Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018 Ran by Abdul (13-10-2018 09:41:09) Running from E:\ Windows 7 Ultimate Service Pack 1 (X64) (2018-08-13 10:36:05) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Abdul (S-1-5-21-2685662787-1516377248-208156778-1001 - Administrator - Enabled) => C:\Users\Abdul Administrator (S-1-5-21-2685662787-1516377248-208156778-500 - Administrator - Disabled) Guest (S-1-5-21-2685662787-1516377248-208156778-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2685662787-1516377248-208156778-1002 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189} AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 18.05 (HKLM-x32\...\7-Zip) (Version: 18.05 - Igor Pavlov) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated) AirLive 802.11G Wireless Utility (HKLM-x32\...\{FAB1F336-1B7C-4057-A7BC-2922CD82A781}) (Version: 1.5.6.0 - Ovislink) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.9.3 - Advanced Micro Devices, Inc.) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.4.0 - Asmedia Technology) Battlefield Hardline / RePack by Baracuda (HKLM\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}_is1) (Version: 1.07.15.00 - ) Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden Brother MFL-Pro Suite MFC-L2720DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.3.0 - Brother Industries, Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform) Core Temp 1.12.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.12.1 - ALCPU) CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.8.0.0544 - Disc Soft Ltd) EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.) Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version: 5.1.37.7258 - FreeDownloadManager.ORG) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 5.01 - Janos Mathe) IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan) K-Lite Mega Codec Pack 14.0.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.0.5 - KLCP) LS-USBMX 1/2/3 Steering Wheel W/Vibration (HKLM-x32\...\{2A558A06-A44E-400D-95AD-D9FAA89AFD36}) (Version: V4.3a - ) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 10.4.137.0 - Microsoft Corporation) Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation) Mozilla Firefox 62.0.3 (x64 pl) (HKLM\...\Mozilla Firefox 62.0.3 (x64 pl)) (Version: 62.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0 - Mozilla) Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (HKLM\...\{90160000-001F-0415-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Need for Speed™ Payback (HKLM-x32\...\{F4CF3D08-565C-40B7-B351-D3033DE2172B}) (Version: 1.0.51.41148 - Electronic Arts) OCCT 4.5.1 (HKLM-x32\...\OCCT) (Version: 4.5.1 - Ocbase.com) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Opera Stable 56.0.3051.40 (HKU\S-1-5-21-2685662787-1516377248-208156778-1001\...\Opera 56.0.3051.40) (Version: 56.0.3051.40 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 10.5.28.13288 - Electronic Arts, Inc.) PremiumOs4 (HKLM-x32\...\PremiumOs4) (Version: 35.59.5 - ) Project CARS 2 (HKLM-x32\...\Project CARS 2_is1) (Version: - ) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.1 - Renesas Electronics Corporation) Hidden Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.1 - Renesas Electronics Corporation) Skype version 8.29 (HKLM-x32\...\Skype_is1) (Version: 8.29 - Skype Technologies S.A.) SlimDrivers (HKLM-x32\...\{746AB259-6474-4111-8966-1C62F9A6E063}) (Version: 2.3.1 - SlimWare Utilities, Inc.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH) USB Dual-core Game Controller (HKLM-x32\...\{EE3F507D-7C47-4AB7-B535-4829ACDFA147}) (Version: v3.61 - Dragon rise) USB Vibration Joystick (BM) (HKLM-x32\...\{61A994FF-DF9B-4937-9DB9-87EC4FF1B31F}) (Version: 1.00.0000 - ShanWan) WinRAR 5.50 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) Wolfenstein II The New Colossus (HKLM-x32\...\Wolfenstein II The New Colossus_is1) (Version: - ) Wolfenstein The Old Blood (HKLM-x32\...\Wolfenstein The Old Blood_is1) (Version: - ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Windows\7z\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-08-10] (Disc Soft Ltd) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-08-10] (Disc Soft Ltd) ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Windows\7z\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-09-25] (Advanced Micro Devices, Inc.) ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Windows\7z\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {202A4568-8253-42B1-91C8-E2BE5098F758} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation) Task: {20303074-3EAA-4041-ABB4-D8F0F742E79B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd) Task: {20FFCDCF-CCB4-4855-B356-00A89B19C520} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-13] (Google Inc.) Task: {26901FEF-77AD-444B-833C-3293CFA60ABC} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2018-07-19] (Microsoft Corporation) Task: {287A0224-3406-4FDE-A6A6-49A2D7605BFD} - System32\Tasks\FreeDownloadManagerNetworkMonitor => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe [2018-05-28] (FreeDownloadManager.org) Task: {30AD088C-58D6-4758-8CEA-2459EBEFCC22} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [2018-07-19] (Microsoft) Task: {4763C55F-B032-4A00-BBF8-75987A105382} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation) Task: {73E50146-7B30-43E6-8447-744D2D91CE95} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {89B318D4-9BC8-4DD4-BBF6-7B4CC5970546} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2018-07-19] (Microsoft Corporation) Task: {A12CB7FD-723D-41AC-9AEB-1FED5DE9E690} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-13] (Google Inc.) Task: {AC34EEE1-55F9-4F00-A9DE-4F94ED486457} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2018-09-25] (Advanced Micro Devices, Inc.) Task: {B055D9D5-B3A1-4940-B213-58F3809D3CC6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-10] (Piriform Ltd) Task: {B4A6FBC1-55D3-4BFA-BD36-72E46CC52D6C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {BFF63EF7-8056-41BF-8011-F225C745116D} - System32\Tasks\Opera scheduled Autoupdate 1539165143 => C:\Users\Abdul\AppData\Local\Programs\Opera\launcher.exe [2018-10-05] (Opera Software) Task: {C93D37E3-4E65-4768-AAE5-36F06F1E5CC7} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [2018-09-25] (Advanced Micro Devices, Inc.) Task: {D3CD6B1A-1863-41C3-BF47-6A43FC8DA481} - System32\Tasks\AdobeAAMUpdater-1.0-Abdul-PC-Abdul => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-26] (Adobe Systems Incorporated) Task: {DD0C107C-8C4C-4DF9-8B26-5F7C9C25FAE8} - System32\Tasks\EVEREST AutoStart => C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe [2010-03-31] (Lavalys, Inc.) Task: {F71307D5-5D2B-462F-B985-3532625962A8} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2018-03-19] () (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Abdul\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-extensions ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-extensions ==================== Loaded Modules (Whitelisted) ============== 2018-08-13 13:45 - 2018-05-28 18:05 - 000037376 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\WinDivert.dll 2018-08-14 03:19 - 2018-08-14 03:19 - 004565504 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\DiscSoft.NET.Common\35a32d2fdea9f6e6bdc2924ce7609b81\DiscSoft.NET.Common.ni.dll 2018-08-14 03:21 - 2018-08-14 03:21 - 003156992 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\DotNetCommon\a2b26280cd49d4bb1343783ea5ab8611\DotNetCommon.ni.dll 2018-08-10 13:56 - 2018-08-10 13:56 - 000067584 _____ () C:\Program Files\DAEMON Tools Lite\ToastNotificationControl.dll 2018-08-13 13:45 - 2017-04-13 12:42 - 002158592 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avformat-57.dll 2018-08-13 13:45 - 2017-04-13 12:42 - 012242432 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avcodec-57.dll 2018-08-13 13:45 - 2017-04-13 12:42 - 000138752 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swresample-2.dll 2018-08-13 13:45 - 2017-04-13 12:42 - 000485376 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avutil-55.dll 2018-08-13 13:45 - 2017-04-13 12:42 - 001825792 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avfilter-6.dll 2018-08-13 13:45 - 2017-04-13 12:42 - 000662016 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swscale-4.dll 2018-08-13 13:45 - 2017-04-13 12:46 - 069740544 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libcef.dll 2018-08-13 13:45 - 2017-11-30 18:02 - 002521088 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libglesv2.dll 2018-08-13 13:45 - 2017-11-30 18:02 - 000015360 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libegl.dll 2018-08-13 14:33 - 2005-04-22 06:36 - 000143360 _____ () C:\Windows\system32\BrSNMP64.dll 2018-10-12 07:19 - 2018-10-10 06:17 - 001056032 _____ () D:\Steam\bin\cef\cef.win7x64\SDL2.dll 2018-10-12 07:18 - 2018-09-23 02:00 - 102804768 _____ () D:\Steam\bin\cef\cef.win7x64\libcef.dll 2018-10-12 07:18 - 2018-09-23 02:00 - 004866336 _____ () D:\Steam\bin\cef\cef.win7x64\libglesv2.dll 2018-10-12 07:18 - 2018-09-23 02:00 - 000116000 _____ () D:\Steam\bin\cef\cef.win7x64\libegl.dll 2018-10-12 07:49 - 2018-10-12 07:49 - 000021824 _____ () D:\Origin\QtWebEngineProcess.exe 2018-10-01 10:11 - 2018-09-26 05:17 - 000373640 _____ () C:\Windows\SysWOW64\GameManager32.dll 2018-09-24 11:37 - 2018-10-10 06:17 - 000878880 _____ () D:\Steam\SDL2.dll 2018-09-24 11:36 - 2016-09-01 03:02 - 004969248 _____ () D:\Steam\v8.dll 2018-09-24 11:36 - 2016-09-01 03:02 - 001563936 _____ () D:\Steam\icui18n.dll 2018-09-24 11:36 - 2016-09-01 03:02 - 001195296 _____ () D:\Steam\icuuc.dll 2018-09-24 11:36 - 2018-10-13 03:59 - 002647840 _____ () D:\Steam\video.dll 2018-09-24 11:36 - 2017-12-20 03:43 - 005137696 _____ () D:\Steam\libavcodec-57.dll 2018-09-24 11:36 - 2017-12-20 03:43 - 000847136 _____ () D:\Steam\libavutil-55.dll 2018-09-24 11:36 - 2017-12-20 03:43 - 000695584 _____ () D:\Steam\libavformat-57.dll 2018-09-24 11:36 - 2017-12-20 03:43 - 000351520 _____ () D:\Steam\libavresample-3.dll 2018-09-24 11:36 - 2017-12-20 03:43 - 000783648 _____ () D:\Steam\libswscale-4.dll 2018-09-24 11:37 - 2018-10-13 03:59 - 001023776 _____ () D:\Steam\bin\chromehtml.DLL 2018-09-24 11:36 - 2016-07-05 00:17 - 000266560 _____ () D:\Steam\openvr_api.dll 2018-08-13 17:20 - 2010-06-19 15:04 - 000092704 _____ () C:\Windows\USB_Vibration\3331\EZFRD32.dll 2018-10-12 07:49 - 2018-10-12 07:49 - 000015360 _____ () D:\Origin\libEGL.DLL 2018-10-12 07:49 - 2018-10-12 07:49 - 003090944 _____ () D:\Origin\libGLESv2.dll 2018-08-13 14:32 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2018-10-04 15:55 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2685662787-1516377248-208156778-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Abdul\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.100.252 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. MSCONFIG\startupreg: Google Update Manager => C:\Windows\gmda.exe MSCONFIG\startupreg: XboxStat => "C:\Program Files (x86)\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{D59D9F24-600E-43B3-9FB8-0B271524AF38}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe FirewallRules: [{E944D897-8B12-413D-BFA1-90F84CDEB121}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe FirewallRules: [{82A76C39-F6AF-4AFD-906A-3312C7049CDB}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe FirewallRules: [{40386B65-C92D-43DB-8716-3E2BC9E9B3DB}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{16D12BEC-38AB-4C36-870C-126145F828D8}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{CCEB9F07-5F5D-49D8-B107-AE924E98BFCD}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe FirewallRules: [{7CA4515E-0788-4A21-9B6C-B00E37AB0427}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe FirewallRules: [{FF6C0D92-C309-4528-A4A5-3B225E8FA091}] => (Allow) C:\Program Files (x86)\Brother\Brmfl14d\FAXRX.EXE FirewallRules: [{3EF7102A-346D-48A0-86EC-018D2D70844C}] => (Allow) LPort=54925 FirewallRules: [TCP Query User{DCFADCFF-8850-4596-994C-BE6753EC7547}C:\program files\freedownloadmanager.org\free download manager\fdm.exe] => (Allow) C:\program files\freedownloadmanager.org\free download manager\fdm.exe FirewallRules: [UDP Query User{00A28D0D-A755-4848-866C-431FA24845E5}C:\program files\freedownloadmanager.org\free download manager\fdm.exe] => (Allow) C:\program files\freedownloadmanager.org\free download manager\fdm.exe FirewallRules: [TCP Query User{9A983C54-A5AF-487D-B44E-2599B931EAAF}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe FirewallRules: [UDP Query User{919EAE60-A328-4E5F-A630-B9C92470BB6D}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe FirewallRules: [{E445D826-C961-40C0-995B-8B5F6D151E61}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe FirewallRules: [{AB30D8F3-114C-4B88-92E3-C2F484E3D7E3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe FirewallRules: [{6554DA0C-5CFD-48BA-B8A8-88C6ABFB34E1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{2068355E-CF1C-45DD-9A39-A7C2F9069715}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{AA86C46F-1B2F-40E3-92CB-A20571411E91}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{39152D32-C253-456E-82A7-1CB7AE17E801}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{D6FB2AEE-5FCE-4A80-9A8C-9188A48258B3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{9DED877C-E07D-4D82-8F62-B4014A22070D}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{C3A6731C-7E40-4692-86BB-F1EB755003A8}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{A9AF8859-4883-4159-929F-2A5E6DC9089A}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{F5EA3105-6F61-42A1-BD00-C2EEE83C7AB2}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{F6D2F386-3507-4C45-BF5E-6FAF1136D6E3}] => (Allow) D:\Steam\steamapps\common\WRC 7\WRC7.exe FirewallRules: [{9FB212B6-B4C0-4CC1-91D6-1759A42DD403}] => (Allow) D:\Steam\steamapps\common\WRC 7\WRC7.exe FirewallRules: [TCP Query User{72CEAA3F-E3DD-441A-BC27-3B35E4447F96}D:\wolfenstein - the new order\wolfneworder_x64.exe] => (Block) D:\wolfenstein - the new order\wolfneworder_x64.exe FirewallRules: [UDP Query User{8B5C69D4-ABB4-4EA3-9652-B40F83979D7C}D:\wolfenstein - the new order\wolfneworder_x64.exe] => (Block) D:\wolfenstein - the new order\wolfneworder_x64.exe FirewallRules: [{F061A9D4-1406-4E88-9B67-BDB42A890E78}] => (Allow) D:\NFS Payback\Need for Speed Payback\NeedForSpeedPaybackTrial.exe FirewallRules: [{7DA81971-5E10-426C-8226-1D4CFE56F9CB}] => (Allow) D:\NFS Payback\Need for Speed Payback\NeedForSpeedPaybackTrial.exe FirewallRules: [{D3F8CF42-A4D4-4620-BB38-9D7250BA18B2}] => (Allow) D:\NFS Payback\Need for Speed Payback\NeedForSpeedPayback.exe FirewallRules: [{8AAA66B3-213D-45C4-9660-77C307BBAD08}] => (Allow) D:\NFS Payback\Need for Speed Payback\NeedForSpeedPayback.exe FirewallRules: [TCP Query User{C3D2208E-66EE-474A-9564-F8138B3F87A1}D:\battlefield 4\bf4.exe] => (Block) D:\battlefield 4\bf4.exe FirewallRules: [UDP Query User{EBF73B9D-ECF3-43EB-B76A-02A1629AAAC6}D:\battlefield 4\bf4.exe] => (Block) D:\battlefield 4\bf4.exe FirewallRules: [TCP Query User{655808CB-1A75-4098-8972-1C6E3F64B1F2}D:\battlefield hardline\bfh.exe] => (Block) D:\battlefield hardline\bfh.exe FirewallRules: [UDP Query User{AB860F29-09A2-4387-956B-7A00CE7AE6E8}D:\battlefield hardline\bfh.exe] => (Block) D:\battlefield hardline\bfh.exe FirewallRules: [{7821B93D-36F2-46DD-94BD-95FCC8DC7A5F}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{E9D019A2-0DB7-493E-BD21-0FF9ABBC3470}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe ==================== Restore Points ========================= 08-10-2018 10:06:10 Windows Update 11-10-2018 18:00:12 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 11-10-2018 20:38:24 Windows Update 12-10-2018 13:59:50 Installed OSCAR Editor 12-10-2018 17:55:15 Configured OSCAR Editor ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/13/2018 09:39:57 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/13/2018 09:00:18 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/13/2018 06:50:28 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (10/13/2018 06:42:06 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/12/2018 03:44:24 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/12/2018 01:26:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: bfh.exe, version: 1.1.0.5, time stamp: 0x55a70766 Faulting module name: bfh.exe, version: 1.1.0.5, time stamp: 0x55a70766 Exception code: 0xc0000005 Fault offset: 0x00000000037ff4b0 Faulting process id: 0x12c8 Faulting application start time: 0x01d4621e410fd016 Faulting application path: D:\Battlefield Hardline\bfh.exe Faulting module path: D:\Battlefield Hardline\bfh.exe Report Id: b7baca23-ce11-11e8-bac3-20cf30f2a5a7 Error: (10/12/2018 01:01:22 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/12/2018 07:32:22 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. System errors: ============= Error: (10/13/2018 09:38:25 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom Error: (10/13/2018 08:59:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (10/13/2018 08:59:15 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. Error: (10/13/2018 08:58:48 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom Error: (10/13/2018 06:40:37 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom Error: (10/12/2018 03:42:54 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom Error: (10/12/2018 03:42:41 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x000000fe (0x0000000000000008, 0x0000000000000006, 0x0000000000000006, 0xfffffa8007ad3640). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101218-11185-01. Error: (10/12/2018 12:59:53 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom CodeIntegrity: =================================== Date: 2018-08-21 15:48:38.542 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\AsInsHelp64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-08-21 15:48:38.508 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\AsInsHelp64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-08-21 15:48:03.330 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\AsInsHelp64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-08-21 15:48:03.296 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\AsInsHelp64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Quad CPU Q9550 @ 2.83GHz Percentage of memory in use: 27% Total physical RAM: 8191.12 MB Available physical RAM: 5938.43 MB Total Virtual: 16380.42 MB Available Virtual: 13317.05 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.69 GB) (Free:60.06 GB) NTFS Drive d: (Nowy) (Fixed) (Total:223.58 GB) (Free:62.71 GB) NTFS Drive e: (Seagate 1TB) (Fixed) (Total:931.51 GB) (Free:36.75 GB) NTFS \\?\Volume{1621d53f-9ee4-11e8-97b4-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 000281F7) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 8F175926) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 8D695392) Partition 1: (Not Active) - (Size=223.6 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================