Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.01.2018 Ran by Kaczuszka (08-01-2018 20:58:54) Running from C:\Users\Kaczuszka\Desktop\Programy Windows 7 Ultimate Service Pack 1 (X64) (2017-01-15 10:27:48) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-926443373-218334621-2797000802-500 - Administrator - Disabled) Guest (S-1-5-21-926443373-218334621-2797000802-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-926443373-218334621-2797000802-1002 - Limited - Enabled) Kaczuszka (S-1-5-21-926443373-218334621-2797000802-1001 - Administrator - Enabled) => C:\Users\Kaczuszka ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) "Batman - Arkham City" (HKLM-x32\...\{71AD83D4-6F74-4257-8398-8D1BFEA91EFF}_is1) (Version: 1.1.0.0 - ) µTorrent (HKU\S-1-5-21-926443373-218334621-2797000802-1001\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe Audition CC 2014 (HKLM-x32\...\{F3388E10-EFA9-4A80-B28E-2E647F8D00C4}) (Version: 7.0.0 - Adobe Systems Incorporated) Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach) Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team) Call of Juarez - Bound in Blood (HKLM-x32\...\{FEFAF112-4DA8-479C-89E2-7DE25091711A}) (Version: 1.00.0000 - Ubisoft) Hidden Call of Juarez - Bound in Blood (HKLM-x32\...\InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}) (Version: 1.00.0000 - Ubisoft) Canon MP270 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series) (Version: - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform) Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd) Deus Ex Human Revolution Directors Cut version 2.0.66.0 (HKLM-x32\...\Deus Ex Human Revolution Directors Cut_is1) (Version: 2.0.66.0 - Mr DJ) Europa Universalis IV Rights of Man (HKLM-x32\...\Europa Universalis IV Rights of Man_is1) (Version: - ) FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line) FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line) GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden GoPro (HKLM\...\{1E92618C-EB66-4C4C-9F45-93EC6EF53273}) (Version: 0.1.2733 - GoPro, Inc.) Hidden GoPro for Desktop (HKLM-x32\...\{88734dc7-c200-4ad3-b29f-bb5e436cb30f}) (Version: 1.4.0.2733 - GoPro, Inc.) GoPro Studio (HKLM-x32\...\{99502BF0-655A-425D-8754-9EEC557D3D73}) (Version: 5.9.2733 - GoPro, Inc.) Hidden Grand Theft Auto Vice City version 1.1.0.0 (HKLM-x32\...\Grand Theft Auto Vice City_is1) (Version: 1.1.0.0 - Mr DJ) L.A. Noire PL [BDIP] wersja 1.01 (HKLM-x32\...\{C863E3ED-F40F-411B-925D-87824CC81DCF}_is1) (Version: 1.01 - BDIP) L.A.Noire (HKLM-x32\...\L.A.Noire_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) Malwarebytes version 3.0.4.1269 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.4.1269 - Malwarebytes) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.8730.2165 - Microsoft Corporation) Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-926443373-218334621-2797000802-1001\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation) NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation) NVIDIA Graphics Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation) NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) Obsługa programów Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8730.2165 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8730.2165 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8730.2165 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8730.2165 - Microsoft Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.4.5.25153 - Electronic Arts, Inc.) Original War (HKLM-x32\...\original war) (Version: - ) proDAD Mercalli 4.0 (64bit) (HKLM\...\proDAD-Mercalli-4.0) (Version: 4.0.452.1 - proDAD GmbH) proDAD ProDRENALIN 1.0 (64bit) (HKLM\...\proDAD-ProDRENALIN-1.0) (Version: 1.0.22.1 - proDAD GmbH) QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Republic: The Revolution (HKLM-x32\...\{FEE97F95-1037-4064-B96A-F771BA1DB21C}) (Version: 1.00.0000 - Elixir Studios) Return to Castle Wolfenstein - Platinum Edition (HKLM-x32\...\Return to Castle Wolfenstein - Platinum Edition) (Version: - ) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.2.0 - Rockstar Games) Router Wi-Fi Movil Hostless Modem (HKLM-x32\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.2 - ZTE Corporation) Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) The Chronicles of Riddick - Assault on Dark Athena (HKLM-x32\...\GOGPACKRIDDICK_is1) (Version: 2.0.0.10 - GOG.com) Unity Web Player (HKU\S-1-5-21-926443373-218334621-2797000802-1001\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS) VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden VFW_Codec32 (HKLM-x32\...\{4275850F-4E2E-4F60-9E73-8BD8F70891D3}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden VFW_Codec64 (HKLM\...\{7010885D-3378-4C9B-B330-88271728EDE5}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Program Files (x86)\Malwarebytes Anti-Malware\mbshlext.dll [2016-11-29] (Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Program Files (x86)\Malwarebytes Anti-Malware\mbshlext.dll [2016-11-29] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1A3DE0B1-A56F-4260-98C0-1188A7E30DD3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd) Task: {2DB0910A-D55D-445A-8D89-48E7089BF28E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-05] (Microsoft Corporation) Task: {2DE1BD68-52AC-4A22-8285-1AEBC2C5A241} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-05] (Microsoft Corporation) Task: {3D5CC7AD-8BC9-43FA-BAFA-5A64ACAFC717} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {3DB9D8AB-E0EE-4074-8593-889E4BF4C2EE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-27] (NVIDIA Corporation) Task: {46B83AC4-C4B4-4AA7-8F28-AC36C88BA619} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-27] (NVIDIA Corporation) Task: {4715AFB0-ED83-4854-8D02-1D4955D7011E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-27] (NVIDIA Corporation) Task: {4DC95C0D-B202-46A4-A3CD-E02F80123129} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [2015-08-10] (MSFree Inc.) Task: {5961BBA7-0B2A-4A31-A37A-E25D6CBB1401} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-05] (Microsoft Corporation) Task: {649064C1-CD09-42CC-B69F-EDDFB0F67C83} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-27] (NVIDIA Corporation) Task: {6C7D2AFE-FE7D-4A38-95BD-04F106447EEC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-25] (Microsoft Corporation) Task: {9FF6A346-04DE-481E-8754-2064A6969CF8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-27] (NVIDIA Corporation) Task: {B7D75972-6A36-4B0F-AD97-938660C056C4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-27] (NVIDIA Corporation) Task: {B8C0EFD7-1343-483C-A3A0-12E8AE13662D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-25] (Microsoft Corporation) Task: {BDD5914E-AC56-4614-9228-EA29D915F059} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-05] (Microsoft Corporation) Task: {C70B11D4-75A8-44C6-B5E9-D8E956F9C342} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-27] (NVIDIA Corporation) Task: {C8739A96-DB69-40C6-9702-365068129DDA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-27] (NVIDIA Corporation) Task: {F5EF5535-F816-456B-9665-569C36D86C8F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-15] (Google Inc.) Task: {FA77A987-35F9-4D17-A3AD-84AEA80FCE06} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-15] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2017-10-11 20:25 - 2017-12-18 22:32 - 008935088 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll 2017-11-15 16:39 - 2017-10-27 18:46 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-01-06 13:16 - 2016-11-29 06:27 - 002259232 _____ () D:\PROGRAM FILES (X86)\MALWAREBYTES ANTI-MALWARE\PoliciesControllerImpl.dll 2016-05-11 23:39 - 2016-05-11 23:39 - 001088944 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe 2017-11-21 21:09 - 2012-12-24 11:09 - 000417176 _____ () C:\Program Files (x86)\Hostless Modem\Router Wi-Fi Movil\CheckNDISPort_df.exe 2015-08-26 08:44 - 2015-08-26 08:44 - 000055576 _____ () C:\Program Files\CCleaner\branding.dll 2016-05-11 23:39 - 2016-05-11 23:39 - 000037808 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe 2017-12-09 11:04 - 2017-12-06 05:24 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\libglesv2.dll 2017-12-09 11:04 - 2017-12-06 05:24 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\libegl.dll 2017-11-15 16:39 - 2017-10-27 18:46 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2018-01-08 20:38 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-926443373-218334621-2797000802-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kaczuszka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 217.173.176.6 - 217.173.176.50 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Plants vs Zombies.lnk => C:\Windows\pss\Plants vs Zombies.lnk.CommonStartup MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: DAEMON Tools Lite Automount => "D:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart MSCONFIG\startupreg: Steam => "D:\Program Files (x86)\Steam\steam.exe" -silent MSCONFIG\startupreg: uTorrent => "C:\Users\Kaczuszka\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{901920A7-6D1B-4344-AD7C-39417817B33E}] => (Allow) C:\Users\Kaczuszka\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{86F7A77C-B72E-4D8E-9F76-8BFB5DA9C5BC}] => (Allow) C:\Users\Kaczuszka\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{BA6FC2AA-237B-4530-A419-0F8A993EE556}] => (Allow) C:\Users\Kaczuszka\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{CE39B773-AF69-4312-B03D-5F89016F87BD}] => (Allow) C:\Users\Kaczuszka\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F0C34796-231E-46C2-A3B4-1CF9B8FD9F76}] => (Allow) C:\Users\Kaczuszka\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{BD99FFD8-80DE-4021-8604-A716DE7BB515}] => (Allow) C:\Users\Kaczuszka\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D4469F32-1ABD-42B7-9D2B-CB6607DCA4AB}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{7E4EE9C5-A647-42A2-9B9A-6CB1CF9684D7}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{E13C0F59-0F55-4476-9FD5-9B18C6DDE031}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{88E9F018-4642-429B-B046-E7EBFA5052A8}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{23D340C0-2A6C-4C54-B03A-F2224BC932AC}] => (Allow) C:\Program Files (x86)\Mr DJ\Grand Theft Auto Vice City\gta-vc.exe FirewallRules: [{C5225F64-6BE2-46BA-B35F-F5B27644B9AD}] => (Allow) C:\Program Files (x86)\Mr DJ\Grand Theft Auto Vice City\gta-vc.exe FirewallRules: [{72B1C7C4-0577-41C0-8EDA-7A80147532D5}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{F9E72A33-3B6F-4F99-A8BB-3889E3681DEB}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Original War\Owar.exe FirewallRules: [{4B15483A-09EB-461A-A9FA-201F57289C57}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Original War\Owar.exe FirewallRules: [TCP Query User{F6760E32-C767-4CEE-B238-1C057E766F62}D:\arcanum\arcanum\arcanum.exe] => (Allow) D:\arcanum\arcanum\arcanum.exe FirewallRules: [UDP Query User{D1F28918-3609-4035-B2E6-816653F181A3}D:\arcanum\arcanum\arcanum.exe] => (Allow) D:\arcanum\arcanum\arcanum.exe FirewallRules: [{E1CB9222-CB73-4334-AA5A-16421A7D4A1A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{713815F2-C011-49C6-AA5A-F5CEE17C4582}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{64EBD97B-BDFA-48D5-B588-EF10AE550A4D}] => (Allow) C:\Users\Kaczuszka\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [{9E08C0CF-E692-44C5-9A13-CAAE4D76615C}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro.exe FirewallRules: [{1E4C0F58-2A4B-4350-9081-3B215676C8BD}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe FirewallRules: [{E277D993-35C4-4AA4-9CC6-9A714AA1FE04}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe FirewallRules: [{27F22B43-0611-46E8-9F5D-975E53F4D6D2}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe FirewallRules: [{E1CAEDE3-9332-4BD6-9122-8BE54B2B0CB5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{55643B84-8D7E-4861-BB6B-6101C7654069}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{86D40B58-ABE9-4B5C-929A-B48DB5F07006}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{2347A3A5-087E-4965-AE98-5B9D641C9ED3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{85242D03-1621-4627-A933-E746826ADDDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{AEBF039C-2E84-4FB0-8925-331F008543A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{11CED8CC-5520-4E77-8BEA-213DF5434E94}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{A7D4CF58-BCDA-4063-875B-62A130460DD2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{5820E62B-74ED-4709-B911-8AA202A8116C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{8C1921E0-D4F2-417E-9C73-C439AA02D4E3}] => (Allow) D:\Program Files (x86)\Mr DJ\Deus Ex Human Revolution Directors Cut\DXHRDC.exe FirewallRules: [{72F98486-7E8E-4465-B87C-D32ABF7BF609}] => (Allow) D:\Program Files (x86)\Mr DJ\Deus Ex Human Revolution Directors Cut\DXHRDC.exe FirewallRules: [{6B1432DF-AD94-45BA-8EC2-1F56B7A89987}] => (Allow) D:\Program Files (x86)\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe FirewallRules: [{78AAF4E9-2DC9-4B26-A7E3-B28C0DAD2355}] => (Allow) D:\Program Files (x86)\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe FirewallRules: [{237FD2E5-3C00-4DE5-AE95-EA0A507E4407}] => (Allow) D:\Program Files (x86)\Batman - Arkham City\Binaries\Win32\BatmanAC.exe FirewallRules: [{AF963C0B-3600-459C-9F37-58C1F0C743DC}] => (Allow) D:\Program Files (x86)\Batman - Arkham City\Binaries\Win32\BatmanAC.exe ==================== Restore Points ========================= 31-12-2017 22:47:32 Installed DirectX 02-01-2018 11:03:31 Punkt przywracania utworzony przez HitmanPro 08-01-2018 20:33:47 Installed Microsoft Solution - B4164D8C-3813-495A-BBBC-BA51D122A226 08-01-2018 20:35:57 Installed Microsoft Solution - B4164D8C-3813-495A-BBBC-BA51D122A226 08-01-2018 20:37:31 Restore Point Created by FRST ==================== Faulty Device Manager Devices ============= Name: Coprocessor Description: Coprocessor Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (01/08/2018 08:57:33 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (01/08/2018 08:50:22 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (01/08/2018 08:48:45 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (01/08/2018 08:45:34 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (01/08/2018 08:45:13 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (01/08/2018 08:44:47 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (01/08/2018 08:42:00 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. System errors: ============= Error: (01/08/2018 08:41:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom Error: (01/08/2018 08:41:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Origin Web Helper Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (01/08/2018 08:41:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect. ==================== Memory info =========================== Processor: AMD Athlon(tm) II X2 245 Processor Percentage of memory in use: 73% Total physical RAM: 2047.24 MB Available physical RAM: 539.82 MB Total Virtual: 4094.48 MB Available Virtual: 2533.21 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:97.56 GB) (Free:23.24 GB) NTFS Drive d: () (Fixed) (Total:368.1 GB) (Free:286.85 GB) NTFS Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)] Drive f: () (Fixed) (Total:297.99 GB) (Free:296.2 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000001) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=368.1 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: E247B462) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================