Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-08-2022 Ran by danio (14-08-2022 19:16:57) Running from C:\Users\danio\Downloads Microsoft Windows 10 Home Version 21H2 19044.1889 (X64) (2020-11-14 10:18:02) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-1154920763-2932199546-3421289638-500 - Administrator - Disabled) danio (S-1-5-21-1154920763-2932199546-3421289638-1001 - Administrator - Enabled) => C:\Users\danio Gość (S-1-5-21-1154920763-2932199546-3421289638-501 - Limited - Disabled) Konto domyślne (S-1-5-21-1154920763-2932199546-3421289638-503 - Limited - Disabled) test (S-1-5-21-1154920763-2932199546-3421289638-1002 - Administrator - Enabled) => C:\Users\test WDAGUtilityAccount (S-1-5-21-1154920763-2932199546-3421289638-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1154920763-2932199546-3421289638-1001\...\uTorrent) (Version: 3.5.5.46206 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov) Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1045-1033-7760-BC15014EA700}) (Version: 22.002.20191 - Adobe) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden BleachBit 4.4.2.2142 (HKLM-x32\...\BleachBit) (Version: 4.4.2.2142 - BleachBit) CPUID HWMonitor 1.46 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.46 - CPUID, Inc.) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.7.0.0333 - Disc Soft Ltd) Epic Games Launcher (HKLM-x32\...\{FAC47927-1A6A-4C6E-AD7D-E9756794A4BC}) (Version: 1.3.23.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.) FIFA 18 (HKLM-x32\...\FIFA 18_is1) (Version: - ) Fraps (HKLM-x32\...\Fraps) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 104.0.5112.81 - Google LLC) Grand Theft Auto The Trilogy The Definitive Edition MULTi13 - ElAmigos version 1.14296 (HKLM-x32\...\{0252849B-1062-4E48-9070-972264FE6197}_is1) (Version: 1.14296 - RockStar) HP Deskjet Ink Advant K209a-z All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{1415243E-E8F2-4260-8779-5B136C06BF8F}) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.5038 - Intel Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden LEGO Marvel Super Heroes 2 Infinity War (HKLM-x32\...\LEGO Marvel Super Heroes 2 Infinity War_is1) (Version: - ) Mafia Definitive Edition-FULL UNLOCKED version final (HKLM-x32\...\Mafia Definitive Edition-FULL UNLOCKED_is1) (Version: final - The) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 104.0.1293.54 - Microsoft Corporation) Microsoft Office Access MUI (English) 2010 (HKLM-x32\...\{90140000-0015-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Access MUI (Polish) 2010 (HKLM-x32\...\{90140000-0015-0415-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Access Setup Metadata MUI (English) 2010 (HKLM-x32\...\{90140000-0117-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (English) 2010 (HKLM-x32\...\{90140000-0016-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (Polish) 2010 (HKLM-x32\...\{90140000-0016-0415-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (English) 2010 (HKLM-x32\...\{90140000-00BA-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (Polish) 2010 (HKLM-x32\...\{90140000-00BA-0415-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (English) 2010 (HKLM-x32\...\{90140000-0044-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (Polish) 2010 (HKLM-x32\...\{90140000-0044-0415-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Language Pack 2010 - Polish/Polski (HKLM-x32\...\Office14.OMUI.pl-pl) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office O MUI (Polish) 2010 (HKLM-x32\...\{90140000-0100-0415-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2010 (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (Polish) 2010 (HKLM-x32\...\{90140000-00A1-0415-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (English) 2010 (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (Polish) 2010 (HKLM-x32\...\{90140000-001A-0415-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2010 (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (Polish) 2010 (HKLM-x32\...\{90140000-0018-0415-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Polish) 2010 (HKLM-x32\...\{90140000-001F-0415-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2010 (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2010 (HKLM-x32\...\{90140000-002C-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (Polish) 2010 (HKLM-x32\...\{90140000-002C-0415-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (English) 2010 (HKLM-x32\...\{90140000-0019-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (Polish) 2010 (HKLM-x32\...\{90140000-0019-0415-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (English) 2010 (HKLM\...\{90140000-002A-0409-1000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (Polish) 2010 (HKLM\...\{90140000-002A-0415-1000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (HKLM\...\{90140000-0116-0409-1000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2010 (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (Polish) 2010 (HKLM-x32\...\{90140000-006E-0415-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2010 (HKLM-x32\...\{90140000-0115-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office SharePoint Designer MUI (Polish) 2010 (HKLM-x32\...\{90140000-0017-0415-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (English) 2010 (HKLM-x32\...\{90140000-001B-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (Polish) 2010 (HKLM-x32\...\{90140000-001B-0415-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office X MUI (Polish) 2010 (HKLM-x32\...\{90140000-0101-0415-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft OneDrive (HKU\S-1-5-21-1154920763-2932199546-3421289638-1001\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30133 (HKLM-x32\...\{38b2c744-ad08-4d5b-91a2-3fb6f739ff3e}) (Version: 14.29.30133.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30133 (HKLM\...\{E699E009-1C3C-4E50-9B57-2B39F0954C7F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30133 (HKLM\...\{6CD9E9ED-906D-4196-8DC3-F987D2F6615F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30133 (HKLM-x32\...\{42667D2E-B054-46C1-9D46-2EE1332C14C1}) (Version: 14.29.30133 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30133 (HKLM-x32\...\{EC9807DE-B577-47B1-A024-0251805ACF24}) (Version: 14.29.30133 - Microsoft Corporation) Hidden Mortal Kombat XL (HKLM-x32\...\Mortal Kombat XL_is1) (Version: - ) Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 103.0.2 (x64 en-US)) (Version: 103.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 98.0.1 - Mozilla) MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team) MySQL Workbench 8.0 CE (HKLM\...\{90789BBF-2DB7-4B1F-AD36-B850B683376C}) (Version: 8.0.29 - Oracle Corporation) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NAPS2 6.1.2 (HKLM-x32\...\NAPS2 (Not Another PDF Scanner 2)_is1) (Version: - Ben Olden-Cooligan) Need for Speed - Rivals (HKLM-x32\...\Need for Speed - Rivals_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter) Need for Speed Heat MULTi2 - ElAmigos wersja 1.0 (HKLM-x32\...\{DDF337A3-EA55-4035-8357-488029937C78}_is1) (Version: 1.0 - EA Games) NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA Sterownik graficzny 497.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 497.09 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 10.5.111.50299 - Electronic Arts, Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9205.1 - Realtek Semiconductor Corp.) Remote Mouse version 3.007 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.007 - Remote Mouse) ROCCAT Lua Mouse Driver (HKLM-x32\...\{0F5183CD-4A86-43A4-8CAA-1045871F54DE}) (Version: 1.14 - ROCCAT) Hidden ROCCAT Lua Mouse Driver (HKLM-x32\...\InstallShield_{0F5183CD-4A86-43A4-8CAA-1045871F54DE}) (Version: 1.14 - ROCCAT) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.61.899 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.5.1 - Rockstar Games) Screaming Frog SEO Spider (HKLM\...\Screaming Frog SEO Spider) (Version: 16.7 - Screaming Frog Ltd) Shockwave (HKLM-x32\...\Shockwave) (Version: - ) Sprawdzanie kondycji komputera z systemem Windows (HKLM\...\{41E85393-7ED3-4C54-AC25-51F8CDF39CDF}) (Version: 3.6.2204.08001 - Microsoft Corporation) Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 104.0.1293.54 - Microsoft Corporation) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries GG 22.0.0 (HKLM\...\SteelSeries GG) (Version: 22.0.0 - SteelSeries ApS) The Elder Scrolls V Skyrim Legendary Edition version 1.9.32.8 (HKLM-x32\...\The Elder Scrolls V Skyrim Legendary Edition_is1) (Version: 1.9.32.8 - Mr DJ) The Sims Complete Collection (HKLM-x32\...\{F2527115-B8BF-4FDB-B5DA-5AADFB7C13E1}) (Version: - ) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.63.136.1010 - Electronic Arts Inc.) The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com) Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.1.70.1 (HKLM\...\VulkanRT1.1.70.1) (Version: 1.1.70.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.1.70.1 (HKLM\...\VulkanRT1.1.70.1-2) (Version: 1.1.70.1 - LunarG, Inc.) Hidden Wampserver32 3.2.6 (HKLM-x32\...\{wampserver32}_is1) (Version: 3.2.6 - Dominique Ottello aka Otomatic) Warblade (HKLM-x32\...\Warblade_is1) (Version: - EMV Software) Packages: ========= Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.34.1.0_x64__6rarf9sa4v8jt [2022-07-28] (Disney) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_137.1.291.0_x64__v10z8vjag6ke6 [2022-07-15] (HP Inc.) Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.19.0_neutral__8xx8rvfyw5nnt [2021-11-05] (Instagram) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad] Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10620.425.0_x64__8wekyb3d8bbwe [2022-07-31] (Microsoft Corporation) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-17] (Netflix, Inc.) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-01-17] (NVIDIA Corp.) Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-20] (Microsoft Corporation) Slack -> C:\Program Files\WindowsApps\91750D7E.Slack_4.27.154.0_x64__8she8kybcnzg4 [2022-06-30] (Slack Technologies Inc.) [Startup Task] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0 [2022-08-05] (Spotify AB) [Startup Task] ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1154920763-2932199546-3421289638-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\danio\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-01-21] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed] ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2017-12-15] (Disc Soft Ltd -> Disc Soft Ltd) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2017-12-15] (Disc Soft Ltd -> Disc Soft Ltd) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed] ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ceddadac8a2b489e\igfxDTCM.dll [2018-05-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvacig.inf_amd64_c2deeb28fe81e5cf\nvshext.dll [2022-08-13] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed] ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [File not signed] HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [File not signed] HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\danio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Daniel (chillifruit.com) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2" ShortcutWithArgument: C:\Users\danio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Zachary (zacharyhadlee.com) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1" ==================== Loaded Modules (Whitelisted) ============= 2018-12-01 13:33 - 2015-03-17 09:51 - 000375296 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL 2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll 2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll 2021-12-06 19:11 - 2022-07-19 18:23 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\GG\HIDDLL.dll 2021-12-06 19:11 - 2022-07-19 18:23 - 002284032 _____ (Holtek) [File not signed] C:\Program Files\SteelSeries\GG\ISPDLL.dll 2022-07-20 13:36 - 2022-07-15 16:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll 2018-12-21 16:45 - 2018-12-18 22:58 - 001404416 _____ (Remote Mouse) [File not signed] C:\Program Files (x86)\Remote Mouse\windows_api.dll 2021-09-19 17:07 - 2020-06-20 11:15 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll 2021-09-19 17:07 - 2020-06-20 11:15 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll 2021-09-19 17:07 - 2020-06-20 11:15 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2022-03-08 11:33 - 2020-06-20 11:15 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll 2022-03-08 11:33 - 2020-06-20 11:15 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll 2022-03-08 11:33 - 2020-06-20 11:15 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll 2022-03-08 11:33 - 2020-06-20 11:15 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll 2022-03-08 11:33 - 2020-06-20 11:15 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2022-03-08 11:33 - 2020-06-20 11:15 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2017-09-29 15:46 - 2022-01-22 19:30 - 000001050 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 smacznamicha.local #Local Site 127.0.0.1 www.smacznamicha.local #Local Site 127.0.0.1 localhost ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\ HKU\S-1-5-21-1154920763-2932199546-3421289638-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\danio\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper HKU\S-1-5-21-1154920763-2932199546-3421289638-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX" HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE" HKU\S-1-5-21-1154920763-2932199546-3421289638-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{B097CE86-84E1-416D-A438-6F81CC4B48F1}] => (Allow) D:\Gry\Sims 4\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) FirewallRules: [{B1A66546-75D1-44C7-B998-B74DE05AFB6C}] => (Allow) D:\Gry\Sims 4\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) FirewallRules: [{88AE565C-FE66-4CC2-BE01-49A48B18A768}] => (Allow) D:\Gry\Sims 4\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) FirewallRules: [{908B38F0-BEA3-450C-842F-3E09870E106C}] => (Allow) D:\Gry\Sims 4\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) FirewallRules: [UDP Query User{B16C0795-FDD3-4566-97C8-B800D5236C84}D:\gry\gtav\gta5.exe] => (Allow) D:\gry\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{D86FBEFF-F0C2-411C-92A6-17C728177FA0}D:\gry\gtav\gta5.exe] => (Allow) D:\gry\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{C8F308A5-6DB8-4808-98F9-0557DBA5EE55}D:\gry\gtav\gta5.exe] => (Allow) D:\gry\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{A0382CFF-F929-433F-A197-055B6746A592}D:\gry\gtav\gta5.exe] => (Allow) D:\gry\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{163147CB-2F70-423A-B8AB-148B91EF40C6}C:\users\danio\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\danio\appdata\local\microsoft\teams\current\teams.exe => No File FirewallRules: [TCP Query User{17C05B2F-731B-4FEA-9831-165D68962CBF}C:\users\danio\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\danio\appdata\local\microsoft\teams\current\teams.exe => No File FirewallRules: [UDP Query User{F53A37DA-4719-49EB-AE48-D77DD798EC44}C:\users\danio\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\danio\appdata\local\microsoft\teams\current\teams.exe => No File FirewallRules: [TCP Query User{2A913ACA-D081-4C24-817F-55797087445A}C:\users\danio\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\danio\appdata\local\microsoft\teams\current\teams.exe => No File FirewallRules: [{58F37697-BAB9-4CE2-A7FE-BF9A0B4E0DE2}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed] FirewallRules: [{C02272A8-BD14-4A30-A3AE-1A81E305CCCF}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed] FirewallRules: [{7F5CF148-70AE-424E-924D-EEE3A24C7163}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (remotemouse.net) [File not signed] FirewallRules: [{EB9E0AB3-1C08-4165-BD51-F3E5BC4E7B94}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (remotemouse.net) [File not signed] FirewallRules: [{A9C7A20E-9692-4EE8-9931-A3C81318BB54}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{59BF53F8-9F83-43C7-A2EB-52F2DBB8416A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [UDP Query User{0B968733-E48B-43BE-831C-BD3F7D008A4D}D:\gry\fifa 18\fifa18.exe] => (Allow) D:\gry\fifa 18\fifa18.exe (Electronic Arts -> Electronic Arts) FirewallRules: [TCP Query User{7630495D-298A-443F-AA6A-EA326DAE2C86}D:\gry\fifa 18\fifa18.exe] => (Allow) D:\gry\fifa 18\fifa18.exe (Electronic Arts -> Electronic Arts) FirewallRules: [UDP Query User{A5690A3C-3465-45DE-8BD2-95664E0C6FE6}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{A015AAB9-9ABB-41A3-A0C4-751A6B4F09A9}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{C24B4100-9516-481F-BBAB-B4821F7C5E89}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{3EDD5CA4-8C0E-469A-BF15-02F60B6C4DF4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{9BD83188-649E-4FE9-8907-7B7212312818}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Disc Soft Ltd -> Disc Soft Ltd) FirewallRules: [{AF2B1DA4-AEC1-4E56-8B85-49CA436A89B5}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe () [File not signed] FirewallRules: [{936A83B6-A6B0-43CE-A917-4B7966BE628C}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe () [File not signed] FirewallRules: [TCP Query User{B016BCCE-3F6F-43AE-8900-BA30C1D6835F}D:\gry\fifa 18\fifa18.exe] => (Allow) D:\gry\fifa 18\fifa18.exe (Electronic Arts -> Electronic Arts) FirewallRules: [UDP Query User{AB438E10-70DF-4CFA-8401-8E4533EB43FF}D:\gry\fifa 18\fifa18.exe] => (Allow) D:\gry\fifa 18\fifa18.exe (Electronic Arts -> Electronic Arts) FirewallRules: [TCP Query User{B5AD8E0D-B9AD-4F49-802C-C8FECAC88550}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{573816A3-A0FC-4579-8678-7EC50819803D}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{09F7C636-DAE9-4A0F-8E29-C31B58DEA6DC}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{D5243327-CB5B-4331-AE33-F240F26E68C4}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{89F8402E-9474-41CC-BED8-9A59DDD93E85}C:\program files (x86)\remote mouse\remotemouse.exe] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe (remotemouse.net) [File not signed] FirewallRules: [UDP Query User{4DE0475C-042F-4C84-A507-5AB57E5AE19E}C:\program files (x86)\remote mouse\remotemouse.exe] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe (remotemouse.net) [File not signed] FirewallRules: [{EA9E3405-1B4B-46A0-9459-7025FA7A2AAC}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [{070D554A-39E7-4170-8D05-3E97EC0F6EE5}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [TCP Query User{E61A323D-7D64-429A-B765-5AE193B4559D}C:\users\danio\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\danio\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC) FirewallRules: [UDP Query User{EA456626-8852-4654-9E1C-F85F2F4BEF64}C:\users\danio\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\danio\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC) FirewallRules: [{D9F5557F-B552-4380-A4A6-5BB566D25121}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{179ADCB8-507F-4E18-9336-72C220CB2DA0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{1CF721D8-8F56-477C-9834-50D97D69B1D6}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File FirewallRules: [{E2EE572F-D24F-42D9-A019-1CFC09124DF9}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File FirewallRules: [{6BAE0B44-1491-43D3-9774-CA8213914825}] => (Allow) C:\Users\danio\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{F6460179-E666-410B-84E8-860034934782}] => (Allow) C:\Users\danio\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [TCP Query User{E8BD6415-8FAB-4AAC-8F39-A66FD13EAFBA}D:\gry\gta trilogy the definitive edition\gta vice city - definitive edition\gameface\binaries\win64\vicecity.exe] => (Allow) D:\gry\gta trilogy the definitive edition\gta vice city - definitive edition\gameface\binaries\win64\vicecity.exe (Rockstar Games) [File not signed] FirewallRules: [UDP Query User{70D43AEE-1FF5-4A8F-93AD-860F1B5E31E7}D:\gry\gta trilogy the definitive edition\gta vice city - definitive edition\gameface\binaries\win64\vicecity.exe] => (Allow) D:\gry\gta trilogy the definitive edition\gta vice city - definitive edition\gameface\binaries\win64\vicecity.exe (Rockstar Games) [File not signed] FirewallRules: [TCP Query User{CDE79DCD-47AF-4E02-A822-CB926E8843E9}D:\gry\gta trilogy the definitive edition\gta san andreas - definitive edition\gameface\binaries\win64\sanandreas.exe] => (Allow) D:\gry\gta trilogy the definitive edition\gta san andreas - definitive edition\gameface\binaries\win64\sanandreas.exe (Rockstar Games) [File not signed] FirewallRules: [UDP Query User{DB88B376-494C-4397-842F-4910453BDC6A}D:\gry\gta trilogy the definitive edition\gta san andreas - definitive edition\gameface\binaries\win64\sanandreas.exe] => (Allow) D:\gry\gta trilogy the definitive edition\gta san andreas - definitive edition\gameface\binaries\win64\sanandreas.exe (Rockstar Games) [File not signed] FirewallRules: [TCP Query User{94D8AEB9-C467-4AA4-91C6-F18BDDBAAA68}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{26FF6DCD-3685-4ADA-B60C-5C223646D441}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{97F0CC8E-980C-4B80-BF0D-B7909C72B1AC}] => (Allow) C:\Program Files\WindowsApps\91750D7E.Slack_4.27.154.0_x64__8she8kybcnzg4\app\Slack.exe (Slack Technologies, Inc. -> Slack Technologies Inc.) FirewallRules: [{24E6E243-7FCC-428A-A145-FF97DB5AF52C}] => (Allow) C:\Program Files\WindowsApps\91750D7E.Slack_4.27.154.0_x64__8she8kybcnzg4\app\Slack.exe (Slack Technologies, Inc. -> Slack Technologies Inc.) FirewallRules: [{85D19FDA-D05E-46CC-A4EC-89C0312E4520}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D27939EA-FD51-470E-AB5A-D8542F54C894}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{03532848-73BE-472F-AE29-7B39C4E59918}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C391D2BC-C44A-4121-8E16-FD2749B74C64}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C2AA775B-9DDE-473E-A83B-DC27980DBA82}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{8BC0CC55-E23B-4624-89A4-EDF4AF0948B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{56EDCAD4-6054-4A3C-B254-DE3DD9D008D0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{81BEDBEF-E81F-4EF7-AD24-C438D8459766}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{E24ECBB0-B227-4B42-B7C8-CA52F31872B7}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{62ABE867-54DB-4496-97B6-EA2CD140EB65}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (08/14/2022 03:15:56 PM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Security Center failed to validate caller with error %1. System errors: ============= Error: (08/14/2022 03:05:31 PM) (Source: volsnap) (EventID: 25) (User: ) Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied. Error: (08/14/2022 02:28:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NDQV8T5) Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout. Error: (08/14/2022 02:28:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NDQV8T5) Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout. Error: (08/14/2022 02:28:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NDQV8T5) Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout. CodeIntegrity: =============== Date: 2022-08-14 16:02:38 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-08-14 15:37:02 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ceddadac8a2b489e\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-08-14 15:15:58 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: Insyde Corp. V1.18 10/21/2016 Motherboard: Acer Captain_SK Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz Percentage of memory in use: 33% Total physical RAM: 16252.22 MB Available physical RAM: 10867.52 MB Total Virtual: 18684.22 MB Available Virtual: 13111.2 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:118.64 GB) (Free:61.63 GB) (Model: KINGSTON RBU-SNS8152S3128GG2) NTFS Drive d: (HDD) (Fixed) (Total:931.51 GB) (Free:236.15 GB) (Model: TOSHIBA MQ01ABD100) NTFS \\?\Volume{d5c4bdd0-545a-48f5-b67f-271f5536322e}\ () (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS \\?\Volume{07f2d6f3-f75a-47cc-a61b-d40d7693dce0}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 6511427D) Partition: GPT. ========================================================== Disk: 1 (Size: 119.2 GB) (Disk ID: FE9C4AC7) Partition: GPT. ==================== End of Addition.txt =======================