Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.04.2024 01 Ran by Lucas (04-05-2024 15:59:56) Running from C:\Users\Lucas\Downloads Microsoft Windows 10 Pro Version 22H2 19045.2965 (X64) (2023-07-11 20:27:05) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-861575871-2511360012-2767995932-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-861575871-2511360012-2767995932-503 - Limited - Disabled) Guest (S-1-5-21-861575871-2511360012-2767995932-501 - Limited - Enabled) Lucas (S-1-5-21-861575871-2511360012-2767995932-1000 - Administrator - Enabled) => C:\Users\Lucas WDAGUtilityAccount (S-1-5-21-861575871-2511360012-2767995932-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 23.01 (x64) (HKLM\...\7-Zip) (Version: 23.01 - Igor Pavlov) AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.) AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.24.0.0 - Advanced Micro Devices, Inc.) Hidden AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden AMD_Chipset_Drivers (HKLM-x32\...\{fa489a41-09bb-480e-95ff-0856f05112eb}) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.) Hidden AutoHotkey (HKLM\...\AutoHotkey) (Version: 2.0.13 - AutoHotkey Foundation LLC) Brother CanvasWorkspace (HKLM\...\{560F5904-8482-4BAC-BEB8-6AC2E21AB4A0}_is1) (Version: 2.6.1 - Brother Industries, Ltd.) calibre 64bit (HKLM\...\{A3E5B966-9243-4714-BF6D-8F419ACCF88E}) (Version: 7.8.0 - Kovid Goyal) CDisplayEx 1.10.33 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.) CPUID CPU-Z 2.08 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.08 - CPUID, Inc.) CrystalDiskInfo 9.1.1 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.1.1 - Crystal Dew World) Discord (HKU\S-1-5-21-861575871-2511360012-2767995932-1000\...\Discord) (Version: 1.0.9143 - Discord Inc.) EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.63.0.5576 - Electronic Arts) Hidden EA app (HKLM-x32\...\{ae8a47ff-bde1-4cd1-8d7f-0392b2ebc7cf}) (Version: 13.63.0.5576 - Electronic Arts) Epic Games Launcher (HKLM-x32\...\{AEB35C6C-B6D4-4AA0-8452-DE699737B5F6}) (Version: 1.3.82.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{35905844-0610-427D-86A0-2103FABE3D4D}) (Version: 2.0.42.0 - Epic Games, Inc.) Futuremark SystemInfo (HKLM-x32\...\{DB3FC272-D04E-42E1-A981-20A781A9561C}) (Version: 5.69.1204.0 - Futuremark) Geekbench 6 (HKLM-x32\...\Geekbench 6) (Version: - Primate Labs Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 124.0.6367.119 - Google LLC) HWiNFO64 (HKLM\...\HWiNFO64_is1) (Version: 8.00 - Martin Malik, REALiX s.r.o.) inAudible (HKLM-x32\...\{CCD146B4-EC8F-443D-A6F5-0E1ABC1133A3}) (Version: 1.197 - The GUN) Hidden inAudible (HKLM-x32\...\inAudible 1.197) (Version: 1.197 - The GUN) Kindle Previewer 3 (HKU\S-1-5-21-861575871-2511360012-2767995932-1000\...\Kindle Previewer 3) (Version: 3.72.0 - Amazon) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 124.0.2478.67 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 124.0.2478.67 - Microsoft Corporation) Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation) Microsoft HTML Help Workshop Package (HKLM-x32\...\{49F425DD-2A94-4C75-94BE-4EFF866E608B}) (Version: 4.74.8702 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Retail - en-us) (Version: 16.0.16626.20170 - Microsoft Corporation) Microsoft Visual Basic/C++ Runtime (x86) (HKLM-x32\...\{C5E3A69D-D391-45A6-A8FB-00B01E2B010D}) (Version: 1.1.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Debug Runtime - 14.36.32532 (HKLM\...\{44B8E53D-68C7-4FCD-A0D7-753CA2C2EF94}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Microsoft Visual C++ 2022 X86 Debug Runtime - 14.36.32532 (HKLM-x32\...\{B8E2B857-228D-4770-83BD-BACCFF4F7738}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{47C2CCDB-7A04-3797-992B-A84D3E90258F}) (Version: 10.0.60833 - Microsoft Corporation) Microsoft Visual Studio Code (User) (HKU\S-1-5-21-861575871-2511360012-2767995932-1000\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.84.1 - Microsoft Corporation) Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.7.2181.36443 - Microsoft Corporation) Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{6AC5612A-D067-44B9-9C8E-2C1B3473B429}) (Version: 3.7.2182.35401 - Microsoft Corporation) Hidden Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{E281F6E2-136B-4AF0-895B-253279711697}) (Version: 3.7.2182.35401 - Microsoft Corporation) Hidden MSI Afterburner 4.6.5 (HKLM-x32\...\Afterburner) (Version: 4.6.5 - MSI Co., LTD) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20170 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20170 - Microsoft Corporation) Hidden Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden Python 3.11.5 (64-bit) (HKU\S-1-5-21-861575871-2511360012-2767995932-1000\...\{2001d062-3b62-4fc6-a275-e9fa5ad9c809}) (Version: 3.11.5150.0 - Python Software Foundation) Python 3.11.5 Core Interpreter (64-bit) (HKLM\...\{C62CE14B-8E3D-4A41-8671-405CA705DDF2}) (Version: 3.11.5150.0 - Python Software Foundation) Hidden Python 3.11.5 Development Libraries (64-bit) (HKLM\...\{0FEE67DA-831A-442F-A7B1-D709EF005148}) (Version: 3.11.5150.0 - Python Software Foundation) Hidden Python 3.11.5 Documentation (64-bit) (HKLM\...\{2EB6BD56-25CA-49CB-8CFD-B03D872B8239}) (Version: 3.11.5150.0 - Python Software Foundation) Hidden Python 3.11.5 Executables (64-bit) (HKLM\...\{798A2965-0FFA-4061-AE86-FCD98A4FBB4A}) (Version: 3.11.5150.0 - Python Software Foundation) Hidden Python 3.11.5 pip Bootstrap (64-bit) (HKLM\...\{57527742-12D9-4E19-ACFF-6A7B0A88D23A}) (Version: 3.11.5150.0 - Python Software Foundation) Hidden Python 3.11.5 Standard Library (64-bit) (HKLM\...\{CDE4410B-99CE-46EB-B88B-9881AE7E7438}) (Version: 3.11.5150.0 - Python Software Foundation) Hidden Python 3.11.5 Tcl/Tk Support (64-bit) (HKLM\...\{1BA18593-41AB-434B-B31F-EEC8BBA9612A}) (Version: 3.11.5150.0 - Python Software Foundation) Hidden Python 3.11.5 Test Suite (64-bit) (HKLM\...\{6D4BE933-74FA-43A6-B654-CC1BCEF568D5}) (Version: 3.11.5150.0 - Python Software Foundation) Hidden Python 3.11.5 Utility Scripts (64-bit) (HKLM\...\{896CE1B5-5393-426C-A466-4465EEAE1363}) (Version: 3.11.5150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{2FB71770-2C2E-42A3-9136-5101D1E930F4}) (Version: 3.11.5150.0 - Python Software Foundation) qBittorrent 4.3.9 (HKLM-x32\...\qBittorrent) (Version: 4.3.9 - The qBittorrent project) Resilio Sync (HKU\S-1-5-21-861575871-2511360012-2767995932-1000\...\Resilio Sync) (Version: 2.7.3 - Resilio, Inc.) Revo Uninstaller 2.4.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.5 - VS Revo Group, Ltd.) RivaTuner Statistics Server 7.3.4 (HKLM-x32\...\RTSS) (Version: 7.3.4 - Unwinder) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.88.1929 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.3.0.7 - Rockstar Games) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Tesseract-OCR - open source OCR engine (HKLM\...\Tesseract-OCR) (Version: 5.3.3.20231005 - Tesseract-OCR community) Universal CRT Extension SDK (HKLM-x32\...\{1FBCBC17-4527-2340-0832-B1D49C41FF67}) (Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (HKLM-x32\...\{8BFBEC30-33CC-13B4-849F-3B036F27466A}) (Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Tools x64 (HKLM\...\{56745E0F-0674-D1D9-03CC-ABBC176F265B}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation) vcpp_crt.redist.clickonce (HKLM-x32\...\{5C0DFD4F-A372-4A92-94CC-4D0B2FE7F168}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools Premium ARM Base Package (HKLM-x32\...\{2057FFB1-A945-3986-97B2-98AF940184DA}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools Premium ARM Base Resource Package (HKLM-x32\...\{E38F04B8-D1BD-3473-B018-7E3730F2DB38}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools Premium X64 ARM Cross Package (HKLM-x32\...\{70DC9ED5-BECB-36D0-95FD-EFD1973EF6D3}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools Premium X64 ARM Cross Resource Package (HKLM-x32\...\{D8963EFC-09D9-389A-88E9-7DDF73785A72}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools Premium X64 Base Package (HKLM-x32\...\{55CAB84D-04E7-3C79-8735-8B9A9E84A8EF}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools Premium X64 Base Resource Package (HKLM-x32\...\{F2CCF38E-3BDF-3949-BF1C-7698901D45CE}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools Premium X64 Native Package (HKLM-x32\...\{4081C608-51D1-320D-99A1-FAAF02565CAF}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools Premium X64 Native Resource Package (HKLM-x32\...\{563243CB-8BF9-31AF-8751-43D1476CCA0C}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools Premium X64 X86 Cross Package (HKLM-x32\...\{5E112437-5FB2-348A-8287-41C3A53F841A}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools Premium X64 X86 Cross Resource Package (HKLM-x32\...\{9FF6CD4B-56A7-3C87-A451-224DB54E993E}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools Premium X86 ARM Cross Package (HKLM-x32\...\{A7835582-A211-3DA1-8095-170D12EF1556}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools Premium X86 ARM Cross Resource Package (HKLM-x32\...\{79D79585-A087-390E-810F-9DCC71E0EAF2}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools Premium X86 Base Package (HKLM-x32\...\{D4AC1B3B-E800-339A-8E51-5039A87D8B04}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools Premium X86 Base Resource Package (HKLM-x32\...\{E3307947-0949-3753-8CFB-28F9205033D0}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools Premium X86 Native Package (HKLM-x32\...\{90576CF8-49E8-3F9D-9AF8-C505DB97CEA3}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools Premium X86 Native Resource Package (HKLM-x32\...\{0E0A438A-AFD0-3B16-8E94-9E8EB27339D2}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools Premium X86 X64 Cross Package (HKLM-x32\...\{1B82A47F-85F4-32A0-BCDD-CD120DF55ABF}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools Premium X86 X64 Cross Resource Package (HKLM-x32\...\{5971EC59-A4BE-37E9-BC15-0998CFED93E2}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools X64 ARM Cross Package (HKLM-x32\...\{4AF6F442-9262-32C2-8152-06A1DA21FC4A}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools X64 ARM Cross Resource Package (HKLM-x32\...\{13014F28-38B6-33FF-BAD9-72C305D95A05}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools X64 Base Package (HKLM-x32\...\{8670BFEB-2C1B-3E19-B62E-734FCD2D9E2F}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools X64 Base Resource Package (HKLM-x32\...\{284C23A3-84C8-3A9A-8702-575CE17A6425}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools X64 Native Package (HKLM-x32\...\{AF8A22A0-37B2-3CA0-875E-944F4A0E6804}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools X64 Native Resource Package (HKLM-x32\...\{01BBA464-CA6C-30FB-A7F7-95594924E906}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools X64 X86 Cross Package (HKLM-x32\...\{5B2734F3-CE81-3AFE-8354-9607FADBEECE}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools X64 X86 Cross Resource Package (HKLM-x32\...\{9B4D7D9D-9C71-3E29-B210-1BD2490A39C5}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools X86 ARM Cross Package (HKLM-x32\...\{EB33DE16-2EC6-3529-89E4-7FA5B1D2D5D1}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools X86 ARM Cross Resource Package (HKLM-x32\...\{343B4F84-37BF-3709-8788-66D4D5DCCF6F}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools X86 Base Package (HKLM-x32\...\{1FD44599-2D0E-370C-B6C6-9C9B91FA83BB}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools X86 Base Package (HKLM-x32\...\{ED7AF65F-76EE-381A-9805-01711DBB8037}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools X86 Base Resource Package (HKLM-x32\...\{1C9E4464-BC82-35ED-9A9E-9F4CD923B9D9}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools X86 Native Package (HKLM-x32\...\{8E8C384A-1170-34D3-9F8D-9A4D55DEF222}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools X86 Native Resource Package (HKLM-x32\...\{0B65F64A-1DF0-3EEB-B8E0-BDDD69E23AC6}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools X86 X64 Cross Package (HKLM-x32\...\{6C1738A0-E331-3821-A57C-A0E939AC68E6}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools X86 X64 Cross Resource Package (HKLM-x32\...\{4DD3916A-9A5D-39CF-B451-3E4692D6FB38}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ CRT Headers Package (HKLM-x32\...\{A09F75FA-A9AB-38A2-866B-4F7F61BAE9CB}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Extra Files (HKLM-x32\...\{D50D8409-53F7-318D-A3D2-81A07FC1DC26}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Extra Resource Files (HKLM-x32\...\{7602A400-047F-3F26-BFF9-FFB6B0531146}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library ATL ARM Package (HKLM-x32\...\{1330FFAF-1F3F-35D6-9023-23199A366FC6}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library ATL Headers Package (HKLM-x32\...\{93474D68-27ED-3DD7-A6D8-025D90C1632C}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library ATL Source Package (HKLM-x32\...\{69C1E0DD-F13B-37EF-89EF-BF1DD8202658}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library ATL X64 Package (HKLM-x32\...\{934750B1-DFC7-3B26-8521-A7622976B00D}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library ATL X86 Package (HKLM-x32\...\{8F6BF52A-CDF7-3F9E-BB8B-4BF343DF2279}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library CRT ARM Desktop Package (HKLM-x32\...\{0B830AB1-F7E5-3132-AA33-A49755ED1FED}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library CRT ARM OneCore For Desktop Package (HKLM-x32\...\{E935ECCE-D177-323D-BA8A-80B88726E4AC}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library CRT ARM Redist Package (HKLM-x32\...\{02A8D242-C0B2-3037-A475-C95A110F47A1}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library CRT ARM Store Package (HKLM-x32\...\{009D8373-7BCC-35B2-852D-F3EB4C093646}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library CRT Redist Resource Package (HKLM-x32\...\{6B962144-68D8-3CCA-9178-AC06EEFA8571}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library CRT Source Package (HKLM-x32\...\{0E0F5047-DDFC-3BA6-83BB-D2E0E45031A3}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library CRT X64 Desktop Package (HKLM-x32\...\{DF8C5ACA-152D-32EE-9119-C2DBF6CE3618}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library CRT X64 OneCore For Desktop Package (HKLM-x32\...\{E1710F7D-0665-3D23-8BB9-01619F208F3B}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library CRT X64 Redist Package (HKLM-x32\...\{769BF241-5671-3F04-8E5C-FC10D774F001}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library CRT X64 Store Package (HKLM-x32\...\{3C579BBC-9933-3018-970C-9CFD1E41C899}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library CRT X86 Desktop Package (HKLM-x32\...\{02627D43-530C-361F-8792-331624A02FB3}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library CRT X86 OneCore For Desktop Package (HKLM-x32\...\{E83EA1FA-F66E-365A-BACD-B1FB4792BF71}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library CRT X86 Redist Package (HKLM-x32\...\{FC74D7DA-87D4-3780-8BE2-29FBA0777714}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library CRT X86 Store Package (HKLM-x32\...\{BDAAC32E-C6CA-3BF9-AAFD-2C69F3AD5436}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library MFC Headers Package (HKLM-x32\...\{9F0A62FC-C133-3865-8891-B006D5B5BB62}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library MFC MBCS Package (HKLM-x32\...\{F3D8134C-2312-35B2-8A00-0EDD5538E3E6}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library MFC Source Package (HKLM-x32\...\{EEB7C70A-65A1-3703-BDC5-5CEBD65E830F}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library MFC X64 Package (HKLM-x32\...\{FA8AF556-5CA8-3089-8861-B8CF2C670868}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library MFC X86 Package (HKLM-x32\...\{2AD7AC81-D0F7-3C95-AE48-DBA08AAD3B33}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library PGO ARM Package (HKLM-x32\...\{CF729C29-193F-3B12-BB05-A3641AFF527D}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library PGO Headers Package (HKLM-x32\...\{A25AF121-7B85-377A-B4CB-6365D64867B6}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library PGO X64 Package (HKLM-x32\...\{FD46E567-D16A-320F-B6F5-EBB039FC808F}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library PGO X86 Package (HKLM-x32\...\{272A3B5D-BDBB-36A2-9BF6-674D888D9FA3}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ Library PGO X86 Package (HKLM-x32\...\{F8105EE2-F948-3226-BDEC-3544D164D7AE}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ MSBuild ARM Package (HKLM-x32\...\{CD527B8C-433E-37C2-8540-2CFEA46A2895}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ MSBuild Base Package (HKLM-x32\...\{B0DCAF6A-25F5-3514-8257-8B29C73E357D}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ MSBuild Base Resource Package (HKLM-x32\...\{181E5348-0A6C-36FE-A387-D9B5835B8784}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ MSBuild X64 Package (HKLM-x32\...\{637D4863-23B1-3093-A972-3FBCACF5C896}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual C++ MSBuild X86 Package (HKLM-x32\...\{4C537CC1-74AC-343D-B7C8-A5D2A71C7988}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Visual Studio Build Tools 2022 (HKLM-x32\...\bbd46a1a) (Version: 17.7.6 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN) VS Script Debugging Common (HKLM\...\{D56DC014-C4C1-4330-B32B-D9785DAE7BCB}) (Version: 17.0.125.0 - Microsoft Corporation) Hidden vs_communitymsires (HKLM-x32\...\{AEE3049A-8A48-4FFD-97D0-D133695990F1}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_communitysharedmsi (HKLM-x32\...\{E3B95A13-C589-4E09-A331-5843B7D2BE17}) (Version: 17.7.33906 - Microsoft Corporation) Hidden vs_communityx64msi (HKLM\...\{25142701-E789-4B30-BE5D-1ABBC6A73C58}) (Version: 17.7.33906 - Microsoft Corporation) Hidden vs_CoreEditorFonts (HKLM-x32\...\{1851460E-0E63-4117-B5BA-25A2F045801B}) (Version: 17.7.40001 - Microsoft Corporation) vs_filehandler_amd64 (HKLM-x32\...\{437AA1D3-B32C-48B8-B990-DFC40B4377A5}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_filehandler_x86 (HKLM-x32\...\{7ACDEE02-0D96-45EE-BD1F-04B02E8BA9DF}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_FileTracker_Singleton (HKLM-x32\...\{7D10063F-E04A-445A-A26C-3A9DD0F1A9D4}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_githubprotocolhandlermsi (HKLM-x32\...\{91BC038F-2A3C-4104-B97B-FC591FFAF908}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_minshellinteropmsi (HKLM-x32\...\{6690B7B2-73F2-4548-8425-B3D9BDD947E8}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_minshellinteropsharedmsi (HKLM-x32\...\{F83B6F23-E63B-4C23-AE0F-CB77CAC4670B}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_minshellmsi (HKLM-x32\...\{DB26CF0E-EC82-4036-B77E-4C9B06D719D8}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_minshellmsires (HKLM-x32\...\{F23744AF-7C08-4386-8847-9339883CC12A}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_minshellsharedmsi (HKLM-x32\...\{C86459CD-1FF9-445C-AFEE-C06CFD8E5E9E}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_vswebprotocolselectormsi (HKLM-x32\...\{11E5CECF-CE4F-4C38-95A0-27D601417219}) (Version: 17.7.33905 - Microsoft Corporation) Hidden Windows Espc Package (HKLM-x32\...\{AD701057-BFDE-3036-A91F-8DA6396E5381}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Windows Espc Package (HKLM-x32\...\{E3A92238-71A5-35EC-AE23-F5770FA5AB1D}) (Version: 14.0.24247 - Microsoft Corporation) Hidden Packages: ========= Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.21.269.0_x64__rz1tebttyb220 [2024-05-01] (Dolby Laboratories) Dolby Atmos for Headphones -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforHeadphones_2.3.303.0_x64__rz1tebttyb220 [2024-05-01] (Dolby Laboratories) Microsoft Copilot -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-05-01] (Microsoft Corporation) WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2414.8.0_x64__cv1g1gvanyjgm [2024-05-01] (WhatsApp Inc.) [Startup Task] ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-861575871-2511360012-2767995932-1000_Classes\CLSID\{581FFA00-FC33-0003-0702-95003A5CDE89}\InprocServer32 -> C:\Users\Lucas\AppData\Roaming\Resilio Sync\ShellExtensionPath64_565.dll () [File not signed] CustomCLSID: HKU\S-1-5-21-861575871-2511360012-2767995932-1000_Classes\CLSID\{581FFA01-FC33-0003-0702-95003A5CDE89}\InprocServer32 -> C:\Users\Lucas\AppData\Roaming\Resilio Sync\ShellExtensionPath64_565.dll () [File not signed] ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-03-20] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-03-20] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-03-20] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ !Resilio Sync 2.7.3Done] -> {581FFA04-FC33-0003-0702-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_565.dll [2024-03-16] () [File not signed] ShellIconOverlayIdentifiers: [ !Resilio Sync 2.7.3RO] -> {581FFA03-FC33-0003-0702-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_565.dll [2024-03-16] () [File not signed] ShellIconOverlayIdentifiers: [ !Resilio Sync 2.7.3RW] -> {581FFA02-FC33-0003-0702-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_565.dll [2024-03-16] () [File not signed] ShellIconOverlayIdentifiers-x32: [ !Resilio Sync 2.7.3Done] -> {581FFA04-FC33-0003-0702-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_565.dll [2024-03-16] () [File not signed] ShellIconOverlayIdentifiers-x32: [ !Resilio Sync 2.7.3RO] -> {581FFA03-FC33-0003-0702-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_565.dll [2024-03-16] () [File not signed] ShellIconOverlayIdentifiers-x32: [ !Resilio Sync 2.7.3RW] -> {581FFA02-FC33-0003-0702-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_565.dll [2024-03-16] () [File not signed] ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-03-20] (Adobe Inc. -> ) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-03-20] (Adobe Inc. -> ) ContextMenuHandlers1_S-1-5-21-861575871-2511360012-2767995932-1000: [Resilio Sync 2.7.3] -> {581FFA00-FC33-0003-0702-95003A5CDE89} => C:\Users\Lucas\AppData\Roaming\Resilio Sync\ShellExtensionPath64_565.dll [2024-03-16] () [File not signed] ContextMenuHandlers4_S-1-5-21-861575871-2511360012-2767995932-1000: [Resilio Sync 2.7.3] -> {581FFA00-FC33-0003-0702-95003A5CDE89} => C:\Users\Lucas\AppData\Roaming\Resilio Sync\ShellExtensionPath64_565.dll [2024-03-16] () [File not signed] ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed] ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= 0000-00-00 00:00 - 0000-00-00 00:00 - 000000000 _____ () [Access Denied] C:\Program Files (x86)\Common Files\ProperServices\QlaytrVlip\TAHI3pFevxjtDiag.dll 2024-03-16 17:12 - 2024-03-16 17:12 - 002585600 _____ () [File not signed] C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_565.dll 2024-03-16 17:12 - 2024-03-16 17:12 - 003048960 _____ () [File not signed] C:\Users\Lucas\AppData\Roaming\Resilio Sync\ShellExtensionPath64_565.dll 2023-07-11 13:50 - 2023-06-20 05:00 - 000101376 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll 2023-08-17 12:34 - 2023-08-17 12:34 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll 2023-08-17 12:34 - 2023-08-17 12:34 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-08-17] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-17] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-17] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-17] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-17] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-17] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-17] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-17] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-17] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2019-12-07 06:14 - 2019-12-07 06:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-861575871-2511360012-2767995932-1000\Control Panel\Desktop\\Wallpaper -> DNS Servers: 190.55.154.137 - 181.45.64.77 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\Run32: => "Discord" HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess" HKU\S-1-5-21-861575871-2511360012-2767995932-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F60C9809C7674F5CA4B76B8C7FDAC2F9" HKU\S-1-5-21-861575871-2511360012-2767995932-1000\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-861575871-2511360012-2767995932-1000\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-861575871-2511360012-2767995932-1000\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_8382BF3968AA6F1092659864A1661B32" HKU\S-1-5-21-861575871-2511360012-2767995932-1000\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-861575871-2511360012-2767995932-1000\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-861575871-2511360012-2767995932-1000\...\StartupApproved\Run: => "EADM" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{A9A63632-C718-47F6-8E7B-148D3875F6EC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{AC201D86-C26C-46EB-ADE8-01CDEF208AC1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{11A4C0B0-5BBD-4990-B562-F52AB347A170}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{0C3F4919-66C6-487A-A42E-D0852A1465E5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{14399E07-E277-43F5-80E2-2EB6725E013C}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Skutta Software GmbH -> ) FirewallRules: [{24BDA251-150A-44A4-8CF2-E7E72B64E9D1}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Skutta Software GmbH -> ) FirewallRules: [{206D730B-3EEE-436B-B8A9-3A502AD5E563}] => (Allow) D:\SteamLibrary\steamapps\common\Star Wars Empire at War\runme.exe (Disney Interactive Studios Inc -> ) FirewallRules: [{683EA551-7FF1-4897-A592-5ADE27269BF0}] => (Allow) D:\SteamLibrary\steamapps\common\Star Wars Empire at War\runme.exe (Disney Interactive Studios Inc -> ) FirewallRules: [{C4715A67-E9A7-41D3-9906-381E57B35D4B}] => (Allow) D:\SteamLibrary\steamapps\common\Star Wars Empire at War\runme2.exe (Disney Interactive Studios Inc -> ) FirewallRules: [{F4D4C11D-509D-4E58-9DCA-241E5D5F1385}] => (Allow) D:\SteamLibrary\steamapps\common\Star Wars Empire at War\runme2.exe (Disney Interactive Studios Inc -> ) FirewallRules: [TCP Query User{195AE2AE-3F61-42BD-91D4-85C3E709BF30}D:\steamlibrary\steamapps\common\star wars empire at war\corruption\starwarsg.exe] => (Allow) D:\steamlibrary\steamapps\common\star wars empire at war\corruption\starwarsg.exe (Disney Interactive Studios Inc -> Lucasfilm Entertainment Company, Ltd.) FirewallRules: [UDP Query User{62490D9A-1601-4725-AE39-5D18DE286811}D:\steamlibrary\steamapps\common\star wars empire at war\corruption\starwarsg.exe] => (Allow) D:\steamlibrary\steamapps\common\star wars empire at war\corruption\starwarsg.exe (Disney Interactive Studios Inc -> Lucasfilm Entertainment Company, Ltd.) FirewallRules: [{AFAE39C5-3FEF-4639-8F81-516B7CD368A1}] => (Block) D:\steamlibrary\steamapps\common\star wars empire at war\corruption\starwarsg.exe (Disney Interactive Studios Inc -> Lucasfilm Entertainment Company, Ltd.) FirewallRules: [{6EF86D33-3953-4D6F-A623-83CBB7B68B98}] => (Block) D:\steamlibrary\steamapps\common\star wars empire at war\corruption\starwarsg.exe (Disney Interactive Studios Inc -> Lucasfilm Entertainment Company, Ltd.) FirewallRules: [{BEC7C008-9630-4FC8-8FBC-43464ED34C5C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{FB3B42BD-8104-4F6E-BA2C-2E2000489BFB}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{573066CE-46ED-4653-91FB-BD36F0DEE945}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{C33BC95E-2EFC-46A5-A3EB-05B4C1A75F83}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{65914BD7-29D1-4EEE-BF83-244C6B36E77F}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{F363A021-BB1F-4E1E-8747-EE34B1381306}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{CFFAA8E7-2857-4441-8CED-58A38589E491}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{07716DA0-3437-402F-8F98-DFA667D9D0C0}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{4B4661BB-DD31-4C2D-9D8E-07805D5CB6D5}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{FB026DF0-F3F7-4E4F-9DE2-59EEC3B2A41F}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{7C148D2D-8FDC-45CA-A69E-7D8936E7C233}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{0A52F966-F1CE-408D-8CDA-DF93BAC911D7}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed] FirewallRules: [{061A7FEC-89AB-498E-88DC-FEFCCF376E34}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed] FirewallRules: [{7343B8B8-EFF3-4D5E-896C-FC09C4DA2A29}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed] FirewallRules: [TCP Query User{1ED52B99-8E43-415E-857E-D0F3DE183017}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{12E39A1A-1BFB-447A-B3FA-503BC47E3D6C}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{C919094E-20DD-479E-BA3A-8D838F0FC224}] => (Allow) C:\Users\Lucas\AppData\Roaming\Resilio Sync\Resilio Sync.exe (Resilio, Inc. -> Resilio, Inc.) FirewallRules: [{C4793697-53CA-4440-81FA-8ECA0909FDD3}] => (Allow) C:\Users\Lucas\AppData\Roaming\Resilio Sync\Resilio Sync.exe (Resilio, Inc. -> Resilio, Inc.) FirewallRules: [{918F69E9-E48B-4B31-8CCE-D67EEE0C5D4E}] => (Allow) F:\SteamLibrary\steamapps\common\SuperTux\bin\supertux2.exe => No File FirewallRules: [{45576022-4D89-4BFE-87A4-73147CF267E4}] => (Allow) F:\SteamLibrary\steamapps\common\SuperTux\bin\supertux2.exe => No File FirewallRules: [TCP Query User{5F57515C-0C18-4672-B715-E73A92CE4450}F:\jkasdgfjlkas\guardians of the ball\gob\binaries\win64\gobclient-win64-shipping.exe] => (Allow) F:\jkasdgfjlkas\guardians of the ball\gob\binaries\win64\gobclient-win64-shipping.exe => No File FirewallRules: [UDP Query User{A72677D8-0CBB-4880-A791-036E23F993C7}F:\jkasdgfjlkas\guardians of the ball\gob\binaries\win64\gobclient-win64-shipping.exe] => (Allow) F:\jkasdgfjlkas\guardians of the ball\gob\binaries\win64\gobclient-win64-shipping.exe => No File FirewallRules: [{3889A09A-3DC0-4E92-A237-5080B3F64612}] => (Allow) D:\SteamLibrary\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{5DB33157-2775-4B29-A391-F8A1150EFDA3}] => (Allow) D:\SteamLibrary\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{095A71C6-543D-4A43-9631-2C7AF5D400A8}D:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) D:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{24B2D458-9BE9-4B53-9443-32C553F4218F}D:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) D:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{7FE21AE8-1648-48C0-A338-90792E608749}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{62ED1344-E398-4573-A9C0-2D03C705D67C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= 01-05-2024 20:17:14 Removed Microsoft Update Health Tools 01-05-2024 20:25:25 System Restore Point created by WinUtil 01-05-2024 20:49:14 System Restore Point created by WinUtil 01-05-2024 20:51:53 System Restore Point created by WinUtil 03-05-2024 09:47:34 Windows Modules Installer 03-05-2024 09:48:32 Windows Modules Installer 03-05-2024 23:03:15 Windows Modules Installer 03-05-2024 23:04:01 Windows Modules Installer 03-05-2024 23:06:13 Windows Modules Installer 03-05-2024 23:06:27 Windows Modules Installer 03-05-2024 23:06:37 Windows Modules Installer 03-05-2024 23:16:30 Windows Modules Installer 03-05-2024 23:16:48 Windows Modules Installer 03-05-2024 23:22:08 Windows Modules Installer 03-05-2024 23:22:24 Windows Modules Installer ==================== Faulty Device Manager Devices ============ Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ======================== Application errors: ================== Error: (05/04/2024 03:56:07 PM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Security Center failed to validate caller with error %1. Error: (05/03/2024 11:22:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied.. Error: (05/03/2024 11:22:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied.. Error: (05/03/2024 11:16:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied.. Error: (05/03/2024 11:16:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied.. Error: (05/03/2024 11:06:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied.. Error: (05/03/2024 11:06:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied.. Error: (05/03/2024 11:06:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied.. System errors: ============= Error: (05/04/2024 03:41:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The GoogleUpdaterInternalService126.0.6425.0 service failed to start due to the following error: The system cannot find the file specified. Error: (05/04/2024 03:40:20 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} Error: (05/04/2024 03:40:20 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} Error: (05/04/2024 03:40:20 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} Error: (05/04/2024 03:40:20 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} Error: (05/04/2024 03:40:20 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} Error: (05/04/2024 03:40:20 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} Error: (05/04/2024 03:40:20 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} Windows Defender: ================ Date: 2024-05-02 13:40:50 Description: C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe has been blocked from modifying %userprofile%\Documents\AutoHotkey by Controlled Folder Access. Detection time: 2024-05-02T16:40:50.053Z Path: %userprofile%\Documents\AutoHotkey Process Name: C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe Security intelligence Version: 1.409.642.0 Engine Version: 1.1.24030.4 Product Version: 4.18.24030.9 Date: 2024-05-01 16:53:42 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Zenpak.RM!MTB&threatid=2147909251&enterprise=0 Name: Trojan:Win32/Zenpak.RM!MTB Severity: Severe Category: Trojan Path: containerfile:_C:\Windows\Installer\5bee71.msi; file:_C:\Users\Lucas\AppData\Roaming\publub\DuvApp\libgcrypt-20.dll; file:_C:\Windows\Installer\5bee71.msi->disk1.cab->libgcrypt20.dll Detection Origin: Local machine Detection Type: Concrete Detection Source: User Process Name: Unknown Security intelligence Version: AV: 1.409.628.0, AS: 1.409.628.0, NIS: 1.409.628.0 Engine Version: AM: 1.1.24030.4, NIS: 1.1.24030.4 Date: 2024-04-26 16:31:02 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0 Name: HackTool:Win32/Keygen Severity: High Category: Tool Path: file:_E:\Windows 10 debloated\Other\tools\other\Windows 7 Loader eXtreme Edition v3.503 (Napalum)\w7lxe.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: User Process Name: Unknown Security intelligence Version: AV: 1.409.525.0, AS: 1.409.525.0, NIS: 1.409.525.0 Engine Version: AM: 1.1.24030.4, NIS: 1.1.24030.4 Date: 2024-04-26 16:31:02 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Gendows&threatid=2147646077&enterprise=0 Name: HackTool:Win32/Gendows Severity: High Category: Tool Path: containerfile:_E:\Windows 10 debloated\Other\tools\enterprise\WOAT_v3.2\WOAT_v3.2.exe; file:_E:\Windows 10 debloated\Other\tools\enterprise\WOAT_v3.2\WOAT_v3.2.exe->(RarSfx)->KMS\KMS.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: User Process Name: Unknown Security intelligence Version: AV: 1.409.525.0, AS: 1.409.525.0, NIS: 1.409.525.0 Engine Version: AM: 1.1.24030.4, NIS: 1.1.24030.4 Date: 2024-04-26 16:31:02 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Name: HackTool:Win32/AutoKMS Severity: High Category: Tool Path: file:_E:\Windows 10 debloated\Other\tools\enterprise\HAL7600 v1.2\HAL7600.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: User Process Name: Unknown Security intelligence Version: AV: 1.409.525.0, AS: 1.409.525.0, NIS: 1.409.525.0 Engine Version: AM: 1.1.24030.4, NIS: 1.1.24030.4 Event[0]: Date: 2024-05-04 15:40:23 Description: Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007045b Error description: A system shutdown is in progress. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the device. Date: 2024-05-01 17:31:25 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version. Security intelligence Attempted: Current Error Code: 0x80070003 Error description: The system cannot find the path specified. Security intelligence Version: 0.0.0.0;0.0.0.0 Engine Version: 0.0.0.0 Date: 2024-05-01 15:36:23 Description: Microsoft Defender Antivirus has encountered an error trying to download and configure Microsoft Defender Antivirus (offline scan). Error code: 0x8000000a Error description: The data necessary to complete this operation is not yet available. Date: 2024-04-13 12:54:45 Description: Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. Date: 2023-09-07 23:59:13 Description: Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. CodeIntegrity: =============== Date: 2024-05-04 15:54:11 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. 1804 02/02/2021 Motherboard: ASUSTeK COMPUTER INC. TUF GAMING B550M-PLUS Processor: AMD Ryzen 5 5600X 6-Core Processor Percentage of memory in use: 29% Total physical RAM: 16295.89 MB Available physical RAM: 11437.17 MB Total Virtual: 18727.89 MB Available Virtual: 12054.57 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:237.71 GB) (Free:144.24 GB) (Model: ADATA FALCON) NTFS Drive d: (Local Disk) (Fixed) (Total:931.5 GB) (Free:661.38 GB) (Model: ST1000DM010-2EP102) NTFS Drive e: (WD Elements Lucas) (Fixed) (Total:931.46 GB) (Free:482.48 GB) (Model: WD Elements 25A2 USB Device) NTFS \\?\Volume{1bfc1df5-a048-4109-ba27-ddfb6f1778d5}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS \\?\Volume{5cf667ea-b360-4c33-ba7c-9b23ed14d28d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Size: 238.5 GB) (Disk ID: 8D490578) Partition: GPT. ========================================================== Disk: 2 (Size: 931.5 GB) (Disk ID: 6847C279) Partition: GPT. ==================== End of Addition.txt =======================