Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018 Ran by Artur Machnicki (30-03-2018 18:48:30) Running from D:\Firefox Download Windows 7 Professional Service Pack 1 (X64) (2016-02-15 14:10:05) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3532491921-2668913716-1004277442-500 - Administrator - Disabled) Artur Machnicki (S-1-5-21-3532491921-2668913716-1004277442-1000 - Administrator - Enabled) => C:\Users\Artur Machnicki Guest (S-1-5-21-3532491921-2668913716-1004277442-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F} AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3532491921-2668913716-1004277442-1000\...\uTorrent) (Version: 3.5.3.44358 - BitTorrent Inc.) ACDSee Pro 3 (HKLM-x32\...\{1B280FAF-AE10-4E31-A41A-DB3917D651DC}) (Version: 3.0.355 - ACD Systems International Inc.) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated) Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.113 - Adobe Systems Incorporated) Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated) AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.01.26 - ASUSTeK Computer Inc.) AO Help (HKLM-x32\...\{D25B5189-FD08-4985-BF86-A52457A7A0A5}) (Version: 1.2.23.231 - ASUS) Hidden AO Help (HKLM-x32\...\InstallShield_{D25B5189-FD08-4985-BF86-A52457A7A0A5}) (Version: 1.2.23.231 - ASUS) Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{DF6C3726-7E53-4772-9763-E9F147769F51}) (Version: 3.1.6.0000 - Asmedia Technology) Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.24.0 - Asmedia Technology) ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.22 - ASUSTeK Computer Inc.) ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.030 - ASUSTek Computer Inc.) Avira (HKLM-x32\...\{5269e51a-b619-4c55-8a5c-8c7eaf27e6cf}) (Version: 1.2.108.24268 - Avira Operations GmbH & Co. KG) Avira (HKLM-x32\...\{DBA89A98-6FF1-4FE3-8147-69DD2C5DE889}) (Version: 1.2.108.24268 - Avira Operations GmbH & Co. KG) Hidden Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.34.27 - Avira Operations GmbH & Co. KG) Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG) CDDRV_Installer (HKLM\...\{0C826C5B-B131-423A-A229-C71B3CACCD6A}) (Version: 4.60 - Logitech) Hidden Disk Unlocker (HKLM-x32\...\{AE4DB5AB-CD91-4D63-8AD5-33EBADCCC4F2}) (Version: 2.1.3 - ASUSTek Computer Inc.) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.77 - NVIDIA Corporation) Hidden Dragon Age: Inquisition (HKLM-x32\...\Dragon Age: Inquisition_is1) (Version: - ) erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.12.0117 - Logitech, Inc.) Hidden FastStone Image Viewer 5.9 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.9 - FastStone Soft) FIFA 17 (HKLM-x32\...\FIFA 17_is1) (Version: - ) foobar2000 v1.3.9 (HKLM-x32\...\foobar2000) (Version: 1.3.9 - Peter Pawlowski) Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1163 - Intel Corporation) Intel(R) Network Connections 20.2.3001.0 (HKLM\...\PROSetDX) (Version: 20.2.3001.0 - Intel) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation) KhalInstallWrapper (HKLM\...\{F3F18612-7B5D-4C05-86C9-AB50F6F71727}) (Version: 4.60.122 - Logitech) Hidden LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.0.4 - LG Electronics) LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics) LG United Mobile Drivers (HKLM-x32\...\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}) (Version: 3.14.1 - LG Electronics) LG USB WML Modem Driver (HKLM-x32\...\{FBA0CA60-8BF2-4381-B819-74F020E165A9}) (Version: 1.0 - LG Electronics) Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.60 - Logitech) Lucas Chess v. 10.08 (HKLM-x32\...\El ajedrez de Lucas_is1) (Version: - ) Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 59.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 59.0.2.6656 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) NVIDIA 3D Vision Driver 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 390.77 - NVIDIA Corporation) NVIDIA Graphics Driver 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.77 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation) NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) Potplayer-64 Bits (HKLM\...\PotPlayer64) (Version: - Kakao Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7592 - Realtek Semiconductor Corp.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.) Turbo LAN v9.65 (HKLM\...\Turbo LAN) (Version: 9.65 - cFos Software GmbH, Bonn) Vikings Wolves of Midgard v. 2.0.2 (HKLM-x32\...\Vikings Wolves of Midgard_is1) (Version: - ) Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E9}) (Version: 19.5.11475 - WinZip Computing, S.L. ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-12-16] (Avira Operations GmbH & Co. KG) ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-04-22] (WinZip Computing, S.L.) ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-04-22] (WinZip Computing, S.L.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-01-24] (NVIDIA Corporation) ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-12-16] (Avira Operations GmbH & Co. KG) ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-04-22] (WinZip Computing, S.L.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {08784D46-FB2C-49BD-818D-67D70F6DCE79} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.) Task: {09CFDAD4-B0F3-411C-95F4-3E2A8837DFD2} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2015-08-06] (ASUSTeK Computer Inc.) Task: {1E9ED6B7-59CD-441F-B329-87903D33494E} - System32\Tasks\ASUS\TUFDetectiveServer => C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar 2\TUFDetectiveServer.exe [2015-09-03] (ASUSTek Computer Inc.) Task: {310F6A1C-9B42-4C74-A0EE-A99AC224EB53} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG) Task: {3E18B5AA-5556-4750-99C5-013EC94D27F5} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [2014-05-28] (ASUSTeK Computer Inc.) Task: {43773C77-15E8-4B4D-9813-1E90A217AFF3} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar 2\GpuFanHelper.exe [2015-09-03] (TODO: ) Task: {5067EF2A-0CDF-4A91-BF3A-2D21B7ED460A} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] () Task: {613F0BF3-E050-4885-9647-A99A4887439B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_Plugin.exe [2018-03-14] (Adobe Systems Incorporated) Task: {62C29A06-D9A2-46EA-B341-50FEC1C9E9DB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-01-17] (Adobe Systems Incorporated) Task: {99C5EFF0-DF3B-4CDB-B641-B53C062CBAD5} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2016-01-06] (Symantec Corporation) Task: {A341F968-637A-4F47-8995-96CFA9EB9DFC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-03-14] (Adobe Systems Incorporated) Task: {C0ED5D86-EB29-46A1-81CE-1949AB249800} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-02-14] (Avira Operations GmbH & Co. KG) Task: {F9D3D547-B322-44C3-8BC0-B6CF03224DBA} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2015-08-31] () (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2018-01-31 19:13 - 2018-01-24 02:19 - 000544240 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll 2016-02-15 17:58 - 2015-08-31 15:25 - 001460176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe 2016-02-15 17:17 - 2008-05-02 05:00 - 000077824 _____ () C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe 2015-05-08 08:26 - 2015-05-08 08:26 - 000936728 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe 2016-02-15 16:20 - 2014-04-24 08:29 - 001360016 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe 2016-02-15 17:58 - 2015-05-14 10:18 - 001075712 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe 2016-02-15 17:58 - 2014-08-28 11:37 - 000033424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe 2016-02-15 17:58 - 2015-09-03 12:29 - 000040032 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar 2\ASUSRelayWS.exe 2017-09-27 04:31 - 2017-07-12 16:14 - 000010752 _____ () D:\FIFA 17\stp-origin_emu.dll 2018-03-14 11:48 - 2018-03-14 11:48 - 027809280 _____ () C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_113.dll 2016-02-15 17:57 - 2015-06-03 17:17 - 000091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll 2016-02-15 17:57 - 2015-06-03 17:17 - 000147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll 2016-02-15 17:58 - 2015-02-09 18:53 - 000872960 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll 2016-02-15 17:58 - 2015-05-21 23:57 - 001141248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll 2016-02-15 17:58 - 2015-08-28 14:48 - 001345024 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Mobo Connect\MoboConnect.dll 2016-02-15 17:58 - 2015-09-03 15:00 - 002695168 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar 2\ThermalRadar2.dll 2016-02-15 17:57 - 2015-07-23 22:38 - 000838456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll 2016-02-15 17:58 - 2015-09-03 05:26 - 000053248 ____R () C:\Program Files (x86)\ASUS\VGA COM\1.00.17\Exeio.dll 2016-02-15 17:58 - 2015-09-03 05:26 - 000278528 ____R () C:\Program Files (x86)\ASUS\VGA COM\1.00.17\Vender.dll 2016-02-15 17:57 - 2015-05-08 08:26 - 000662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll 2016-02-15 17:59 - 2012-01-19 10:39 - 000028672 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\PEInfo.dll 2016-02-15 17:57 - 2015-06-03 17:17 - 000208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ImageHelper.dll 2016-02-15 17:57 - 2015-06-03 17:17 - 000253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\pngio.dll 2016-02-15 17:59 - 2010-02-25 15:01 - 000139264 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\Aszip.dll 2016-02-15 17:59 - 2015-05-07 17:27 - 000237568 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\EzULIB.dll 2016-02-15 17:58 - 2015-05-08 15:26 - 000662016 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar 2\aaHMLib.dll 2016-02-15 17:58 - 2015-08-31 15:21 - 000237568 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll 2016-02-15 17:58 - 2015-08-14 12:23 - 000621056 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\UIImprovmentHelper.dll 2016-02-15 17:58 - 2014-02-24 18:49 - 000208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll 2016-02-15 16:20 - 2018-03-30 14:08 - 000043816 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll 2016-02-15 16:20 - 2015-05-08 08:26 - 000104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll 2016-02-15 17:58 - 2013-11-20 11:10 - 000662016 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\aaHMLib.dll 2016-02-15 17:58 - 2013-07-02 11:40 - 000253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\pngio.dll 2015-08-14 03:17 - 2015-08-14 03:17 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3532491921-2668913716-1004277442-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Artur Machnicki\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 62.179.1.62 - 62.179.1.63 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [TCP Query User{BEB31667-7176-4E1B-A8E1-8A35E853CE3E}C:\users\artur machnicki\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\artur machnicki\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{F7D9697C-4D61-4378-BD12-B33D0614627A}C:\users\artur machnicki\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\artur machnicki\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{E8665DE3-F596-4CE3-B408-50392E5323D2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6A6009D5-35F6-419D-A118-28512E6640B1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{FBA8E737-FAE7-40C3-BE54-36372E66DB8F}D:\sword coast legends\swordcoast.exe] => (Block) D:\sword coast legends\swordcoast.exe FirewallRules: [UDP Query User{363A86E7-FAF1-41E0-B4C7-7D2F6FC89642}D:\sword coast legends\swordcoast.exe] => (Block) D:\sword coast legends\swordcoast.exe FirewallRules: [{50C23317-F357-4DF4-833A-CFF6DA004B59}] => (Allow) C:\Users\Artur Machnicki\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4EDF9A75-7A33-4B9E-9F3C-C6332274D7E4}] => (Allow) C:\Users\Artur Machnicki\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{F4B59171-0422-4540-A021-78CFA0611B2B}D:\the long journey home\tljh\binaries\win64\tljh-win64-shipping.exe] => (Block) D:\the long journey home\tljh\binaries\win64\tljh-win64-shipping.exe FirewallRules: [UDP Query User{F2812ECA-0ED3-467B-9EB7-F7D339E1FA68}D:\the long journey home\tljh\binaries\win64\tljh-win64-shipping.exe] => (Block) D:\the long journey home\tljh\binaries\win64\tljh-win64-shipping.exe FirewallRules: [TCP Query User{6D38CB63-BD34-4B1B-B3B1-6FFE6BF3EA80}D:\fifa 17\fifa17.exe] => (Block) D:\fifa 17\fifa17.exe FirewallRules: [UDP Query User{2223FC7B-D83F-413B-9102-DB945ECB25EE}D:\fifa 17\fifa17.exe] => (Block) D:\fifa 17\fifa17.exe FirewallRules: [TCP Query User{8A91D75B-870A-4326-B174-101CCA5F8C0A}D:\battlefield 1\bf1.exe] => (Block) D:\battlefield 1\bf1.exe FirewallRules: [UDP Query User{86C21843-C2DF-4FF8-BDB9-90B5B7B66F92}D:\battlefield 1\bf1.exe] => (Block) D:\battlefield 1\bf1.exe FirewallRules: [TCP Query User{FCBE978C-B3D4-494A-A2F0-A40ED780A0EC}D:\doom\doomx64.exe] => (Block) D:\doom\doomx64.exe FirewallRules: [UDP Query User{C4DCCC99-7363-4E4F-941F-39BD89F4BBCD}D:\doom\doomx64.exe] => (Block) D:\doom\doomx64.exe FirewallRules: [TCP Query User{7BD58A7A-92CC-400F-B24A-C4D28426AD36}D:\vikings - wolves of midgard\vikings.exe] => (Block) D:\vikings - wolves of midgard\vikings.exe FirewallRules: [UDP Query User{88608FC6-0632-4F1A-A108-2C8E719B3143}D:\vikings - wolves of midgard\vikings.exe] => (Block) D:\vikings - wolves of midgard\vikings.exe FirewallRules: [TCP Query User{EB461CC7-FCD9-4FEF-9486-C4BB5C8330AD}D:\vikings wolves of midgard\vikings.exe] => (Block) D:\vikings wolves of midgard\vikings.exe FirewallRules: [UDP Query User{6E04D20D-D34E-483B-AD54-8BB0BF73D189}D:\vikings wolves of midgard\vikings.exe] => (Block) D:\vikings wolves of midgard\vikings.exe FirewallRules: [{2C68D169-1CF4-4F80-9C1E-DAD565778620}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe FirewallRules: [{2F803895-EB87-40AA-87D7-3D49D17CA5C2}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe FirewallRules: [{E29B43DD-2577-4A7F-950D-84DED63CE63B}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar 2\TUFDetectiveServer.exe FirewallRules: [{AE29F248-7907-4218-9D41-6B91EA2B7A4C}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar 2\TUFDetectiveServer.exe ==================== Restore Points ========================= 25-03-2018 11:48:08 Scheduled Checkpoint 30-03-2018 10:00:42 Windows Update ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/30/2018 02:08:46 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Error: (03/30/2018 09:35:09 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Error: (03/29/2018 09:53:42 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Error: (03/29/2018 09:33:38 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Error: (03/28/2018 07:52:12 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Error: (03/27/2018 02:38:54 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Error: (03/27/2018 09:36:10 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Error: (03/26/2018 07:12:47 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. System errors: ============= Error: (03/30/2018 01:40:49 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: The server {752073A1-23F2-4396-85F0-8FDB879ED0ED} did not register with DCOM within the required timeout. Error: (03/30/2018 01:40:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Modules Installer service terminated with the following error: Access is denied. Error: (03/27/2018 03:36:34 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 20. Error: (03/22/2018 09:06:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Avira Real-Time Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. Error: (03/15/2018 10:10:33 AM) (Source: i8042prt) (EventID: 50) (User: ) Description: The ISR has detected an internal state error in the driver for the PS/2 pointing device. Error: (03/15/2018 10:10:33 AM) (Source: i8042prt) (EventID: 50) (User: ) Description: The ISR has detected an internal state error in the driver for the PS/2 pointing device. Error: (03/15/2018 10:10:33 AM) (Source: i8042prt) (EventID: 50) (User: ) Description: The ISR has detected an internal state error in the driver for the PS/2 pointing device. Error: (03/15/2018 10:10:33 AM) (Source: i8042prt) (EventID: 50) (User: ) Description: The ISR has detected an internal state error in the driver for the PS/2 pointing device. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz Percentage of memory in use: 53% Total physical RAM: 16322.89 MB Available physical RAM: 7543.85 MB Total Virtual: 32643.96 MB Available Virtual: 21368.59 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:223.47 GB) (Free:133.62 GB) NTFS Drive d: () (Fixed) (Total:931.51 GB) (Free:363.43 GB) NTFS \\?\Volume{4ea7d546-d3ed-11e5-a068-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 7591DBFD) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 7591DBF0) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================