Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-10-2016 Ran by Jacek (12-10-2016 14:47:53) Running from C:\Users\Jacek\Downloads Windows 8.1 Pro (X64) (2016-10-12 10:27:15) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1529912858-1414345264-3061538310-500 - Administrator - Disabled) Guest (S-1-5-21-1529912858-1414345264-3061538310-501 - Limited - Disabled) Jacek (S-1-5-21-1529912858-1414345264-3061538310-1001 - Administrator - Enabled) => C:\Users\Jacek ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Ansel (Version: 373.06 - NVIDIA Corporation) Hidden Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.) Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation) NVIDIA Graphics Driver 373.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 373.06 - NVIDIA Corporation) NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {3C4468E7-32C1-4B9A-BC25-C77918BE80D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-12] (Google Inc.) Task: {6DEFF51F-3ECC-4647-B86B-90D2879A391F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-12] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-10-12 12:45 - 2016-10-01 21:44 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-10-12 12:45 - 2016-10-01 23:15 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2016-10-12 12:45 - 2016-10-01 23:15 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2016-10-12 12:45 - 2016-10-01 23:15 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll 2016-10-12 12:45 - 2016-10-01 23:15 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2016-10-12 12:45 - 2016-10-01 23:15 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll 2016-10-12 12:45 - 2016-10-01 23:15 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll 2016-10-12 12:45 - 2016-10-01 23:15 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll 2016-10-12 12:45 - 2016-10-01 23:15 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll 2016-10-12 12:45 - 2016-10-01 23:15 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll 2016-10-12 12:45 - 2016-10-01 23:15 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll 2016-10-12 12:36 - 2016-09-25 08:02 - 02279528 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libglesv2.dll 2016-10-12 12:36 - 2016-09-25 08:02 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libegl.dll 2016-10-12 12:45 - 2016-10-01 23:15 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-10-12 13:51 - 2016-09-08 05:14 - 00784672 _____ () D:\Program Files (x86)\Steam\SDL2.dll 2016-10-12 13:51 - 2016-09-01 03:02 - 04969248 _____ () D:\Program Files (x86)\Steam\v8.dll 2016-10-12 13:51 - 2016-09-20 21:28 - 02321696 _____ () D:\Program Files (x86)\Steam\video.dll 2016-10-12 13:51 - 2016-09-01 03:02 - 01563936 _____ () D:\Program Files (x86)\Steam\icui18n.dll 2016-10-12 13:51 - 2016-09-01 03:02 - 01195296 _____ () D:\Program Files (x86)\Steam\icuuc.dll 2016-10-12 13:51 - 2016-01-27 09:49 - 02549760 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll 2016-10-12 13:51 - 2016-01-27 09:49 - 00491008 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll 2016-10-12 13:51 - 2016-01-27 09:49 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll 2016-10-12 13:51 - 2016-01-27 09:49 - 00442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll 2016-10-12 13:51 - 2016-01-27 09:49 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll 2016-10-12 13:51 - 2016-09-20 21:28 - 00835360 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-10-12 13:51 - 2016-08-04 22:56 - 49825056 _____ () D:\Program Files (x86)\Steam\bin\libcef.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2016-10-12 14:44 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1529912858-1414345264-3061538310-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jacek\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\windows photo viewer wallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\Run: => "NvBackend" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{1D767EA6-7466-4102-AE1B-F3E310BE9A60}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{D640F6A9-E7BE-482B-B496-489E9AD03611}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{984BDCCE-0CED-4CB7-B794-C9187B8C07DD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{52E0D99D-69A8-4760-9C69-C8DFFFE5BD13}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{66B33C7D-80C9-4DC1-AD97-A24C94A76753}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{33B7501A-4106-4AB3-A4E9-3B75EAF82F38}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{0B98EA0B-EDF6-4D60-8260-043AA1F13A73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E51A7369-2AF9-4D61-9052-AE1162B497AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{BFF55BA5-10DF-4144-A7B7-D454570D2284}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{F8584554-79A4-4A58-8046-C9167259DA0D}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{9B0AF964-29DA-49A9-A41A-E74E39C9285E}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{E12B9800-34B1-45A4-9252-4D8557E30853}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe ==================== Restore Points ========================= 12-10-2016 12:44:03 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 ==================== Faulty Device Manager Devices ============= Name: PCI Data Acquisition and Signal Processing Controller Description: PCI Data Acquisition and Signal Processing Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: PCI Data Acquisition and Signal Processing Controller Description: PCI Data Acquisition and Signal Processing Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: High Definition Audio Device Description: High Definition Audio Device Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: HdAudAddService Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: SM Bus Controller Description: SM Bus Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (10/12/2016 02:45:45 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0x8007232B Command-line arguments: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (10/12/2016 02:45:43 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0x8007232B Command-line arguments: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (10/12/2016 02:45:32 PM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR DPTF Build Version: 8.1.10605.221 DPTF Build Date: Oct 23 2015 12:24:15 Source File: ..\..\..\Sources\Manager\WIPolicyCreateAll.cpp @ line 59 Executing Function: WIPolicyCreateAll::execute Message: Unhandled exception caught during execution of work item Policy File Name: DptfPolicyPassive.dll Framework Event: PolicyCreate [27] Exception Function: PolicyManager::createPolicy Exception Text: DPTF Build Version: 8.1.10605.221 DPTF Build Date: Oct 23 2015 12:24:15 Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457 Executing Function: EsifServices::primitiveExecuteGet Message: Error returned from ESIF services interface function call Participant: NoParticipant Domain: NoDomain ESIF Primitive: GET_THERMAL_RELATIONSHIP_TABLE [91] ESIF Instance: 255 ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202] Error: (10/12/2016 02:45:31 PM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR DPTF Build Version: 8.1.10605.221 DPTF Build Date: Oct 23 2015 12:24:15 Source File: ..\..\..\Sources\Manager\WIPolicyCreateAll.cpp @ line 59 Executing Function: WIPolicyCreateAll::execute Message: Unhandled exception caught during execution of work item Policy File Name: DptfPolicyActive.dll Framework Event: PolicyCreate [27] Exception Function: PolicyManager::createPolicy Exception Text: DPTF Build Version: 8.1.10605.221 DPTF Build Date: Oct 23 2015 12:24:15 Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457 Executing Function: EsifServices::primitiveExecuteGet Message: Error returned from ESIF services interface function call Participant: NoParticipant Domain: NoDomain ESIF Primitive: GET_ACTIVE_RELATIONSHIP_TABLE [89] ESIF Instance: 255 ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202] Error: (10/12/2016 02:44:38 PM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR FUNC: rsrc_app_start_app_in_active_user_session FILE: rsrc_app.c LINE: 328 TIME: 5301213 ms Unable to start capture program. Error = 2 Error: (10/12/2016 02:34:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NEVOVCOMP) Description: Activation of app WinStore_cw5n1h2txyewy!Windows.Store failed with error: -2144927150 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (10/12/2016 02:17:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NEVOVCOMP) Description: Activation of app WinStore_cw5n1h2txyewy!Windows.Store failed with error: -2144927150 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (10/12/2016 02:02:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NEVOVCOMP) Description: Activation of app WinStore_cw5n1h2txyewy!Windows.Store failed with error: -2144927150 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (10/12/2016 01:47:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NEVOVCOMP) Description: Activation of app WinStore_cw5n1h2txyewy!Windows.Store failed with error: -2144927150 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (10/12/2016 01:32:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NEVOVCOMP) Description: Activation of app WinStore_cw5n1h2txyewy!Windows.Store failed with error: -2144927150 See the Microsoft-Windows-TWinUI/Operational log for additional information. System errors: ============= Error: (10/12/2016 02:47:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The GUMBBFtmpGoogle service failed to start due to the following error: The system cannot find the file specified. Error: (10/12/2016 02:45:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The UAC File Virtualization service failed to start due to the following error: This driver has been blocked from loading Error: (10/12/2016 02:44:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Superfetch service terminated with the following error: The service has not been started. Error: (10/12/2016 01:56:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The AtawuhtucultInternetExplorer service terminated unexpectedly. It has done this 1 time(s). Error: (10/12/2016 01:56:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The GUMBBFtmpGoogle service terminated unexpectedly. It has done this 1 time(s). Error: (10/12/2016 01:56:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Viokdojvaf service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 600 milliseconds: Restart the service. Error: (10/12/2016 01:56:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The PerfLogsProgramFiles service terminated unexpectedly. It has done this 1 time(s). Error: (10/12/2016 01:56:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The PerfLogsPerfLogs service terminated unexpectedly. It has done this 1 time(s). Error: (10/12/2016 01:56:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The ProgramFilesProgramFilesx service terminated unexpectedly. It has done this 1 time(s). Error: (10/12/2016 01:56:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The ProgramFilesIntel service terminated unexpectedly. It has done this 1 time(s). ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz Percentage of memory in use: 33% Total physical RAM: 3979.43 MB Available physical RAM: 2636.32 MB Total Virtual: 5387.43 MB Available Virtual: 3989.48 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:390.28 GB) (Free:372.04 GB) NTFS Drive d: () (Fixed) (Total:540.89 GB) (Free:525.57 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 44778D70) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=390.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=540.9 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================