Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-12-2022 Ran by monke (14-12-2022 10:00:53) Running from C:\Users\monke\Desktop Microsoft Windows 10 Pro Version 21H2 19044.2364 (X64) (2021-11-20 18:21:25) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-3967429642-383172465-2203361899-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3967429642-383172465-2203361899-503 - Limited - Disabled) Guest (S-1-5-21-3967429642-383172465-2203361899-501 - Limited - Disabled) monke (S-1-5-21-3967429642-383172465-2203361899-1001 - Administrator - Enabled) => C:\Users\monke WDAGUtilityAccount (S-1-5-21-3967429642-383172465-2203361899-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411} FW: AVG Antivirus (Enabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov) ACS Unified PC/SC Driver 4.3.1.0 (HKLM\...\{70105406-1CAF-4162-8A0B-C47361317A78}) (Version: 4.3.1.0 - Advanced Card Systems Ltd.) Amazon Kindle (HKU\S-1-5-21-3967429642-383172465-2203361899-1001\...\Amazon Kindle) (Version: 1.39.2.65383 - Amazon) Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.1.0.253 - Amazon) Assassin's Creed Origins (HKLM-x32\...\Uplay Install 3539) (Version: - Ubisoft) AVG AntiVirus FREE (HKLM\...\AVG Antivirus) (Version: 22.12.3264 - AVG Technologies) calibre 64bit (HKLM\...\{F337A397-2601-4BF3-8028-C0940FB26549}) (Version: 6.5.0 - Kovid Goyal) Call of Duty Modern Warfare 2019 [1.03.0.724] (HKLM-x32\...\Call of Duty Modern Warfare 2019_is1) (Version: - Infinity Ward) CDisplayEx 1.10.33 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.) CryptoCard Graphite Suite (HKLM\...\{86F82F8A-BC86-488E-AD7A-99949CB4EEE3}) (Version: 3.5.4.22 - CryptoTech) EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.223.5198 - Electronic Arts) Hidden EA app (HKLM-x32\...\{6f549c6c-8cf9-417f-b1c4-6d87994d5f5b}) (Version: 12.0.223.5198 - Electronic Arts) Epic Games Launcher (HKLM-x32\...\{30C7A3B1-644C-423F-AB2C-743E007A84EC}) (Version: 1.3.0.0 - Epic Games, Inc.) Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.) Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.3 - ) Evernote 10.49.4 (HKU\S-1-5-21-3967429642-383172465-2203361899-1001\...\e4251011-875e-51f3-a464-121adaff5aaa) (Version: 10.49.4 - Evernote Corporation) foobar2000 v1.6.8 (HKLM-x32\...\foobar2000) (Version: 1.6.8 - Peter Pawlowski) Fraps (HKLM-x32\...\Fraps) (Version: - ) Freearc Repack [1.0] (HKLM-x32\...\Freearc Repack_is1) (Version: - Freearc308) GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.100 - Google LLC) HD Audio PCI-e Audio Device (HKLM-x32\...\{0B43B885-9188-404F-8D1B-56EAB075EB59}) (Version: 3.10 - ) HID OMNIKEY CCID Driver (HKLM\...\{96A5CBB6-103F-4655-887A-8D0CCB00D7F8}) (Version: 2.2.2.114 - HID Global) hide.me VPN 3.13.1 (HKLM-x32\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 3.13.1 - eVenture Limited) Hotspot Shield 11.3.2 (HKLM-x32\...\{628a9add-4295-451d-be83-75a5b1767bd6}) (Version: 11.3.2.12083 - Pango Inc.) Hotspot Shield 11.3.2 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-49250157D256}) (Version: 11.3.2.12083 - Pango Inc.) Hidden Hotspot Shield 11.3.2 (HKLM-x32\...\HotspotShield) (Version: 11.3.2 - Pango Inc.) Hidden HotspotShield TAP-Windows 9.24.4 (HKLM\...\HotspotShield TAP-Windows) (Version: 9.24.4 - Pango Inc.) Hidden Instalator Szafir (HKLM-x32\...\{47B55674-69B4-4FD4-9EDA-435A794D1686}) (Version: 2.6.642 - Krajowa Izba Rozliczeniowa S.A.) Intel Driver && Support Assistant (HKLM-x32\...\{578E6A4F-CA2B-42D1-BDA7-0890885BD753}) (Version: 22.7.44.6 - Intel) Hidden Intel(R) Computing Improvement Program (HKLM\...\{72C2F68E-D34A-4AD8-8006-44480EEBE60A}) (Version: 2.4.08989 - Intel Corporation) Intel® Driver & Support Assistant (HKLM-x32\...\{27a1a209-4130-486f-a220-0f1495f7f325}) (Version: 22.7.44.6 - Intel) Jagged Alliance 2 (HKLM-x32\...\1207658696_is1) (Version: 1.12 - GOG.com) KeePass Password Safe 2.52 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.52 - Dominik Reichl) KeePassXC (HKLM\...\{B016A590-4085-406D-BBF6-1A0F181D9571}) (Version: 2.7.4 - KeePassXC Team) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Last.fm Desktop Scrobbler (HKLM-x32\...\{B13709CB-85AE-4F45-BFF9-2CB2B7A78F83}) (Version: 3.1.29 - Last.fm) Last.fm Scrobbler 2.1.37 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Malwarebytes version 4.5.18.226 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.18.226 - Malwarebytes) Microsoft .NET Core Host - 3.1.28 (x64) (HKLM\...\{26ECE92F-518E-40AF-9108-7B7B444A46DE}) (Version: 24.112.31513 - Microsoft Corporation) Hidden Microsoft .NET Core Host FX Resolver - 3.1.28 (x64) (HKLM\...\{CDEA72F4-1367-4E0A-AC5F-0EBAF7C6825A}) (Version: 24.112.31513 - Microsoft Corporation) Hidden Microsoft .NET Core Runtime - 3.1.28 (x64) (HKLM\...\{3691148D-EF42-4812-8956-AE11FC413B8D}) (Version: 24.112.31513 - Microsoft Corporation) Hidden Microsoft .NET Core Runtime - 3.1.28 (x64) (HKLM-x32\...\{231e3b76-4d0f-4e60-9d69-f11c9c448630}) (Version: 3.1.28.31513 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.46 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.46 - Microsoft Corporation) Microsoft GameInput (HKLM-x32\...\{6BBE9278-659F-FA16-E4B8-C2D60DE0DCC7}) (Version: 10.1.22621.1863 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3967429642-383172465-2203361899-1001\...\OneDriveSetup.exe) (Version: 22.227.1030.0001 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Mozilla Firefox (x64 pl) (HKLM\...\Mozilla Firefox 108.0 (x64 pl)) (Version: 108.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 102.3.1 - Mozilla) Mozilla Thunderbird (x64 pl) (HKLM\...\Mozilla Thunderbird 102.5.1 (x64 pl)) (Version: 102.5.1 - Mozilla) NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation) NVIDIA GeForce Experience 3.26.0.154 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.154 - NVIDIA Corporation) NVIDIA GeForce NOW 2.0.46.135 (HKU\S-1-5-21-3967429642-383172465-2203361899-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.46.135 - NVIDIA Corporation) NVIDIA Graphics Driver 527.56 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 527.56 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation) NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Opera Stable 87.0.4390.45 (HKU\S-1-5-21-3967429642-383172465-2203361899-1001\...\Opera 87.0.4390.45) (Version: 87.0.4390.45 - Opera Software) Opera Stable 93.0.4585.37 (HKU\S-1-5-21-3967429642-383172465-2203361899-1001\...\Opera 93.0.4585.37) (Version: 93.0.4585.37 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 10.5.116.52126 - Electronic Arts, Inc.) PlayWay Launcher (HKU\S-1-5-21-3967429642-383172465-2203361899-1001\...\playway-launcher) (Version: 1.3.1 - PWay Sp. z o.o.) qBittorrent 4.4.5 (HKLM-x32\...\qBittorrent) (Version: 4.4.5 - The qBittorrent project) Quiet on the Set 1.0.18 (HKLM-x32\...\{D8E93A01-DF6D-4B13-987B-986D26FE020F}_is1) (Version: 1.0.18 - Calvinware) REDlauncher (HKU\S-1-5-21-3967429642-383172465-2203361899-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.65.1069 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.5.1 - Rockstar Games) Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 7.2.0.930 - Samsung Electronics) SoulseekQt version 2019.7.22 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2019.7.22 - Soulseek LLC) Spotify (HKU\S-1-5-21-3967429642-383172465-2203361899-1001\...\Spotify) (Version: 1.2.0.1165.gabf054ab - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Sterowniki czytnika W8_64 (HKLM-x32\...\{B46BBC03-2B5D-4B29-803B-081D1013A87B}) (Version: 1.10.0000 - Krajowa Izba Rozliczeniowa S.A.) Szafir 2.0.0.642 (HKLM\...\{9DA3328E-F1F6-427B-8800-BEEFA92CA46F}) (Version: 2.0.0.642 - Krajowa Izba Rozliczeniowa S.A.) TIDAL (HKU\S-1-5-21-3967429642-383172465-2203361899-1001\...\TIDAL) (Version: 2.34.2 - TIDAL Music AS) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 127.3.10627 - Ubisoft) UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden VdhCoApp 1.6.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.90 - Winamp SA) Windows Driver Package - Advanced Card Systems Ltd. Unified PC/SC Driver (01/08/2019 4.3.1.0) (HKLM\...\F0BF7B36B8B2F7E24302D9C217904BB74C70A5BE) (Version: 01/08/2019 4.3.1.0 - Advanced Card Systems Ltd.) Windows Driver Package - CryptoTech SmartCard (10/09/2019 1.4.5.1) (HKLM\...\1BD592D6386F8D6D59357301B72D61AC4AFBC38E) (Version: 10/09/2019 1.4.5.1 - CryptoTech) Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation) Wise Disk Cleaner 10.9.2 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 10.9.2 - WiseCleaner.com, Inc.) YACReader v9.8.2.2106204 (HKLM\...\YACReader_is1) (Version: - ) Packages: ========= Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1710.29.105.0_x64__8xx8rvfyw5nnt [2022-12-09] (Meta) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-06-29] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-06-29] (Microsoft Corporation) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-12-10] (NVIDIA Corp.) Pentiment -> C:\Program Files\WindowsApps\Microsoft.OE-Missouri_1.1.1364.0_x64__8wekyb3d8bbwe [2022-12-13] (Microsoft Studios) Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-06-29] (Microsoft Corporation) Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-06-29] (Microsoft Corporation) Shutdown Timer Classic -> C:\Program Files\WindowsApps\19341LukasLangrock.ShutdownTimerClassic_1.2.3.0_x64__jnfph5tq58r4j [2022-06-30] (Lukas Langrock) WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2248.9.0_x64__cv1g1gvanyjgm [2022-12-13] (WhatsApp Inc.) [Startup Task] XboxInsiderHub -> C:\Program Files\WindowsApps\Microsoft.XboxInsider_1.2209.12001.0_x64__8wekyb3d8bbwe [2022-09-29] (Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3967429642-383172465-2203361899-1001_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> "C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe" -ToastActivated => No File ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [Szafir] -> {2D8A1D98-A7C8-4436-96E8-98AED9D8F076} => C:\Program Files\Krajowa Izba Rozliczeniowa S.A\Szafir 2.0\bin\SzafirContextMenu.dll [2017-02-23] (TODO: ) [File not signed] ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-09] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed] ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\nvshext.dll [2022-12-06] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-09] (Malwarebytes Inc. -> Malwarebytes) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [File not signed] HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [File not signed] ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= 2022-08-09 15:02 - 2022-08-09 15:02 - 005998080 _____ () [File not signed] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module_win32.dll 2022-10-04 09:01 - 2022-09-01 19:13 - 002566656 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\ffmpeg.dll 2022-10-04 09:01 - 2022-09-01 19:13 - 000357888 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\libegl.dll 2022-10-04 09:01 - 2022-09-01 19:13 - 006829568 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\libglesv2.dll 2022-10-04 09:01 - 2022-09-01 19:13 - 000097280 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\magutils-napi.node 2022-10-04 09:01 - 2022-09-01 19:13 - 000087040 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\magvibrancy-napi.node 2022-10-04 09:01 - 2022-09-01 19:13 - 000564736 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\uimpewrapper-napi.node 2022-12-13 10:36 - 2022-12-13 10:36 - 101013504 _____ () [File not signed] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2248.9.0_x64__cv1g1gvanyjgm\WhatsApp.dll 2022-12-13 10:36 - 2022-12-13 10:36 - 008540160 _____ () [File not signed] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2248.9.0_x64__cv1g1gvanyjgm\WhatsAppNative.dll 2021-11-20 21:38 - 2015-07-15 10:31 - 000254464 ____N (C-MEDIA Electronics INC.) [File not signed] C:\Program Files\HD Audio PCI-e Audio Device\CPL\Driver\x64\vista\osConfLib.dll 2021-11-20 21:38 - 2014-09-04 18:42 - 000158208 ____N (C-Media Electronics Inc.) [File not signed] C:\Windows\System\GfsSrv64.dll 2022-09-15 18:42 - 2022-07-15 15:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll 2021-05-21 14:04 - 2021-05-21 14:04 - 000130048 _____ (Sam Grogan) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Driver and Support Assistant\NotifyIconWin32.dll 2022-11-11 18:08 - 2022-11-11 18:08 - 002159616 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll 2022-02-03 00:17 - 2022-02-03 00:17 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll 2022-02-03 00:17 - 2022-02-03 00:17 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll 2022-02-03 00:17 - 2022-02-03 00:17 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2022-11-14 23:12 - 2022-02-03 00:17 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll 2022-11-14 23:12 - 2022-02-03 00:17 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll 2022-11-14 23:12 - 2022-02-03 00:17 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll 2022-11-14 23:12 - 2022-02-03 00:17 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll 2022-11-14 23:12 - 2022-02-03 00:17 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2022-11-14 23:12 - 2022-02-03 00:17 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll 2017-02-23 00:14 - 2017-02-23 00:14 - 002573824 _____ (TODO: ) [File not signed] C:\Program Files\Krajowa Izba Rozliczeniowa S.A\Szafir 2.0\bin\SzafirContextMenu.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2022-11-05 19:42 - 2022-11-05 19:42 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3967429642-383172465-2203361899-1001\Control Panel\Desktop\\Wallpaper -> e:\lem\screens - obrazki - zdjęcia\obrazki tematyczne\sztuka\artyści\glenn porter\glenn-porter-reflecting-pool-by-tavenerscholar-dagvjyn.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\Run32: => "WinampAgent" HKU\S-1-5-21-3967429642-383172465-2203361899-1001\...\StartupApproved\StartupFolder: => "Last.fm Desktop Scrobbler.lnk" HKU\S-1-5-21-3967429642-383172465-2203361899-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3967429642-383172465-2203361899-1001\...\StartupApproved\Run: => "Steam" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{8766BCB7-E022-4181-A93A-9776C5335E09}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{9A279F0C-7846-4ABC-A1E0-D9E9BACFD057}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{A9A98445-2693-4A74-87C3-69AF6C543FCD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{4E1F66F7-898B-499F-A028-1A23A4C9EA9F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{06CE2D8C-BD95-4142-BD65-C9A0667C906B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{235EF0FC-F45A-4829-857B-23947595FB28}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{5E22A9D0-9E6F-48A2-861D-3BF425D14751}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guns, Gore and Cannoli\ggc.exe () [File not signed] FirewallRules: [{2A674C10-30D7-483D-9AD7-12081C4D8CE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guns, Gore and Cannoli\ggc.exe () [File not signed] FirewallRules: [{E9D5F954-D821-4B46-B931-3292453ABB08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broforce\Broforce_beta.exe () [File not signed] FirewallRules: [{66302FD6-0D00-4E2A-B25F-DCCFAA83A570}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broforce\Broforce_beta.exe () [File not signed] FirewallRules: [{2C8DDA26-F498-468C-B581-C36D98DCAF06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Door Kickers - Action Squad\ActionSquad.exe (PixelShard.com) [File not signed] FirewallRules: [{59E92262-3F65-4F59-AC2E-EADBFE253784}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Door Kickers - Action Squad\ActionSquad.exe (PixelShard.com) [File not signed] FirewallRules: [{1F2F91F5-CB15-49F0-BAF7-B275A1453C68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DoorKickers\DoorKickers.exe () [File not signed] FirewallRules: [{4F9C121F-5345-43C4-9CCA-E49CC776F072}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DoorKickers\DoorKickers.exe () [File not signed] FirewallRules: [{8F722CE7-0A3E-4667-8ACD-4F678271565E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dagon\Dagon.exe () [File not signed] FirewallRules: [{2B226664-6A41-4DCE-9BD3-2C9C7809FDBD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dagon\Dagon.exe () [File not signed] FirewallRules: [{5A68577A-F67E-4F48-9222-4E3ACDA7D2C7}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{DECAFAF3-B8D6-4141-82E9-53B531F4738E}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{45296BEC-43E5-4F41-A662-0BDEF386921D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{D069944E-ED62-464B-8E95-021D3E272D63}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{91D20A7B-8A54-42FD-9A36-F0A68E51B706}C:\users\monke\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\monke\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{CA2FB40B-132B-41AA-AC9D-2CCD657FEB17}C:\users\monke\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\monke\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{420BEA83-2006-4D5D-8063-442E50633129}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe => No File FirewallRules: [UDP Query User{50D6C952-41DE-4A4F-AEA2-F52BAF6F93BB}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe => No File FirewallRules: [TCP Query User{36E4647F-8587-4CE0-9D2D-4AD501770159}E:\program files (x86)\steam\steam.exe] => (Allow) E:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [UDP Query User{BB98848F-D534-4256-80FC-878154B276C5}E:\program files (x86)\steam\steam.exe] => (Allow) E:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{F705CEF4-94F9-41EB-936A-98E6357B5BB2}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{291819FF-0438-42B8-ABA4-5E0851EFE9CE}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{C7B0824B-AAA0-45AC-B1FD-BB240FBE7585}] => (Allow) C:\JA2\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe => No File FirewallRules: [{84EB1373-D5D3-40DE-9A38-EDC0BAF6E27C}] => (Allow) C:\JA2\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe => No File FirewallRules: [{AF09B868-B836-48FF-A9C6-CDAB9B19A843}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lamentum Demo\Lamentum.exe () [File not signed] FirewallRules: [{C5C92220-CDCE-468F-8758-CBEB816D6632}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lamentum Demo\Lamentum.exe () [File not signed] FirewallRules: [TCP Query User{E800603F-CD79-4B26-AA20-628E180C864D}E:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) E:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed] FirewallRules: [UDP Query User{42CEDA91-338C-4B1B-B506-94CDCE2FB7FD}E:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) E:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed] FirewallRules: [{F177AB61-EF0E-4A8B-9123-C6C9A60F86C6}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\CONSCRIPT Demo\CONSCRIPT Demo.exe (Catchweight Studio) [File not signed] FirewallRules: [{3936D5CA-CCF8-4DFD-87D9-37E17AA9D18A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\CONSCRIPT Demo\CONSCRIPT Demo.exe (Catchweight Studio) [File not signed] FirewallRules: [{5229FDC1-01C1-46CB-92E8-B5C4181ADABA}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DoorKickers\DoorKickers.exe () [File not signed] FirewallRules: [{2DF7CF0E-C7EC-4135-ACA1-ECEDA936F35E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DoorKickers\DoorKickers.exe () [File not signed] FirewallRules: [TCP Query User{C2E3F129-A69D-435C-9FD9-C73C8EF3EF70}C:\ja2\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\ja2\steamapps\common\red dead redemption 2\rdr2.exe => No File FirewallRules: [UDP Query User{79974D22-6D74-45EA-BCBA-458FC487D275}C:\ja2\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\ja2\steamapps\common\red dead redemption 2\rdr2.exe => No File FirewallRules: [TCP Query User{925C81F0-10B0-466E-AF4E-A62042CC1CB2}C:\users\monke\appdata\local\programs\opera\opera.exe] => (Block) C:\users\monke\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{15761AD0-B2BF-4907-9E2F-64976F578C17}C:\users\monke\appdata\local\programs\opera\opera.exe] => (Block) C:\users\monke\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [TCP Query User{30052BAB-8B1F-4BAA-90BB-79649186DD65}C:\program files (x86)\steam\steamapps\common\expeditions rome demo\expeditionsrome\binaries\win64\expeditionsrome-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\expeditions rome demo\expeditionsrome\binaries\win64\expeditionsrome-win64-shipping.exe => No File FirewallRules: [UDP Query User{3C44C850-7D75-4347-AB26-41B5EC7562E0}C:\program files (x86)\steam\steamapps\common\expeditions rome demo\expeditionsrome\binaries\win64\expeditionsrome-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\expeditions rome demo\expeditionsrome\binaries\win64\expeditionsrome-win64-shipping.exe => No File FirewallRules: [TCP Query User{6727DC3F-F119-4ACA-A126-510708B19A13}D:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) D:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited) FirewallRules: [UDP Query User{C49FD70F-CB6E-4DAF-BB81-6CAEA5BF3944}D:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) D:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited) FirewallRules: [{78B26E08-7A72-4B07-8E14-2F5703556379}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Martial Law\martial-law.exe (Godot Engine) [File not signed] FirewallRules: [{B582D077-5A8F-4B42-BA8A-7FD598CA7077}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Martial Law\martial-law.exe (Godot Engine) [File not signed] FirewallRules: [{1D528773-3F9F-42E2-9901-3AEBA7C928A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamWorld Dig\SteamWorldDig.exe () [File not signed] FirewallRules: [{D031831B-CE63-4288-B65D-9A4305131B84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamWorld Dig\SteamWorldDig.exe () [File not signed] FirewallRules: [{3AE0F4BE-916B-450B-BE37-EFF54112F231}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slain!\Slain.exe () [File not signed] FirewallRules: [{FA0FBE45-5CD1-4702-9F1E-6D45EF9CB7CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slain!\Slain.exe () [File not signed] FirewallRules: [{3412ABCC-4818-4151-BB09-A37BE2BB659F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spelunky\Spelunky.exe () [File not signed] FirewallRules: [{482821C0-B462-4510-BEDB-0A7AFF6294CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spelunky\Spelunky.exe () [File not signed] FirewallRules: [{6B787B7A-232F-46EB-91D2-A70F61BC50BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Door Kickers - Action Squad\tools\ActionSquadEd.exe (ACME) [File not signed] FirewallRules: [{321618FB-055D-4238-BF19-638C8CF1D4C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Door Kickers - Action Squad\tools\ActionSquadEd.exe (ACME) [File not signed] FirewallRules: [{7CBEA3F8-2897-4D85-8F45-D33EB99876B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wasteland 3\WL3.exe (Microsoft Corporation -> ) FirewallRules: [{35D5018F-46B2-4C27-A8AF-A64AAFACC893}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wasteland 3\WL3.exe (Microsoft Corporation -> ) FirewallRules: [{2F940E68-3927-4D3A-82FC-DC04BF89BE12}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA) FirewallRules: [{1CFD926B-EB80-4380-A751-9117112E5F2F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA) FirewallRules: [{5552FB38-647D-4241-92E5-F6D8B7147783}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GODS Remastered\Gods.exe () [File not signed] FirewallRules: [{0171CB3F-D447-4789-A433-8FA66F48CDA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GODS Remastered\Gods.exe () [File not signed] FirewallRules: [{05CD27C7-4E08-4BC0-A22C-7E7BC79F5536}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\1993 Space Machine\1993 Shenandoah.exe () [File not signed] FirewallRules: [{F9C7C8A1-99D7-43FF-BD2E-690AD0903E30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\1993 Space Machine\1993 Shenandoah.exe () [File not signed] FirewallRules: [{ACD46BB3-4F70-4382-AA3D-7266DD3D508D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Necromonads\Necromonads.exe () [File not signed] FirewallRules: [{13EC3093-D669-43C9-8073-97227B0BC39B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Necromonads\Necromonads.exe () [File not signed] FirewallRules: [{F28B69E8-88A2-4DC8-9EEC-9E55086AB577}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Verne The Shape of Fantasy Demo\Verne.exe () [File not signed] FirewallRules: [{1271CD22-A3F2-4BDF-803E-43D10C26B9D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Verne The Shape of Fantasy Demo\Verne.exe () [File not signed] FirewallRules: [{74E53193-8206-44C7-A5D4-D106AC5796DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tankocracy Demo\TANKOCRACY_DEMO\TC_Demo_2022.exe => No File FirewallRules: [{8997ED37-806C-42E2-8F61-C1D81234ABD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tankocracy Demo\TANKOCRACY_DEMO\TC_Demo_2022.exe => No File FirewallRules: [{5AEB0B74-1CA6-4D9E-A614-F5DD557C2FD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\McPixxel Demo\demo\McDemo3.exe => No File FirewallRules: [{79023C34-3796-4DB6-85F9-F32017EFA802}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\McPixxel Demo\demo\McDemo3.exe => No File FirewallRules: [{4F791B8D-8B55-4FDF-968A-08C95678F915}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Nano Blaster Demo\SuperNanoBlaster.exe => No File FirewallRules: [{67EDB4CD-6F55-4FCD-A02C-4D38B716BA4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Nano Blaster Demo\SuperNanoBlaster.exe => No File FirewallRules: [{7E9681E4-A6C5-4C34-AC94-85F6C54F17A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cthulhu pub Demo\CthulhuPub\CthulhuPub.exe => No File FirewallRules: [{F8092341-5EB0-4D89-AA57-931F0672CE29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cthulhu pub Demo\CthulhuPub\CthulhuPub.exe => No File FirewallRules: [{FA40BA77-05C7-4A92-8934-23F008DA34DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call to Arms\binaries\x64\call_to_arms_ed.exe (Digitalmindsoft) [File not signed] FirewallRules: [{316E77CD-C23A-414B-A240-16CD1A2D7736}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call to Arms\binaries\x64\call_to_arms_ed.exe (Digitalmindsoft) [File not signed] FirewallRules: [{0B8740D4-186E-426D-A007-7095E62784D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call to Arms\binaries\x64\call_to_arms.exe (Digitalmindsoft) [File not signed] FirewallRules: [{845AD091-A1C8-4ABC-AD80-82995BBF225B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call to Arms\binaries\x64\call_to_arms.exe (Digitalmindsoft) [File not signed] FirewallRules: [{A530B21E-5952-43CD-9B68-A13601E04CF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blazing Chrome\Blazing Chrome.exe (JoyMasher, Allone-Works) [File not signed] FirewallRules: [{63CF314C-6A83-48E0-952E-1F33FFD4348D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blazing Chrome\Blazing Chrome.exe (JoyMasher, Allone-Works) [File not signed] FirewallRules: [{3A52E187-5AB5-496A-8168-125F612E7744}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed] FirewallRules: [{EE84D85D-A77F-4E34-9D71-75F510388484}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed] FirewallRules: [{6BBC9334-372E-4ED2-8572-ECC5F84AD9B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MindsBeneathUs Demo\MindsBeneathUsDemo.exe () [File not signed] FirewallRules: [{ADD54273-CBA7-4AA0-B2FA-A6503953BAA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MindsBeneathUs Demo\MindsBeneathUsDemo.exe () [File not signed] FirewallRules: [{90B0A958-0840-4B31-AE9E-8B9DD378EE5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Castlevania Anniversary Collection\game.exe () [File not signed] FirewallRules: [{2B87F593-E589-4339-AA41-D63F3297E131}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Castlevania Anniversary Collection\game.exe () [File not signed] FirewallRules: [{2C39C7EE-0106-4AC5-A9CF-BABEDBA84482}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gunner, HEAT, PC! Demo\Bin\GHPC.exe => No File FirewallRules: [{0FF58485-3A9B-4D9E-AEA8-1021D20706DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gunner, HEAT, PC! Demo\Bin\GHPC.exe => No File FirewallRules: [{6A752240-AEAA-439A-9FB1-CB7369E0119B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gamebook Edgar A. Poe The Oval Portrait\Gamebook The Oval Portrait.exe () [File not signed] FirewallRules: [{938D97CD-AC5A-41EF-9AB2-064E2AC788FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gamebook Edgar A. Poe The Oval Portrait\Gamebook The Oval Portrait.exe () [File not signed] FirewallRules: [{E06B4540-5D38-44B3-910C-837689A4BEAA}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed] FirewallRules: [{0C4C85CE-AE3D-496C-88BC-2E427D8FAD71}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed] FirewallRules: [{14F85B74-0DA4-4C1E-8C21-8C4713BEA9E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe => No File FirewallRules: [{5E0FFF08-54B1-4350-9715-A775D636FB52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe => No File FirewallRules: [{404069B7-0A1A-4B0F-91D3-B7AE8AC6FF0E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ukraine War Stories Demo\UWS_vc.exe () [File not signed] FirewallRules: [{9F43B283-BDBC-4DDD-A3F3-5F9FF5802C6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ukraine War Stories Demo\UWS_vc.exe () [File not signed] FirewallRules: [{66A95421-524F-4911-830C-E6FC79E63B2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKALD Against the Black Priory Demo\SKALD Against the Black Priory.exe () [File not signed] FirewallRules: [{471B049F-019A-4E31-B7D7-C7B35B402ABA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKALD Against the Black Priory Demo\SKALD Against the Black Priory.exe () [File not signed] FirewallRules: [{80EF7981-9CA0-46B2-BD08-EB89A00DA9D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RatsBatsAndBones\RatsBatsAndBones.exe () [File not signed] FirewallRules: [{BAAD0631-B381-450C-8908-3992A6C00233}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RatsBatsAndBones\RatsBatsAndBones.exe () [File not signed] FirewallRules: [{5EA73A68-571E-40AB-A94E-ED77D9922ABD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{F407934D-4467-47D4-8659-19F3C92CB925}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{89E909EB-3C1B-449B-B944-D3B2BD20E62B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{0CE6864B-5CC0-4330-9F13-94CEBB588B84}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{63397A3C-C3BB-4E17-8F40-53C6E417718F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsRevolution\WormsRevolution.exe () [File not signed] FirewallRules: [{D094B6FC-60EE-4835-A7B3-436A05912084}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsRevolution\WormsRevolution.exe () [File not signed] FirewallRules: [{793469F1-792D-4CC8-923B-6F2248574F27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pilgrims\Pilgrims.exe () [File not signed] FirewallRules: [{365785A8-7C2B-4C90-94D5-7F2B99AC34C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pilgrims\Pilgrims.exe () [File not signed] FirewallRules: [{CC04C7FA-6FFB-4AC9-8E80-CF814C8DA85B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CHUCHEL\Chuchel.exe () [File not signed] FirewallRules: [{918FAA33-8F0C-4CEC-9779-FF75B475B0B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CHUCHEL\Chuchel.exe () [File not signed] FirewallRules: [{8D237F78-BCE6-4831-AF30-9E7C6A984B0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call to Arms\binaries\x64\call_to_arms_ed.exe (Digitalmindsoft) [File not signed] FirewallRules: [{3771E5BF-5CFE-4B99-9708-ABB174667EA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call to Arms\binaries\x64\call_to_arms_ed.exe (Digitalmindsoft) [File not signed] FirewallRules: [{FD05B0B4-9B17-43FC-81B8-13405C2137DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call to Arms\binaries\x64\call_to_arms.exe (Digitalmindsoft) [File not signed] FirewallRules: [{DDE81A56-280C-46DB-A770-E4244E7B96CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call to Arms\binaries\x64\call_to_arms.exe (Digitalmindsoft) [File not signed] FirewallRules: [{452397B6-876C-4630-99B0-995D395582EE}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Origins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> ) FirewallRules: [{98642BB5-DB6B-40D5-B5E6-405A87DE0C84}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Origins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> ) FirewallRules: [{4B86D62D-BA42-462B-B589-B19C6638126A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\From Beyond Prologue\Prologue.exe () [File not signed] FirewallRules: [{CDA13FD0-52A3-4113-A734-97541C0A188E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\From Beyond Prologue\Prologue.exe () [File not signed] FirewallRules: [{AD8F930D-BFB8-4A39-805C-1C1A53FF307F}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{11848ECF-DFA4-4D74-81B1-62B7181EFF77}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{62A653E8-F99F-495E-B7FF-15ABD995433E}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{38389D87-6100-40EA-B9F6-603CFADE763E}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{F233C357-0C84-4CBA-A4C0-78C12722AA7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe () [File not signed] FirewallRules: [{21F2C7D8-167C-4772-A160-57E2003B668E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe () [File not signed] FirewallRules: [{9B51AD22-7458-4BF3-924F-4F9352119FC0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{990D516E-A55E-4533-A0D0-21525ED434AB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{52F13EEE-DADC-480A-B5F0-BDB051E2D67B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{67697640-8A9E-46C7-B4BD-4B4C44D6A250}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8C7F4F57-1A59-4B65-B481-0B45D0E3EACD}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.46\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{4EDC1805-F8A0-49BA-ACAC-757435A96601}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\We are the Plague Demo\We are the Plague Demo.exe () [File not signed] FirewallRules: [{C282B502-7371-4FEB-8BEE-459B69061668}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\We are the Plague Demo\We are the Plague Demo.exe () [File not signed] FirewallRules: [{CA07893A-8876-4C0E-845A-BCE9E8C6ABF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warlords Demo\Warlords Under Siege.exe () [File not signed] FirewallRules: [{A6DAF7C5-4062-41ED-B81C-83D86B7DC4CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warlords Demo\Warlords Under Siege.exe () [File not signed] FirewallRules: [{898BFEDF-867D-451B-B65B-4731B5583529}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= 14-12-2022 08:45:32 Windows Modules Installer 14-12-2022 08:47:11 Windows Modules Installer 14-12-2022 08:47:56 Windows Modules Installer ==================== Faulty Device Manager Devices ============ Name: Unknown USB Device (Device Descriptor Request Failed) Description: Unknown USB Device (Device Descriptor Request Failed) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. Name: SM Bus Controller Description: SM Bus Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: PCI Data Acquisition and Signal Processing Controller Description: PCI Data Acquisition and Signal Processing Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Base System Device Description: Base System Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Standard PS/2 Keyboard Description: Standard PS/2 Keyboard Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard keyboards) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: PCI Memory Controller Description: PCI Memory Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Microsoft PS/2 Mouse Description: Microsoft PS/2 Mouse Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ======================== Application errors: ================== Error: (12/14/2022 09:30:55 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-H7MICQI) Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code. Error: (12/14/2022 09:26:52 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY) Description: User hive is loaded by another process (Registry Lock) Process name: C:\Windows\System32\svchost.exe, PID: 8740, ProfSvc PID: 1716. Error: (12/14/2022 09:26:52 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY) Description: User hive is loaded by another process (Registry Lock) Process name: C:\Program Files\AVG\Antivirus\avgToolsSvc.exe, PID: 3244, ProfSvc PID: 1716. Error: (12/14/2022 08:44:26 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-H7MICQI) Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code. Error: (12/14/2022 01:46:37 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1000) (User: NT AUTHORITY) Description: Access to performance data was denied to user "SYSTEM" (value from GetUserName() for the running thread) as attempted from module "C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe" (value from GetModuleFileName() for the binary that issued the query). Error: (12/14/2022 01:46:33 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . Error: (12/14/2022 01:46:33 AM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] Error: (12/14/2022 01:46:33 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . System errors: ============= Error: (12/14/2022 09:25:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The EABackgroundService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (12/14/2022 09:25:45 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (45000 milliseconds) while waiting for the EABackgroundService service to connect. Error: (12/14/2022 08:40:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The EABackgroundService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (12/14/2022 08:40:31 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (45000 milliseconds) while waiting for the EABackgroundService service to connect. Error: (12/14/2022 12:59:40 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Mozilla Maintenance Service service terminated with the following error: Incorrect function. Error: (12/14/2022 12:59:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The EABackgroundService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (12/14/2022 12:59:08 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (45000 milliseconds) while waiting for the EABackgroundService service to connect. Error: (12/13/2022 12:28:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The EABackgroundService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. CodeIntegrity: =============== Date: 2022-12-14 09:27:55 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2022-12-14 09:26:45 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume7\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. 1.J0 01/30/2018 Motherboard: MSI Z170-A PRO (MS-7971) Processor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz Percentage of memory in use: 94% Total physical RAM: 8155.66 MB Available physical RAM: 413.03 MB Total Virtual: 23515.66 MB Available Virtual: 8899.02 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.5 GB) (Free:102.36 GB) (Model: Samsung SSD 970 EVO Plus 1TB) NTFS Drive d: () (Fixed) (Total:166.02 GB) (Free:30.75 GB) (Model: WDC WD10EZEX-60WN4A0) NTFS Drive e: () (Fixed) (Total:764.94 GB) (Free:559.56 GB) (Model: WDC WD10EZEX-60WN4A0) NTFS Drive f: (Audio CD) (CDROM) (Total:0 GB) (Free:0 GB) CDFS \\?\Volume{0d79bea0-81ba-4697-90d2-7a11b374e1c4}\ () (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS \\?\Volume{0e6ea80c-0c1a-4727-a827-5fefcbe7ad23}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ==================== ==================== End of Addition.txt =======================