Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019 Ran by Piotr (19-03-2019 15:23:31) Running from E:\Pobrane Windows Embedded Standard Service Pack 1 (X64) (2017-02-06 13:34:41) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1441921510-783520103-3890087851-500 - Administrator - Disabled) Guest (S-1-5-21-1441921510-783520103-3890087851-501 - Limited - Enabled) => C:\Users\Guest Piotr (S-1-5-21-1441921510-783520103-3890087851-1001 - Administrator - Enabled) => C:\Users\Piotr skany (S-1-5-21-1441921510-783520103-3890087851-1003 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Kaspersky Total Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8} AS: Kaspersky Total Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Total Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.10 - Adobe Systems) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.8.1.435 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated) Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_1) (Version: 8.1 - Adobe Systems Incorporated) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 378.49 - NVIDIA Corporation) Hidden Aplikacja na pulpit firmy Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.7.232 - Autodesk) Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.23.0 - Asmedia Technology) Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk) Autodesk Backburner 2018.0 (HKLM-x32\...\{0038F5AA-8482-4BB2-8A28-3FEA1D58D78A}) (Version: 18.0.0.0 - Autodesk) Autodesk DWG TrueView 2018 - English (HKLM\...\DWG TrueView 2018 - English) (Version: 22.0.50.0 - Autodesk) Autodesk Inventor Server Engine for 3ds Max 2018 (HKLM\...\{1984E20A-184B-4073-87F4-6755F3EE5769}) (Version: 20.0 - Autodesk) Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk) Autodesk Material Library Medium Resolution Image Library 2018 (HKLM-x32\...\{6EC5DA32-D02D-47D4-A3C4-988C1BC1A5FE}) (Version: 16.11.1.0 - Autodesk) Autodesk Revit Interoperability for 3ds Max 2018 (HKLM\...\{0BB716E0-1800-0610-0000-097DC2F354DF}) (Version: 18.0.0.412 - Autodesk) Hidden Autodesk Revit Interoperability for 3ds Max 2018 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2018) (Version: 18.0.0.412 - Autodesk) BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.31.56.2510 - BlueStack Systems, Inc.) Bticino Installation Kit (HKLM-x32\...\{4A72CE30-17F7-45ca-AA73-9E60326F1C31}) (Version: 1.2.14 - BTicino) Hidden Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.) Canon iR Toolbox 4.9.1.1.ir03 (HKLM-x32\...\{0CFACDCC-6FF4-46F3-84A4-94A3E6B658FD}) (Version: 1.2.0 - Canon) Canon iR Toolbox 4.9.1.1.ir03 (HKLM-x32\...\{2643914A-E2C2-4180-8396-59B8E1EAFA2F}) (Version: - ) Canon iR Toolbox 4.9.1.1.ir03 (HKLM-x32\...\{5EFD0498-E232-4F53-B279-03EBF3539D63}) (Version: - ) Canon iX6500 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iX6500_series) (Version: - Canon Inc.) Canon MF Scan Utility (HKLM-x32\...\Canon_MF_Scan_Utility) (Version: 1.4.0.0 - CANON INC.) ChomikBox (HKLM-x32\...\{45B8131C-E239-4BE0-A92B-0E7FE1BBF83E}) (Version: 2.0.8.2 - Chomikuj.pl) DeviceViewer v3.12.0.1 (HKLM-x32\...\DeviceViewer_is1) (Version: 3.12.0.1 - ) Dropbox (HKLM-x32\...\Dropbox) (Version: 68.4.102 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden DRUKI Gofin 3.4.7.0 (HKLM-x32\...\{1be5cb58-9c4a-4155-b057-32c4cf5c12a1}) (Version: 3.4.7.0 - Wydawnictwo Podatkowe GOFIN sp. z o.o.) DRUKI Gofin 3.4.7.0 (HKLM-x32\...\{958DE074-80F1-4317-AEF9-D8782806211F}) (Version: 3.4.7.0 - Wydawnictwo Podatkowe GOFIN sp. z o.o.) Hidden DWG TrueView 2018 - English (HKLM\...\{28B89EEF-1028-0409-0100-CF3F3A09B77D}) (Version: 22.0.50.0 - Autodesk) Hidden EaseUS Partition Master 12.9 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS) EaseUS Todo Backup Free 11.0 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 11.0 - CHENGDU YIWO Tech Development Co., Ltd) FileZilla Client 3.40.0 (HKU\S-1-5-21-1441921510-783520103-3890087851-1001\...\FileZilla Client) (Version: 3.40.0 - Tim Kosse) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden HiSuite (HKLM-x32\...\Hi Suite) (Version: 8.0.1.300 - ) Intel(R) Chipset Device Software (HKLM-x32\...\{7237f6c4-bcae-41b5-8f4b-ec446f5c115f}) (Version: 10.1.2.8 - Intel(R) Corporation) Hidden Intel(R) Network Connections 21.0.504.0 (HKLM\...\PROSetDX) (Version: 21.0.504.0 - Intel) Intel(R) Rapid Storage Technology enterprise (HKLM-x32\...\{8B313BF5-9BD5-42a3-94C1-A28AF3AA51CC}) (Version: 4.3.0.1198 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation) Intel® Software Guard Extensions Platform Software (HKLM\...\{D6CE0772-080E-45D4-8CB0-AB2AB9710DFE}) (Version: 1.1.28151.80 - Intel Corporation) IrfanView 4.52 (64-bit) (HKLM\...\IrfanView64) (Version: 4.52 - Irfan Skiljan) Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Kaspersky Total Security (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden Kaspersky Total Security (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Macrium Reflect Workstation Edition (HKLM\...\{DC9C1F8D-C2C8-4E01-BDC1-1E16D7095B5E}) (Version: 7.1.3317 - Paramount Software (UK) Ltd.) Hidden Macrium Reflect Workstation Edition (HKLM\...\MacriumReflect) (Version: 7.1 - Paramount Software (UK) Ltd.) Manager (HKLM-x32\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden MAXtoA for 3ds Max 2018 (HKLM\...\{8716A7CE-C3F1-4582-A2E6-AE1DBFF5A2F0}) (Version: 1.0.812.0 - Solid Angle) Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.6.00081 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 65.0.2 (x64 pl) (HKLM\...\Mozilla Firefox 65.0.2 (x64 pl)) (Version: 65.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 65.0.2.6995 - Mozilla) Mozilla Thunderbird 60.5.1 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 60.5.1 (x86 pl)) (Version: 60.5.1 - Mozilla) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (HKLM\...\{90150000-001F-0415-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Norma Expert - przeglądarka kosztorysów 5.8.200.8 (HKLM\...\Norma Expert - przeglądarka kosztorysów_is1) (Version: 5.8.200.8 - Athenasoft) Norma PRO - demo (HKLM-x32\...\{2AAAF61C-9EA7-4BFA-AA58-D8E29F706E60}) (Version: 4.61 - Athenasoft) Norma PRO (HKLM-x32\...\{6FCEBA1E-B484-4972-883F-E2B99A12758E}) (Version: 4.55 - Athenasoft) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.6 - Notepad++ Team) novaPDF 8 SDK COM (x64) (HKLM\...\{6DB0E832-DB83-4386-8B02-5500DCEDCF56}) (Version: 8.0.915 - Softland) NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Driver 378.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.49 - NVIDIA Corporation) NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation) NVIDIA Graphics Driver 378.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.49 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation) NVIDIA mental ray and IRay feature plugins for 3ds Max 2018 (HKLM\...\{C76BBD60-09DB-43B3-B5B0-BF00C80B500C}) (Version: 19.0.0.0 - Autodesk) NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.1.2.31 - NVIDIA Corporation) Hidden NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 1.2.0.0 - NVIDIA Corporation) Hidden Opera Stable 58.0.3135.79 (HKU\S-1-5-21-1441921510-783520103-3890087851-1001\...\Opera 58.0.3135.79) (Version: 58.0.3135.79 - Opera Software) PDF Architect 5 Create Module (HKLM\...\{0E25DE98-E56E-4259-B554-F1360BB2DC22}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden PDF Architect 5 Edit Module (HKLM\...\{EE01D8D7-2DD0-4C43-BF42-D9C8FC8DAE99}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden PDF Architect 5 View Module (HKLM\...\{4DC94B75-B036-474D-8AC8-E2D055C95FBD}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.0.2 - pdfforge GmbH) PDF-XChange 3 (HKLM\...\PDF-XChange 3_is1) (Version: - Tracker Software) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.) Sage Komponent Graficznej Wizualizacji 2015.a (HKLM-x32\...\{C1C875C4-7895-49EE-AE2C-6A16B2A21D60}) (Version: 15.1.615.0 - Sage sp. z o.o.) Sage Komunikator (HKLM-x32\...\Sage Komunikator) (Version: Komunikator 2010.1 - Sage sp. z o.o.) Sage Symfonia Handel (HKLM-x32\...\Sage Symfonia Handel) (Version: Handel 2015.c - Sage sp. z o.o.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.) SEKOCENBUD RMS 2kw2018max (HKLM-x32\...\{F3CB64A1-0302-4CD3-8A1D-E69295B7BD7E}) (Version: 1.00.0000 - Ośrodek Wdrożeń Ekonomiczno-Organizacyjnych Budownictwa PROMOCJA Sp. z o.o.) SeoLight (wersja 2.8) (HKLM-x32\...\{78609D6C-890F-41EA-B1E4-5D053965DD56-2}_is1) (Version: 2.8 - Complay) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0340 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.1.2.31 - NVIDIA Corporation) Hidden Skype version 8.39 (HKLM-x32\...\Skype_is1) (Version: 8.39 - Skype Technologies S.A.) Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18124.4 - Samsung Electronics Co., Ltd.) Hidden Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18124.4 - Samsung Electronics Co., Ltd.) SricamPC version 2.4 (HKLM-x32\...\{56BAA41B-F3C4-41A4-9CD6-047B311FBF35}_is1) (Version: 2.4 - ShenZhen Sricctv Technology Co., Ltd.) Stawka 2 wersja 2.04 (HKLM-x32\...\{B2361790-907A-4551-9589-CF1E307CFA55}_is1) (Version: 2.04 - Athenasoft) Symfonia On-line (HKLM-x32\...\{122B2FBE-BD42-43F0-B0FB-991C8D4C2429}) (Version: 15.0.657 - Sage sp. z o.o.) Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 6.2-23733 - Synology) Synology Cloud Station Backup (remove only) (HKLM\...\Synology Cloud Station Backup) (Version: 4.2.7.4415 - Synology, Inc.) TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.5287 - TeamViewer) TiSferaDesign 3.0.3 (HKLM-x32\...\TiSferaDesign 3.0.3) (Version: - BTicino) Update for Skype for Business 2015 (KB4462135) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{03CD37B7-E1EB-42AE-9BC3-3687E679668B}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4462135) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{03CD37B7-E1EB-42AE-9BC3-3687E679668B}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4462135) 64-Bit Edition (HKLM\...\{90150000-012B-0415-1000-0000000FF1CE}_Office15.PROPLUS_{03CD37B7-E1EB-42AE-9BC3-3687E679668B}) (Version: - Microsoft) VMS Management Uninst (HKLM-x32\...\VMS Management_is1) (Version: 6.1.31.4 - Guangzhou HeroSpeed Digital Technology Co.,Ltd) Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.) WinDirStat 1.1.2 (HKU\S-1-5-21-1441921510-783520103-3890087851-1001\...\WinDirStat) (Version: - ) WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) ZWCAD 2019 (HKLM\...\{FEC04AC9-A001-0000-A001-BAB53898898A}) (Version: 19.20.1007.41803 - ZWSOFT) Hidden ZWCAD 2019 English (HKLM\...\{FEC04AC9-A001-0000-A200-BAB53898898A}) (Version: 19.20.1007.41803 - ZWSOFT) ZWCAD 2019 Language Pack - English (HKLM\...\{FEC04AC9-A001-1033-A101-BAB53898898A}) (Version: 19.20.1007.41803 - ZWSOFT) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1441921510-783520103-3890087851-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> D:\Program Files\Autodesk\3ds Max 2018\Inventor Server\Bin\TestServer.dll => No File CustomCLSID: HKU\S-1-5-21-1441921510-783520103-3890087851-1001_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> D:\Program Files\Autodesk\DWG TrueView 2018 - English\en-US\dwgviewrficn.dll (Autodesk, Inc -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1441921510-783520103-3890087851-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> D:\Program Files\Autodesk\3ds Max 2018\Inventor Server\Bin\TestServer.dll => No File CustomCLSID: HKU\S-1-5-21-1441921510-783520103-3890087851-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> D:\Program Files\Autodesk\DWG TrueView 2018 - English\dwgviewr.exe (Autodesk, Inc -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1441921510-783520103-3890087851-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> D:\Program Files\Autodesk\3ds Max 2018\Inventor Server\Bin\TestServer.dll => No File CustomCLSID: HKU\S-1-5-21-1441921510-783520103-3890087851-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> c:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => c:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => c:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => c:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => c:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => c:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => c:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => c:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => c:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => c:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => c:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-15] (Autodesk, Inc -> Autodesk, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => c:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => c:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => c:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => c:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => c:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => c:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => c:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => c:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => c:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => c:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-15] (Autodesk, Inc -> Autodesk) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => c:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => c:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-03-19] (Notepad++ -> ) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => c:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-10-15] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers1: [PDFArchitect5_ManagerExt] -> {00B7B69F-6774-4906-9C7F-7D117A3644A9} => C:\Program Files\PDF Architect 5\creator-context-menu.dll [2017-07-05] (pdfforge GmbH -> pdfforge GmbH) ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => c:\Program Files\PDFCreator\PDFCreatorShell.DLL [2017-09-04] (pdfforge GmbH -> pdfforge GmbH) ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => E:\Program Files\Macrium\Reflect\RContextMenu.dll [2017-10-01] (Paramount Software UK Ltd -> Paramount Software UK Ltd) ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => E:\EaseUS\Todo\bin\x64\ImageSh.dll [2018-05-24] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-10-15] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => E:\Program Files\Macrium\Reflect\RContextMenu.dll [2017-10-01] (Paramount Software UK Ltd -> Paramount Software UK Ltd) ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => E:\EaseUS\Todo\bin\x64\ImageSh.dll [2018-05-24] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => c:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-10-15] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => E:\EaseUS\Todo\bin\x64\ImageSh.dll [2018-05-24] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => c:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => F:\Program Files\Windows Sidebar\sbdrop.dll -> No File ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-01-20] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => c:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-10-15] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {033AC6EB-A91E-4275-85D6-C9932FFA32C2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe Task: {091B943C-3433-4F85-940D-C0E80B0A10E1} - System32\Tasks\AdobeAAMUpdater-1.0-PIOTR-Piotr => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {0DD96661-734C-4DA3-B8F2-923C97481A99} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => F:\Program Files\Windows Media Player\wmpnscfg.exe Task: {2DB930C1-348E-4DC5-9F4C-656667C972F9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {3DB7F7C0-9915-4A9E-9C57-2F6BEAFCCC2E} - System32\Tasks\Macrium-Backup-{C251C127-47CA-45AD-AC3F-F0713873F225} => E:\Program Files\Macrium\Reflect\Reflect.exe (Paramount Software UK Ltd -> Paramount Software UK Ltd) Task: {4353FDB5-EBEA-4AAC-8CF8-15FEBF3B437C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => c:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {5B49BFD8-ED62-4739-ABF9-CCF283954805} - System32\Tasks\Macrium-Backup-{1D2BF7D7-0BD5-4B4D-9BD1-B531C73CF296} => E:\Program Files\Macrium\Reflect\Reflect.exe (Paramount Software UK Ltd -> Paramount Software UK Ltd) Task: {5C652032-257F-4880-8A00-802C77BC2B2E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => c:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {6B99B5E6-0CFC-4230-ADDB-D8871C938499} - System32\Tasks\AdobeGCInvoker-1.0-Avizio-PC-Piotr => c:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated) Task: {780FC96A-9612-4F8C-9141-AC69751BF5BF} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => c:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {7A136C73-0B63-4C75-B09E-2571E2A84C15} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => c:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {7D1EE410-F174-4244-8D89-25EC3A15B529} - System32\Tasks\DropboxUpdateTaskMachineCore => c:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) Task: {954F68FC-CC1D-462E-A03B-88F77AF93ACD} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => c:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe (Kaspersky Lab -> AO Kaspersky Lab) Task: {9BCF066B-CEF7-4F14-B2D6-9A0D83CB3C93} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated -> Adobe Inc.) Task: {A4A43740-D1B7-47E0-A050-49533FEE594D} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {A5EACDA9-798D-442D-A0F5-60A32E5C8ED4} - System32\Tasks\GoogleUpdateTaskMachineUA => c:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {A8EE3B8C-EA5F-4A50-B797-580A10F933C0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => F:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {B361C1E2-5506-484E-B1F4-7F64C6C315FB} - System32\Tasks\Macrium-Backup-{E91438B2-F199-43B5-9756-8B860CAE1928} => E:\Program Files\Macrium\Reflect\Reflect.exe (Paramount Software UK Ltd -> Paramount Software UK Ltd) Task: {C90F141F-DC7B-4F6F-BDB9-22C4E4913E43} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {D168F9E1-21BE-4DEF-A94B-A39044810724} - System32\Tasks\Opera scheduled Autoupdate 1549452841 => C:\Users\Piotr\AppData\Local\Programs\Opera\launcher.exe (Opera Software AS -> Opera Software) Task: {D46008AD-91A9-4057-87D5-2AEBE0F2AB38} - System32\Tasks\DropboxUpdateTaskMachineUA => c:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) Task: {DC463AC1-6F3E-40BF-8A14-3CEF9C3B90B4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => c:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {E1EA6872-EC21-4F04-8F17-9272ECFAC525} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => c:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {E967E969-85A7-493B-9CC2-3008CF2574DD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe Task: {F125F660-FAF2-400C-B216-A72F67E1918D} - System32\Tasks\AdobeGCInvoker-1.0-PIOTR-Piotr => c:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated) Task: {F3284B8A-6331-46CB-8911-8868AC419D01} - System32\Tasks\GoogleUpdateTaskMachineCore => c:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => c:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => c:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2017-02-06 15:03 - 2017-01-20 15:07 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] c:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\_nvstapisvr64.dll 2018-02-19 08:34 - 2013-01-31 18:21 - 000152064 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNCENPM6.dll 2018-02-20 14:01 - 2013-04-02 00:00 - 001420800 _____ (CANON INC.) [File not signed] C:\Windows\System32\cnnx0_flm.dll 2017-11-21 18:38 - 2012-08-09 12:59 - 001006080 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNAS0MOK.DLL 2017-11-13 12:16 - 2006-01-30 09:32 - 000006656 _____ (Tracker Software) [File not signed] C:\Windows\system32\pxc35pm.dll 2017-12-15 09:55 - 2017-12-15 09:55 - 000116224 _____ (pdfforge GmbH) [File not signed] C:\Windows\System32\pdfcmon.dll 2017-11-21 18:38 - 2017-04-21 00:00 - 004482560 _____ (CANON INC.) [File not signed] C:\Windows\system32\spool\DRIVERS\x64\3\CNLB0MUI_DEAC8.DLL 2012-09-23 20:44 - 2012-09-23 20:44 - 000010240 _____ (Adobe Systems Inc.) [File not signed] c:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\pl_pl\Acrobat Elements\ContextMenuShim64.pol 2017-11-21 18:38 - 2017-04-21 01:00 - 002670080 _____ (CANON INC.) [File not signed] C:\Windows\system32\spool\DRIVERS\x64\3\CNLB0M_DEAC8.DLL 2017-11-21 18:38 - 2017-04-21 00:00 - 014458368 _____ (CANON INC.) [File not signed] C:\Windows\system32\spool\DRIVERS\x64\3\CNLB0809_DEAC8.DLL 2018-12-06 20:59 - 2018-12-06 20:59 - 001637888 _____ (Earth Resource Mapping) [File not signed] F:\Program Files\ZWSOFT\ZWCAD 2019\NCSEcw.dll 2018-12-06 20:58 - 2018-12-06 20:58 - 000056320 _____ (Earth Resource Mapping) [File not signed] F:\Program Files\ZWSOFT\ZWCAD 2019\NCScnet.dll 2018-12-06 20:58 - 2018-12-06 20:58 - 000194048 _____ (Earth Resource Mapping) [File not signed] F:\Program Files\ZWSOFT\ZWCAD 2019\NCSUtil.dll 2014-12-03 07:32 - 2014-12-03 07:32 - 000132608 _____ () [File not signed] c:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\pl_pl\PDFMaker\PDFMOfficeAddin.POL 2018-07-31 17:59 - 2017-02-21 16:19 - 000083136 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] E:\EaseUS\Todo\bin\CodeLog.dll 2018-07-31 17:59 - 2008-11-25 16:18 - 000892928 _____ (Free Software Foundation) [File not signed] E:\EaseUS\Todo\bin\iconv.dll 2018-07-31 17:59 - 2016-03-07 17:08 - 001291264 _____ () [File not signed] E:\EaseUS\Todo\bin\libxml2.dll 2018-07-31 17:59 - 2004-10-05 02:08 - 000055808 _____ () [File not signed] E:\EaseUS\Todo\bin\zlib1.dll 2017-02-06 15:06 - 2016-07-27 17:31 - 000008192 _____ () [File not signed] c:\Program Files (x86)\VMS Management\HwService.dll 2017-02-06 15:06 - 2016-07-27 17:31 - 000027136 _____ () [File not signed] c:\Program Files (x86)\VMS Management\CommonDef.dll 2017-02-06 15:06 - 2016-04-05 10:07 - 000036352 _____ () [File not signed] c:\Program Files (x86)\VMS Management\LibThread.dll 2017-02-06 15:06 - 2016-03-01 11:24 - 000016896 _____ () [File not signed] c:\Program Files (x86)\VMS Management\LogUtility.dll 2017-02-06 15:06 - 2015-09-17 14:34 - 000198144 _____ () [File not signed] c:\Program Files (x86)\VMS Management\log4cpp.dll 2017-02-06 15:06 - 2016-07-27 17:31 - 000016384 _____ () [File not signed] c:\Program Files (x86)\VMS Management\ServerSdk.dll 2017-02-06 15:06 - 2016-07-27 17:31 - 000090624 _____ () [File not signed] c:\Program Files (x86)\VMS Management\CommonData.dll 2017-02-06 15:06 - 2016-07-27 17:31 - 000082432 _____ () [File not signed] c:\Program Files (x86)\VMS Management\HsClientSDK.dll 2017-02-06 15:06 - 2016-07-27 17:31 - 000020480 _____ () [File not signed] c:\Program Files (x86)\VMS Management\NetAccess.dll 2017-02-06 15:06 - 2016-07-27 17:31 - 000013312 _____ () [File not signed] c:\Program Files (x86)\VMS Management\CodecOutput.dll 2017-02-06 15:06 - 2016-07-27 17:31 - 000056320 _____ () [File not signed] c:\Program Files (x86)\VMS Management\LocalAccess.dll 2017-02-06 15:06 - 2016-07-27 17:31 - 000256000 _____ () [File not signed] c:\Program Files (x86)\VMS Management\LibDBService.dll 2017-02-06 15:06 - 2016-04-05 10:07 - 000049152 _____ () [File not signed] c:\Program Files (x86)\VMS Management\LibDBAccess.dll 2017-02-06 15:06 - 2015-09-17 14:34 - 002042368 _____ () [File not signed] c:\Program Files (x86)\VMS Management\LIBMYSQL.dll 2017-02-06 15:06 - 2016-06-21 17:37 - 000292352 _____ () [File not signed] c:\Program Files (x86)\VMS Management\StreamServer.dll 2017-02-06 15:06 - 2016-07-27 17:31 - 000044032 _____ () [File not signed] c:\Program Files (x86)\VMS Management\HsAlarmService.dll 2017-02-06 15:06 - 2016-07-27 17:31 - 000017920 _____ () [File not signed] c:\Program Files (x86)\VMS Management\HKAccess.dll 2017-02-06 15:06 - 2015-09-17 14:34 - 001556549 _____ () [File not signed] c:\Program Files (x86)\VMS Management\HCNetSDK.dll 2017-02-06 15:06 - 2016-07-27 17:31 - 000320512 _____ (Longse) [File not signed] c:\Program Files (x86)\VMS Management\OnvifAccess.dll 2017-02-06 15:06 - 2016-04-05 10:07 - 000064512 _____ () [File not signed] c:\Program Files (x86)\VMS Management\LibNetwork.dll 2017-02-06 15:06 - 2016-03-01 11:24 - 008839680 _____ () [File not signed] c:\Program Files (x86)\VMS Management\LibOnvif.dll 2017-02-06 15:06 - 2015-09-17 14:34 - 001211392 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] c:\Program Files (x86)\VMS Management\LIBEAY32.dll 2017-02-06 15:06 - 2015-09-17 14:34 - 000294912 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] c:\Program Files (x86)\VMS Management\SSLEAY32.dll 2017-02-06 15:06 - 2016-07-28 09:44 - 000050176 _____ (Longse) [File not signed] c:\Program Files (x86)\VMS Management\AGRAccess.dll 2017-02-06 15:06 - 2016-07-28 09:44 - 000196608 _____ (Longse) [File not signed] c:\Program Files (x86)\VMS Management\HSAGRNetAccess.dll 2017-02-06 15:06 - 2016-07-27 17:31 - 000264192 _____ () [File not signed] c:\Program Files (x86)\VMS Management\NvrRtspAccess.dll 2017-02-06 15:06 - 2016-07-27 17:31 - 000276480 _____ () [File not signed] c:\Program Files (x86)\VMS Management\P2PAccess.dll 2017-02-06 15:06 - 2016-07-14 14:04 - 000030720 _____ () [File not signed] c:\Program Files (x86)\VMS Management\HSDisplay.dll 2017-02-06 15:06 - 2016-07-27 17:31 - 002853376 _____ (TODO: <公司名>) [File not signed] c:\Program Files (x86)\VMS Management\HSAVPlayer.dll 2017-02-06 15:06 - 2016-06-21 17:37 - 000138240 _____ () [File not signed] c:\Program Files (x86)\VMS Management\LongseService.dll 2017-02-06 15:06 - 2016-07-27 17:31 - 000167424 _____ () [File not signed] c:\Program Files (x86)\VMS Management\LibLongseProtocol.dll 2017-02-06 15:06 - 2015-09-17 14:34 - 000142336 _____ () [File not signed] c:\Program Files (x86)\VMS Management\zlibwapi.dll 2017-02-06 14:46 - 2015-06-16 00:00 - 000074752 ____R (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll 2019-02-14 03:18 - 2019-02-14 03:18 - 000368128 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\470d80c12208f72c7a4f839532770542\IAStorUtil.ni.dll 2019-02-14 03:18 - 2019-02-14 03:18 - 000029184 _____ (Microsoft) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvcInt#\1e730e9883d57e10faa3422d6d41b5de\IAStorDataMgrSvcInterfaces.ni.dll 2018-11-16 03:14 - 2018-11-16 03:14 - 000032256 _____ (Intel Corp.) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\5926f58e436cf5c6e3f601101e0d2074\IAStorCommon.ni.dll 2017-02-06 14:51 - 2015-06-10 16:13 - 001485824 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IntelVisualDesign.dll 2012-09-23 20:44 - 2012-09-23 20:44 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\pl_pl\acrotray.pol 2017-02-06 15:03 - 2017-01-20 15:07 - 000757240 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] c:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll 2019-02-14 03:18 - 2019-02-14 03:18 - 000020480 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\85627d4c0905de3ce746776b389eb760\IAStorDataMgrSvc.ni.exe 2019-02-14 03:18 - 2019-02-14 03:18 - 000110080 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\e8923a59b43b823070925978ed55544b\IAStorDataMgr.ni.dll 2019-02-14 03:18 - 2019-02-14 03:18 - 003230208 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\PSI\8609eb53bbfd59ff5583a6ac97a961f6\PSI.ni.dll 2019-02-14 03:18 - 2019-02-14 03:18 - 000020480 _____ () [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\PSIClient\1bc899ac31d03f38046ee9bfd94dce55\PSIClient.ni.dll 2019-02-14 03:18 - 2019-02-14 03:18 - 000674816 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\PsiData\9fa014060b450b7e1d2d1aba4617c90f\PsiData.ni.dll 2017-02-06 14:51 - 2015-06-10 16:12 - 000271872 _____ (Intel Corporation) [File not signed] c:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\PsiData.dll 2017-02-06 14:51 - 2015-06-10 16:11 - 000486912 _____ (Intel Corporation) [File not signed] c:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\ISDI2.dll 2018-04-13 16:15 - 2018-04-13 16:15 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll 2014-12-03 07:32 - 2014-12-03 07:32 - 008293987 _____ (Adobe Systems Incorporated) [File not signed] c:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\plug_ins\Annots.api 2014-12-03 07:31 - 2014-12-03 07:31 - 001828720 ____N (Adobe Systems, Incorporated -> Adobe Systems, Incorporated) [File not signed] c:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\amtlib.dll 2014-12-03 07:32 - 2014-12-03 07:32 - 000109667 _____ (Adobe Systems Incorporated) [File not signed] c:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\plug_ins\IA32.api 2014-12-03 07:32 - 2014-12-03 07:32 - 000172643 _____ (Adobe Systems Incorporated) [File not signed] c:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\plug_ins\Updater.api ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Piotr\Desktop\logo-firma.PNG:com.dropbox.attributes [168] AlternateDataStreams: C:\Users\Piotr\Desktop\LOGOTYP_REMBUDEX_KRZYWE_print_cmyk.ai:com.dropbox.attributes [168] AlternateDataStreams: C:\Users\Piotr\Desktop\LOGOTYP_REMBUDEX_KRZYWE_print_cmyk.ai:com.dropbox.attrs [58] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) HKLM\...\.scr: ZWCAD.SCR.2019 => <==== ATTENTION HKU\S-1-5-21-1441921510-783520103-3890087851-1001\Software\Classes\.scr: DWGTrueViewScriptFile => C:\Windows\system32\notepad.exe "%1" ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2010-04-02 15:56 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1441921510-783520103-3890087851-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 194.153.119.3 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [Microsoft-Windows-NFS-ClientCore-NfsClnt-UDP-Out] => (Allow) %systemroot%\system32\nfsclnt.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [Microsoft-Windows-NFS-ClientCore-NfsClnt-TCP-Out] => (Allow) %systemroot%\system32\nfsclnt.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [ScanManagement-RCWS-Out-TCP] => (Allow) %SystemRoot%\System32\mmc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [ScanManagement-WSD-Out-TCP] => (Allow) %SystemRoot%\System32\mmc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{E1463DEA-B770-4FA2-8A94-5C7512B9FCBC}] => (Allow) c:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{464DA72C-96C2-4D4F-B3A8-86FCC2786751}] => (Allow) c:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{965A720F-4FBD-46C1-BB73-6004760BEAE0}] => (Allow) c:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{4F57C021-13E7-4F29-91C1-95608B8AAB88}] => (Allow) c:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{7503DA9A-1D17-47B3-BE7B-EA8B8AEFE7DB}] => (Allow) c:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{BD0122E8-9FD7-4393-AB5C-C0ACB41EAA6A}] => (Allow) c:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{C9CC3FCB-07A9-402D-8A45-C3902A5E304E}] => (Allow) c:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{2A5BF52A-2EB0-42F2-AC43-011A040FCFFF}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe No File FirewallRules: [{558E235F-8F59-4FBF-AE49-966687A2D0FB}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe No File FirewallRules: [{2220B66C-2199-44C3-9969-C1B35F782F93}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe No File FirewallRules: [{AE05B514-EA23-4076-AAA1-A63D85BDCB93}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe No File FirewallRules: [{6CCA43DE-CC55-48BF-B81E-0ECE036EF82C}] => (Allow) D:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{09AAAD9D-1978-4669-BC45-D5664BBCC66C}] => (Allow) D:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{11EF91B6-FDCC-4FBE-A787-7C12F3808747}] => (Allow) D:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{CD3608EF-8FD3-420D-B484-E8049605C917}] => (Allow) D:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5E1042A6-B9FC-40EE-95EF-3ADEA8DADC7A}] => (Allow) D:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{DFFC8924-B243-40CA-BB28-C76FD3DF5620}] => (Allow) D:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{B847ED3B-A3BE-4DF2-9C7D-DEF3B3D141AE}] => (Allow) D:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{30E0FF0F-9295-4A67-9615-FA2C46CD7769}] => (Allow) D:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{4BBCF566-6253-4DAD-9F08-56DA8C318ECF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{E63B0C97-62F5-47D4-99DD-8E2733232758}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{7340DE14-BBA7-42F3-B5BC-2F6D762E6A27}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{EDD80BE1-38D5-45DB-8EF3-7882270AB92E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{5FADE255-5BF0-463F-A512-3B2F134F8B8E}] => (Allow) E:\EaseUS\Todo\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) FirewallRules: [{F0A7708F-10C3-41ED-A3A7-F62A019E4A50}] => (Allow) E:\EaseUS\Todo\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) FirewallRules: [{DD864CAE-311D-4E02-AD54-1CF6A78CB708}] => (Allow) E:\EaseUS\Todo\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) FirewallRules: [{75D2BE65-442F-41A3-943C-FCF49D919341}] => (Allow) E:\EaseUS\Todo\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) FirewallRules: [{E342F166-05FD-445B-B141-3119E344C4A8}] => (Allow) E:\EaseUS\Todo\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) FirewallRules: [{8A51EE45-46D0-45AC-BB87-787E9D04CBA9}] => (Allow) E:\EaseUS\Todo\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) FirewallRules: [{07D852BD-A533-43F7-BBFA-853D201AF15E}] => (Allow) E:\EaseUS\Todo\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) FirewallRules: [{1F229A8B-F359-4B63-8080-69175305ECF9}] => (Allow) E:\EaseUS\Todo\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) FirewallRules: [{6A1D11F2-04BF-4CAC-ADD1-45D2EB64B49F}] => (Allow) c:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) FirewallRules: [{FC7A558E-A0D4-4BD8-8EFC-8E2ABF6A519B}] => (Allow) c:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.) FirewallRules: [{1F29F788-E45C-4A31-9EBA-BA4AC192362F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E5F3876D-5B04-4751-A3E1-351F7C908E57}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{60E223C8-8A16-4D09-8AAD-A4B2E1DF41D8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{9A213EF0-C8F3-4062-AE86-336BBABD8248}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{61E38693-D2D3-4705-AEB7-5C55531A2E72}] => (Allow) C:\Users\Piotr\AppData\Local\Programs\Opera\58.0.3135.68\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{4EB5D82D-B9A2-4457-A7BC-7446302738C6}] => (Allow) c:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{AF05749A-8535-45A6-83FC-079140BC37EA}] => (Allow) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) FirewallRules: [{45378EA6-CBED-4A10-81BB-466823495FEC}] => (Allow) C:\Users\Piotr\AppData\Local\Programs\Opera\58.0.3135.79\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{8D942297-B223-4B6A-938C-EEA3B7C0F62F}] => (Allow) f:\Program Files (x86)\SeoLight\seolight.exe () [File not signed] FirewallRules: [{715EF192-D5C6-43B5-B81B-74C2FFF5E82E}] => (Allow) F:\Program Files\ZWSOFT\ZWCAD 2019\ZwAuthHost.exe (ZWCAD Software Co.,LTD -> ) FirewallRules: [{A8B022A2-6FE0-4CE2-ABDB-B97BA4783A63}] => (Allow) F:\Program Files\ZWSOFT\ZWCAD 2019\CrashReportManagement.exe (ZWCAD Software Co.,LTD -> ) FirewallRules: [{661AF55B-0215-4155-8F11-DD52FAB9B8CC}] => (Allow) F:\Program Files\ZWSOFT\ZWCAD 2019\ZWCAD.exe (ZWCAD Software Co.,LTD -> ) FirewallRules: [{A641D5AE-2131-4873-9D85-48B765504329}] => (Allow) F:\Program Files\ZWSOFT\ZWCAD 2019\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> ) FirewallRules: [{8CB8E0C0-5644-4F69-BADB-BD02A8B85EF7}] => (Allow) F:\Program Files\ZWSOFT\ZWCAD 2019\ZWCAD.exe (ZWCAD Software Co.,LTD -> ) FirewallRules: [{99C18FB6-18A3-41E2-9FBE-E29717852110}] => (Allow) F:\Program Files\ZWSOFT\ZWCAD 2019\CrashReportManagement.exe (ZWCAD Software Co.,LTD -> ) FirewallRules: [{94C23CC9-0439-4036-85AE-72FFAA039A56}] => (Allow) F:\Program Files\ZWSOFT\ZWCAD 2019\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> ) FirewallRules: [{858F01D9-7ADF-4D30-A9AA-67A482C0EA18}] => (Allow) F:\Program Files\ZWSOFT\ZWCAD 2019\ZwAuthHost.exe (ZWCAD Software Co.,LTD -> ) ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/19/2019 12:40:40 PM) (Source: Macrium Reflect) (EventID: 8290) (User: NT AUTHORITY) Description: The backup failed to complete successfully - Reason: Backup aborted! - None of the specified backup locations could be written to Error: (03/19/2019 07:54:51 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (03/19/2019 07:46:07 AM) (Source: IAStorDataMgrSvc) (EventID: 0) (User: ) Description: Missing localized format string Error: (03/19/2019 07:46:07 AM) (Source: IAStorDataMgrSvc) (EventID: 0) (User: ) Description: Missing localized format string Error: (03/19/2019 07:43:51 AM) (Source: MySQL) (EventID: 100) (User: ) Description: Native table 'performance_schema'.'file_instances' has the wrong structure For more information, see Help and Support Center at http://www.mysql.com. Error: (03/19/2019 07:43:51 AM) (Source: MySQL) (EventID: 100) (User: ) Description: Native table 'performance_schema'.'cond_instances' has the wrong structure For more information, see Help and Support Center at http://www.mysql.com. Error: (03/19/2019 07:43:51 AM) (Source: MySQL) (EventID: 100) (User: ) Description: Native table 'performance_schema'.'rwlock_instances' has the wrong structure For more information, see Help and Support Center at http://www.mysql.com. Error: (03/19/2019 07:43:51 AM) (Source: MySQL) (EventID: 100) (User: ) Description: Native table 'performance_schema'.'mutex_instances' has the wrong structure For more information, see Help and Support Center at http://www.mysql.com. System errors: ============= Error: (03/19/2019 11:59:39 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (03/19/2019 11:59:39 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 70. Error: (03/19/2019 09:51:37 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (03/19/2019 09:51:37 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 70. Error: (03/19/2019 08:47:36 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (03/19/2019 08:47:36 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 70. Error: (03/19/2019 08:15:35 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (03/19/2019 08:15:35 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 70. Windows Defender: =================================== Date: 2018-08-01 06:48:24.063 Description: Windows Defender has encountered an error trying to update signatures. New Signature Version: Previous Signature Version:1.273.484.0 Update Source:User Signature Type:AntiSpyware Update Type:Delta Current Engine Version: Previous Engine Version:1.1.15100.1 Error code:0x80070070 Error description:There is not enough space on the disk. Date: 2018-07-04 07:55:14.763 Description: Windows Defender has encountered an error trying to update signatures. New Signature Version:1.271.442.0 Previous Signature Version:1.269.1974.0 Update Source:User Signature Type:AntiSpyware Update Type:Delta Current Engine Version:1.1.15000.2 Previous Engine Version:1.1.14901.4 Error code:0x80070666 Error description:Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. Date: 2018-07-04 07:55:14.763 Description: Windows Defender has encountered an error trying to update the engine. New Engine Version:1.1.15000.2 Previous Engine Version:1.1.14901.4 Update Source:User Error Code:0x80070666 Error description:Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. Date: 2018-05-09 12:45:22.323 Description: %1 engine has been terminated due to an unexpected error. Failure Type:%5 Exception code:%6 Resource:%3 Date: 2018-05-09 12:43:18.957 Description: %1 engine has been terminated due to an unexpected error. Failure Type:%5 Exception code:%6 Resource:%3 CodeIntegrity: =================================== Date: 2018-04-07 03:51:06.389 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\klelam_X64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2018-04-07 03:51:06.389 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\klelam_X64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2018-04-07 03:51:06.389 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\klelam_X64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2018-02-19 14:23:26.646 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\klelam_X64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2018-02-19 14:23:26.644 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\klelam_X64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2018-01-03 10:49:56.717 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\klelam_X64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2018-01-03 10:49:56.717 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\klelam_X64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2018-01-03 10:49:56.717 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\klelam_X64\klelam.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Xeon(R) CPU E3-1220 v5 @ 3.00GHz Percentage of memory in use: 94% Total physical RAM: 8005.57 MB Available physical RAM: 404.29 MB Total Virtual: 20010.71 MB Available Virtual: 9033.37 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:173.69 GB) (Free:86.22 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: (New Volume) (Fixed) (Total:49.87 GB) (Free:40.07 GB) NTFS Drive e: (New Volume) (Fixed) (Total:976.57 GB) (Free:648.63 GB) NTFS Drive f: (F) (Fixed) (Total:1071.43 GB) (Free:1052.73 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 5589 GB) (Disk ID: B2F77F02) Partition 1: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=1071.4 GB) - (Type=0F Extended) ======================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 523382D1) Partition 1: (Active) - (Size=173.7 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=49.9 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================