Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2021 Ran by tc-electrical (25-05-2021 09:15:12) Running from C:\Users\tc-electrical\Desktop\ja Windows 7 Professional Service Pack 1 (X64) (2017-06-23 07:00:52) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= admin (S-1-5-21-509110842-4231584563-957164148-1000 - Administrator - Enabled) => C:\Users\admin Administrator (S-1-5-21-509110842-4231584563-957164148-500 - Administrator - Enabled) ASPNET (S-1-5-21-509110842-4231584563-957164148-1002 - Limited - Enabled) ClientAdmin (S-1-5-21-509110842-4231584563-957164148-1006 - Administrator - Enabled) Guest (S-1-5-21-509110842-4231584563-957164148-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) _Program Cennikowy Eaton 2 (HKLM-x32\...\_Program Cennikowy Eaton 2) (Version: - ) 7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe) Aktualizacja biblioteki Samsung (HKLM-x32\...\PRO100_is1) (Version: - Ecru Oprogramowanie) AOMEI Partition Assistant 9.1 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI International Network Limited.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.3.2459 - Avast Software) Blender (HKLM\...\{053A73FE-DBF8-4674-8EC0-63BD07615695}) (Version: 2.81.0 - Blender Foundation) BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.170.0.1042 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) calibre (HKLM-x32\...\{2E8CBF47-974A-452D-9ED0-E10010B2DC00}) (Version: 4.23.0 - Kovid Goyal) CCleaner (HKLM\...\CCleaner) (Version: 5.79 - Piriform) CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden Cone Layout v2.0 (HKLM-x32\...\Cone Layout) (Version: - ) Crouzet-Soft 1.8.00 (HKLM-x32\...\6BCD8694-FAB1-406E-83E4-263BAAD2B163_is1) (Version: 1.8.00 - Crouzet automation) doPDF (HKLM\...\{1896977D-F518-4D39-8F18-98D584919675}) (Version: 10.8.125 - Softland) Hidden doPDF 10 (HKLM-x32\...\{947ef07d-8d2e-4aa4-8110-40d2333634c9}) (Version: 10.8.125 - Softland) doPDF 10 add-in for Microsoft Office (x64) (HKLM\...\{03EDB7F5-656B-4F15-A4D6-91B4EC1BC90E}) (Version: 10.5.120 - Softland) doPDF 10 add-in for Microsoft Office (x86) (HKLM-x32\...\{D7846B62-D353-4D63-92D4-8AF4E994A17A}) (Version: 10.5.120 - Softland) doPDF 10 Printer Driver (HKLM\...\{015C9318-A833-4B7A-9F15-38E373D50E8C}) (Version: 10.8.125 - Softland) DraftSight 2018 SP1 x64 (HKLM\...\{46ED85CE-F89E-4629-B375-568D07074E75}) (Version: 18.1.0044 - Dassault Systemes) DrivesSoft2 ver2.1.1.2 (HKLM-x32\...\DrivesSoft2_is1) (Version: - Moeller GmbH) eDrawings 2019 x64 (HKLM\...\{19F16AB6-BA36-471C-9155-9EAABC73F006}) (Version: 27.30.0056 - Dassault Systemes SolidWorks Corp) Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.) FluidSIM 5 Demo (HKLM-x32\...\{953E50DC-8F97-4539-997D-27BF0FC41D12}) (Version: 5.6.5.0 - Festo Didactic SE) Free Burn MP3-CD v1.2 (HKLM-x32\...\Free Burn MP3-CD_is1) (Version: 1.2 - www.nbxsoft.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC) Hexagon (HKLM-x32\...\{F53BE0D6-CE61-40E2-AFA0-A873F372F258}) (Version: 5.29.1.1 - Sencon (UK) Ltd) HP Business Slim Keyboard (HKLM-x32\...\{E9D7FD0D-CF46-4FEB-9C57-7AACCFBF6C36}) (Version: 1.08 - HP) HP ESU for Microsoft Windows 7 (HKLM-x32\...\{E0125AB7-85D5-4373-8DC8-681CB75D9FE5}) (Version: 3.5.1 - HP) HP Hotkey Support (HKLM-x32\...\{44F54A90-36A1-43D0-95E5-4CA18EC52A30}) (Version: 6.2.16.1 - HP) HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - ) HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.) Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1177 - Intel Corporation) Intel(R) Network Connections 20.2.3001.0 (HKLM\...\PROSetDX) (Version: 20.2.3001.0 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4404 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.1.1030 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation) Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation) JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Kaspersky Endpoint Security for Windows (HKLM-x32\...\{9A017278-F7F4-4DF9-A482-0B97B70DD7ED}) (Version: 11.2.0.2254 - AO Kaspersky Lab) Kaspersky Security Center Network Agent (HKLM-x32\...\{BCF4CF24-88AB-45E1-A6E6-40C8278A70C5}) (Version: 13.0.0.11247 - Kaspersky) Hidden Kaspersky Security Center Network Agent (HKLM-x32\...\InstallWIX_{BCF4CF24-88AB-45E1-A6E6-40C8278A70C5}) (Version: 13.0.0.11247 - Kaspersky) Labeleditor 2.0 (HKLM-x32\...\{8C852B0C-DEE9-4F92-BBAE-1825D2B093E8}) (Version: 2.02.1096 - Moeller Software) LAV Filters 0.74.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.74.1 - Hendrik Leppkes) LegrandPDFWriter (HKLM\...\LegrandPDFWriter) (Version: - ) LibreCAD (HKLM-x32\...\LibreCAD) (Version: 2.1.3 - LibreCAD Team) Maxthon (HKU\S-1-5-21-615164164-2078643864-492831376-16164\...\Maxthon) (Version: 6.1.2.1000 - The Maxthon Authors) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation) Microsoft Office Standard 2016 (HKLM-x32\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mitsubishi Configuration Studio (HKLM-x32\...\{59EE398F-9E04-4365-A1DB-7E4777195F7C}) (Version: 3.1.3.1 - Mitsubishi Electric) Mozilla Firefox 88.0.1 (x64 pl) (HKLM\...\Mozilla Firefox 88.0.1 (x64 pl)) (Version: 88.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla) MSI.designer (HKLM-x32\...\{2AF3F0C4-226A-4DEC-89D1-76161F35594F}) (Version: 2.0.1.8653 - Leuze electronic GmbH) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (HKLM-x32\...\{90160000-001F-0415-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden NetClientOCX version 6.4.1.0 (HKLM-x32\...\{09E218A5-2C33-4E05-905E-F622440C1F83}_is1) (Version: 6.4.1.0 - ) opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden Opera Stable 76.0.4017.139 (HKU\S-1-5-21-615164164-2078643864-492831376-16164\...\Opera 76.0.4017.139) (Version: 76.0.4017.139 - Opera Software) Panda USB Vaccine 1.0.1.16 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version: - Panda Security) Pepakura Designer 4 (HKLM-x32\...\pepakura_designer4en) (Version: - TamaSoftware) PRO100 aktualizacja Siemens (HKLM-x32\...\PRO100 wersja 5_is1) (Version: - Ecru Oprogramowanie) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7427 - Realtek Semiconductor Corp.) RMQ Titan v1.0.5 (HKLM-x32\...\RMQ Titan v1.0.5) (Version: - ) Safari (HKLM-x32\...\{A08BAD08-9AA3-410F-98F3-C92C8EE37218}) (Version: 5.34.54.16 - Apple Inc.) SEE Electrical V8R1 SERVICE PACK 3 (8.1.3.19) (HKLM-x32\...\{55AFE76C-CA5D-4E36-A82B-66A6C1579EF9}) (Version: 8.10.7097 - IGE+XAO) Siemens Cennik 8.0 DWG (HKLM-x32\...\Siemens Cennik 8.0 DWG) (Version: 8.0 DWG - Siemens Sp. z o.o.) SigmaSelect (HKLM-x32\...\{633A54BB-4641-487D-8ED1-48BECC1DD72B}) (Version: 1.8.3 - Yaskawa) SISTEMA 2.0 - Safety Integrity Software Tool for the Evaluation of Machine Applications version 2.0.7 (HKLM-x32\...\{20325465-F3CB-49EA-93FB-B7A88FFAD631}_is1) (Version: 2.0.7 - Institute for Occupational Health and Safety of German Social Accident Insurance (IFA)) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer) Toolwiz File Recovery FREE (HKLM-x32\...\Toolwiz File Recovery FREE_is1) (Version: 1.3.0.0 - Toolwiz) UC232A_Win 7_64bit (HKLM-x32\...\{437BDACD-9584-4A01-A814-27EA01B452A6}) (Version: 1.0.075 - Aten International Co., Ltd.) UmmyVideoDownloader (HKU\S-1-5-21-615164164-2078643864-492831376-19557\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.10.3.0 - ) <==== ATTENTION Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.67 - Samsung Electronics CO., LTD.) Unity Web Player (HKU\S-1-5-21-615164164-2078643864-492831376-16164\...\UnityWebPlayer) (Version: 5.3.8f2 - Unity Technologies ApS) Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS) Update for Skype for Business 2016 (KB4493155) 32-Bit Edition (HKLM-x32\...\{90160000-0012-0000-0000-0000000FF1CE}_Office16.STANDARD_{3EE18F52-959F-4C18-858F-E6CF876AEEC1}) (Version: - Microsoft) Update for Skype for Business 2016 (KB4493155) 32-Bit Edition (HKLM-x32\...\{90160000-002A-0000-1000-0000000FF1CE}_Office16.STANDARD_{3EE18F52-959F-4C18-858F-E6CF876AEEC1}) (Version: - Microsoft) USB Disk Storage Format Tool 6.0 (HKLM\...\USB Disk Storage Format Tool_is1) (Version: - Authorsoft Corporation) Visual C++ 2008 x86 Runtime - v9.0.30729.5578 (HKLM-x32\...\{212B6234-BBB0-397F-AB77-8AE5F2668954}.vc_x86runtime_30729_5578) (Version: 9.0.30729.5578 - Microsoft Corporation) Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.) Windows Driver Package - libusb 1.0 (WinUSB) libusb (WinUSB) devices (12/03/2015 ) (HKLM\...\E417558CF0469E02B524AE99B00866F3DF8FF433) (Version: 12/03/2015 - libusb 1.0) Windows Driver Package - Silicon Labs (usbser) Ports (12/03/2015 5.1.2600.0) (HKLM\...\8C07B001095CC7E0651BAB561091E66C36727E1F) (Version: 12/03/2015 5.1.2600.0 - Silicon Labs) Wondershare Recoverit(Build 9.5.1.7) (HKLM-x32\...\{829555DC-31E5-4FEA-B350-8FCF24CECD95}_is1) (Version: 9.5.1.7 - Wondershare Software Co.,Ltd.) XG5000 4.28 (HKLM-x32\...\{5E8CA3BB-EF23-4AA4-AB7B-5A8248887BF1}) (Version: 6.28.10 - LSIS) Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org) XLPRO3 v3.8.09 -b6 (HKLM-x32\...\{ECAB9BE4-8C28-4D58-B435-BEA355661A26}) (Version: 3.8.09.6 - Legrand) YASKAWA SigmaWin+ English Edition Ver.5.75 (HKLM-x32\...\{C6264FF0-97DE-11D6-A6F2-00B0D069DE56}) (Version: 5.75.00000 - Yaskawa electric corp.) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-615164164-2078643864-492831376-16164_Classes\CLSID\{635EFA6F-08D6-4EC9-BD14-8A0FDE975159}\localserver32 -> C:\Users\tc-electrical\AppData\Local\Maxthon\Application\6.1.2.1000\notification_helper.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-25] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-25] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-25] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team) ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team) ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-25] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed] ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2016-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-25] (Avast Software s.r.o. -> AVAST Software) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\tc-electrical\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Easy Viewer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=anjoggeimnldigfcihcggejncophmhjc ShortcutWithArgument: C:\Users\tc-electrical\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\ba25cbabeac6df3e\Easy Viewer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=anjoggeimnldigfcihcggejncophmhjc ==================== Loaded Modules (Whitelisted) ============= 2020-08-07 09:24 - 2010-12-10 11:24 - 000087040 _____ () [File not signed] C:\windows\System32\custmon64.dll 2018-06-14 12:27 - 2015-03-12 04:43 - 000022528 _____ () [File not signed] C:\windows\System32\us013lm.dll 2016-08-31 02:00 - 2016-08-31 01:00 - 007412736 _____ (CANON INC.) [File not signed] C:\windows\system32\spool\DRIVERS\x64\3\CnP60MUI_D8F87.DLL 2016-08-04 22:02 - 2014-06-11 19:53 - 000423936 _____ (Hewlett-Packard) [File not signed] C:\windows\System32\hpbprtmon.dll 2014-06-11 19:53 - 2014-06-11 19:53 - 000442880 _____ (Hewlett-Packard) [File not signed] C:\windows\system32\spool\DRIVERS\x64\3\hpbxjobsvr1401.dll 2009-06-24 11:57 - 2009-06-24 11:57 - 000029696 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\DebugLogger.dll 2009-06-24 11:57 - 2009-06-24 11:57 - 000032768 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll 2009-06-24 11:57 - 2009-06-24 11:57 - 000031744 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll 2018-01-05 14:12 - 2016-10-04 16:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll 2016-08-04 22:00 - 2015-06-15 13:00 - 000074752 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll 2015-08-18 23:19 - 2015-08-18 23:19 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll 2015-08-18 23:20 - 2015-08-18 23:20 - 000285184 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll 2015-09-14 18:47 - 2015-09-14 18:47 - 000055808 _____ (LITE-ON Corp.) [File not signed] C:\Program Files (x86)\HP\HP Business Slim Keyboard\skhooks.dll 2015-09-14 18:47 - 2015-09-14 18:47 - 000049664 _____ (LITE-ON TECHNOLOGY CORP.) [File not signed] C:\Program Files (x86)\HP\HP Business Slim Keyboard\SKHidKbd.dll 2016-07-14 13:52 - 2016-07-14 13:52 - 000126976 _____ (Microsoft Corporation) [File not signed] C:\windows\Microsoft.Net\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\ucrtbase.DLL 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\VCRUNTIME140.dll 2020-06-04 20:16 - 2020-06-04 20:16 - 000018944 _____ (Softland) [File not signed] C:\windows\System32\novamn10.dll 2018-01-12 03:53 - 2018-01-12 03:53 - 005584896 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Dassault Systemes\DraftSight\bin\Qt5Core.dll 2018-01-12 03:53 - 2018-01-12 03:53 - 001065472 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Dassault Systemes\DraftSight\bin\Qt5Network.dll 2018-01-12 03:53 - 2018-01-12 03:53 - 000193536 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Dassault Systemes\DraftSight\bin\Qt5Xml.dll 2018-06-14 12:27 - 2015-08-20 03:14 - 000043520 _____ (Windows (R) Codename Longhorn DDK provider) [File not signed] C:\windows\system32\spool\PRTPROCS\x64\us013pc.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Version 11) (Whitelisted) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE HKU\S-1-5-21-509110842-4231584563-957164148-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-509110842-4231584563-957164148-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE HKU\S-1-5-21-615164164-2078643864-492831376-16164\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://intranet.silganmp.com HKU\S-1-5-21-615164164-2078643864-492831376-16164\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp HKU\S-1-5-21-615164164-2078643864-492831376-16164\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.pl HKU\S-1-5-21-615164164-2078643864-492831376-19557\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://intranet.silganmp.com HKU\S-1-5-21-615164164-2078643864-492831376-19557\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp HKU\S-1-5-21-615164164-2078643864-492831376-19557\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.pl SearchScopes: HKU\S-1-5-21-615164164-2078643864-492831376-16164 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-615164164-2078643864-492831376-16164 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-615164164-2078643864-492831376-19557 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-615164164-2078643864-492831376-19557 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-07-18] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-18] (Oracle America, Inc. -> Oracle Corporation) Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2019-01-04 14:56 - 000000824 _____ C:\windows\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Calibre2\ HKU\S-1-5-21-509110842-4231584563-957164148-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-615164164-2078643864-492831376-16164\Control Panel\Desktop\\Wallpaper -> C:\Users\tc-electrical\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-615164164-2078643864-492831376-19557\Control Panel\Desktop\\Wallpaper -> C:\Users\stenmar\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 10.150.40.11 - 10.150.40.12 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{0CAD2313-A8B0-4FBE-8122-6643ADEAC91D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{2B1DCB5A-BE1D-4D8B-8F66-94EBBA38897A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{1910D7BD-DADE-4D48-B844-93D02BA8BCF0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{69C6FF22-146D-4ECC-8C36-ACF36FA46EF9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{9510EF67-769B-4CBF-B997-41C7C9D7A672}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{B7630C9F-107B-4D73-A2C8-B537941D83AE}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink Corp. -> CyberLink) FirewallRules: [{51C63420-472B-4E71-B411-C7EC6F880B25}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{DD193D58-BE26-4F65-A023-1C2A33D08108}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{C2D3C6E1-EB2A-4582-AD84-C54EFA290FB2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{2EB3718B-852C-4A2E-86E8-6F8865F757E3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{A9D57586-1D5D-4CCA-924E-5A87B8F31217}] => (Allow) C:\windows\system32\hasplms.exe (SafeNet Canada, Inc. -> SafeNet, Inc.) FirewallRules: [{C9CB3F6E-69A9-4A78-9910-D1E5BC1A5628}] => (Allow) C:\windows\system32\hasplms.exe (SafeNet Canada, Inc. -> SafeNet, Inc.) FirewallRules: [{4DF17B15-F97D-4B30-AB6E-116DFC41E6BB}] => (Allow) C:\windows\system32\hasplms.exe (SafeNet Canada, Inc. -> SafeNet, Inc.) FirewallRules: [{D5BB9019-6E69-42A2-8C77-92E715D3218C}] => (Allow) C:\windows\system32\hasplms.exe (SafeNet Canada, Inc. -> SafeNet, Inc.) FirewallRules: [{1CD53451-16EF-4EFC-8446-11014C212F41}] => (Allow) C:\windows\system32\hasplms.exe (SafeNet Canada, Inc. -> SafeNet, Inc.) FirewallRules: [{5AA33546-BAF9-4315-BFDC-8584F3AF02CB}] => (Allow) C:\windows\system32\hasplms.exe (SafeNet Canada, Inc. -> SafeNet, Inc.) FirewallRules: [{821ADF55-B42D-4972-9696-D85A44D123B2}] => (Allow) C:\windows\system32\hasplms.exe (SafeNet Canada, Inc. -> SafeNet, Inc.) FirewallRules: [{66A0E1AC-E194-43F8-AA12-7395F0B21217}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform) FirewallRules: [{64AA4D9B-5E10-49B9-858F-4C07FFFE4147}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform) FirewallRules: [{EC45FF69-898F-42AC-B3D9-3506D8C16862}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) FirewallRules: [{91F03D27-8FF9-4135-9630-564741DC033A}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) FirewallRules: [{B1D2AF19-0B2F-4E05-9119-3C2DD1A71C99}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) FirewallRules: [{58D5AB27-1B0E-422B-B04F-2C175A0798F0}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) FirewallRules: [{E26E425E-C8F4-455B-B906-CAF0DAE88EDA}] => (Allow) LPort=15001 FirewallRules: [{36C16B1E-AAB8-4756-A536-EF6DB72095B4}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) FirewallRules: [{2943E04E-7369-4B4D-B7E3-95C33FA7E38E}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) FirewallRules: [TCP Query User{660F4AF6-B7C7-4BEA-8C1E-18CF265645DF}C:\users\tc-electrical\desktop\chiński scaner\filps_1.0.6a_ch 英文版\filps_1.0.6a_ch\filps.exe] => (Block) C:\users\tc-electrical\desktop\chiński scaner\filps_1.0.6a_ch 英文版\filps_1.0.6a_ch\filps.exe (Microsoft) [File not signed] FirewallRules: [UDP Query User{D75A2659-4506-4870-96DE-B536807A8B99}C:\users\tc-electrical\desktop\chiński scaner\filps_1.0.6a_ch 英文版\filps_1.0.6a_ch\filps.exe] => (Block) C:\users\tc-electrical\desktop\chiński scaner\filps_1.0.6a_ch 英文版\filps_1.0.6a_ch\filps.exe (Microsoft) [File not signed] FirewallRules: [{30F03514-6A67-41E6-AF7D-9B1EF72B9E11}] => (Allow) LPort=8502 FirewallRules: [{12576999-6141-4943-A378-694F3A3FD2E2}] => (Allow) LPort=8502 FirewallRules: [{C2F3E071-D281-4782-A711-7EFF587B4044}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) FirewallRules: [{03C0997E-84FF-41C9-ABC7-46AEAC8F9506}] => (Allow) LPort=15000 FirewallRules: [{10CBA752-AD63-4C66-88EF-45C1F8B630C5}] => (Allow) LPort=15000 FirewallRules: [{60F51A1B-A887-4DE7-9713-95F835EFF997}] => (Allow) LPort=15000 FirewallRules: [{3176C894-FF55-4638-B480-4001B909EE24}] => (Allow) LPort=57209 FirewallRules: [{A878E072-FFC0-464A-8BB5-39E2DBA75C0C}] => (Allow) LPort=57209 FirewallRules: [{95E1F1BD-E12A-4689-9F29-D3F8B04215C9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{E9AEFA27-3A28-4645-9262-45E4E1DC20E3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{E845E439-5DA0-4861-9BA6-A94A5681FF8C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{FC3CDAC7-BCC5-45F1-9C54-E9E1919EFF00}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{1771F502-185E-4FEF-97B7-AB0E6F771E97}] => (Allow) C:\Users\tc-electrical\AppData\Local\Programs\Opera\76.0.4017.107\opera.exe => No File FirewallRules: [{79156E6D-0331-4FE2-AC93-566B1C176503}] => (Allow) C:\Users\tc-electrical\AppData\Local\Programs\Opera\76.0.4017.123\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{D5891878-41EE-4375-BCC5-686C7DF2F515}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{14E45699-4FFE-4A69-909D-F03A0F9AA93A}] => (Allow) C:\Users\tc-electrical\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.) FirewallRules: [{28B3FD08-E12B-426A-9417-8C13C353DB12}] => (Allow) C:\Users\tc-electrical\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.) FirewallRules: [{6412647E-C918-423E-9A55-260BC537E87E}] => (Allow) C:\Users\tc-electrical\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.) FirewallRules: [{3F68A04F-53CD-41BA-A879-74F2FB29203D}] => (Allow) C:\Users\tc-electrical\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.) FirewallRules: [{732F9C01-EAC1-4469-82AF-D55B87678B42}] => (Allow) LPort=15001 FirewallRules: [{60C2F83E-C6A8-48CF-81D5-A753CA89D1D8}] => (Allow) LPort=15001 ==================== Restore Points ========================= 24-05-2021 15:34:58 End of disinfection 24-05-2021 18:45:15 Installed Safari ==================== Faulty Device Manager Devices ============ Name: LSIS XGSeries Description: LSIS XGSeries Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: LSIS Co., Ltd Service: WinUSB Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ======================== Application errors: ================== Error: (05/25/2021 05:59:42 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.19597 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1f94 Start Time: 01d750d6f3290396 Termination Time: 36 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: Error: (05/24/2021 04:52:16 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 8315 Error: (05/24/2021 04:52:16 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 8315 Error: (05/24/2021 04:52:16 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (05/24/2021 04:52:15 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 7160 Error: (05/24/2021 04:52:15 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 7160 Error: (05/24/2021 04:52:15 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (05/24/2021 04:52:13 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5943 System errors: ============= Error: (05/25/2021 08:37:40 AM) (Source: Application Management Group Policy) (EventID: 103) (User: NT AUTHORITY) Description: The removal of the assignment of application Symprex Email Signature Manager Agent (2) from policy SMP-Deploy MSI EmailSig failed. The error was : %SMP-Deploy MSI EmailSig Error: (05/25/2021 07:04:21 AM) (Source: Application Management Group Policy) (EventID: 103) (User: NT AUTHORITY) Description: The removal of the assignment of application Symprex Email Signature Manager Agent (2) from policy SMP-Deploy MSI EmailSig failed. The error was : %SMP-Deploy MSI EmailSig Error: (05/25/2021 07:02:08 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (05/25/2021 06:57:47 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (05/25/2021 06:57:47 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (05/25/2021 06:55:33 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (05/25/2021 06:55:33 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (05/25/2021 06:55:18 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Windows Defender: ================ Date: 2020-10-01 21:56:48.601 Description: Windows Defender has encountered an error trying to update the engine. New Engine Version:1.1.17400.5 Previous Engine Version:1.1.6402.0 Update Source:User Error Code:0x8050800c Error description:An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support. Date: 2020-10-01 10:13:43.595 Description: Windows Defender has encountered an error trying to update the engine. New Engine Version:1.1.17400.5 Previous Engine Version:1.1.6402.0 Update Source:User Error Code:0x8050800c Error description:An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support. Date: 2020-10-01 00:27:31.975 Description: Windows Defender has encountered an error trying to update the engine. New Engine Version:1.1.17400.5 Previous Engine Version:1.1.6402.0 Update Source:User Error Code:0x8050800c Error description:An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support. Date: 2020-09-30 14:08:58.366 Description: Windows Defender has encountered an error trying to update the engine. New Engine Version:1.1.17400.5 Previous Engine Version:1.1.6402.0 Update Source:User Error Code:0x8050800c Error description:An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support. Date: 2020-09-30 03:52:41.852 Description: Windows Defender has encountered an error trying to update the engine. New Engine Version:1.1.17400.5 Previous Engine Version:1.1.6402.0 Update Source:User Error Code:0x8050800c Error description:An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support. ==================== Memory info =========================== BIOS: HP N02 Ver. 02.14 05/30/2016 Motherboard: HP 805D Processor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz Percentage of memory in use: 39% Total physical RAM: 16264.59 MB Available physical RAM: 9878.2 MB Total Virtual: 32527.33 MB Available Virtual: 25054.99 MB ==================== Drives ================================ Drive c: (Windows ) (Fixed) (Total:221.19 GB) (Free:11.13 GB) NTFS ==>[system with boot components (obtained from drive)] Drive d: (HP_RECOVERY) (Fixed) (Total:16.18 GB) (Free:1.82 GB) NTFS ==>[system with boot components (obtained from drive)] Drive e: (HP_TOOLS) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32 Drive f: (New Volume) (Fixed) (Total:476.93 GB) (Free:475.83 GB) NTFS Drive g: (New Volume) (Fixed) (Total:476.93 GB) (Free:476.23 GB) NTFS Drive k: (Nowy) (Network) (Total:465.76 GB) (Free:1.76 GB) NTFS \\?\Volume{bc52e545-581b-11e7-9db1-806e6f6e6963}\ (SYSTEM ) (Fixed) (Total:1 GB) (Free:0.6 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: B0668824) Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=221.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=16.2 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=100 MB) - (Type=0C) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 953.9 GB) (Disk ID: D5AB100D) Partition 1: (Not Active) - (Size=476.9 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=476.9 GB) - (Type=07 NTFS) ==================== End of Addition.txt =======================