Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2020 Ran by Dawid (14-02-2020 23:06:17) Running from D:\Pulpit Windows 10 Pro Version 1809 17763.107 (X64) (2019-08-16 16:39:31) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3209356975-1440663221-436767862-500 - Administrator - Disabled) Dawid (S-1-5-21-3209356975-1440663221-436767862-1002 - Administrator - Enabled) => C:\Users\Dawid DefaultAccount (S-1-5-21-3209356975-1440663221-436767862-503 - Limited - Disabled) Guest (S-1-5-21-3209356975-1440663221-436767862-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3209356975-1440663221-436767862-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.9.0.504 - Adobe Systems Incorporated) Adobe Premiere Pro CC 2019 (HKLM-x32\...\PPRO_13_0_1) (Version: 13.0.1 - Adobe Systems Incorporated) Advanced System Repair Pro (HKU\S-1-5-21-3209356975-1440663221-436767862-1002\...\Advanced System Repair Pro) (Version: 1.9.1.6 - Advanced System Repair, Inc.) Aktualizacje NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden ALLPlayer (wersja 8.6) (HKLM\...\{68972948-F221-4267-9EB6-2EB5D913C4CF}_is1) (Version: 8.6 - ALLPlayer Ltd.) Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.2.6 - Electronic Arts, Inc.) AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.8.3108 - AVG Technologies) AVG Secure Browser (HKLM-x32\...\AVG Secure Browser) (Version: 79.0.3064.81 - AVG Technologies) AVG Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.5.169.0 - AVG Technologies) Hidden BitTorrent (HKU\S-1-5-21-3209356975-1440663221-436767862-1002\...\BitTorrent) (Version: 7.10.5.45496 - BitTorrent Inc.) Brother MFL-Pro Suite DCP-J105 (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: 1.0.0.0 - Brother Industries, Ltd.) Brother MFL-Pro Suite DCP-J125 (HKLM-x32\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 2.0.0.0 - Brother Industries, Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform) GIMP 2.10.12 (HKLM\...\GIMP-2_is1) (Version: 2.10.12 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.106 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden HL-1110 series (HKLM-x32\...\{4F2442B7-A89E-42A4-8F0E-6937499855CA}) (Version: 1.0.1.0 - Brother Industries, Ltd.) IFO (HKU\S-1-5-21-3209356975-1440663221-436767862-1002\...\f5cfd6eacfe89419) (Version: 1.0.0.12 - KGŻW - OOM - RW) IrfanView 4.53 (64-bit) (HKLM\...\IrfanView64) (Version: 4.53 - Irfan Skiljan) League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc) Lenovo Nerve Sense (HKLM\...\{DCB4DFB5-93CA-4BDD-9D08-CE880626B46E}_is1) (Version: 2.6.11.8 - Lenovo) Lenovo Service Bridge (HKU\S-1-5-21-3209356975-1440663221-436767862-1002\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.0.4 - Lenovo) Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0092 - Lenovo) Lenovo Utility (HKLM\...\{12ABAC82-7D83-4CB8-9DD2-434DC9AF2942}_is1) (Version: 3.0.0.20 - Lenovo) LTE Mobile Hotspot (HKLM-x32\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.3 - ZTE Corporation) Magic Bullet Suite v13.0.1 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 13.0.1 - Red Giant, LLC) Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.12430.20264 - Microsoft Corporation) Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3209356975-1440663221-436767862-1002\...\OneDriveSetup.exe) (Version: 19.232.1124.0005 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation) Napisy24 (HKLM-x32\...\{D1985DBC-F09E-4317-91B8-932AD0FD4A27}_is1) (Version: 1.9.4 - Napisy24.pl) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation) NVIDIA Sterownik graficzny 441.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.66 - NVIDIA Corporation) NVIDIA USBC Driver 1.38.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.38.831.832 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12430.20264 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12430.20264 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12430.20264 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12430.20264 - Microsoft Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.5.57.35162 - Electronic Arts, Inc.) Pakiet sterowników systemu Windows - Nuvoton NuVCOMDeviceClass (10/02/2014 1.0.0.0) (HKLM\...\E9DFFA0C501AA84AFA42A2F4C38CCCBD70712C0E) (Version: 10/02/2014 1.0.0.0 - Nuvoton) Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.10.0 - Red Giant, LLC) Simplify3D Software (HKLM\...\Simplify3D Software 4.0.0) (Version: 4.0.0 - Simplify3D) TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.4.2669 - TeamViewer) VEGAS Pro 14.0 (64-bit) (HKLM\...\{B926966E-0517-11E7-9D65-C2A106E0D44C}) (Version: 14.0.244 - VEGAS) VirtualDJ 2020 (HKLM\...\{830C5751-6A7C-42C7-9AD3-278FFC68E0BC}) (Version: 8.4.5402.0 - Atomix Productions) VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN) Web Companion (HKLM-x32\...\{20b4adb0-f0b1-47f2-a7bb-aee33619abdd}) (Version: 4.7.1987.3881 - Lavasoft) WinRAR 5.71 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) WinUSB4NuVCOM_NUC970 1.0 (HKLM-x32\...\{85E48277-C185-4C5A-A08F-0CAD56B5AB68}_is1) (Version: 1.0 - Nuvoton, Inc.) Packages: ========= Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-08-16] (Adobe Systems Incorporated) Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.0.3.0_x86__kgqvnymyfvs32 [2019-09-06] (king.com) Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.20.7.0_x86__kgqvnymyfvs32 [2019-09-06] (king.com) Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1590.2.0_x86__kgqvnymyfvs32 [2019-09-04] (king.com) Dolby Atmos for Gaming -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforGaming_3.20301.311.0_x64__rz1tebttyb220 [2019-08-16] (Dolby Laboratories) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-16] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-16] (Microsoft Corporation) [MS Ad] Microsoft News - Wiadomości -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-16] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-08-31] (Microsoft Studios) [MS Ad] MSN Pogoda -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-08-16] (Microsoft Corporation) [MS Ad] Poczta i Kalendarz -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-16] (Microsoft Corporation) [MS Ad] Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2019-08-16] (Realtek Semiconductor Corp) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0 [2019-09-01] (Spotify AB) [Startup Task] ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3209356975-1440663221-436767862-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-01-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_b09f6e5feb96a93a\nvshext.dll [2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-01-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Betaflight - Configurator.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kdaghagfopacdngbohiknlhcocjccjao ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default ==================== Loaded Modules (Whitelisted) ============= 2019-11-08 10:54 - 2005-04-22 05:36 - 000143360 _____ () [File not signed] C:\Windows\system32\BrSNMP64.dll 2019-11-08 10:54 - 2012-10-19 13:02 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll 2020-02-14 22:54 - 2018-11-30 17:08 - 000310272 _____ (easyhook.codeplex.com) [File not signed] C:\Program Files\Common Files\Dolby\DAX3\RADARHOST\EasyHook64.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com IE trusted site: HKU\S-1-5-21-3209356975-1440663221-436767862-1002\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-3209356975-1440663221-436767862-1002\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2018-09-15 08:31 - 2018-09-15 08:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3209356975-1440663221-436767862-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Dawid\Downloads\697989.jpg DNS Servers: 192.168.8.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "CheckNDISPort54ac01" HKLM\...\StartupApproved\Run32: => "CancelAutoPlay_df" HKLM\...\StartupApproved\Run32: => "BrStsInd00" HKLM\...\StartupApproved\Run32: => "ControlCenter3" HKLM\...\StartupApproved\Run32: => "BrStsMon00" HKLM\...\StartupApproved\Run32: => "BrHelp" HKLM\...\StartupApproved\Run32: => "ControlCenter4" HKU\S-1-5-21-3209356975-1440663221-436767862-1002\...\StartupApproved\Run: => "ALLUpdate" HKU\S-1-5-21-3209356975-1440663221-436767862-1002\...\StartupApproved\Run: => "AVGBrowserAutoLaunch_6D87105484E0D2244BEF0F6396F68F2C" HKU\S-1-5-21-3209356975-1440663221-436767862-1002\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3209356975-1440663221-436767862-1002\...\StartupApproved\Run: => "Napisy24Update" HKU\S-1-5-21-3209356975-1440663221-436767862-1002\...\StartupApproved\Run: => "Web Companion" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{D1E96D6D-EB86-48E9-B2CE-C67A835BD202}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{947535E3-9A82-4F60-B8DD-A66849859FB1}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{2B27CEE2-7C8E-4D9D-952A-9CFAA457BCF6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{FCEF0524-96FD-463A-91AA-B2CEA344125A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{906A8DE1-12C9-4C73-BAC5-DED13243D451}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{D8C2F29A-539A-463A-8ADB-72FA45B4A6C5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{59D82B1D-DB30-48F2-AF5B-5A02DA8E1127}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{F9D74508-749D-46D3-8AEF-06AB79D260D3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{298D1C3F-B29B-4218-B561-C23522E4E0C1}] => (Allow) C:\Users\Dawid\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{5CE02C3D-1ABA-4665-83BA-E75626E410E1}] => (Allow) C:\Users\Dawid\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [TCP Query User{5AA4AD18-EDA2-44AB-AA49-17CAF25AF25A}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment) FirewallRules: [UDP Query User{6BFEBFA5-3FC9-441D-B1EF-EBF75D9CD52B}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment) FirewallRules: [{8D1E873E-5EAA-4BC6-B3CE-8415E91B5C09}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5DA4ED9C-69AD-465B-9850-F6A54F6FFAC4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{2CDC25CB-146C-4661-A902-6EC4C3564273}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{FA963D52-2F97-4501-86B2-1302D09D1724}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{62668DF0-8E70-4B23-9BDD-EEF2C2DCD2A8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{AD77D708-2999-4E4E-A8A3-59B008A331C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{E54E2EE5-A348-4008-93A4-845753AC6157}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{EF306B2D-89F3-4291-9A86-76186B1F2995}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{EC7FB275-8C3E-4B7F-959E-FE159D0B1FAF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C913D074-CE8F-40EF-B34A-79D6CA7389DD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{76942320-7941-4EBD-987B-EC686A52C06B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{0C7A37B7-F887-47B4-A933-006E6F45C728}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{561DEA94-9CB6-4CDE-8E86-6E35EA747919}C:\program files\adobe\adobe premiere pro cc 2019\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2019\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe) FirewallRules: [UDP Query User{AFD0EC31-8A3C-4766-A91E-2564F051CA47}C:\program files\adobe\adobe premiere pro cc 2019\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2019\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe) FirewallRules: [TCP Query User{86C28C13-6F79-461D-B9C7-EEC0555FF007}C:\program files\adobe\adobe premiere pro cc 2019\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2019\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe) FirewallRules: [UDP Query User{173A74FC-EC40-4624-9E01-9C95D8CDDF74}C:\program files\adobe\adobe premiere pro cc 2019\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2019\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe) FirewallRules: [{412156ED-CE4E-4B5E-8FB5-386E186FEE9E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E9FB1882-8AB1-4DD3-8CAF-D53385718F81}] => (Allow) LPort=54925 FirewallRules: [{39389280-6898-44E0-AD91-D77BE765FED2}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{A850085B-B47E-4C21-AFE8-14EC9B59A5ED}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{7F8F5680-D1C1-4E11-B7C9-48DF76D8CAC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A0DED8ED-3A9C-41B2-9322-554570E68053}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{C3770CE5-340B-4BD3-88C4-08B327E7500E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{2435750D-9D03-4B12-B607-40B4D648EAB0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{AED04A25-7D3E-4192-A674-35B8C5458C2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{45C1002E-0800-4E77-85F8-B737410905DB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5B39B482-03F2-4027-A82C-277E08CDC90E}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> ) FirewallRules: [{21A3BDC4-F298-478C-BB6C-2A64C24AD8BB}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> ) FirewallRules: [{056F5F9F-63AA-44C9-8497-3FD9EEAE7D64}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, Inc. -> AVG Technologies) FirewallRules: [{BBBFEB59-1146-4CF3-BA1C-C034541DAB68}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= 06-01-2020 10:27:19 DDU Restore Point 08-02-2020 13:52:30 Scheduled Checkpoint 14-02-2020 22:33:23 Instalator modułów systemu Windows ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (02/14/2020 10:54:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: OriginWebHelperService.exe, wersja: 10.5.57.35162, sygnatura czasowa: 0x5df243e3 Nazwa modułu powodującego błąd: OriginWebHelperService.exe, wersja: 10.5.57.35162, sygnatura czasowa: 0x5df243e3 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00099d50 Identyfikator procesu powodującego błąd: 0x154c Godzina uruchomienia aplikacji powodującej błąd: 0x01d5e3815a5bc05c Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Origin\OriginWebHelperService.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Origin\OriginWebHelperService.exe Identyfikator raportu: 1ec73d93-e1db-43bb-83f4-709c10d217eb Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (02/14/2020 10:51:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: OriginWebHelperService.exe, wersja: 10.5.57.35162, sygnatura czasowa: 0x5df243e3 Nazwa modułu powodującego błąd: OriginWebHelperService.exe, wersja: 10.5.57.35162, sygnatura czasowa: 0x5df243e3 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00099d50 Identyfikator procesu powodującego błąd: 0x13a8 Godzina uruchomienia aplikacji powodującej błąd: 0x01d5e380f4a34be1 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Origin\OriginWebHelperService.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Origin\OriginWebHelperService.exe Identyfikator raportu: 905b830c-2bcf-4bb2-8d3c-57ffbab368a1 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (02/14/2020 10:45:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: OriginWebHelperService.exe, wersja: 10.5.57.35162, sygnatura czasowa: 0x5df243e3 Nazwa modułu powodującego błąd: OriginWebHelperService.exe, wersja: 10.5.57.35162, sygnatura czasowa: 0x5df243e3 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00099d50 Identyfikator procesu powodującego błąd: 0x12b4 Godzina uruchomienia aplikacji powodującej błąd: 0x01d5e38020a480f9 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Origin\OriginWebHelperService.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Origin\OriginWebHelperService.exe Identyfikator raportu: a17150c0-2cc7-4662-ba55-4224d9de9fe8 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (02/14/2020 10:40:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: OriginWebHelperService.exe, wersja: 10.5.57.35162, sygnatura czasowa: 0x5df243e3 Nazwa modułu powodującego błąd: OriginWebHelperService.exe, wersja: 10.5.57.35162, sygnatura czasowa: 0x5df243e3 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00099d50 Identyfikator procesu powodującego błąd: 0xd64 Godzina uruchomienia aplikacji powodującej błąd: 0x01d5e37f6ec0e2d7 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Origin\OriginWebHelperService.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Origin\OriginWebHelperService.exe Identyfikator raportu: d788527d-8a08-4dce-8786-95d46b02d53f Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (02/14/2020 10:32:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: OriginWebHelperService.exe, wersja: 10.5.57.35162, sygnatura czasowa: 0x5df243e3 Nazwa modułu powodującego błąd: OriginWebHelperService.exe, wersja: 10.5.57.35162, sygnatura czasowa: 0x5df243e3 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00099d50 Identyfikator procesu powodującego błąd: 0x14b4 Godzina uruchomienia aplikacji powodującej błąd: 0x01d5e37e4180bc83 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Origin\OriginWebHelperService.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Origin\OriginWebHelperService.exe Identyfikator raportu: 737721e1-aa71-4fc6-b9a2-fc6993d3f5c8 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (02/14/2020 10:29:19 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program SystemSettings.exe w wersji 10.0.17763.1 przestał współpracować z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemów w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 2010 Godzina rozpoczęcia: 01d5e37b99e56c16 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Windows\ImmersiveControlPanel\SystemSettings.exe Identyfikator raportu: c972a30d-0843-4ec7-bf1c-beb93f53fb5b Pełna nazwa pakietu powodującego błąd: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy Identyfikator aplikacji powiązanej z pakietem powodującym błąd: microsoft.windows.immersivecontrolpanel Typ zawieszenia: Cross-process Error: (02/14/2020 10:19:28 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY) Description: System Windows nie może załadować biblioteki DLL rozszerzalnego licznika „C:\Windows\system32\sysmain.dll” (kod błędu systemu Win32: 126). Error: (02/14/2020 10:13:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: OriginWebHelperService.exe, wersja: 10.5.57.35162, sygnatura czasowa: 0x5df243e3 Nazwa modułu powodującego błąd: OriginWebHelperService.exe, wersja: 10.5.57.35162, sygnatura czasowa: 0x5df243e3 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00099d50 Identyfikator procesu powodującego błąd: 0x14d8 Godzina uruchomienia aplikacji powodującej błąd: 0x01d5e37b9231cdc0 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Origin\OriginWebHelperService.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Origin\OriginWebHelperService.exe Identyfikator raportu: be94b4f0-42c8-4224-84cf-0479c431125d Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: System errors: ============= Error: (02/14/2020 11:06:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa wuauserv zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego pliku. Error: (02/14/2020 11:06:48 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0590AED) Description: Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (02/14/2020 11:04:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa wuauserv zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego pliku. Error: (02/14/2020 11:04:48 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (02/14/2020 11:02:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa wuauserv zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego pliku. Error: (02/14/2020 11:02:48 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0590AED) Description: Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (02/14/2020 11:00:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa wuauserv zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego pliku. Error: (02/14/2020 11:00:48 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0590AED) Description: Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Windows Defender: =================================== Date: 2019-08-16 21:52:38.238 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nazwa: HackTool:Win32/AutoKMS Identyfikator: 2147685180 Ważność: High Kategoria: Tool Ścieżka: file:_C:\Users\Dawid\AppData\Local\Temp\Rar$EXa2824.11313\MICROSOFT Office PRO Plus 2016 v16.0.4266.1003 RTM + Activator [TechTools.NET]\KMSAuto Net 2015 v1.3.8 Portable\KMSAuto Net.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: DESKTOP-0590AED\Dawid Nazwa procesu: C:\Program Files\WinRAR\WinRAR.exe Wersja podpisu: AV: 1.299.2214.0, AS: 1.299.2214.0, NIS: 1.299.2214.0 Wersja aparatu: AM: 1.1.16200.1, NIS: 1.1.16200.1 Date: 2019-08-16 18:40:18.908 Description: Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby załadowania podpisów i podejmie próbę powrotu do znanego zestawu dobrych podpisów. Podpisy objęte próbą: Bieżące Kod błędu: 0x80070002 Opis błędu: The system cannot find the file specified. Wersja podpisu: 0.0.0.0;0.0.0.0 Wersja aparatu: 0.0.0.0 CodeIntegrity: =================================== Date: 2020-02-14 23:00:29.691 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-14 23:00:29.688 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-14 23:00:29.681 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-14 23:00:29.676 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-14 23:00:29.565 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-14 23:00:29.562 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-14 23:00:29.557 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-14 23:00:29.554 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: LENOVO BHCN35WW 11/23/2019 Motherboard: LENOVO LNVNB161216 Processor: Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz Percentage of memory in use: 26% Total physical RAM: 16303.24 MB Available physical RAM: 12055.2 MB Total Virtual: 18735.24 MB Available Virtual: 12871.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.21 GB) (Free:328.79 GB) NTFS Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:585.31 GB) NTFS \\?\Volume{d3c79f5d-6c03-4c7e-afc0-c705c37ae48a}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS \\?\Volume{117a72b9-51eb-4783-8111-0de55204fd60}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: C0ACDF2D) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End of Addition.txt =======================