Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2021 Ran by tc-electrical (25-05-2021 13:43:50) Running from C:\Users\tc-electrical\Desktop\ja\New folder\New folder Windows 7 Professional Service Pack 1 (X64) (2017-06-23 07:00:52) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= admin (S-1-5-21-509110842-4231584563-957164148-1000 - Administrator - Enabled) => C:\Users\admin Administrator (S-1-5-21-509110842-4231584563-957164148-500 - Administrator - Enabled) ASPNET (S-1-5-21-509110842-4231584563-957164148-1002 - Limited - Enabled) ClientAdmin (S-1-5-21-509110842-4231584563-957164148-1006 - Administrator - Enabled) Guest (S-1-5-21-509110842-4231584563-957164148-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) _Program Cennikowy Eaton 2 (HKLM-x32\...\_Program Cennikowy Eaton 2) (Version: - ) 7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe) Aktualizacja biblioteki Samsung (HKLM-x32\...\PRO100_is1) (Version: - Ecru Oprogramowanie) AOMEI Partition Assistant 9.1 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI International Network Limited.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.3.2459 - Avast Software) Blender (HKLM\...\{053A73FE-DBF8-4674-8EC0-63BD07615695}) (Version: 2.81.0 - Blender Foundation) BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.170.0.1042 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) calibre (HKLM-x32\...\{2E8CBF47-974A-452D-9ED0-E10010B2DC00}) (Version: 4.23.0 - Kovid Goyal) CCleaner (HKLM\...\CCleaner) (Version: 5.79 - Piriform) CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden Cone Layout v2.0 (HKLM-x32\...\Cone Layout) (Version: - ) Crouzet-Soft 1.8.00 (HKLM-x32\...\6BCD8694-FAB1-406E-83E4-263BAAD2B163_is1) (Version: 1.8.00 - Crouzet automation) doPDF (HKLM\...\{1896977D-F518-4D39-8F18-98D584919675}) (Version: 10.8.125 - Softland) Hidden doPDF 10 (HKLM-x32\...\{947ef07d-8d2e-4aa4-8110-40d2333634c9}) (Version: 10.8.125 - Softland) doPDF 10 add-in for Microsoft Office (x64) (HKLM\...\{03EDB7F5-656B-4F15-A4D6-91B4EC1BC90E}) (Version: 10.5.120 - Softland) doPDF 10 add-in for Microsoft Office (x86) (HKLM-x32\...\{D7846B62-D353-4D63-92D4-8AF4E994A17A}) (Version: 10.5.120 - Softland) doPDF 10 Printer Driver (HKLM\...\{015C9318-A833-4B7A-9F15-38E373D50E8C}) (Version: 10.8.125 - Softland) DraftSight 2018 SP1 x64 (HKLM\...\{46ED85CE-F89E-4629-B375-568D07074E75}) (Version: 18.1.0044 - Dassault Systemes) DrivesSoft2 ver2.1.1.2 (HKLM-x32\...\DrivesSoft2_is1) (Version: - Moeller GmbH) eDrawings 2019 x64 (HKLM\...\{19F16AB6-BA36-471C-9155-9EAABC73F006}) (Version: 27.30.0056 - Dassault Systemes SolidWorks Corp) Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.) FluidSIM 5 Demo (HKLM-x32\...\{953E50DC-8F97-4539-997D-27BF0FC41D12}) (Version: 5.6.5.0 - Festo Didactic SE) Free Burn MP3-CD v1.2 (HKLM-x32\...\Free Burn MP3-CD_is1) (Version: 1.2 - www.nbxsoft.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC) Hexagon (HKLM-x32\...\{F53BE0D6-CE61-40E2-AFA0-A873F372F258}) (Version: 5.29.1.1 - Sencon (UK) Ltd) HP Business Slim Keyboard (HKLM-x32\...\{E9D7FD0D-CF46-4FEB-9C57-7AACCFBF6C36}) (Version: 1.08 - HP) HP ESU for Microsoft Windows 7 (HKLM-x32\...\{E0125AB7-85D5-4373-8DC8-681CB75D9FE5}) (Version: 3.5.1 - HP) HP Hotkey Support (HKLM-x32\...\{44F54A90-36A1-43D0-95E5-4CA18EC52A30}) (Version: 6.2.16.1 - HP) HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - ) HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.) Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1177 - Intel Corporation) Intel(R) Network Connections 20.2.3001.0 (HKLM\...\PROSetDX) (Version: 20.2.3001.0 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4404 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.1.1030 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation) Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation) JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Kaspersky Endpoint Security for Windows (HKLM-x32\...\{9A017278-F7F4-4DF9-A482-0B97B70DD7ED}) (Version: 11.2.0.2254 - AO Kaspersky Lab) Kaspersky Security Center Network Agent (HKLM-x32\...\{BCF4CF24-88AB-45E1-A6E6-40C8278A70C5}) (Version: 13.0.0.11247 - Kaspersky) Hidden Kaspersky Security Center Network Agent (HKLM-x32\...\InstallWIX_{BCF4CF24-88AB-45E1-A6E6-40C8278A70C5}) (Version: 13.0.0.11247 - Kaspersky) Labeleditor 2.0 (HKLM-x32\...\{8C852B0C-DEE9-4F92-BBAE-1825D2B093E8}) (Version: 2.02.1096 - Moeller Software) LAV Filters 0.74.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.74.1 - Hendrik Leppkes) LegrandPDFWriter (HKLM\...\LegrandPDFWriter) (Version: - ) LibreCAD (HKLM-x32\...\LibreCAD) (Version: 2.1.3 - LibreCAD Team) Maxthon (HKU\S-1-5-21-615164164-2078643864-492831376-16164\...\Maxthon) (Version: 6.1.2.1000 - The Maxthon Authors) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation) Microsoft Office Standard 2016 (HKLM-x32\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mitsubishi Configuration Studio (HKLM-x32\...\{59EE398F-9E04-4365-A1DB-7E4777195F7C}) (Version: 3.1.3.1 - Mitsubishi Electric) Mozilla Firefox 88.0.1 (x64 pl) (HKLM\...\Mozilla Firefox 88.0.1 (x64 pl)) (Version: 88.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla) MSI.designer (HKLM-x32\...\{2AF3F0C4-226A-4DEC-89D1-76161F35594F}) (Version: 2.0.1.8653 - Leuze electronic GmbH) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (HKLM-x32\...\{90160000-001F-0415-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden NetClientOCX version 6.4.1.0 (HKLM-x32\...\{09E218A5-2C33-4E05-905E-F622440C1F83}_is1) (Version: 6.4.1.0 - ) opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden Opera Stable 76.0.4017.139 (HKU\S-1-5-21-615164164-2078643864-492831376-16164\...\Opera 76.0.4017.139) (Version: 76.0.4017.139 - Opera Software) Panda USB Vaccine 1.0.1.16 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version: - Panda Security) Pepakura Designer 4 (HKLM-x32\...\pepakura_designer4en) (Version: - TamaSoftware) PRO100 aktualizacja Siemens (HKLM-x32\...\PRO100 wersja 5_is1) (Version: - Ecru Oprogramowanie) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7427 - Realtek Semiconductor Corp.) RMQ Titan v1.0.5 (HKLM-x32\...\RMQ Titan v1.0.5) (Version: - ) Safari (HKLM-x32\...\{A08BAD08-9AA3-410F-98F3-C92C8EE37218}) (Version: 5.34.54.16 - Apple Inc.) SEE Electrical V8R1 SERVICE PACK 3 (8.1.3.19) (HKLM-x32\...\{55AFE76C-CA5D-4E36-A82B-66A6C1579EF9}) (Version: 8.10.7097 - IGE+XAO) Siemens Cennik 8.0 DWG (HKLM-x32\...\Siemens Cennik 8.0 DWG) (Version: 8.0 DWG - Siemens Sp. z o.o.) SigmaSelect (HKLM-x32\...\{633A54BB-4641-487D-8ED1-48BECC1DD72B}) (Version: 1.8.3 - Yaskawa) SISTEMA 2.0 - Safety Integrity Software Tool for the Evaluation of Machine Applications version 2.0.7 (HKLM-x32\...\{20325465-F3CB-49EA-93FB-B7A88FFAD631}_is1) (Version: 2.0.7 - Institute for Occupational Health and Safety of German Social Accident Insurance (IFA)) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer) Toolwiz File Recovery FREE (HKLM-x32\...\Toolwiz File Recovery FREE_is1) (Version: 1.3.0.0 - Toolwiz) UC232A_Win 7_64bit (HKLM-x32\...\{437BDACD-9584-4A01-A814-27EA01B452A6}) (Version: 1.0.075 - Aten International Co., Ltd.) Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.67 - Samsung Electronics CO., LTD.) Unity Web Player (HKU\S-1-5-21-615164164-2078643864-492831376-16164\...\UnityWebPlayer) (Version: 5.3.8f2 - Unity Technologies ApS) Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS) Update for Skype for Business 2016 (KB4493155) 32-Bit Edition (HKLM-x32\...\{90160000-0012-0000-0000-0000000FF1CE}_Office16.STANDARD_{3EE18F52-959F-4C18-858F-E6CF876AEEC1}) (Version: - Microsoft) Update for Skype for Business 2016 (KB4493155) 32-Bit Edition (HKLM-x32\...\{90160000-002A-0000-1000-0000000FF1CE}_Office16.STANDARD_{3EE18F52-959F-4C18-858F-E6CF876AEEC1}) (Version: - Microsoft) USB Disk Storage Format Tool 6.0 (HKLM\...\USB Disk Storage Format Tool_is1) (Version: - Authorsoft Corporation) Visual C++ 2008 x86 Runtime - v9.0.30729.5578 (HKLM-x32\...\{212B6234-BBB0-397F-AB77-8AE5F2668954}.vc_x86runtime_30729_5578) (Version: 9.0.30729.5578 - Microsoft Corporation) Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.) Windows Driver Package - libusb 1.0 (WinUSB) libusb (WinUSB) devices (12/03/2015 ) (HKLM\...\E417558CF0469E02B524AE99B00866F3DF8FF433) (Version: 12/03/2015 - libusb 1.0) Windows Driver Package - Silicon Labs (usbser) Ports (12/03/2015 5.1.2600.0) (HKLM\...\8C07B001095CC7E0651BAB561091E66C36727E1F) (Version: 12/03/2015 5.1.2600.0 - Silicon Labs) Wondershare Recoverit(Build 9.5.1.7) (HKLM-x32\...\{829555DC-31E5-4FEA-B350-8FCF24CECD95}_is1) (Version: 9.5.1.7 - Wondershare Software Co.,Ltd.) XG5000 4.28 (HKLM-x32\...\{5E8CA3BB-EF23-4AA4-AB7B-5A8248887BF1}) (Version: 6.28.10 - LSIS) Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org) XLPRO3 v3.8.09 -b6 (HKLM-x32\...\{ECAB9BE4-8C28-4D58-B435-BEA355661A26}) (Version: 3.8.09.6 - Legrand) YASKAWA SigmaWin+ English Edition Ver.5.75 (HKLM-x32\...\{C6264FF0-97DE-11D6-A6F2-00B0D069DE56}) (Version: 5.75.00000 - Yaskawa electric corp.) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-615164164-2078643864-492831376-16164_Classes\CLSID\{635EFA6F-08D6-4EC9-BD14-8A0FDE975159}\localserver32 -> C:\Users\tc-electrical\AppData\Local\Maxthon\Application\6.1.2.1000\notification_helper.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-25] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-25] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-25] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team) ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team) ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-25] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed] ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2016-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-25] (Avast Software s.r.o. -> AVAST Software) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\tc-electrical\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Easy Viewer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=anjoggeimnldigfcihcggejncophmhjc ShortcutWithArgument: C:\Users\tc-electrical\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\ba25cbabeac6df3e\Easy Viewer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=anjoggeimnldigfcihcggejncophmhjc ==================== Loaded Modules (Whitelisted) ============= 2020-08-07 09:24 - 2010-12-10 11:24 - 000087040 _____ () [File not signed] C:\windows\System32\custmon64.dll 2018-06-14 12:27 - 2015-03-12 04:43 - 000022528 _____ () [File not signed] C:\windows\System32\us013lm.dll 2016-08-31 02:00 - 2016-08-31 01:00 - 007412736 _____ (CANON INC.) [File not signed] C:\windows\system32\spool\DRIVERS\x64\3\CnP60MUI_D8F87.DLL 2016-08-04 22:02 - 2014-06-11 19:53 - 000423936 _____ (Hewlett-Packard) [File not signed] C:\windows\System32\hpbprtmon.dll 2014-06-11 19:53 - 2014-06-11 19:53 - 000442880 _____ (Hewlett-Packard) [File not signed] C:\windows\system32\spool\DRIVERS\x64\3\hpbxjobsvr1401.dll 2009-06-24 11:57 - 2009-06-24 11:57 - 000029696 _____ (HP) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\DebugLogger.dll 2009-06-24 11:57 - 2009-06-24 11:57 - 000032768 _____ (HP) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll 2009-06-24 11:57 - 2009-06-24 11:57 - 000031744 _____ (HP) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll 2018-01-05 14:12 - 2016-10-04 16:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll 2015-08-18 23:20 - 2015-08-18 23:20 - 000285184 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll 2016-08-04 22:00 - 2015-06-15 13:00 - 000074752 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll 2015-08-18 23:19 - 2015-08-18 23:19 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll 2015-09-14 18:47 - 2015-09-14 18:47 - 000055808 _____ (LITE-ON Corp.) [File not signed] C:\Program Files (x86)\HP\HP Business Slim Keyboard\skhooks.dll 2015-09-14 18:47 - 2015-09-14 18:47 - 000049664 _____ (LITE-ON TECHNOLOGY CORP.) [File not signed] C:\Program Files (x86)\HP\HP Business Slim Keyboard\SKHidKbd.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\ucrtbase.DLL 2020-09-21 18:22 - 2020-09-21 18:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1045\avast.local_vc142.crt\VCRUNTIME140.dll 2020-06-04 20:16 - 2020-06-04 20:16 - 000018944 _____ (Softland) [File not signed] C:\windows\System32\novamn10.dll 2018-01-12 03:53 - 2018-01-12 03:53 - 005584896 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Dassault Systemes\DraftSight\bin\Qt5Core.dll 2018-01-12 03:53 - 2018-01-12 03:53 - 001065472 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Dassault Systemes\DraftSight\bin\Qt5Network.dll 2018-01-12 03:53 - 2018-01-12 03:53 - 000193536 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Dassault Systemes\DraftSight\bin\Qt5Xml.dll 2018-06-14 12:27 - 2015-08-20 03:14 - 000043520 _____ (Windows (R) Codename Longhorn DDK provider) [File not signed] C:\windows\system32\spool\PRTPROCS\x64\us013pc.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Version 11) (Whitelisted) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE HKU\S-1-5-21-509110842-4231584563-957164148-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-509110842-4231584563-957164148-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE HKU\S-1-5-21-615164164-2078643864-492831376-16164\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://intranet.silganmp.com HKU\S-1-5-21-615164164-2078643864-492831376-16164\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp HKU\S-1-5-21-615164164-2078643864-492831376-16164\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.pl BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-07-18] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-18] (Oracle America, Inc. -> Oracle Corporation) Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2019-01-04 14:56 - 000000824 _____ C:\windows\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Calibre2\ HKU\S-1-5-21-509110842-4231584563-957164148-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-615164164-2078643864-492831376-16164\Control Panel\Desktop\\Wallpaper -> C:\Users\tc-electrical\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 10.150.40.11 - 10.150.40.12 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{0CAD2313-A8B0-4FBE-8122-6643ADEAC91D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{2B1DCB5A-BE1D-4D8B-8F66-94EBBA38897A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{1910D7BD-DADE-4D48-B844-93D02BA8BCF0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{69C6FF22-146D-4ECC-8C36-ACF36FA46EF9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{9510EF67-769B-4CBF-B997-41C7C9D7A672}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{B7630C9F-107B-4D73-A2C8-B537941D83AE}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink Corp. -> CyberLink) FirewallRules: [{51C63420-472B-4E71-B411-C7EC6F880B25}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{DD193D58-BE26-4F65-A023-1C2A33D08108}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{C2D3C6E1-EB2A-4582-AD84-C54EFA290FB2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{2EB3718B-852C-4A2E-86E8-6F8865F757E3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{A9D57586-1D5D-4CCA-924E-5A87B8F31217}] => (Allow) C:\windows\system32\hasplms.exe (SafeNet Canada, Inc. -> SafeNet, Inc.) FirewallRules: [{C9CB3F6E-69A9-4A78-9910-D1E5BC1A5628}] => (Allow) C:\windows\system32\hasplms.exe (SafeNet Canada, Inc. -> SafeNet, Inc.) FirewallRules: [{4DF17B15-F97D-4B30-AB6E-116DFC41E6BB}] => (Allow) C:\windows\system32\hasplms.exe (SafeNet Canada, Inc. -> SafeNet, Inc.) FirewallRules: [{D5BB9019-6E69-42A2-8C77-92E715D3218C}] => (Allow) C:\windows\system32\hasplms.exe (SafeNet Canada, Inc. -> SafeNet, Inc.) FirewallRules: [{1CD53451-16EF-4EFC-8446-11014C212F41}] => (Allow) C:\windows\system32\hasplms.exe (SafeNet Canada, Inc. -> SafeNet, Inc.) FirewallRules: [{5AA33546-BAF9-4315-BFDC-8584F3AF02CB}] => (Allow) C:\windows\system32\hasplms.exe (SafeNet Canada, Inc. -> SafeNet, Inc.) FirewallRules: [{821ADF55-B42D-4972-9696-D85A44D123B2}] => (Allow) C:\windows\system32\hasplms.exe (SafeNet Canada, Inc. -> SafeNet, Inc.) FirewallRules: [{66A0E1AC-E194-43F8-AA12-7395F0B21217}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform) FirewallRules: [{64AA4D9B-5E10-49B9-858F-4C07FFFE4147}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform) FirewallRules: [{EC45FF69-898F-42AC-B3D9-3506D8C16862}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) FirewallRules: [{91F03D27-8FF9-4135-9630-564741DC033A}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) FirewallRules: [{B1D2AF19-0B2F-4E05-9119-3C2DD1A71C99}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) FirewallRules: [{58D5AB27-1B0E-422B-B04F-2C175A0798F0}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) FirewallRules: [{E26E425E-C8F4-455B-B906-CAF0DAE88EDA}] => (Allow) LPort=15001 FirewallRules: [{36C16B1E-AAB8-4756-A536-EF6DB72095B4}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) FirewallRules: [{2943E04E-7369-4B4D-B7E3-95C33FA7E38E}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) FirewallRules: [TCP Query User{660F4AF6-B7C7-4BEA-8C1E-18CF265645DF}C:\users\tc-electrical\desktop\chiński scaner\filps_1.0.6a_ch 英文版\filps_1.0.6a_ch\filps.exe] => (Block) C:\users\tc-electrical\desktop\chiński scaner\filps_1.0.6a_ch 英文版\filps_1.0.6a_ch\filps.exe (Microsoft) [File not signed] FirewallRules: [UDP Query User{D75A2659-4506-4870-96DE-B536807A8B99}C:\users\tc-electrical\desktop\chiński scaner\filps_1.0.6a_ch 英文版\filps_1.0.6a_ch\filps.exe] => (Block) C:\users\tc-electrical\desktop\chiński scaner\filps_1.0.6a_ch 英文版\filps_1.0.6a_ch\filps.exe (Microsoft) [File not signed] FirewallRules: [{30F03514-6A67-41E6-AF7D-9B1EF72B9E11}] => (Allow) LPort=8502 FirewallRules: [{12576999-6141-4943-A378-694F3A3FD2E2}] => (Allow) LPort=8502 FirewallRules: [{C2F3E071-D281-4782-A711-7EFF587B4044}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) FirewallRules: [{03C0997E-84FF-41C9-ABC7-46AEAC8F9506}] => (Allow) LPort=15000 FirewallRules: [{10CBA752-AD63-4C66-88EF-45C1F8B630C5}] => (Allow) LPort=15000 FirewallRules: [{60F51A1B-A887-4DE7-9713-95F835EFF997}] => (Allow) LPort=15000 FirewallRules: [{3176C894-FF55-4638-B480-4001B909EE24}] => (Allow) LPort=57209 FirewallRules: [{A878E072-FFC0-464A-8BB5-39E2DBA75C0C}] => (Allow) LPort=57209 FirewallRules: [{95E1F1BD-E12A-4689-9F29-D3F8B04215C9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{E9AEFA27-3A28-4645-9262-45E4E1DC20E3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{E845E439-5DA0-4861-9BA6-A94A5681FF8C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{FC3CDAC7-BCC5-45F1-9C54-E9E1919EFF00}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{1771F502-185E-4FEF-97B7-AB0E6F771E97}] => (Allow) C:\Users\tc-electrical\AppData\Local\Programs\Opera\76.0.4017.107\opera.exe => No File FirewallRules: [{79156E6D-0331-4FE2-AC93-566B1C176503}] => (Allow) C:\Users\tc-electrical\AppData\Local\Programs\Opera\76.0.4017.123\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{D5891878-41EE-4375-BCC5-686C7DF2F515}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{14E45699-4FFE-4A69-909D-F03A0F9AA93A}] => (Allow) C:\Users\tc-electrical\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.) FirewallRules: [{28B3FD08-E12B-426A-9417-8C13C353DB12}] => (Allow) C:\Users\tc-electrical\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.) FirewallRules: [{6412647E-C918-423E-9A55-260BC537E87E}] => (Allow) C:\Users\tc-electrical\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.) FirewallRules: [{3F68A04F-53CD-41BA-A879-74F2FB29203D}] => (Allow) C:\Users\tc-electrical\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.) FirewallRules: [{E793BA20-C5E3-4499-86D5-5A7CE3037DDF}] => (Allow) LPort=15001 FirewallRules: [{24941CF0-1EA2-42F4-9D37-8BA77C1A708F}] => (Allow) LPort=15001 ==================== Restore Points ========================= 24-05-2021 15:34:58 End of disinfection 24-05-2021 18:45:15 Installed Safari ==================== Faulty Device Manager Devices ============ Name: LSIS XGSeries Description: LSIS XGSeries Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: LSIS Co., Ltd Service: WinUSB Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ======================== Application errors: ================== System errors: ============= Error: (05/25/2021 01:43:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Kaspersky Seamless Update Service service failed to start due to the following error: The system cannot find the file specified. Error: (05/25/2021 01:43:11 PM) (Source: Application Management Group Policy) (EventID: 103) (User: NT AUTHORITY) Description: The removal of the assignment of application Symprex Email Signature Manager Agent (2) from policy SMP-Deploy MSI EmailSig failed. The error was : %SMP-Deploy MSI EmailSig Error: (05/25/2021 01:41:19 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: VNP) Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator. Error: (05/25/2021 01:41:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Kaspersky Endpoint Security Service service failed to start due to the following error: The system cannot find the file specified. Error: (05/25/2021 01:41:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The atksgt service failed to start due to the following error: This driver has been blocked from loading Error: (05/25/2021 01:41:10 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: Driver atksgt.sys has been blocked from loading. Error: (05/25/2021 01:41:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Aspi32 service failed to start due to the following error: This driver has been blocked from loading Error: (05/25/2021 01:41:10 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \SystemRoot\SysWow64\drivers\aspi32.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. ==================== Memory info =========================== BIOS: HP N02 Ver. 02.14 05/30/2016 Motherboard: HP 805D Processor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz Percentage of memory in use: 33% Total physical RAM: 16264.59 MB Available physical RAM: 10793.65 MB Total Virtual: 32527.33 MB Available Virtual: 26836.02 MB ==================== Drives ================================ Drive c: (Windows ) (Fixed) (Total:221.19 GB) (Free:13.27 GB) NTFS ==>[system with boot components (obtained from drive)] Drive d: (HP_RECOVERY) (Fixed) (Total:16.18 GB) (Free:1.82 GB) NTFS ==>[system with boot components (obtained from drive)] Drive e: (HP_TOOLS) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32 Drive f: (New Volume) (Fixed) (Total:476.93 GB) (Free:475.83 GB) NTFS Drive g: (New Volume) (Fixed) (Total:476.93 GB) (Free:476.23 GB) NTFS Drive k: (Nowy) (Network) (Total:465.76 GB) (Free:1.68 GB) NTFS \\?\Volume{bc52e545-581b-11e7-9db1-806e6f6e6963}\ (SYSTEM ) (Fixed) (Total:1 GB) (Free:0.6 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: B0668824) Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=221.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=16.2 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=100 MB) - (Type=0C) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 953.9 GB) (Disk ID: D5AB100D) Partition 1: (Not Active) - (Size=476.9 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=476.9 GB) - (Type=07 NTFS) ==================== End of Addition.txt =======================