Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2021 Ran by 100pki (14-06-2021 21:31:13) Running from C:\Users\100pki\Downloads Windows 10 Pro Version 20H2 19042.1052 (X64) (2021-04-21 21:07:28) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= 100pki (S-1-5-21-545209257-3661697882-1589067416-1004 - Limited - Enabled) => C:\Users\100pki Administrator (S-1-5-21-545209257-3661697882-1589067416-500 - Administrator - Disabled) DB0B64CDE43B473B8F75 (S-1-5-21-545209257-3661697882-1589067416-1003 - Limited - Enabled) DefaultAccount (S-1-5-21-545209257-3661697882-1589067416-503 - Limited - Disabled) Guest (S-1-5-21-545209257-3661697882-1589067416-501 - Limited - Disabled) Maciej (S-1-5-21-545209257-3661697882-1589067416-1001 - Administrator - Enabled) => C:\Users\Maciej WDAGUtilityAccount (S-1-5-21-545209257-3661697882-1589067416-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) AIR Xpand!2 (HKLM\...\{69A89482-FEC4-4E34-97F9-46BB287D0953}) (Version: 18.3.0.1447 - AIR Music Technology) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.22 - Advanced Micro Devices, Inc.) ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.2.17.0 - ASUSTek COMPUTER INC.) Hidden ASUS Aac_NBDT HAL (HKLM-x32\...\{2435bb94-1021-436a-966c-cccbc0b0b475}) (Version: 2.2.17.0 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.21 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Display Component (HKLM-x32\...\{c58f0770-46aa-4b41-a148-b9b73a1451f7}) (Version: 1.1.21 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.12 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Extension Card HAL (HKLM-x32\...\{22d0aa37-bb9b-4aab-bff1-cbf21f6ebfc9}) (Version: 1.0.12 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.2.0 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Headset Component (HKLM-x32\...\{443c1fe5-bd81-48e1-ab87-6fbcb9190990}) (Version: 1.2.0 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Motherboard HAL (HKLM\...\{D800D836-DE15-4B00-8273-521F022CD837}) (Version: 1.0.35 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Motherboard HAL (HKLM-x32\...\{9d1628d5-5b54-4ddf-acb0-a58a30ab69e6}) (Version: 1.0.35 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Odd Component (HKLM\...\{B5E322FB-C191-463E-BDDD-4F22290EDFDB}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Odd Component (HKLM-x32\...\{a29279dc-f417-4442-8225-4db77f7d35b5}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.03.20 - ASUSTek COMPUTER INC.) Hidden ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.1.9 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA VGA Component (HKLM-x32\...\{ff49cf5b-4847-4d00-b040-18a5b85a9f76}) (Version: 0.0.1.9 - ASUSTek COMPUTER INC. ) Hidden ASUS GLCKIO2 Driver (HKLM-x32\...\{548dd834-70c5-4426-8065-fbeabdd2bb5d}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.33 - ASUSTek COMPUTER INC.) Hidden ASUS Keyboard HAL (HKLM-x32\...\{43baebef-1237-4e88-be25-d3834308a0c6}) (Version: 1.0.33 - ASUSTek COMPUTER INC.) Hidden ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.28 - ASUSTeK Computer Inc.) Hidden ASUS MB Peripheral Products (HKLM-x32\...\{038234be-714c-499e-8c96-3303d1faa27b}) (Version: 1.0.28 - ASUSTeK Computer Inc.) Hidden ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.29 - ASUSTek COMPUTER INC.) Hidden ASUS Mouse HAL (HKLM-x32\...\{e3f99131-d5d0-4805-96a7-7e126e8295dd}) (Version: 1.0.29 - ASUSTek COMPUTER INC.) Hidden ASUS MousePad HAL (HKLM\...\{723B40A4-5BF2-4DC6-834A-2ADF75F3CF7E}) (Version: 1.0.1.0 - ASUSTek COMPUTER INC.) Hidden ASUS MousePad HAL (HKLM-x32\...\{35e76fdf-064d-4faf-b27d-ec11600fe5bc}) (Version: 1.0.1.0 - ASUSTek COMPUTER INC.) Hidden Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team) AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.07.51 - ASUSTeK Computer Inc.) AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.03.36 - ASUSTeK Computer Inc.) Hidden AURA Service (HKLM-x32\...\{229125a2-63e3-499c-9ceb-7355859b2b15}) (Version: 3.03.36 - ASUSTeK Computer Inc.) Avid Application Manager (HKLM\...\{DB470A08-EBBF-40F8-8950-0355F1E2F256}) (Version: 18.6.0.18515 - Avid Technology, Inc.) Avid Cloud Client Services (HKLM\...\{66E7D4F4-F044-428D-A734-59138A626A52}) (Version: 2.4.0.15 - Avid Technology, Inc.) Avid Effects (HKLM\...\{F53B2C5A-9739-425A-B74C-E8D94DF2EFB5}) (Version: 18.7.0.201 - Avid Technology, Inc.) Backup and Sync from Google (HKLM\...\{3CBE1074-3A4F-4BA6-95E3-7A660B54FE33}) (Version: 3.55.3625.9414 - Google, Inc.) Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.79 - Piriform) ENE RGB HAL (HKLM\...\{095C8467-BF29-4384-B727-1C36ED8BC704}) (Version: 1.00.08 - Ene Tech.) Hidden ENE RGB HAL (HKLM-x32\...\{164b6011-4720-403c-8ee0-dae7640cce9f}) (Version: 1.00.08 - Ene Tech.) Hidden Focusrite Control 3.4.4 (HKLM\...\Focusrite Control_is1) (Version: 3.4.4 - Focusrite Audio Engineering Ltd.) Focusrite Thunderbolt 4.25.0.335 (HKLM\...\Focusrite Thunderbolt_is1) (Version: 4.25.0.335 - Focusrite Audio Engineering Ltd.) Focusrite USB 4.63.24.564 (HKLM\...\Focusrite USB_is1) (Version: 4.63.24.564 - Focusrite Audio Engineering, Ltd.) GALAX GAMER RGB (HKLM\...\{06A16AA8-BBA7-4362-962E-16651962D87C}) (Version: 1.00.02 - Galaxy Microsystems Ltd.) Hidden GALAX GAMER RGB (HKLM-x32\...\{1257fdeb-ffa3-4e17-9d4b-189075ea3656}) (Version: 1.00.02 - Galaxy Microsystems Ltd.) Gameloop (HKLM-x32\...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.77 - Google LLC) LibreOffice 6.4.5.2 (HKLM\...\{F42D92D2-9C9A-478B-A676-7B69B740F19A}) (Version: 6.4.5.2 - The Document Foundation) Malwarebytes version 4.4.0.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 - Malwarebytes) Melodyne 4 (HKLM-x32\...\{16DF894D-FC3F-4B87-908D-671E201CD7A8}) (Version: 4.02.0401 - Celemony Software GmbH) Melodyne Runtime 4.1 (x64) (HKLM\...\{721E4E34-AF7C-4345-93F9-282CCC8CCCB5}) (Version: 1.0.2 - Celemony Software GmbH) Microsoft 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 16.0.14026.20270 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.48 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.083.0425.0003 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.9.5 - Notepad++ Team) NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation) NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation) NVIDIA Graphics Driver 466.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.11 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation) NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20270 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20270 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.5.100.48178 - Electronic Arts, Inc.) osu! (HKLM-x32\...\{90c11f49-5b5c-458d-93a5-945c4a83d52a}) (Version: latest - ppy Pty Ltd) PACE License Support Win64 (HKLM\...\{962626E7-CFC9-4dfe-87AB-6FD7FCAE5C4B}) (Version: 5.1.1.2937 - PACE Anti-Piracy, Inc.) Hidden PACE License Support Win64 (HKLM-x32\...\InstallShield_{962626E7-CFC9-4dfe-87AB-6FD7FCAE5C4B}) (Version: 5.1.1.2937 - PACE Anti-Piracy, Inc.) Patriot Viper RGB (HKLM\...\{E42E13B0-071E-49C1-B1CC-58198E82F302}) (Version: 1.00.06 - Patriot Memory) Hidden Patriot Viper RGB (HKLM-x32\...\{72d8889e-2136-423e-b16f-aa8db820adad}) (Version: 1.00.06 - Patriot Memory) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8666 - Realtek Semiconductor Corp.) Spotify (HKU\S-1-5-21-545209257-3661697882-1589067416-1004\...\Spotify) (Version: 1.1.61.583.gad060c66 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.74.59.1030 - Electronic Arts Inc.) VidCutter (HKLM\...\{CCDC440A-CC57-4BED-8CDE-1DA285976A64}_is1) (Version: 6.0.0.0 - Pete Alexandrou) WhatsApp (HKU\S-1-5-21-545209257-3661697882-1589067416-1004\...\WhatsApp) (Version: 2.2121.7 - WhatsApp) Packages: ========= Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [0000-00-00] (Microsoft Studios) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [0000-00-00] (NVIDIA Corp.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.174.0_x64__dt26b99r8h8gj [0000-00-00] (Realtek Semiconductor Corp) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.083.0425.0003\FileSyncShell64.dll [2021-06-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.083.0425.0003\FileSyncShell64.dll [2021-06-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.083.0425.0003\FileSyncShell64.dll [2021-06-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.083.0425.0003\FileSyncShell64.dll [2021-06-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.083.0425.0003\FileSyncShell64.dll [2021-06-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.083.0425.0003\FileSyncShell64.dll [2021-06-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.083.0425.0003\FileSyncShell64.dll [2021-06-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.083.0425.0003\FileSyncShell64.dll [2021-06-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.083.0425.0003\FileSyncShell64.dll [2021-06-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.083.0425.0003\FileSyncShell64.dll [2021-06-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.083.0425.0003\FileSyncShell64.dll [2021-06-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.083.0425.0003\FileSyncShell64.dll [2021-06-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.083.0425.0003\FileSyncShell64.dll [2021-06-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.083.0425.0003\FileSyncShell64.dll [2021-06-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.083.0425.0003\FileSyncShell64.dll [2021-06-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2021-03-22] (Notepad++ -> ) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-28] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.083.0425.0003\FileSyncShell64.dll [2021-06-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.083.0425.0003\FileSyncShell64.dll [2021-06-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_fd6b823f03746fed\nvshext.dll [2021-04-13] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-28] (Malwarebytes Corporation -> Malwarebytes) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\100pki\Desktop\Jan (Janas) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2" ShortcutWithArgument: C:\Users\100pki\Desktop\Maciek - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default" ShortcutWithArgument: C:\Users\100pki\Desktop\Night (Janek) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1" ShortcutWithArgument: C:\Users\100pki\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge (2).lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default ==================== Loaded Modules (Whitelisted) ============= 2016-11-01 12:11 - 2016-11-01 12:11 - 000017408 _____ () [File not signed] C:\Program Files\Avid\Application Manager\FTF_JNI.dll 2016-11-10 14:34 - 2016-11-10 14:34 - 008419840 _____ () [File not signed] c:\program files\avid\application manager\jre\bin\server\jvm.dll 2021-06-14 15:23 - 2021-06-14 15:23 - 000152576 _____ () [File not signed] C:\Users\100pki\AppData\Local\Temp\ext8843411400831924492.dll 2016-11-10 14:34 - 2016-11-10 14:34 - 000153088 _____ (N/A) [File not signed] c:\program files\avid\application manager\jre\bin\java.dll 2016-11-10 14:34 - 2016-11-10 14:34 - 000030720 _____ (N/A) [File not signed] C:\Program Files\Avid\Application Manager\jre\bin\management.dll 2016-11-10 14:34 - 2016-11-10 14:34 - 000088576 _____ (N/A) [File not signed] C:\Program Files\Avid\Application Manager\jre\bin\net.dll 2016-11-10 14:34 - 2016-11-10 14:34 - 000054272 _____ (N/A) [File not signed] C:\Program Files\Avid\Application Manager\jre\bin\nio.dll 2016-11-10 14:34 - 2016-11-10 14:34 - 000128512 _____ (N/A) [File not signed] C:\Program Files\Avid\Application Manager\jre\bin\sunec.dll 2016-11-10 14:34 - 2016-11-10 14:34 - 000043008 _____ (N/A) [File not signed] c:\program files\avid\application manager\jre\bin\verify.dll 2016-11-10 14:34 - 2016-11-10 14:34 - 000071168 _____ (N/A) [File not signed] c:\program files\avid\application manager\jre\bin\zip.dll 2015-10-19 15:29 - 2015-10-19 15:29 - 001809920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Avid\Application Manager\LIBEAY32.dll 2015-10-19 15:29 - 2015-10-19 15:29 - 000349696 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Avid\Application Manager\ssleay32.dll 2018-06-19 12:25 - 2018-06-19 12:25 - 000045568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\bearer\qgenericbearer.dll 2018-06-19 12:25 - 2018-06-19 12:25 - 000047616 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\bearer\qnativewifibearer.dll 2018-06-19 12:26 - 2018-06-19 12:26 - 000049152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\imageformats\qdds.dll 2018-06-19 12:26 - 2018-06-19 12:26 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\imageformats\qgif.dll 2018-06-19 12:26 - 2018-06-19 12:26 - 000036864 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\imageformats\qicns.dll 2018-06-19 12:26 - 2018-06-19 12:26 - 000031232 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\imageformats\qico.dll 2018-06-19 12:26 - 2018-06-19 12:26 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\imageformats\qjpeg.dll 2018-06-19 12:26 - 2018-06-19 12:26 - 000023040 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\imageformats\qsvg.dll 2018-06-19 12:26 - 2018-06-19 12:26 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\imageformats\qtga.dll 2018-06-19 12:26 - 2018-06-19 12:26 - 000353792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\imageformats\qtiff.dll 2018-06-19 12:26 - 2018-06-19 12:26 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\imageformats\qwbmp.dll 2018-06-19 12:26 - 2018-06-19 12:26 - 000431104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\imageformats\qwebp.dll 2018-06-19 12:26 - 2018-06-19 12:26 - 001196544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\platforms\qwindows.dll 2018-06-19 12:34 - 2018-06-19 12:34 - 005551104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\Qt5Core.dll 2018-06-19 12:22 - 2018-06-19 12:22 - 005813760 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\Qt5Gui.dll 2018-06-19 12:22 - 2018-06-19 12:22 - 001065472 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\Qt5Network.dll 2018-06-19 12:22 - 2018-06-19 12:22 - 000217088 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\Qt5Positioning.dll 2018-06-19 12:22 - 2018-06-19 12:22 - 003054592 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\Qt5Qml.dll 2018-06-19 12:22 - 2018-06-19 12:22 - 003081216 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\Qt5Quick.dll 2018-06-19 12:22 - 2018-06-19 12:22 - 000310272 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\Qt5Svg.dll 2018-06-19 12:22 - 2018-06-19 12:22 - 000101376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\Qt5WebChannel.dll 2018-06-19 12:22 - 2018-06-19 12:22 - 061365248 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\Qt5WebEngineCore.dll 2018-06-19 12:22 - 2018-06-19 12:22 - 000198144 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\Qt5WebEngineWidgets.dll 2018-06-19 12:22 - 2018-06-19 12:22 - 000132608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\Qt5WebSockets.dll 2018-06-19 12:22 - 2018-06-19 12:22 - 005533184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\Qt5Widgets.dll 2018-06-19 12:22 - 2018-06-19 12:22 - 000194048 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Avid\Application Manager\Qt5Xml.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData:41A9361206244C4A [217] AlternateDataStreams: C:\ProgramData:FE7A89D8B9829A5E [217] AlternateDataStreams: C:\WINDOWS\System32:tdsrset_i.gfc [1455] AlternateDataStreams: C:\Users\All Users:41A9361206244C4A [217] AlternateDataStreams: C:\Users\All Users:FE7A89D8B9829A5E [217] ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== URLSearchHook: [S-1-5-21-545209257-3661697882-1589067416-1001] ATTENTION => Default URLSearchHook is missing BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-06-13] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-13] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-13] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-13] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-13] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-13] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-13] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-13] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-13] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-545209257-3661697882-1589067416-1004\Control Panel\Desktop\\Wallpaper -> c:\users\100pki\downloads\wallpaper2you_553487.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKU\S-1-5-21-545209257-3661697882-1589067416-1004\...\StartupApproved\StartupFolder: => "LibreOffice 6.4.lnk" HKU\S-1-5-21-545209257-3661697882-1589067416-1004\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-545209257-3661697882-1589067416-1004\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-545209257-3661697882-1589067416-1004\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-545209257-3661697882-1589067416-1004\...\StartupApproved\Run: => "Spotify" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [UDP Query User{FB8CD4E5-5092-480B-9301-143F7CAD785B}D:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\games\call of duty modern warfare\modernwarfare.exe => No File FirewallRules: [TCP Query User{A4CC5B95-9952-4FDA-BD08-D6871C8DBC83}D:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\games\call of duty modern warfare\modernwarfare.exe => No File FirewallRules: [{77CF24C4-B605-42A1-B349-6DFE4C8855B0}] => (Allow) c:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{B2B03AF4-5C7C-4C47-9F52-26D1DCE260D3}] => (Allow) c:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{FC1A351B-9216-4C1B-92B3-4EE87CEED05E}] => (Allow) c:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{5381BEF0-7552-452A-AFCF-CCE8D0ED19E6}] => (Allow) c:\program files\txgameassistant\ui\adb.exe () [File not signed] FirewallRules: [{45303D1D-690D-498B-9468-9D63F9138611}] => (Allow) c:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{CADAD208-9F0F-4FE9-9715-2BD56580AAC7}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{29A4FBF6-4C98-4625-AE1F-C11CA4D8C1C5}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{C995FBA9-8E11-4B35-8127-874E4DE9166A}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{EA528482-E54C-462D-93D0-D636AC86AA3E}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{0859279B-B8E6-448F-97B6-A05A57CB1556}] => (Allow) c:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{7D75216F-15FD-4C2D-BC34-91E87506DB5B}] => (Allow) c:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{3F0AB89A-0316-45C6-8B81-106BEB86DB2C}] => (Allow) c:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{961747F3-E3A1-42FB-BF5B-07FA8CD1D299}] => (Allow) c:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司) FirewallRules: [{F99C5D0E-48D9-44B3-AB69-960CD6651E2D}] => (Allow) c:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{9C9FFD2B-5238-45E9-AC88-FEF7D2876C54}] => (Allow) c:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{A8627BA0-83F7-4097-BF66-FB2D4ACD58C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{67A91438-1A8C-49FE-B749-55992BA9342C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{15A9579D-BB69-4135-8F3D-24F13F80A98E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{8BDA9B53-E48B-4B17-B7B7-54D2EE4D19F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{1010EBAE-5E4A-479E-8C32-17E776D3605E}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed] FirewallRules: [{988B5E29-D478-4C7F-A4DF-D734993E733C}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed] FirewallRules: [{58C7AE34-EBB0-41CF-B0A2-D9A4C7BA79BC}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts Inc.) [File not signed] FirewallRules: [{382322E5-2A13-413C-AC62-F59117F295FF}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts Inc.) [File not signed] FirewallRules: [UDP Query User{8FF40117-C688-493E-9920-129EECB5CDFE}C:\program files\avid\pro tools first\protoolsfirst.exe] => (Allow) C:\program files\avid\pro tools first\protoolsfirst.exe (Avid Technology, Inc. -> Avid Technology, Inc.) FirewallRules: [TCP Query User{CD4AFA27-ABCC-4483-9D7C-FEA5C1D3116C}C:\program files\avid\pro tools first\protoolsfirst.exe] => (Allow) C:\program files\avid\pro tools first\protoolsfirst.exe (Avid Technology, Inc. -> Avid Technology, Inc.) FirewallRules: [{0AD984C3-650A-42DD-B75C-D7B78B9CF9D4}] => (Allow) C:\Program Files\Avid\Application Manager\AvidAppManHelper.exe (Avid Technology, Inc. -> Avid Technology, Inc.) FirewallRules: [{39247418-73C7-4C37-8750-5BD943245DD5}] => (Allow) C:\Program Files\Avid\Application Manager\AvidApplicationManager.exe (Avid Technology, Inc. -> Avid Technology, Inc.) FirewallRules: [{CF2F933A-CA86-410D-BFD0-983716B21B45}] => (Allow) C:\Program Files\Avid\Application Manager\jre\bin\java.exe FirewallRules: [{FAA6D162-D6E6-4F1A-BEB7-A61B55CDA73F}] => (Allow) C:\Program Files\Avid\Cloud Client Services\TransportClient.exe (Avid Technology, Inc. -> Avid Technology, Inc.) FirewallRules: [{72322027-66A3-4DB3-9A88-70F3AD41A758}] => (Allow) C:\Program Files\Avid\Cloud Client Services\Hub.exe (Avid Technology, Inc. -> Avid Technology, Inc.) FirewallRules: [{33382A95-CE63-4156-954C-F359A0756B79}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{02BCC98F-2A27-490F-9465-2627E780ADFC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{C749CD76-2B4C-4A47-AF88-B43E26210B68}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{77681301-AFE4-48C0-89DC-6C52C9AFAC28}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{C053A765-023A-46EC-9F41-CCDD1DBD5C9E}] => (Allow) C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe (Focusrite Audio Engineering Ltd.) [File not signed] FirewallRules: [{95579401-0300-441E-BDCA-08D6DC4C84C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{7403C465-B5FC-42D5-9AE1-0182A9252DC8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{5857DFC5-6DFA-4E59-A47D-552425B8B42E}C:\users\100pki\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\100pki\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{645D009D-9BDB-4DAB-A0F1-9176F3DAB226}C:\users\100pki\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\100pki\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{F2F9CA4B-50E8-4AFC-A9E9-4C915806CB13}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{4B7E9008-AD2F-427E-843C-58C2B6E3A437}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{CB932771-6582-45D2-83CC-95F76AAD1240}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{A7852E66-F3D5-4C2B-AE79-11D6AD461B5F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{0D6ABFFE-7701-48D6-BF91-1796A1550BE8}C:\users\100pki\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\100pki\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{8C2EE68E-3DF6-4354-BD0C-387EF3830D6B}C:\users\100pki\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\100pki\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{10B6856C-25C0-4969-B427-394DB1B057DD}] => (Allow) c:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{F922F58E-C2D1-4F83-9353-1A4DCD721046}] => (Allow) c:\program files\txgameassistant\ui\AndroidEmulatorEx.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{A1F6EE38-73BD-4DFC-8BD2-AEB19E1ED5FA}] => (Allow) c:\program files\txgameassistant\ui\AndroidEmulatorEn.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{7BC40E47-4CC2-4FD3-B972-0EC85DF2CDD2}] => (Allow) c:\program files\txgameassistant\ui\adb.exe () [File not signed] FirewallRules: [{C26D0718-B134-4B5E-A0E4-A72AD70D595B}] => (Allow) c:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{CA78ACF9-4012-420D-92E2-A128B931488E}] => (Allow) c:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{6063FD14-2A10-4861-8D13-39BE460A75E6}] => (Allow) c:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{2CE9C41F-7133-4742-A90D-6280FAD28509}] => (Allow) c:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{67C9B515-DAA5-45D3-94B5-402657013DCB}] => (Allow) c:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{DE1245E0-C6C4-4945-8FD6-449FF7441E97}] => (Allow) c:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司) FirewallRules: [{899232EB-E426-42A1-8460-E95DDA5F3DDF}] => (Allow) c:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{03C71BF8-8824-40BB-9085-B87CCE8AEB82}] => (Allow) c:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{2614E547-1953-448C-B707-7ED110F7AB08}] => (Allow) c:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{DCDF83AD-C5E0-4035-8AC6-3FF2C720F341}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts Inc.) [File not signed] FirewallRules: [{4F352429-AAD4-4336-AFD8-7B4FBAC14F66}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts Inc.) [File not signed] FirewallRules: [{8064DF68-7958-4944-9683-2A40BB72C6D4}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed] FirewallRules: [{7EE21954-6CA3-4235-8A89-28E5655CD7C3}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed] FirewallRules: [{50086B48-2961-486F-B70B-E514868CD9E5}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{34C905FB-2ACE-453E-B511-6ED37BFFF4E9}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [TCP Query User{D2522246-C71B-4F14-99B7-2865571CABD9}C:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\games\call of duty modern warfare\modernwarfare.exe => No File FirewallRules: [UDP Query User{75362E95-7D5B-49D4-93B1-2CE89ACEEF62}C:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\games\call of duty modern warfare\modernwarfare.exe => No File FirewallRules: [{1FBA8AC6-B07C-4F3D-8AB3-D3B6A8146352}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{14115A60-F6D2-4B12-93A4-6614BC411F78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{B1839CDE-5C48-4F7B-8411-0CAC32569F53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{BF6585B2-7B4A-465C-BE07-4FE06057F103}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{85ACCD3D-5D75-4BD0-A923-B51ED697FB9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{7CF2E993-E476-4FCE-9ECC-21F748A4973F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe (Edmund Mcmillen & Florian Himsl) [File not signed] FirewallRules: [{12CC4944-C02D-45C0-A867-5F37678B3578}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe (Edmund Mcmillen & Florian Himsl) [File not signed] FirewallRules: [{431408B2-1234-4E2D-9AF8-993E971934DE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{4E053384-EAEE-42F8-9528-F6B24B488910}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{201CD638-C258-4579-8AD7-4D8021750C40}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{51AED8BC-61C6-45E6-895C-B117EF40E860}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{67236DDB-631F-4C05-B2CB-F05B0D0E9C50}] => (Allow) C:\Users\Maciej\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{709F64EB-18FF-40E9-8DD9-851479E64B6A}] => (Allow) C:\Users\Maciej\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{E543F94C-2029-4F00-AF74-57FC6F42A7F8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Restore Points ========================= ATTENTION: System Restore is disabled (Total:465.13 GB) (Free:243.4 GB) (52%) Check "VSS" service ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (06/14/2021 03:59:21 PM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Security Center failed to validate caller with error %1. Error: (06/14/2021 03:58:20 PM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Security Center failed to validate caller with error %1. Error: (06/14/2021 03:57:20 PM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Security Center failed to validate caller with error %1. Error: (06/14/2021 03:56:20 PM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Security Center failed to validate caller with error %1. Error: (06/14/2021 03:55:20 PM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Security Center failed to validate caller with error %1. Error: (06/14/2021 03:54:20 PM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Security Center failed to validate caller with error %1. Error: (06/14/2021 03:53:20 PM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Security Center failed to validate caller with error %1. Error: (06/14/2021 03:52:20 PM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Security Center failed to validate caller with error %1. System errors: ============= Error: (06/14/2021 03:24:59 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-618BR9T) Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error: "2147942767" Happened while starting this command: C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} Error: (06/10/2021 01:01:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The LightingService service terminated unexpectedly. It has done this 1 time(s). Error: (06/09/2021 03:00:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The LightingService service terminated unexpectedly. It has done this 1 time(s). Error: (06/09/2021 03:00:03 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 23:08:30 on ‎08/‎06/‎2021 was unexpected. Error: (06/09/2021 02:59:54 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: ZARZĄDZANIE NT) Description: 3221225684A fatal error occurred processing the restoration data. Error: (06/08/2021 09:48:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The LightingService service terminated unexpectedly. It has done this 1 time(s). Error: (06/08/2021 09:48:30 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 21:47:11 on ‎08/‎06/‎2021 was unexpected. Error: (06/08/2021 09:48:21 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: ZARZĄDZANIE NT) Description: 3221225684A fatal error occurred processing the restoration data. Windows Defender: ================ Date: 2021-06-12 16:42:49 Description: Program antywirusowy Microsoft Defender scan has been stopped before completion. Scan Type: Narzędzia chroniące przed złośliwym oprogramowaniem Scan Parameters: Szybkie skanowanie Date: 2021-06-11 16:30:01 Description: Program antywirusowy Microsoft Defender scan has been stopped before completion. Scan Type: Narzędzia chroniące przed złośliwym oprogramowaniem Scan Parameters: Szybkie skanowanie Date: 2021-06-10 17:26:42 Description: Program antywirusowy Microsoft Defender scan has been stopped before completion. Scan Type: Narzędzia chroniące przed złośliwym oprogramowaniem Scan Parameters: Szybkie skanowanie Date: 2021-06-10 17:07:30 Description: Program antywirusowy Microsoft Defender scan has been stopped before completion. Scan Type: Narzędzia chroniące przed złośliwym oprogramowaniem Scan Parameters: Szybkie skanowanie Date: 2021-06-09 16:38:24 Description: Program antywirusowy Microsoft Defender scan has been stopped before completion. Scan Type: Narzędzia chroniące przed złośliwym oprogramowaniem Scan Parameters: Szybkie skanowanie Date: 2021-06-04 11:05:02 Description: Program antywirusowy Microsoft Defender has encountered an error trying to update security intelligence. New security intelligence Version: 1.341.28.0 Previous security intelligence Version: 1.339.1950.0 Update Source: Użytkownik Security intelligence Type: Oprogramowanie antyszpiegowskie Update Type: Różnica Current Engine Version: 1.1.18200.4 Previous Engine Version: 1.1.18100.6 Error code: 0x80070666 Error description: Inna wersja tego produktu jest już zainstalowana na tym komputerze. Nie można kontynuować instalowania tej wersji. Aby skonfigurować lub usunąć istniejącą wersję tego produktu, użyj aplikacji Dodaj/Usuń Programy z Panelu sterowania. Date: 2021-06-04 11:05:02 Description: Program antywirusowy Microsoft Defender has encountered an error trying to update security intelligence. New security intelligence Version: 1.341.28.0 Previous security intelligence Version: 1.339.1950.0 Update Source: Użytkownik Security intelligence Type: Oprogramowanie antywirusowe Update Type: Różnica Current Engine Version: 1.1.18200.4 Previous Engine Version: 1.1.18100.6 Error code: 0x80070666 Error description: Inna wersja tego produktu jest już zainstalowana na tym komputerze. Nie można kontynuować instalowania tej wersji. Aby skonfigurować lub usunąć istniejącą wersję tego produktu, użyj aplikacji Dodaj/Usuń Programy z Panelu sterowania. Date: 2021-06-04 11:05:02 Description: Program antywirusowy Microsoft Defender has encountered an error trying to update the engine. New Engine Version: 1.1.18200.4 Previous Engine Version: 1.1.18100.6 Error Code: 0x80070666 Error description: Inna wersja tego produktu jest już zainstalowana na tym komputerze. Nie można kontynuować instalowania tej wersji. Aby skonfigurować lub usunąć istniejącą wersję tego produktu, użyj aplikacji Dodaj/Usuń Programy z Panelu sterowania. Date: 2021-05-13 16:54:24 Description: Program antywirusowy Microsoft Defender has encountered an error trying to update security intelligence. New security intelligence Version: 1.339.601.0 Previous security intelligence Version: 1.337.356.0 Update Source: Użytkownik Security intelligence Type: Oprogramowanie antyszpiegowskie Update Type: Różnica Current Engine Version: 1.1.18100.6 Previous Engine Version: 1.1.18100.5 Error code: 0x80070666 Error description: Inna wersja tego produktu jest już zainstalowana na tym komputerze. Nie można kontynuować instalowania tej wersji. Aby skonfigurować lub usunąć istniejącą wersję tego produktu, użyj aplikacji Dodaj/Usuń Programy z Panelu sterowania. Date: 2021-05-13 16:54:24 Description: Program antywirusowy Microsoft Defender has encountered an error trying to update security intelligence. New security intelligence Version: 1.339.601.0 Previous security intelligence Version: 1.337.356.0 Update Source: Użytkownik Security intelligence Type: Oprogramowanie antywirusowe Update Type: Różnica Current Engine Version: 1.1.18100.6 Previous Engine Version: 1.1.18100.5 Error code: 0x80070666 Error description: Inna wersja tego produktu jest już zainstalowana na tym komputerze. Nie można kontynuować instalowania tej wersji. Aby skonfigurować lub usunąć istniejącą wersję tego produktu, użyj aplikacji Dodaj/Usuń Programy z Panelu sterowania. ==================== Memory info =========================== BIOS: American Megatrends Inc. 5406 11/13/2019 Motherboard: ASUSTeK COMPUTER INC. PRIME X470-PRO Processor: AMD Ryzen 7 3700X 8-Core Processor Percentage of memory in use: 32% Total physical RAM: 32682.82 MB Available physical RAM: 21953.03 MB Total Virtual: 37546.82 MB Available Virtual: 23254.25 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.13 GB) (Free:243.4 GB) NTFS \\?\Volume{ed3dc1f8-38a7-478f-a5a2-a4d6342c9efa}\ (Recovery) (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS \\?\Volume{91348eff-71e6-4f54-953e-4c9736a666a9}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ==================== ==================== End of Addition.txt =======================