Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Sayi (19-03-2018 13:30:58)
Running from C:\Users\Sayi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2018-03-11 20:48:42)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-344386134-3804572397-635782753-500 - Administrator - Disabled)
Guest (S-1-5-21-344386134-3804572397-635782753-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-344386134-3804572397-635782753-1002 - Limited - Enabled)
Sayi (S-1-5-21-344386134-3804572397-635782753-1000 - Administrator - Enabled) => C:\Users\Sayi

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security Premium (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security Premium (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AIDA64 Engineer v5.75 (HKLM-x32\...\AIDA64 Engineer_is1) (Version: 5.75 - FinalWire Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.01 - NVIDIA Corporation) Hidden
ESET Security (HKLM\...\{B489BC2D-0079-4631-97BF-CA2378299D43}) (Version: 11.0.159.9 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.162 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MSI Afterburner 4.4.2 (HKLM-x32\...\Afterburner) (Version: 4.4.2 - MSI Co., LTD)
NVIDIA Graphics Driver 391.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.01 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6813 - Realtek Semiconductor Corp.)
Skype version 8.17 (HKLM-x32\...\Skype_is1) (Version: 8.17 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.77831 - TeamViewer)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-02-23] (NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-12-18] (ESET)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {008FD1F2-8171-497A-9777-ABF53D5DA778} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-03-06] (Piriform Ltd)
Task: {6C8A9C9D-1DF1-4C82-8260-D11CB40D8861} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2017-12-15] ()
Task: {9BE5E58D-1B37-47BF-BA7A-D77C1FC064B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-18] (Google Inc.)
Task: {BF8285B2-255F-4B5A-B58F-D31720C58CA4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-18] (Google Inc.)
Task: {FDF477D0-FF2D-44CA-9488-D235ED57B24E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-03-06] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-03-18 10:53 - 2018-02-24 13:46 - 000543248 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2018-03-18 10:36 - 2018-03-13 01:39 - 004435288 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.162\libglesv2.dll
2018-03-18 10:36 - 2018-03-13 01:39 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.162\libegl.dll
2018-03-18 11:49 - 2018-02-28 15:59 - 031228928 _____ () C:\Users\Sayi\AppData\Local\Google\Chrome\User Data\PepperFlash\29.0.0.113\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-344386134-3804572397-635782753-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sayi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 185.28.144.28 - 185.28.144.29
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D31D0DE9-216A-48E4-83B3-AD2ECACD5B5E}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{35D06857-78D3-4706-A1AF-18ACB6BB1A9F}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{A7287AA4-0922-4D2D-BFB9-EBEE5A6E0EA6}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{8AAC3F39-C742-4569-8983-E67AEB33DB98}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{69240714-43D8-48D1-9161-2565C316D170}] => (Allow) D:\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{A12CFA0F-D4DF-4D20-866B-AA72D58C719D}] => (Allow) D:\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{6E19E457-858B-41AA-A2F6-06ADE452ABE3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{59E30135-6145-44F0-ACC6-B22077C14E1B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{52225291-E4E2-4F8B-91FC-42D827C5E218}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{EEA1D8E9-B37A-49AB-BB8B-5DFEA2EE2F89}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6D4BBCD8-438A-4B39-B6BB-34F6747F40D0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{89641256-E690-44DA-AD28-4E47A9667CD7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1C37555D-4C30-4A78-9C74-DC44D35FB279}] => (Allow) D:\Steam\steamapps\common\Geometry Dash\GeometryDash.exe
FirewallRules: [{88B21A0A-13CD-4C5E-B840-0F5C8F89ABD4}] => (Allow) D:\Steam\steamapps\common\Geometry Dash\GeometryDash.exe
FirewallRules: [{7C618493-9541-48D4-8CAC-80CF9FDE0D9D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{89E4533C-E6FE-4CB7-A119-9787AAE6729B}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A7EC2F7A-2F7A-4F00-9C6A-3ACCB01B6016}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe

==================== Restore Points =========================

15-03-2018 17:18:43 Windows Update
15-03-2018 18:04:41 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
15-03-2018 18:04:58 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
15-03-2018 18:06:17 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
15-03-2018 18:08:12 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
15-03-2018 18:21:54 Windows Update
18-03-2018 10:17:52 Windows Update
18-03-2018 12:04:26 Windows Update
18-03-2018 18:37:45 Installed DirectX

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/19/2018 01:11:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/18/2018 08:14:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/18/2018 06:49:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/18/2018 06:17:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program GeometryDash.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 13e8

Start Time: 01d3bedcd63668de

Termination Time: 167

Application Path: D:\Steam\steamapps\common\Geometry Dash\GeometryDash.exe

Report Id: 28eb1a83-2ad0-11e8-9add-bc5ff4c4d3e5

Error: (03/18/2018 05:47:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Golf With Your Friends.exe version 2017.3.0.63597 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 814

Start Time: 01d3bed8b6d8c2c9

Termination Time: 1093

Application Path: D:\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe

Report Id: 170e2912-2acc-11e8-9add-bc5ff4c4d3e5

Error: (03/18/2018 05:46:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Golf With Your Friends.exe version 2017.3.0.63597 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: ef4

Start Time: 01d3bed889a921f5

Termination Time: 1060

Application Path: D:\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe

Report Id: e8989db9-2acb-11e8-9add-bc5ff4c4d3e5

Error: (03/18/2018 05:43:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.1.7601.23537 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: ae4

Start Time: 01d3bed71fdb74cd

Termination Time: 109

Application Path: C:\Windows\Explorer.EXE

Report Id:

Error: (03/18/2018 05:36:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (03/18/2018 06:47:14 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (03/18/2018 06:47:14 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (03/18/2018 06:47:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (03/18/2018 06:47:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Telemetry Container service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.

Error: (03/18/2018 06:47:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.

Error: (03/18/2018 06:46:50 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (03/18/2018 06:46:49 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (03/18/2018 05:34:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 17:32:34 on ‎18. ‎3. ‎2018 was unexpected.


CodeIntegrity:
===================================

Date: 2018-03-14 19:57:47.289
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\Modules\em001_64\1942\00\em001_64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 27%
Total physical RAM: 8155.46 MB
Available physical RAM: 5937.77 MB
Total Virtual: 16309.1 MB
Available Virtual: 13830.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:298.09 GB) (Free:253.04 GB) NTFS
Drive d: (Hry) (Fixed) (Total:931.41 GB) (Free:906.86 GB) NTFS

\\?\Volume{4ee31246-256c-11e8-bf71-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: E1D5EAA5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 65731BE9)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================