API tools faq
paste
Guest User

Addition

a guest
Apr 29th, 2024
43
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 46.81 KB | None | 0 0
raw download clone embed print report
  1. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.04.2024 01
  2. Ran by david (29-04-2024 16:22:52)
  3. Running from C:\Users\david\Downloads
  4. Microsoft Windows 10 Home Version 22H2 19045.4291 (X64) (2023-05-15 06:30:07)
  5. Boot Mode: Normal
  6. ==========================================================
  7.  
  8.  
  9. ==================== Accounts: =============================
  10.  
  11.  
  12. (If an entry is included in the fixlist, it will be removed.)
  13.  
  14. Administrator (S-1-5-21-3640051670-4111558350-280212837-500 - Administrator - Disabled)
  15. david (S-1-5-21-3640051670-4111558350-280212837-1001 - Administrator - Enabled) => C:\Users\david
  16. DefaultAccount (S-1-5-21-3640051670-4111558350-280212837-503 - Limited - Disabled)
  17. Guest (S-1-5-21-3640051670-4111558350-280212837-501 - Limited - Disabled)
  18. WDAGUtilityAccount (S-1-5-21-3640051670-4111558350-280212837-504 - Limited - Disabled)
  19.  
  20. ==================== Security Center ========================
  21.  
  22. (If an entry is included in the fixlist, it will be removed.)
  23.  
  24. AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  25.  
  26. ==================== Installed Programs ======================
  27.  
  28. (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
  29.  
  30. 7-Zip 23.01 (x64) (HKLM\...\7-Zip) (Version: 23.01 - Igor Pavlov)
  31. Adobe Photoshop 2023 (HKLM-x32\...\PHSP_24_2_1) (Version: 24.2.1.358 - Adobe Inc.)
  32. Adobe Photoshop 2023 v24.2.1.358 (HKLM-x32\...\{37865686-DFD4-474B-B3B8-196BFC1C45DE}) (Version: 1.0.0 - Adobe Photoshop 2023 v24.2.1.358)
  33. DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.2.0.2105 - Disc Soft Ltd)
  34. Discord (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\Discord) (Version: 1.0.9016 - Discord Inc.)
  35. Epic Games Launcher (HKLM-x32\...\{B85FAA6E-A9AA-4655-9029-E1A4EDC05E1A}) (Version: 1.3.93.0 - Epic Games, Inc.)
  36. Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
  37. Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.)
  38. Git (HKLM\...\Git_is1) (Version: 2.42.0.2 - The Git Development Community)
  39. Google Chrome (HKLM-x32\...\Google Chrome) (Version: 124.0.6367.91 - Google LLC)
  40. Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
  41. League of Legends (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
  42. Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 124.0.2478.67 - Microsoft Corporation)
  43. Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 124.0.2478.67 - Microsoft Corporation)
  44. Microsoft Office LTSC Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Volume - en-us) (Version: 16.0.14332.20685 - Microsoft Corporation)
  45. Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.221.1024.0002 - Microsoft Corporation)
  46. Microsoft Teams classic (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\Teams) (Version: 1.7.00.1864 - Microsoft Corporation)
  47. Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
  48. Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
  49. Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
  50. Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
  51. Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
  52. Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
  53. Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
  54. Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
  55. Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
  56. Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
  57. Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
  58. Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
  59. Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
  60. Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
  61. Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
  62. Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
  63. Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
  64. Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
  65. Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
  66. Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.88.1 - Microsoft Corporation)
  67. Mobalytics (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\Overwolf_kccgdmdllebbgifgafjfmcjdgmhoknfhjdnobcho) (Version: 1.114.508 - Overwolf app)
  68. Node.js (HKLM\...\{C574A5A2-4D77-47ED-B965-21A7969EBE42}) (Version: 18.17.1 - Node.js Foundation)
  69. NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
  70. NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
  71. NVIDIA Graphics Driver 551.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.23 - NVIDIA Corporation)
  72. NVIDIA HD Audio Driver 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
  73. NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
  74. NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
  75. Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20685 - Microsoft Corporation) Hidden
  76. Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20685 - Microsoft Corporation) Hidden
  77. Overwolf (HKLM-x32\...\Overwolf) (Version: 0.248.120.19 - Overwolf Ltd.)
  78. Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.8.1031.110912 - Razer Inc.)
  79. Reborn Application (HKLM-x32\...\{17A4F85A-1219-4143-A0D6-E9EBC6084064}) (Version: 1.0.0.1 - l2reborn.org)
  80. Revo Uninstaller 2.4.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.5 - VS Revo Group, Ltd.)
  81. Riot Client (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc)
  82. Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
  83. Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.19572 - Microsoft Corporation)
  84. TeamSpeak 3 Client (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\TeamSpeak 3 Client) (Version: 3.6.1 - TeamSpeak Systems GmbH)
  85. TeamViewer (HKLM\...\TeamViewer) (Version: 15.45.4 - TeamViewer)
  86. Telegram Desktop (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.15.2 - Telegram FZ-LLC)
  87. Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
  88. uTorrent Web (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\utweb) (Version: 1.4.0 - BitTorrent Limited)
  89. UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
  90. WinRAR 7.00 beta 1 64-bit (HKLM\...\WinRAR archiver) (Version: 7.00.1 - win.rar GmbH)
  91.  
  92. Chrome apps:
  93. ============
  94. Arkusze (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\0c69ddc903749c2f2e81cec2d8818cc4) (Version: 1.0 - Google\Chrome)
  95. Documenten (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\d3785e0df15332680543a80c486fcea4) (Version: 1.0 - Google\Chrome)
  96. Gmail (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\67d36e06f2dc3970af7c77ebdcdda0af) (Version: 1.0 - Google\Chrome)
  97. Google Drive (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\23aa7a5e5bd2f8859503d00da48be8bd) (Version: 1.0 - Google\Chrome)
  98. Presentaties (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\58121b21b1cb57151ecfe09ed009afc0) (Version: 1.0 - Google\Chrome)
  99. YouTube (HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\c7df40a830151bf0b108d501910ef67b) (Version: 1.0 - Google\Chrome)
  100.  
  101. Packages:
  102. =========
  103.  
  104. Microsoft Copilot -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-29] (Microsoft Corporation)
  105. NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-24] (NVIDIA Corp.)
  106. Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.38.277.0_x64__dt26b99r8h8gj [2023-08-29] (Realtek Semiconductor Corp)
  107. Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0 [2024-04-12] (Spotify AB) [Startup Task]
  108. Web Search from Microsoft Bing -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.92.0_x64__8wekyb3d8bbwe [2024-04-11] (Microsoft Corporation)
  109. WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2414.10.0_x64__cv1g1gvanyjgm [2024-04-27] (WhatsApp Inc.) [Startup Task]
  110.  
  111. ==================== Custom CLSID (Whitelisted): ==============
  112.  
  113. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  114.  
  115. CustomCLSID: HKU\S-1-5-21-3640051670-4111558350-280212837-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\david\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23334.11\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
  116. ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-02-17] (Adobe Inc. -> )
  117. ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-02-17] (Adobe Inc. -> )
  118. ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-02-17] (Adobe Inc. -> )
  119. ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
  120. ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
  121. ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
  122. ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
  123. ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
  124. ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
  125. ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
  126. ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
  127. ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
  128. ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
  129. ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
  130. ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
  131. ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
  132. ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
  133. ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
  134. ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
  135. ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-02-17] (Adobe Inc. -> )
  136. ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-11-16] (win.rar GmbH -> Alexander Roshal)
  137. ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-11-16] (win.rar GmbH -> Alexander Roshal)
  138. ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-09-07] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
  139. ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-09-07] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
  140. ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
  141. ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
  142. ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.226.1031.0001\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
  143. ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2fe7c165c5dd3267\nvshext.dll [2024-01-19] (NVIDIA Corporation -> NVIDIA Corporation)
  144. ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
  145. ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-02-17] (Adobe Inc. -> )
  146. ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-11-16] (win.rar GmbH -> Alexander Roshal)
  147. ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-11-16] (win.rar GmbH -> Alexander Roshal)
  148.  
  149. ==================== Codecs (Whitelisted) ====================
  150.  
  151. ==================== Shortcuts & WMI ========================
  152.  
  153. (The entries could be listed to be restored or removed.)
  154.  
  155. ShortcutWithArgument: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Arkusze.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
  156. ShortcutWithArgument: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Documenten.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
  157. ShortcutWithArgument: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
  158. ShortcutWithArgument: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
  159. ShortcutWithArgument: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Presentaties.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kefjledonklijopmnomlcbpllchaibag
  160. ShortcutWithArgument: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
  161.  
  162. ==================== Loaded Modules (Whitelisted) =============
  163.  
  164.  
  165. ==================== Alternate Data Streams (Whitelisted) ========
  166.  
  167. (If an entry is included in the fixlist, only the ADS will be removed.)
  168.  
  169. AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [7516]
  170.  
  171. ==================== Safe Mode (Whitelisted) ==================
  172.  
  173. ==================== Association (Whitelisted) =================
  174.  
  175. ==================== Internet Explorer (Whitelisted) ==========
  176.  
  177. BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
  178. BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
  179. Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
  180. Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
  181. Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
  182. Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
  183. Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
  184. Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
  185. Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
  186. Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
  187.  
  188. ==================== Hosts content: =========================
  189.  
  190. (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
  191.  
  192. 2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
  193.  
  194. ==================== Other Areas ===========================
  195.  
  196. (Currently there is no automatic fix for this section.)
  197.  
  198. HKU\S-1-5-21-3640051670-4111558350-280212837-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
  199. DNS Servers: 192.168.0.1
  200. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
  201. Windows Firewall is enabled.
  202.  
  203. ==================== MSCONFIG/TASK MANAGER disabled items ==
  204.  
  205. (If an entry is included in the fixlist, it will be removed.)
  206.  
  207. HKLM\...\StartupApproved\Run: => "SecurityHealth"
  208. HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
  209. HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
  210. HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\StartupApproved\Run: => "utweb"
  211. HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
  212. HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\StartupApproved\Run: => "GarminExpress"
  213. HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_30FCCE2722F4190AAE310221237BB02B"
  214. HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
  215. HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\StartupApproved\Run: => "Synapse3"
  216. HKU\S-1-5-21-3640051670-4111558350-280212837-1001\...\StartupApproved\Run: => "Discord"
  217.  
  218. ==================== FirewallRules (Whitelisted) ================
  219.  
  220. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  221.  
  222. FirewallRules: [{7A3A45C6-B0E8-4A59-AD63-233522209C72}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
  223. FirewallRules: [{EDCCB674-0BE6-446D-BF69-B4A680FB5234}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
  224. FirewallRules: [{78489EE6-7F5C-4B1E-A986-4F17CDA38A8E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
  225. FirewallRules: [{29CC69E0-F0F7-4F42-9994-B90B64ED358B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
  226. FirewallRules: [{7639DC58-C60C-43BD-B5B3-A142C5C694DA}] => (Allow) C:\Users\david\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Limited)
  227. FirewallRules: [{BA5D2B2A-388E-4CB2-B7E8-BE00B9DE837E}] => (Allow) C:\Users\david\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Limited)
  228. FirewallRules: [{DD0F7CE1-25A0-4F8C-8EFE-488ED1B5D998}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
  229. FirewallRules: [{6C9D9968-2B2A-43A6-8DAB-91CE52F57BBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
  230. FirewallRules: [{F7787AFD-B833-4A82-B33B-B9235F56AE50}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
  231. FirewallRules: [{33725949-D9E4-4BC2-859C-205AE0CBFEE9}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
  232. FirewallRules: [TCP Query User{F19DB63C-3A9D-426D-B5A4-451462B6BC8A}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (OpenJS Foundation -> Node.js)
  233. FirewallRules: [UDP Query User{4B96A1A1-525E-428F-AE3F-E40CE8EB0857}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (OpenJS Foundation -> Node.js)
  234. FirewallRules: [{98BEE5F8-B002-40F8-B1FB-42E2264CFC4F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
  235. FirewallRules: [{FCB67EA6-8775-4633-BAF9-8C2E1E9EE66E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
  236. FirewallRules: [{885F546D-EB65-4E25-9471-F54755FD8961}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
  237. FirewallRules: [{B1A931A7-7B44-4272-A599-96F8EBC9741F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
  238. FirewallRules: [{B67EE921-D7AF-45C3-B4E2-92CFCCFF7158}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
  239. FirewallRules: [{A879B959-ECAE-4391-9100-BF12AD22035F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
  240. FirewallRules: [{970ACC41-A69E-483F-8C59-5CD0F66E1608}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
  241. FirewallRules: [{D570F24F-9EAE-4278-8126-BE616E43F73B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
  242. FirewallRules: [{5797A7A0-8541-4519-869E-EF989853F7F5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
  243. FirewallRules: [{55EF8059-2D56-4227-BE3E-10649901717B}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe => No File
  244. FirewallRules: [{C0D6EC21-2FEF-4882-ABB8-7091F68B6C23}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe => No File
  245. FirewallRules: [{EB03DD08-ACD4-4976-B0EC-57C0C0F34A9E}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe => No File
  246. FirewallRules: [{947489BA-51A9-48B1-B7A7-4A51E7B7FA72}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe => No File
  247. FirewallRules: [TCP Query User{59DEC8BC-C2FA-4836-904F-9D8A3DE77DB6}C:\users\david\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\david\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
  248. FirewallRules: [UDP Query User{9AF6E3E9-BAC0-40BE-B93B-031458E169DE}C:\users\david\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\david\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
  249. FirewallRules: [{B38272E3-65AC-4BCB-8E07-C409B7E57D96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
  250. FirewallRules: [{693D748E-9A13-4ABE-A6E7-E7710508A2A3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
  251. FirewallRules: [{A42618CC-28DE-4A07-9E91-2B8716D98D07}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
  252. FirewallRules: [{3ACFCAC1-2C0B-4AD3-80A1-64FD2254B905}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
  253. FirewallRules: [{A07E9BD0-F79B-47DF-AE20-FD53E660877C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
  254. FirewallRules: [{291B0310-D7C8-4AEC-8DB7-761D5CDC32D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
  255. FirewallRules: [TCP Query User{B28C689F-45A8-41DE-B03B-430F8216A083}C:\games\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\games\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
  256. FirewallRules: [UDP Query User{812BDFA5-F901-4A86-A837-99BED983096A}C:\games\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\games\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
  257. FirewallRules: [{4F5A4E5C-8FFB-4E05-845B-B2DD924BB742}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
  258. FirewallRules: [{15C50F62-3237-49D8-87D5-7CB05D71969C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
  259. FirewallRules: [{F6C172A3-1E56-4B42-8C1B-6968E094BCCF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
  260. FirewallRules: [{EB103905-D244-49A7-9F6B-EF56A193987B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
  261. FirewallRules: [{DA180F38-3CEB-43FB-8EF0-5313A8ECB637}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
  262. FirewallRules: [{9B99535C-97A4-4CC8-A16E-81856D75903D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
  263. FirewallRules: [{1EB59498-6615-4D36-827F-6F6D7477DC25}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
  264. FirewallRules: [{718CC252-7983-420D-8EDF-5CACBE563E92}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
  265. FirewallRules: [{BB3C88C7-8755-4F5A-8180-7E2D292192E7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
  266. FirewallRules: [{197A78C0-0163-4D04-8ADF-7BEFBA6C4550}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
  267. FirewallRules: [{225FFB8C-AB7A-4581-BAFE-0AB2DB27DBC9}] => (Allow) C:\Program Files (x86)\Overwolf\0.243.1.1\OverwolfBrowser.exe => No File
  268. FirewallRules: [{C582DCE0-A7FC-483C-9F4F-4C6D4991FB5C}] => (Allow) C:\Program Files (x86)\Overwolf\0.243.1.1\OverwolfBrowser.exe => No File
  269. FirewallRules: [{698D6843-00CE-47BB-8ABF-8FE03544E116}] => (Block) C:\Program Files (x86)\Overwolf\0.243.1.1\OverwolfBrowser.exe => No File
  270. FirewallRules: [{795D5A37-D237-4087-8E17-7258002BF4D7}] => (Block) C:\Program Files (x86)\Overwolf\0.243.1.1\OverwolfBrowser.exe => No File
  271. FirewallRules: [{2B2C9418-EF2E-4F19-AD39-BC5F340CF301}] => (Allow) C:\Program Files (x86)\Overwolf\0.248.120.19\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
  272. FirewallRules: [{148756C2-0EB4-42C9-809B-316EAA490432}] => (Allow) C:\Program Files (x86)\Overwolf\0.248.120.19\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
  273. FirewallRules: [{176D4DA8-223D-4D3D-818E-FD02D88A7C58}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
  274. FirewallRules: [{6D613B91-C2A4-4139-B09B-6B4447881A22}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.118.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
  275. FirewallRules: [{ACF6E253-9FE3-4DC5-80BD-73D24113FBA3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.118.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
  276. FirewallRules: [{463CECDD-526D-454F-A6A5-A2572D623059}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.118.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
  277. FirewallRules: [{5859209A-36A4-4F0D-96B2-DE01F15C2377}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.118.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
  278. FirewallRules: [{B7F893AA-6B88-4359-8083-67CD4F21A01D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
  279.  
  280. ==================== Restore Points =========================
  281.  
  282. 19-04-2024 08:49:01 Scheduled Checkpoint
  283. 28-04-2024 08:49:11 Scheduled Checkpoint
  284.  
  285. ==================== Faulty Device Manager Devices ============
  286.  
  287. Name: Base System Device
  288. Description: Base System Device
  289. Class Guid:
  290. Manufacturer:
  291. Service:
  292. Problem: : The drivers for this device are not installed. (Code 28)
  293. Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
  294.  
  295.  
  296. ==================== Event log errors: ========================
  297.  
  298. Application errors:
  299. ==================
  300. Error: (04/23/2024 01:42:43 PM) (Source: Application Error) (EventID: 1000) (User: )
  301. Description: Faulting application name: OneDrive.exe, version: 23.226.1031.1, time stamp: 0xf0836242
  302. Faulting module name: Windows.UI.Xaml.dll, version: 10.0.19041.4291, time stamp: 0x495cf6d0
  303. Exception code: 0xc0000005
  304. Fault offset: 0x00000000000e964c
  305. Faulting process id: 0x3954
  306. Faulting application start time: 0x01da9179658241eb
  307. Faulting application path: C:\Program Files\Microsoft OneDrive\OneDrive.exe
  308. Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
  309. Report Id: 9a512e87-1e08-4e8d-9135-f2eed68c5c3f
  310. Faulting package full name:
  311. Faulting package-relative application ID:
  312.  
  313. Error: (04/18/2024 12:15:49 PM) (Source: Application Error) (EventID: 1000) (User: )
  314. Description: Faulting application name: OneDrive.exe, version: 23.226.1031.1, time stamp: 0xf0836242
  315. Faulting module name: Windows.UI.Xaml.dll, version: 10.0.19041.4291, time stamp: 0x495cf6d0
  316. Exception code: 0xc0000005
  317. Fault offset: 0x00000000000e964c
  318. Faulting process id: 0x172c
  319. Faulting application start time: 0x01da8f65dfdf1f22
  320. Faulting application path: C:\Program Files\Microsoft OneDrive\OneDrive.exe
  321. Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
  322. Report Id: 4995b5c3-f213-458d-b4f9-3a86697f544e
  323. Faulting package full name:
  324. Faulting package-relative application ID:
  325.  
  326. Error: (04/15/2024 12:45:36 PM) (Source: Application Error) (EventID: 1000) (User: )
  327. Description: Faulting application name: OneDrive.exe, version: 23.226.1031.1, time stamp: 0xf0836242
  328. Faulting module name: Windows.UI.Xaml.dll, version: 10.0.19041.4291, time stamp: 0x495cf6d0
  329. Exception code: 0xc000041d
  330. Fault offset: 0x00000000000e964c
  331. Faulting process id: 0x25c4
  332. Faulting application start time: 0x01da8da3d62bedb0
  333. Faulting application path: C:\Program Files\Microsoft OneDrive\OneDrive.exe
  334. Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
  335. Report Id: 70c08d6b-66b0-4e9e-b663-09cc81de12fd
  336. Faulting package full name:
  337. Faulting package-relative application ID:
  338.  
  339. Error: (04/15/2024 12:45:35 PM) (Source: Application Error) (EventID: 1000) (User: )
  340. Description: Faulting application name: OneDrive.exe, version: 23.226.1031.1, time stamp: 0xf0836242
  341. Faulting module name: Windows.UI.Xaml.dll, version: 10.0.19041.4291, time stamp: 0x495cf6d0
  342. Exception code: 0xc0000005
  343. Fault offset: 0x00000000000e964c
  344. Faulting process id: 0x25c4
  345. Faulting application start time: 0x01da8da3d62bedb0
  346. Faulting application path: C:\Program Files\Microsoft OneDrive\OneDrive.exe
  347. Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
  348. Report Id: 3320228a-db21-492a-9b59-0cac3a57c8e9
  349. Faulting package full name:
  350. Faulting package-relative application ID:
  351.  
  352. Error: (04/13/2024 06:08:35 AM) (Source: Application Error) (EventID: 1000) (User: )
  353. Description: Faulting application name: OneDrive.exe, version: 23.226.1031.1, time stamp: 0xf0836242
  354. Faulting module name: Windows.UI.Xaml.dll, version: 10.0.19041.4291, time stamp: 0x495cf6d0
  355. Exception code: 0xc0000005
  356. Fault offset: 0x00000000000e964c
  357. Faulting process id: 0x1880
  358. Faulting application start time: 0x01da8c161ae59457
  359. Faulting application path: C:\Program Files\Microsoft OneDrive\OneDrive.exe
  360. Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
  361. Report Id: 290d0a27-116b-4307-a5f5-5af74bb2a62c
  362. Faulting package full name:
  363. Faulting package-relative application ID:
  364.  
  365. Error: (04/11/2024 03:42:27 PM) (Source: Application Error) (EventID: 1000) (User: )
  366. Description: Faulting application name: OneDrive.exe, version: 23.226.1031.1, time stamp: 0xf0836242
  367. Faulting module name: Windows.UI.Xaml.dll, version: 10.0.19041.4291, time stamp: 0x495cf6d0
  368. Exception code: 0xc0000005
  369. Fault offset: 0x00000000000e964c
  370. Faulting process id: 0x2da0
  371. Faulting application start time: 0x01da8b96cd806c4d
  372. Faulting application path: C:\Program Files\Microsoft OneDrive\OneDrive.exe
  373. Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
  374. Report Id: b115badc-f836-4119-9ab5-c385e06c2dea
  375. Faulting package full name:
  376. Faulting package-relative application ID:
  377.  
  378. Error: (04/04/2024 06:33:46 AM) (Source: Application Error) (EventID: 1000) (User: )
  379. Description: Faulting application name: OneDrive.exe, version: 23.226.1031.1, time stamp: 0xf0836242
  380. Faulting module name: Windows.UI.Xaml.dll, version: 10.0.19041.4170, time stamp: 0x7b5b862e
  381. Exception code: 0xc000041d
  382. Fault offset: 0x00000000000e964c
  383. Faulting process id: 0x5108
  384. Faulting application start time: 0x01da8648c46bd3fa
  385. Faulting application path: C:\Program Files\Microsoft OneDrive\OneDrive.exe
  386. Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
  387. Report Id: 7f544b8a-54bc-41ea-a724-6b492213c204
  388. Faulting package full name:
  389. Faulting package-relative application ID:
  390.  
  391. Error: (04/04/2024 06:33:45 AM) (Source: Application Error) (EventID: 1000) (User: )
  392. Description: Faulting application name: OneDrive.exe, version: 23.226.1031.1, time stamp: 0xf0836242
  393. Faulting module name: Windows.UI.Xaml.dll, version: 10.0.19041.4170, time stamp: 0x7b5b862e
  394. Exception code: 0xc0000005
  395. Fault offset: 0x00000000000e964c
  396. Faulting process id: 0x5108
  397. Faulting application start time: 0x01da8648c46bd3fa
  398. Faulting application path: C:\Program Files\Microsoft OneDrive\OneDrive.exe
  399. Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
  400. Report Id: b23c7f08-6a70-4e47-8e28-2c43d8eba611
  401. Faulting package full name:
  402. Faulting package-relative application ID:
  403.  
  404.  
  405. System errors:
  406. =============
  407. Error: (04/29/2024 04:22:33 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-BPMHB3T)
  408. Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.
  409.  
  410. Error: (04/28/2024 05:11:25 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-BPMHB3T)
  411. Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.
  412.  
  413. Error: (04/28/2024 04:07:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-BPMHB3T)
  414. Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.
  415.  
  416. Error: (04/28/2024 03:25:19 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-BPMHB3T)
  417. Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.
  418.  
  419. Error: (04/28/2024 02:29:03 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-BPMHB3T)
  420. Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.
  421.  
  422. Error: (04/28/2024 02:24:33 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-BPMHB3T)
  423. Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.
  424.  
  425. Error: (04/28/2024 11:32:26 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-BPMHB3T)
  426. Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.
  427.  
  428. Error: (04/28/2024 10:59:30 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-BPMHB3T)
  429. Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.
  430.  
  431.  
  432. Windows Defender:
  433. ================
  434. Date: 2024-04-29 16:17:21
  435. Description:
  436. Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
  437. For more information please see the following:
  438. https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Seraph.AAUW!MTB&threatid=2147894958&enterprise=0
  439. Name: Trojan:MSIL/Seraph.AAUW!MTB
  440. Severity: Severe
  441. Category: Trojan
  442. Path: file:_C:\Users\david\AppData\Roaming\g4O7lPas.exe; file:_C:\Users\david\AppData\Roaming\jB0MwAzU.exe
  443. Detection Origin: Local machine
  444. Detection Type: Concrete
  445. Detection Source: Real-Time Protection
  446. Process Name: C:\Users\david\Downloads\FRST64.exe
  447. Security intelligence Version: AV: 1.409.576.0, AS: 1.409.576.0, NIS: 1.409.576.0
  448. Engine Version: AM: 1.1.24030.4, NIS: 1.1.24030.4
  449.  
  450. Date: 2024-04-29 16:17:21
  451. Description:
  452. Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
  453. For more information please see the following:
  454. https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Seraph.AAUW!MTB&threatid=2147894958&enterprise=0
  455. Name: Trojan:MSIL/Seraph.AAUW!MTB
  456. Severity: Severe
  457. Category: Trojan
  458. Path: file:_C:\Users\david\AppData\Roaming\g4O7lPas.exe
  459. Detection Origin: Local machine
  460. Detection Type: Concrete
  461. Detection Source: Real-Time Protection
  462. Process Name: C:\Users\david\Downloads\FRST64.exe
  463. Security intelligence Version: AV: 1.409.576.0, AS: 1.409.576.0, NIS: 1.409.576.0
  464. Engine Version: AM: 1.1.24030.4, NIS: 1.1.24030.4
  465.  
  466. Date: 2024-04-29 06:34:47
  467. Description:
  468. Microsoft Defender Antivirus scan has been stopped before completion.
  469. Scan Type: Antimalware
  470. Scan Parameters: Quick Scan
  471.  
  472. Date: 2024-04-28 06:48:59
  473. Description:
  474. Microsoft Defender Antivirus scan has been stopped before completion.
  475. Scan Type: Antimalware
  476. Scan Parameters: Quick Scan
  477.  
  478. Date: 2024-04-27 06:46:20
  479. Description:
  480. Microsoft Defender Antivirus scan has been stopped before completion.
  481. Scan Type: Antimalware
  482. Scan Parameters: Quick Scan
  483. Event[0]:
  484.  
  485. Date: 2023-11-06 17:05:43
  486. Description:
  487. Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
  488. New security intelligence Version:
  489. Previous security intelligence Version: 1.401.164.0
  490. Update Source: Microsoft Update Server
  491. Security intelligence Type: AntiVirus
  492. Update Type: Full
  493. Current Engine Version:
  494. Previous Engine Version: 1.1.23100.2009
  495. Error code: 0x80240438
  496. Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
  497.  
  498. CodeIntegrity:
  499. ===============
  500. Date: 2023-11-27 15:29:10
  501. Description:
  502. Code Integrity determined that a process (\Device\HarddiskVolume8\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume8\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
  503.  
  504. Date: 2023-11-07 08:55:20
  505. Description:
  506. Code Integrity determined that a process (\Device\HarddiskVolume8\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume8\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
  507.  
  508.  
  509. ==================== Memory info ===========================
  510.  
  511. BIOS: American Megatrends Inc. 1.E1 11/17/2021
  512. Motherboard: Micro-Star International Co., Ltd. MPG Z390 GAMING PLUS (MS-7B51)
  513. Processor: Intel(R) Core(TM) i7-9700KF CPU @ 3.60GHz
  514. Percentage of memory in use: 65%
  515. Total physical RAM: 16318.29 MB
  516. Available physical RAM: 5692.13 MB
  517. Total Virtual: 22318.29 MB
  518. Available Virtual: 6018.6 MB
  519.  
  520. ==================== Drives ================================
  521.  
  522. Drive c: () (Fixed) (Total:930.89 GB) (Free:605.97 GB) (Model: WDC WDS100T2B0C-00PXH0) NTFS
  523. Drive d: () (Fixed) (Total:222.43 GB) (Free:216.1 GB) (Model: KINGSTON SHFS37A240G) NTFS
  524.  
  525. \\?\Volume{4001fa9d-a97b-48ad-841e-0fe4699e5610}\ (Odzyskiwanie) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
  526. \\?\Volume{e87f3700-fe5f-4a58-9974-ec8ed60497d1}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS
  527. \\?\Volume{1a2c968c-9859-484e-a673-a4fd403ac104}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
  528. \\?\Volume{4c0aaa8f-f3e9-43fd-813e-d139105c3775}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
  529. \\?\Volume{d3ee92e1-7567-427b-97fd-52eb3c6d6a11}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
  530.  
  531. ==================== MBR & Partition Table ====================
  532.  
  533. ==========================================================
  534. Disk: 0 (Size: 223.6 GB) (Disk ID: F99DC55E)
  535.  
  536. Partition: GPT.
  537.  
  538. ==========================================================
  539. Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
  540.  
  541. Partition: GPT.
  542.  
  543. ==================== End of Addition.txt =======================
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!