Addition.txt

Windows Defender wykrywa Trojan:Win32/Occamy.C, lecz nie może go usunąć

Witam, Windows Defender podczas skanowania wykrywa zagrożenie Trojan:Win32/Occamy.C. Niestety nie jest w stanie go usunąć, jedyną akcją do wyboru jest zezwolenie w urządzeniu. Co ciekawe Malwarebytes zagrożenia nie wykrywa. Przesyłam logi FRST i proszę o pomoc. Pozdrawiam

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2020
Ran by Mateusz (21-01-2020 07:20:04)
Running from C:\Users\Mateusz\Desktop
Windows 10 Home Version 1909 18363.592 (X64) (2020-01-16 12:41:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2778722619-1208249535-4111246651-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2778722619-1208249535-4111246651-503 - Limited - Disabled)
Guest (S-1-5-21-2778722619-1208249535-4111246651-501 - Limited - Disabled)
Mateusz (S-1-5-21-2778722619-1208249535-4111246651-1001 - Administrator - Enabled) = & gt; C:\Users\Mateusz
WDAGUtilityAccount (S-1-5-21-2778722619-1208249535-4111246651-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with " Hidden " flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2778722619-1208249535-4111246651-1001\...\uTorrent) (Version: 3.5.5.45505 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Aktualizacje NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.1 - Sereby Corporation)
ARMOURY CRATE Service (HKLM\...\{01378DC3-088F-4F55-AAFA-DC6A9CCA292A}) (Version: 2.5.8 - ASUS)
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.3.12.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{ca08108f-dacb-442d-a2ff-49a60359e34f}) (Version: 2.3.12.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.23 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32\...\{b8af8e27-5c72-412c-bab7-dc6430e70f1b}) (Version: 1.1.23 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.2.4 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{7f23d3ea-a821-4293-b7f7-34383bf06437}) (Version: 1.2.4 - ASUSTek COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.03.45 - ASUSTek COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32\...\{16b32d38-c82f-420f-b689-cf3548b7ba42}) (Version: 1.0.3.2 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{CB0E3BB6-3F2F-401E-B1D4-E23C582ACB11}) (Version: 1.0.3.2 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.6.2.6 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.6.2.6 - ASUSTek COMPUTER INC.)
ASUS HID Control Service (HKLM\...\{0F2EECD1-9CCE-4907-8D9A-11629B0608CE}) (Version: 1.2.0 - ASUS)
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.36 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{3ee3abea-aaa5-4bdb-a8a3-cbbbed892bb1}) (Version: 1.0.36 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.31 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{41fd1901-1c71-453a-b440-dbe756a2cdc6}) (Version: 1.0.31 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.36 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{0fc56b57-bf6d-45dc-928b-4bc661c8c773}) (Version: 1.0.36 - ASUSTek COMPUTER INC.) Hidden
ASUS MultiAntenna Service (HKLM\...\{D90BF0DC-36BD-438F-A7CC-2C63C0A3A3FA}) (Version: 2.0.4 - ASUSTeK COMPUTER INC.)
ASUS Promotion (HKLM\...\{10FE8E2F-7BDD-4430-8D63-3D3BA3F708D9}) (Version: 1.0.0 - ASUSTeK COMPUTER INC.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.15 - ASUSTeK Computer Inc.) Hidden
ASUS_FRQ_Control (HKLM-x32\...\{8714A8D1-0F08-4681-9DF6-A8C4607A58B4}) (Version: 1.1.0 - ASUSTek COMPUTER INC.)
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.03.83 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{ba86408b-04d4-42d9-b7fc-3cae349b1f56}) (Version: 3.03.83 - ASUSTeK Computer Inc.)
balenaEtcher 1.5.45 (HKU\S-1-5-21-2778722619-1208249535-4111246651-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.45 - Balena Inc.)
Betternet for Windows 5.3.0.433 (HKLM-x32\...\{2E77104D-96E1-4A9C-86F2-C7CF9CA03A4B}) (Version: 5.3.0.433 - Betternet Technologies Inc.)
Bit Che (HKLM-x32\...\{D9DA5C41-964F-455F-B5E7-3664519440E8}_is1) (Version: 3.5 build 50 - Convivea Inc.)
Borderlands 3 v.1.0 Update 3 (HKLM-x32\...\Borderlands 3_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
CPUID ROG CPU-Z 1.90 (HKLM\...\CPUID ROG CPU-Z_is1) (Version: 1.90 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.1010 - Disc Soft Ltd)
Dark Souls III (HKLM-x32\...\Dark Souls III_is1) (Version: - )
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
Documentation Manager (HKLM\...\{3EF18AD4-8F08-42FE-B2A4-F2DDB1DFB5D0}) (Version: 21.50.1.1 - Intel Corporation) Hidden
FIFA 19 (HKLM-x32\...\FIFA 19_is1) (Version: - )
GameFirst V (HKLM-x32\...\{6C9909F1-4703-4A1A-B2B2-CB305B54BB3C}) (Version: 5.0.24.1 - ASUSTeK COMPUTER INC.) Hidden
GameFirst V (HKLM-x32\...\GameFirst V 5.0.24.1) (Version: 5.0.24.1 - ASUSTeK COMPUTER INC.)
GIMP 2.10.14 (HKLM\...\GIMP-2_is1) (Version: 2.10.14 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
GTA IV + EFLC version 1.5 (HKLM-x32\...\{B95T9A00-40176-4AC6-N973-5A8AB71A09DJ}_is1) (Version: 1.5 - Black_Box)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000050-0210-1045-84C8-B8D95FA3C8C3}) (Version: 21.50.0.1 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{e2b4037f-6ffc-4200-8b24-fdc8512f0dc9}) (Version: 21.50.1.1 - Intel Corporation) Hidden
Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
K-Lite Codec Pack 15.3.2 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.3.2 - KLCP)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{4ffaf7b8-a84a-4813-840c-8b1f1343ae54}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{dd1e9bde-2ad6-4e92-8c07-7d4723eab8b8}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Mozilla Firefox 72.0.1 (x64 pl) (HKLM\...\Mozilla Firefox 72.0.1 (x64 pl)) (Version: 72.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 441.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.87 - NVIDIA Corporation)
Red Dead Redemption 2 version final (HKLM-x32\...\Red Dead Redemption 2_is1) (Version: final - The)
RefreshRateService (HKLM-x32\...\{0167A031-AD97-403B-A129-9DFCB53F3890}) (Version: 1.0.17 - ASUSTeK COMPUTER INC.)
ROG GamePlus (HKLM-x32\...\{95C4D66C-DAB0-4681-867F-46B070F9AAD5}) (Version: 1.0.15 - ASUS)
ROG Live Service (HKLM-x32\...\{2d87bfb6-c184-4a59-9bbe-3e20ce797631}) (Version: 1.0.18.0 - ASUSTek COMPUTER INC.)
Star Wars Jedi Fallen Order (HKLM-x32\...\Star Wars Jedi Fallen Order_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
The Witcher 3: GotY Edition (HKLM-x32\...\The Witcher 3: GotY Edition_is1) (Version: - )
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.71 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WPS Office (11.2.0.9085) (HKU\S-1-5-21-2778722619-1208249535-4111246651-1001\...\Kingsoft Office) (Version: 11.2.0.9085 - Kingsoft Corp.)

Packages:
=========
ARMOURY CRATE - & gt; C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_2.5.7.0_x64__qmba6cd70vzyy [2019-12-08] (ASUSTeK COMPUTER INC.)
AURA Creator - & gt; C:\Program Files\WindowsApps\B9ECED6F.AURACreator_1.1.6.0_x64__qmba6cd70vzyy [2020-01-02] (ASUSTeK COMPUTER INC.)
EdgeDevtoolsPlugin - & gt; C:\WINDOWS\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2020-01-20] (Microsoft Corporation)
GameVisual - & gt; C:\Program Files\WindowsApps\B9ECED6F.GameVisual_2.2.2.0_x64__qmba6cd70vzyy [2020-01-05] (ASUSTeK COMPUTER INC.) [Startup Task]
Intel® Graphics Control Panel - & gt; C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.2.0.0_x64__8j3eq9eme6ctt [2019-12-03] (INTEL CORP)
Microsoft Advertising SDK for XAML - & gt; C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML - & gt; C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-03] (Microsoft Corporation) [MS Ad]
MSN Pogoda - & gt; C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel - & gt; C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2019-12-03] (NVIDIA Corp.)
Realtek Audio Control - & gt; C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.183.0_x64__dt26b99r8h8gj [2019-09-15] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2778722619-1208249535-4111246651-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 - & gt; no filepath
CustomCLSID: HKU\S-1-5-21-2778722619-1208249535-4111246651-1001_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 - & gt; D:\WPS Office\11.2.0.9085\office6\kwpsmenushellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. - & gt; Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-2778722619-1208249535-4111246651-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 - & gt; no filepath
CustomCLSID: HKU\S-1-5-21-2778722619-1208249535-4111246651-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 - & gt; no filepath
ShellIconOverlayIdentifiers: [ OneDrive1] - & gt; {BBACC218-34EA-4666-9D7A-C78F2274A524} = & gt; - & gt; No File
ShellIconOverlayIdentifiers: [ OneDrive2] - & gt; {5AB7172C-9C11-405C-8DD5-AF20F3606282} = & gt; - & gt; No File
ShellIconOverlayIdentifiers: [ OneDrive3] - & gt; {A78ED123-AB77-406B-9962-2A5D9D2F7F30} = & gt; - & gt; No File
ShellIconOverlayIdentifiers: [ OneDrive4] - & gt; {F241C880-6982-4CE5-8CF7-7085BA96DA5A} = & gt; - & gt; No File
ShellIconOverlayIdentifiers: [ OneDrive5] - & gt; {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} = & gt; - & gt; No File
ShellIconOverlayIdentifiers: [ OneDrive6] - & gt; {9AA2F32D-362A-42D9-9328-24A483E2CCC3} = & gt; - & gt; No File
ShellIconOverlayIdentifiers: [ OneDrive7] - & gt; {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} = & gt; - & gt; No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] - & gt; {BBACC218-34EA-4666-9D7A-C78F2274A524} = & gt; - & gt; No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] - & gt; {5AB7172C-9C11-405C-8DD5-AF20F3606282} = & gt; - & gt; No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] - & gt; {A78ED123-AB77-406B-9962-2A5D9D2F7F30} = & gt; - & gt; No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] - & gt; {F241C880-6982-4CE5-8CF7-7085BA96DA5A} = & gt; - & gt; No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] - & gt; {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} = & gt; - & gt; No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] - & gt; {9AA2F32D-362A-42D9-9328-24A483E2CCC3} = & gt; - & gt; No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] - & gt; {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} = & gt; - & gt; No File
ContextMenuHandlers1: [WinRAR] - & gt; {B41DB860-64E4-11D2-9906-E49FADC173CA} = & gt; D:\Program Files\WinRAR\rarext.dll [2019-05-07] (win.rar GmbH - & gt; Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] - & gt; {B41DB860-8EE4-11D2-9906-E49FADC173CA} = & gt; D:\Program Files\WinRAR\rarext32.dll [2019-05-07] (win.rar GmbH - & gt; Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] - & gt; {C06369D6-E77D-4626-9656-1256312BD576} = & gt; D:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-12-03] (AVB Disc Soft, SIA - & gt; Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] - & gt; {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} = & gt; D:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-12-03] (AVB Disc Soft, SIA - & gt; Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] - & gt; {57CE581A-0CB6-4266-9CA0-19364C90A0B3} = & gt; D:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-25] (Malwarebytes Corporation - & gt; Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] - & gt; {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} = & gt; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_b72356da889ff492\nvshext.dll [2019-12-28] (NVIDIA Corporation - & gt; NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] - & gt; {57CE581A-0CB6-4266-9CA0-19364C90A0B3} = & gt; D:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-25] (Malwarebytes Corporation - & gt; Malwarebytes)
ContextMenuHandlers6: [WinRAR] - & gt; {B41DB860-64E4-11D2-9906-E49FADC173CA} = & gt; D:\Program Files\WinRAR\rarext.dll [2019-05-07] (win.rar GmbH - & gt; Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] - & gt; {B41DB860-8EE4-11D2-9906-E49FADC173CA} = & gt; D:\Program Files\WinRAR\rarext32.dll [2019-05-07] (win.rar GmbH - & gt; Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2778722619-1208249535-4111246651-1001: [ kwpsshellext] - & gt; {28A80003-18FD-411D-B0A3-3C81F618E22B} = & gt; D:\WPS Office\11.2.0.9085\office6\kwpsmenushellext64.dll [2020-01-12] (Zhuhai Kingsoft Office Software Co., Ltd. - & gt; Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers4_S-1-5-21-2778722619-1208249535-4111246651-1001: [ kwpsshellext] - & gt; {28A80003-18FD-411D-B0A3-3C81F618E22B} = & gt; D:\WPS Office\11.2.0.9085\office6\kwpsmenushellext64.dll [2020-01-12] (Zhuhai Kingsoft Office Software Co., Ltd. - & gt; Zhuhai Kingsoft Office Software Co.,Ltd)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.XVID] = & gt; C:\Windows\SysWOW64\xvidvfw.dll [180224 2010-08-03] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-10-24 17:46 - 2019-10-24 17:46 - 000147456 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi\build\Release\ffi_bindings.node
2019-10-24 17:46 - 2019-10-24 17:46 - 000138752 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref\build\Release\binding.node
2019-12-03 17:16 - 2019-06-26 17:07 - 000094208 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\MacroControl.dll
2019-10-24 17:46 - 2019-10-24 17:46 - 000081920 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2020-01-05 00:24 - 2020-01-05 00:24 - 000038400 _____ () [File not signed] C:\Program Files\WindowsApps\B9ECED6F.GameVisual_2.2.2.0_x64__qmba6cd70vzyy\DetectDisplayDC.dll
2019-09-15 14:22 - 2019-09-15 14:22 - 000038912 _____ () [File not signed] C:\Program Files\WindowsApps\B9ECED6F.GameVisual_2.2.2.0_x64__qmba6cd70vzyy\VideoEnhance.dll
2019-09-11 16:36 - 2019-09-11 16:36 - 002831360 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\LightingService\log4cxx.dll
2019-12-03 17:16 - 2019-10-24 12:15 - 002676736 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\AURAChecker.dll
2020-01-05 00:24 - 2020-01-05 00:24 - 000462848 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files\WindowsApps\B9ECED6F.GameVisual_2.2.2.0_x64__qmba6cd70vzyy\ColorU.dll
2019-12-03 17:16 - 2019-06-26 17:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll
2019-12-03 17:16 - 2019-06-26 17:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll
2019-12-03 17:16 - 2019-07-31 15:48 - 000072704 _____ (TODO: & lt; Company name & gt; ) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Protocol\Interrupt\InterruptTransfer.dll
2019-06-07 01:57 - 2019-06-07 01:57 - 000427520 _____ (TODO: & lt; Company name & gt; ) [File not signed] C:\Program Files\ASUS\Aac_Keyboard\AacKbHal_x86.dll
2020-01-05 00:24 - 2020-01-05 00:24 - 000452096 _____ (TODO: & lt; Company name & gt; ) [File not signed] C:\Program Files\WindowsApps\B9ECED6F.GameVisual_2.2.2.0_x64__qmba6cd70vzyy\ColorUGameDLL.dll
2020-01-05 00:24 - 2020-01-05 00:24 - 000029696 _____ (TODO: & lt; Company name & gt; ) [File not signed] C:\Program Files\WindowsApps\B9ECED6F.GameVisual_2.2.2.0_x64__qmba6cd70vzyy\GLCDdll.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path - & gt; C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\System32;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2778722619-1208249535-4111246651-1001\Control Panel\Desktop\\Wallpaper - & gt; C:\Windows\asus\wallpapers\asus.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System = & gt; (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer = & gt; (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2778722619-1208249535-4111246651-1001\...\StartupApproved\Run: = & gt; " CCleaner Smart Cleaning "

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7AEBE8C6-28DC-42FA-B36F-0C6E0B0531A1}] = & gt; (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve - & gt; Valve Corporation)
FirewallRules: [{AFB07EFA-378B-46EA-9A33-8B2089E597BB}] = & gt; (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve - & gt; Valve Corporation)
FirewallRules: [{0A7D4431-027B-4249-8294-C02F3CCBFD48}] = & gt; (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation - & gt; NVIDIA Corporation)
FirewallRules: [{27C3E441-EB6D-484C-9D33-498718FA0F6D}] = & gt; (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation - & gt; NVIDIA Corporation)
FirewallRules: [{C99E5F4D-B0D5-4336-AA0E-EA91281FA961}] = & gt; (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation - & gt; NVIDIA Corporation)
FirewallRules: [{C79937E0-64B1-453C-9C17-4E644561C009}] = & gt; (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation - & gt; NVIDIA Corporation)
FirewallRules: [{A4063B65-ECD2-45F9-B766-A98A1EC3E83B}] = & gt; (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK Computer Inc. - & gt; )
FirewallRules: [{D36FDAD5-17A4-412A-B72B-E510F5F32D5B}] = & gt; (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK Computer Inc. - & gt; )
FirewallRules: [UDP Query User{7AE6C1B2-66B3-4271-A624-E5AFC2B3E03C}D:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] = & gt; (Allow) D:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe (Respawn Entertainment) [File not signed]
FirewallRules: [TCP Query User{1C51608E-A5FB-41DC-8804-0C94CCC533F3}D:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] = & gt; (Allow) D:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe (Respawn Entertainment) [File not signed]
FirewallRules: [{F946F672-4D39-47BA-9696-C9D064B273E6}] = & gt; (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve - & gt; Valve Corporation)
FirewallRules: [{20BD48BE-15B1-4A12-A0D2-2F8A1D7DFBCA}] = & gt; (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve - & gt; Valve Corporation)
FirewallRules: [{0E27EF92-CEC4-4396-9FC0-F17A9D149EA9}] = & gt; (Block) D:\games\borderlands 3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software) [File not signed]
FirewallRules: [{2963DB92-BB95-4D17-8F2E-4D38D3F9E8BC}] = & gt; (Block) D:\games\borderlands 3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software) [File not signed]
FirewallRules: [UDP Query User{71EB050D-D249-4539-AD1F-DC789BAF9C7D}D:\games\borderlands 3\oakgame\binaries\win64\borderlands3.exe] = & gt; (Allow) D:\games\borderlands 3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software) [File not signed]
FirewallRules: [TCP Query User{BDC7B95C-592D-48BC-A7E2-F195325EA7FD}D:\games\borderlands 3\oakgame\binaries\win64\borderlands3.exe] = & gt; (Allow) D:\games\borderlands 3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software) [File not signed]
FirewallRules: [{923E9D22-EC60-406C-8D68-4087C65F5AB8}] = & gt; (Allow) D:\WPS Office\11.2.0.9085\office6\wps.exe (Zhuhai Kingsoft Office Software Co., Ltd. - & gt; Zhuhai Kingsoft Office Software Co.,Ltd)
FirewallRules: [{94D14583-10A8-493B-B99C-84A7CA6786AD}] = & gt; (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. - & gt; ASUS)
FirewallRules: [{FE9DC4A3-2134-43FC-A96B-196972743EEE}] = & gt; (Allow) C:\Users\Mateusz\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc - & gt; BitTorrent Inc.)
FirewallRules: [{3CD4E69B-FB72-4CFD-AA16-5CDD4949378C}] = & gt; (Allow) C:\Users\Mateusz\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc - & gt; BitTorrent Inc.)
FirewallRules: [{55A21E21-369F-4E14-AF1C-3A173E3874E7}] = & gt; (Allow) D:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA - & gt; Disc Soft Ltd)
FirewallRules: [{7C024BEC-D56D-41AB-9C10-852FC5B09DB0}] = & gt; (Allow) D:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA - & gt; Disc Soft Ltd)
FirewallRules: [{CC10D068-6BED-4830-82B4-7950D51FDC1E}] = & gt; (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation - & gt; Mozilla Corporation)
FirewallRules: [{A5975534-266B-43E8-80FB-C486E7699A66}] = & gt; (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation - & gt; Mozilla Corporation)
FirewallRules: [{31404553-AF17-4118-82D8-7ECA0967D65D}] = & gt; (Allow) C:\Program Files (x86)\ASUS\GameFirst\GameFirst_V.exe (Jotun Technology Inc. - & gt; ASUS)
FirewallRules: [{B44163CD-4033-44A6-9C71-176E6D3F1364}] = & gt; (Allow) C:\Program Files (x86)\ASUS\GameFirst\DUTUtil.exe (Jotun Technology Inc. - & gt; ASUSTeK Computer Inc.)
FirewallRules: [{06193A94-EF41-4D00-A2F7-1D5BE4128D8A}] = & gt; (Allow) C:\Program Files (x86)\ASUS\GameFirst\DUTUtil.exe (Jotun Technology Inc. - & gt; ASUSTeK Computer Inc.)
FirewallRules: [{3179F568-5F15-41E7-A08E-8811818740D3}] = & gt; (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK Computer Inc. - & gt; )
FirewallRules: [{F2B3AC15-1D29-4ABF-9AB5-123F88288ACC}] = & gt; (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK Computer Inc. - & gt; )
FirewallRules: [{5B1E3FA3-4129-4E0F-9C1B-280003F7CF7C}] = & gt; (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation - & gt; NVIDIA Corporation)
FirewallRules: [{B3241948-50B7-4AD1-8A81-54C1353B430D}] = & gt; (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation - & gt; NVIDIA Corporation)
FirewallRules: [OpenSSH-Server-In-TCP] = & gt; (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe No File
FirewallRules: [{356876ED-DE68-48EB-BE2C-2057F863FA71}] = & gt; (Block) D:\Forza.Horizon.4.Ultimate.Edition-LOOTBOX\FH4\Microsoft.SunriseBaseGame_1.332.904.2_x64__8wekyb3d8bbwe.exe No File
FirewallRules: [{872A3218-3584-4E81-93C8-F3F287AD77C6}] = & gt; (Block) D:\Forza.Horizon.4.Ultimate.Edition-LOOTBOX\FH4\Microsoft.SunriseBaseGame_1.332.904.2_x64__8wekyb3d8bbwe.exe No File

==================== Restore Points =========================

16-01-2020 13:45:06 Windows Update
20-01-2020 17:58:53 AURA Service

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/20/2020 06:22:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: RefreshRateService.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x5cb6c561
Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.18362.535, sygnatura czasowa: 0x5bd9df62
Kod wyjątku: 0xe0434352
Przesunięcie błędu: 0x001135d2
Identyfikator procesu powodującego błąd: 0x12f8
Godzina uruchomienia aplikacji powodującej błąd: 0x01d5cfb64108d9e5
Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe
Ścieżka modułu powodującego błąd: C:\WINDOWS\System32\KERNELBASE.dll
Identyfikator raportu: 24c1f17a-a3d5-4cd9-b0cf-d78471f44f3e
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (01/20/2020 06:22:56 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikacja: RefreshRateService.exe
Wersja architektury: v4.0.30319
Opis: proces został przerwany z powodu nieobsłużonego wyjątku.
Informacje o wyjątku: System.Security.Principal.IdentityNotMappedException
w System.Security.Principal.NTAccount.Translate(System.Security.Principal.IdentityReferenceCollection, System.Type, Boolean)
w System.Security.Principal.NTAccount.Translate(System.Type)
w System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(System.Security.AccessControl.AccessControlModification, System.Security.AccessControl.AccessRule, Boolean ByRef)
w System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(System.Security.AccessControl.AccessRule)
w System.IO.Pipes.PipeSecurity.AddAccessRule(System.IO.Pipes.PipeAccessRule)
w Extensions.ProcessExtensions.ServerThread(System.Object)
w System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
w System.Threading.ThreadHelper.ThreadStart(System.Object)

Error: (01/20/2020 06:22:36 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (01/20/2020 06:22:36 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, A system shutdown is in progress.
]

Error: (01/20/2020 06:22:36 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (01/20/2020 06:22:36 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, A system shutdown is in progress.
]

Error: (01/20/2020 05:58:56 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.

Details:
AddWin32ServiceFiles: Unable to back up image of service SshdBroker since QueryServiceConfig API failed

System Error:
The resource loader failed to find MUI file.
.

Error: (01/20/2020 05:58:56 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.

Details:
AddLegacyDriverFiles: Unable to back up image of binary WinQuic.

System Error:
The resource loader failed to find MUI file.
.


System errors:
=============
Error: (01/20/2020 06:22:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Service for Panel OverDrive , if this service stop, can't use OverDrive feature niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (01/20/2020 05:54:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Service for Panel OverDrive , if this service stop, can't use OverDrive feature niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (01/18/2020 09:12:05 PM) (Source: Netwtw08) (EventID: 5002) (User: )
Description: Intel(R) Wireless-AC 9560 160MHz: stwierdzono, że karta sieciowa nie działa właściwie.
5002 - uCode SW error (SysAssert, NMI)

Error: (01/18/2020 09:12:05 PM) (Source: Netwtw08) (EventID: 5005) (User: )
Description: Intel(R) Wireless-AC 9560 160MHz: wykryto błąd wewnętrzny; operacja nie powiodła się.
5005 - Driver internal error

Error: (01/18/2020 03:48:54 PM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-5CP352IK)
Description: Nie można uruchomić serwera DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Błąd:
2147942767
Błąd wystąpił podczas uruchamiania polecenia:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (01/16/2020 01:58:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Service for Panel OverDrive , if this service stop, can't use OverDrive feature niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (01/16/2020 01:39:09 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Usługa Network List Service zakończyła działanie; wystąpił następujący błąd:
Urządzenie nie jest gotowe.

Error: (01/16/2020 01:39:09 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT)
Description: Serwer {A47979D2-C419-11D9-A5B4-001185AD2B89} nie zarejestrował się w modelu DCOM w wymaganym czasie.


Windows Defender:
===================================
Date: 2020-01-20 20:59:25.145
Description:
Produkt Program antywirusowy Windows Defender wykryl zlosliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskac wiecej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020 & name=Trojan:Win32/Vigorf.A & threatid=2147714384 & enterprise=0
Nazwa: Trojan:Win32/Vigorf.A
Identyfikator: 2147714384
Waznosc: Powazny
Kategoria: Kon trojanski
Sciezka: file:_D:\Forza Horizon 4 [FitGirl Repack]\setup-eng-vo-only.exe
Pochodzenie wykrycia: Komputer lokalny
Typ wykrycia: Konkretne
Zródlo wykrycia: Ochrona w czasie rzeczywistym
Uzytkownik: LAPTOP-5CP352IK\Mateusz
Nazwa procesu: C:\Users\Mateusz\AppData\Roaming\uTorrent\uTorrent.exe
Wersja analizy zabezpieczen: AV: 1.307.2704.0, AS: 1.307.2704.0, NIS: 1.307.2704.0
Wersja aparatu: AM: 1.1.16600.7, NIS: 1.1.16600.7

Date: 2020-01-20 20:45:34.221
Description:
Produkt Program antywirusowy Windows Defender wykryl zlosliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskac wiecej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020 & name=!#UACTrigger.A & threatid=268488275 & enterprise=0
Nazwa: !#UACTrigger.A
Identyfikator: 268488275
Waznosc: Powazny
Kategoria: Kon trojanski
Sciezka: amsiuac:_pid:00004E70
Pochodzenie wykrycia: Nieznane
Typ wykrycia: Konkretne
Zródlo wykrycia: AMSI — dostawca funkcji Kontrola konta uzytkownika
Uzytkownik: ZARZADZANIE NT\SYSTEM
Nazwa procesu: Unknown
Wersja analizy zabezpieczen: AV: 1.307.2704.0, AS: 1.307.2704.0, NIS: 1.307.2704.0
Wersja aparatu: AM: 1.1.16600.7, NIS: 1.1.16600.7

Date: 2020-01-20 20:45:34.220
Description:
Produkt Program antywirusowy Windows Defender wykryl zlosliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskac wiecej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020 & name=Trojan:Win32/Occamy.C & threatid=2147726780 & enterprise=0
Nazwa: Trojan:Win32/Occamy.C
Identyfikator: 2147726780
Waznosc: Powazny
Kategoria: Kon trojanski
Sciezka: amsiuac:_pid:00004E70
Pochodzenie wykrycia: Nieznane
Typ wykrycia: Konkretne
Zródlo wykrycia: AMSI — dostawca funkcji Kontrola konta uzytkownika
Uzytkownik: ZARZADZANIE NT\SYSTEM
Nazwa procesu: Unknown
Wersja analizy zabezpieczen: AV: 1.307.2704.0, AS: 1.307.2704.0, NIS: 1.307.2704.0
Wersja aparatu: AM: 1.1.16600.7, NIS: 1.1.16600.7

Date: 2020-01-20 20:44:51.585
Description:
Produkt Program antywirusowy Windows Defender wykryl zlosliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskac wiecej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020 & name=!#UACTrigger.A & threatid=268488275 & enterprise=0
Nazwa: !#UACTrigger.A
Identyfikator: 268488275
Waznosc: Powazny
Kategoria: Kon trojanski
Sciezka: amsiuac:_pid:00004E74
Pochodzenie wykrycia: Nieznane
Typ wykrycia: Konkretne
Zródlo wykrycia: AMSI — dostawca funkcji Kontrola konta uzytkownika
Uzytkownik: ZARZADZANIE NT\SYSTEM
Nazwa procesu: Unknown
Wersja analizy zabezpieczen: AV: 1.307.2704.0, AS: 1.307.2704.0, NIS: 1.307.2704.0
Wersja aparatu: AM: 1.1.16600.7, NIS: 1.1.16600.7

Date: 2020-01-20 20:44:51.585
Description:
Produkt Program antywirusowy Windows Defender wykryl zlosliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskac wiecej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020 & name=Trojan:Win32/Occamy.C & threatid=2147726780 & enterprise=0
Nazwa: Trojan:Win32/Occamy.C
Identyfikator: 2147726780
Waznosc: Powazny
Kategoria: Kon trojanski
Sciezka: amsiuac:_pid:00004E74
Pochodzenie wykrycia: Nieznane
Typ wykrycia: Konkretne
Zródlo wykrycia: AMSI — dostawca funkcji Kontrola konta uzytkownika
Uzytkownik: ZARZADZANIE NT\SYSTEM
Nazwa procesu: Unknown
Wersja analizy zabezpieczen: AV: 1.307.2704.0, AS: 1.307.2704.0, NIS: 1.307.2704.0
Wersja aparatu: AM: 1.1.16600.7, NIS: 1.1.16600.7

CodeIntegrity:
===================================

Date: 2020-01-21 06:49:34.436
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-01-21 06:48:09.815
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-01-20 22:55:17.198
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-01-20 22:55:15.873
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-01-20 22:55:15.096
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-01-20 22:54:32.770
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-01-20 21:17:30.335
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-01-20 21:16:10.229
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. G531GU.306 09/24/2019
Motherboard: ASUSTeK COMPUTER INC. G531GU
Processor: Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz
Percentage of memory in use: 36%
Total physical RAM: 16233.27 MB
Available physical RAM: 10262.77 MB
Total Virtual: 18665.27 MB
Available Virtual: 11125.23 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:237.57 GB) (Free:166.93 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:387.25 GB) NTFS

\\?\Volume{3654b7db-af96-4aa4-9882-4ba6fe684254}\ (RECOVERY) (Fixed) (Total:0.63 GB) (Free:0.14 GB) NTFS
\\?\Volume{7ad9c55f-af36-41cf-8737-fb9fd868efa0}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6FB3F929)

Partition: GPT.

==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 9372314D)

Partition: GPT.

==================== End of Addition.txt =======================