==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{3B3D1B8F-55BF-43DA-99D0-645AACE0162A}C:\program files (x86)\shareit technologies\shareit\shareit.exe] => (Allow) C:\program files (x86)\shareit technologies\shareit\shareit.exe (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
FirewallRules: [UDP Query User{06E1EBC6-BED5-4E87-8922-73C271C775F1}C:\program files (x86)\shareit technologies\shareit\shareit.exe] => (Allow) C:\program files (x86)\shareit technologies\shareit\shareit.exe (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
FirewallRules: [{64CE50AD-8654-4C14-B75F-516BD21ED548}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7361F425-3501-45C3-AD43-B7B4D076EFB0}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8E12CA0F-BAFC-4FD0-8B65-D6B8CABB1948}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{845AB566-C871-4A4C-8E18-C6771E77ACC3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C1CE10A3-D229-4EDB-8BC6-C23EE2404487}] => (Allow) E:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{43021405-630F-44FE-BF93-D84C84578D56}] => (Allow) E:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{E089B541-273C-49B3-9D89-18B230F19E18}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{87766E09-91F8-44D9-846C-52FB9576D299}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{4ED0847F-B7C0-4807-A031-D9C002BC3BA0}] => (Allow) E:\SteamLibrary\steamapps\common\World of Tanks Blitz\wotblitz.exe (Wargaming.net) [File not signed]
FirewallRules: [{2E882366-5050-47C3-9329-DE86CF378D7A}] => (Allow) E:\SteamLibrary\steamapps\common\World of Tanks Blitz\wotblitz.exe (Wargaming.net) [File not signed]
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:119.24 GB) (Free:37.85 GB) (32%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/21/2020 01:23:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: cf.exe, version: 0.0.0.0, time stamp: 0x5e7238c5
Faulting module name: KERNELBASE.dll, version: 10.0.18362.815, time stamp: 0x67005c2a
Exception code: 0xe0434352
Fault offset: 0x00114402
Faulting process id: 0xe1c
Faulting application start time: 0x01d62ecb53bacee6
Faulting application path: C:\Windows\servicing\cf.exe
Faulting module path: C:\windows\System32\KERNELBASE.dll
Report Id: ac7a89b4-d553-46fe-a93f-2a4f738cbd2e
Faulting package full name:
Faulting package-relative application ID:
Error: (05/21/2020 01:23:08 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: cf.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.IOException
at System.IO.__Error.WinIOError(Int32, System.String)
at System.IO.__Error.WinIOError()
at System.Console+ControlCHooker.Unhook()
at System.Console+ControlCHooker.Finalize()
Error: (05/21/2020 12:28:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: cf.exe, version: 0.0.0.0, time stamp: 0x5e7238c5
Faulting module name: KERNELBASE.dll, version: 10.0.18362.815, time stamp: 0x67005c2a
Exception code: 0xe0434352
Fault offset: 0x00114402
Faulting process id: 0xa58
Faulting application start time: 0x01d62ec3c00c64e4
Faulting application path: C:\Windows\servicing\cf.exe
Faulting module path: C:\windows\System32\KERNELBASE.dll
Report Id: 024e3710-1fe1-4c92-b62e-558af4da70e5
Faulting package full name:
Faulting package-relative application ID:
Error: (05/21/2020 12:28:54 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: cf.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.IOException
at System.IO.__Error.WinIOError(Int32, System.String)
at System.IO.__Error.WinIOError()
at System.Console+ControlCHooker.Unhook()
at System.Console+ControlCHooker.Finalize()
Error: (05/20/2020 11:36:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SecHealthUI.exe, version: 10.0.18362.752, time stamp: 0x5e70487e
Faulting module name: SecHealthUIViewModels.dll, version: 10.0.18362.752, time stamp: 0x5e704823
Exception code: 0xc000041d
Fault offset: 0x00000000000088d8
Faulting process id: 0x10f4
Faulting application start time: 0x01d62ebc480ba855
Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
Faulting module path: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
Report Id: 330218d9-94bb-4bb9-a533-d99bdc28bedf
Faulting package full name: Microsoft.Windows.SecHealthUI_10.0.18362.449_neutral__cw5n1h2txyewy
Faulting package-relative application ID: SecHealthUI
Error: (05/20/2020 11:36:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SecHealthUI.exe, version: 10.0.18362.752, time stamp: 0x5e70487e
Faulting module name: SecHealthUIViewModels.dll, version: 10.0.18362.752, time stamp: 0x5e704823
Exception code: 0xc0000005
Fault offset: 0x00000000000088d8
Faulting process id: 0x10f4
Faulting application start time: 0x01d62ebc480ba855
Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
Faulting module path: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
Report Id: b83de6f1-61f0-4abb-a164-75b05a81221a
Faulting package full name: Microsoft.Windows.SecHealthUI_10.0.18362.449_neutral__cw5n1h2txyewy
Faulting package-relative application ID: SecHealthUI
Error: (05/20/2020 11:30:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: cf.exe, version: 0.0.0.0, time stamp: 0x5e7238c5
Faulting module name: KERNELBASE.dll, version: 10.0.18362.815, time stamp: 0x67005c2a
Exception code: 0xe0434352
Fault offset: 0x00114402
Faulting process id: 0xd80
Faulting application start time: 0x01d62ebb9aaaec8f
Faulting application path: C:\Windows\servicing\cf.exe
Faulting module path: C:\windows\System32\KERNELBASE.dll
Report Id: e6b06665-e028-4d4e-abd1-e77c84fa24a0
Faulting package full name:
Faulting package-relative application ID:
Error: (05/20/2020 11:30:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: cf.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.IOException
at System.IO.__Error.WinIOError(Int32, System.String)
at System.IO.__Error.WinIOError()
at System.Console+ControlCHooker.Unhook()
at System.Console+ControlCHooker.Finalize()
System errors:
=============
Error: (05/21/2020 01:23:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Registration for device management service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (05/21/2020 01:23:23 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the Registration for device management service to connect.
Error: (05/21/2020 01:23:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Hyper Integrations Services service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (05/21/2020 01:23:09 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the Microsoft Hyper Integrations Services service to connect.
Error: (05/21/2020 01:23:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMChameleon service failed to start due to the following error:
The system cannot find the file specified.
Error: (05/21/2020 01:22:22 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The AsusUpdateCheck service did not shut down properly after receiving a preshutdown control.
Error: (05/21/2020 12:29:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Registration for device management service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (05/21/2020 12:29:12 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the Registration for device management service to connect.
Windows Defender:
===================================
Date: 2020-05-20 17:09:00.926
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: HackTool:Win32/Crack
ID: 2147734096
Severity: High
Category: Tool
Path: file:_G:\crack\ff7_en.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.315.997.0, AS: 1.315.997.0, NIS: 1.315.997.0
Engine Version: AM: 1.1.17000.7, NIS: 1.1.17000.7
Date: 2020-05-20 17:08:55.409
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Wacatac.A!rfn
ID: 2147746577
Severity: Severe
Category: Trojan
Path: file:_G:\crack\ff7_es.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.315.997.0, AS: 1.315.997.0, NIS: 1.315.997.0
Engine Version: AM: 1.1.17000.7, NIS: 1.1.17000.7
Date: 2020-05-20 17:08:39.424
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Wacatac.A!rfn
ID: 2147746577
Severity: Severe
Category: Trojan
Path: file:_G:\crack\ff7_es.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.315.997.0, AS: 1.315.997.0, NIS: 1.315.997.0
Engine Version: AM: 1.1.17000.7, NIS: 1.1.17000.7
Date: 2020-05-20 17:07:49.755
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: HackTool:Win32/Crack
ID: 2147734096
Severity: High
Category: Tool
Path: file:_G:\crack\ff7_en.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.315.997.0, AS: 1.315.997.0, NIS: 1.315.997.0
Engine Version: AM: 1.1.17000.7, NIS: 1.1.17000.7
Date: 2020-05-20 17:07:45.259
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: HackTool:Win32/Crack
ID: 2147734096
Severity: High
Category: Tool
Path: file:_G:\crack\ff7_en.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.315.997.0, AS: 1.315.997.0, NIS: 1.315.997.0
Engine Version: AM: 1.1.17000.7, NIS: 1.1.17000.7
Date: 2020-05-20 23:46:36.034
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.315.997.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17000.7
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2020-05-20 23:46:36.034
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.315.997.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17000.7
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2020-05-20 19:39:03.604
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.315.997.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17000.7
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2020-05-19 23:18:31.003
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.315.980.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17000.7
Error code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Date: 2020-05-19 23:08:30.093
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
CodeIntegrity:
===================================
Date: 2020-05-21 01:24:38.299
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-05-21 01:24:38.299
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-05-21 01:23:23.473
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-05-21 01:23:23.472
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-05-21 01:15:50.545
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-05-21 01:15:50.544
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-05-21 01:00:49.808
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-05-21 01:00:49.808
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 2801 09/18/2019
Motherboard: ASUSTeK COMPUTER INC. ROG STRIX B450-F GAMING
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 27%
Total physical RAM: 16309.74 MB
Available physical RAM: 11800.82 MB
Total Virtual: 25111.74 MB
Available Virtual: 18153.43 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.24 GB) (Free:37.83 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (SSD) (Fixed) (Total:238.47 GB) (Free:95.86 GB) NTFS
Drive e: (2 TB Beast) (Fixed) (Total:1863.01 GB) (Free:1745.48 GB) NTFS
Drive f: (500 Gb Backup) (Fixed) (Total:465.76 GB) (Free:465.65 GB) NTFS
Drive g: (Windows 10) (Removable) (Total:7.47 GB) (Free:3.85 GB) NTFS
==================== MBR & Partition Table ====================
==================== End of Addition.txt =======================