Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02 Ran by Radek (10-02-2020 17:16:52) Running from C:\Users\dodom\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads Windows 10 Home Version 1909 18363.592 (X64) (2019-08-14 12:01:44) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2819741429-3857410540-1034053556-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2819741429-3857410540-1034053556-503 - Limited - Disabled) Guest (S-1-5-21-2819741429-3857410540-1034053556-501 - Limited - Disabled) Radek (S-1-5-21-2819741429-3857410540-1034053556-1002 - Administrator - Enabled) => C:\Users\dodom WDAGUtilityAccount (S-1-5-21-2819741429-3857410540-1034053556-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09} AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.321 - Adobe) Aktualizacje NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.62.16937 - Electronic Arts) Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Cheat Engine 6.8.1 (HKLM-x32\...\Cheat Engine 6.8.1_is1) (Version: - Cheat Engine) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1114 - Disc Soft Ltd) Discord (HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\Discord) (Version: 0.0.305 - Discord Inc.) Epic Games Launcher (HKLM-x32\...\{C1DEC9EF-012B-40E4-A5DD-350AAD153DCD}) (Version: 1.1.151.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FileViewPro (HKLM\...\FileViewPro_is1) (Version: 1.9.8.19 - Solvusoft Corporation) GIMP 2.10.14 (HKLM\...\GIMP-2_is1) (Version: 2.10.14 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: "1.0.0.10" - Rockstar Games) Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation) Intel(R) Network Connections 22.5.104.0 (HKLM\...\PROSetDX) (Version: 22.5.104.0 - Intel) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden Intel® Software Guard Extensions Platform Software (HKLM-x32\...\ARP_for_prd_SGX_1.7.102.37526) (Version: 1.7.102.37526 - Intel Corporation) Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc) League of Legends (HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) McAfee Internet Security (HKLM-x32\...\MSC) (Version: 16.0 R23 - McAfee, LLC.) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.67 - McAfee, LLC.) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft Office Professional 2016 - pl-pl (HKLM\...\ProfessionalRetail - pl-pl) (Version: 16.0.12430.20184 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\OneDriveSetup.exe) (Version: 19.232.1124.0005 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{756E195A-CB58-4B99-917F-0DDA0D881204}) (Version: 1.0.4.0 - Mojang) Movavi Screen Recorder 11 (HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\Movavi Screen Recorder 11) (Version: 11.0.0 - Movavi) MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.10 - MSI) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation) NVIDIA Sterownik graficzny 442.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.19 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12430.20120 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12430.20184 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.12430.20120 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 10.5.56.33908 - Electronic Arts, Inc.) Panel sterowania NVIDIA 442.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 442.19 - NVIDIA Corporation) Hidden Paradox Launcher v2 (HKLM\...\{AD1AD1C4-B5A1-44A8-858C-3EA459B4BDF4}) (Version: 2.0.0.0 - Paradox Interactive) Razer Chroma SDK (HKLM-x32\...\Razer Chroma SDK) (Version: 2.20.0 - Razer Inc.) Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.6.34.1043 - Razer Inc.) Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.4.1112.111915 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8264 - Realtek Semiconductor Corp.) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.3.112 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.2.5 - Rockstar Games) Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stellaris Lithoids Species v2.5.1 (HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\Stellaris Lithoids Species v2.5.1) (Version: - HOODLUM) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.10 - TeamSpeak Systems GmbH) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer) The Escapists 2 (HKLM-x32\...\The Escapists 2_is1) (Version: - ) TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team) Twitch (HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation) Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft) uTorrent Web (HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\utweb) (Version: 1.0.7 - BitTorrent, Inc.) WallpaperSuite (HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\WallpaperSuite) (Version: 1.0.0.1 - WallpaperSuite) Wargaming.net Game Center (HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\Wargaming.net Game Center) (Version: 19.8.0.7920 - Wargaming.net) WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) World of Tanks EU (HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net) Packages: ========= DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x64__8wekyb3d8bbwe [2020-01-30] (Microsoft Corporation) DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x86__8wekyb3d8bbwe [2020-01-30] (Microsoft Corporation) Dyktafon(Recorder Ones) -> C:\Program Files\WindowsApps\2568CaiJunhong.RecorderOnes_2.2.1.0_x64__nnrr2ryxcqq94 [2019-08-19] (Cai Junhong) [MS Ad] Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-10-23] (Facebook Inc) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2020-01-03] (0) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-10] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-10] (Microsoft Corporation) [MS Ad] Microsoft News - Wiadomości -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-17] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad] MSN Pogoda -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad] Sea of Thieves -> C:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.89.8738.2_x64__8wekyb3d8bbwe [2020-01-30] (ms-resource:PublisherDisplayName) Stellaris -> C:\Program Files\WindowsApps\ParadoxInteractive.Stellaris-MicrosoftStoreEdition_2.5.1.0_x64__zfnrdv2de78ny [2020-01-30] (Paradox Interactive) Usługi gier -> C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.23001.0_x64__8wekyb3d8bbwe [2020-01-31] (Microsoft Corporation) Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2019-11-30] (0) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2819741429-3857410540-1034053556-1002_Classes\CLSID\{F7B8E2CA-97DF-4974-BDF1-3D93EDC93A5E}\InprocServer32 -> C:\Users\dodom\AppData\Local\WallpaperSuite\WallpaperSuiteLib64.dll (WallpaperSuite) [File not signed] ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\dodom\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\dodom\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\dodom\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\dodom\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\dodom\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\dodom\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> ) ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2019-12-03] (McAfee, LLC. -> McAfee, LLC.) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dodom\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> ) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-01-18] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dodom\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> ) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-01-18] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dodom\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> ) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dodom\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> ) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-01-30] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2019-12-03] (McAfee, LLC. -> McAfee, LLC.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2017-12-22] (Beepa P/L) [File not signed] HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2017-12-22] (Beepa P/L) [File not signed] ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\dodom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default ==================== Loaded Modules (Whitelisted) ============= 2017-06-20 11:34 - 2017-06-20 11:34 - 000349696 _____ (Intel(R) Corporation) [File not signed] C:\Windows\system32\NCS2Setp.dll 2018-06-15 12:58 - 2018-06-15 12:58 - 000114688 _____ (WallpaperSuite) [File not signed] C:\Users\dodom\AppData\Local\WallpaperSuite\WallpaperSuiteLib64.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Public\AppData:CSM [476] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476] ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2017-09-29 14:46 - 2020-01-09 14:02 - 000000824 ____C C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\dodom\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\tapetarazer.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\StartupApproved\StartupFolder: => "Twitch.lnk" HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\StartupApproved\StartupFolder: => "MEGAsync.lnk" HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\StartupApproved\Run: => "Synapse3" HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\StartupApproved\Run: => "Steam" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{B8E7E0DA-128F-4091-9EC4-3671D9D3EBD7}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe No File FirewallRules: [{084B31E7-5B16-42FF-B59E-6704E6150F27}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe No File FirewallRules: [{C0D4660F-31BD-4F39-8696-5B355B1CCD39}] => (Allow) D:\Program Files\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [{5F86AB65-361F-48AC-A4A0-824446F87A67}] => (Allow) D:\Program Files\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [{A0D064E7-C9B5-47DF-931B-A9B2E837C58E}] => (Allow) D:\Program Files\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [{AFF9449C-2DFD-46A0-9249-74DB7FF28CBF}] => (Allow) D:\Program Files\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [{DBA35BCB-CE4A-41C0-B4B4-44308EB4D9DB}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC. -> McAfee, LLC.) FirewallRules: [{A7640413-FF4D-431F-88A5-2C23182BE233}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe No File FirewallRules: [{70C45C38-DE0E-4666-AC21-F1DF4AD7DD1F}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe No File FirewallRules: [{A38DD1A9-36CE-4842-AEC2-A511558CE2C5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{EFB3241A-EE85-48A6-9A4E-BC6BEA694962}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{E98A9D67-287D-4835-843A-8DA0FE600EBC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FE9D0FD7-0A78-4A86-989C-51AF94D6CB76}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{760BE635-424D-40EE-9C8F-866123DBA66B}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe No File FirewallRules: [{F05B675F-58FD-4E21-B444-6D0737878D5F}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe No File FirewallRules: [{1206C4FD-2CE5-41A7-8C03-8FB648CD72EE}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe No File FirewallRules: [{8E503F1A-0C3A-4D6E-95F8-BFD5A20705CC}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe No File FirewallRules: [{3DA21E81-27F0-4298-B855-6F3AF9783054}] => (Allow) D:\Steam\steamapps\common\Terraria\Terraria.exe No File FirewallRules: [{E9143454-C3CD-415D-8889-D9CF07F262D8}] => (Allow) D:\Steam\steamapps\common\Terraria\Terraria.exe No File FirewallRules: [{EC6ACEA2-BE42-4D07-A716-1431BC571CF9}] => (Allow) D:\Steam\steamapps\common\Business Tour\BusinessTour.exe No File FirewallRules: [{208119DB-5C37-4234-B52C-3979904B20B3}] => (Allow) D:\Steam\steamapps\common\Business Tour\BusinessTour.exe No File FirewallRules: [{9D8378A6-DA5F-4648-AFC2-72C17ED5F07D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{BFF8475B-2AE7-4A95-9859-9E680D2728E0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{E09080FD-DD19-47C8-BD28-C8527348DC5C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File FirewallRules: [{02FCCCD7-7FD5-491D-8B7F-374B849E6A56}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File FirewallRules: [TCP Query User{F65E851D-7F63-4F53-9830-11D234AACC56}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{66091489-98BD-4455-8E8A-4EA0B1B2DE73}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{18B120B4-3604-4494-A436-FEF880A603D0}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{99A3993E-6E76-4FFE-B4CC-CEFEF7239264}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{BCC1E491-03A6-423F-BA3E-0F4D2F4798B2}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe No File FirewallRules: [{828A0EBB-3E9B-4DA7-B5D7-9532DF396910}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe No File FirewallRules: [TCP Query User{BD9669A6-1317-43AF-9EF9-7C9DC39E799C}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe No File FirewallRules: [UDP Query User{ED138328-258D-4569-8881-1349AF48F0EB}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe No File FirewallRules: [TCP Query User{86BF4D71-BEE5-43E1-B263-50B4DFEB11E9}D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{EE240647-DCDE-4C8F-9FD7-014779B03265}D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{65A893B6-A404-4B1F-B21E-509510616E01}C:\users\dodom\appdata\local\gamerhash\miners\claymore_dual_v2\ethdcrminer64.gh] => (Block) C:\users\dodom\appdata\local\gamerhash\miners\claymore_dual_v2\ethdcrminer64.gh No File FirewallRules: [UDP Query User{A30B7BBA-7C7B-4AAB-9FDD-62A968A0B19F}C:\users\dodom\appdata\local\gamerhash\miners\claymore_dual_v2\ethdcrminer64.gh] => (Block) C:\users\dodom\appdata\local\gamerhash\miners\claymore_dual_v2\ethdcrminer64.gh No File FirewallRules: [TCP Query User{69D04622-00EF-49FB-8FF0-53716AA71471}C:\users\dodom\appdata\local\gamerhash\miners\claymore_cryptonote_cpu_v2\nscpucnminer64.gh] => (Block) C:\users\dodom\appdata\local\gamerhash\miners\claymore_cryptonote_cpu_v2\nscpucnminer64.gh No File FirewallRules: [UDP Query User{5BFFAFE7-06FE-487E-AB82-A3C9BC21F664}C:\users\dodom\appdata\local\gamerhash\miners\claymore_cryptonote_cpu_v2\nscpucnminer64.gh] => (Block) C:\users\dodom\appdata\local\gamerhash\miners\claymore_cryptonote_cpu_v2\nscpucnminer64.gh No File FirewallRules: [{D3F5E299-B8C9-44F7-97F0-47D861C3387C}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, LLC. -> McAfee, LLC.) FirewallRules: [{3E9DAE11-9F20-4A2D-ACF5-4AA502774195}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC. -> McAfee, LLC.) FirewallRules: [{33C6F1DA-D9FA-4F59-9335-F1FF6662D2CC}] => (Allow) C:\Users\dodom\AppData\Local\Programs\Opera\54.0.2952.51\opera.exe No File FirewallRules: [{482BCD80-760E-4AB7-A28E-EC1062C119FC}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe No File FirewallRules: [{3BEC37A7-6066-43F6-B8A6-236722FC313B}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe No File FirewallRules: [TCP Query User{204307BF-073B-4FCE-8FA7-90B05788F2B2}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [UDP Query User{C650ED5B-60D8-410F-8E29-F8B1EC52D138}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{9162B135-B38A-4E27-AAF2-24AA1A96941B}] => (Allow) D:\Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{F92F376F-89A6-4206-8FC7-CE6EECC264ED}] => (Allow) D:\Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{049F7080-F39B-4F7D-A37D-C25451B0B097}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{38DAA8C5-7CD5-4B45-BBF3-D85689B1E8BD}] => (Allow) D:\Program Files\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [{34B880AC-C8BF-44F1-9F45-255F6B4BAA10}] => (Allow) D:\Program Files\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [{E174E083-A9DF-4DCF-A0EA-30F00D05B55B}] => (Allow) D:\Program Files\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [{452D767D-42F2-493E-B9F8-60BDC60453C9}] => (Allow) D:\Program Files\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [{1E649B3C-F093-45FA-837D-7CBE08805DB5}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe No File FirewallRules: [{35FD8240-51EF-4DB4-88EF-35EB4A8999B1}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe No File FirewallRules: [{C51758B6-A9E2-4CE4-87E4-B771FBEA35B6}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe No File FirewallRules: [{ADB9E5D9-3EE9-4901-9414-3A6D2FF7A9D4}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe No File FirewallRules: [{529E9BC4-4983-4ACF-B017-A9A7524D17D7}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe No File FirewallRules: [{F2624751-C2FF-4BFC-AF4D-39615A573881}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe No File FirewallRules: [{2C4E2328-B7E2-4202-AB65-031349F2930D}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe No File FirewallRules: [{45CBCEDD-0412-4A4A-9555-F72A8FAA6814}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe No File FirewallRules: [{34E29138-6F73-4B50-B06D-D96FF9113511}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe No File FirewallRules: [{0D5839DE-25EE-4122-B186-559E1E0F1695}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe No File FirewallRules: [{BDA2148B-F6E7-4EAA-9AC6-08B07CBB4823}] => (Allow) C:\Users\dodom\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed] FirewallRules: [{5C7B3ED1-CB3C-42BD-93B7-D792D0897140}] => (Allow) C:\Users\dodom\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed] FirewallRules: [{EC8A83FE-0FC2-4E99-BA2A-B72959EE3994}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{77062D3F-BD58-46D0-8740-F93D59816AD5}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{00A035FD-E063-47DA-BFB0-3BAFBC2FF9CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{E2A3E6F7-0A5C-4048-8BDB-848EB01AD0C7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{D04B8C6F-7EEF-4D3E-94B6-A91DD1C465F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{0C83B8F3-F72A-48FF-A563-15A8EF626EC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A9C44AB0-AE63-47F7-B73E-46A23F784E0F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{81C65A75-95B5-4A13-BAB3-42B434A8FCE8}] => (Allow) D:\Program Files\SteamLibrary\steamapps\common\ARMA Cold War Assault\ColdWarAssault.exe (Bohemia Interactive a.s. -> ) FirewallRules: [{D7A13D2C-12B8-48CB-B80F-45CF56AFD69F}] => (Allow) D:\Program Files\SteamLibrary\steamapps\common\ARMA Cold War Assault\ColdWarAssault.exe (Bohemia Interactive a.s. -> ) FirewallRules: [{1668C876-797A-4C29-B9C6-0BBCD0E3816D}] => (Allow) D:\Program Files\SteamLibrary\steamapps\common\ARMA Cold War Assault\ColdWarAssaultPreferences.exe (Bohemia Interactive a.s. -> ) FirewallRules: [{5B51DD5D-50D5-4A0A-B95D-30AC6D6901F9}] => (Allow) D:\Program Files\SteamLibrary\steamapps\common\ARMA Cold War Assault\ColdWarAssaultPreferences.exe (Bohemia Interactive a.s. -> ) FirewallRules: [{492FA885-D3BB-47AF-900D-D3F9EEEA9B51}] => (Allow) D:\Program Files\SteamLibrary\steamapps\common\Conqueror's Blade\ConquerorsBladeSteamLoader.exe (Mail.Ru, LLC -> ) FirewallRules: [{22FD22C8-131C-4459-B416-FD06ED5DE43F}] => (Allow) D:\Program Files\SteamLibrary\steamapps\common\Conqueror's Blade\ConquerorsBladeSteamLoader.exe (Mail.Ru, LLC -> ) FirewallRules: [{4EC26272-4558-47FF-A84C-2DD64067AD05}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{8F37D29D-BB85-44C0-8C54-26E16F4ED66C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{D3727008-E22C-4202-823D-2F5F11AD829C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{E9E5111F-D655-4002-A317-1B609A2E1C9D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{7BC5B5F1-D697-49CE-905B-A01B27493BD7}] => (Allow) D:\Program Files\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{7F8EB79B-1B1A-498C-A163-A6722DCB5EA2}] => (Allow) D:\Program Files\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) ==================== Restore Points ========================= ATTENTION: System Restore is disabled (Total:118.64 GB) (Free:8.83 GB) (7%) ==================== Faulty Device Manager Devices ============ Name: Standardowa klawiatura PS/2 Description: Standardowa klawiatura PS/2 Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (Klawiatury standardowe) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Mysz Microsoft PS/2 Description: Mysz Microsoft PS/2 Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ======================== Application errors: ================== Error: (02/10/2020 05:12:33 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (15984,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (02/10/2020 05:02:15 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (10056,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (02/09/2020 09:03:34 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3296,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (02/09/2020 07:58:44 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (9584,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (02/09/2020 04:01:15 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (144,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (02/09/2020 03:48:23 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (18944,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (02/09/2020 03:34:19 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (18696,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (02/09/2020 03:28:33 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (12788,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. System errors: ============= Error: (02/09/2020 09:05:50 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-1OFQNBO) Description: Model DCOM odebrał błąd 1053 podczas próby uruchomienia usługi BcastDVRUserService_5f970f9 z argumentami Niedostępny w celu uruchomienia serwera: Windows.Media.Capture.Internal.AppCaptureShell Error: (02/09/2020 09:05:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa użytkownika DVR z gry i transmisja_5f970f9 z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (02/09/2020 09:05:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa użytkownika DVR z gry i transmisja_5f970f9. Error: (02/08/2020 12:46:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Origin Web Helper Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (02/08/2020 12:46:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi amdacpusrsvc z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (02/08/2020 12:46:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi amdacpksd z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (02/08/2020 12:30:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Origin Web Helper Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (02/08/2020 12:30:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi amdacpusrsvc z powodu następującego błędu: Nie można odnaleźć określonego pliku. CodeIntegrity: =================================== Date: 2020-02-10 16:52:17.124 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume6\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements. Date: 2020-02-10 16:52:17.120 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume6\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements. Date: 2020-02-10 16:52:17.114 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume6\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements. Date: 2020-02-10 16:52:17.110 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume6\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements. Date: 2020-02-10 16:52:17.099 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume6\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements. Date: 2020-02-09 19:47:39.027 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements. Date: 2020-02-09 19:47:39.023 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements. Date: 2020-02-09 19:47:39.011 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. 1.10 10/27/2017 Motherboard: Micro-Star International Co., Ltd. Z370 GAMING PLUS (MS-7B61) Processor: Intel(R) Core(TM) i5-8600 CPU @ 3.10GHz Percentage of memory in use: 40% Total physical RAM: 24536.65 MB Available physical RAM: 14704.39 MB Total Virtual: 28120.65 MB Available Virtual: 14758.76 MB ==================== Drives ================================ Drive c: (DyskSSD) (Fixed) (Total:118.64 GB) (Free:8.83 GB) NTFS Drive d: (DyskHDD) (Fixed) (Total:931.39 GB) (Free:81.3 GB) NTFS \\?\Volume{ab70abb2-939d-497e-9a3a-ab071aa869f7}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS \\?\Volume{3dcf93a7-18b7-b60b-7f81-39fb512c1568}\ () (Fixed) (Total:8.4 GB) (Free:0 GB) NTFS \\?\Volume{e5c89a8a-4059-481e-a748-61e9513fe8fb}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 119.2 GB) (Disk ID: 00000000) Partition: GPT. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 2. ==================== End of Addition.txt =======================