Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-04-2017 Ran by Szymon (21-04-2017 17:14:19) Running from C:\Users\Szymon\Downloads Windows 7 Ultimate Service Pack 1 (X64) (2016-10-30 11:04:13) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1985022496-2657986825-1099666431-500 - Administrator - Disabled) Guest (S-1-5-21-1985022496-2657986825-1099666431-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1985022496-2657986825-1099666431-1003 - Limited - Enabled) Szymon (S-1-5-21-1985022496-2657986825-1099666431-1000 - Administrator - Enabled) => C:\Users\Szymon ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1985022496-2657986825-1099666431-1000\...\uTorrent) (Version: 3.4.9.43388 - BitTorrent Inc.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.) Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 17.3.2291 - AVAST Software) Badanie mające na celu poprawę produktów HP Deskjet 1510 series (HKLM\...\{201842BD-6AB0-422A-9A01-DD1DA9BC03B9}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) Bloody6 (HKLM-x32\...\Bloody3) (Version: 16.12.0020 - Bloody) Catalyst Control Center Next Localization BR (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform) CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien) DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 6.0.0.0445 - Disc Soft Ltd) Deluxe Ski Jump 3 v1.7.0 (HKLM-x32\...\Deluxe Ski Jump 3_is1) (Version: 1.7.0 - Mediamond Tmi) Deluxe Ski Jump 4 (HKLM-x32\...\Deluxe Ski Jump 4_is1) (Version: 1.6.1 - Mediamond Tmi) Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software) FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.44.20513.9 - Electronic Arts) FM Genie Scout 17 version 1.0 17.1.2 beta 8 (HKLM-x32\...\FM Genie Scout 17_is1) (Version: 1.0 17.1.2 beta 8 - ) FMRTE 17.2.1.14 (HKLM\...\{72A84F14-6742-48AD-9B14-E9C1BE155F7A}_is1) (Version: 17.2.1.14 - FMRTE) Football Manager 2017 (HKLM\...\Steam App 482730) (Version: - Sports Interactive) Football Manager 2017 Editor (HKLM\...\Steam App 482850) (Version: - ) Fraps (HKLM-x32\...\Fraps) (Version: - ) Free Auto Clicker 4.1.6 (HKLM-x32\...\Free Auto Clicker_is1) (Version: - FreeAutoClicker Co., Ltd.) Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 2.5.0.0 - Genesys Logic) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.) Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden HP Deskjet 1510 series — podstawowe oprogramowanie urządzenia (HKLM\...\{021AA127-6B6D-46EF-9697-5089FA686FB6}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP Deskjet 1510 series Pomoc (HKLM-x32\...\{065AAC3B-F0A7-4D13-A40B-3133D319E4EB}) (Version: 30.0.0 - Hewlett Packard) HP Support Solutions Framework (HKLM-x32\...\{DCF221F2-7258-42E7-8DEE-5794DC2258CA}) (Version: 12.5.32.203 - HP Inc.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Intel(R) Chipset Device Software (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation) IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan) Malwarebytes Anti-Malware wersja 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation) Microsoft .NET Framework 4.6.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.6.01590 - Microsoft Corporation) Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0415-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.3 - Notepad++ Team) OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 1.39 - LG Electronics Inc) OpenOffice 4.0.1 (HKLM-x32\...\{DA0106A3-216E-48DE-9CF6-655DA8FC1D22}) (Version: 4.01.9714 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 10.4.6.33873 - Electronic Arts, Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8004 - Realtek Semiconductor Corp.) Revo Uninstaller Pro 3.1.9 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.9 - VS Revo Group, Ltd.) SafeZone Stable 3.55.2393.596 (x32 Version: 3.55.2393.596 - Avast Software) Hidden SHU (HKLM-x32\...\{DF11DD92-DBB8-4F3F-9564-A8BBDBE986F5}_is1) (Version: 1.0 - ScreenShu Software) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) vs2015_redist x86 (x32 Version: 1.0.0.0 - Realnetworks) Hidden Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.) WinRAR 5.40 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) Wise Auto Shutdown 1.54 (HKLM-x32\...\Wise Auto Shutdown_is1) (Version: 1.54 - WiseCleaner.com, Inc.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1985022496-2657986825-1099666431-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-1985022496-2657986825-1099666431-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-1985022496-2657986825-1099666431-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-1985022496-2657986825-1099666431-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-1985022496-2657986825-1099666431-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-1985022496-2657986825-1099666431-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {148036C0-CD6D-4417-B127-5F09D27B1333} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.) Task: {19E8F90D-CA72-4F14-A8E5-9E026275A057} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.) Task: {2D47C0CA-6DA5-4FB1-A5D2-CC793612D310} - System32\Tasks\SafeZone scheduled Autoupdate 1491029458 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software) Task: {5AFAAC94-9526-45DE-8604-80317283EA8F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated) Task: {6630A2A5-FEFD-4FB3-BD7F-CE60F0E54A0F} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-13] (AVAST Software) Task: {6C114186-424A-4546-AA18-19C2D7E82D46} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2017-01-13] (Advanced Micro Devices, Inc.) Task: {6F4E519C-0D6F-4ED4-A0C2-B19CA452955C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-04-01] (AVAST Software) Task: {73949858-03A4-4E0A-84B2-BF29FCA62BA5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.) Task: {AB54B0B8-A37E-4952-8DAD-96C1475B85F0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-19] (Google Inc.) Task: {D4E803BE-740D-4CC6-8110-608E8296B112} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-15] (Piriform Ltd) Task: {D5C0B723-B396-42A6-89EB-6AABD0E1C2C0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-19] (Google Inc.) Task: {EC2B80DB-9948-424D-B616-E8CA8968118C} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-01-13] (Advanced Micro Devices, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-09-14 03:20 - 2016-09-14 03:20 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2016-09-14 03:20 - 2016-09-14 03:20 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2016-09-14 03:20 - 2016-09-14 03:20 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2016-09-14 03:20 - 2016-09-14 03:20 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2016-09-14 03:20 - 2016-09-14 03:20 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll 2016-09-14 03:20 - 2016-09-14 03:20 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2016-09-14 03:20 - 2016-09-14 03:20 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll 2016-01-06 18:41 - 2016-01-06 18:41 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll 2016-04-15 20:07 - 2016-04-15 20:07 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2017-04-19 19:50 - 2017-03-29 10:47 - 02885464 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll 2017-04-19 19:50 - 2017-03-29 10:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll 2017-04-01 08:48 - 2017-04-01 08:48 - 00162024 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll 2017-04-01 08:48 - 2017-04-01 08:48 - 00790544 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll 2017-04-01 08:48 - 2017-04-01 08:48 - 00275776 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll 2017-04-01 08:48 - 2017-04-01 08:48 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-04-01 08:48 - 2017-04-01 08:48 - 00176480 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-04-20 22:49 - 2017-04-20 22:49 - 05917184 _____ () C:\Program Files\AVAST Software\Avast\defs\17042010\algo.dll 2017-04-01 08:48 - 2017-04-01 08:48 - 00653520 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2017-04-01 08:48 - 2017-04-01 08:48 - 00230632 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll 2017-04-01 08:48 - 2017-04-01 08:48 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-04-01 08:48 - 2017-04-01 08:48 - 00293936 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2016-10-26 00:00 - 2017-01-13 19:10 - 00240008 _____ () C:\Windows\SysWOW64\GameManager32.dll 2016-10-31 09:09 - 2017-03-10 02:13 - 00674592 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2016-10-31 09:09 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2016-10-31 09:09 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2016-10-31 09:09 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2016-10-31 09:09 - 2017-03-23 02:52 - 02465056 _____ () C:\Program Files (x86)\Steam\video.dll 2016-10-31 09:09 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2016-10-31 09:09 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2016-10-31 09:09 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2016-10-31 09:09 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2016-10-31 09:09 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2016-10-31 09:09 - 2017-03-31 00:46 - 00848672 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-12-13 09:47 - 2017-01-30 23:41 - 68875552 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll 2016-10-31 09:09 - 2017-03-23 02:52 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll 2016-10-30 14:10 - 2000-01-01 02:00 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2016-11-20 09:18 - 00000830 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1985022496-2657986825-1099666431-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Szymon\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\startupfolder: C:^Users^Szymon^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Powiadomienia monitorowania tuszu - HP Deskjet 1510 series.lnk => C:\Windows\pss\Powiadomienia monitorowania tuszu - HP Deskjet 1510 series.lnk.Startup MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 MSCONFIG\startupreg: OnScreen Control => C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s MSCONFIG\startupreg: SHU => "C:\Program Files (x86)\SHU\SHU.exe" silent MSCONFIG\startupreg: UMonit => C:\Windows\SysWOW64\UMonit.exe MSCONFIG\startupreg: uTorrent => "C:\Users\Szymon\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{4C8B8207-C9F4-46FE-B9DE-B2F71D32EF61}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe FirewallRules: [{F16A72E9-3BA7-47FD-99A4-00200C3F85CD}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{4F5BEE52-FA8B-47B5-AE32-DFF25EF2919A}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe FirewallRules: [{D3557723-E242-4F31-A19A-1360E01F9C4F}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe FirewallRules: [TCP Query User{2F461F31-28C2-4B55-A218-039BBCA1F97E}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe FirewallRules: [UDP Query User{5C553DD9-6BDA-4E17-8D7C-EE8B6625C361}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe FirewallRules: [{D4428B74-7B2D-42C0-AFC9-BF6E1DE98D3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2017\fm.exe FirewallRules: [{EFA9345A-E28B-4258-A8AC-2762FA7FA2AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2017\fm.exe FirewallRules: [{BE32B313-611D-4B26-B781-059D4DCF6F30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2017 Editor\editor.exe FirewallRules: [{AB546A21-84D2-44B3-A555-83A43556A82E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2017 Editor\editor.exe FirewallRules: [{6E3333DD-DC55-4DA5-9F96-97B09101661F}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe FirewallRules: [{AE6E17E6-60FE-48FD-895C-1D8FE2505626}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe FirewallRules: [TCP Query User{B14FBE42-EA18-42C3-B622-2C121C2B1B44}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe FirewallRules: [UDP Query User{DA653D3A-8562-4371-81E7-513FD6F72D8B}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe FirewallRules: [TCP Query User{F9C8F4E1-4FFF-42BF-AE30-91CE09AF7020}C:\braca soft\fmrte 17\amped.exe] => (Allow) C:\braca soft\fmrte 17\amped.exe FirewallRules: [UDP Query User{F89E8110-7898-4506-898C-BC9000159C55}C:\braca soft\fmrte 17\amped.exe] => (Allow) C:\braca soft\fmrte 17\amped.exe FirewallRules: [{22BE9E4E-BBFE-49A5-A7C3-60A6CA7952D4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{5A9DD68B-D106-41FC-AC9E-72C927F8A898}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{C1009ED0-CF9A-49C1-A963-83CCFDCC4719}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{816A385D-0A1C-4125-8C6D-8061D06F7A8A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{4FA915BE-DE8A-4B5A-958B-11442499E762}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe FirewallRules: [{212DCA52-2C37-46DD-97DB-BDED075DFFDC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 19-04-2017 19:15:15 Revo Uninstaller Pro's restore point - Google Chrome 19-04-2017 19:54:16 Windows Update ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (04/21/2017 05:02:59 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (04/21/2017 04:56:20 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (04/21/2017 03:40:26 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (04/21/2017 03:34:15 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (04/21/2017 03:28:51 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "c:\program files\amd\cim\bin64\SetACL64.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (04/21/2017 03:26:15 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (04/20/2017 02:49:56 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (04/20/2017 07:07:30 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "c:\program files\amd\cim\bin64\SetACL64.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (04/20/2017 07:07:25 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "c:\program files\amd\cim\bin64\SetACL64.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (04/20/2017 06:58:50 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. System errors: ============= Error: (04/21/2017 05:04:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Apple Notifications Service zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego modułu. Error: (04/21/2017 05:02:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Origin Web Helper Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (04/21/2017 05:02:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Origin Web Helper Service. Error: (04/21/2017 04:58:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Apple Notifications Service zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego modułu. Error: (04/21/2017 04:56:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Origin Web Helper Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (04/21/2017 04:56:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Origin Web Helper Service. Error: (04/21/2017 04:05:02 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Przeglądarka główna odebrała anons serwera z komputera USER-KOMPUTER. Komputer ten zachowuje się tak, jakby był przeglądarką główną dla domeny w transporcie NetBT_Tcpip_{2D78C954-F5F9-4395-97DB-B5839825A40F}. Przeglądarka główna właśnie jest zatrzymywana albo wymuszany jest wybór. Error: (04/21/2017 03:53:01 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Przeglądarka główna odebrała anons serwera z komputera USER-KOMPUTER. Komputer ten zachowuje się tak, jakby był przeglądarką główną dla domeny w transporcie NetBT_Tcpip_{2D78C954-F5F9-4395-97DB-B5839825A40F}. Przeglądarka główna właśnie jest zatrzymywana albo wymuszany jest wybór. Error: (04/21/2017 03:42:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Apple Notifications Service zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego modułu. Error: (04/21/2017 03:40:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Origin Web Helper Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz Percentage of memory in use: 32% Total physical RAM: 8137.43 MB Available physical RAM: 5490.61 MB Total Virtual: 16273.05 MB Available Virtual: 13417.01 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.25 GB) (Free:24.2 GB) NTFS Drive d: () (Fixed) (Total:83.24 GB) (Free:65.65 GB) NTFS Drive e: () (Fixed) (Total:107.42 GB) (Free:76.77 GB) NTFS Drive f: () (Fixed) (Total:107.42 GB) (Free:51.46 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 298.1 GB) (Disk ID: 20252024) Partition 1: (Active) - (Size=83.2 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=214.8 GB) - (Type=OF Extended) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: D45559F3) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ==================== End of Addition.txt ============================