Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-08-2023 Ran by 3770 (08-08-2023 12:51:41) Running from C:\Users\3770\Downloads Microsoft Windows 10 Pro Version 22H2 19045.2364 (X64) (2022-12-25 04:36:00) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) 3770 (S-1-5-21-3950870073-693449730-955634714-1002 - Administrator - Enabled) => C:\Users\3770 DefaultAccount (S-1-5-21-3950870073-693449730-955634714-503 - Limited - Disabled) John (S-1-5-21-3950870073-693449730-955634714-1004 - Administrator - Enabled) Net (S-1-5-21-3950870073-693449730-955634714-1003 - Limited - Enabled) WDAGUtilityAccount (S-1-5-21-3950870073-693449730-955634714-504 - Limited - Disabled) Администратор (S-1-5-21-3950870073-693449730-955634714-500 - Administrator - Disabled) Гость (S-1-5-21-3950870073-693449730-955634714-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 23.00 (x64) (HKLM\...\7-Zip) (Version: 23.00 - Igor Pavlov) ADB AppControl version 1.8.0.2 (HKLM-x32\...\{64A8B963-4FB2-49B5-B2B1-35A333497319}_is1) (Version: 1.8.0.2 - Cyber.Cat) Adobe Photoshop CC 2015.5 (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF02}) (Version: 17.0 - Adobe Systems Incorporated) Adobe Premiere Pro CC 2015.4 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A2}) (Version: 10.3.0 - Adobe Systems Incorporated) AIDA64 Extreme Edition v6.88.6400 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 6.88.6400.0 - ivandubskoj) Aml_Burn_Tool (HKLM-x32\...\{0F91E44C-2FAD-4298-8051-40E52C7E1342}_is1) (Version: 1.1.0 - Amlogic, Inc.) Attribute Changer 11.20 (HKLM\...\{27263813-8BDE-4CD2-84D3-02536743428A}_is1) (Version: 11.0 - Romain Petges) balenaEtcher 1.18.8 (HKU\S-1-5-21-3950870073-693449730-955634714-1002\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.18.8 - Balena Ltd.) Bandicam 6.1.0 (HKLM-x32\...\Bandicam_is1) (Version: 6.1.0.2044 - Bandicam Company) Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com) CPUID CPU-Z 2.05 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.05 - CPUID, Inc.) CrystalDiskInfo 8.17.14 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.14 - Crystal Dew World) CrystalDiskMark 8.0.4c (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4c - Crystal Dew World) eMule (HKLM-x32\...\eMule) (Version: - ) Eraser 6.2.0.2993 (HKLM\...\{82602EDA-27BE-4358-AB3A-BD09EA51A1E6}) (Version: 6.2.2993 - The Eraser Project) Everything 1.4.1.1023 (x64) (HKLM\...\Everything) (Version: 1.4.1.1023 - voidtools) f.lux (HKU\S-1-5-21-3950870073-693449730-955634714-1002\...\Flux) (Version: 4.124 - f.lux Software LLC) foobar2000 v2.0 (x64) (HKLM\...\foobar2000) (Version: 2.0 - Peter Pawlowski) Free Download Manager (HKLM\...\{0C1D4CF2-5575-4786-834C-B0FC977E9714}}_is1) (Version: 6.19.0.5156 - Softdeluxe) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 115.0.5790.171 - Google LLC) HashTab 6.0.0.34 (HKLM\...\HashTab) (Version: 6.0.0.34 - Implbits Software) HD Tune Pro 5.70 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software) HWiNFO64 Version 7.46 (HKLM\...\HWiNFO64_is1) (Version: 7.46 - Martin Malik, REALiX s.r.o.) Intel(R) Chipset Device Software (HKLM\...\{B685D0AD-42A8-4A39-9BFE-8C063FA9AF29}) (Version: 10.1.1.8 - Intel Corporation) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden Intel(R) Graphics Driver Software (HKLM-x32\...\{e7e9dac9-c330-48d8-9e17-d21a19dc942c}) (Version: 3.11.1.0 - Intel) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{60DC6F22-D268-44F0-8720-200033508384}) (Version: 11.0.0.1158 - Intel Corporation) Hidden Intel(R) ME UninstallLegacy (HKLM\...\{DF17C0DB-76D8-4A45-B26E-674F8455B803}) (Version: 1.0.1.0 - Intel Corporation) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.5161 - Intel Corporation) IrfanView 4.62 (64-bit) (HKLM\...\IrfanView64) (Version: 4.62 - Irfan Skiljan) K-Lite Mega Codec Pack 17.6.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 17.6.0 - KLCP) Malwarebytes version 4.5.33.272 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.33.272 - Malwarebytes) Microsoft .NET Host - 6.0.18 (x64) (HKLM\...\{1A7F6299-C501-49CA-B91D-5E83ED7FB8CA}) (Version: 48.75.61559 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.18 (x64) (HKLM\...\{CB1B935F-234E-452D-91DA-4CBA519E9581}) (Version: 48.75.61559 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.18 (x64) (HKLM\...\{8BBCB5E9-5775-4465-AABC-3E276EBBD496}) (Version: 48.75.61559 - Microsoft Corporation) Hidden Microsoft Office LTSC профессиональный плюс 2021 - ru-ru (HKLM\...\ProPlus2021Volume - ru-ru) (Version: 16.0.14332.20503 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 (HKLM-x32\...\{d92971ab-f030-43c8-8545-c66c818d0e05}) (Version: 14.34.31938.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31938 (HKLM-x32\...\{4f84f2dc-3f70-433a-8f50-8293e0089b0f}) (Version: 14.34.31938.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 (HKLM\...\{7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22}) (Version: 14.34.31938 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 (HKLM\...\{0AE39060-F209-4D05-ABC7-54B8F9CFA32E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31938 (HKLM-x32\...\{080D8397-60F4-44B3-BB95-FBB950CB0B4E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31938 (HKLM-x32\...\{8DE5B0D4-A6D8-4F72-B8EF-28776A2EE5D5}) (Version: 14.34.31938 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.18 (x64) (HKLM\...\{81D7013F-AB4C-4DEF-8549-2AC6A3D612BB}) (Version: 48.75.61602 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.18 (x64) (HKLM-x32\...\{70624c55-d0e1-40a6-913e-96560feea689}) (Version: 6.0.18.32522 - Microsoft Corporation) MiniTool Partition Wizard (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: 12 - MiniTool Software Limited) Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 116.0.1 (x64 en-US)) (Version: 116.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 115.0.2 - Mozilla) NCALayer v1.3 (HKU\S-1-5-21-3950870073-693449730-955634714-1002\...\{2E9A81FF-B19F-4F64-95B0-E688E09F7D7C}_is1) (Version: - Национальный удостоверяющий центр РК) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.5.4 - Notepad++ Team) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20503 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20503 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0419-1000-0000000FF1CE}) (Version: 16.0.14332.20461 - Microsoft Corporation) Hidden Old Classic Calculator for Windows 11 and Windows 10 (HKLM\...\Old Classic Calculator for Windows 11 and Windows 10_is1) (Version: 2.0 - Winaero) Outline Manager 1.14.0 (HKU\S-1-5-21-3950870073-693449730-955634714-1002\...\56e97506-d9a0-5629-9df9-c4aea0d924a4) (Version: 1.14.0 - The Outline authors) Paragon Hard Disk Manager™ 15 Premium (HKLM\...\{91E249B4-8DE1-4ECC-B50F-EA0195FA604D}) (Version: 10.1.25.1137 - Paragon Software) Hidden Paragon Hard Disk Manager™ 15 Premium (HKLM-x32\...\{58202466-3f2e-46c0-8827-e8dce2c9c747}) (Version: 10.1.25.1137 - Paragon Software) Paragon UIM (HKLM\...\{56EECD69-F428-41C4-ADF6-6CDEE14DDF3F}) (Version: 20.0.0.4 - Paragon Software) Hidden Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation) PNGGauntlet (HKLM-x32\...\{B2D251E2-A78B-42C2-9D94-695A8CCC17E9}) (Version: 3.1.1 - Ben Hollis) Python 3.11.3 (64-bit) (HKU\S-1-5-21-3950870073-693449730-955634714-1002\...\{c6a7d2cb-61ea-4f5e-bc56-95faa938bacf}) (Version: 3.11.3150.0 - Python Software Foundation) Python 3.11.3 Add to Path (64-bit) (HKLM\...\{9EB782CC-B2A5-4B67-BFEC-C91F5B755CAF}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden Python 3.11.3 Core Interpreter (64-bit) (HKLM\...\{611F1238-29A9-495F-B1F4-CFFCC98D9421}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden Python 3.11.3 Development Libraries (64-bit) (HKLM\...\{D307D056-AF62-4F53-810E-052AAAF0EFB2}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden Python 3.11.3 Documentation (64-bit) (HKLM\...\{25DC2A6F-FDC2-40D0-AA9D-3BF392BDF500}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden Python 3.11.3 Executables (64-bit) (HKLM\...\{A2BCB6C1-272D-437F-A5BC-92431FC521B4}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden Python 3.11.3 pip Bootstrap (64-bit) (HKLM\...\{55BEEF7A-9288-497D-B5CE-960D2F3C70A3}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden Python 3.11.3 Standard Library (64-bit) (HKLM\...\{0D289858-69D1-4CB6-946E-659F028DDC27}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden Python 3.11.3 Tcl/Tk Support (64-bit) (HKLM\...\{C321A7FC-E479-4E2A-AA09-2698EFEA4CA3}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden Python 3.11.3 Test Suite (64-bit) (HKLM\...\{BA9ABB78-751C-4488-80A9-60E44290C060}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden Python 3.11.3 Utility Scripts (64-bit) (HKLM\...\{5BF6CA5B-E057-413A-B87A-CCD47600E465}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{C41DB702-D72D-40F4-A2B3-5BAC2DCA2DF2}) (Version: 3.11.3150.0 - Python Software Foundation) qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.5.4 - The qBittorrent project) Qcma (HKLM\...\Qcma) (Version: 0.4.1 - codestation) Qualcomm USB Drivers For Windows (HKLM-x32\...\{D9FB7F91-9687-4B09-894D-072903CADEA4}) (Version: 1.00.25 - QUALCOMM Incorporated) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.) ReNamer (HKLM-x32\...\ReNamer_is1) (Version: 6.9.0.0 - den4b Team) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.59.0 - Samsung Electronics Co., Ltd.) SequoiaView (HKLM-x32\...\SequoiaView) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries GG 43.0.0 (HKLM\...\SteelSeries GG) (Version: 43.0.0 - SteelSeries ApS) TinyPNG & TinyJPG version 2.5 (HKLM-x32\...\{A2D19372-60AB-4E78-8166-6FDA52D82B0B}_is1) (Version: 2.5 - TinyPNG) VNC Server 7.1.0 (HKLM\...\{CA74EBB7-4CAE-466B-9B5B-4E4D1DFC6662}) (Version: 7.1.0.49525 - RealVNC) VNC Viewer 7.1.0 (HKLM\...\{9466F787-6D59-4ED8-A376-1D14082A337C}) (Version: 7.1.0.49525 - RealVNC) WinDjView 2.1 (HKLM\...\WinDjView) (Version: 2.1 - Andrew Zhezherun) Windows Driver Package - leshcatlabs.net (WinUSB) AndroidUsbDeviceClass (08/15/2015 10.0.0000.00000) (HKLM\...\29DB112BE42AB1EEB869F9BA96B00FE298B7B27D) (Version: 08/15/2015 10.0.0000.00000 - leshcatlabs.net) Windows Driver Package - libwdi (WinUSB) USBDevice (04/03/2019 6.1.7600.16385) (HKLM\...\513EF6948500F4B0FEC81BD25E607A6B5354CE8D) (Version: 04/03/2019 6.1.7600.16385 - libwdi) Windows Driver Package - Microsoft PS Vita Type B (02/22/2013 6.1.7600.16385) (HKLM\...\A0EC80B5719D4DA4CF40C9219D7CB9CCAD6DBA40) (Version: 02/22/2013 6.1.7600.16385 - Microsoft) WinMerge 2.16.30.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.16.30.0 - Thingamahoochie Software) WinRAR 6.11 (64-разрядная) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH) Отмена установки принтера EPSON L805 Series (HKLM\...\EPSON L805 Series) (Version: - Seiko Epson Corporation) Packages: ========= AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-07-21] (Microsoft Corporation) Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-05-17] (Microsoft Studios) [MS Ad] ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3950870073-693449730-955634714-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-05-07] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2023-02-27] (Takashi Sawanaka -> hxxps://winmerge.org) ContextMenuHandlers2: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2023-02-27] (Takashi Sawanaka -> hxxps://winmerge.org) ContextMenuHandlers3: [ACShell] -> {D3F9A525-8824-497A-BE36-B23E22F141FC} => C:\Program Files\Attribute Changer\acshell.dll [2023-06-02] (Romain Petges) [File not signed] ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll -> No File ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-05-07] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2023-02-27] (Takashi Sawanaka -> hxxps://winmerge.org) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2020-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2023-02-27] (Takashi Sawanaka -> hxxps://winmerge.org) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-05-07] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll -> No File ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed] HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed] HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [310784 2019-12-28] () [File not signed] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed] HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed] HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed] HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284160 2019-12-28] () [File not signed] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed] HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> ) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\3770\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Приложения Chrome\Vysor.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm ==================== Loaded Modules (Whitelisted) ============= 2023-05-15 20:28 - 2023-05-07 22:00 - 000100352 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll 2022-09-08 09:09 - 2023-05-18 10:12 - 000540672 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\InputSwitch.dll 2023-07-15 11:51 - 2023-06-02 11:25 - 000541184 _____ (Romain Petges) [File not signed] C:\Program Files\Attribute Changer\acshell.dll 2023-05-15 21:51 - 2023-03-13 16:30 - 000032768 _____ (Softdeluxe) [File not signed] C:\Program Files\Free Download Manager\logger.dll 2023-05-15 21:51 - 2023-03-13 16:39 - 005979824 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files\Free Download Manager\Qt5Core.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== SearchScopes: HKU\S-1-5-21-3950870073-693449730-955634714-1002 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627 SearchScopes: HKU\S-1-5-21-3950870073-693449730-955634714-1002 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627 BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-12-25] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-25] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-25] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-25] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-25] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-25] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-25] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-25] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-25] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2019-12-07 15:14 - 2023-08-08 16:59 - 000000876 ___SH C:\Windows\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3950870073-693449730-955634714-1002\Control Panel\Desktop\\Wallpaper -> E:\Wallpapers\004559650.jpg DNS Servers: 8.8.4.4 - 192.168.100.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\Run: => "SteelSeriesGG" HKU\S-1-5-21-3950870073-693449730-955634714-1002\...\StartupApproved\Run: => "Steam" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{1D328C7B-22CF-4650-9194-A79007D3666F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F7CDBAAD-4F4A-4A50-B83D-05A1F2E03670}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe (RealVNC Ltd -> RealVNC) FirewallRules: [{43695477-70AF-4639-9811-BF597179C003}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe (RealVNC Ltd -> RealVNC) FirewallRules: [{1BEF4C90-2BF9-4908-841F-FA01AC2DABC3}] => (Allow) C:\Program Files\Free Download Manager\fdm.exe (Softdeluxe) [File not signed] FirewallRules: [{3D49F15E-76AF-4871-A6AD-45F2D3AA2874}] => (Allow) C:\Program Files\Free Download Manager\fdm.exe (Softdeluxe) [File not signed] FirewallRules: [{0591A104-F996-465F-8EB0-95D0666A89EC}] => (Allow) C:\Program Files\Free Download Manager\fdm.exe (Softdeluxe) [File not signed] FirewallRules: [{C29455B0-7FA2-4460-BE11-28DD2C33AA84}] => (Allow) C:\Program Files\Free Download Manager\fdm.exe (Softdeluxe) [File not signed] FirewallRules: [{B3E66357-FE4E-430C-88D3-1FD9E33FD4A0}] => (Allow) C:\Program Files\Free Download Manager\fdm.exe (Softdeluxe) [File not signed] FirewallRules: [{E3ADDA40-7B36-47BE-85A8-A6AFE634CFD8}] => (Allow) C:\Program Files\Free Download Manager\fdm.exe (Softdeluxe) [File not signed] FirewallRules: [TCP Query User{F1379F38-E60D-4567-BBA2-CB62BF5274C1}C:\miflash_unlock_en_7.6.602.42\milogintool\milogintool.exe] => (Allow) C:\miflash_unlock_en_7.6.602.42\milogintool\milogintool.exe => No File FirewallRules: [UDP Query User{8330D034-B193-4CDF-86D1-A28B04E79358}C:\miflash_unlock_en_7.6.602.42\milogintool\milogintool.exe] => (Allow) C:\miflash_unlock_en_7.6.602.42\milogintool\milogintool.exe => No File FirewallRules: [{696C4BA0-B7A1-4FED-BADB-317284B63E9C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed] FirewallRules: [{79A8B115-6321-47F5-B470-CD4FDD9794BC}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed] FirewallRules: [TCP Query User{28C78852-086B-426C-8CA3-6D0A68C1A71A}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [File not signed] FirewallRules: [UDP Query User{BCCF47BD-2784-43EE-A0D4-932A31278CA9}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [File not signed] FirewallRules: [{976DFEEA-F627-47D9-92FA-24B4D726767D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{8A7885DA-0901-4233-BF1A-40CB68AA199A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{B0255C54-895A-4B8D-BB3A-E1DE93796C38}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{45C84756-B69E-4FE7-8C9D-14F504FCFB8C}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{9D297E1F-0F99-4DAC-8A0F-CBA745D412B5}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{82E3011E-E7A4-476E-A34D-44F8318E310F}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [TCP Query User{109A76F6-CEAB-42A3-897A-75389753A790}C:\program files\qcma\qcma.exe] => (Allow) C:\program files\qcma\qcma.exe () [File not signed] FirewallRules: [UDP Query User{90EC41D6-DD18-4D24-BCD6-6D8CCAA34ECA}C:\program files\qcma\qcma.exe] => (Allow) C:\program files\qcma\qcma.exe () [File not signed] FirewallRules: [{C344DE78-09B1-47CF-88E8-4BFF9ED19686}] => (Allow) C:\ProgramData\WindowsTask\AppModule.exe => No File FirewallRules: [{0BBC9AF9-4D55-45CA-B907-5A71774FD235}] => (Allow) C:\ProgramData\WindowsTask\AMD.exe => No File FirewallRules: [{B24061F2-086D-4DCA-B597-BFCC91B4D491}] => (Block) LPort=445 FirewallRules: [{2E054DA8-809E-47A3-BCFB-42E15AAF1D63}] => (Block) LPort=445 FirewallRules: [{360B79B3-8AD2-4A49-B67D-E869D5262669}] => (Block) LPort=139 FirewallRules: [{14DE3E22-C13C-45FD-92CF-C9530075B8C9}] => (Block) LPort=139 FirewallRules: [{7B45DED1-74A8-401B-82CE-50EC73B73B7B}] => (Allow) C:\ProgramData\Windows Tasks Service\winserv.exe => No File FirewallRules: [{F01F1A42-7541-4E53-A947-9C17EF68ADDF}] => (Allow) LPort=3389 FirewallRules: [{99E7B3DA-D44A-4467-8704-737EE0B3294D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= ATTENTION: System Restore is disabled (Total:84.74 GB) (Free:34.95 GB) (41%) ==================== Faulty Device Manager Devices ============ Name: TP-Link Gigabit PCI Express Adapter Description: TP-Link Gigabit PCI Express Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Realtek Service: rt640x64 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ======================== Application errors: ================== Error: (08/08/2023 12:52:29 PM) (Source: VSS) (EventID: 12292) (User: ) Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070424, Указанная служба не установлена. ]. Операция: Получение интерфейса с возможностью вызова для данного поставщика Перечисление интерфейсов всех поставщиков, поддерживающих данный контекст Запрос теневых копий Контекст: Код поставщика: {b5946137-7b9f-4925-af80-51abd60b20d5} Код класса: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Контекст моментального снимка: 13 Контекст моментального снимка: 13 Контекст выполнения: Coordinator Error: (08/08/2023 12:52:29 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070424, Указанная служба не установлена. ] Операция: Получение интерфейса с возможностью вызова для данного поставщика Перечисление интерфейсов всех поставщиков, поддерживающих данный контекст Запрос теневых копий Контекст: Код поставщика: {b5946137-7b9f-4925-af80-51abd60b20d5} Код класса: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Контекст моментального снимка: 13 Контекст моментального снимка: 13 Контекст выполнения: Coordinator Error: (08/08/2023 12:51:12 PM) (Source: VSS) (EventID: 12292) (User: ) Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070424, Указанная служба не установлена. ]. Операция: Получение интерфейса с возможностью вызова для данного поставщика Перечисление интерфейсов всех поставщиков, поддерживающих данный контекст Запрос теневых копий Контекст: Код поставщика: {b5946137-7b9f-4925-af80-51abd60b20d5} Код класса: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Контекст моментального снимка: -1 Контекст моментального снимка: -1 Контекст выполнения: Coordinator Error: (08/08/2023 12:51:12 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070424, Указанная служба не установлена. ] Операция: Получение интерфейса с возможностью вызова для данного поставщика Перечисление интерфейсов всех поставщиков, поддерживающих данный контекст Запрос теневых копий Контекст: Код поставщика: {b5946137-7b9f-4925-af80-51abd60b20d5} Код класса: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Контекст моментального снимка: -1 Контекст моментального снимка: -1 Контекст выполнения: Coordinator Error: (08/08/2023 12:51:12 PM) (Source: VSS) (EventID: 12292) (User: ) Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070424, Указанная служба не установлена. ]. Операция: Получение интерфейса с возможностью вызова для данного поставщика Перечисление интерфейсов всех поставщиков, поддерживающих данный контекст Проверьте, поддерживается ли том поставщиком Добавление тома в набор теневых копий Контекст: Код поставщика: {b5946137-7b9f-4925-af80-51abd60b20d5} Код класса: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Контекст моментального снимка: 29 Контекст моментального снимка: 29 Контекст выполнения: Coordinator Код поставщика: {00000000-0000-0000-0000-000000000000} Имя тома: \\?\Volume{f063237d-0000-0000-0000-300300000000}\ Контекст выполнения: Coordinator Error: (08/08/2023 12:51:12 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070424, Указанная служба не установлена. ] Операция: Получение интерфейса с возможностью вызова для данного поставщика Перечисление интерфейсов всех поставщиков, поддерживающих данный контекст Проверьте, поддерживается ли том поставщиком Добавление тома в набор теневых копий Контекст: Код поставщика: {b5946137-7b9f-4925-af80-51abd60b20d5} Код класса: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Контекст моментального снимка: 29 Контекст моментального снимка: 29 Контекст выполнения: Coordinator Код поставщика: {00000000-0000-0000-0000-000000000000} Имя тома: \\?\Volume{f063237d-0000-0000-0000-300300000000}\ Контекст выполнения: Coordinator Error: (08/08/2023 12:51:12 PM) (Source: VSS) (EventID: 12292) (User: ) Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070424, Указанная служба не установлена. ]. Операция: Получение интерфейса с возможностью вызова для данного поставщика Перечисление интерфейсов всех поставщиков, поддерживающих данный контекст Запрос теневых копий Контекст: Код поставщика: {b5946137-7b9f-4925-af80-51abd60b20d5} Код класса: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Контекст моментального снимка: -1 Контекст моментального снимка: -1 Контекст выполнения: Coordinator Error: (08/08/2023 12:51:12 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070424, Указанная служба не установлена. ] Операция: Получение интерфейса с возможностью вызова для данного поставщика Перечисление интерфейсов всех поставщиков, поддерживающих данный контекст Запрос теневых копий Контекст: Код поставщика: {b5946137-7b9f-4925-af80-51abd60b20d5} Код класса: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Контекст моментального снимка: -1 Контекст моментального снимка: -1 Контекст выполнения: Coordinator System errors: ============= Error: (08/08/2023 12:24:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The VNC Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Перезапуск службы. Error: (08/08/2023 12:24:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The SAMSUNG Mobile Connectivity Service V2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Перезапуск службы. Error: (08/08/2023 12:24:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Everything service terminated unexpectedly. It has done this 1 time(s). Error: (08/08/2023 12:24:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The SAMSUNG Mobile Connectivity Service service terminated unexpectedly. It has done this 1 time(s). Error: (08/08/2023 12:24:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel(R) HD Graphics Control Panel Service service terminated unexpectedly. It has done this 1 time(s). Error: (08/08/2023 12:22:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Microsoft Office Click-to-Run Service service failed to start due to the following error: The system cannot find the file specified. Error: (08/08/2023 12:22:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Microsoft Office Click-to-Run Service service failed to start due to the following error: The system cannot find the file specified. Error: (08/08/2023 12:06:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The ClickToRunSvc service failed to start due to the following error: The system cannot find the file specified. CodeIntegrity: =============== Date: 2023-06-05 17:22:08 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Chrome\Application\114.0.5735.90\chrome.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. F4 04/25/2012 Motherboard: Gigabyte Technology Co., Ltd. Z77-DS3H Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz Percentage of memory in use: 37% Total physical RAM: 12117.96 MB Available physical RAM: 7618.65 MB Total Virtual: 24405.96 MB Available Virtual: 20416.63 MB ==================== Drives ================================ Drive c: (SysSSD) (Fixed) (Total:84.74 GB) (Free:34.95 GB) (Model: TEAM T253256GB) NTFS Drive d: (Data SSD) (Fixed) (Total:153.16 GB) (Free:36.05 GB) (Model: TEAM T253256GB) NTFS \\?\Volume{f063237d-0000-0000-0000-100000000000}\ (Зарезервировано системой) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS \\?\Volume{f063237d-0000-0000-0000-403215000000}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: F063237D) Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=84.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=541 MB) - (Type=27) Partition 4: (Not Active) - (Size=153.2 GB) - (Type=0F Extended) ==================== End of Addition.txt =======================