Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Spices (06-01-2022 08:41:55)
Running from C:\Users\Spices\OneDrive\Documents\OneDrive\Desktop
Microsoft Windows 10 Pro Version 21H1 19043.1415 (X64) (2020-11-13 17:18:33)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1001776605-1151265979-3107129937-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1001776605-1151265979-3107129937-503 - Limited - Disabled)
Guest (S-1-5-21-1001776605-1151265979-3107129937-501 - Limited - Disabled)
QBDataServiceUser27 (S-1-5-21-1001776605-1151265979-3107129937-1002 - Limited - Enabled) => C:\Users\TEMP.DESKTOP-RLQ6923.005
Spices (S-1-5-21-1001776605-1151265979-3107129937-1001 - Administrator - Enabled) => C:\Users\Spices
WDAGUtilityAccount (S-1-5-21-1001776605-1151265979-3107129937-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Spybot - Search and Destroy (Disabled - Out of date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: ESET Security (Disabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}
FW: AVG Antivirus (Enabled) {77FCDD80-5C3B-5549-57A4-B1A62BD5FB8F}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 21.007.20099 - Adobe)
Backup and Sync from Google (HKLM\...\{685BAD50-A3AA-4B91-A15B-77F9DC7346D4}) (Version: 3.57.4043.4118 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.87 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 96.1.13589.113 - Piriform Software)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
Data Lifeguard Diagnostic for Windows 1.31 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
DesignPro 5.4 Limited Edition (HKLM-x32\...\InstallShield_{71F6DF7D-B639-4FAD-BA93-E6DF267AA44D}) (Version: 5.2.1201 - Avery Dennison)
ESET Security (HKLM\...\{4DB10B50-978B-4DB0-8127-79F8D302AC5A}) (Version: 15.0.21.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.110 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 54.0.2.0 - Google LLC)
HP Color LaserJet MFP M278-M281 Help (HKLM-x32\...\{3DF29BF3-A40D-4BDC-BE5D-FA592999A767}) (Version: 0.00.0005 - HP)
HP ColorLaserJet MFP M278-M281 Basic Device Software (HKLM\...\{61F983A9-6F6F-40F0-B4AA-FF2B17BAB911}) (Version: 44.1.2549.17189 - HP Inc.)
HP Dropbox Plugin (HKLM-x32\...\{EF65265C-816D-4992-A8CC-C91CDEC9ED33}) (Version: 36.0.102.68541 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{858E7C53-B406-4798-B4CA-761420FF2B5F}) (Version: 43.0.0.0 - HP)
HP FTP Plugin (HKLM-x32\...\{07DA4F28-63FA-43F7-A554-B159E9A7E649}) (Version: 43.0.0.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{CF634681-E024-430C-AFF2-B9EE43A7E452}) (Version: 36.0.102.68541 - HP)
HP OneDrive Plugin (HKLM-x32\...\{1E191DFB-7B91-4B11-AB95-884D59ECE599}) (Version: 36.0.0.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{1ED7BE66-39E7-4A65-8EEF-68CE80F3416C}) (Version: 43.0.0.0 - HP)
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
I.R.I.S OCR (HKLM-x32\...\{3913CCF7-436B-4A7A-A265-62E9FFDD03D9}) (Version: 15.2.10.1114 - HP Inc.)
Java 8 Update 191 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
JeRM Process Viewer 1.1.0.3 (HKLM-x32\...\JeRM Process Viewer_is1) (Version: - )
Malwarebytes version 4.4.11.149 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.11.149 - Malwarebytes)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14701.20262 - Microsoft Corporation)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.14701.20262 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1001776605-1151265979-3107129937-1001\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1001776605-1151265979-3107129937-1001\...\Teams) (Version: 1.2.00.19260 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MSRX (HKLM-x32\...\MSRXv2017) (Version: v2017 - )
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20248 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Product Improvement Study for HP ColorLaserJet MFP M278-M281 (HKLM\...\{8ADB6C99-9D2B-4069-B9C7-995E517EFE28}) (Version: 44.1.2549.17189 - HP Inc.)
QuickBooks (HKLM-x32\...\{B52E01F1-D34E-4381-B590-28DFF3C0B647}) (Version: 27.0.4016.2702 - Intuit Inc.) Hidden
QuickBooks Desktop File Doctor (HKLM-x32\...\{07441683-C1C3-43BC-B3E7-F213B3A69B76}) (Version: 4.6.0.0 - Intuit Inc.)
QuickBooks Pro 2017 (HKLM-x32\...\{82F55A7D-6BEB-436B-A1DC-586E113782D7}) (Version: 27.0.4001.2702 - Intuit Inc.)
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
RepairSolutions (HKLM-x32\...\{94FA6651-E735-48D4-950A-93291C14DB63}) (Version: 3.0.19 - Innova Electronics)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.8.68.0 - Safer-Networking Ltd.)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.19260 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.25.8 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Winmail Reader 1.2.15 (HKLM-x32\...\Winmail Reader_is1) (Version: - Kopf)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-05] (Autodesk Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_133.1.340.0_x64__v10z8vjag6ke6 [2021-12-13] (HP Inc.)
JAR File Opener -> C:\Program Files\WindowsApps\62307pauljohn.JARFileOpener_1.2.0.0_neutral__7sv5v3m8wq0b2 [2018-04-16] (pauljohn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12160.0_x64__8wekyb3d8bbwe [2021-12-22] (Microsoft Studios) [MS Ad]
Open Any File -> C:\Program Files\WindowsApps\38184CDCTech.495572C750D15_1.2.102.0_x64__vwv5vk6p12k08 [2018-08-24] (For Better Digital Life - 1st Famous Tool Provider)
Open File Viewer (Free) -> C:\Program Files\WindowsApps\SolvusoftCorporation.32792D4052C2D_1.1.2.0_x86__8gdaqrm1kfbzy [2018-04-16] (Solvusoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-09] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-11-21] (Adobe Systems Incorporated)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0 [2021-12-10] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1001776605-1151265979-3107129937-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Spices\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1001776605-1151265979-3107129937-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Spices\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\54.0.2.0\drivefsext.dll [2021-12-14] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\54.0.2.0\drivefsext.dll [2021-12-14] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\54.0.2.0\drivefsext.dll [2021-12-14] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\54.0.2.0\drivefsext.dll [2021-12-14] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-10-19] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-10-19] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-10-19] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\54.0.2.0\drivefsext.dll [2021-12-14] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-12-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-10-19] (Google LLC -> Google)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-12-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-12-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\54.0.2.0\drivefsext.dll [2021-12-14] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-10-19] (Google LLC -> Google)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\54.0.2.0\drivefsext.dll [2021-12-14] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-12-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-12-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2006-01-19 04:36 - 2006-01-19 04:36 - 001017856 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Intuit\QuickBooks 2017\dbghelp.dll
2020-04-18 08:45 - 2020-04-18 08:45 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2020-04-18 08:45 - 2020-04-18 08:45 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Spices\Documents\para norma.jpeg:3or4kl4x13tuuug3Byamue2s4b [105]
AlternateDataStreams: C:\Users\Spices\Documents\para norma.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Spices\Documents\tapiascan.jpeg:3or4kl4x13tuuug3Byamue2s4b [105]
AlternateDataStreams: C:\Users\Spices\Documents\tapiascan.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\98963565.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\98963565.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1001776605-1151265979-3107129937-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2020-01-30] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2020-01-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: intu-help-qb10 - {E795042F-8A29-42E4-B265-2C7AB38E8AEE} - C:\Program Files (x86)\Intuit\QuickBooks 2017\HelpAsyncPluggableProtocol.dll [2020-02-20] (Intuit, Inc. -> Intuit, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1001776605-1151265979-3107129937-1001\...\sharepoint.com -> hxxps://campuen-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 05:46 - 2018-12-03 08:19 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Intuit\QBPOSSDKRuntime;C:\Program Files (x86)\HP\IdrsOCR_15.2.10.1114\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1001776605-1151265979-3107129937-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Spices\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\JA.jpg
HKU\S-1-5-21-1001776605-1151265979-3107129937-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: ccleaner => 2
MSCONFIG\Services: CCleanerBrowserElevationService => 3
MSCONFIG\Services: ccleanerm => 3
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HPPrintScanDoctorService => 2
MSCONFIG\Services: iaStorAfsService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: QBCFMonitorService => 2
MSCONFIG\Services: QBFCService => 3
MSCONFIG\Services: QBVSS => 2
MSCONFIG\Services: QuickBooksDB27 => 3
MSCONFIG\Services: RstMwService => 2
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: TeamViewer => 2
HKLM\...\StartupApproved\StartupFolder: => "Intuit Data Protect.lnk"
HKLM\...\StartupApproved\StartupFolder: => "QuickBooks Update Agent.lnk"
HKLM\...\StartupApproved\StartupFolder: => "QuickBooks_Standard_21.lnk"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-1001776605-1151265979-3107129937-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-1001776605-1151265979-3107129937-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1001776605-1151265979-3107129937-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1001776605-1151265979-3107129937-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1001776605-1151265979-3107129937-1001\...\StartupApproved\Run: => "CCleanerBrowserAutoLaunch_EBA6280FE373BC45FCF9CDB43D2FE029"
HKU\S-1-5-21-1001776605-1151265979-3107129937-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_B33159A89B3D11FEC37F658395A0456B"
HKU\S-1-5-21-1001776605-1151265979-3107129937-1001\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-1001776605-1151265979-3107129937-1001\...\StartupApproved\Run: => "prueba"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{995540E7-DBA9-4543-91CB-2DE90AE50AD3}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\qblaunch.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{FCF230FD-6240-4705-A533-03FDC5E9F371}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\qblaunch.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{79263838-C0DF-482B-8D84-551E7F710BD0}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit, Inc. -> Intuit)
FirewallRules: [{16284864-0073-4013-9637-FFF1BBF3D97A}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit, Inc. -> Intuit)
FirewallRules: [{3A6B64F3-235B-456D-9A5A-B649638F8D82}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2017\filemanagement.exe (Intuit, Inc. -> )
FirewallRules: [{5E4BE705-E5DB-448F-90AD-08885A66159F}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2017\filemanagement.exe (Intuit, Inc. -> )
FirewallRules: [{021ED30E-C7E4-4894-8198-D1B3F88A36BD}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2017\dbmanagerexe.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{75C41CBD-78B1-4083-BAF2-C29630A300F7}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2017\dbmanagerexe.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{9BE43288-3223-4452-BB87-F03340C60331}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2017\qbw32.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{2E49300B-0B50-49C0-A319-980136628816}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2017\qbw32.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{1C815135-710D-4E5C-B9F4-2E755DE0A666}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2017\qbdbmgrn.exe (SAP -> SAP AG or an SAP affiliate company)
FirewallRules: [{B4427F78-1A26-4F8B-B763-6A8EF1292AE3}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2017\qbdbmgrn.exe (SAP -> SAP AG or an SAP affiliate company)
FirewallRules: [{793E310A-D0E6-4480-A15E-B5A5B6A42A47}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B2E5E52A-8379-4DFE-AD27-10B55CCA0652}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4BB8F53B-E890-443D-B4CD-13682CD7B534}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{EDAB2953-4472-4043-B744-F8D659844BA6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{686EC7D2-EC8D-43DD-918D-A12E1A32CDBE}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\bin\EWSProxy.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{D2446537-5F75-4E55-B9FA-7CBCB6EE79FC}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\bin\FaxApplications.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{533B2128-4584-4E0D-9A33-FC36D516FF36}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{42D2A4B3-1717-4CC5-A46D-94661F92FB49}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\bin\SendAFax.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{29F6DC2E-935C-4ACB-A6A3-535DED85D2B3}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{64F37FC5-9682-488F-B7A1-E33537529E3C}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{CFF24E33-06E2-417A-ADE7-E746B0359CBB}] => (Allow) LPort=5357
FirewallRules: [{ACC4DF4B-3E22-452B-B664-E96DA333E11E}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{7A01A7FC-30F2-43E6-AB8E-E4AAF0F3E2BA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6D59EC30-DCE0-4F4B-94CB-CA71DD2FCC25}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3A2F14C4-F5EB-4B15-9A4E-D4DEB3E66BFA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2B9484E4-C3F4-4EAA-B51F-F32A0A4D45FD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{324995A9-4E1D-4924-9EED-3526411D4278}C:\program files\avast software\avast\avastui.exe] => (Block) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [UDP Query User{01061E88-0E48-41BF-BFF0-4645F1032548}C:\program files\avast software\avast\avastui.exe] => (Block) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [{C58F96C4-A765-4AF7-926A-D4A372E2ACB5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C08DB9AA-4ABF-4840-8EF8-E8220B4FAE28}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3AF2CF79-0DDA-49BA-BE27-17569546FC58}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F81EF7F2-3ADC-4D0F-B438-2F833B5A2717}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E23FE3B3-11B1-4853-83F0-357FC014A3EF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{431B8400-CFAB-468A-83B5-CBC5D590F2CA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8EE19B7D-795E-413A-A71D-940BFE34D3F6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DA87758F-C512-41DC-BB29-6D8B580B9A32}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AB2867A3-D0AD-4AE3-8C4B-C06263DB53BF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{29DFC5DD-A680-4483-83D8-C3BA63547C58}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{25C3F6FD-6240-47FA-92A0-848C7C9F6BA5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C8DCC20A-B654-4C29-93CE-158A08F2CD96}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{45A4B1C1-6832-4D67-A2BD-97D4E566EA73}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4312ED41-9163-4470-B8CD-346C9335E891}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{72B9F358-F9B9-44A3-9668-CB72E4A2EAA3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DF189A94-74DA-4AAF-AB02-568086C82980}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{180619A7-2EDA-4374-970C-57BBD7643BA9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3DC94649-7F5E-4F42-927D-D682ABA8E46A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6F63F8DE-400C-47B2-9BE7-B641B487F36D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B34877D6-947B-44DF-A69D-43E34C8B3727}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
==================== Restore Points =========================
20-12-2021 08:35:54 Scheduled Checkpoint
27-12-2021 10:25:58 Scheduled Checkpoint
05-01-2022 09:24:03 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
Name: PCI Serial Port
Description: PCI Serial Port
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (01/06/2022 08:39:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Faulting module name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Exception code: 0xc0000005
Fault offset: 0x00005c92
Faulting process id: 0x2a80
Faulting application start time: 0x01d8031c09705ad4
Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Faulting module path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Report Id: a689181d-310d-40d4-b570-375bc3456645
Faulting package full name:
Faulting package-relative application ID:
Error: (01/06/2022 08:33:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Faulting module name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Exception code: 0xc0000005
Fault offset: 0x00005c92
Faulting process id: 0x101c
Faulting application start time: 0x01d8031b15d54ac4
Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Faulting module path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Report Id: 6c5d20c2-6f95-4e60-8bfc-70908908dfbc
Faulting package full name:
Faulting package-relative application ID:
Error: (01/06/2022 08:32:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Faulting module name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Exception code: 0xc0000005
Fault offset: 0x00005c92
Faulting process id: 0x301c
Faulting application start time: 0x01d8031b0aa3e61b
Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Faulting module path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Report Id: 2da6a4bf-e18f-4ba8-b755-99aadaf4f54e
Faulting package full name:
Faulting package-relative application ID:
Error: (01/06/2022 08:32:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Faulting module name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Exception code: 0xc0000005
Fault offset: 0x00005c92
Faulting process id: 0x1c64
Faulting application start time: 0x01d8031b03e78b71
Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Faulting module path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Report Id: e250fe03-924e-45c0-83b8-8e40140ac5f6
Faulting package full name:
Faulting package-relative application ID:
Error: (01/06/2022 08:30:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Faulting module name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Exception code: 0xc0000005
Fault offset: 0x00005c92
Faulting process id: 0x3e50
Faulting application start time: 0x01d8031ab90afced
Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Faulting module path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Report Id: 1e1ea152-fcf4-4c1e-bad5-a8d0aeb229b0
Faulting package full name:
Faulting package-relative application ID:
Error: (01/06/2022 08:29:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Faulting module name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Exception code: 0xc0000005
Fault offset: 0x00005c92
Faulting process id: 0x32ac
Faulting application start time: 0x01d8031aa3cf9cff
Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Faulting module path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Report Id: 23ffce60-ba77-4e47-949f-80a4b86bbdd9
Faulting package full name:
Faulting package-relative application ID:
Error: (01/06/2022 08:23:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Faulting module name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Exception code: 0xc0000005
Fault offset: 0x00005c92
Faulting process id: 0x2484
Faulting application start time: 0x01d80319b0364b07
Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Faulting module path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Report Id: 5dc2ca62-f68f-4222-90b3-dff184470e8f
Faulting package full name:
Faulting package-relative application ID:
Error: (01/06/2022 08:22:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Faulting module name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Exception code: 0xc0000005
Fault offset: 0x00005c92
Faulting process id: 0xbc8
Faulting application start time: 0x01d80319a5027b1b
Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Faulting module path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Report Id: e2c44b4e-ccac-4191-87f5-344e703745d4
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (01/05/2022 11:01:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The QBCFMonitorService service terminated unexpectedly. It has done this 1 time(s).
Error: (12/30/2021 09:36:50 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: The default transaction resource manager on volume E: encountered a non-retryable error and could not start. The data contains the error code.
Error: (12/30/2021 09:28:48 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RLQ6923)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
Error: (12/30/2021 09:28:45 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RLQ6923)
Description: The server {20A10BD4-0FF4-45E8-87EF-D2708E99CEAA} did not register with DCOM within the required timeout.
Error: (12/30/2021 08:31:19 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: The default transaction resource manager on volume E: encountered a non-retryable error and could not start. The data contains the error code.
Error: (12/27/2021 08:06:33 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: The default transaction resource manager on volume E: encountered a non-retryable error and could not start. The data contains the error code.
Error: (12/27/2021 07:47:29 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: The default transaction resource manager on volume E: encountered a non-retryable error and could not start. The data contains the error code.
Error: (12/22/2021 08:44:51 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: The default transaction resource manager on volume E: encountered a non-retryable error and could not start. The data contains the error code.
Windows Defender:
================
Date: 2022-01-05 09:58:02
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-04 10:16:28
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-03 09:45:20
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-02 11:36:57
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-01 11:36:57
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2021-12-10 09:44:46
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.355.38.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18800.4
Error code: 0x8024001e
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
CodeIntegrity:
===============
Date: 2022-01-06 08:41:02
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2022-01-06 07:51:18
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive File Stream\54.0.2.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. A07 09/10/2011
Motherboard: Dell Inc. 0VNP2H
Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 45%
Total physical RAM: 8072.89 MB
Available physical RAM: 4424.1 MB
Total Virtual: 9456.87 MB
Available Virtual: 4957.69 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.47 GB) (Free:857.97 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:74.53 GB) (Free:0 GB) NTFS
Drive f: () (Removable) (Total:7.49 GB) (Free:7.48 GB) FAT32
\\?\Volume{1549f232-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{1549f232-0000-0000-0000-60c0e8000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=517 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 74.5 GB) (Disk ID: AE32AE32)
Partition 1: (Not Active) - (Size=74.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (Protective MBR) (Size: 7.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================