Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-04-2021 Ran by Widmowy Jack (05-05-2021 18:37:41) Running from C:\Users\Widmowy Jack\Downloads Windows 10 Pro Version 20H2 19042.928 (X64) (2020-11-12 21:46:59) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-992322469-3752856531-2472332681-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-992322469-3752856531-2472332681-503 - Limited - Disabled) Guest (S-1-5-21-992322469-3752856531-2472332681-501 - Limited - Disabled) Sebastian (S-1-5-21-992322469-3752856531-2472332681-1004 - Limited - Enabled) => C:\Users\Sebastian WDAGUtilityAccount (S-1-5-21-992322469-3752856531-2472332681-504 - Limited - Disabled) Widmowy Jack (S-1-5-21-992322469-3752856531-2472332681-1002 - Administrator - Enabled) => C:\Users\Widmowy Jack ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.445 - Adobe) Aplikacje Microsoft 365 dla przedsiębiorstw - pl-pl (HKLM\...\O365ProPlusRetail - pl-pl) (Version: 16.0.13929.20296 - Microsoft Corporation) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Call of Cthulhu: Dark Corners of the Earth (HKLM-x32\...\1189711155_is1) (Version: 1.0 - GOG.com) CCleaner (HKLM\...\CCleaner) (Version: 5.78 - Piriform) ChomikBox (HKLM-x32\...\{8E4185CC-4FF3-46B9-A4DB-5B850B71ABC4}) (Version: 2.0.8.2 - Chomikuj.pl) CPUID CPU-Z 1.94 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.94 - CPUID, Inc.) CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.) Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: 1.22 - GOG.com) Deluxe Ski Jump 2.1 (HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\Deluxe Ski Jump_is1) (Version: - Axel Springer Polska) Diablo II (HKLM-x32\...\Diablo II) (Version: - Blizzard Entertainment) Discord (HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\Discord) (Version: 0.0.309 - Discord Inc.) Enlisted Launcher 1.0.3.46 (HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\{5fcad5a5-d0d8-4edf-a5ba-040b397eac31}}_is1) (Version: - Gaijin Network) Epic Games Launcher (HKLM-x32\...\{DCE27B29-200D-491A-BBC5-98ECEFEC0843}) (Version: 1.1.257.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Final Fantasy VII - Ultima Edition (HKLM-x32\...\Final Fantasy VII_is1) (Version: - ) foobar2000 v1.4 (HKLM-x32\...\foobar2000) (Version: 1.4 - Peter Pawlowski) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) GOG.com Unreal Tournament GOTY (HKLM\...\{fa491d91-322c-4059-a1f7-4a79782edee8}.sdb) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.93 - Google LLC) Gothic (HKLM-x32\...\{DB858BBA-104E-40DD-BDC0-A12391F67C2E}) (Version: 1.08 - Piranha Bytes) Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music) Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1037 - Intel Corporation) Intel(R) Network Connections 22.5.104.0 (HKLM\...\PROSetDX) (Version: 22.5.104.0 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7263 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.8.0.1006 - Intel Corporation) IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan) K-Lite Codec Pack 14.3.6 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.3.6 - KLCP) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden LAV Filters 0.55.3 (HKLM-x32\...\lavfilters_is1) (Version: 0.55.3 - Hendrik Leppkes) Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes) Max Payne (HKLM-x32\...\{BF4EFBD3-57F1-4C4F-9484-6FCC18F735A7}) (Version: 1.00.000 - ) Metro 2033 Redux (HKLM-x32\...\1436434037_is1) (Version: 2.0.0.2 - GOG.com) Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.13929.20296 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.51 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 90.0.818.51 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\OneDriveSetup.exe) (Version: 21.062.0328.0001 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-992322469-3752856531-2472332681-1004\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\Teams) (Version: 1.3.00.13565 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation) Microsoft Visual Studio Code (User) (HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.52.1 - Microsoft Corporation) Mozilla Firefox 88.0 (x64 pl) (HKLM\...\Mozilla Firefox 88.0 (x64 pl)) (Version: 88.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.2 - Mozilla) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation) NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation) NVIDIA GeForce NOW 2.0.26.108 (HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.26.108 - NVIDIA Corporation) NVIDIA Graphics Driver 466.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.27 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation) NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20296 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20296 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13929.20216 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.13929.20216 - Microsoft Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.5.97.47554 - Electronic Arts, Inc.) Paradox Launcher v2 (HKLM\...\{986898D9-7C26-4E7F-814C-9B5472FA3209}) (Version: 2.0.0.0 - Paradox Interactive) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.) QuickMemoryTestOK (HKLM\...\QuickMemoryTestOK) (Version: - com) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8210 - Realtek Semiconductor Corp.) SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts) Skoki Narciarskie 2002 (HKLM-x32\...\{5E4EF02B-4C5F-4B35-AB77-41284456165A}) (Version: - ) Spotify (HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\Spotify) (Version: 1.1.57.443.ga029a6c4 - Spotify AB) STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.8.16162 - Electronic Arts) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk) Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.9267 - Microsoft Corporation) The Sims Pełna kolekcja (HKLM-x32\...\{F2527115-B8BF-4FDB-B5DA-5AADFB7C13E1}) (Version: - ) The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\1207658930_is1) (Version: 3.5.0.26 - GOG.com) The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com) Thunder Master v4.3 (HKLM\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 4.3.0.1 - Palit Microsystems Ltd.) Tixati (HKLM-x32\...\tixati) (Version: - ) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 104.0 - Ubisoft) Unreal Tournament GOTY (HKLM-x32\...\GOGPACKUT_is1) (Version: 2.0.0.5 - GOG.com) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden Video to Video (HKLM-x32\...\{7F95A744-78DA-4AED-A8F0-A0AF330B8411}_is1) (Version: - Media Converters) WiedŸmin Edycja Rozszerzona (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.4.5.1280 - CD Projekt Red) WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs) Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version: - DOSBox Team) Packages: ========= Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.8.401.0_x64__rz1tebttyb220 [2021-04-24] (Dolby Laboratories) Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.41.4100.0_x86__ytsefhwckbdv6 [2021-04-29] (G5 Entertainment AB) Lemmings -> C:\Program Files\WindowsApps\5627pcio.dk.Lemmings_1.0.0.2_neutral__mj32vzt7ysac2 [2020-03-24] (pcio.dk) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.4213.0_x64__8wekyb3d8bbwe [2021-04-29] (Microsoft Studios) [MS Ad] No Man's Sky -> C:\Program Files\WindowsApps\HelloGames.NoMansSky_3.38.6437.0_x64__bs190hzg1sesy [2021-04-30] (Hello Games) Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-07] (Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-992322469-3752856531-2472332681-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Widmowy Jack\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-992322469-3752856531-2472332681-1002_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Widmowy Jack\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programy\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => D:\Programy\WinCDEMU\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed] ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => D:\Programy\WinCDEMU\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed] ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programy\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed] ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2021-04-23] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programy\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => D:\Programy\WinCDEMU\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed] ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= 2021-04-28 20:56 - 2021-04-28 20:56 - 000051200 _____ () [File not signed] C:\Users\Widmowy Jack\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\aiohttp\_frozenlist.cp37-win32.pyd 2021-04-28 20:56 - 2021-04-28 20:56 - 000037888 _____ () [File not signed] C:\Users\Widmowy Jack\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\aiohttp\_helpers.cp37-win32.pyd 2021-04-28 20:56 - 2021-04-28 20:56 - 000204800 _____ () [File not signed] C:\Users\Widmowy Jack\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\aiohttp\_http_parser.cp37-win32.pyd 2021-04-28 20:56 - 2021-04-28 20:56 - 000034304 _____ () [File not signed] C:\Users\Widmowy Jack\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\aiohttp\_http_writer.cp37-win32.pyd 2021-04-28 20:56 - 2021-04-28 20:56 - 000022528 _____ () [File not signed] C:\Users\Widmowy Jack\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\aiohttp\_websocket.cp37-win32.pyd 2021-04-28 20:56 - 2021-04-28 20:56 - 000014848 _____ () [File not signed] C:\Users\Widmowy Jack\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\google\protobuf\internal\_api_implementation.cp37-win32.pyd 2021-04-28 20:56 - 2021-04-28 20:56 - 001055232 _____ () [File not signed] C:\Users\Widmowy Jack\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\google\protobuf\pyext\_message.cp37-win32.pyd 2021-04-28 20:56 - 2021-04-28 20:56 - 000034304 _____ () [File not signed] C:\Users\Widmowy Jack\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\multidict\_multidict.cp37-win32.pyd 2021-04-28 20:56 - 2021-04-28 20:56 - 000009728 _____ () [File not signed] C:\Users\Widmowy Jack\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\websockets\speedups.cp37-win32.pyd 2021-04-28 20:56 - 2021-04-28 20:56 - 000066560 _____ () [File not signed] C:\Users\Widmowy Jack\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\yarl\_quoting_c.cp37-win32.pyd 2021-03-29 17:02 - 2021-03-29 16:59 - 000051200 _____ () [File not signed] D:\Programy\GOG Galaxy\plugins\GalaxyPluginEpic\aiohttp\_frozenlist.cp37-win32.pyd 2021-03-29 17:02 - 2021-03-29 16:59 - 000037888 _____ () [File not signed] D:\Programy\GOG Galaxy\plugins\GalaxyPluginEpic\aiohttp\_helpers.cp37-win32.pyd 2021-03-29 17:02 - 2021-03-29 16:59 - 000204800 _____ () [File not signed] D:\Programy\GOG Galaxy\plugins\GalaxyPluginEpic\aiohttp\_http_parser.cp37-win32.pyd 2021-03-29 17:02 - 2021-03-29 16:59 - 000034304 _____ () [File not signed] D:\Programy\GOG Galaxy\plugins\GalaxyPluginEpic\aiohttp\_http_writer.cp37-win32.pyd 2021-03-29 17:02 - 2021-03-29 16:59 - 000022528 _____ () [File not signed] D:\Programy\GOG Galaxy\plugins\GalaxyPluginEpic\aiohttp\_websocket.cp37-win32.pyd 2021-03-29 17:02 - 2021-03-29 16:59 - 000034304 _____ () [File not signed] D:\Programy\GOG Galaxy\plugins\GalaxyPluginEpic\multidict\_multidict.cp37-win32.pyd 2020-07-20 21:11 - 2020-07-20 19:55 - 000061952 _____ () [File not signed] D:\Programy\GOG Galaxy\plugins\GalaxyPluginEpic\psutil\_psutil_windows.cp37-win32.pyd 2020-07-20 21:11 - 2020-07-20 19:55 - 000073216 _____ () [File not signed] D:\Programy\GOG Galaxy\plugins\GalaxyPluginEpic\yarl\_quoting.cp37-win32.pyd 2021-03-29 17:02 - 2021-03-29 16:59 - 000051200 _____ () [File not signed] D:\Programy\GOG Galaxy\plugins\GalaxyPluginXbox\aiohttp\_frozenlist.cp37-win32.pyd 2021-03-29 17:02 - 2021-03-29 16:59 - 000037888 _____ () [File not signed] D:\Programy\GOG Galaxy\plugins\GalaxyPluginXbox\aiohttp\_helpers.cp37-win32.pyd 2021-03-29 17:02 - 2021-03-29 16:59 - 000204800 _____ () [File not signed] D:\Programy\GOG Galaxy\plugins\GalaxyPluginXbox\aiohttp\_http_parser.cp37-win32.pyd 2021-03-29 17:02 - 2021-03-29 16:59 - 000034304 _____ () [File not signed] D:\Programy\GOG Galaxy\plugins\GalaxyPluginXbox\aiohttp\_http_writer.cp37-win32.pyd 2021-03-29 17:02 - 2021-03-29 16:59 - 000022528 _____ () [File not signed] D:\Programy\GOG Galaxy\plugins\GalaxyPluginXbox\aiohttp\_websocket.cp37-win32.pyd 2021-03-29 17:02 - 2021-03-29 16:59 - 000034304 _____ () [File not signed] D:\Programy\GOG Galaxy\plugins\GalaxyPluginXbox\multidict\_multidict.cp37-win32.pyd 2020-04-30 21:30 - 2020-04-30 09:57 - 000073216 _____ () [File not signed] D:\Programy\GOG Galaxy\plugins\GalaxyPluginXbox\yarl\_quoting.cp37-win32.pyd 2009-09-16 19:44 - 2009-09-16 19:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll 2009-09-16 19:45 - 2009-09-16 19:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll 2009-09-16 12:44 - 2009-09-16 12:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll 2009-09-16 19:45 - 2009-09-16 19:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll 2017-02-12 02:28 - 2015-09-28 20:08 - 000255488 _____ (Sysprogs OU) [File not signed] D:\Programy\WinCDEMU\x64\WinCDEmuContextMenu.dll 2020-02-09 22:06 - 2020-03-16 15:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll 2020-02-09 22:06 - 2020-03-16 15:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll 2020-02-09 22:06 - 2020-02-09 22:05 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2021-04-24 12:25 - 2020-02-09 22:05 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll 2021-04-24 12:25 - 2020-02-09 22:05 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll 2021-04-24 12:25 - 2020-02-09 22:05 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll 2021-04-24 12:25 - 2020-02-09 22:05 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll 2021-04-24 12:25 - 2020-02-09 22:05 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2021-04-24 12:25 - 2020-02-09 22:05 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [7568] ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-992322469-3752856531-2472332681-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Widmowy Jack\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper HKU\S-1-5-21-992322469-3752856531-2472332681-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp DNS Servers: 79.175.192.28 - 79.175.208.28 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\StartupApproved\Run: => "ChomikBox" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{681578AD-0E1A-47AF-AC5D-E1D9E5FBC548}] => (Allow) D:\Programy\Steam\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [File not signed] FirewallRules: [{6C5AC9BC-C68A-49A9-824D-68309A580D2A}] => (Allow) D:\Programy\Steam\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [File not signed] FirewallRules: [{F1B3DFD8-CCD6-47BD-ADC0-EB6A6FE22D51}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{7564BD6C-DDF3-4173-8657-AFFFD26A6011}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [UDP Query User{6E7A842A-3596-46E7-92B4-D4CCDC417752}D:\gry\batman arkham asylum\batmanarkhamasylum\binaries\shippingpc-bmgame.exe] => (Allow) D:\gry\batman arkham asylum\batmanarkhamasylum\binaries\shippingpc-bmgame.exe (Rocksteady Studios Ltd) [File not signed] FirewallRules: [TCP Query User{0B71E16B-D5CE-44C5-8140-5E9E0A1736B6}D:\gry\batman arkham asylum\batmanarkhamasylum\binaries\shippingpc-bmgame.exe] => (Allow) D:\gry\batman arkham asylum\batmanarkhamasylum\binaries\shippingpc-bmgame.exe (Rocksteady Studios Ltd) [File not signed] FirewallRules: [{B353AC9F-F5F4-4CFF-ACE7-BB78D5F10275}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{15753C6F-A00E-43E1-BEB6-460280075D91}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{A29C7667-BCB6-4B73-93A3-8AE4E7CF83C3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{0C07E754-D044-48C5-8496-B48A152851B5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [UDP Query User{3DC9F202-52FA-4784-9976-F5745D389E06}D:\gry\wiedźmin 2\the witcher 2\bin\witcher2.exe] => (Allow) D:\gry\wiedźmin 2\the witcher 2\bin\witcher2.exe () [File not signed] FirewallRules: [TCP Query User{62F531C4-9667-4FF4-B7B9-D0BF49855236}D:\gry\wiedźmin 2\the witcher 2\bin\witcher2.exe] => (Allow) D:\gry\wiedźmin 2\the witcher 2\bin\witcher2.exe () [File not signed] FirewallRules: [{ACFD2DB0-D862-49C5-8E95-3C47B4410FDF}] => (Allow) D:\Gry\Sim City 5\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) FirewallRules: [{0035CE47-92DA-4AC6-A53E-96A046891A57}] => (Allow) D:\Gry\Sim City 5\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) FirewallRules: [{4D2CFDBD-1BF8-4B80-A4C5-F67D1DD1B3D4}] => (Allow) D:\Programy\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{1C607B16-A2B5-48ED-ABED-1F2B0FE33A8B}] => (Allow) D:\Programy\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{237E8CCC-571A-4C37-9D64-692D6AAA8969}] => (Allow) D:\Programy\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{A7847990-BEF5-4CCF-9227-9BD7BE143AEB}] => (Allow) D:\Programy\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{1A189056-3140-486D-86C3-C5D9E7E02507}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{95EEF394-153E-4700-80DF-DC9AB76AE709}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{AB73D03B-331D-43F6-865F-90711D984747}D:\programy\tixati\tixati.exe] => (Allow) D:\programy\tixati\tixati.exe (Tixati Software Inc. -> Tixati Software Inc.) FirewallRules: [UDP Query User{C9210371-D11D-4846-AF02-1B68D7B698AF}D:\programy\tixati\tixati.exe] => (Allow) D:\programy\tixati\tixati.exe (Tixati Software Inc. -> Tixati Software Inc.) FirewallRules: [TCP Query User{77B80500-D043-4266-8CBA-536AD601C12A}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{1652D2AA-BA03-4F6B-83C2-22E2D6E61222}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{DC448E55-9D0B-488F-8C61-483890C22E60}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe () [File not signed] FirewallRules: [{B2BA5249-672E-4841-BD8F-AFFE93C774B8}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe () [File not signed] FirewallRules: [TCP Query User{6DAC4483-9999-4B94-AA9E-5AA1A3BF88D4}C:\gry\cp2077\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\gry\cp2077\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.) FirewallRules: [UDP Query User{C1DE5FD0-D24C-4358-8B01-C7C128805F4D}C:\gry\cp2077\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\gry\cp2077\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.) FirewallRules: [TCP Query User{A8BDA347-C06A-4A77-B8C4-29D22AE01F81}C:\users\widmowy jack\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\widmowy jack\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [UDP Query User{9916256B-CDE9-468A-978C-7D2279A23A19}C:\users\widmowy jack\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\widmowy jack\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{3B350221-A624-43C7-8B64-1C3310EF5004}] => (Allow) D:\Programy\Steam\steamapps\common\Cry of Fear\CoFLaunchApp.exe (Team Psykskallar) [File not signed] FirewallRules: [{40EFFA35-2AA2-4F72-A90F-2283F47614C1}] => (Allow) D:\Programy\Steam\steamapps\common\Cry of Fear\CoFLaunchApp.exe (Team Psykskallar) [File not signed] FirewallRules: [{F2F4C970-4EE0-4642-AB3D-D5C8DA93CF32}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{5647B646-463D-4443-A844-12673F16397D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{7F4D5F2F-B4AA-47D8-9DA4-77480C968898}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{F2F20F8A-09C8-4DA9-B266-543639FDA1B2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{4338C08D-9E8C-4B8B-B968-211018A744EE}] => (Allow) D:\Programy\Steam\steamapps\common\Black Desert Online\BlackDesertLauncher.exe (PearlAbyss Corp. -> Pearlabyss) FirewallRules: [{35904C62-6C82-4755-AB46-69C2FD86D70D}] => (Allow) D:\Programy\Steam\steamapps\common\Black Desert Online\BlackDesertLauncher.exe (PearlAbyss Corp. -> Pearlabyss) FirewallRules: [TCP Query User{148BDD77-FAE5-46CD-9C2E-4588D325FE39}D:1\doometernalx64vk.exe] => (Allow) D:1\doometernalx64vk.exe => No File FirewallRules: [UDP Query User{BF707767-297D-49D9-88DC-0D9C1A3582A9}D:1\doometernalx64vk.exe] => (Allow) D:1\doometernalx64vk.exe => No File FirewallRules: [TCP Query User{AFC09040-1A3E-48B1-B79A-9F1A631F270F}D:2\doometernalx64vk.exe] => (Allow) D:2\doometernalx64vk.exe => No File FirewallRules: [UDP Query User{3C213DE0-3F7B-4FEC-BD12-0221A860296C}D:2\doometernalx64vk.exe] => (Allow) D:2\doometernalx64vk.exe => No File FirewallRules: [TCP Query User{8BF83EE7-CAE8-482D-9FF9-26612C360A14}C:\users\widmowy jack\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\widmowy jack\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{B4FBD218-BE58-49A5-98EC-151AD9969928}C:\users\widmowy jack\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\widmowy jack\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{24D2FAE9-ED3E-45A7-B57E-1FFFB09F255F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{DD3A9576-511E-4381-9575-A46871287E35}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{B79F0C4A-1F80-4043-8CBD-5FB229D83F83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5B05393C-1DA8-48E8-8731-95A222E09407}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{28317AC2-6A59-4E8C-9BA6-0D6A432E7F50}] => (Allow) F:\gry\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) FirewallRules: [{141CE23D-8CED-4BAC-8224-AFD59EA6ABF2}] => (Allow) F:\gry\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) FirewallRules: [{1664957B-B157-4FFF-BABD-E6CFE3CCF5D1}] => (Allow) F:\gry\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) FirewallRules: [{54A57015-05A9-4F85-9E07-DF83E0DE322D}] => (Allow) F:\gry\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) FirewallRules: [TCP Query User{D45BB872-5478-4EDC-B303-1C24052ABD5E}C:\gry\enlisted\launcher.exe] => (Allow) C:\gry\enlisted\launcher.exe (Gaijin Network LTD -> Gaijin) FirewallRules: [UDP Query User{3433771C-11C9-4D6F-8728-A6AAE3B63416}C:\gry\enlisted\launcher.exe] => (Allow) C:\gry\enlisted\launcher.exe (Gaijin Network LTD -> Gaijin) FirewallRules: [{C5BA3016-908F-457E-929F-11F3972BE70B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{D0687C7F-3237-4F29-90B5-D37F4FA35B4E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.51\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{06343785-E47B-4065-9821-09EC5FF89040}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{EDB174C8-F345-46E6-AC0B-7AF06F79CD85}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0EC69337-4093-467D-AF71-326B781BEBBE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{61A02EFB-A5BB-4EF4-B245-3C7BA0386C7F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{47546767-753B-4762-B255-0CC4EA70B2D4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Restore Points ========================= 01-05-2021 18:33:45 Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 02-05-2021 22:50:58 Windows Modules Installer 04-05-2021 10:51:31 Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 04-05-2021 10:51:38 Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 05-05-2021 18:38:16 Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 05-05-2021 18:38:24 Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (05/04/2021 09:58:32 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] System errors: ============= Error: (05/04/2021 07:42:26 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout. Error: (05/04/2021 07:42:26 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout. Error: (05/04/2021 07:20:20 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B37SBO9) Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout. Error: (05/04/2021 07:20:20 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B37SBO9) Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout. Error: (05/04/2021 07:20:19 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B37SBO9) Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout. Error: (05/04/2021 07:20:19 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B37SBO9) Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout. Error: (05/04/2021 07:20:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B37SBO9) Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout. Error: (05/04/2021 07:20:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B37SBO9) Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout. Windows Defender: ================ Date: 2021-05-04 18:04:58 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2021-05-02 14:24:54 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2021-04-30 21:19:35 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2021-04-29 17:31:40 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2021-04-24 20:09:16 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2021-04-28 18:47:45 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: 1.337.117.0 Previous security intelligence Version: 1.335.1724.0 Update Source: User Security intelligence Type: AntiSpyware Update Type: Delta Current Engine Version: 1.1.18100.5 Previous Engine Version: 1.1.18000.5 Error code: 0x80070666 Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. Date: 2021-04-28 18:47:45 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: 1.337.117.0 Previous security intelligence Version: 1.335.1724.0 Update Source: User Security intelligence Type: AntiVirus Update Type: Delta Current Engine Version: 1.1.18100.5 Previous Engine Version: 1.1.18000.5 Error code: 0x80070666 Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. Date: 2021-04-28 18:47:45 Description: Microsoft Defender Antivirus has encountered an error trying to update the engine. New Engine Version: 1.1.18100.5 Previous Engine Version: 1.1.18000.5 Error Code: 0x80070666 Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. ==================== Memory info =========================== BIOS: American Megatrends Inc. P1.70 01/29/2018 Motherboard: ASRock Z370 Pro4 Processor: Intel(R) Core(TM) i5-8400 CPU @ 2.80GHz Percentage of memory in use: 31% Total physical RAM: 16319.12 MB Available physical RAM: 11166.83 MB Total Virtual: 18879.12 MB Available Virtual: 10931.51 MB ==================== Drives ================================ Drive c: (System) (Fixed) (Total:222.97 GB) (Free:28.28 GB) NTFS Drive d: (Gry i programy) (Fixed) (Total:341.8 GB) (Free:159.6 GB) NTFS Drive f: (Multimedia) (Fixed) (Total:439.45 GB) (Free:62.9 GB) NTFS Drive g: (Some crazy shit) (Fixed) (Total:150.26 GB) (Free:96.39 GB) NTFS Drive k: (Elements) (Fixed) (Total:1397.26 GB) (Free:137.83 GB) NTFS Drive w: (Skoki2002) (CDROM) (Total:0.36 GB) (Free:0 GB) CDFS \\?\Volume{113c9188-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS \\?\Volume{b43b003c-5f40-6ca7-9ba0-26d6bdfcda32}\ () (Fixed) (Total:10.92 GB) (Free:0 GB) NTFS \\?\Volume{113c9188-0000-0000-0000-20c437000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D612E654) Partition 1: (Not Active) - (Size=341.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=439.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=150.3 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 113C9188) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=516 MB) - (Type=27) ========================================================== Disk: 2 (MBR Code: Windows XP) (Size: 1397.3 GB) (Disk ID: 00129742) Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS) Attempted reading MBR returned 0 bytes. Could not read MBR for disk 3. ==================== End of Addition.txt =======================