Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.04.2024 01
- Ran by david (29-04-2024 16:22:52)
- Running from C:\Users\david\Downloads
- Microsoft Windows 10 Home Version 22H2 19045.4291 (X64) (2023-05-15 06:30:07)
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- (If an entry is included in the fixlist, it will be removed.)
- Administrator (S-1-5-21-3640051670-4111558350-280212837-500 - Administrator - Disabled)
- david (S-1-5-21-3640051670-4111558350-280212837-1001 - Administrator - Enabled) => C:\Users\david
- DefaultAccount (S-1-5-21-3640051670-4111558350-280212837-503 - Limited - Disabled)
- Guest (S-1-5-21-3640051670-4111558350-280212837-501 - Limited - Disabled)
- WDAGUtilityAccount (S-1-5-21-3640051670-4111558350-280212837-504 - Limited - Disabled)
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- ==================== Installed Programs ======================
- (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- 7-Zip 23.01 (x64) (HKLM\...\7-Zip) (Version: 23.01 - Igor Pavlov)
- Adobe Photoshop 2023 (HKLM-x32\...\PHSP_24_2_1) (Version: 24.2.1.358 - Adobe Inc.)
- Adobe Photoshop 2023 v24.2.1.358 (HKLM-x32\...\{37865686-DFD4-474B-B3B8-196BFC1C45DE}) (Version: 1.0.0 - Adobe Photoshop 2023 v24.2.1.358)
- DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.2.0.2105 - Disc Soft Ltd)
- Discord (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\Discord) (Version: 1.0.9016 - Discord Inc.)
- Epic Games Launcher (HKLM-x32\...\{B85FAA6E-A9AA-4655-9029-E1A4EDC05E1A}) (Version: 1.3.93.0 - Epic Games, Inc.)
- Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
- Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.)
- Git (HKLM\...\Git_is1) (Version: 2.42.0.2 - The Git Development Community)
- Google Chrome (HKLM-x32\...\Google Chrome) (Version: 124.0.6367.91 - Google LLC)
- Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
- League of Legends (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
- Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 124.0.2478.67 - Microsoft Corporation)
- Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 124.0.2478.67 - Microsoft Corporation)
- Microsoft Office LTSC Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Volume - en-us) (Version: 16.0.14332.20685 - Microsoft Corporation)
- Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.221.1024.0002 - Microsoft Corporation)
- Microsoft Teams classic (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\Teams) (Version: 1.7.00.1864 - Microsoft Corporation)
- Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
- Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
- Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
- Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
- Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
- Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
- Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
- Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
- Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
- Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
- Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
- Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
- Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
- Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
- Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.88.1 - Microsoft Corporation)
- Mobalytics (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\Overwolf_kccgdmdllebbgifgafjfmcjdgmhoknfhjdnobcho) (Version: 1.114.508 - Overwolf app)
- Node.js (HKLM\...\{C574A5A2-4D77-47ED-B965-21A7969EBE42}) (Version: 18.17.1 - Node.js Foundation)
- NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
- NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
- NVIDIA Graphics Driver 551.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.23 - NVIDIA Corporation)
- NVIDIA HD Audio Driver 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
- NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
- NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
- Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20685 - Microsoft Corporation) Hidden
- Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20685 - Microsoft Corporation) Hidden
- Overwolf (HKLM-x32\...\Overwolf) (Version: 0.248.120.19 - Overwolf Ltd.)
- Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.8.1031.110912 - Razer Inc.)
- Reborn Application (HKLM-x32\...\{17A4F85A-1219-4143-A0D6-E9EBC6084064}) (Version: 1.0.0.1 - l2reborn.org)
- Revo Uninstaller 2.4.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.5 - VS Revo Group, Ltd.)
- Riot Client (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc)
- Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
- Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.19572 - Microsoft Corporation)
- TeamSpeak 3 Client (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\TeamSpeak 3 Client) (Version: 3.6.1 - TeamSpeak Systems GmbH)
- TeamViewer (HKLM\...\TeamViewer) (Version: 15.45.4 - TeamViewer)
- Telegram Desktop (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.15.2 - Telegram FZ-LLC)
- Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
- uTorrent Web (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\utweb) (Version: 1.4.0 - BitTorrent Limited)
- UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
- WinRAR 7.00 beta 1 64-bit (HKLM\...\WinRAR archiver) (Version: 7.00.1 - win.rar GmbH)
- Chrome apps:
- ============
- Arkusze (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\0c69ddc903749c2f2e81cec2d8818cc4) (Version: 1.0 - Google\Chrome)
- Documenten (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\d3785e0df15332680543a80c486fcea4) (Version: 1.0 - Google\Chrome)
- Gmail (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\67d36e06f2dc3970af7c77ebdcdda0af) (Version: 1.0 - Google\Chrome)
- Google Drive (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\23aa7a5e5bd2f8859503d00da48be8bd) (Version: 1.0 - Google\Chrome)
- Presentaties (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\58121b21b1cb57151ecfe09ed009afc0) (Version: 1.0 - Google\Chrome)
- YouTube (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\c7df40a830151bf0b108d501910ef67b) (Version: 1.0 - Google\Chrome)
- Packages:
- =========
- Microsoft Copilot -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-29] (Microsoft Corporation)
- NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-24] (NVIDIA Corp.)
- Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.38.277.0_x64__dt26b99r8h8gj [2023-08-29] (Realtek Semiconductor Corp)
- Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0 [2024-04-12] (Spotify AB) [Startup Task]
- Web Search from Microsoft Bing -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.92.0_x64__8wekyb3d8bbwe [2024-04-11] (Microsoft Corporation)
- WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2414.10.0_x64__cv1g1gvanyjgm [2024-04-27] (WhatsApp Inc.) [Startup Task]
- ==================== Custom CLSID (Whitelisted): ==============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- CustomCLSID: HKU\S-1-5-21-3640051670-4111558350-280212837-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\david\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23334.11\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
- ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-02-17] (Adobe Inc. -> )
- ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-02-17] (Adobe Inc. -> )
- ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-02-17] (Adobe Inc. -> )
- ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
- ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
- ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
- ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
- ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
- ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
- ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
- ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
- ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
- ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
- ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
- ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
- ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
- ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
- ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
- ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
- ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-02-17] (Adobe Inc. -> )
- ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-11-16] (win.rar GmbH -> Alexander Roshal)
- ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-11-16] (win.rar GmbH -> Alexander Roshal)
- ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-09-07] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
- ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-09-07] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
- ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
- ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
- ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
- ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2fe7c165c5dd3267\nvshext.dll [2024-01-19] (NVIDIA Corporation -> NVIDIA Corporation)
- ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
- ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-02-17] (Adobe Inc. -> )
- ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-11-16] (win.rar GmbH -> Alexander Roshal)
- ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-11-16] (win.rar GmbH -> Alexander Roshal)
- ==================== Codecs (Whitelisted) ====================
- ==================== Shortcuts & WMI ========================
- (The entries could be listed to be restored or removed.)
- ShortcutWithArgument: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Arkusze.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
- ShortcutWithArgument: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Documenten.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
- ShortcutWithArgument: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
- ShortcutWithArgument: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
- ShortcutWithArgument: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Presentaties.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kefjledonklijopmnomlcbpllchaibag
- ShortcutWithArgument: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
- ==================== Loaded Modules (Whitelisted) =============
- ==================== Alternate Data Streams (Whitelisted) ========
- (If an entry is included in the fixlist, only the ADS will be removed.)
- AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [7516]
- ==================== Safe Mode (Whitelisted) ==================
- ==================== Association (Whitelisted) =================
- ==================== Internet Explorer (Whitelisted) ==========
- BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
- BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
- Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
- Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
- Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
- Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
- Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
- Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
- Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
- Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
- ==================== Hosts content: =========================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
- ==================== Other Areas ===========================
- (Currently there is no automatic fix for this section.)
- HKU\S-1-5-21-3640051670-4111558350-280212837-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
- DNS Servers: 192.168.0.1
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
- Windows Firewall is enabled.
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- (If an entry is included in the fixlist, it will be removed.)
- HKLM\...\StartupApproved\Run: => "SecurityHealth"
- HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
- HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
- HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\StartupApproved\Run: => "utweb"
- HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
- HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\StartupApproved\Run: => "GarminExpress"
- HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_30FCCE2722F4190AAE310221237BB02B"
- HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
- HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\StartupApproved\Run: => "Synapse3"
- HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\StartupApproved\Run: => "Discord"
- ==================== FirewallRules (Whitelisted) ================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- FirewallRules: [{7A3A45C6-B0E8-4A59-AD63-233522209C72}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
- FirewallRules: [{EDCCB674-0BE6-446D-BF69-B4A680FB5234}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
- FirewallRules: [{78489EE6-7F5C-4B1E-A986-4F17CDA38A8E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
- FirewallRules: [{29CC69E0-F0F7-4F42-9994-B90B64ED358B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
- FirewallRules: [{7639DC58-C60C-43BD-B5B3-A142C5C694DA}] => (Allow) C:\Users\david\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Limited)
- FirewallRules: [{BA5D2B2A-388E-4CB2-B7E8-BE00B9DE837E}] => (Allow) C:\Users\david\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Limited)
- FirewallRules: [{DD0F7CE1-25A0-4F8C-8EFE-488ED1B5D998}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
- FirewallRules: [{6C9D9968-2B2A-43A6-8DAB-91CE52F57BBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
- FirewallRules: [{F7787AFD-B833-4A82-B33B-B9235F56AE50}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
- FirewallRules: [{33725949-D9E4-4BC2-859C-205AE0CBFEE9}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
- FirewallRules: [TCP Query User{F19DB63C-3A9D-426D-B5A4-451462B6BC8A}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (OpenJS Foundation -> Node.js)
- FirewallRules: [UDP Query User{4B96A1A1-525E-428F-AE3F-E40CE8EB0857}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (OpenJS Foundation -> Node.js)
- FirewallRules: [{98BEE5F8-B002-40F8-B1FB-42E2264CFC4F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
- FirewallRules: [{FCB67EA6-8775-4633-BAF9-8C2E1E9EE66E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
- FirewallRules: [{885F546D-EB65-4E25-9471-F54755FD8961}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
- FirewallRules: [{B1A931A7-7B44-4272-A599-96F8EBC9741F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
- FirewallRules: [{B67EE921-D7AF-45C3-B4E2-92CFCCFF7158}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
- FirewallRules: [{A879B959-ECAE-4391-9100-BF12AD22035F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
- FirewallRules: [{970ACC41-A69E-483F-8C59-5CD0F66E1608}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
- FirewallRules: [{D570F24F-9EAE-4278-8126-BE616E43F73B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
- FirewallRules: [{5797A7A0-8541-4519-869E-EF989853F7F5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
- FirewallRules: [{55EF8059-2D56-4227-BE3E-10649901717B}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe => No File
- FirewallRules: [{C0D6EC21-2FEF-4882-ABB8-7091F68B6C23}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe => No File
- FirewallRules: [{EB03DD08-ACD4-4976-B0EC-57C0C0F34A9E}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe => No File
- FirewallRules: [{947489BA-51A9-48B1-B7A7-4A51E7B7FA72}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe => No File
- FirewallRules: [TCP Query User{59DEC8BC-C2FA-4836-904F-9D8A3DE77DB6}C:\users\david\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\david\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
- FirewallRules: [UDP Query User{9AF6E3E9-BAC0-40BE-B93B-031458E169DE}C:\users\david\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\david\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
- FirewallRules: [{B38272E3-65AC-4BCB-8E07-C409B7E57D96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{693D748E-9A13-4ABE-A6E7-E7710508A2A3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{A42618CC-28DE-4A07-9E91-2B8716D98D07}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{3ACFCAC1-2C0B-4AD3-80A1-64FD2254B905}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{A07E9BD0-F79B-47DF-AE20-FD53E660877C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{291B0310-D7C8-4AEC-8DB7-761D5CDC32D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [TCP Query User{B28C689F-45A8-41DE-B03B-430F8216A083}C:\games\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\games\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
- FirewallRules: [UDP Query User{812BDFA5-F901-4A86-A837-99BED983096A}C:\games\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\games\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
- FirewallRules: [{4F5A4E5C-8FFB-4E05-845B-B2DD924BB742}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
- FirewallRules: [{15C50F62-3237-49D8-87D5-7CB05D71969C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
- FirewallRules: [{F6C172A3-1E56-4B42-8C1B-6968E094BCCF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
- FirewallRules: [{EB103905-D244-49A7-9F6B-EF56A193987B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
- FirewallRules: [{DA180F38-3CEB-43FB-8EF0-5313A8ECB637}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
- FirewallRules: [{9B99535C-97A4-4CC8-A16E-81856D75903D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
- FirewallRules: [{1EB59498-6615-4D36-827F-6F6D7477DC25}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
- FirewallRules: [{718CC252-7983-420D-8EDF-5CACBE563E92}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
- FirewallRules: [{BB3C88C7-8755-4F5A-8180-7E2D292192E7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
- FirewallRules: [{197A78C0-0163-4D04-8ADF-7BEFBA6C4550}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
- FirewallRules: [{225FFB8C-AB7A-4581-BAFE-0AB2DB27DBC9}] => (Allow) C:\Program Files (x86)\Overwolf\0.243.1.1\OverwolfBrowser.exe => No File
- FirewallRules: [{C582DCE0-A7FC-483C-9F4F-4C6D4991FB5C}] => (Allow) C:\Program Files (x86)\Overwolf\0.243.1.1\OverwolfBrowser.exe => No File
- FirewallRules: [{698D6843-00CE-47BB-8ABF-8FE03544E116}] => (Block) C:\Program Files (x86)\Overwolf\0.243.1.1\OverwolfBrowser.exe => No File
- FirewallRules: [{795D5A37-D237-4087-8E17-7258002BF4D7}] => (Block) C:\Program Files (x86)\Overwolf\0.243.1.1\OverwolfBrowser.exe => No File
- FirewallRules: [{2B2C9418-EF2E-4F19-AD39-BC5F340CF301}] => (Allow) C:\Program Files (x86)\Overwolf\0.248.120.19\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
- FirewallRules: [{148756C2-0EB4-42C9-809B-316EAA490432}] => (Allow) C:\Program Files (x86)\Overwolf\0.248.120.19\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
- FirewallRules: [{176D4DA8-223D-4D3D-818E-FD02D88A7C58}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
- FirewallRules: [{6D613B91-C2A4-4139-B09B-6B4447881A22}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.118.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
- FirewallRules: [{ACF6E253-9FE3-4DC5-80BD-73D24113FBA3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.118.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
- FirewallRules: [{463CECDD-526D-454F-A6A5-A2572D623059}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.118.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
- FirewallRules: [{5859209A-36A4-4F0D-96B2-DE01F15C2377}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.118.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
- FirewallRules: [{B7F893AA-6B88-4359-8083-67CD4F21A01D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
- ==================== Restore Points =========================
- 19-04-2024 08:49:01 Scheduled Checkpoint
- 28-04-2024 08:49:11 Scheduled Checkpoint
- ==================== Faulty Device Manager Devices ============
- Name: Base System Device
- Description: Base System Device
- Class Guid:
- Manufacturer:
- Service:
- Problem: : The drivers for this device are not installed. (Code 28)
- Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
- ==================== Event log errors: ========================
- Application errors:
- ==================
- Error: (04/23/2024 01:42:43 PM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: OneDrive.exe, version: 23.226.1031.1, time stamp: 0xf0836242
- Faulting module name: Windows.UI.Xaml.dll, version: 10.0.19041.4291, time stamp: 0x495cf6d0
- Exception code: 0xc0000005
- Fault offset: 0x00000000000e964c
- Faulting process id: 0x3954
- Faulting application start time: 0x01da9179658241eb
- Faulting application path: C:\Program Files\Microsoft OneDrive\OneDrive.exe
- Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
- Report Id: 9a512e87-1e08-4e8d-9135-f2eed68c5c3f
- Faulting package full name:
- Faulting package-relative application ID:
- Error: (04/18/2024 12:15:49 PM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: OneDrive.exe, version: 23.226.1031.1, time stamp: 0xf0836242
- Faulting module name: Windows.UI.Xaml.dll, version: 10.0.19041.4291, time stamp: 0x495cf6d0
- Exception code: 0xc0000005
- Fault offset: 0x00000000000e964c
- Faulting process id: 0x172c
- Faulting application start time: 0x01da8f65dfdf1f22
- Faulting application path: C:\Program Files\Microsoft OneDrive\OneDrive.exe
- Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
- Report Id: 4995b5c3-f213-458d-b4f9-3a86697f544e
- Faulting package full name:
- Faulting package-relative application ID:
- Error: (04/15/2024 12:45:36 PM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: OneDrive.exe, version: 23.226.1031.1, time stamp: 0xf0836242
- Faulting module name: Windows.UI.Xaml.dll, version: 10.0.19041.4291, time stamp: 0x495cf6d0
- Exception code: 0xc000041d
- Fault offset: 0x00000000000e964c
- Faulting process id: 0x25c4
- Faulting application start time: 0x01da8da3d62bedb0
- Faulting application path: C:\Program Files\Microsoft OneDrive\OneDrive.exe
- Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
- Report Id: 70c08d6b-66b0-4e9e-b663-09cc81de12fd
- Faulting package full name:
- Faulting package-relative application ID:
- Error: (04/15/2024 12:45:35 PM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: OneDrive.exe, version: 23.226.1031.1, time stamp: 0xf0836242
- Faulting module name: Windows.UI.Xaml.dll, version: 10.0.19041.4291, time stamp: 0x495cf6d0
- Exception code: 0xc0000005
- Fault offset: 0x00000000000e964c
- Faulting process id: 0x25c4
- Faulting application start time: 0x01da8da3d62bedb0
- Faulting application path: C:\Program Files\Microsoft OneDrive\OneDrive.exe
- Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
- Report Id: 3320228a-db21-492a-9b59-0cac3a57c8e9
- Faulting package full name:
- Faulting package-relative application ID:
- Error: (04/13/2024 06:08:35 AM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: OneDrive.exe, version: 23.226.1031.1, time stamp: 0xf0836242
- Faulting module name: Windows.UI.Xaml.dll, version: 10.0.19041.4291, time stamp: 0x495cf6d0
- Exception code: 0xc0000005
- Fault offset: 0x00000000000e964c
- Faulting process id: 0x1880
- Faulting application start time: 0x01da8c161ae59457
- Faulting application path: C:\Program Files\Microsoft OneDrive\OneDrive.exe
- Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
- Report Id: 290d0a27-116b-4307-a5f5-5af74bb2a62c
- Faulting package full name:
- Faulting package-relative application ID:
- Error: (04/11/2024 03:42:27 PM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: OneDrive.exe, version: 23.226.1031.1, time stamp: 0xf0836242
- Faulting module name: Windows.UI.Xaml.dll, version: 10.0.19041.4291, time stamp: 0x495cf6d0
- Exception code: 0xc0000005
- Fault offset: 0x00000000000e964c
- Faulting process id: 0x2da0
- Faulting application start time: 0x01da8b96cd806c4d
- Faulting application path: C:\Program Files\Microsoft OneDrive\OneDrive.exe
- Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
- Report Id: b115badc-f836-4119-9ab5-c385e06c2dea
- Faulting package full name:
- Faulting package-relative application ID:
- Error: (04/04/2024 06:33:46 AM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: OneDrive.exe, version: 23.226.1031.1, time stamp: 0xf0836242
- Faulting module name: Windows.UI.Xaml.dll, version: 10.0.19041.4170, time stamp: 0x7b5b862e
- Exception code: 0xc000041d
- Fault offset: 0x00000000000e964c
- Faulting process id: 0x5108
- Faulting application start time: 0x01da8648c46bd3fa
- Faulting application path: C:\Program Files\Microsoft OneDrive\OneDrive.exe
- Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
- Report Id: 7f544b8a-54bc-41ea-a724-6b492213c204
- Faulting package full name:
- Faulting package-relative application ID:
- Error: (04/04/2024 06:33:45 AM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: OneDrive.exe, version: 23.226.1031.1, time stamp: 0xf0836242
- Faulting module name: Windows.UI.Xaml.dll, version: 10.0.19041.4170, time stamp: 0x7b5b862e
- Exception code: 0xc0000005
- Fault offset: 0x00000000000e964c
- Faulting process id: 0x5108
- Faulting application start time: 0x01da8648c46bd3fa
- Faulting application path: C:\Program Files\Microsoft OneDrive\OneDrive.exe
- Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
- Report Id: b23c7f08-6a70-4e47-8e28-2c43d8eba611
- Faulting package full name:
- Faulting package-relative application ID:
- System errors:
- =============
- Error: (04/29/2024 04:22:33 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-BPMHB3T)
- Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.
- Error: (04/28/2024 05:11:25 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-BPMHB3T)
- Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.
- Error: (04/28/2024 04:07:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-BPMHB3T)
- Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.
- Error: (04/28/2024 03:25:19 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-BPMHB3T)
- Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.
- Error: (04/28/2024 02:29:03 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-BPMHB3T)
- Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.
- Error: (04/28/2024 02:24:33 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-BPMHB3T)
- Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.
- Error: (04/28/2024 11:32:26 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-BPMHB3T)
- Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.
- Error: (04/28/2024 10:59:30 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-BPMHB3T)
- Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.
- Windows Defender:
- ================
- Date: 2024-04-29 16:17:21
- Description:
- Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
- For more information please see the following:
- https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Seraph.AAUW!MTB&threatid=2147894958&enterprise=0
- Name: Trojan:MSIL/Seraph.AAUW!MTB
- Severity: Severe
- Category: Trojan
- Path: file:_C:\Users\david\AppData\Roaming\g4O7lPas.exe; file:_C:\Users\david\AppData\Roaming\jB0MwAzU.exe
- Detection Origin: Local machine
- Detection Type: Concrete
- Detection Source: Real-Time Protection
- Process Name: C:\Users\david\Downloads\FRST64.exe
- Security intelligence Version: AV: 1.409.576.0, AS: 1.409.576.0, NIS: 1.409.576.0
- Engine Version: AM: 1.1.24030.4, NIS: 1.1.24030.4
- Date: 2024-04-29 16:17:21
- Description:
- Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
- For more information please see the following:
- https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Seraph.AAUW!MTB&threatid=2147894958&enterprise=0
- Name: Trojan:MSIL/Seraph.AAUW!MTB
- Severity: Severe
- Category: Trojan
- Path: file:_C:\Users\david\AppData\Roaming\g4O7lPas.exe
- Detection Origin: Local machine
- Detection Type: Concrete
- Detection Source: Real-Time Protection
- Process Name: C:\Users\david\Downloads\FRST64.exe
- Security intelligence Version: AV: 1.409.576.0, AS: 1.409.576.0, NIS: 1.409.576.0
- Engine Version: AM: 1.1.24030.4, NIS: 1.1.24030.4
- Date: 2024-04-29 06:34:47
- Description:
- Microsoft Defender Antivirus scan has been stopped before completion.
- Scan Type: Antimalware
- Scan Parameters: Quick Scan
- Date: 2024-04-28 06:48:59
- Description:
- Microsoft Defender Antivirus scan has been stopped before completion.
- Scan Type: Antimalware
- Scan Parameters: Quick Scan
- Date: 2024-04-27 06:46:20
- Description:
- Microsoft Defender Antivirus scan has been stopped before completion.
- Scan Type: Antimalware
- Scan Parameters: Quick Scan
- Event[0]:
- Date: 2023-11-06 17:05:43
- Description:
- Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
- New security intelligence Version:
- Previous security intelligence Version: 1.401.164.0
- Update Source: Microsoft Update Server
- Security intelligence Type: AntiVirus
- Update Type: Full
- Current Engine Version:
- Previous Engine Version: 1.1.23100.2009
- Error code: 0x80240438
- Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
- CodeIntegrity:
- ===============
- Date: 2023-11-27 15:29:10
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume8\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume8\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
- Date: 2023-11-07 08:55:20
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume8\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume8\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
- ==================== Memory info ===========================
- BIOS: American Megatrends Inc. 1.E1 11/17/2021
- Motherboard: Micro-Star International Co., Ltd. MPG Z390 GAMING PLUS (MS-7B51)
- Processor: Intel(R) Core(TM) i7-9700KF CPU @ 3.60GHz
- Percentage of memory in use: 65%
- Total physical RAM: 16318.29 MB
- Available physical RAM: 5692.13 MB
- Total Virtual: 22318.29 MB
- Available Virtual: 6018.6 MB
- ==================== Drives ================================
- Drive c: () (Fixed) (Total:930.89 GB) (Free:605.97 GB) (Model: WDC WDS100T2B0C-00PXH0) NTFS
- Drive d: () (Fixed) (Total:222.43 GB) (Free:216.1 GB) (Model: KINGSTON SHFS37A240G) NTFS
- \\?\Volume{4001fa9d-a97b-48ad-841e-0fe4699e5610}\ (Odzyskiwanie) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
- \\?\Volume{e87f3700-fe5f-4a58-9974-ec8ed60497d1}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS
- \\?\Volume{1a2c968c-9859-484e-a673-a4fd403ac104}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
- \\?\Volume{4c0aaa8f-f3e9-43fd-813e-d139105c3775}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
- \\?\Volume{d3ee92e1-7567-427b-97fd-52eb3c6d6a11}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
- ==================== MBR & Partition Table ====================
- ==========================================================
- Disk: 0 (Size: 223.6 GB) (Disk ID: F99DC55E)
- Partition: GPT.
- ==========================================================
- Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
- Partition: GPT.
- ==================== End of Addition.txt =======================
Add Comment
Please, Sign In to add comment