-0581AEB34CB4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Ashes of the Singularity Escalation\AshesEscalation.exe FirewallRules: [{A5B3B111-6207-4F87-9F7C-AFDFCB0F6890}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Ashes of the Singularity Escalation\AshesEscalation_DX11.exe FirewallRules: [{907093A4-A8A3-4FBB-91F3-BBF7FD5454AD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Ashes of the Singularity Escalation\AshesEscalation_DX11.exe FirewallRules: [{D8D0BE86-B387-409C-BAAA-EB9276D6502F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe FirewallRules: [{B386A22D-4224-470A-B0DA-46CFE46B6E9D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe FirewallRules: [{979209A1-002E-4C05-A840-EFF883AC7891}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Ashes of the Singularity\Ashes_DX11.exe FirewallRules: [{32AF5E54-2A3A-472A-BAD3-5F50221D04BE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Ashes of the Singularity\Ashes_DX11.exe FirewallRules: [{276E0A0B-9EBE-4DF1-B273-942917420686}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Ashes of the Singularity\Ashes_DX12.exe FirewallRules: [{2CD9E004-2319-49C3-8032-2ABAC8825D56}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Ashes of the Singularity\Ashes_DX12.exe FirewallRules: [{A7BF78A2-2760-499D-994F-876BE822E348}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{C299D009-56D3-4B64-BEB7-DD4DEE2F366C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{BE050BD2-ECF3-4211-8546-72E69744793F}] => (Allow) D:\Assasin Creed II\AssassinsCreedIIGame.exe FirewallRules: [{53F56727-CA38-4613-B464-248F084A9A5B}] => (Allow) D:\Assasin Creed II\AssassinsCreedIIGame.exe FirewallRules: [{2811EEDE-2EE7-417B-9F0F-85641C0E0C42}] => (Allow) D:\Assasin Creed II\AssassinsCreedII.exe FirewallRules: [{A833032C-74EF-4B15-B9B6-5D5B8A5D8C0B}] => (Allow) D:\Assasin Creed II\AssassinsCreedII.exe FirewallRules: [{8FF313E5-5E31-4EDE-A7A1-276B5B6908F9}] => (Allow) D:\Assasin Creed II\UPlayBrowser.exe FirewallRules: [{8798FA85-1E06-4F73-B03E-2D07D92A7C46}] => (Allow) D:\Assasin Creed II\UPlayBrowser.exe FirewallRules: [{112ACDDF-ACC2-4BA6-8235-C73CBD2C2DB1}] => (Allow) D:\Assasin Creed III\AC3SP.exe FirewallRules: [{6CE18A94-8F23-4D6F-9E08-6BA0453017CD}] => (Allow) D:\Assasin Creed III\AC3SP.exe FirewallRules: [{E6D2379F-FA6A-4128-9C0D-5B1ACF3F312C}] => (Allow) D:\Assasin Creed III\AC3MP.exe FirewallRules: [{ECF30304-9BAC-4A46-A27D-E7DD4F0B210E}] => (Allow) D:\Assasin Creed III\AC3MP.exe FirewallRules: [{FCCBCC41-10C9-43BA-A61A-E18325114010}] => (Allow) D:\Assasin Creed III\AssassinsCreed3.exe FirewallRules: [{BC5EE957-EF10-42A3-92B5-B44BB9F7F5D1}] => (Allow) D:\Assasin Creed III\AssassinsCreed3.exe FirewallRules: [{CDA5A0D2-E675-4EEB-8A6E-4F66006D942C}] => (Allow) D:\Assasin Creed BrotherHood\ACBSP.exe FirewallRules: [{C75E0333-6C1F-4628-8C67-6915D4EC8071}] => (Allow) D:\Assasin Creed BrotherHood\ACBSP.exe FirewallRules: [{9B1669B9-ECF5-43FC-B65C-70477CBC2A48}] => (Allow) D:\Assasin Creed BrotherHood\ACBMP.exe FirewallRules: [{F63D1BB9-4906-4D16-A5BC-2D2BF60A3B42}] => (Allow) D:\Assasin Creed BrotherHood\ACBMP.exe FirewallRules: [{28AC99D6-5B99-429A-8B0E-3110CDFA812E}] => (Allow) D:\Assasin Creed BrotherHood\AssassinsCreedBrotherhood.exe FirewallRules: [{5E30B6F9-66BE-465F-84FC-B2E55A0D1A0F}] => (Allow) D:\Assasin Creed BrotherHood\AssassinsCreedBrotherhood.exe FirewallRules: [{7FB62D6D-1681-46F9-ABA5-5A31819A1245}] => (Allow) D:\Assasin Creed BrotherHood\UPlayBrowser.exe FirewallRules: [{0A7FF9F2-6EE8-4F9B-A4EC-0CA3F1B1C044}] => (Allow) D:\Assasin Creed BrotherHood\UPlayBrowser.exe FirewallRules: [{1B0CB12D-0AF2-42F0-BC96-F5C2BCE0B89B}] => (Allow) D:\Assassin's Creed Rogue\ACC.exe FirewallRules: [{4AC87C9E-0468-4F64-8FB8-75131CE0DECD}] => (Allow) D:\Assassin's Creed Rogue\ACC.exe FirewallRules: [{69D706F6-3BF1-4BCE-A4D2-DBF0DF93EC9C}] => (Allow) D:\Assasin Creed Revelations\ACRSP.exe FirewallRules: [{64D11F23-2AB5-4E7F-85DB-073F40081A90}] => (Allow) D:\Assasin Creed Revelations\ACRSP.exe FirewallRules: [{23375FE5-2127-4BE4-AC47-397AF2046922}] => (Allow) D:\Assasin Creed Revelations\ACRMP.exe FirewallRules: [{E20649D6-6240-4763-AC39-13B1C109EDE1}] => (Allow) D:\Assasin Creed Revelations\ACRMP.exe FirewallRules: [{81310D06-2A8C-497F-8737-D0103650B03D}] => (Allow) D:\Assasin Creed Revelations\AssassinsCreedRevelations.exe FirewallRules: [{4AF932A0-A3D1-4A9C-AB95-7CAD6BCAED59}] => (Allow) D:\Assasin Creed Revelations\AssassinsCreedRevelations.exe FirewallRules: [TCP Query User{EAC7176B-A875-4740-8A7B-EE0F295D3240}D:\program files\call of duty - infinite warfare\iw7_ship.exe] => (Allow) D:\program files\call of duty - infinite warfare\iw7_ship.exe FirewallRules: [UDP Query User{C6AA657E-CDA5-41F5-8D56-2CD76B5DAC93}D:\program files\call of duty - infinite warfare\iw7_ship.exe] => (Allow) D:\program files\call of duty - infinite warfare\iw7_ship.exe FirewallRules: [{4EB53C6E-78BF-4987-A70B-C095267C9EC1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Ashes of the Singularity Escalation\StardockLauncher.exe FirewallRules: [{3266AC64-09DF-4257-9E76-5AB6D3FAEA5C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Ashes of the Singularity Escalation\StardockLauncher.exe ==================== Restore Points ========================= 07-06-2017 16:14:03 Scheduled Checkpoint 14-06-2017 20:26:46 Windows Update 20-06-2017 15:17:01 Windows Update ==================== Faulty Device Manager Devices ============= Name: Insyde Airplane Mode HID Mini-Driver Description: Insyde Airplane Mode HID Mini-Driver Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da} Manufacturer: Insyde Service: AirplaneModeHid Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (06/23/2017 09:02:38 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: uTorrent.exe, wersja: 2.2.1.25302, sygnatura czasowa: 0x4dd301c8 Nazwa modułu powodującego błąd: GDI32.dll, wersja: 10.0.14393.206, sygnatura czasowa: 0x57dad2ca Kod wyjątku: 0xc000041d Przesunięcie błędu: 0x00003e82 Identyfikator procesu powodującego błąd: 0x10ec Godzina uruchomienia aplikacji powodującej błąd: 0x01d2ec46d77208ac Ścieżka aplikacji powodującej błąd: D:\Program Files (x86)\uTorrent\uTorrent.exe Ścieżka modułu powodującego błąd: C:\Windows\System32\GDI32.dll Identyfikator raportu: a62c8c58-0dab-43a0-a6f6-e01c8c8f91b9 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (06/23/2017 09:02:38 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: uTorrent.exe, wersja: 2.2.1.25302, sygnatura czasowa: 0x4dd301c8 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.14393.479, sygnatura czasowa: 0x58256ca0 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00045b0e Identyfikator procesu powodującego błąd: 0x10ec Godzina uruchomienia aplikacji powodującej błąd: 0x01d2ec46d77208ac Ścieżka aplikacji powodującej błąd: D:\Program Files (x86)\uTorrent\uTorrent.exe Ścieżka modułu powodującego błąd: C:\Windows\SYSTEM32\ntdll.dll Identyfikator raportu: dcedbe2d-51bc-4620-be29-038c1594e788 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (06/23/2017 05:42:12 PM) (Source: IntelDalJhi) (EventID: 4) (User: ) Description: Intel(R) Dynamic Application Loader Host Interface Service initialization failure - the spooler applet is invalid. Error: (06/23/2017 05:42:12 PM) (Source: IntelDalJhi) (EventID: 4) (User: ) Description: Intel(R) Dynamic Application Loader Host Interface Service initialization failure - the spooler applet is invalid. Error: (06/23/2017 02:50:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: uTorrent.exe, wersja: 2.2.1.25302, sygnatura czasowa: 0x4dd301c8 Nazwa modułu powodującego błąd: GDI32.dll, wersja: 10.0.14393.206, sygnatura czasowa: 0x57dad2ca Kod wyjątku: 0xc000041d Przesunięcie błędu: 0x00003e82 Identyfikator procesu powodującego błąd: 0x1c24 Godzina uruchomienia aplikacji powodującej błąd: 0x01d2ec1d6ac74585 Ścieżka aplikacji powodującej błąd: D:\Program Files (x86)\uTorrent\uTorrent.exe Ścieżka modułu powodującego błąd: C:\Windows\System32\GDI32.dll Identyfikator raportu: 75749d03-c000-40cc-9ccb-7d2711f676ff Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (06/23/2017 02:50:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: uTorrent.exe, wersja: 2.2.1.25302, sygnatura czasowa: 0x4dd301c8 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.14393.479, sygnatura czasowa: 0x58256ca0 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00045b0e Identyfikator procesu powodującego błąd: 0x1c24 Godzina uruchomienia aplikacji powodującej błąd: 0x01d2ec1d6ac74585 Ścieżka aplikacji powodującej błąd: D:\Program Files (x86)\uTorrent\uTorrent.exe Ścieżka modułu powodującego błąd: C:\Windows\SYSTEM32\ntdll.dll Identyfikator raportu: c1470496-c2f4-4989-ba60-3fbf91432ed5 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (06/22/2017 06:22:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: uTorrent.exe, wersja: 2.2.1.25302, sygnatura czasowa: 0x4dd301c8 Nazwa modułu powodującego błąd: GDI32.dll, wersja: 10.0.14393.206, sygnatura czasowa: 0x57dad2ca Kod wyjątku: 0xc000041d Przesunięcie błędu: 0x00003e82 Identyfikator procesu powodującego błąd: 0x21ac Godzina uruchomienia aplikacji powodującej błąd: 0x01d2eb5d770cdb3e Ścieżka aplikacji powodującej błąd: D:\Program Files (x86)\uTorrent\uTorrent.exe Ścieżka modułu powodującego błąd: C:\Windows\System32\GDI32.dll Identyfikator raportu: 6b23b6df-9a76-48f6-8d20-401994e233b8 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (06/22/2017 06:22:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: uTorrent.exe, wersja: 2.2.1.25302, sygnatura czasowa: 0x4dd301c8 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.14393.479, sygnatura czasowa: 0x58256ca0 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00045b0e Identyfikator procesu powodującego błąd: 0x21ac Godzina uruchomienia aplikacji powodującej błąd: 0x01d2eb5d770cdb3e Ścieżka aplikacji powodującej błąd: D:\Program Files (x86)\uTorrent\uTorrent.exe Ścieżka modułu powodującego błąd: C:\Windows\SYSTEM32\ntdll.dll Identyfikator raportu: 5e5a3c92-45bd-4807-8a9b-5b1b7d63628d Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (06/21/2017 09:25:12 PM) (Source: IntelDalJhi) (EventID: 4) (User: ) Description: Intel(R) Dynamic Application Loader Host Interface Service initialization failure - the spooler applet is invalid. Error: (06/21/2017 09:25:12 PM) (Source: IntelDalJhi) (EventID: 4) (User: ) Description: Intel(R) Dynamic Application Loader Host Interface Service initialization failure - the spooler applet is invalid. System errors: ============= Error: (06/24/2017 02:15:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi NT AUTHORITY\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (06/24/2017 02:13:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi NT AUTHORITY\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (06/24/2017 02:13:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi NT AUTHORITY\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (06/24/2017 01:29:44 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H4ANKJD) Description: Serwer {37998346-3765-45B1-8C66-AA88CA6B20B8} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (06/24/2017 01:28:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi NT AUTHORITY\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (06/24/2017 01:27:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Connected Devices Platform Service zakończyła działanie; wystąpił następujący błąd: Nieokreślony błąd. Error: (06/24/2017 01:27:30 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} i identyfikatorem aplikacji APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} użytkownikowi NT AUTHORITY\LOCAL SERVICE o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (06/24/2017 01:27:30 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} i identyfikatorem aplikacji APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} użytkownikowi NT AUTHORITY\LOCAL SERVICE o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (06/24/2017 12:02:14 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi NT AUTHORITY\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (06/23/2017 11:25:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H4ANKJD) Description: Serwer {37998346-3765-45B1-8C66-AA88CA6B20B8} nie zarejestrował się w modelu DCOM w wymaganym czasie. CodeIntegrity: =================================== Date: 2017-02-05 10:53:48.480 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvcv.inf_amd64_5c8444227c9d07aa\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz Percentage of memory in use: 34% Total physical RAM: 8046.11 MB Available physical RAM: 5304.07 MB Total Virtual: 9326.11 MB Available Virtual: 6355.96 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:255.62 GB) (Free:162.38 GB) NTFS Drive d: (New Volume) (Fixed) (Total:931.51 GB) (Free:305.37 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 256.2 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F5785EDF) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================