Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.07.2018 Ran by Zlom (15-07-2018 13:50:19) Running from C:\Users\Zlom\Desktop Windows 7 Ultimate Service Pack 1 (X64) (2017-03-08 14:49:14) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2353404216-3694727248-3923976481-500 - Administrator - Disabled) Guest (S-1-5-21-2353404216-3694727248-3923976481-501 - Limited - Disabled) Zlom (S-1-5-21-2353404216-3694727248-3923976481-1000 - Administrator - Enabled) => C:\Users\Zlom ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.94 - NVIDIA Corporation) Hidden Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software) CCleaner (HKLM\...\CCleaner) (Version: 5.33 - Piriform) <==== ATTENTION CPUID CPU-Z 1.85 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.85 - CPUID, Inc.) CPUID HWMonitor 1.35 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.35 - CPUID, Inc.) ForHonor (HKLM-x32\...\Uplay Install 569) (Version: - Ubisoft) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.1.2.0 - Hi-Rez Studios) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle) Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Malwarebytes (wersja 3.5.1.2522) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Driver 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 384.94 - NVIDIA Corporation) NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation) NVIDIA Graphics Driver 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.94 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation) NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden OpenOffice 4.1.3 (HKLM-x32\...\{4D71C348-C964-442D-B2DB-5160E46FB664}) (Version: 4.13.9783 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 10.5.22.1331 - Electronic Arts, Inc.) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Testy kategoria B 4.1.4 (HKLM-x32\...\Testy kategoria B LKWBX-342_is1) (Version: - Liwona sp. z o.o.) Uplay (HKLM-x32\...\Uplay) (Version: 42.0 - Ubisoft) Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2353404216-3694727248-3923976481-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-2353404216-3694727248-3923976481-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-2353404216-3694727248-3923976481-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-2353404216-3694727248-3923976481-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-2353404216-3694727248-3923976481-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-2353404216-3694727248-3923976481-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-14] (AVAST Software) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-14] (AVAST Software) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-14] (AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-07-19] (NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-14] (AVAST Software) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {01CFBD9F-0F61-4916-B433-38343AE2024B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-06-05] (AVAST Software) Task: {100C3F0E-D091-4514-9807-5FED58B892AC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-08] (Google Inc.) Task: {1465733F-C79C-4818-B3B6-0D96B414DDEA} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {198D3C94-A2E9-4E14-B955-40754998C8BA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-07-19] (NVIDIA Corporation) Task: {1D72B3DA-723A-4645-83A9-82F067BB9F29} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-19] (NVIDIA Corporation) Task: {23CD8F03-22F3-4F08-84FC-5CDB59322224} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-19] (NVIDIA Corporation) Task: {537EF116-EC5A-4C2B-9D82-F0BFED84457C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_pepper.exe [2018-07-14] (Adobe Systems Incorporated) Task: {5DAEB5A0-9895-4E56-BFEF-BB800D7C5B89} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-22] (Piriform Ltd) Task: {5DC934D2-3294-4824-A52A-76DC656CA1CC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-07-19] (NVIDIA Corporation) Task: {8E39C9F5-D1BB-414E-89C6-53D19171C7D3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-07-19] (NVIDIA Corporation) Task: {ABE210DF-ED93-416F-9824-DAC365271B0B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-07-19] (NVIDIA Corporation) Task: {B9FE21CB-BC0E-4348-B2DF-3C60D4E182C4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-07-14] (AVAST Software) Task: {CD4A297D-C2CF-4786-BCC9-ACF2377ABA7C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-08] (Google Inc.) Task: {D0884156-74AE-4DEF-8F02-36F857779693} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-19] (NVIDIA Corporation) Task: {D325DD31-D75C-490C-B10A-83CDC659147A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-19] (NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Public\Desktop\Testy kategoria B.lnk -> D:\Testy kategoria B\Start.bat () ==================== Loaded Modules (Whitelisted) ============== 2017-03-08 17:27 - 2017-07-19 02:37 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-06-12 22:01 - 2017-06-12 22:01 - 000075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2018-07-15 01:03 - 2018-06-18 13:32 - 002433744 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-07-15 01:03 - 2018-07-03 12:59 - 002535120 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2018-07-14 23:28 - 2018-07-14 23:28 - 000599768 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll 2018-06-26 21:07 - 2018-06-22 21:15 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libglesv2.dll 2018-06-26 21:07 - 2018-06-22 21:15 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libegl.dll 2018-07-14 23:28 - 2018-07-14 23:28 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll 2018-07-14 21:58 - 2018-07-14 21:58 - 005846160 _____ () C:\Program Files\AVAST Software\Avast\defs\18071404\algo.dll 2018-07-14 23:28 - 2018-07-14 23:28 - 000928984 _____ () C:\Program Files\AVAST Software\Avast\anen.dll 2018-07-14 23:28 - 2018-07-14 23:28 - 000532696 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll 2018-07-14 23:28 - 2018-07-14 23:28 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll 2018-07-14 23:28 - 2018-07-14 23:28 - 000985304 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll 2018-07-15 13:41 - 2018-07-15 13:41 - 005892752 _____ () C:\Program Files\AVAST Software\Avast\defs\18071502\algo.dll 2017-03-08 17:27 - 2017-07-19 02:37 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-03-13 00:47 - 2018-03-13 00:47 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2018-07-14 23:28 - 2018-07-14 23:28 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2353404216-3694727248-3923976481-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Zlom\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Steam => "D:\steam\steam.exe" -silent MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: Ubisoft Game Launcher => "D:\Ubisoft Game Launcher\Uplay.exe" -uplay_silent ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{1767B04C-9330-4CDD-BD19-6019802CD95F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{5A5CE3BF-1589-45CD-BC8B-C5E1AC806F02}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{821497F2-0633-444D-8B9A-AF3F939964B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{38BE0C31-DD15-4019-B82E-7988D10B3EB4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{A122DE7B-49A2-45EA-BB9C-730B317ACE31}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{C4CD449E-ED7A-4AB9-997D-5FDED3D4E17C}] => (Allow) D:\steam\Steam.exe FirewallRules: [{F5BA341F-337D-44B7-AD41-4490EEEBBBE6}] => (Allow) D:\steam\Steam.exe FirewallRules: [{4C47FDE4-46D5-4865-A53F-F0E21933F914}] => (Allow) D:\steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{E8ABBBCB-365B-45A6-93D6-CFF8DBD44F08}] => (Allow) D:\steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{27CA1663-E211-4EE4-B6FF-C014D2357F9A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{5AB8C3B9-84A2-4CAE-9B09-13E1BCA01726}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe FirewallRules: [UDP Query User{2C25719A-7F1D-4AC5-BCB4-5BB0FEECB5AB}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe FirewallRules: [{D2787C03-347B-4D70-8D81-F270A1336B88}] => (Allow) D:\steam\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe FirewallRules: [{3A4B7DA9-2D79-444D-84BE-ADBA36F3604D}] => (Allow) D:\steam\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe FirewallRules: [TCP Query User{8CCFE705-40EA-47BC-B50B-A9E0B8FAFFCB}D:\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe FirewallRules: [UDP Query User{9E009984-274A-4E68-ADD0-D5F758AFFB6F}D:\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe FirewallRules: [TCP Query User{5C22A511-93FA-46F3-AC69-3A9ECE90C8A5}D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [UDP Query User{07B37A48-17AF-4A9A-BAAA-1DD9DA6C1703}D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [{241761DD-5812-469A-BD0F-61CD547FCF32}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{B3392568-5F55-49DA-BBDC-12D639A6F2D9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{1615DC20-AD48-404C-BFED-090E59BA38D9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{F1FA9C87-9E34-484F-B1C3-5D14C8DE07D0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{FA28DBDC-8526-456F-90AD-C0ABDC5EB69B}] => (Allow) D:\steam\steamapps\common\Trine 2\trine2_launcher.exe FirewallRules: [{399315E1-4E4C-47DD-BF0D-9983195C0E6A}] => (Allow) D:\steam\steamapps\common\Trine 2\trine2_launcher.exe FirewallRules: [{032B3F1B-A095-46EC-B14F-C1D48A5D6D05}] => (Allow) D:\steam\steamapps\common\Spintires\SpinTires.exe FirewallRules: [{FF6884F6-DCCF-4AA0-B83A-9EB44A88DFCC}] => (Allow) D:\steam\steamapps\common\Spintires\SpinTires.exe FirewallRules: [{58F687C3-9E15-46EE-9BB0-CCB95CB0F1FE}] => (Allow) D:\steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{0530B63B-7D6C-404C-BEFE-85AF1B17EDA1}] => (Allow) D:\steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{7D0B6F92-4339-42E9-8F4B-4CE789FCD0EB}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{9E806230-CDFD-4416-B06A-768112525765}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{C2B8D32B-8CB3-47F4-9564-3A770DEE81A4}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{EF4EB472-A9ED-46CC-8152-65230F2D3D15}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{18E174DF-169B-45AA-9791-320B0DDCDBFB}] => (Allow) D:\steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [{CE93E318-34E3-4BA0-A08B-FE83905C4368}] => (Allow) D:\steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [{D43E3035-D07E-4EB5-A81C-4A425C05A2D3}] => (Allow) D:\steam\steamapps\common\Magicka\Magicka.exe FirewallRules: [{52B0DC6C-FDBD-468D-8B74-E75F40F2348A}] => (Allow) D:\steam\steamapps\common\Magicka\Magicka.exe FirewallRules: [TCP Query User{1440BA4A-08F1-4B02-88B5-B0FF383C7CA5}D:\steam\steamapps\common\warface\mycomgames\mycomgames.exe] => (Allow) D:\steam\steamapps\common\warface\mycomgames\mycomgames.exe FirewallRules: [UDP Query User{C8709BFA-C473-49DC-8475-818E579B82C3}D:\steam\steamapps\common\warface\mycomgames\mycomgames.exe] => (Allow) D:\steam\steamapps\common\warface\mycomgames\mycomgames.exe FirewallRules: [{C35736EF-7547-47B6-BCBE-8F2C7B3A6BEE}] => (Allow) D:\steam\steamapps\common\SoulWorker\SoulWorker.exe FirewallRules: [{D950FC89-53A1-42FE-85DC-0738E9AAB1DB}] => (Allow) D:\steam\steamapps\common\SoulWorker\SoulWorker.exe FirewallRules: [{97BADBD3-8C60-4324-BCAB-9F76988F0070}] => (Allow) D:\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe FirewallRules: [{31194281-2EF0-4E74-8230-BC64B9365A01}] => (Allow) D:\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe FirewallRules: [{51676CE2-F724-4404-9875-8B9D6FF11A66}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{D4C6E569-2608-447B-AD44-13692D97294D}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{34FFADDD-6F33-4897-AC9C-0FD5AFFD3175}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{850D9DCE-3865-4026-9238-C57F8065F4DB}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [TCP Query User{603B9572-B8B5-4362-8B87-5A37F176A5CE}D:\ubisoft game launcher\games\forhonor\forhonor.exe] => (Block) D:\ubisoft game launcher\games\forhonor\forhonor.exe FirewallRules: [UDP Query User{BDC20491-A7D9-4FBA-B1DD-E6AD11A52516}D:\ubisoft game launcher\games\forhonor\forhonor.exe] => (Block) D:\ubisoft game launcher\games\forhonor\forhonor.exe FirewallRules: [{3752F074-4AF5-463D-BF38-502EC0A417EB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{E5266375-F5D6-4F2C-9AF2-D07FFA06FB97}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{FB529D8B-AEA9-4D44-BE2E-2D243874A88A}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe ==================== Restore Points ========================= 13-06-2018 14:35:52 Scheduled Checkpoint 13-06-2018 21:26:54 Installed DirectX 20-06-2018 22:45:06 Scheduled Checkpoint 01-07-2018 19:41:24 Scheduled Checkpoint 12-07-2018 14:12:52 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= Name: Universal Serial Bus (USB) Controller Description: Universal Serial Bus (USB) Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Universal Serial Bus (USB) Controller Description: Universal Serial Bus (USB) Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (07/15/2018 01:41:00 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/15/2018 01:09:23 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/14/2018 11:31:29 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/14/2018 11:17:16 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/14/2018 05:57:19 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/13/2018 04:34:45 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/12/2018 11:33:03 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/11/2018 05:47:42 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. System errors: ============= Error: (07/15/2018 01:10:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Usługa Google Update (gupdate) service failed to start due to the following error: The pipe has been ended. Error: (07/14/2018 08:14:49 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (07/14/2018 08:14:48 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (07/12/2018 12:44:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Origin Client Service service terminated unexpectedly. It has done this 1 time(s). Error: (07/01/2018 04:24:40 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 70. Error: (06/29/2018 12:50:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom Error: (06/29/2018 12:49:08 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 12:35:43 on ‎2018-‎06-‎29 was unexpected. Error: (06/29/2018 12:32:57 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 11:47:09 on ‎2018-‎06-‎29 was unexpected. ==================== Memory info =========================== Processor: AMD FX(tm)-6300 Six-Core Processor Percentage of memory in use: 26% Total physical RAM: 8092 MB Available physical RAM: 5915.52 MB Total Virtual: 16182.19 MB Available Virtual: 14064.56 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:247.82 GB) (Free:200.98 GB) NTFS Drive d: () (Fixed) (Total:683.59 GB) (Free:492.14 GB) NTFS \\?\Volume{a647933c-040d-11e7-9d0c-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F199712B) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=247.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=683.6 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================