Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019 Ran by Tomasz (10-04-2019 14:50:40) Running from C:\Users\Tomasz\Desktop Windows 10 Home Version 1803 17134.648 (X64) (2018-12-19 11:36:16) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-631711126-3013529120-1671480071-500 - Administrator - Disabled) ASPNET (S-1-5-21-631711126-3013529120-1671480071-1002 - Limited - Enabled) DefaultAccount (S-1-5-21-631711126-3013529120-1671480071-503 - Limited - Disabled) defaultuser0 (S-1-5-21-631711126-3013529120-1671480071-1000 - Limited - Disabled) => C:\Users\defaultuser0 Guest (S-1-5-21-631711126-3013529120-1671480071-501 - Limited - Disabled) Tomasz (S-1-5-21-631711126-3013529120-1671480071-1001 - Administrator - Enabled) => C:\Users\Tomasz WDAGUtilityAccount (S-1-5-21-631711126-3013529120-1671480071-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-631711126-3013529120-1671480071-1001\...\uTorrent) (Version: 3.5.5.45146 - BitTorrent Inc.) 7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov) A Way Out (HKLM-x32\...\A Way Out_is1) (Version: - ) Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_1_2) (Version: 12.1.2 - Adobe Systems Incorporated) Adobe Reader XI (11.0.23) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated) Aktualizacje NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden ALLPlayer (wersja 8.4) (HKLM\...\{68972948-F221-4267-9EB6-2EB5D913C4CF}_is1) (Version: 8.4 - ALLPlayer Ltd.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Blade & Soul (HKLM-x32\...\{9C7ADD9B-0F54-4526-87E8-E739FBB91FD4}) (Version: 1.0.65.0 - NC Interactive, LLC) Blade & Soul Launcher Bundle (HKLM-x32\...\{fcb7b621-345c-46f2-a010-76a58c939d54}) (Version: 1.0.2.0 - NC Interactive, LLC) Hidden Corel Update Manager (HKLM-x32\...\{FB8387EF-D663-4152-A13E-6B963AC1052A}) (Version: 2.3 - Corel corporation) CORSAIR iCUE Software (HKLM-x32\...\{3DDA8C8B-7623-42DE-81C3-9E41CAD4F14A}) (Version: 3.9.93 - Corsair) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0650 - Disc Soft Ltd) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Discord (HKU\S-1-5-21-631711126-3013529120-1671480071-1001\...\Discord) (Version: 0.0.305 - Discord Inc.) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.67 - NVIDIA Corporation) Hidden Driving Test Success - All Tests V18/1 (Update 3) (HKLM-x32\...\{EF570A1B-7593-4EDB-8AF0-8041F2A7A81B}_is1) (Version: 21.0 - Imagitech Ltd.) EaseUS Partition Master 13.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS) EaseUS Todo Backup Free 11.5 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 11.5 - CHENGDU YIWO Tech Development Co., Ltd) FCE & CAE Course, Vocabulary Trainer (HKLM-x32\...\FCECAECourse_is1) (Version: - ) ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - ) FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts) ForHonor (HKLM-x32\...\Uplay Install 569) (Version: - Ubisoft) Gameforge Login MS2 (HKLM-x32\...\{703bd6d7-79c0-4005-8cd7-89522a05a546}_is1) (Version: 1.3.39 - Gameforge) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) Measuring.Online (HKU\S-1-5-21-631711126-3013529120-1671480071-1001\...\Measuring.Online) (Version: "6.2.0" - Measuring.Online) Microsoft .NET Core Runtime - 2.0.7 (x64) (HKLM-x32\...\{b7cb6538-e06d-4f16-ae77-f9d8b79960f5}) (Version: 2.0.7.26407 - Microsoft Corporation) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft OneDrive (HKU\S-1-5-21-631711126-3013529120-1671480071-1001\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт) Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26626 (HKLM-x32\...\{205ac6de-39ff-462b-8d58-7ca6ad1f0efa}) (Version: 14.15.26626.1 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26626 (HKLM-x32\...\{ea07c0c2-5f15-4558-9c18-a2fe7ce9bb8e}) (Version: 14.15.26626.1 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Mouse Server version 1.7.7.5 (HKLM-x32\...\{7AFAA880-BB05-4E38-9279-C53EECE1B7BE}_is1) (Version: 1.7.7.5 - Necta Inc.) MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team) Norton Secure VPN (HKLM-x32\...\Norton Secure VPN) (Version: 1.7.0.325 - Symantec Corporation) Norton Security (HKLM-x32\...\NGC) (Version: 22.17.0.183 - Symantec Corporation) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 3.18.0.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.94 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{B83FC356-B7C0-441F-8A4D-D71E088E7974}) (Version: 9.09.0428 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 419.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 419.67 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation) NVIDIA Sterownik graficzny 419.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 419.67 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) OpenOffice 4.1.6 (HKLM-x32\...\{F03D2388-158B-4F8A-B195-CBCA5F459197}) (Version: 4.16.9790 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 10.5.32.18460 - Electronic Arts, Inc.) Panel sterowania NVIDIA 419.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.67 - NVIDIA Corporation) Hidden Pinnacle 3D Title Editor (HKLM\...\{6FAF2C9C-BC59-4D36-9C33-1C7902F04D22}) (Version: 1.0.6.99 - Corel Corporation) Pinnacle MyDVD (HKLM\...\{28075128-C115-45CB-888A-4491A138A510}) (Version: 2.0.058 - Corel Corporation) Hidden Pinnacle MyDVD (HKLM-x32\...\{3A6DDDF3-4A04-47A4-A644-B9F489989750}) (Version: 2.0 - Pinnacle) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8228 - Realtek Semiconductor Corp.) Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.2.1.1780 - Samsung Electronics) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKU\S-1-5-21-631711126-3013529120-1671480071-1001\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH) The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 2.6.3.0 - Zenimax Online Studios) Trine 2 Complete Story-ROKA1969 version 2.0.0 (HKLM-x32\...\Trine 2 Complete Story-ROKA1969_is1) (Version: 2.0.0 - Frozenbyte) UE4 Prerequisites (x64) (HKLM\...\{F9EC45F9-074A-48BF-92E9-A8CADD56F693}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{EC4F72E8-52FE-454E-B70F-DBE5C0FA44C5}) (Version: 1.20.0.0 - Microsoft Corporation) Hidden Uplay (HKLM-x32\...\Uplay) (Version: 77.1 - Ubisoft) VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN) Warframe (HKLM-x32\...\{CFEFD536-1A5A-41EF-84A3-9944447125EC}) (Version: 1.0.0 - Digital Extremes) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-631711126-3013529120-1671480071-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} CustomCLSID: HKU\S-1-5-21-631711126-3013529120-1671480071-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed] CustomCLSID: HKU\S-1-5-21-631711126-3013529120-1671480071-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed] CustomCLSID: HKU\S-1-5-21-631711126-3013529120-1671480071-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed] CustomCLSID: HKU\S-1-5-21-631711126-3013529120-1671480071-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) [File not signed] CustomCLSID: HKU\S-1-5-21-631711126-3013529120-1671480071-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) [File not signed] CustomCLSID: HKU\S-1-5-21-631711126-3013529120-1671480071-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed] ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-10-22] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.0.183\NavShExt.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-10-22] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.0.183\NavShExt.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-10-22] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-03-17] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.0.183\NavShExt.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {118A7131-C94B-4287-9852-14A94AC40BED} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {2EAE878E-FAA3-4278-9916-1EDD4B414278} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.16.2.22\SymErr.exe Task: {36297A32-1849-41AA-BAB8-C68804EEBF5D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {3BC9DF58-F7F1-4C0E-AE2E-100FB785C96F} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.17.0.183\SymErr.exe (Symantec Corporation -> Symantec Corporation) Task: {3E7AA629-6744-4B45-9C77-E8E62215878C} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe (Symantec Corporation -> Symantec Corporation) Task: {5462940D-B8DC-4646-8812-047A4097B133} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe Task: {69930049-9A60-4E37-A45B-5B0A4623D023} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-7OVQERE-Tomasz => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated) Task: {710D309F-A342-49D2-8135-0C6A57879DA1} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.16.2.22\SymErr.exe Task: {724D5F2D-899C-45D7-BE3C-48CE63238EA2} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.17.0.183\WSCStub.exe (Symantec Corporation -> Symantec Corporation) Task: {758168EA-D68C-49A0-B1D4-7A556D394517} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {7C071866-2AC6-4492-9CE3-283CE71BDDF5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {86E3B643-910F-4D09-BC3A-DA072FDF1A4C} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {8ABD751B-8682-4D73-956F-667B04450E61} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.17.0.183\SymErr.exe (Symantec Corporation -> Symantec Corporation) Task: {8E94E9AA-84CA-4576-B27C-1CFA72E893E4} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures Task: {939BCFCD-5747-44E7-8F61-F4F173F75D07} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {9640FC71-9D58-4216-8FA8-8A20AC0564B1} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {A02FF17E-9984-4C51-80FF-B2B491A94698} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {A44532E3-4C34-4729-A5DB-708ACB6E9F3A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {A9518454-4D1F-4F90-B23E-5ED12B7F380E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {ADEEC641-1F12-4CAD-AB7C-D8F0A755D8DA} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.16.2.22\SymErr.exe Task: {AF849481-88F3-40F8-B5EE-452FA9A00AD1} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {C1B1D183-3D5F-433D-8DF2-70E58E86D387} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.) Task: {D4BB6887-5B68-4822-A595-C4C4D4945EC8} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {D9AC4A47-387B-4716-A5DD-259440B0F909} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {E4F53927-3FD6-4524-95F3-4F29E9521185} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {E59B83F0-E4F7-4DDE-9B61-733108C25A39} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.17.0.183\SymErr.exe (Symantec Corporation -> Symantec Corporation) Task: {FDD37431-3512-4539-8B60-5A7F6B38D7B9} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe (Corel Corporation -> Corel Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2018-12-28 16:24 - 2018-04-30 13:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll 2018-12-18 12:47 - 2018-01-24 10:46 - 000520704 _____ (wifimouse.necta.us) [File not signed] C:\Program Files (x86)\Mouse Server\MouseServer.exe 2018-12-18 12:47 - 2018-01-24 10:46 - 000226816 _____ () [File not signed] C:\Program Files (x86)\Mouse Server\Mouse Server Luminati.exe 2018-09-24 10:31 - 2018-09-24 10:31 - 001415168 _____ (CPUID) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\cpuidsdk.dll 2018-09-24 10:31 - 2018-09-24 10:31 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll 2018-12-18 13:34 - 2008-11-25 18:18 - 000892928 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\iconv.dll 2018-12-18 13:34 - 2016-03-07 19:08 - 001291264 _____ () [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll 2018-12-18 13:34 - 2004-10-05 04:08 - 000055808 _____ () [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll 2018-12-18 12:43 - 2018-12-18 12:43 - 001177600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll 2018-12-18 12:43 - 2018-12-18 12:43 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll 2018-12-18 12:43 - 2018-12-18 12:43 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2018-12-18 12:43 - 2018-12-18 12:43 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll 2018-12-18 12:43 - 2018-12-18 12:43 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll 2018-12-18 12:43 - 2018-12-18 12:43 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll 2018-12-18 12:43 - 2018-12-18 12:43 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2018-12-18 12:43 - 2018-12-18 12:43 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll 2018-12-18 12:47 - 2018-01-24 10:46 - 000117248 _____ (wifimouse.necta.us) [File not signed] C:\Program Files (x86)\Mouse Server\BluetoothAdapter.dll 2018-12-13 12:21 - 2018-12-13 12:21 - 000043520 _____ () [File not signed] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libUbiCustomEvent.dll 2018-12-13 12:21 - 2018-12-13 12:21 - 085372416 _____ () [File not signed] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libcef.dll 2018-12-13 12:21 - 2018-12-13 12:21 - 000518144 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\chrome_elf.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [122] AlternateDataStreams: C:\Users\Tomasz\AppData\Roaming:74ebd0c58b2c3276bb2748f70ddc83e9 [0] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-07-16 12:47 - 2019-04-10 10:34 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-631711126-3013529120-1671480071-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomasz\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\20190323_124910.jpg DNS Servers: 194.168.4.100 - 194.168.8.100 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. HKLM\...\StartupApproved\Run32: => "CORSAIR iCUE Software" HKU\S-1-5-21-631711126-3013529120-1671480071-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-631711126-3013529120-1671480071-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_129036AB80075C221A3D54AF8051E6B3" HKU\S-1-5-21-631711126-3013529120-1671480071-1001\...\StartupApproved\Run: => "SurfEasy" HKU\S-1-5-21-631711126-3013529120-1671480071-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-631711126-3013529120-1671480071-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-631711126-3013529120-1671480071-1001\...\StartupApproved\Run: => "Akamai NetSession Interface" HKU\S-1-5-21-631711126-3013529120-1671480071-1001\...\StartupApproved\Run: => "ALLUpdate" HKU\S-1-5-21-631711126-3013529120-1671480071-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{66B12EEF-7A34-4956-97D5-631FCD7207B9}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{038E441C-E506-465A-8EC7-4EEA2FA34D77}] => (Allow) C:\Users\Tomasz\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{78960BE1-97E4-4E9B-A3EE-336D8AE898D7}] => (Allow) C:\Users\Tomasz\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{EEA83AE5-C7A3-4858-B21E-85038C3FF69A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File FirewallRules: [{166489A6-AAC5-4755-95D6-95FD954FC941}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File FirewallRules: [{ECC4B5E4-47ED-45B9-A2E0-0BDC493AAADD}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) FirewallRules: [{A9AC8101-E744-43AF-B335-0559BD7F6E15}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) FirewallRules: [{00E0CF82-9D2C-4C79-8BF4-362FF5D21E23}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) FirewallRules: [{6F2837F6-EA4B-4B49-879F-2DC40F39A3E2}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) FirewallRules: [{F5FB9DAF-9F1D-46C7-8B3E-A5FB68E60987}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) FirewallRules: [{29F1F5A8-2824-4DA5-83F0-2AA612D60107}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) FirewallRules: [{F4C0F10A-8D82-48F6-AF95-B0A9380A4715}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{343EB07C-B652-43A5-A730-C36C7305A8C1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{8F16EC6E-44CE-4CF1-9205-28AFB447B01C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{71F2BD27-2203-463D-A2FC-EF2E6B2622BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{92F614F7-517A-421A-B7DE-3729366DBBEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe No File FirewallRules: [{6AF94695-09C8-4A6C-BC00-B3CF3B2EC603}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe No File FirewallRules: [{E6570752-D3E0-4BC3-8B5E-78975D774618}] => (Allow) F:\GRY\steamapps\common\Warframe\Warframe.exe No File FirewallRules: [{D817830D-C7CB-4F58-9BF3-8A7007811305}] => (Allow) F:\GRY\steamapps\common\Warframe\Warframe.x64.exe No File FirewallRules: [{907252EE-2A3E-45FE-AC73-55F913FBAF3D}] => (Allow) F:\GRY\steamapps\common\Warframe\Warframe.exe No File FirewallRules: [{AD93C05D-1138-483F-8925-4A4045848BE2}] => (Allow) F:\GRY\steamapps\common\Warframe\Warframe.x64.exe No File FirewallRules: [{F3EB3CEC-507D-4CEC-AC36-4B144BF9AE54}] => (Allow) F:\GRY\steamapps\common\Warframe\Tools\Launcher.exe No File FirewallRules: [{884529A6-6961-4CC3-9EC4-0BD5CA478461}] => (Allow) F:\GRY\steamapps\common\Warframe\Tools\RemoteCrashSender.exe No File FirewallRules: [{D4C81DC6-A6CA-4E6E-BE46-119B4C8AAD9A}] => (Allow) F:\GRY\steamapps\common\Warframe\Warframe.exe No File FirewallRules: [{CD505E51-C714-4974-BBD6-8B03B7E0557F}] => (Allow) F:\GRY\steamapps\common\Warframe\Warframe.x64.exe No File FirewallRules: [{255F1D58-3443-4198-A203-ACB92D8ADF30}] => (Allow) F:\GRY\steamapps\common\Warframe\Warframe.exe No File FirewallRules: [{D91F4956-6BE7-4E96-A2A7-B2A99EBE604E}] => (Allow) F:\GRY\steamapps\common\Warframe\Warframe.x64.exe No File FirewallRules: [{D1C24DA8-78A7-4922-82FA-5B79434884CF}] => (Allow) F:\GRY\steamapps\common\Warframe\Tools\Launcher.exe No File FirewallRules: [{BE2402CF-A4A0-4A81-B386-19C173DD4761}] => (Allow) F:\GRY\steamapps\common\Warframe\Tools\RemoteCrashSender.exe No File FirewallRules: [TCP Query User{B72FCB1C-71FC-41CE-AC50-0C9E22F3D283}C:\program files (x86)\norton secure vpn\client\norton secure vpn.exe] => (Allow) C:\program files (x86)\norton secure vpn\client\norton secure vpn.exe (Symantec Corporation -> Symantec Corporation) FirewallRules: [UDP Query User{34FD24E2-150F-4FBD-8163-17A0A059A9F5}C:\program files (x86)\norton secure vpn\client\norton secure vpn.exe] => (Allow) C:\program files (x86)\norton secure vpn\client\norton secure vpn.exe (Symantec Corporation -> Symantec Corporation) FirewallRules: [{BE0EE614-B40E-4FCD-81FC-AE7E3FD920E8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{D0CE9276-C127-46F7-A6A9-69108773A359}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{A1037C16-7A65-4A80-AB7C-8BAD4F9D913B}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\RM.exe No File FirewallRules: [{DED5749E-14A1-47C7-A6F6-DBDF0CD07EDF}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\RM.exe No File FirewallRules: [{20E231DE-05E8-4F40-80EC-E971012A3E99}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\NGStudio.exe No File FirewallRules: [{21405B8D-6C61-4146-81B9-9E8E4982B24F}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\NGStudio.exe No File FirewallRules: [{F3DE9581-7525-4AF3-8727-85C2DB4BA2E3}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\UMI.exe No File FirewallRules: [{466740A6-9598-4465-A709-38F3B4906397}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\UMI.exe No File FirewallRules: [{E4CF1BA9-734B-42B5-A8D9-4ACAEF5715D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DKOnline\DKonline.exe No File FirewallRules: [{C5645D60-60B8-4FCF-8A83-AA59DCB0082C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DKOnline\DKonline.exe No File FirewallRules: [TCP Query User{F11594D9-2996-47C6-8881-998A015BD858}C:\program files (x86)\mouse server\mouseserver.exe] => (Allow) C:\program files (x86)\mouse server\mouseserver.exe (wifimouse.necta.us) [File not signed] FirewallRules: [UDP Query User{6681B8F6-B830-40A2-908F-31976C952BEB}C:\program files (x86)\mouse server\mouseserver.exe] => (Allow) C:\program files (x86)\mouse server\mouseserver.exe (wifimouse.necta.us) [File not signed] FirewallRules: [TCP Query User{B6CF714B-3DE9-439D-9C56-D1FFE5543713}F:\gry\jump force-roka1969\jump_force\binaries\win64\jump_force-win64-shipping.exe] => (Block) F:\gry\jump force-roka1969\jump_force\binaries\win64\jump_force-win64-shipping.exe No File FirewallRules: [UDP Query User{D2FF7402-5B16-4D7C-82A4-82823A501B7E}F:\gry\jump force-roka1969\jump_force\binaries\win64\jump_force-win64-shipping.exe] => (Block) F:\gry\jump force-roka1969\jump_force\binaries\win64\jump_force-win64-shipping.exe No File FirewallRules: [TCP Query User{72A518C7-1871-4F47-BBE8-2EEB718379BD}C:\users\tomasz\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\tomasz\appdata\local\gamecenter\gamecenter.exe No File FirewallRules: [UDP Query User{2E21B8D8-6016-4331-AFE9-2D9BDB750ACB}C:\users\tomasz\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\tomasz\appdata\local\gamecenter\gamecenter.exe No File FirewallRules: [TCP Query User{AE985E5D-34AE-4B6E-AF28-A79D65F946AF}C:\program files (x86)\steam\steamapps\common\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed] FirewallRules: [UDP Query User{DA82A9BB-D9AF-4E30-B27D-2C08335955B5}C:\program files (x86)\steam\steamapps\common\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed] FirewallRules: [{C4D30313-2776-41AC-8552-361D38855893}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\JUMP FORCE\JUMP_FORCE.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{B394EAEE-6646-44F3-B274-A2190FE86D3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\JUMP FORCE\JUMP_FORCE.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{005A08BC-4B00-41E4-A6B3-6D2A5E8D2181}] => (Allow) F:\GRY\Fifa19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{B75250EB-1E71-463F-8CCA-AAF41A247398}] => (Allow) F:\GRY\Fifa19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [TCP Query User{43EA4E3A-B5B5-430C-9EFC-058BCCD70BE3}F:\gry\steamapps\common\bless online\binaries\win64\bless.exe] => (Allow) F:\gry\steamapps\common\bless online\binaries\win64\bless.exe No File FirewallRules: [UDP Query User{875B798B-06FA-48AA-A12E-6E324B61E1A5}F:\gry\steamapps\common\bless online\binaries\win64\bless.exe] => (Allow) F:\gry\steamapps\common\bless online\binaries\win64\bless.exe No File FirewallRules: [{B6A1C1B9-DFEE-41B5-9BE8-11BEE82ED75A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wolfenstein.II.The.New.Colossus\NewColossus_x64vk.exe (MachineGames Sweden AB) [File not signed] FirewallRules: [{FC878210-A81A-4B28-A3F2-F1679C966D5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wolfenstein.II.The.New.Colossus\NewColossus_x64vk.exe (MachineGames Sweden AB) [File not signed] FirewallRules: [{F82A2895-C4D1-4A97-A835-F9E74F8F057C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{037D0CB0-A25B-47BB-9274-76E2ABDF50A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{D4E5A268-11DF-4352-8765-1D166A9E60CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{6B600C52-89BE-444A-ACCE-782C4CEDBBCC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{B1EEF3F7-31E6-4FBE-A1DA-2E8C82F000E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Cycle\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe (YAGER Development GmbH) [File not signed] FirewallRules: [{0832F1FE-403D-4A2F-9C9A-248C7597EAE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Cycle\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe (YAGER Development GmbH) [File not signed] FirewallRules: [{988EA2B1-9C61-49FE-A91C-D470DC093E08}] => (Allow) F:\GRY\steamapps\common\Double Dragon Neon\bin\DoubleDragon.exe () [File not signed] FirewallRules: [{2D89EEE9-9A5F-46D2-91EF-34783DC17124}] => (Allow) F:\GRY\steamapps\common\Double Dragon Neon\bin\DoubleDragon.exe () [File not signed] FirewallRules: [{78C9B070-7271-48B6-B9D0-E40D86A45216}] => (Allow) C:\\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{416AB9F2-A08E-49AB-88A5-43C1B67D5FBE}] => (Allow) C:\\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{0CA2CADA-4AFC-436C-9673-9DE1D4AFDBFF}] => (Allow) C:\Users\Tomasz\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{187CB212-3CA2-4402-A022-C61DBC3C4FF5}] => (Allow) C:\\Downloaded\Public\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> ) FirewallRules: [{A663EE83-C9DB-4E30-A1E6-7BF960121A1C}] => (Allow) C:\\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{77EA36EA-C991-43F1-9776-17F57588D131}] => (Allow) C:\\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{5D8528B3-1592-4655-8CBE-E023539B322B}] => (Allow) C:\Users\Tomasz\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{4CA1C221-D886-46F5-9B5B-C1584721924F}] => (Allow) C:\\Downloaded\Public\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> ) FirewallRules: [{FAF8B769-1160-4DB0-B411-BB1469F52ACC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) ==================== Restore Points ========================= 05-04-2019 19:11:52 Windows Update 10-04-2019 08:57:27 Zainstalowany program DirectX ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (04/10/2019 10:20:25 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Users\Tomasz\AppData\Local\chromium\Application\chrome.exe". Nie można odnaleźć zestawu zależnego 63.0.3235.0,language="*",type="win32",version="63.0.3235.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (04/10/2019 08:31:30 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Users\Tomasz\AppData\Local\chromium\Application\chrome.exe". Nie można odnaleźć zestawu zależnego 63.0.3235.0,language="*",type="win32",version="63.0.3235.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (04/09/2019 02:21:51 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Users\Tomasz\AppData\Local\chromium\Application\chrome.exe". Nie można odnaleźć zestawu zależnego 63.0.3235.0,language="*",type="win32",version="63.0.3235.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (04/08/2019 06:44:01 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Users\Tomasz\AppData\Local\chromium\Application\chrome.exe". Nie można odnaleźć zestawu zależnego 63.0.3235.0,language="*",type="win32",version="63.0.3235.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (04/07/2019 07:02:12 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Users\Tomasz\AppData\Local\chromium\Application\chrome.exe". Nie można odnaleźć zestawu zależnego 63.0.3235.0,language="*",type="win32",version="63.0.3235.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (04/07/2019 06:38:40 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program SDScan.exe w wersji 2.7.64.191 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 2e18 Godzina rozpoczęcia: 01d4ed65689a7efd Godzina zakończenia: 5 Ścieżka aplikacji: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe Identyfikator raportu: 580d17ad-d454-4073-a796-d740f4b49d16 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (04/07/2019 06:02:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Trojan-Remover-13140-AsystentPobierania_2483683814.exe, wersja: 1.5.1.1, sygnatura czasowa: 0x2a425e19 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.17134.556, sygnatura czasowa: 0xadca2670 Kod wyjątku: 0x0eedfade Przesunięcie błędu: 0x001118a2 Identyfikator procesu powodującego błąd: 0xf0c Godzina uruchomienia aplikacji powodującej błąd: 0x01d4ed6341709c64 Ścieżka aplikacji powodującej błąd: E:\Trojan-Remover-13140-AsystentPobierania_2483683814.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\System32\KERNELBASE.dll Identyfikator raportu: 58e60cc5-ec09-4909-85f2-3b597d88799a Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (04/07/2019 06:02:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Trojan-Remover-13140-AsystentPobierania_2483683814.exe, wersja: 1.5.1.1, sygnatura czasowa: 0x2a425e19 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.17134.556, sygnatura czasowa: 0x319e0a75 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00023259 Identyfikator procesu powodującego błąd: 0xf0c Godzina uruchomienia aplikacji powodującej błąd: 0x01d4ed6341709c64 Ścieżka aplikacji powodującej błąd: E:\Trojan-Remover-13140-AsystentPobierania_2483683814.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\SYSTEM32\ntdll.dll Identyfikator raportu: 593805c7-bf46-4da3-80cd-a46714c84b00 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: System errors: ============= Error: (04/10/2019 10:37:00 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7OVQERE) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi DESKTOP-7OVQERE\Tomasz o identyfikatorze zabezpieczeń SID (S-1-5-21-631711126-3013529120-1671480071-1001) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (04/10/2019 10:36:35 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7OVQERE) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi DESKTOP-7OVQERE\Tomasz o identyfikatorze zabezpieczeń SID (S-1-5-21-631711126-3013529120-1671480071-1001) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (04/10/2019 10:31:05 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7OVQERE) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi DESKTOP-7OVQERE\Tomasz o identyfikatorze zabezpieczeń SID (S-1-5-21-631711126-3013529120-1671480071-1001) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (04/10/2019 10:30:27 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7OVQERE) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi DESKTOP-7OVQERE\Tomasz o identyfikatorze zabezpieczeń SID (S-1-5-21-631711126-3013529120-1671480071-1001) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (04/10/2019 10:21:55 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Launch do aplikacji serwera COM z identyfikatorem klasy CLSID Windows.SecurityCenter.WscBrokerManager i identyfikatorem aplikacji APPID Unavailable użytkownikowi NT AUTHORITY\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (04/10/2019 10:21:23 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7OVQERE) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi DESKTOP-7OVQERE\Tomasz o identyfikatorze zabezpieczeń SID (S-1-5-21-631711126-3013529120-1671480071-1001) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (04/10/2019 10:21:22 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7OVQERE) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi DESKTOP-7OVQERE\Tomasz o identyfikatorze zabezpieczeń SID (S-1-5-21-631711126-3013529120-1671480071-1001) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (04/10/2019 10:20:31 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7OVQERE) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Launch do aplikacji serwera COM z identyfikatorem klasy CLSID Windows.SecurityCenter.WscCloudBackupProvider i identyfikatorem aplikacji APPID Unavailable użytkownikowi DESKTOP-7OVQERE\Tomasz o identyfikatorze zabezpieczeń SID (S-1-5-21-631711126-3013529120-1671480071-1001) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Windows Defender: =================================== Date: 2019-02-16 12:24:14.086 Description: Skanowanie produktu Program antywirusowy Windows Defender zostalo zatrzymane przed ukonczeniem. Identyfikator skanowania: {0AD15062-8648-4D44-9BDD-B6E171D59328} Typ skanowania: Narzedzia chroniace przed zlosliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Uzytkownik: NT AUTHORITY\SYSTEM Date: 2019-02-07 15:54:14.030 Description: Skanowanie produktu Program antywirusowy Windows Defender zostalo zatrzymane przed ukonczeniem. Identyfikator skanowania: {787EE991-8DDF-4D19-AF6E-411DDD3EFAE5} Typ skanowania: Narzedzia chroniace przed zlosliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Uzytkownik: NT AUTHORITY\SYSTEM Date: 2019-02-07 15:01:24.325 Description: Skanowanie produktu Program antywirusowy Windows Defender zostalo zatrzymane przed ukonczeniem. Identyfikator skanowania: {4E477494-679B-44C1-A01A-289C29D9F89D} Typ skanowania: Narzedzia chroniace przed zlosliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Uzytkownik: NT AUTHORITY\SYSTEM Date: 2019-02-06 19:01:09.884 Description: Skanowanie produktu Program antywirusowy Windows Defender zostalo zatrzymane przed ukonczeniem. Identyfikator skanowania: {CD5C9242-AB31-4FE9-9804-4C92DA106EAD} Typ skanowania: Narzedzia chroniace przed zlosliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Uzytkownik: NT AUTHORITY\SYSTEM Date: 2019-02-06 18:46:43.600 Description: Skanowanie produktu Program antywirusowy Windows Defender zostalo zatrzymane przed ukonczeniem. Identyfikator skanowania: {50B59229-E12C-4069-889B-B67CD2FBD92A} Typ skanowania: Narzedzia chroniace przed zlosliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Uzytkownik: NT AUTHORITY\SYSTEM Date: 2019-02-10 08:12:37.113 Description: Produkt Program antywirusowy Windows Defender napotkal blad podczas próby aktualizacji podpisów. Nowa wersja podpisu: Poprzednia wersja podpisu: 1.285.1211.0 Zródlo aktualizacji: Serwer uslugi Microsoft Update Typ podpisu: Oprogramowanie antywirusowe Typ aktualizacji: Pelne Uzytkownik: NT AUTHORITY\SYSTEM Biezaca wersja aparatu: Poprzednia wersja aparatu: 1.1.15700.5 Kod bledu: 0x80240438 Opis bledu: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz Percentage of memory in use: 29% Total physical RAM: 16311.22 MB Available physical RAM: 11560.62 MB Total Virtual: 18743.22 MB Available Virtual: 11553.21 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:930.56 GB) (Free:506.87 GB) NTFS Drive d: (DTS All Tests v18-1) (CDROM) (Total:7.65 GB) (Free:0 GB) UDF Drive e: (Downloads) (Fixed) (Total:223.02 GB) (Free:28.2 GB) NTFS Drive f: (rezerwa) (Fixed) (Total:465.76 GB) (Free:398.11 GB) NTFS \\?\Volume{8b377102-eccb-43c1-8c7e-cdf4599c9f1a}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS \\?\Volume{60dd2cd0-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS \\?\Volume{60dd2cd0-0000-0000-0000-20c3e8000000}\ () (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS \\?\Volume{1a1643d4-cf89-42b3-8630-02730319438a}\ () (Fixed) (Total:0.09 GB) (Free:0.09 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 08B36166) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 60DD2CD0) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=930.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=473 MB) - (Type=27) ======================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: A36C9C95) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=0F Extended) ==================== End of Addition.txt ============================