Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021 Ran by seezo (09-01-2022 21:13:57) Running from C:\Users\seezo\Desktop Microsoft Windows 10 Education Version 20H2 19042.1415 (X64) (2021-01-15 17:33:30) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-1333255723-3266158280-2740484146-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1333255723-3266158280-2740484146-503 - Limited - Disabled) Guest (S-1-5-21-1333255723-3266158280-2740484146-501 - Limited - Disabled) seezo (S-1-5-21-1333255723-3266158280-2740484146-1001 - Administrator - Enabled) => C:\Users\seezo WDAGUtilityAccount (S-1-5-21-1333255723-3266158280-2740484146-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Norton 360 (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: Norton 360 (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A} FW: Norton 360 (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1} FW: Norton 360 (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Azure Data Studio (HKLM\...\{6591F69E-6588-4980-81ED-C8FCBD7EC4B8}_is1) (Version: 1.32.0 - Microsoft Corporation) Bandicam (HKLM-x32\...\Bandicam) (Version: 4.6.4.1728 - Bandicam.com) Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com) BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.280.0.1022 - BlueStack Systems, Inc.) Browser for SQL Server 2019 (HKLM-x32\...\{5E366957-8D78-4BB5-A790-96F97A9766BD}) (Version: 15.0.2000.5 - Microsoft Corporation) calibre (HKLM-x32\...\{CF12702B-90E6-4E6D-B059-5D39F3B9AEE3}) (Version: 5.7.2 - Kovid Goyal) Chrome Remote Desktop Host (HKLM-x32\...\{B9B27527-C019-411B-9813-3FC8724C88DA}) (Version: 96.0.4664.39 - Google LLC) Cisco Webex Meetings (HKU\S-1-5-21-1333255723-3266158280-2740484146-1001\...\ActiveTouchMeetingClient) (Version: 42.1.3 - Cisco Webex LLC) CLion 2021.1.3 (HKLM-x32\...\CLion 2021.1.3) (Version: 211.7628.27 - JetBrains s.r.o.) ControlCenter 3.0 Package v2.13 (HKLM-x32\...\{52CF73F1-9FE1-4917-AE56-55BF319988EC}) (Version: 2.13 - Control Center) Discord (HKU\S-1-5-21-1333255723-3266158280-2740484146-1001\...\Discord) (Version: 0.0.309 - Discord Inc.) Documentation Manager (HKLM\...\{623332F1-D628-481B-91CD-8C08F50AA9B4}) (Version: 21.60.0.5 - Intel Corporation) Hidden Dynamic Application Loader Host Interface Service (HKLM\...\{BB78A7A1-B716-49D2-81C4-5A3ABE32C7E2}) (Version: 1.0.0.0 - Intel Corporation) Hidden FFXIV TexTools (HKLM-x32\...\FFXIV_TexTools) (Version: 2.2.1 - ) GIMP 2.10.30 (HKLM\...\GIMP-2_is1) (Version: 2.10.30 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.110 - Google LLC) HWiNFO64 Version 6.40 (HKLM\...\HWiNFO64_is1) (Version: 6.40 - Martin Malik - REALiX) Integration Services (HKLM-x32\...\{4938A647-7EA4-4496-A843-5E338B91C07E}) (Version: 15.0.2000.168 - Microsoft Corporation) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{66879245-162d-47f5-bac4-840156a7c01e}) (Version: 10.1.18263.8193 - Intel(R) Corporation) Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.377 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2004.14.0.1447 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7642 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.8.0.1065 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1915.1 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.60.0.4 - Intel Corporation) Intel® Software Installer (HKLM-x32\...\{e1d82936-c734-4d7f-a993-42f3e8bf0608}) (Version: 21.60.0.5 - Intel Corporation) Hidden Malwarebytes version 4.5.0.152 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.0.152 - Malwarebytes) MapleStorySEA version 2.05.0 (HKLM-x32\...\{8DB758A9-F91D-42EC-A734-53BEFE7180A2}_is1) (Version: 2.05.0 - Asiasoft Online Pte.Ltd.) Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.13801.21092 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.55 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.62 - Microsoft Corporation) Microsoft Help Viewer 2.3 (HKLM-x32\...\Microsoft Help Viewer 2.3) (Version: 2.3.28107 - Microsoft Corporation) Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{853997DA-6FCB-4FB9-918E-E0FF881FAF65}) (Version: 17.7.2.1 - Microsoft Corporation) Microsoft OLE DB Driver for SQL Server (HKLM\...\{9D6F8754-28E9-4940-B319-3FC8588CF18F}) (Version: 18.5.0.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1333255723-3266158280-2740484146-1001\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{9D93D367-A2CC-4378-BD63-79EF3FE76C78}) (Version: 11.4.7462.6 - Microsoft Corporation) Microsoft SQL Server 2019 (64-bit) (HKLM\...\Microsoft SQL Server SQL2019) (Version: - Microsoft Corporation) Microsoft SQL Server 2019 Setup (English) (HKLM\...\{17DCED0E-5B27-453A-B2B4-E487B869B28A}) (Version: 15.0.4013.40 - Microsoft Corporation) Microsoft SQL Server 2019 T-SQL Language Service (HKLM\...\{31D27B41-A051-49D8-907A-62E0F4A2188C}) (Version: 15.0.2000.5 - Microsoft Corporation) Microsoft SQL Server Management Studio - 18.10 (HKLM-x32\...\{c09f71ef-fff8-435a-bdc9-3c242a7c36f3}) (Version: 15.0.18390.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation) Microsoft Visual Studio Code (User) (HKU\S-1-5-21-1333255723-3266158280-2740484146-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.61.0 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{f895a2f1-ae3f-4212-8af1-7fa1f8c212ea}) (Version: 15.0.27520 - Microsoft Corporation) Microsoft VSS Writer for SQL Server 2019 (HKLM\...\{2C33F4D4-E9A5-4DE1-ACFE-3A13464E6703}) (Version: 15.0.2000.5 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 5.0.7 (x64) (HKLM-x32\...\{4545d600-b3a9-467c-a68b-e70ae51c8382}) (Version: 5.0.7.30113 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Norton 360 (HKLM-x32\...\NGC) (Version: 22.21.11.46 - NortonLifeLock Inc) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.9.5 - Notepad++ Team) NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation) NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation) NVIDIA Graphics Driver 462.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 462.75 - NVIDIA Corporation) NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20638 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13801.21092 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13801.20638 - Microsoft Corporation) Hidden Oracle VM VirtualBox 6.1.22 (HKLM\...\{573CC601-ED8D-450F-BE6F-A313DD77A4A0}) (Version: 6.1.22 - Oracle Corporation) Playpark Downloader (HKLM-x32\...\{D81B5861-F391-4905-A779-8A82994F3A00}) (Version: 0.3.6 - Asiasoft Online) PyCharm Community Edition 2021.1 (HKLM-x32\...\PyCharm Community Edition 2021.1) (Version: 211.6693.115 - JetBrains s.r.o.) Python 3.8.8 (64-bit) (HKU\S-1-5-21-1333255723-3266158280-2740484146-1001\...\{ef6306ce-2a12-4d59-887e-ebf00b9e4ab5}) (Version: 3.8.8150.0 - Python Software Foundation) Python 3.8.8 Core Interpreter (64-bit) (HKLM\...\{9F4C7FA1-6EBC-4148-AFA5-46732F23D8A3}) (Version: 3.8.8150.0 - Python Software Foundation) Hidden Python 3.8.8 Development Libraries (64-bit) (HKLM\...\{54D532CF-48EC-4D35-BEB4-FF7379D4DEDE}) (Version: 3.8.8150.0 - Python Software Foundation) Hidden Python 3.8.8 Documentation (64-bit) (HKLM\...\{587B63A8-B810-4B37-AE71-C21CC57AB496}) (Version: 3.8.8150.0 - Python Software Foundation) Hidden Python 3.8.8 Executables (64-bit) (HKLM\...\{EEE0D56F-6163-4D51-A174-E219A0D34A2C}) (Version: 3.8.8150.0 - Python Software Foundation) Hidden Python 3.8.8 pip Bootstrap (64-bit) (HKLM\...\{648F3996-8541-4F8C-81A2-BCD4EAB54C5A}) (Version: 3.8.8150.0 - Python Software Foundation) Hidden Python 3.8.8 Standard Library (64-bit) (HKLM\...\{4306EC0C-24E8-48F7-9CF0-0410D283D691}) (Version: 3.8.8150.0 - Python Software Foundation) Hidden Python 3.8.8 Tcl/Tk Support (64-bit) (HKLM\...\{90107CBA-5485-4E2E-8A40-6C9F73D4B24B}) (Version: 3.8.8150.0 - Python Software Foundation) Hidden Python 3.8.8 Test Suite (64-bit) (HKLM\...\{722AB357-E8E0-4090-8BDB-C02BEF288699}) (Version: 3.8.8150.0 - Python Software Foundation) Hidden Python 3.8.8 Utility Scripts (64-bit) (HKLM\...\{BDF99227-35A8-4E94-91BA-91F6A90F4611}) (Version: 3.8.8150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{3B53E5B7-CFC4-401C-80E9-FF7591C58741}) (Version: 3.8.7354.0 - Python Software Foundation) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18363.21327 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.37.1028.2019 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8865.1 - Realtek Semiconductor Corp.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.) SFV Pak Mod Manager (HKU\S-1-5-21-1333255723-3266158280-2740484146-1001\...\sfv) (Version: 2.2.11 - Frosthaven) Skype version 8.75 (HKLM-x32\...\Skype_is1) (Version: 8.75 - Skype Technologies S.A.) SQL Server 2019 Batch Parser (HKLM\...\{D459615B-83B0-408F-8F39-6CC07C277BA6}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Common Files (HKLM\...\{0FB552DD-543E-48E7-A6F4-2F8D82723C6A}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Common Files (HKLM\...\{5E4344C9-8B97-4ED9-8760-57E221C240F4}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Connection Info (HKLM\...\{99B940D5-1A49-4B6C-B26C-6A88B2C061CA}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Connection Info (HKLM\...\{FD730873-33D1-4D1F-9AE0-E259586F8827}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Database Engine Services (HKLM\...\{A60B3D8E-5311-4BF1-AF7A-D1AC15F9152E}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Database Engine Services (HKLM\...\{E3E84B2C-FCF6-469F-9FE7-5E8934DB69AD}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Database Engine Shared (HKLM\...\{619F0B6C-C802-422A-B4E5-294E61F68473}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Database Engine Shared (HKLM\...\{DE5B7937-D5B5-4157-BC30-BB87F021CFF0}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 DMF (HKLM\...\{814D5077-C93F-42E2-B875-717007C186B9}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 DMF (HKLM\...\{FC8DC283-4A85-467F-8D0E-2FE4606DCCA1}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Shared Management Objects (HKLM\...\{6213D6CB-D258-47A3-B1A0-EE1E5C080DCF}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Shared Management Objects (HKLM\...\{A8581199-F913-443B-B058-8E8BF317E71C}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Shared Management Objects Extensions (HKLM\...\{8DDAEBCA-4267-4E16-9FE0-D87F21D36891}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Shared Management Objects Extensions (HKLM\...\{C7E6D4B7-CB10-4239-BA04-D9339B39D0BD}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 SQL Diagnostics (HKLM\...\{28ED6838-D8E5-454C-A813-12C5EB447CAB}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 XEvent (HKLM\...\{2129312E-5204-4F3A-9039-B6D34DBB00FB}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 XEvent (HKLM\...\{228C3DC2-695E-4FC7-87E4-6A9CE905DA9B}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server Management Studio (HKLM\...\{3F338A1B-1DCF-458F-8189-416B09B7D077}) (Version: 15.0.18390.0 - Microsoft Corporation) Hidden SQL Server Management Studio (HKLM\...\{A401EAB9-4FC7-4F0C-8D79-9575E4910FDE}) (Version: 15.0.18390.0 - Microsoft Corporation) Hidden SQL Server Management Studio for Analysis Services (HKLM\...\{A1CAC3E0-B321-40FE-8907-4739297D5338}) (Version: 15.0.18390.0 - Microsoft Corporation) Hidden SQL Server Management Studio for Reporting Services (HKLM\...\{0278A8F5-4DDC-40FF-95CC-1D4725CA074B}) (Version: 15.0.18390.0 - Microsoft Corporation) Hidden SSMS Post Install Tasks (HKLM\...\{4CB8C759-75FE-492C-8CEB-EEB9D07E2E8D}) (Version: 15.0.18390.0 - Microsoft Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Street Fighter V Champion Edition (HKLM-x32\...\Street Fighter V Champion Edition_is1) (Version: 0.0.0 - DODI-Repacks) Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.21759 - Microsoft Corporation) Telegram Desktop version 3.3 (HKU\S-1-5-21-1333255723-3266158280-2740484146-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.3 - Telegram FZ-LLC) VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN) Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.4.16 - Black Tree Gaming Ltd.) Webex Teams (HKLM\...\{9E470C58-96A2-4D09-84B3-628152A19711}) (Version: 3.0.16605.0 - Cisco Systems, Inc) WhatsApp (HKU\S-1-5-21-1333255723-3266158280-2740484146-1001\...\WhatsApp) (Version: 2.2121.5 - WhatsApp) Windows Driver Package - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (12/02/2015 2.12.1.0) (HKLM\...\85A33267F12961AF9ED9AE799DEDA5E62BEA236F) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. ) Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssudmdm) Modem (12/02/2015 2.12.1.0) (HKLM\...\88ED314360B98E6E82E7CC3201FAEB4A9FD291B4) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. ) Windows Driver Package - SAMSUNG Electronics Co., Ltd. (WinUSB) AndroidUsbDeviceClass (12/02/2015 2.12.1.0) (HKLM\...\701281E8283E9E3681220099A9DA5013A5A437AF) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. ) WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH) x86_64-8.1.0-posix-seh-rt_v6-rev0 (HKLM-x32\...\x86_64-8.1.0-posix-seh-rt_v6-rev0) (Version: - MinGW-W64) Zoom (HKU\S-1-5-21-1333255723-3266158280-2740484146-1001\...\ZoomUMX) (Version: 5.8.0 (1324) - Zoom Video Communications, Inc.) Packages: ========= Control Center 3.0 -> C:\Program Files\WindowsApps\CLEVOCO.ControlCenter3.0_3.59.1.0_x64__6h6z29zh29qx0 [2021-10-12] (CLEVO CO.) Fan Speed Setting -> C:\Program Files\WindowsApps\CLEVOCO.504814C03D814_3.47.0.0_x64__6h6z29zh29qx0 [2021-07-14] (CLEVO CO.) Flexikey -> C:\Program Files\WindowsApps\CLEVOCO.Flexikey_3.10.0.0_x86__6h6z29zh29qx0 [2020-12-17] (CLEVO CO.) Fn hot keys and OSD -> C:\Program Files\WindowsApps\CLEVOCO.FnhotkeysandOSD_3.59.0.0_x64__6h6z29zh29qx0 [2021-10-09] (CLEVO CO.) [Startup Task] Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt [2021-12-06] (INTEL CORP) [Startup Task] Led Keyboard Setting -> C:\Program Files\WindowsApps\CLEVOCO.LedKeyboardSetting_3.32.0.0_x64__6h6z29zh29qx0 [2021-07-14] (CLEVO CO.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-16] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-16] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-10-29] (Microsoft Studios) [MS Ad] Norton Security -> C:\Program Files\Norton Security\Engine\22.21.11.46 [2022-01-09] (0) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-26] (NVIDIA Corp.) Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-07-29] (Microsoft Corporation) Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-07-29] (Microsoft Corporation) Python 3.9 -> C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.9_3.9.2544.0_x64__qbz5n2kfra8p0 [2021-11-17] (Python Software Foundation) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.205.0_x64__dt26b99r8h8gj [2020-09-20] (Realtek Semiconductor Corp) Sound Blaster Cinema 6 -> C:\Program Files\WindowsApps\CreativeTechnologyLtd.SoundBlasterCinema6_3.0.17.0_x86__13fcda18mhdz2 [2020-09-20] (Creative Technology Ltd.) Ubuntu -> C:\Program Files\WindowsApps\CanonicalGroupLimited.UbuntuonWindows_2004.2021.825.0_x64__79rhkp1fndgsc [2021-10-22] (Canonical Group Limited) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.21.11.46\buShell.dll [2021-12-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.21.11.46\buShell.dll [2021-12-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.21.11.46\buShell.dll [2021-12-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.21.11.46\buShell.dll [2021-12-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.21.11.46\buShell.dll [2021-12-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.21.11.46\buShell.dll [2021-12-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2021-03-22] (Notepad++ -> ) ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.21.11.46\buShell.dll [2021-12-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.11.46\NavShExt.dll [2021-12-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.11.46\NavShExt.dll [2021-12-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-01-08] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_c72d1ed6bd27e8cf\nvshext.dll [2021-06-17] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.21.11.46\buShell.dll [2021-12-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-01-08] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.11.46\NavShExt.dll [2021-12-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> ) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\seezo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MinGW-W64 project\x86_64-8.1.0-posix-seh-rt_v6-rev0\Run terminal.lnk -> C:\Program Files\mingw-w64\mingw-w64.bat () ShortcutWithArgument: C:\Users\seezo\Desktop\Chrome Remote Desktop.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb ShortcutWithArgument: C:\Users\seezo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb ==================== Loaded Modules (Whitelisted) ============= 2020-10-09 11:31 - 2021-10-06 09:30 - 126961152 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll 2020-10-09 11:31 - 2021-10-06 09:30 - 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll 2020-10-09 11:31 - 2021-10-06 09:30 - 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll 2020-09-22 17:25 - 2020-09-22 17:25 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll 2020-09-22 17:25 - 2020-09-22 17:25 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll 2020-10-09 11:31 - 2021-10-06 09:30 - 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll 2020-05-03 06:01 - 2020-05-03 06:01 - 002644480 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files\WindowsApps\CLEVOCO.FnhotkeysandOSD_3.59.0.0_x64__6h6z29zh29qx0\FnKey\audio10ec.dll 2020-05-03 06:01 - 2020-05-03 06:01 - 002619392 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files\WindowsApps\CLEVOCO.FnhotkeysandOSD_3.59.0.0_x64__6h6z29zh29qx0\FnKey\GetProductdll.dll 2020-09-24 11:15 - 2020-09-24 11:15 - 002492416 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files\WindowsApps\CLEVOCO.FnhotkeysandOSD_3.59.0.0_x64__6h6z29zh29qx0\FnKey\InsydeDCHU.dll 2021-01-21 11:57 - 2021-01-21 11:57 - 002844160 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files\WindowsApps\CLEVOCO.FnhotkeysandOSD_3.59.0.0_x64__6h6z29zh29qx0\FnKey\powerlife.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\seezo\Application Data:28e6fcdf43004128d29f013a87360b4a [394] AlternateDataStreams: C:\Users\seezo\Application Data:374c9b336db4fa9522b72c58dcd0c3f9 [394] AlternateDataStreams: C:\Users\seezo\AppData\Roaming:28e6fcdf43004128d29f013a87360b4a [394] AlternateDataStreams: C:\Users\seezo\AppData\Roaming:374c9b336db4fa9522b72c58dcd0c3f9 [394] ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-07-19] (Microsoft Corporation -> Microsoft Corporation) BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.21.11.46\coIEPlg.dll [2021-12-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-07-19] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.21.11.46\coIEPlg.dll [2021-12-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.21.11.46\coIEPlg.dll [2021-12-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.21.11.46\coIEPlg.dll [2021-12-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-25] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-25] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-25] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-25] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-25] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-25] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-25] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-25] (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com IE trusted site: HKU\S-1-5-21-1333255723-3266158280-2740484146-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-1333255723-3266158280-2740484146-1001\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2021-12-30 14:08 - 2022-01-02 12:02 - 000001121 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 na1r.services.adobe.com 127.0.0.1 hlrcv.stage.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 activate.adobe.com 71.19.251.139 ca-west-007.whiskergalaxy.com #added by Windscribe, do not modify. ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1333255723-3266158280-2740484146-1001\Control Panel\Desktop\\Wallpaper -> c:\users\seezo\pictures\b8ohlc.jpg HKU\S-1-5-80-2652535364-2169709536-2857650723-2622804123-1107741775\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. Network Binding: ============= VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKU\S-1-5-21-1333255723-3266158280-2740484146-1001\...\StartupApproved\Run: => "CiscoMeetingDaemon" HKU\S-1-5-21-1333255723-3266158280-2740484146-1001\...\StartupApproved\Run: => "CiscoSpark" HKU\S-1-5-21-1333255723-3266158280-2740484146-1001\...\StartupApproved\Run: => "AnyTransToolHelper" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{245886F1-4B2B-4454-8047-FB16B896A614}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{529360C6-F713-45AA-8C6D-F3F77BDD231A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{0584CEB5-3FC2-420A-9632-8504D98F7744}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F4C1CF5C-EA29-479B-869E-7F01E68B5886}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{2BE70573-0F9E-4850-890F-A5604F0CC754}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{BAD02210-16B3-4816-BF14-3A67AB825E7C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{32D89E4E-E4C8-4D3A-AA97-B474620205AA}] => (Allow) C:\Users\seezo\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{7D979791-4817-4779-AA32-1AD846016CF3}] => (Allow) C:\Users\seezo\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{36824F9D-20AB-43B2-8513-0B379D4AC285}] => (Allow) C:\Users\seezo\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{E921583B-078C-4E81-B8C3-55FE9DAC2656}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.) FirewallRules: [{7B79F6C4-2008-4601-8570-3FCEC2282012}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.) FirewallRules: [{78E4F936-D3C3-4426-83BD-697675E11B96}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File FirewallRules: [{6B6DF8BD-7132-4E9F-A960-377F8DDC762C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File FirewallRules: [{F05012DB-6630-485A-9159-217729907AED}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{C024A552-7768-413A-AC4C-5E6BA7104E6B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{451133A3-4580-4F9A-A4E4-566AF57AE21E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F4496ADB-F9CC-420B-BF89-BA6987CC1EA1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{211A8EDC-AAB3-42F6-8E3B-8FE6522F7CF9}C:\program files (x86)\steam\steamapps\common\tera\client\binaries\tera.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tera\client\binaries\tera.exe => No File FirewallRules: [UDP Query User{2F1F378E-D6D7-48A3-8BCC-B0A0EE164652}C:\program files (x86)\steam\steamapps\common\tera\client\binaries\tera.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tera\client\binaries\tera.exe => No File FirewallRules: [{A9253A66-FFDB-41B4-A5CD-5C750EDAC6D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tera\launcher.exe => No File FirewallRules: [{ED8C03F4-115D-4F60-B198-2F427B5AE172}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tera\launcher.exe => No File FirewallRules: [{65DF5E37-5AA1-4A4F-9DB0-327724323A93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tera\launcher.exe => No File FirewallRules: [{2F9BA7EA-FA86-41D6-B005-2997CD5E51CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tera\launcher.exe => No File FirewallRules: [{4201D144-B8D8-4835-A6F6-F05C9702187C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed] FirewallRules: [{ECA51526-44CD-480E-873C-BEB8E28BBB09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed] FirewallRules: [{19EA6926-BD72-4B70-8842-EA9238D10680}] => (Allow) C:\Users\seezo\AppData\Roaming\BitTorrent Web\btweb.exe => No File FirewallRules: [{27585A5B-975B-4A3C-8116-47B7ADB520FB}] => (Allow) C:\Users\seezo\AppData\Roaming\BitTorrent Web\btweb.exe => No File FirewallRules: [{12290C3C-1243-4D5A-997C-65AA5813C772}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\tModLoader\tModLoader.exe (Re-Logic) [File not signed] FirewallRules: [{864916B6-14F0-4C59-BB40-D64F8A04F8AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\tModLoader\tModLoader.exe (Re-Logic) [File not signed] FirewallRules: [{35FE1E1B-30EA-459C-BE8B-9A84BEFC128E}] => (Allow) C:\Program Files (x86)\iMobie\AnyTrans\xldownload\download\MiniThunderPlatform.exe => No File FirewallRules: [{44BF3DA1-1E5F-48E6-8540-24A95C66BF85}] => (Allow) C:\Program Files (x86)\iMobie\AnyTrans\xldownload\download\MiniThunderPlatform.exe => No File FirewallRules: [{14E2AB96-761F-4B34-A38D-9D8DDA9D8D3C}] => (Allow) C:\Program Files (x86)\iMobie\AnyTrans\AnyTrans.exe => No File FirewallRules: [TCP Query User{6A763A4D-559B-4D20-814C-621457CC5FBE}C:\program files (x86)\imobie\anytrans\airbackuphelper.exe] => (Block) C:\program files (x86)\imobie\anytrans\airbackuphelper.exe => No File FirewallRules: [UDP Query User{324C728D-E6F8-4280-B563-BD5616EE02C9}C:\program files (x86)\imobie\anytrans\airbackuphelper.exe] => (Block) C:\program files (x86)\imobie\anytrans\airbackuphelper.exe => No File FirewallRules: [TCP Query User{9AAE5470-2CBB-49DC-AAF2-4337BBDEC4D9}C:\program files (x86)\imobie\anytrans\airbackuphelper.exe] => (Block) C:\program files (x86)\imobie\anytrans\airbackuphelper.exe => No File FirewallRules: [UDP Query User{34D16A7A-B7F2-4259-98DF-24692BF081D3}C:\program files (x86)\imobie\anytrans\airbackuphelper.exe] => (Block) C:\program files (x86)\imobie\anytrans\airbackuphelper.exe => No File FirewallRules: [{AD19B712-D652-46C2-8FAE-92861901594C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => No File FirewallRules: [{6BBDE282-4589-4FEF-AC60-633CD6C5C9BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => No File FirewallRules: [{E9FBB58F-1091-4C9B-8B8A-733EA8B34AD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe () [File not signed] FirewallRules: [{91DDD9DB-ED4F-4360-947E-10A413529017}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe () [File not signed] FirewallRules: [{3F8D224B-5F81-4147-93DE-4A82AB5217D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls Beta\SkullGirls.exe () [File not signed] FirewallRules: [{C07B5521-E44A-47EA-B7E4-CEDB3EE110A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls Beta\SkullGirls.exe () [File not signed] FirewallRules: [{9F5D9ED2-780E-4799-9F53-F95AD01553D5}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) FirewallRules: [{313C58EE-6DD1-4A1C-9340-3C432C1DF167}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => No File FirewallRules: [{48E385C7-64D0-4187-B6F6-87F99D7D66ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => No File FirewallRules: [{2438AD2B-C055-4FE1-8585-E620A8020937}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deep Rock Galactic\FSD.exe (Epic Games, Inc.) [File not signed] FirewallRules: [{18B1C902-5313-4359-813B-B011D01D10B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deep Rock Galactic\FSD.exe (Epic Games, Inc.) [File not signed] FirewallRules: [{880E044B-6374-4E10-A5B7-927DCAE48BED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> ) FirewallRules: [{23AC28A2-3581-4617-8D3A-174A0403B7C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> ) FirewallRules: [{CB304F2A-796B-4086-9D45-B4CDA43026BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{E218A850-65CB-4563-AD29-F7DFC73C6341}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{2919BD89-57AD-4AB1-BC2C-2831C878E6F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5A77DD05-0B7B-476A-91FA-445C90CBF844}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{51CEF804-E571-401E-A74B-853119E8C5EF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{BB27A24E-A27F-45AE-9420-2CAE6E3A684F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A6848174-4C90-405D-97E7-5E6FF85D4C68}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9BD1F6D3-27C9-4A43-B2A0-938CDDB7BED2}] => (Allow) D:\SteamLibrary\steamapps\common\Frostpunk\Frostpunk.exe (11 bit studios S.A.) [File not signed] FirewallRules: [{F59029C6-4F00-4B87-B39E-C5DD54DC206D}] => (Allow) D:\SteamLibrary\steamapps\common\Frostpunk\Frostpunk.exe (11 bit studios S.A.) [File not signed] FirewallRules: [{55084396-55C8-457F-8CCC-3A2BA0F65AFD}] => (Allow) D:\SteamLibrary\steamapps\common\She Will Punish Them\She Will Punish Them.exe () [File not signed] FirewallRules: [{24335067-091C-48B9-AE8E-E3ED26E8E5EE}] => (Allow) D:\SteamLibrary\steamapps\common\She Will Punish Them\She Will Punish Them.exe () [File not signed] FirewallRules: [TCP Query User{DF2F56DB-FB2B-4202-82D4-1BCCE41F10ED}C:\users\seezo\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\seezo\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe FirewallRules: [UDP Query User{D2F8AA2C-F1D6-4E81-8B72-6C00CFF917C0}C:\users\seezo\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\seezo\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe FirewallRules: [{2922DA8C-8229-4E1B-A8D4-E72252630571}] => (Block) C:\users\seezo\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe FirewallRules: [{3008E6DC-EBAA-40FC-8577-7AF2FFD77799}] => (Block) C:\users\seezo\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe FirewallRules: [{336896E0-AD10-4D4C-B3CD-99F5950FD775}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{645EE437-DE4B-4A5D-9C60-18A6ACBA17F8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{698AE485-7C7C-46FC-AD52-D08889657E0A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{7E4432FA-AB45-4775-BCC6-7F11409873C3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{D9F30BED-A271-493C-9D28-9E06EDFE42E4}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\96.0.4664.39\remoting_host.exe (Google LLC -> Google LLC) FirewallRules: [{0BC6F09D-9D67-4594-AAD7-A422E9BE55D3}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{06A9E774-4A2B-4D7E-8B19-0EA07F26667E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F60A3A02-334D-45C8-B9C8-0E97CF1BBD73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe () [File not signed] FirewallRules: [{494D963A-6780-42A2-9348-8445AF841B1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe () [File not signed] ==================== Restore Points ========================= 30-12-2021 21:14:02 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 30-12-2021 21:14:12 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 07-01-2022 14:26:37 Scheduled Checkpoint 09-01-2022 21:10:03 Removed Java SE Development Kit 8 Update 261 (64-bit) ==================== Faulty Device Manager Devices ============ Name: VirtualBox Host-Only Ethernet Adapter Description: VirtualBox Host-Only Ethernet Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Oracle Corporation Service: VBoxNetAdp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ======================== Application errors: ================== Error: (01/09/2022 09:09:59 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: AUDIODG.EXE, version: 10.0.19041.1387, time stamp: 0x4250bbc8 Faulting module name: MBAPO264.dll, version: 2.1.1.0, time stamp: 0x5f96d46f Exception code: 0xc0000005 Fault offset: 0x000000000007137a Faulting process id: 0x305c Faulting application start time: 0x01d8055a25f71b39 Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE Faulting module path: C:\WINDOWS\System32\MBAPO264.dll Report Id: 220f09b9-2836-4c20-be29-bcc26de56ce5 Faulting package full name: Faulting package-relative application ID: Error: (01/09/2022 09:08:43 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . Error: (01/09/2022 09:08:43 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] Error: (01/09/2022 12:01:32 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (01/09/2022 11:58:55 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: AUDIODG.EXE, version: 10.0.19041.1387, time stamp: 0x4250bbc8 Faulting module name: MBAPO264.dll, version: 2.1.1.0, time stamp: 0x5f96d46f Exception code: 0xc0000005 Fault offset: 0x000000000007137a Faulting process id: 0x3468 Faulting application start time: 0x01d8050d359f3ad4 Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE Faulting module path: C:\WINDOWS\System32\MBAPO264.dll Report Id: b23f0383-92a6-401c-a4f4-ea9f845b5666 Faulting package full name: Faulting package-relative application ID: Error: (01/08/2022 10:51:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: AUDIODG.EXE, version: 10.0.19041.1387, time stamp: 0x4250bbc8 Faulting module name: MBAPO264.dll, version: 2.1.1.0, time stamp: 0x5f96d46f Exception code: 0xc0000005 Fault offset: 0x000000000007137a Faulting process id: 0x3530 Faulting application start time: 0x01d8049f3a7b1dcb Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE Faulting module path: C:\WINDOWS\System32\MBAPO264.dll Report Id: 7335df71-dce7-4c0f-835d-771267384059 Faulting package full name: Faulting package-relative application ID: Error: (01/08/2022 09:33:44 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: AUDIODG.EXE, version: 10.0.19041.1387, time stamp: 0x4250bbc8 Faulting module name: MBAPO264.dll, version: 2.1.1.0, time stamp: 0x5f96d46f Exception code: 0xc0000005 Fault offset: 0x000000000007137a Faulting process id: 0x2244 Faulting application start time: 0x01d8049458566c2e Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE Faulting module path: C:\WINDOWS\System32\MBAPO264.dll Report Id: 2e23378f-a7a6-4a9b-b94e-57032f9086c8 Faulting package full name: Faulting package-relative application ID: Error: (01/08/2022 10:18:56 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: AUDIODG.EXE, version: 10.0.19041.1387, time stamp: 0x4250bbc8 Faulting module name: MBAPO264.dll, version: 2.1.1.0, time stamp: 0x5f96d46f Exception code: 0xc0000005 Fault offset: 0x000000000007137a Faulting process id: 0x32ec Faulting application start time: 0x01d8043612b21861 Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE Faulting module path: C:\WINDOWS\System32\MBAPO264.dll Report Id: 1b39a10e-3cd8-4f30-a8a4-6fe7dc7b3584 Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (01/09/2022 09:08:41 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} Error: (01/09/2022 09:08:41 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} Error: (01/09/2022 09:08:41 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} Error: (01/09/2022 09:08:41 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} Error: (01/09/2022 09:08:41 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} Error: (01/09/2022 09:08:41 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} Error: (01/09/2022 09:08:41 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} Error: (01/09/2022 09:08:41 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} CodeIntegrity: =============== Date: 2022-01-09 21:13:15 Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume8\Program Files\Norton Security\Engine\22.21.11.46\symamsi.dll that did not meet the Windows signing level requirements. Date: 2022-01-09 21:12:17 Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume8\Program Files\Norton Security\Engine\22.21.11.46\symamsi.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: INSYDE Corp. 1.07.04TASP1 02/17/2020 Motherboard: AFTERSHOCK NP50DE_DB Processor: Intel(R) Core(TM) i7-10750H CPU @ 2.60GHz Percentage of memory in use: 37% Total physical RAM: 16169.55 MB Available physical RAM: 10174.95 MB Total Virtual: 22313.55 MB Available Virtual: 14235.95 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:464.77 GB) (Free:50.29 GB) NTFS Drive d: (New Volume) (Fixed) (Total:833.84 GB) (Free:530.71 GB) NTFS \\?\Volume{2c25df9c-39df-414b-b2af-e0b1c228152c}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.43 GB) NTFS \\?\Volume{12103d20-970c-4d47-a4d3-ed0fca65517f}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 \\?\Volume{876a65d2-3c39-4c2b-ac06-0bc1d8a1b3f8}\ () (Fixed) (Total:0.5 GB) (Free:0.5 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 3D5B5C13) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt =======================