Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-07-2022 Ran by User (11-07-2022 07:20:20) Running from C:\Users\User\Desktop\FRST Microsoft Windows 10 Home Version 21H1 19043.1766 (X64) (2020-09-11 13:41:52) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-139916497-3742323812-500074900-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-139916497-3742323812-500074900-503 - Limited - Disabled) Guest (S-1-5-21-139916497-3742323812-500074900-501 - Limited - Disabled) jtxqbdzueqsz (S-1-5-21-139916497-3742323812-500074900-1009 - Limited - Enabled) => C:\Users\jtxqbdzueqsz uhtpffyxya (S-1-5-21-139916497-3742323812-500074900-1002 - Limited - Disabled) User (S-1-5-21-139916497-3742323812-500074900-1001 - Administrator - Enabled) => C:\Users\User WDAGUtilityAccount (S-1-5-21-139916497-3742323812-500074900-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516} FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 22.001.20142 - Adobe) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.5.2 - Advanced Micro Devices, Inc.) ANT Drivers Installer x64 (HKLM\...\{C908C165-F564-4420-AFBC-BC9BB5093D89}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Apple Mobile Device Support (HKLM\...\{2B3CA448-5266-480F-85FA-2FCCB3C8712C}) (Version: 15.6.0.32 - Apple Inc.) Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.) BitTorrent (HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\BitTorrent) (Version: 7.10.5.46211 - BitTorrent Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Branding64 (HKLM\...\{C871FC62-0186-40ED-BAEA-7C65BE367755}) (Version: 1.00.0006 - Advanced Micro Devices, Inc.) Hidden CutePDF Writer 3.2 (HKLM\...\CutePDF Writer Installation) (Version: 3.2 - Acro Software Inc.) DinoCapture 2.0 (HKLM-x32\...\DinoCapture 2.0) (Version: 1.5.37.A - AnMo Electronics Corporation) Dino-Lite 2xx Driver (HKLM-x32\...\{ECD03DA7-5952-406A-8156-5F0C93618D1F}) (Version: 5.21.2.0 - AnMo Electronics Corporation) DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 3.4.6299.48 - PC-Doctor, Inc.) Hidden Edge3 Driver 1.0.0.3 (HKLM\...\Edge3 Driver_is1) (Version: 1.0.0.3 - Edge3 Driver) Elevated Installer (HKLM-x32\...\{AA541EFB-3F91-4A7E-A915-CCDD91C2AE11}) (Version: 7.8.1.0 - Garmin Ltd or its subsidiaries) Hidden ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 15.2.11.0 - ESET, spol. s r.o.) Garmin Express (HKLM-x32\...\{4CE72891-E662-4E1D-997A-2DB13467F489}) (Version: 7.8.1.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express (HKLM-x32\...\{e0284aaa-26dc-4fb0-b0b6-06e658bdc602}) (Version: 7.8.1.0 - Garmin Ltd or its subsidiaries) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.114 - Google LLC) Google Workspace Migration for Microsoft Outlook® 4.3.14.0 (HKLM-x32\...\{2FFC7A8D-D90C-4E91-8998-615F17A73313}) (Version: 4.3.14.0 - Google, Inc.) HP Deskjet 1510 series Basic Device Software (HKLM\...\{D17E60E8-478A-4D4A-8147-21D481B5CA55}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) Intel(R) Chipset Device Software (HKLM-x32\...\{e48a2f61-851a-4155-82f9-af1b04db8c3b}) (Version: 10.0.13 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{DB4DA836-82EC-4A96-A6A1-52B39AD19C14}) (Version: 13.0.0.1098 - Intel Corporation) Hidden Intel® Trusted Connect Service Client (HKLM\...\{B5E06417-A4AC-4225-B36E-7E34C91616E7}) (Version: 1.31.8.1 - Intel Corporation) Hidden iTunes (HKLM\...\{DCBA66F6-FF88-47BF-BC2C-8A8D187911C1}) (Version: 12.12.4.1 - Apple Inc.) LatencyMon 7.00 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.) Lenovo EasyCamera (HKLM-x32\...\{E8266049-8C7B-4A09-9E11-8BD100E0076A}) (Version: 8.0.1.2379 - GenesysLogic) Loom 0.134.0 (HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\3643b966-bc28-5bc8-95ff-3d47d66438db) (Version: 0.134.0 - Loom, Inc.) Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation) Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.15330.20230 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.49 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 103.0.1264.49 - Microsoft Corporation) Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{E36FFC78-D25E-4962-872B-9CE0E50E62CD}) (Version: 17.5.1.1 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\OneDriveSetup.exe) (Version: 22.121.0605.0002 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-139916497-3742323812-500074900-1009\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Support and Recovery Assistant (HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\a1a734b8150c1d83) (Version: 17.0.8640.17 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\Teams) (Version: 1.3.00.26064 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40649 (HKLM\...\{20C1086D-C843-36B1-B678-990089D1BD44}) (Version: 12.0.40649 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40649 (HKLM\...\{ABB19BB4-838D-3082-BDA4-87C6604181A2}) (Version: 12.0.40649 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.27.29016 (HKLM\...\{F07B1E25-5670-4556-9C7F-5A1966C83269}) (Version: 14.27.29016 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.27.29016 (HKLM\...\{E493B8F4-E300-43EC-95D0-BDF3711297EA}) (Version: 14.27.29016 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704 (HKLM-x32\...\{BF08E976-B92E-4336-B56F-2171179476C4}) (Version: 14.30.30704 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704 (HKLM-x32\...\{F6080405-9FA8-4CAA-9982-14E95D1A3DAC}) (Version: 14.30.30704 - Microsoft Corporation) Hidden Mozilla Firefox 61.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 61.0.2 (x64 en-US)) (Version: 61.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.2 - Mozilla) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.15330.20230 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.15128.20178 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.15330.20230 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden Pastel Partner Version 12 (HKLM-x32\...\{4FDDC2F0-4F85-4CFF-96FA-8281D5B7201F}) (Version: 12.1.6 - Sage Pastel) Pervasive System Analyzer (HKLM-x32\...\Pervasive System Analyzer) (Version: - ) Pervasive.SQL 9.60 Workgroup for Windows (HKLM-x32\...\{D8C0330E-C815-4C6F-9BFD-0FD570155790}) (Version: 9.60.016.000 - Pervasive Software Inc. ) psqlODBC_x64 (HKLM\...\{3F8971B0-061B-4163-9D3F-EA94151B2FCF}) (Version: 09.06.0504 - PostgreSQL Global Development Group) R for Windows 4.2.1 (HKLM\...\R for Windows 4.2.1_is1) (Version: 4.2.1 - R Core Team) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.050.0511.2021 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.) RStudio (HKLM-x32\...\RStudio) (Version: 2022.02.3+492 - RStudio) Sage Connected Services (HKLM-x32\...\{DF8DA097-ABE2-4A94-8396-D51CD51181C6}) (Version: 1.00.13 - Softline Pastel) Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) Tableau 2022.1 (20221.22.0611.0333) (HKLM\...\{ACD20364-2742-4821-8D1F-F2EAF6E15C39}) (Version: 22.1.2510 - Tableau Software) Hidden Tableau 2022.1 (20221.22.0611.0333) (HKLM-x32\...\{5a2e1c00-7a13-4199-8542-1e33b503ff08}) (Version: 22.1.2510 - Tableau Software) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer) WhatsApp (HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\WhatsApp) (Version: 2.2214.12 - WhatsApp) Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation) Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) Windows PC Health Check (HKLM\...\{014B7442-C784-45D3-A152-F7D2C651F28A}) (Version: 3.3.2110.22002 - Microsoft Corporation) Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation) Zoom (HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\ZoomUMX) (Version: 5.9.7 (3931) - Zoom Video Communications, Inc.) Zwift version 1.0.50 (HKLM-x32\...\{E4DA422A-82AB-44A4-B3A5-0AF60F47B7AB}_is1) (Version: 1.0.50 - Zwift, LLC) Packages: ========= Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.221.500.0_x64__kgqvnymyfvs32 [2022-07-01] (king.com) Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.2.2.0_x86__htrsf667h5kn2 [2021-09-13] (Dell Inc) Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.927.1.0_neutral__8xx8rvfyw5nnt [2021-09-28] (Facebook Inc) Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2020-04-25] (Flipboard) Garmin Connect Mobile -> C:\Program Files\WindowsApps\Garmin.GarminConnectMobile_3.24.1.0_x64__xpnz26pswwvpm [2018-05-21] (GARMIN INTERNATIONAL INC) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6 [2022-05-03] (HP Inc.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-09-11] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.5310.0_x64__8wekyb3d8bbwe [2022-06-08] (Microsoft Studios) [MS Ad] Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.73.51701.0_x64__8wekyb3d8bbwe [2022-06-28] (Microsoft Corporation) [Startup Task] Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10620.425.0_x64__8wekyb3d8bbwe [2022-07-05] (Microsoft Corporation) Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.19.202.0_x64__8wekyb3d8bbwe [2022-06-23] (Microsoft Studios) MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-04-28] (Microsoft Corporation) MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2022-02-15] (Microsoft Corporation) [MS Ad] MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2022-02-15] (Microsoft Corporation) [MS Ad] Stunning Cityscapes -> C:\Program Files\WindowsApps\Microsoft.StunningCityscapes_1.0.0.0_neutral__8wekyb3d8bbwe [2020-01-03] (Microsoft Corporation) Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-15] (Twitter Inc.) WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2222.12.0_x64__cv1g1gvanyjgm [2022-06-29] (WhatsApp Inc.) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-139916497-3742323812-500074900-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-139916497-3742323812-500074900-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => No File CustomCLSID: HKU\S-1-5-21-139916497-3742323812-500074900-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-07-09] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-07-09] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-06-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-07-09] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Twitter.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jgeocpdicgmkeemopbanhokmhcgcflmi ==================== Loaded Modules (Whitelisted) ============= 2021-03-09 19:48 - 2021-03-09 19:48 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL 2021-03-09 19:48 - 2021-03-09 19:48 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2018-05-21 11:23 - 2018-05-21 11:24 - 059957760 _____ (Garmin Ltd. or its subsidiaries) [File not signed] C:\Program Files\WindowsApps\Garmin.GarminConnectMobile_3.24.1.0_x64__xpnz26pswwvpm\Garmin.Connect.Mobile.dll 2014-02-26 09:11 - 2014-02-26 09:11 - 000297984 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll 2014-02-26 09:11 - 2014-02-26 09:11 - 000523264 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll 2018-02-19 20:17 - 2018-02-19 20:18 - 001286656 _____ (SQLite Development Team) [File not signed] C:\Program Files\WindowsApps\Garmin.GarminConnectMobile_3.24.1.0_x64__xpnz26pswwvpm\sqlite3.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000735232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000120832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000480256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5RemoteObjects.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000262144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2021-03-09 19:48 - 2021-03-09 19:48 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== HKU\S-1-5-21-139916497-3742323812-500074900-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB HKU\S-1-5-21-139916497-3742323812-500074900-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB HKU\S-1-5-21-139916497-3742323812-500074900-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.moneyweb.co.za/ SearchScopes: HKU\S-1-5-21-139916497-3742323812-500074900-1001 -> DefaultScope {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = SearchScopes: HKU\S-1-5-21-139916497-3742323812-500074900-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-07-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2017-05-24 22:38 - 000000826 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\PVSW\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\User\AppData\Local\Microsoft\WindowsApps;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Google\Google Apps Migration\;C:\Program Files\dotnet\ HKU\S-1-5-21-139916497-3742323812-500074900-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg HKU\S-1-5-21-139916497-3742323812-500074900-1009\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\StartupFolder: => "Pervasive.SQL Workgroup Engine.lnk" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "RtHDVBg" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "IAStorIcon" HKLM\...\StartupApproved\Run: => "DpTsClnt" HKLM\...\StartupApproved\Run: => "MMReminderService" HKLM\...\StartupApproved\Run32: => "Dropbox" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "StartCCC" HKLM\...\StartupApproved\Run32: => "MMReminderService" HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant" HKLM\...\StartupApproved\Run32: => "Zwift" HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\StartupApproved\StartupFolder: => "Monitor Ink Alerts - HP Deskjet 1510 series.lnk" HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\StartupApproved\Run: => "Payroll Notification Service" HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\StartupApproved\Run: => "GarminExpress" HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\StartupApproved\Run: => "Opera Browser Assistant" HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C" HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\StartupApproved\Run: => "electron.app.Loom" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{8E5E1601-C1CC-4302-A92F-4F1A0DAF8243}] => (Allow) C:\PVSW\bin\w3dbsmgr.exe (Pervasive Software, Inc. -> ) FirewallRules: [{64BB868C-12A0-4793-BDB0-7BD5661CAA55}] => (Allow) C:\PVSW\bin\w3dbsmgr.exe (Pervasive Software, Inc. -> ) FirewallRules: [{F5746832-B40B-4EE7-A118-435FF6076806}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{48136D34-39AA-433B-A25C-2BA105B91C3B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{06BB2BA1-ED30-4D17-9B69-A83066D930E9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{EDE17428-8AEF-40E9-AEDE-47464C65402F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{AA6D1E5C-CE99-4E32-B2CD-25A7E804575C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{CD94AEF5-3A51-46BD-8149-8E037B5FAC36}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{43EBF6B6-C8BB-4BCF-8360-68AFA6D68BDF}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{06699C44-7CF1-463F-8CEF-E1D399B543A2}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{42029B5B-566E-4AF5-9EBD-8828EABADB81}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{95C81E23-3011-4BCA-A550-B34FF66B783B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{F6428B82-C586-4D67-A09F-B620BE24E681}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{1ECB4B14-0329-45D4-B86C-CC45605E38DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [TCP Query User{1B2DB937-570F-438D-BA87-F7E1A2DD5ECF}C:\pvsw\bin\w3dbsmgr.exe] => (Allow) C:\pvsw\bin\w3dbsmgr.exe (Pervasive Software, Inc. -> ) FirewallRules: [UDP Query User{24BB7436-1A9B-419E-8B61-DFE469809EB0}C:\pvsw\bin\w3dbsmgr.exe] => (Allow) C:\pvsw\bin\w3dbsmgr.exe (Pervasive Software, Inc. -> ) FirewallRules: [{70DB26D0-63C4-4580-9034-6C1FB63D209F}] => (Allow) C:\Users\User\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{0054CCAA-E58B-4859-B84B-311F34638E25}] => (Allow) C:\Users\User\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{7F37A510-5E70-47FE-96D7-CC31C6DE5107}] => (Allow) C:\Users\User\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{FAFC042F-451A-4CF9-B907-9423232F3B10}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{F900E4E5-D29A-45FF-8755-33AED79456DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{D099BAAC-80BD-45E9-9B9C-24B90EFCFF02}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{626F71A2-42C8-46C1-9A76-4A4843AB7692}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{560AFD14-8CFA-48EF-9BCB-91533CA0304A}] => (Allow) C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{9376F883-5B56-416F-81B4-14456B40E4FB}] => (Allow) C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{05C5B27D-90B9-4E1F-9F1C-7BD70764D4DA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{1DF899AA-5500-473D-9CF6-2F54BBFCBDE9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{D4EF62AC-72DB-458C-BDF2-7C81BF23F51A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{0BB23EB4-326F-457A-A9FD-F4FC916F3FD8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{3CDE7960-979C-41B8-8ECF-4229D62BF216}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{62342BFD-19F0-42E9-BAC4-7B6DB18767E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{32A23579-EFB1-4E5E-A1F7-71CBFD23D72B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{010B021D-450D-4D20-9665-B011DE9278B2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C5169C14-0FC7-4948-8FDD-27113B07B6FC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{361CA2C7-56E0-4E9E-863A-C5C671C051FE}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{46917DB5-E45C-481F-A565-746DA3951C7C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{6B1FF555-BC52-4CD5-824B-F9220E1AC993}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{7AA6625B-2134-4EF6-8682-B20BDF60EC42}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{70ABB86F-208F-4910-9765-A9D6258696FF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{CEE175C6-36A7-4DED-A039-93CB30865F14}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{363EC9D1-282C-485A-B02D-728C9BB71C9F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.49\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Restore Points ========================= 06-07-2022 16:08:19 Scheduled Checkpoint 08-07-2022 08:25:06 Removed Intel(R) Computing Improvement Program ==================== Faulty Device Manager Devices ============ Name: Unknown USB Device (Device Descriptor Request Failed) Description: Unknown USB Device (Device Descriptor Request Failed) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ======================== Application errors: ================== Error: (07/11/2022 07:08:14 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Radeonsoftware.exe, version: 10.1.2.1862, time stamp: 0x609ac2c7 Faulting module name: Radeonsoftware.exe, version: 10.1.2.1862, time stamp: 0x609ac2c7 Exception code: 0xc0000005 Fault offset: 0x00000000003d7b82 Faulting process id: 0x3300 Faulting application start time: 0x01d894e385ed62b9 Faulting application path: C:\Program Files\AMD\CNext\CNext\Radeonsoftware.exe Faulting module path: C:\Program Files\AMD\CNext\CNext\Radeonsoftware.exe Report Id: 8f33e72e-6cdc-458e-8de8-d3d98b106ffb Faulting package full name: Faulting package-relative application ID: Error: (07/11/2022 07:08:02 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Radeonsoftware.exe, version: 10.1.2.1862, time stamp: 0x609ac2c7 Faulting module name: Radeonsoftware.exe, version: 10.1.2.1862, time stamp: 0x609ac2c7 Exception code: 0xc0000005 Fault offset: 0x00000000003d7b82 Faulting process id: 0x334c Faulting application start time: 0x01d894e38edf4c6d Faulting application path: C:\Program Files\AMD\CNext\CNext\Radeonsoftware.exe Faulting module path: C:\Program Files\AMD\CNext\CNext\Radeonsoftware.exe Report Id: 87c3d059-5d05-4860-ab6e-e2947ef2464e Faulting package full name: Faulting package-relative application ID: Error: (07/11/2022 07:05:31 AM) (Source: ESENT) (EventID: 522) (User: ) Description: StartMenuExperienceHost (10484,P,98) TILEREPOSITORYS-1-5-21-139916497-3742323812-500074900-1009: An attempt to open the device with name "\\.\C:" containing "C:\" failed with system error 5 (0x00000005): "Access is denied. ". The operation will fail with error -1032 (0xfffffbf8). Error: (07/11/2022 07:02:47 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Radeonsoftware.exe, version: 10.1.2.1862, time stamp: 0x609ac2c7 Faulting module name: Radeonsoftware.exe, version: 10.1.2.1862, time stamp: 0x609ac2c7 Exception code: 0xc0000005 Fault offset: 0x00000000003d7b82 Faulting process id: 0x224c Faulting application start time: 0x01d894e320ac5ce8 Faulting application path: C:\Program Files\AMD\CNext\CNext\Radeonsoftware.exe Faulting module path: C:\Program Files\AMD\CNext\CNext\Radeonsoftware.exe Report Id: 5ca4f50e-6019-4b4b-8337-c1ffdb811259 Faulting package full name: Faulting package-relative application ID: Error: (07/11/2022 06:54:04 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: atieclxx.exe, version: 27.20.20903.8001, time stamp: 0x609abfa7 Faulting module name: atieclxx.exe, version: 27.20.20903.8001, time stamp: 0x609abfa7 Exception code: 0xc0000005 Fault offset: 0x00000000000359c6 Faulting process id: 0xb50 Faulting application start time: 0x01d893688c3546b5 Faulting application path: C:\WINDOWS\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atieclxx.exe Faulting module path: C:\WINDOWS\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atieclxx.exe Report Id: 3315b1bf-c4c3-4703-8f53-f246e75d8ef1 Faulting package full name: Faulting package-relative application ID: Error: (07/09/2022 12:33:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.19041.546, time stamp: 0x1d3a15e7 Faulting module name: biwinrt.dll, version: 10.0.19041.1566, time stamp: 0x77f34e41 Exception code: 0xc000027b Fault offset: 0x00000000000053c5 Faulting process id: 0x1eb8 Faulting application start time: 0x01d8937f4e5ef51b Faulting application path: C:\WINDOWS\system32\backgroundTaskHost.exe Faulting module path: C:\Windows\System32\biwinrt.dll Report Id: 5d43fbb9-8eeb-40bb-a27c-d40b7b48f9ae Faulting package full name: Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 Faulting package-relative application ID: App Error: (07/09/2022 09:38:19 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid. . Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (07/09/2022 09:19:15 AM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] System errors: ============= Error: (07/11/2022 06:54:11 AM) (Source: DCOM) (EventID: 10010) (User: Dell) Description: The server Microsoft.Todos_2.73.51701.0_x64__8wekyb3d8bbwe!App.AppXcakmdstz39gy6mq7cx2par6qckax124x.mca did not register with DCOM within the required timeout. Error: (07/11/2022 06:54:09 AM) (Source: DCOM) (EventID: 10010) (User: Dell) Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXx4zfy1ffv3wctgdz2vypnybzjkh27jhw.mca did not register with DCOM within the required timeout. Error: (07/11/2022 06:54:09 AM) (Source: DCOM) (EventID: 10010) (User: Dell) Description: The server microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout. Error: (07/11/2022 06:54:09 AM) (Source: DCOM) (EventID: 10010) (User: Dell) Description: The server Microsoft.WindowsStore_22205.1401.13.0_x64__8wekyb3d8bbwe!App.AppX4kq775cvjnf3kamcw69d81vz8nk5q6hq.mca did not register with DCOM within the required timeout. Error: (07/11/2022 06:54:09 AM) (Source: DCOM) (EventID: 10010) (User: Dell) Description: The server Microsoft.Windows.Search_1.14.5.19041_neutral_neutral_cw5n1h2txyewy!ShellFeedsUI.AppXfbff151h5bmghg166fvn34ccayg70vts.mca did not register with DCOM within the required timeout. Error: (07/11/2022 06:54:09 AM) (Source: DCOM) (EventID: 10010) (User: Dell) Description: The server Microsoft.Windows.Search_1.14.5.19041_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX49we79s9ab0xp8xpjb6t6g31ep03r71y.mca did not register with DCOM within the required timeout. Error: (07/11/2022 06:54:06 AM) (Source: DCOM) (EventID: 10010) (User: Dell) Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout. Error: (07/11/2022 06:54:06 AM) (Source: DCOM) (EventID: 10010) (User: Dell) Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout. CodeIntegrity: =============== Date: 2022-07-11 07:25:05 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== BIOS: Dell Inc. A13 05/27/2019 Motherboard: Dell Inc. Processor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz Percentage of memory in use: 37% Total physical RAM: 16264.96 MB Available physical RAM: 10239.51 MB Total Virtual: 16280.96 MB Available Virtual: 8346.71 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:930.37 GB) (Free:737.87 GB) (Model: TOSHIBA MQ02ABD100H) NTFS \\?\Volume{0701a8a2-8c4b-4a9c-9512-05155be9c983}\ () (Fixed) (Total:0.77 GB) (Free:0.31 GB) NTFS \\?\Volume{d06ee446-6669-4636-99a6-c35ad2e6135c}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 103FF373) Partition: GPT. ==================== End of Addition.txt =======================