Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018 Ran by Szymon (16-08-2018 20:27:58) Running from C:\Users\Szymon\Desktop Windows 10 Home Version 1511 10586.494 (X64) (2016-08-07 18:12:47) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2231754314-4281560237-746509812-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2231754314-4281560237-746509812-503 - Limited - Disabled) Guest (S-1-5-21-2231754314-4281560237-746509812-501 - Limited - Disabled) Szymon (S-1-5-21-2231754314-4281560237-746509812-1001 - Administrator - Enabled) => C:\Users\Szymon ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ESET Zapora (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2231754314-4281560237-746509812-1001\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.) Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated) Aktualizacje NVIDIA 31.1.10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.1.10.0 - NVIDIA Corporation) ALLPlayer V6.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.33.1 - Asmedia Technology) Asystent aktualizacji do systemu Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation) AutoHotkey 1.1.28.00 (HKLM\...\AutoHotkey) (Version: 1.1.28.00 - Lexikos) Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.56.37170 - Electronic Arts) CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0192 - Disc Soft Ltd) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 397.64 - NVIDIA Corporation) Hidden ESET Security (HKLM\...\{B489BC2D-0079-4631-97BF-CA2378299D43}) (Version: 11.0.159.9 - ESET, spol. s r.o.) FIFA18 version 1.0 (HKLM\...\FIFA18_is1) (Version: 1.0 - STEAMPUNKS) <==== ATTENTION Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation) Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) League of Legends (HKLM-x32\...\{8CE67B9E-3AC8-4ED2-A8EE-28E6FE3D0B51}) (Version: 4.2.1 - Riot Games) Hidden League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc) League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games) Mass Effect™: Andromeda (HKLM-x32\...\{72BBCA87-9350-48BC-9E2F-6DBC1E80C993}) (Version: 1.0.0.4 - Electronic Arts) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation) Mozilla Firefox 48.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 48.0 (x86 pl)) (Version: 48.0 - Mozilla) Mozilla Firefox 61.0.2 (x64 pl) (HKU\S-1-5-21-2231754314-4281560237-746509812-1001\...\Mozilla Firefox 61.0.2 (x64 pl)) (Version: 61.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0 - Mozilla) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.37.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.1 - NVIDIA Corporation) NVIDIA Sterownik graficzny 397.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 397.64 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 10.5.25.7131 - Electronic Arts, Inc.) Panel sterowania NVIDIA 397.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 397.64 - NVIDIA Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7855 - Realtek Semiconductor Corp.) STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.6.63768 - Electronic Arts) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries Engine 3.8.5 (HKLM\...\SteelSeries Engine 3) (Version: 3.8.5 - SteelSeries ApS) The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.10.0.0 - GOG.com) The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.22.0.0 - GOG.com) The Witcher 3: Wild Hunt - Krew i Wino (HKLM-x32\...\Blood and Wine_is1) (Version: 1.21.0.0 - GOG.com) The Witcher 3: Wild Hunt - Serca z kamienia (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.0.12.0 - GOG.com) Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{A951B9A0-13C0-4A4B-8E04-3CCF05701086}) (Version: 2.47.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden Uplay (HKLM-x32\...\Uplay) (Version: 21.1 - Ubisoft) Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-25] (ESET) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-25] (ESET) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-05-07] (NVIDIA Corporation) ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-25] (ESET) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {28EB5965-52C8-4684-BB66-B0ADADC7FC29} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-07] (NVIDIA Corporation) Task: {313ABBE5-0059-4604-94F9-64DBC864E088} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-07] (NVIDIA Corporation) Task: {447875E6-F5D8-4034-98C7-26881202D2F0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe Task: {5B017B92-A4D0-4897-9F0A-C09A67CDC22D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-04-22] (NVIDIA Corporation) Task: {64B0A16E-8A7C-4815-B47D-D41D3D251AA4} - System32\Tasks\Microsoft\Windows\rempl\shell-maintenance => C:\Program Files\rempl\remsh.exe Task: {71425E4C-84D7-4BD3-BAA9-498AA9618DEE} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-07] (NVIDIA Corporation) Task: {875572FF-8CE8-4AE4-BD8D-F8FCBA38C8B1} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe Task: {9F1BDC42-E3C5-4E15-9A26-321B53E6D7A8} - System32\Tasks\CCleanerSkipUAC => E:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd) Task: {A46FA79B-6B21-4F9E-9F40-5971CF2F66AD} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2018-08-03] (Microsoft Corporation) Task: {AA138A56-C1DC-4DD4-8C2A-71EB4F81F0A6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe Task: {B3362010-3BEE-4EF9-818E-7530035B343F} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation) Task: {E121AD45-17EE-4EC0-ACFD-22BF449164AC} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe Task: {EBDD758E-26CD-4873-9D6E-83D6D01E72E2} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-05-07] (NVIDIA Corporation) Task: {F04741B7-2F50-4303-BA12-251EBC737B22} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-60TQ4UI-Szymon => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 09:17 - 2015-10-30 09:17 - 000028672 _____ () C:\Windows\SYSTEM32\efsext.dll 2015-10-30 09:18 - 2015-10-30 09:18 - 000185856 _____ () C:\Windows\SYSTEM32\ism32k.dll 2018-04-25 18:49 - 2018-04-22 13:04 - 001267648 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-08-11 00:23 - 2016-08-11 00:23 - 000076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2016-08-08 18:18 - 2016-07-01 06:48 - 002656408 _____ () C:\Windows\system32\CoreUIComponents.dll 2016-08-07 15:16 - 2016-08-07 15:16 - 000959168 _____ () C:\Users\Szymon\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2016-04-27 08:10 - 2016-04-27 08:10 - 000093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-08-08 18:19 - 2016-07-01 05:48 - 000472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-08-08 18:18 - 2016-07-01 05:27 - 007992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-08-08 18:18 - 2016-07-01 05:21 - 000591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-08-08 18:18 - 2016-07-01 05:22 - 002483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-08-08 18:18 - 2016-07-01 05:24 - 004089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-07-21 20:03 - 2017-07-21 20:04 - 024054272 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17062.12911.1000_x64__8wekyb3d8bbwe\Video.UI.exe 2017-07-21 20:03 - 2017-07-21 20:03 - 009161728 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17062.12911.1000_x64__8wekyb3d8bbwe\EntCommon.dll 2017-07-14 21:01 - 2017-07-14 21:02 - 003500456 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17062.12911.1000_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-07-21 20:03 - 2017-07-21 20:04 - 010910208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17062.12911.1000_x64__8wekyb3d8bbwe\EntPlat.dll 2016-05-25 22:52 - 2016-05-25 22:52 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-09-15 16:02 - 2015-10-30 09:21 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2231754314-4281560237-746509812-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Szymon\Pictures\C4lLzkNVMAAzbBJ.jpg large.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: UsoSvc => 3 MSCONFIG\Services: XblAuthManager => 3 MSCONFIG\Services: XblGameSave => 3 MSCONFIG\Services: XboxNetApiSvc => 3 HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-2231754314-4281560237-746509812-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2231754314-4281560237-746509812-1001\...\StartupApproved\Run: => "ALLUpdate" HKU\S-1-5-21-2231754314-4281560237-746509812-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2231754314-4281560237-746509812-1001\...\StartupApproved\Run: => "Napisy24Update" HKU\S-1-5-21-2231754314-4281560237-746509812-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-2231754314-4281560237-746509812-1001\...\StartupApproved\Run: => "TomTomHOME.exe" HKU\S-1-5-21-2231754314-4281560237-746509812-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-2231754314-4281560237-746509812-1001\...\StartupApproved\Run: => "Overwolf" HKU\S-1-5-21-2231754314-4281560237-746509812-1001\...\StartupApproved\Run: => "Napisy24.pl" HKU\S-1-5-21-2231754314-4281560237-746509812-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-2231754314-4281560237-746509812-1001\...\StartupApproved\Run: => "Spotify Web Helper" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{9F9EBBA0-3483-4855-BB9A-DA39AD313315}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{040B1CFF-9E9F-47CB-8280-F3236B1EEBBD}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{16361457-8BAB-40FE-9977-15A660CE1A20}] => (Allow) E:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{51A09D6F-2DBD-474E-BE36-0C854607C6F2}] => (Allow) E:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E6956759-CA71-4A12-8DE6-D650B9EB3D14}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{BD66BADF-F885-46D4-828E-171C0EAA8D14}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{9E0BD7A3-E561-4D6C-A588-43392D4993C6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{B2E57E92-C536-4682-98B6-1B0D531ABE71}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{D4E10E3D-B41A-474C-A064-9626ED88A3BF}] => (Allow) C:\Users\Szymon\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{061FC8EF-A684-4B7A-8C3F-846607A63918}] => (Allow) C:\Users\Szymon\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7E4564FE-BAB5-4D0B-8DCA-81F6E666E5A2}] => (Allow) C:\Users\Szymon\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7211C6F9-E16E-4DD5-92D5-3B196CB3A67D}] => (Allow) C:\Users\Szymon\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D396E936-584E-4255-8713-AA48F8F1D211}] => (Allow) C:\Users\Szymon\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{1B11A0FC-C609-4CCA-AF3D-3B07EFA7117F}] => (Allow) C:\Users\Szymon\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B4E1E692-5464-4610-B9A1-713CEA467881}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{425F5284-57D2-4A2E-98AB-96F31D37E96A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{25D7D602-3E97-4708-B55B-CD116AD4DD48}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{547FA278-0AA4-40B3-A9EF-FBB90812E9AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{DFB8A915-1594-4A00-B46C-C5E3AF11DD29}] => (Allow) G:\Program Files\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{668272B9-609B-4552-B951-B59BF6FB924D}] => (Allow) G:\Program Files\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{4DBE594E-4464-413E-87D6-0F1C6ADAD724}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{B5DA4C26-3275-40CB-B202-DEF095B7396B}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{D0DBDF1A-2926-4198-87C1-4D91E42B5914}] => (Allow) G:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{F411E393-6509-4317-931D-3C769843C6EE}] => (Allow) G:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{954FE21C-E13E-4CEF-8976-672388C20718}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{02D78DC0-AEBF-49E6-B9DF-936966C63725}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{A2DD44B3-0073-4A80-8646-C8423EA3E703}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe FirewallRules: [{86ADE096-32F5-496B-B03C-A83FE6C2AE76}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe FirewallRules: [TCP Query User{778C8FD6-C186-42D9-8F75-DC045A64F5B8}G:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe FirewallRules: [UDP Query User{72750E07-07CF-41A2-95DA-B68D65B0CAD9}G:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe FirewallRules: [TCP Query User{FAC0CB1D-D505-40E9-83E0-04015386A036}G:\program files\fifa18\fifa18.exe] => (Block) G:\program files\fifa18\fifa18.exe FirewallRules: [UDP Query User{EB1C5F48-EEF7-4488-B660-689C61D0F911}G:\program files\fifa18\fifa18.exe] => (Block) G:\program files\fifa18\fifa18.exe FirewallRules: [TCP Query User{3A614ECE-2192-4D57-98A1-7E42CFE09BA2}E:\program files (x86)\mozilla firefox\firefox.exe] => (Block) E:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{E21043EC-47FE-45FA-BADA-D7E5BDDCFABF}E:\program files (x86)\mozilla firefox\firefox.exe] => (Block) E:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{02282593-0F33-4C29-8529-44C4F652694A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{D47188B8-89A5-45CB-AE38-F7DEF1F0B2D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{348BE1C5-1F21-43A4-9375-B6CBD79F7363}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's The Division\thedivision.exe FirewallRules: [{E5054D1B-A30B-4C42-8DD4-039DDABF27C8}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's The Division\thedivision.exe FirewallRules: [{CC34EAA3-46E5-44D4-9B8C-F8A5D0AD780F}] => (Allow) G:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe FirewallRules: [{BA1A1433-4F8E-49B3-903A-AD255DBB4288}] => (Allow) G:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe FirewallRules: [{B596F8CC-A6F0-4AB1-9A97-234101385D53}] => (Allow) G:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe FirewallRules: [{2873C663-9E21-473B-8AD6-1F61C7A4CD1B}] => (Allow) G:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe FirewallRules: [{D9A1B28F-425D-43CB-8922-9F051C59948B}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe FirewallRules: [{589308A9-0551-4163-B705-66DE70252FDB}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe FirewallRules: [{02B37283-18F9-4811-804D-C2A69FA59B25}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe FirewallRules: [{EB732778-A14A-490D-AABE-89BF15D4DFAE}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Faulty Device Manager Devices ============= Name: Standardowa klawiatura PS/2 Description: Standardowa klawiatura PS/2 Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (Klawiatury standardowe) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Mysz Microsoft PS/2 Description: Mysz Microsoft PS/2 Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (08/16/2018 10:17:59 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: bf1.exe, wersja: 1.0.56.37170, sygnatura czasowa: 0x5b69e2b3 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000000000 Identyfikator procesu powodującego błąd: 0x19c8 Godzina uruchomienia aplikacji powodującej błąd: 0x01d4353457adccc8 Ścieżka aplikacji powodującej błąd: G:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: cb02da19-1c74-49de-8b22-f0f99ab17090 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (08/14/2018 07:28:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-60TQ4UI) Description: Aktywacja aplikacji Microsoft.Windows.Photos_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (08/14/2018 12:38:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-60TQ4UI) Description: Aktywacja aplikacji Microsoft.Windows.Photos_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (08/13/2018 10:01:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: bf1.exe, wersja: 1.0.56.2162, sygnatura czasowa: 0x5b4ea322 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000409 Przesunięcie błędu: 0x0000000054f6a4d8 Identyfikator procesu powodującego błąd: 0xf94 Godzina uruchomienia aplikacji powodującej błąd: 0x01d4333881bdf89b Ścieżka aplikacji powodującej błąd: G:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: e30e7d42-ff43-4402-8c93-61506fbd8c39 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (08/13/2018 09:02:25 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Origin.exe w wersji 10.5.24.5022 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 1950 Godzina rozpoczęcia: 01d43338199be58c Godzina zakończenia: 4294967295 Ścieżka aplikacji: G:\Program Files (x86)\Origin\Origin.exe Identyfikator raportu: 692abb4a-9f2b-11e8-ae20-d8cb8ac32dcd Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (08/09/2018 02:46:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: LeagueClientUx.exe, wersja: 8.15.239.7082, sygnatura czasowa: 0x5b5a1b5c Nazwa modułu powodującego błąd: LeagueClientUx.exe, wersja: 8.15.239.7082, sygnatura czasowa: 0x5b5a1b5c Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000044a6 Identyfikator procesu powodującego błąd: 0x1f18 Godzina uruchomienia aplikacji powodującej błąd: 0x01d42fdefb3cb91c Ścieżka aplikacji powodującej błąd: E:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.158\deploy\LeagueClientUx.exe Ścieżka modułu powodującego błąd: E:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.158\deploy\LeagueClientUx.exe Identyfikator raportu: 91608439-d4fe-4bfc-89e4-c18e91a15799 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (08/09/2018 02:46:14 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program LeagueClientUx.exe w wersji 8.15.239.7082 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 1628 Godzina rozpoczęcia: 01d42fdeddcb7fae Godzina zakończenia: 4294967295 Ścieżka aplikacji: E:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.158\deploy\LeagueClientUx.exe Identyfikator raportu: 33014706-9bd2-11e8-ae15-d8cb8ac32dcd Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (08/09/2018 02:46:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: LeagueClientUx.exe, wersja: 8.15.239.7082, sygnatura czasowa: 0x5b5a1b5c Nazwa modułu powodującego błąd: LeagueClientUx.exe, wersja: 8.15.239.7082, sygnatura czasowa: 0x5b5a1b5c Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000044a6 Identyfikator procesu powodującego błąd: 0x1a8 Godzina uruchomienia aplikacji powodującej błąd: 0x01d42fdef0ca38ae Ścieżka aplikacji powodującej błąd: E:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.158\deploy\LeagueClientUx.exe Ścieżka modułu powodującego błąd: E:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.158\deploy\LeagueClientUx.exe Identyfikator raportu: 7366f12d-2bea-4000-9276-dc71b7f3b1be Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: System errors: ============= Error: (08/16/2018 08:04:06 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-60TQ4UI) Description: Serwer {B91D5831-B1BD-4608-8198-D72E155020F7} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (08/16/2018 08:02:06 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-60TQ4UI) Description: Serwer {B91D5831-B1BD-4608-8198-D72E155020F7} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (08/16/2018 07:34:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi NT AUTHORITY\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (08/16/2018 05:13:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070070: 2017-10 Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB4041689). Error: (08/16/2018 05:01:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Origin Web Helper Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (08/16/2018 05:01:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Origin Web Helper Service. Error: (08/16/2018 05:01:02 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 16:59:12 na ‎16.‎08.‎2018 było nieoczekiwane. Error: (08/16/2018 04:34:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070070: 2017-10 Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB4041689). ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz Percentage of memory in use: 22% Total physical RAM: 16336.44 MB Available physical RAM: 12590.1 MB Total Virtual: 18768.44 MB Available Virtual: 14124.38 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:29.26 GB) (Free:1.3 GB) NTFS ==>[system with boot components (obtained from drive)] Drive d: () (Fixed) (Total:9.77 GB) (Free:2.12 GB) NTFS Drive e: () (Fixed) (Total:63.5 GB) (Free:31.42 GB) NTFS Drive f: () (Fixed) (Total:83.76 GB) (Free:11.77 GB) NTFS Drive g: () (Fixed) (Total:931.51 GB) (Free:250.42 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2FE34326) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 186.3 GB) (Disk ID: CDE7CDE7) Partition 1: (Active) - (Size=29.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=157 GB) - (Type=0F Extended) ==================== End of Addition.txt ============================