AlexaSD
2019-12-31, 03:48
After I have spybot delete the file I rescanned and it was back. This is the location: C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.3842.0_x64__rz1tebttyb220\Assets\RadarHost
Here is FRST: 13210
The "Addition.txt file was 1kb too large for the attachements manager so I copied and pasted it below.
Got error from aswmbr virtualization technology question after clicking yes and computer was restarted twice, so I then clicked no.
Then got error and computer restart after clicking scan twice, Stop code: DRIVER_IRQL_NOT_LESS_OR_EQUAL aswMBR.sys, so I have no log file to post for that program.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by Alexa (30-12-2019 20:21:16)
Running from C:\Users\Alexa\Desktop
Windows 10 Home Version 1903 18362.535 (X64) (2019-07-27 23:16:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3759400987-4214920439-3437108526-500 - Administrator - Disabled)
Alexa (S-1-5-21-3759400987-4214920439-3437108526-1003 - Administrator - Enabled) => C:\Users\Alexa
Brandon (S-1-5-21-3759400987-4214920439-3437108526-1004 - Administrator - Enabled) => C:\Users\Brandon
DefaultAccount (S-1-5-21-3759400987-4214920439-3437108526-503 - Limited - Disabled)
Guest (S-1-5-21-3759400987-4214920439-3437108526-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3759400987-4214920439-3437108526-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Spybot - Search and Destroy (Enabled - Up to date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{C3A282C9-4C8B-4A63-B449-3A064FB378D7}) (Version: 8.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{CC046FB9-E84E-4092-B924-DBE33DA2BE75}) (Version: 8.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.)
Diablo II (HKLM-x32\...\Diablo II) (Version: - )
Documentation Manager (HKLM\...\{3EF18AD4-8F08-42FE-B2A4-F2DDB1DFB5D0}) (Version: 21.50.1.1 - Intel Corporation) Hidden
Intel Driver && Support Assistant (HKLM-x32\...\{3EAAD5EA-1D87-442D-8426-FD4FCE62119D}) (Version: 19.12.50.5 - Intel) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1036 - Intel Corporation)
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{AE956AB9-CD98-4F1E-8B9E-C3C66E290D64}) (Version: 3.4.2072 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000050-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.50.0.1 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{8d174f37-ea1a-4e4d-be82-c10521a3c687}) (Version: 19.12.50.5 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6aa2484c-1a35-428e-a857-8ee0a874d2d1}) (Version: 20.110.0 - Intel Corporation)
Intel® Software Guard Extensions Platform Software (HKLM\...\{2DF17C75-9627-4213-8612-17955E92F782}) (Version: 1.6.101.32869 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{e2b4037f-6ffc-4200-8b24-fdc8512f0dc9}) (Version: 21.50.1.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{9C96D8AC-EE43-4B47-877C-D11595511C8E}) (Version: 12.10.3.1 - Apple Inc.)
LibreOffice 5.4.2.2 (HKLM\...\{71F5B603-BA9F-41E1-BC94-9839DFE5A83E}) (Version: 5.4.2.2 - The Document Foundation)
Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Mozilla Firefox 71.0 (x64 en-US) (HKLM\...\Mozilla Firefox 71.0 (x64 en-US)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.1.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.1.57 - NVIDIA Corporation)
NVIDIA Graphics Driver 441.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.41 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8010 - Realtek Semiconductor Corp.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.5.3 - Tweaking.com)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22243 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.3842.0_x64__rz1tebttyb220 [2019-12-18] (Dolby Laboratories)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-15] (HP Inc.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.5.1.3_x86__h6adky7gbf63m [2019-12-18] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.105.0_x64__8wekyb3d8bbwe [2019-12-22] (Microsoft Studios)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-11-20] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2016-09-14 12:51 - 2016-09-14 12:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2016-09-14 12:51 - 2016-09-14 12:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7943 more sites.
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\123simsen.com -> www.123simsen.com
There are 7946 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 06:47 - 2019-09-10 19:47 - 000455006 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
There are 15616 more lines.
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Alexa\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 209.18.47.61 - 209.18.47.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled)
Wi-Fi: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F859A27E-5B42-43FC-8254-B74485E98E86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RESIDENT EVIL 2 BIOHAZARD RE2\re2.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{FF41A1A5-7710-4190-AA62-BA4392ABFE48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RESIDENT EVIL 2 BIOHAZARD RE2\re2.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{A9141E70-0AF7-4B28-98E9-DF012F0D761E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Frostpunk\Frostpunk.exe (Marek Ziemak -> 11 bit studios S.A.)
FirewallRules: [{DDE52180-00FF-4DCF-A584-9C3C9D3FB55A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Frostpunk\Frostpunk.exe (Marek Ziemak -> 11 bit studios S.A.)
FirewallRules: [{01E02995-A6DD-45DB-BC09-77F733EAE0DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe (GHI Media LLC -> Croteam)
FirewallRules: [{4FC02FE4-A1F1-47A0-B7B4-21080EAFBEF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe (GHI Media LLC -> Croteam)
FirewallRules: [{3388E838-C71D-4F18-A095-93C890CE0F0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe (GHI Media LLC -> Croteam)
FirewallRules: [{C523494F-F21E-462E-BC6E-6C8409BDAD11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe (GHI Media LLC -> Croteam)
FirewallRules: [{0A6123E5-01ED-4897-8B5A-C0041D3F57D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pathologic\Pathologic.exe () [File not signed]
FirewallRules: [{8DD6DFDB-827F-42A9-9B43-1EA738E7E6AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pathologic\Pathologic.exe () [File not signed]
FirewallRules: [{C74A7378-3DCF-448D-B642-C51621E69B52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grimoire_Heralds_of_the_Winged_Exemplar\Grimoire.exe () [File not signed]
FirewallRules: [{E9870213-CED6-4AB0-887F-0FF094CD2A02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grimoire_Heralds_of_the_Winged_Exemplar\Grimoire.exe () [File not signed]
FirewallRules: [{C097F00F-B588-48E9-9330-B2B2121FDC93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ObraDinn\ObraDinn.exe () [File not signed]
FirewallRules: [{80CB594D-067F-480D-BA4C-D4AB7EC00FB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ObraDinn\ObraDinn.exe () [File not signed]
FirewallRules: [{46E78626-78AD-48C3-A4A3-4B92944CBC8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe No File
FirewallRules: [{C0AEE527-2C6A-441E-9F71-D545ED7457F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe No File
FirewallRules: [{ACAFA4F6-E7CF-4C0E-9C9D-659DFC665859}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe No File
FirewallRules: [{FFEB8FA8-CA7F-4DC4-964C-EECC7A62EF5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe No File
FirewallRules: [{47986002-6662-4BAA-B5F7-A805F25B1351}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{A786B2A0-040C-4788-A316-59D2278B2EF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{95A24584-F7AB-4C47-B96F-ECEA35A7D835}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe (Toby Fox ) [File not signed]
FirewallRules: [{1F27FB1F-4CBF-458F-82B2-215C574ADAA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe (Toby Fox ) [File not signed]
FirewallRules: [UDP Query User{D81C456C-B69A-4484-AB02-A50A63D42CC0}C:\program files (x86)\steam\steamapps\common\phantomdoctrine\iwtb\binaries\win64\iwtb-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\phantomdoctrine\iwtb\binaries\win64\iwtb-win64-shipping.exe (CreativeForge Games) [File not signed]
FirewallRules: [TCP Query User{038FBC86-6F78-4DEF-992C-6B036E1A0376}C:\program files (x86)\steam\steamapps\common\phantomdoctrine\iwtb\binaries\win64\iwtb-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\phantomdoctrine\iwtb\binaries\win64\iwtb-win64-shipping.exe (CreativeForge Games) [File not signed]
FirewallRules: [{C728DA6B-5DFD-4A56-B85D-4DE76AF4BF49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PhantomDoctrine\IWTB.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{07ADB0EB-F66F-42C9-8092-3BD2A9BFE3D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PhantomDoctrine\IWTB.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{F4D42DF3-298D-4C8B-A566-B9F52FBC2530}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe () [File not signed]
FirewallRules: [{9A04BE8F-116E-4EF2-BF71-6F80685C756D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe () [File not signed]
FirewallRules: [{271F50AD-7613-4A78-9709-AFC7C836A593}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DRAGON QUEST XI\Game\Binaries\Win64\OverwriteSettings.exe () [File not signed]
FirewallRules: [{CCEDBCDE-FFB4-4A52-B68F-1ABDAB0D4D57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DRAGON QUEST XI\Game\Binaries\Win64\OverwriteSettings.exe () [File not signed]
FirewallRules: [{32BE9CB5-00CF-4D93-BBE3-5F6D52BD5A29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DRAGON QUEST XI\Game\Binaries\Win64\DRAGON QUEST XI.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{3F6A357F-9435-4502-84DE-964EA2BBE097}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DRAGON QUEST XI\Game\Binaries\Win64\DRAGON QUEST XI.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{05B9E27F-6186-4E43-BD79-9CB35CAD56F6}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{F1B26A92-14FD-40EC-8561-14E67FE1240F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe () [File not signed]
FirewallRules: [{93035125-2B34-4F3B-8763-AC1CFB4E192A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe () [File not signed]
FirewallRules: [{F1BB5D98-3838-4636-828B-4CD92D60C560}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
FirewallRules: [{56B7DE1B-0D1F-4690-B3A7-5386A5FE1BC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
FirewallRules: [{B80DD964-B9D4-4D3F-A274-1B4566840388}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\INSIDE\INSIDE.exe () [File not signed]
FirewallRules: [{FA18EEEF-9351-4A6C-B5F1-3FD5124745F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\INSIDE\INSIDE.exe () [File not signed]
FirewallRules: [{827015EA-7DD6-49C0-A294-D29BB77DC87A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HELLGATE_London\Hellgate.exe (Hanbitsoft, inc.) [File not signed]
FirewallRules: [{B989D61D-EB73-4BFD-A281-34D9472B884B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HELLGATE_London\Hellgate.exe (Hanbitsoft, inc.) [File not signed]
FirewallRules: [{064BED59-F339-4D84-9426-33D54F134959}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crest\Crest.exe No File
FirewallRules: [{315EE0EF-AE07-4702-8ECF-85FA4BED2745}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crest\Crest.exe No File
FirewallRules: [{56F5E796-E82D-4C15-814F-E2FBFB66D833}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Balrum\Balrum.exe () [File not signed]
FirewallRules: [{10950EF1-8DDB-4C47-82A0-7C936CF0BF99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Balrum\Balrum.exe () [File not signed]
FirewallRules: [{6990B182-93B0-4745-803F-73DBCC8D4EA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\One Hour One Life\steamGateClient.exe () [File not signed]
FirewallRules: [{DFBF751A-9A96-4D0E-9ACB-E1795E68B5FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\One Hour One Life\steamGateClient.exe () [File not signed]
FirewallRules: [{361CDD12-1BAE-42A3-8E0D-A7A71E212BEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy 6\FF6_Launcher.exe () [File not signed]
FirewallRules: [{01900879-4934-43B0-B36B-FDCA9685C412}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy 6\FF6_Launcher.exe () [File not signed]
FirewallRules: [{CE0606F3-0918-429D-8952-29119D0AE3F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy 6\FF6.exe () [File not signed]
FirewallRules: [{B6AB938B-49D9-46C1-9EEC-1B1401287B8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy 6\FF6.exe () [File not signed]
FirewallRules: [{8E2A35E0-D0A9-4AD8-8CA5-4A81DF3A1547}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\One Way Heroics\Game.exe (SilverSecond) [File not signed]
FirewallRules: [{6FBF6DA6-1A4F-471E-803C-98C107428EF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\One Way Heroics\Game.exe (SilverSecond) [File not signed]
FirewallRules: [{7F4B49FF-BE18-476F-97F8-C6F5DB4D0CF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheCatLady\TheCatLady.exe ( ) [File not signed]
FirewallRules: [{9BF17E51-DDAC-46B4-BFA4-9672B260D739}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheCatLady\TheCatLady.exe ( ) [File not signed]
FirewallRules: [UDP Query User{CD0C1701-EA95-4851-9121-DD901725020E}C:\users\alexa\desktop\downloader_diablo2_enus.exe] => (Allow) C:\users\alexa\desktop\downloader_diablo2_enus.exe No File
FirewallRules: [TCP Query User{B24442E6-05C9-4FD5-B23B-0450AF847AA8}C:\users\alexa\desktop\downloader_diablo2_enus.exe] => (Allow) C:\users\alexa\desktop\downloader_diablo2_enus.exe No File
FirewallRules: [UDP Query User{B09E8273-263C-4FE4-AF5A-AE519D3627DC}C:\users\alexa\desktop\msiproductreghelper.exe] => (Allow) C:\users\alexa\desktop\msiproductreghelper.exe No File
FirewallRules: [TCP Query User{048CF24A-CBF5-432C-854E-B4C186F9AD57}C:\users\alexa\desktop\msiproductreghelper.exe] => (Allow) C:\users\alexa\desktop\msiproductreghelper.exe No File
FirewallRules: [{C4B573F1-8002-44F4-A4C2-02E73F47A7A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [{64178229-6A07-4498-A77B-223A428A3918}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [{B51DFDAF-E31A-449B-9DED-A6870BCBD816}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OneShot\steamshim.exe () [File not signed]
FirewallRules: [{CE43EBF5-C42C-4145-BEF4-BCD3A958B377}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OneShot\steamshim.exe () [File not signed]
FirewallRules: [{8D981B4F-A1EC-4EF4-8005-CDDCAD7DF33F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Echo of the Wilds\Echo of the Wilds.exe ( ) [File not signed]
FirewallRules: [{E3AE976D-0BC6-42AF-A8F9-F63A1D1A707C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Echo of the Wilds\Echo of the Wilds.exe ( ) [File not signed]
FirewallRules: [{A6A23493-5F76-49DC-9596-F9E7FA567B99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect64.exe () [File not signed]
FirewallRules: [{1C12618B-2826-499A-9AC4-95409C5C71F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect64.exe () [File not signed]
FirewallRules: [{0B218D72-20AF-47FC-88C6-907444C8D728}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{9272163B-B608-44AF-A5F6-414609A404C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{5F943F94-8139-4A65-8917-C1C3D7975B26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin64.exe () [File not signed]
FirewallRules: [{0D304D49-D526-495B-94FB-8E1D7ECE6578}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin64.exe () [File not signed]
FirewallRules: [{FDB35216-4BA6-4B39-9FA3-1664D539D7C4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{12CE2698-34D3-494F-9281-A5A27C25E4CB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2BFC3141-04B3-466F-B492-4C8CBB4DE244}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cultist Simulator\cultistsimulator.exe () [File not signed]
FirewallRules: [{AFF77D57-FCCD-482C-94C2-556DCEC4F938}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cultist Simulator\cultistsimulator.exe () [File not signed]
FirewallRules: [{9E9C448B-E1BF-4B5D-BB05-13E17B3C6C14}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{03521296-B129-477C-AA1E-88D09D2917F2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A3D72F14-0129-45A6-80F6-17A34776A717}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kenshi\kenshi_x64.exe () [File not signed]
FirewallRules: [{C9A0D68D-AB83-4547-B821-8DC8E13EFF0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kenshi\kenshi_x64.exe () [File not signed]
FirewallRules: [{D92923B0-6A58-4405-808D-3530E7E009F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kenshi\forgotten construction set.exe (LoFi Games) [File not signed]
FirewallRules: [{732790E0-D2D1-4091-B64B-0DBBE41FEB55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kenshi\forgotten construction set.exe (LoFi Games) [File not signed]
FirewallRules: [{64259F30-2432-4F09-8D69-000E89BA4EC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Founders Fortune\Founders Fortune.exe () [File not signed]
FirewallRules: [{A2173B30-B427-4BD3-9663-019C452D5BCA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Founders Fortune\Founders Fortune.exe () [File not signed]
FirewallRules: [{3FE67233-F1ED-4F72-8764-7D3797097C41}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B4FAF54E-7D16-42E8-99EA-AF810ED96ABB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wayward\wayward.exe (Unlok) [File not signed]
FirewallRules: [{E6CA50D5-02AA-4CDA-B25A-8B1DA680BB5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wayward\wayward.exe (Unlok) [File not signed]
FirewallRules: [{1DDC6C08-6567-447E-8459-8C703F0054AE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{31BF8E66-B1F9-4C4E-BD48-23E0800C0EDE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3AB9654C-763E-4D67-8A8F-9F9F82770D0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe No File
FirewallRules: [{BD7C84ED-07BA-4A96-9F41-146ABE6AB48A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe No File
FirewallRules: [{C2571D72-3378-472E-994B-B341AA32F43E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe No File
FirewallRules: [{F5B1E028-4807-42DA-A793-5C066C7F3A90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe No File
FirewallRules: [{21665B92-FA55-4FB0-9FDF-7865BDF3E2DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{58D7C3B4-8E53-43AC-95CB-9852FC0C2FA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{EFC842D1-D32C-4752-A14E-7669036F74CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{DD5E13F5-7554-4C44-AFC2-20CEDAC90B9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{B92A0525-3AF8-4CAC-9983-B8CC482AAF66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{AA6784A1-158A-433D-8CF5-0D867BA64CAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{FBA37510-7C75-4456-A5E3-1235E08DC51A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C8CF39E5-55AE-4BE9-AD81-069647957ADD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{CD0F2B92-B549-4A9D-B75D-4CA9FEB53AF7}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [File not signed]
FirewallRules: [UDP Query User{48E3ED49-6E07-45BF-8581-F516F6EACE31}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [File not signed]
FirewallRules: [{8E1679EE-A758-4D83-B461-FC19F9F62DC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hero-U Rogue to Redemption\Hero-U.exe () [File not signed]
FirewallRules: [{9F909402-A1B9-4C04-A823-F0A105FBC626}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hero-U Rogue to Redemption\Hero-U.exe () [File not signed]
FirewallRules: [TCP Query User{8053B81D-D9D8-4BFC-9F44-2E1DD1DB5635}C:\program files (x86)\steam\steamapps\common\avorion\bin\avorionserver.exe] => (Block) C:\program files (x86)\steam\steamapps\common\avorion\bin\avorionserver.exe () [File not signed]
FirewallRules: [UDP Query User{CF708CFD-D91D-46A4-AAAF-612F5C19B683}C:\program files (x86)\steam\steamapps\common\avorion\bin\avorionserver.exe] => (Block) C:\program files (x86)\steam\steamapps\common\avorion\bin\avorionserver.exe () [File not signed]
FirewallRules: [{8AAE54E0-6E57-45F0-9217-B3E2607A071B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F3792AE3-0329-4630-81E2-D73EB4991EE2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{99DDF2A7-CE57-4B76-AF96-711250FFE813}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{05349130-B373-426C-84E9-A812EF46BE61}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CBA36077-F6D5-4D21-AAFC-A6BA1BE48051}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Disco Elysium\disco.exe () [File not signed]
FirewallRules: [{D5D44493-8ED2-4FAE-9850-F9A81E6BFEFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Disco Elysium\disco.exe () [File not signed]
FirewallRules: [{88DD5521-DF62-4A79-8275-724A74ADD0D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Automation Empire\AutomationEmpire.exe () [File not signed]
FirewallRules: [{AC9BE2C4-B31A-405D-8ABC-7D16179138CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Automation Empire\AutomationEmpire.exe () [File not signed]
FirewallRules: [{B8A843B9-0277-4CF1-8722-4D5D5521F293}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TPH\TPH.exe () [File not signed]
FirewallRules: [{6CD17394-96CC-4B19-87C4-6EEF33DB36D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TPH\TPH.exe () [File not signed]
FirewallRules: [{990F5A47-47CD-49BE-A667-0D9B3250CC85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Visage\Visage.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{2F7F395F-B98E-48B1-BD63-6A6E2DBB8227}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Visage\Visage.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{35B55829-2A91-446E-94D2-F5E137FB3EF2}C:\program files (x86)\steam\steamapps\common\visage\visage\binaries\win64\visage-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\visage\visage\binaries\win64\visage-win64-shipping.exe (CN=SadSquare Studio) [File not signed]
FirewallRules: [UDP Query User{7D45A4D2-123A-4573-A88B-F519915CA6E4}C:\program files (x86)\steam\steamapps\common\visage\visage\binaries\win64\visage-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\visage\visage\binaries\win64\visage-win64-shipping.exe (CN=SadSquare Studio) [File not signed]
FirewallRules: [{F08C75BA-59DC-4FED-9385-B1C2A2B00A07}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{074B5567-88A9-4BE7-9AB1-54E7C2E32769}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Avorion\bin\Avorion.exe () [File not signed]
FirewallRules: [{B044971C-2892-4C12-9661-CD9CB357B31B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Avorion\bin\Avorion.exe () [File not signed]
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
11-12-2019 01:56:16 Windows Update
17-12-2019 19:36:33 Intel® Driver & Support Assistant
==================== Faulty Device Manager Devices ============
Name: Intel(R) Wireless Bluetooth(R)
Description: Intel(R) Wireless Bluetooth(R)
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (12/30/2019 08:18:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (185936,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/30/2019 07:56:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (174232,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/29/2019 04:16:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (171616,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/28/2019 09:03:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9812
Error: (12/28/2019 09:03:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9812
Error: (12/28/2019 09:03:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/28/2019 09:03:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8250
Error: (12/28/2019 09:03:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8250
System errors:
=============
Error: (12/17/2019 12:06:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (12/17/2019 12:06:33 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
Error: (12/16/2019 02:24:37 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JTDGVR7)
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.
Error: (12/11/2019 11:14:44 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:43:22 AM on 12/11/2019 was unexpected.
Error: (12/11/2019 11:09:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (12/11/2019 11:09:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
Error: (12/11/2019 02:42:55 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Delivery Optimization service did not shut down properly after receiving a preshutdown control.
Error: (12/11/2019 02:42:34 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} did not register with DCOM within the required timeout.
CodeIntegrity:
===================================
Date: 2019-12-30 20:07:28.194
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements.
Date: 2019-12-30 20:05:14.352
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements.
Date: 2019-12-30 19:52:31.795
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements.
Date: 2019-12-30 19:37:28.202
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements.
Date: 2019-12-30 19:32:43.863
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-30 19:32:43.490
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-30 19:32:08.604
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Store signing level requirements.
Date: 2019-12-30 19:32:08.354
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeSH.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1.20 04/07/2017
Motherboard: MSI Z270-A PRO (MS-7A71)
Processor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Percentage of memory in use: 22%
Total physical RAM: 32735.85 MB
Available physical RAM: 25381.27 MB
Total Virtual: 37599.85 MB
Available Virtual: 25218.65 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.37 GB) (Free:72.39 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:2794.39 GB) (Free:2794.13 GB) NTFS
\\?\Volume{c8dd3706-3566-4fdc-ab25-2a213fcf9e84}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{04015f3a-347f-4031-83e9-5d7fc7e4f793}\ () (Fixed) (Total:0.83 GB) (Free:0.41 GB) NTFS
\\?\Volume{8e6a62d9-4499-4e0e-9465-ac658f3d7553}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6437ED14)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Here is FRST: 13210
The "Addition.txt file was 1kb too large for the attachements manager so I copied and pasted it below.
Got error from aswmbr virtualization technology question after clicking yes and computer was restarted twice, so I then clicked no.
Then got error and computer restart after clicking scan twice, Stop code: DRIVER_IRQL_NOT_LESS_OR_EQUAL aswMBR.sys, so I have no log file to post for that program.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by Alexa (30-12-2019 20:21:16)
Running from C:\Users\Alexa\Desktop
Windows 10 Home Version 1903 18362.535 (X64) (2019-07-27 23:16:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3759400987-4214920439-3437108526-500 - Administrator - Disabled)
Alexa (S-1-5-21-3759400987-4214920439-3437108526-1003 - Administrator - Enabled) => C:\Users\Alexa
Brandon (S-1-5-21-3759400987-4214920439-3437108526-1004 - Administrator - Enabled) => C:\Users\Brandon
DefaultAccount (S-1-5-21-3759400987-4214920439-3437108526-503 - Limited - Disabled)
Guest (S-1-5-21-3759400987-4214920439-3437108526-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3759400987-4214920439-3437108526-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Spybot - Search and Destroy (Enabled - Up to date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{C3A282C9-4C8B-4A63-B449-3A064FB378D7}) (Version: 8.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{CC046FB9-E84E-4092-B924-DBE33DA2BE75}) (Version: 8.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.)
Diablo II (HKLM-x32\...\Diablo II) (Version: - )
Documentation Manager (HKLM\...\{3EF18AD4-8F08-42FE-B2A4-F2DDB1DFB5D0}) (Version: 21.50.1.1 - Intel Corporation) Hidden
Intel Driver && Support Assistant (HKLM-x32\...\{3EAAD5EA-1D87-442D-8426-FD4FCE62119D}) (Version: 19.12.50.5 - Intel) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1036 - Intel Corporation)
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{AE956AB9-CD98-4F1E-8B9E-C3C66E290D64}) (Version: 3.4.2072 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000050-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.50.0.1 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{8d174f37-ea1a-4e4d-be82-c10521a3c687}) (Version: 19.12.50.5 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6aa2484c-1a35-428e-a857-8ee0a874d2d1}) (Version: 20.110.0 - Intel Corporation)
Intel® Software Guard Extensions Platform Software (HKLM\...\{2DF17C75-9627-4213-8612-17955E92F782}) (Version: 1.6.101.32869 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{e2b4037f-6ffc-4200-8b24-fdc8512f0dc9}) (Version: 21.50.1.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{9C96D8AC-EE43-4B47-877C-D11595511C8E}) (Version: 12.10.3.1 - Apple Inc.)
LibreOffice 5.4.2.2 (HKLM\...\{71F5B603-BA9F-41E1-BC94-9839DFE5A83E}) (Version: 5.4.2.2 - The Document Foundation)
Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Mozilla Firefox 71.0 (x64 en-US) (HKLM\...\Mozilla Firefox 71.0 (x64 en-US)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.1.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.1.57 - NVIDIA Corporation)
NVIDIA Graphics Driver 441.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.41 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8010 - Realtek Semiconductor Corp.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.5.3 - Tweaking.com)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22243 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.3842.0_x64__rz1tebttyb220 [2019-12-18] (Dolby Laboratories)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-15] (HP Inc.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.5.1.3_x86__h6adky7gbf63m [2019-12-18] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.105.0_x64__8wekyb3d8bbwe [2019-12-22] (Microsoft Studios)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-11-20] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2016-09-14 12:51 - 2016-09-14 12:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2016-09-14 12:51 - 2016-09-14 12:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7943 more sites.
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\123simsen.com -> www.123simsen.com
There are 7946 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 06:47 - 2019-09-10 19:47 - 000455006 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
There are 15616 more lines.
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Alexa\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 209.18.47.61 - 209.18.47.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled)
Wi-Fi: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-3759400987-4214920439-3437108526-1003\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F859A27E-5B42-43FC-8254-B74485E98E86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RESIDENT EVIL 2 BIOHAZARD RE2\re2.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{FF41A1A5-7710-4190-AA62-BA4392ABFE48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RESIDENT EVIL 2 BIOHAZARD RE2\re2.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{A9141E70-0AF7-4B28-98E9-DF012F0D761E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Frostpunk\Frostpunk.exe (Marek Ziemak -> 11 bit studios S.A.)
FirewallRules: [{DDE52180-00FF-4DCF-A584-9C3C9D3FB55A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Frostpunk\Frostpunk.exe (Marek Ziemak -> 11 bit studios S.A.)
FirewallRules: [{01E02995-A6DD-45DB-BC09-77F733EAE0DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe (GHI Media LLC -> Croteam)
FirewallRules: [{4FC02FE4-A1F1-47A0-B7B4-21080EAFBEF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe (GHI Media LLC -> Croteam)
FirewallRules: [{3388E838-C71D-4F18-A095-93C890CE0F0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe (GHI Media LLC -> Croteam)
FirewallRules: [{C523494F-F21E-462E-BC6E-6C8409BDAD11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe (GHI Media LLC -> Croteam)
FirewallRules: [{0A6123E5-01ED-4897-8B5A-C0041D3F57D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pathologic\Pathologic.exe () [File not signed]
FirewallRules: [{8DD6DFDB-827F-42A9-9B43-1EA738E7E6AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pathologic\Pathologic.exe () [File not signed]
FirewallRules: [{C74A7378-3DCF-448D-B642-C51621E69B52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grimoire_Heralds_of_the_Winged_Exemplar\Grimoire.exe () [File not signed]
FirewallRules: [{E9870213-CED6-4AB0-887F-0FF094CD2A02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grimoire_Heralds_of_the_Winged_Exemplar\Grimoire.exe () [File not signed]
FirewallRules: [{C097F00F-B588-48E9-9330-B2B2121FDC93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ObraDinn\ObraDinn.exe () [File not signed]
FirewallRules: [{80CB594D-067F-480D-BA4C-D4AB7EC00FB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ObraDinn\ObraDinn.exe () [File not signed]
FirewallRules: [{46E78626-78AD-48C3-A4A3-4B92944CBC8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe No File
FirewallRules: [{C0AEE527-2C6A-441E-9F71-D545ED7457F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe No File
FirewallRules: [{ACAFA4F6-E7CF-4C0E-9C9D-659DFC665859}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe No File
FirewallRules: [{FFEB8FA8-CA7F-4DC4-964C-EECC7A62EF5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe No File
FirewallRules: [{47986002-6662-4BAA-B5F7-A805F25B1351}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{A786B2A0-040C-4788-A316-59D2278B2EF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{95A24584-F7AB-4C47-B96F-ECEA35A7D835}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe (Toby Fox ) [File not signed]
FirewallRules: [{1F27FB1F-4CBF-458F-82B2-215C574ADAA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe (Toby Fox ) [File not signed]
FirewallRules: [UDP Query User{D81C456C-B69A-4484-AB02-A50A63D42CC0}C:\program files (x86)\steam\steamapps\common\phantomdoctrine\iwtb\binaries\win64\iwtb-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\phantomdoctrine\iwtb\binaries\win64\iwtb-win64-shipping.exe (CreativeForge Games) [File not signed]
FirewallRules: [TCP Query User{038FBC86-6F78-4DEF-992C-6B036E1A0376}C:\program files (x86)\steam\steamapps\common\phantomdoctrine\iwtb\binaries\win64\iwtb-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\phantomdoctrine\iwtb\binaries\win64\iwtb-win64-shipping.exe (CreativeForge Games) [File not signed]
FirewallRules: [{C728DA6B-5DFD-4A56-B85D-4DE76AF4BF49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PhantomDoctrine\IWTB.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{07ADB0EB-F66F-42C9-8092-3BD2A9BFE3D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PhantomDoctrine\IWTB.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{F4D42DF3-298D-4C8B-A566-B9F52FBC2530}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe () [File not signed]
FirewallRules: [{9A04BE8F-116E-4EF2-BF71-6F80685C756D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe () [File not signed]
FirewallRules: [{271F50AD-7613-4A78-9709-AFC7C836A593}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DRAGON QUEST XI\Game\Binaries\Win64\OverwriteSettings.exe () [File not signed]
FirewallRules: [{CCEDBCDE-FFB4-4A52-B68F-1ABDAB0D4D57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DRAGON QUEST XI\Game\Binaries\Win64\OverwriteSettings.exe () [File not signed]
FirewallRules: [{32BE9CB5-00CF-4D93-BBE3-5F6D52BD5A29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DRAGON QUEST XI\Game\Binaries\Win64\DRAGON QUEST XI.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{3F6A357F-9435-4502-84DE-964EA2BBE097}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DRAGON QUEST XI\Game\Binaries\Win64\DRAGON QUEST XI.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{05B9E27F-6186-4E43-BD79-9CB35CAD56F6}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{F1B26A92-14FD-40EC-8561-14E67FE1240F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe () [File not signed]
FirewallRules: [{93035125-2B34-4F3B-8763-AC1CFB4E192A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe () [File not signed]
FirewallRules: [{F1BB5D98-3838-4636-828B-4CD92D60C560}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
FirewallRules: [{56B7DE1B-0D1F-4690-B3A7-5386A5FE1BC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
FirewallRules: [{B80DD964-B9D4-4D3F-A274-1B4566840388}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\INSIDE\INSIDE.exe () [File not signed]
FirewallRules: [{FA18EEEF-9351-4A6C-B5F1-3FD5124745F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\INSIDE\INSIDE.exe () [File not signed]
FirewallRules: [{827015EA-7DD6-49C0-A294-D29BB77DC87A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HELLGATE_London\Hellgate.exe (Hanbitsoft, inc.) [File not signed]
FirewallRules: [{B989D61D-EB73-4BFD-A281-34D9472B884B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HELLGATE_London\Hellgate.exe (Hanbitsoft, inc.) [File not signed]
FirewallRules: [{064BED59-F339-4D84-9426-33D54F134959}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crest\Crest.exe No File
FirewallRules: [{315EE0EF-AE07-4702-8ECF-85FA4BED2745}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crest\Crest.exe No File
FirewallRules: [{56F5E796-E82D-4C15-814F-E2FBFB66D833}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Balrum\Balrum.exe () [File not signed]
FirewallRules: [{10950EF1-8DDB-4C47-82A0-7C936CF0BF99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Balrum\Balrum.exe () [File not signed]
FirewallRules: [{6990B182-93B0-4745-803F-73DBCC8D4EA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\One Hour One Life\steamGateClient.exe () [File not signed]
FirewallRules: [{DFBF751A-9A96-4D0E-9ACB-E1795E68B5FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\One Hour One Life\steamGateClient.exe () [File not signed]
FirewallRules: [{361CDD12-1BAE-42A3-8E0D-A7A71E212BEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy 6\FF6_Launcher.exe () [File not signed]
FirewallRules: [{01900879-4934-43B0-B36B-FDCA9685C412}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy 6\FF6_Launcher.exe () [File not signed]
FirewallRules: [{CE0606F3-0918-429D-8952-29119D0AE3F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy 6\FF6.exe () [File not signed]
FirewallRules: [{B6AB938B-49D9-46C1-9EEC-1B1401287B8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy 6\FF6.exe () [File not signed]
FirewallRules: [{8E2A35E0-D0A9-4AD8-8CA5-4A81DF3A1547}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\One Way Heroics\Game.exe (SilverSecond) [File not signed]
FirewallRules: [{6FBF6DA6-1A4F-471E-803C-98C107428EF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\One Way Heroics\Game.exe (SilverSecond) [File not signed]
FirewallRules: [{7F4B49FF-BE18-476F-97F8-C6F5DB4D0CF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheCatLady\TheCatLady.exe ( ) [File not signed]
FirewallRules: [{9BF17E51-DDAC-46B4-BFA4-9672B260D739}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheCatLady\TheCatLady.exe ( ) [File not signed]
FirewallRules: [UDP Query User{CD0C1701-EA95-4851-9121-DD901725020E}C:\users\alexa\desktop\downloader_diablo2_enus.exe] => (Allow) C:\users\alexa\desktop\downloader_diablo2_enus.exe No File
FirewallRules: [TCP Query User{B24442E6-05C9-4FD5-B23B-0450AF847AA8}C:\users\alexa\desktop\downloader_diablo2_enus.exe] => (Allow) C:\users\alexa\desktop\downloader_diablo2_enus.exe No File
FirewallRules: [UDP Query User{B09E8273-263C-4FE4-AF5A-AE519D3627DC}C:\users\alexa\desktop\msiproductreghelper.exe] => (Allow) C:\users\alexa\desktop\msiproductreghelper.exe No File
FirewallRules: [TCP Query User{048CF24A-CBF5-432C-854E-B4C186F9AD57}C:\users\alexa\desktop\msiproductreghelper.exe] => (Allow) C:\users\alexa\desktop\msiproductreghelper.exe No File
FirewallRules: [{C4B573F1-8002-44F4-A4C2-02E73F47A7A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [{64178229-6A07-4498-A77B-223A428A3918}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [{B51DFDAF-E31A-449B-9DED-A6870BCBD816}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OneShot\steamshim.exe () [File not signed]
FirewallRules: [{CE43EBF5-C42C-4145-BEF4-BCD3A958B377}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OneShot\steamshim.exe () [File not signed]
FirewallRules: [{8D981B4F-A1EC-4EF4-8005-CDDCAD7DF33F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Echo of the Wilds\Echo of the Wilds.exe ( ) [File not signed]
FirewallRules: [{E3AE976D-0BC6-42AF-A8F9-F63A1D1A707C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Echo of the Wilds\Echo of the Wilds.exe ( ) [File not signed]
FirewallRules: [{A6A23493-5F76-49DC-9596-F9E7FA567B99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect64.exe () [File not signed]
FirewallRules: [{1C12618B-2826-499A-9AC4-95409C5C71F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect64.exe () [File not signed]
FirewallRules: [{0B218D72-20AF-47FC-88C6-907444C8D728}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{9272163B-B608-44AF-A5F6-414609A404C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{5F943F94-8139-4A65-8917-C1C3D7975B26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin64.exe () [File not signed]
FirewallRules: [{0D304D49-D526-495B-94FB-8E1D7ECE6578}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin64.exe () [File not signed]
FirewallRules: [{FDB35216-4BA6-4B39-9FA3-1664D539D7C4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{12CE2698-34D3-494F-9281-A5A27C25E4CB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2BFC3141-04B3-466F-B492-4C8CBB4DE244}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cultist Simulator\cultistsimulator.exe () [File not signed]
FirewallRules: [{AFF77D57-FCCD-482C-94C2-556DCEC4F938}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cultist Simulator\cultistsimulator.exe () [File not signed]
FirewallRules: [{9E9C448B-E1BF-4B5D-BB05-13E17B3C6C14}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{03521296-B129-477C-AA1E-88D09D2917F2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A3D72F14-0129-45A6-80F6-17A34776A717}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kenshi\kenshi_x64.exe () [File not signed]
FirewallRules: [{C9A0D68D-AB83-4547-B821-8DC8E13EFF0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kenshi\kenshi_x64.exe () [File not signed]
FirewallRules: [{D92923B0-6A58-4405-808D-3530E7E009F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kenshi\forgotten construction set.exe (LoFi Games) [File not signed]
FirewallRules: [{732790E0-D2D1-4091-B64B-0DBBE41FEB55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kenshi\forgotten construction set.exe (LoFi Games) [File not signed]
FirewallRules: [{64259F30-2432-4F09-8D69-000E89BA4EC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Founders Fortune\Founders Fortune.exe () [File not signed]
FirewallRules: [{A2173B30-B427-4BD3-9663-019C452D5BCA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Founders Fortune\Founders Fortune.exe () [File not signed]
FirewallRules: [{3FE67233-F1ED-4F72-8764-7D3797097C41}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B4FAF54E-7D16-42E8-99EA-AF810ED96ABB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wayward\wayward.exe (Unlok) [File not signed]
FirewallRules: [{E6CA50D5-02AA-4CDA-B25A-8B1DA680BB5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wayward\wayward.exe (Unlok) [File not signed]
FirewallRules: [{1DDC6C08-6567-447E-8459-8C703F0054AE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{31BF8E66-B1F9-4C4E-BD48-23E0800C0EDE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3AB9654C-763E-4D67-8A8F-9F9F82770D0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe No File
FirewallRules: [{BD7C84ED-07BA-4A96-9F41-146ABE6AB48A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe No File
FirewallRules: [{C2571D72-3378-472E-994B-B341AA32F43E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe No File
FirewallRules: [{F5B1E028-4807-42DA-A793-5C066C7F3A90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe No File
FirewallRules: [{21665B92-FA55-4FB0-9FDF-7865BDF3E2DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{58D7C3B4-8E53-43AC-95CB-9852FC0C2FA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{EFC842D1-D32C-4752-A14E-7669036F74CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{DD5E13F5-7554-4C44-AFC2-20CEDAC90B9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{B92A0525-3AF8-4CAC-9983-B8CC482AAF66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{AA6784A1-158A-433D-8CF5-0D867BA64CAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{FBA37510-7C75-4456-A5E3-1235E08DC51A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C8CF39E5-55AE-4BE9-AD81-069647957ADD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{CD0F2B92-B549-4A9D-B75D-4CA9FEB53AF7}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [File not signed]
FirewallRules: [UDP Query User{48E3ED49-6E07-45BF-8581-F516F6EACE31}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [File not signed]
FirewallRules: [{8E1679EE-A758-4D83-B461-FC19F9F62DC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hero-U Rogue to Redemption\Hero-U.exe () [File not signed]
FirewallRules: [{9F909402-A1B9-4C04-A823-F0A105FBC626}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hero-U Rogue to Redemption\Hero-U.exe () [File not signed]
FirewallRules: [TCP Query User{8053B81D-D9D8-4BFC-9F44-2E1DD1DB5635}C:\program files (x86)\steam\steamapps\common\avorion\bin\avorionserver.exe] => (Block) C:\program files (x86)\steam\steamapps\common\avorion\bin\avorionserver.exe () [File not signed]
FirewallRules: [UDP Query User{CF708CFD-D91D-46A4-AAAF-612F5C19B683}C:\program files (x86)\steam\steamapps\common\avorion\bin\avorionserver.exe] => (Block) C:\program files (x86)\steam\steamapps\common\avorion\bin\avorionserver.exe () [File not signed]
FirewallRules: [{8AAE54E0-6E57-45F0-9217-B3E2607A071B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F3792AE3-0329-4630-81E2-D73EB4991EE2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{99DDF2A7-CE57-4B76-AF96-711250FFE813}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{05349130-B373-426C-84E9-A812EF46BE61}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CBA36077-F6D5-4D21-AAFC-A6BA1BE48051}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Disco Elysium\disco.exe () [File not signed]
FirewallRules: [{D5D44493-8ED2-4FAE-9850-F9A81E6BFEFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Disco Elysium\disco.exe () [File not signed]
FirewallRules: [{88DD5521-DF62-4A79-8275-724A74ADD0D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Automation Empire\AutomationEmpire.exe () [File not signed]
FirewallRules: [{AC9BE2C4-B31A-405D-8ABC-7D16179138CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Automation Empire\AutomationEmpire.exe () [File not signed]
FirewallRules: [{B8A843B9-0277-4CF1-8722-4D5D5521F293}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TPH\TPH.exe () [File not signed]
FirewallRules: [{6CD17394-96CC-4B19-87C4-6EEF33DB36D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TPH\TPH.exe () [File not signed]
FirewallRules: [{990F5A47-47CD-49BE-A667-0D9B3250CC85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Visage\Visage.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{2F7F395F-B98E-48B1-BD63-6A6E2DBB8227}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Visage\Visage.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{35B55829-2A91-446E-94D2-F5E137FB3EF2}C:\program files (x86)\steam\steamapps\common\visage\visage\binaries\win64\visage-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\visage\visage\binaries\win64\visage-win64-shipping.exe (CN=SadSquare Studio) [File not signed]
FirewallRules: [UDP Query User{7D45A4D2-123A-4573-A88B-F519915CA6E4}C:\program files (x86)\steam\steamapps\common\visage\visage\binaries\win64\visage-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\visage\visage\binaries\win64\visage-win64-shipping.exe (CN=SadSquare Studio) [File not signed]
FirewallRules: [{F08C75BA-59DC-4FED-9385-B1C2A2B00A07}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{074B5567-88A9-4BE7-9AB1-54E7C2E32769}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Avorion\bin\Avorion.exe () [File not signed]
FirewallRules: [{B044971C-2892-4C12-9661-CD9CB357B31B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Avorion\bin\Avorion.exe () [File not signed]
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
11-12-2019 01:56:16 Windows Update
17-12-2019 19:36:33 Intel® Driver & Support Assistant
==================== Faulty Device Manager Devices ============
Name: Intel(R) Wireless Bluetooth(R)
Description: Intel(R) Wireless Bluetooth(R)
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (12/30/2019 08:18:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (185936,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/30/2019 07:56:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (174232,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/29/2019 04:16:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (171616,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/28/2019 09:03:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9812
Error: (12/28/2019 09:03:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9812
Error: (12/28/2019 09:03:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/28/2019 09:03:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8250
Error: (12/28/2019 09:03:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8250
System errors:
=============
Error: (12/17/2019 12:06:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (12/17/2019 12:06:33 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
Error: (12/16/2019 02:24:37 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JTDGVR7)
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.
Error: (12/11/2019 11:14:44 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:43:22 AM on 12/11/2019 was unexpected.
Error: (12/11/2019 11:09:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (12/11/2019 11:09:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
Error: (12/11/2019 02:42:55 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Delivery Optimization service did not shut down properly after receiving a preshutdown control.
Error: (12/11/2019 02:42:34 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} did not register with DCOM within the required timeout.
CodeIntegrity:
===================================
Date: 2019-12-30 20:07:28.194
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements.
Date: 2019-12-30 20:05:14.352
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements.
Date: 2019-12-30 19:52:31.795
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements.
Date: 2019-12-30 19:37:28.202
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements.
Date: 2019-12-30 19:32:43.863
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-30 19:32:43.490
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-30 19:32:08.604
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Store signing level requirements.
Date: 2019-12-30 19:32:08.354
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeSH.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1.20 04/07/2017
Motherboard: MSI Z270-A PRO (MS-7A71)
Processor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Percentage of memory in use: 22%
Total physical RAM: 32735.85 MB
Available physical RAM: 25381.27 MB
Total Virtual: 37599.85 MB
Available Virtual: 25218.65 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.37 GB) (Free:72.39 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:2794.39 GB) (Free:2794.13 GB) NTFS
\\?\Volume{c8dd3706-3566-4fdc-ab25-2a213fcf9e84}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{04015f3a-347f-4031-83e9-5d7fc7e4f793}\ () (Fixed) (Total:0.83 GB) (Free:0.41 GB) NTFS
\\?\Volume{8e6a62d9-4499-4e0e-9465-ac658f3d7553}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6437ED14)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================