- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-10-2016
- Ran by Jacek (12-10-2016 14:47:53)
- Running from C:\Users\Jacek\Downloads
- Windows 8.1 Pro (X64) (2016-10-12 10:27:15)
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Administrator (S-1-5-21-1529912858-1414345264-3061538310-500 - Administrator - Disabled)
- Guest (S-1-5-21-1529912858-1414345264-3061538310-501 - Limited - Disabled)
- Jacek (S-1-5-21-1529912858-1414345264-3061538310-1001 - Administrator - Enabled) => C:\Users\Jacek
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- ==================== Installed Programs ======================
- (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- Ansel (Version: 373.06 - NVIDIA Corporation) Hidden
- Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
- Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
- Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
- Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
- Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
- NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
- NVIDIA Graphics Driver 373.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 373.06 - NVIDIA Corporation)
- NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
- SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
- SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
- Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
- ==================== Custom CLSID (Whitelisted): ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- ==================== Scheduled Tasks (Whitelisted) =============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
- Task: {3C4468E7-32C1-4B9A-BC25-C77918BE80D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-12] (Google Inc.)
- Task: {6DEFF51F-3ECC-4647-B86B-90D2879A391F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-12] (Google Inc.)
- (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
- Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- ==================== Shortcuts =============================
- (The entries could be listed to be restored or removed.)
- ==================== Loaded Modules (Whitelisted) ==============
- 2016-10-12 12:45 - 2016-10-01 21:44 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
- 2016-10-12 12:45 - 2016-10-01 23:15 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
- 2016-10-12 12:45 - 2016-10-01 23:15 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
- 2016-10-12 12:45 - 2016-10-01 23:15 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
- 2016-10-12 12:45 - 2016-10-01 23:15 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
- 2016-10-12 12:45 - 2016-10-01 23:15 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
- 2016-10-12 12:45 - 2016-10-01 23:15 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
- 2016-10-12 12:45 - 2016-10-01 23:15 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
- 2016-10-12 12:45 - 2016-10-01 23:15 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
- 2016-10-12 12:45 - 2016-10-01 23:15 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
- 2016-10-12 12:45 - 2016-10-01 23:15 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
- 2016-10-12 12:36 - 2016-09-25 08:02 - 02279528 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libglesv2.dll
- 2016-10-12 12:36 - 2016-09-25 08:02 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libegl.dll
- 2016-10-12 12:45 - 2016-10-01 23:15 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
- 2016-10-12 13:51 - 2016-09-08 05:14 - 00784672 _____ () D:\Program Files (x86)\Steam\SDL2.dll
- 2016-10-12 13:51 - 2016-09-01 03:02 - 04969248 _____ () D:\Program Files (x86)\Steam\v8.dll
- 2016-10-12 13:51 - 2016-09-20 21:28 - 02321696 _____ () D:\Program Files (x86)\Steam\video.dll
- 2016-10-12 13:51 - 2016-09-01 03:02 - 01563936 _____ () D:\Program Files (x86)\Steam\icui18n.dll
- 2016-10-12 13:51 - 2016-09-01 03:02 - 01195296 _____ () D:\Program Files (x86)\Steam\icuuc.dll
- 2016-10-12 13:51 - 2016-01-27 09:49 - 02549760 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll
- 2016-10-12 13:51 - 2016-01-27 09:49 - 00491008 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll
- 2016-10-12 13:51 - 2016-01-27 09:49 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll
- 2016-10-12 13:51 - 2016-01-27 09:49 - 00442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll
- 2016-10-12 13:51 - 2016-01-27 09:49 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll
- 2016-10-12 13:51 - 2016-09-20 21:28 - 00835360 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
- 2016-10-12 13:51 - 2016-08-04 22:56 - 49825056 _____ () D:\Program Files (x86)\Steam\bin\libcef.dll
- ==================== Alternate Data Streams (Whitelisted) =========
- (If an entry is included in the fixlist, only the ADS will be removed.)
- ==================== Safe Mode (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
- ==================== Association (Whitelisted) ===============
- (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
- ==================== Internet Explorer trusted/restricted ===============
- (If an entry is included in the fixlist, it will be removed from the registry.)
- ==================== Hosts content: ===============================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2013-08-22 15:25 - 2016-10-12 14:44 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
- ==================== Other Areas ============================
- (Currently there is no automatic fix for this section.)
- HKU\S-1-5-21-1529912858-1414345264-3061538310-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jacek\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\windows photo viewer wallpaper.jpg
- DNS Servers: 192.168.1.1
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
- Windows Firewall is enabled.
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- HKLM\...\StartupApproved\Run: => "NvBackend"
- ==================== FirewallRules (Whitelisted) ===============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
- FirewallRules: [{1D767EA6-7466-4102-AE1B-F3E310BE9A60}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- FirewallRules: [{D640F6A9-E7BE-482B-B496-489E9AD03611}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
- FirewallRules: [{984BDCCE-0CED-4CB7-B794-C9187B8C07DD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
- FirewallRules: [{52E0D99D-69A8-4760-9C69-C8DFFFE5BD13}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
- FirewallRules: [{66B33C7D-80C9-4DC1-AD97-A24C94A76753}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
- FirewallRules: [{33B7501A-4106-4AB3-A4E9-3B75EAF82F38}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
- FirewallRules: [{0B98EA0B-EDF6-4D60-8260-043AA1F13A73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
- FirewallRules: [{E51A7369-2AF9-4D61-9052-AE1162B497AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
- FirewallRules: [{BFF55BA5-10DF-4144-A7B7-D454570D2284}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{F8584554-79A4-4A58-8046-C9167259DA0D}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{9B0AF964-29DA-49A9-A41A-E74E39C9285E}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
- FirewallRules: [{E12B9800-34B1-45A4-9252-4D8557E30853}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
- ==================== Restore Points =========================
- 12-10-2016 12:44:03 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
- ==================== Faulty Device Manager Devices =============
- Name: PCI Data Acquisition and Signal Processing Controller
- Description: PCI Data Acquisition and Signal Processing Controller
- Class Guid:
- Manufacturer:
- Service:
- Problem: : The drivers for this device are not installed. (Code 28)
- Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
- Name: PCI Data Acquisition and Signal Processing Controller
- Description: PCI Data Acquisition and Signal Processing Controller
- Class Guid:
- Manufacturer:
- Service:
- Problem: : The drivers for this device are not installed. (Code 28)
- Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
- Name: High Definition Audio Device
- Description: High Definition Audio Device
- Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
- Manufacturer: Microsoft
- Service: HdAudAddService
- Problem: : This device cannot start. (Code10)
- Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
- On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
- Name: SM Bus Controller
- Description: SM Bus Controller
- Class Guid:
- Manufacturer:
- Service:
- Problem: : The drivers for this device are not installed. (Code 28)
- Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (10/12/2016 02:45:45 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
- Description: License Activation (slui.exe) failed with the following error code:
- hr=0x8007232B
- Command-line arguments:
- RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
- Error: (10/12/2016 02:45:43 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
- Description: License Activation (slui.exe) failed with the following error code:
- hr=0x8007232B
- Command-line arguments:
- RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
- Error: (10/12/2016 02:45:32 PM) (Source: DPTF) (EventID: 256) (User: )
- Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
- DPTF Build Version: 8.1.10605.221
- DPTF Build Date: Oct 23 2015 12:24:15
- Source File: ..\..\..\Sources\Manager\WIPolicyCreateAll.cpp @ line 59
- Executing Function: WIPolicyCreateAll::execute
- Message: Unhandled exception caught during execution of work item
- Policy File Name: DptfPolicyPassive.dll
- Framework Event: PolicyCreate [27]
- Exception Function: PolicyManager::createPolicy
- Exception Text:
- DPTF Build Version: 8.1.10605.221
- DPTF Build Date: Oct 23 2015 12:24:15
- Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
- Executing Function: EsifServices::primitiveExecuteGet
- Message: Error returned from ESIF services interface function call
- Participant: NoParticipant
- Domain: NoDomain
- ESIF Primitive: GET_THERMAL_RELATIONSHIP_TABLE [91]
- ESIF Instance: 255
- ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
- Error: (10/12/2016 02:45:31 PM) (Source: DPTF) (EventID: 256) (User: )
- Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
- DPTF Build Version: 8.1.10605.221
- DPTF Build Date: Oct 23 2015 12:24:15
- Source File: ..\..\..\Sources\Manager\WIPolicyCreateAll.cpp @ line 59
- Executing Function: WIPolicyCreateAll::execute
- Message: Unhandled exception caught during execution of work item
- Policy File Name: DptfPolicyActive.dll
- Framework Event: PolicyCreate [27]
- Exception Function: PolicyManager::createPolicy
- Exception Text:
- DPTF Build Version: 8.1.10605.221
- DPTF Build Date: Oct 23 2015 12:24:15
- Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
- Executing Function: EsifServices::primitiveExecuteGet
- Message: Error returned from ESIF services interface function call
- Participant: NoParticipant
- Domain: NoDomain
- ESIF Primitive: GET_ACTIVE_RELATIONSHIP_TABLE [89]
- ESIF Instance: 255
- ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
- Error: (10/12/2016 02:44:38 PM) (Source: DPTF) (EventID: 256) (User: )
- Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR FUNC: rsrc_app_start_app_in_active_user_session FILE: rsrc_app.c LINE: 328 TIME: 5301213 ms
- Unable to start capture program. Error = 2
- Error: (10/12/2016 02:34:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NEVOVCOMP)
- Description: Activation of app WinStore_cw5n1h2txyewy!Windows.Store failed with error: -2144927150 See the Microsoft-Windows-TWinUI/Operational log for additional information.
- Error: (10/12/2016 02:17:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NEVOVCOMP)
- Description: Activation of app WinStore_cw5n1h2txyewy!Windows.Store failed with error: -2144927150 See the Microsoft-Windows-TWinUI/Operational log for additional information.
- Error: (10/12/2016 02:02:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NEVOVCOMP)
- Description: Activation of app WinStore_cw5n1h2txyewy!Windows.Store failed with error: -2144927150 See the Microsoft-Windows-TWinUI/Operational log for additional information.
- Error: (10/12/2016 01:47:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NEVOVCOMP)
- Description: Activation of app WinStore_cw5n1h2txyewy!Windows.Store failed with error: -2144927150 See the Microsoft-Windows-TWinUI/Operational log for additional information.
- Error: (10/12/2016 01:32:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NEVOVCOMP)
- Description: Activation of app WinStore_cw5n1h2txyewy!Windows.Store failed with error: -2144927150 See the Microsoft-Windows-TWinUI/Operational log for additional information.
- System errors:
- =============
- Error: (10/12/2016 02:47:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The GUMBBFtmpGoogle service failed to start due to the following error:
- The system cannot find the file specified.
- Error: (10/12/2016 02:45:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The UAC File Virtualization service failed to start due to the following error:
- This driver has been blocked from loading
- Error: (10/12/2016 02:44:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
- Description: The Superfetch service terminated with the following error:
- The service has not been started.
- Error: (10/12/2016 01:56:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The AtawuhtucultInternetExplorer service terminated unexpectedly. It has done this 1 time(s).
- Error: (10/12/2016 01:56:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The GUMBBFtmpGoogle service terminated unexpectedly. It has done this 1 time(s).
- Error: (10/12/2016 01:56:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The Viokdojvaf service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 600 milliseconds: Restart the service.
- Error: (10/12/2016 01:56:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The PerfLogsProgramFiles service terminated unexpectedly. It has done this 1 time(s).
- Error: (10/12/2016 01:56:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The PerfLogsPerfLogs service terminated unexpectedly. It has done this 1 time(s).
- Error: (10/12/2016 01:56:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The ProgramFilesProgramFilesx service terminated unexpectedly. It has done this 1 time(s).
- Error: (10/12/2016 01:56:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The ProgramFilesIntel service terminated unexpectedly. It has done this 1 time(s).
- ==================== Memory info ===========================
- Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
- Percentage of memory in use: 33%
- Total physical RAM: 3979.43 MB
- Available physical RAM: 2636.32 MB
- Total Virtual: 5387.43 MB
- Available Virtual: 3989.48 MB
- ==================== Drives ================================
- Drive c: () (Fixed) (Total:390.28 GB) (Free:372.04 GB) NTFS
- Drive d: () (Fixed) (Total:540.89 GB) (Free:525.57 GB) NTFS
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 44778D70)
- Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
- Partition 2: (Not Active) - (Size=390.3 GB) - (Type=07 NTFS)
- Partition 3: (Not Active) - (Size=540.9 GB) - (Type=07 NTFS)
- ==================== End of Addition.txt ============================