Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02 Ran by user (17-11-2023 11:26:07) Running from C:\Users\user\Desktop Microsoft Windows 10 Pro Version 22H2 19045.3693 (X64) (2021-09-18 20:21:57) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-3428885277-3589225921-2990357218-500 - Administrator - Disabled) Guest (S-1-5-21-3428885277-3589225921-2990357218-501 - Limited - Disabled) user (S-1-5-21-3428885277-3589225921-2990357218-1001 - Administrator - Enabled) => C:\Users\user WDAGUtilityAccount (S-1-5-21-3428885277-3589225921-2990357218-504 - Limited - Disabled) Προεπιλεγμένος λογαριασμός (S-1-5-21-3428885277-3589225921-2990357218-503 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 23.01 (x64) (HKLM\...\7-Zip) (Version: 23.01 - Igor Pavlov) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.3.0.61 - Adobe Inc.) Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0) (Version: 20.0.0 - Adobe Systems Incorporated) AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.17.25.506 - Advanced Micro Devices, Inc.) AMD SBxxx SMBus Driver Alpha (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.4.1 - Advanced Micro Devices, Inc.) AMD_Chipset_Drivers (HKLM-x32\...\{9bbdaa84-1315-4bcf-ac55-57449b4228f1}) (Version: 2.17.25.506 - Advanced Micro Devices, Inc.) Hidden Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.23.4 - Ashampoo GmbH & Co. KG) Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 119.1.60.118 - Οι συντάκτες του Brave) BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.74.1085 - AB Team, d.o.o.) CCleaner (HKLM\...\CCleaner) (Version: 6.17 - Piriform) Core Temp 1.17.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17.1 - ALCPU) Discord (HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\Discord) (Version: 0.0.310 - Discord Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 119.0.6045.160 - Google LLC) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Officejet 4500 G510n-z 14.0 Rel. 6 (HKLM\...\{6B9B2E57-D988-4258-8A2C-6F3657A600BD}) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) League of Legends PBE (HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\Riot Game league_of_legends.pbe) (Version: - Riot Games, Inc) Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains) Macrium Reflect Free Edition (HKLM\...\{3323C7F6-9CAD-4203-A264-79B834D82C53}) (Version: 7.3.5854 - Paramount Software (UK) Ltd.) Hidden Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 7.3 - Paramount Software (UK) Ltd.) Malwarebytes version 4.6.6.294 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.6.294 - Malwarebytes) Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.16924.20150 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 119.0.2151.58 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.58 - Microsoft Corporation) Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.221.1024.0002 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\Teams) (Version: 1.6.00.1381 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29334 (HKLM\...\{2E11EF4E-901F-4B2D-B68E-3DB2A566C857}) (Version: 14.28.29334 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29334 (HKLM\...\{8A3F7D5B-422D-49D9-84F7-8DC1B7782967}) (Version: 14.28.29334 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704 (HKLM-x32\...\{BF08E976-B92E-4336-B56F-2171179476C4}) (Version: 14.30.30704 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704 (HKLM-x32\...\{F6080405-9FA8-4CAA-9982-14E95D1A3DAC}) (Version: 14.30.30704 - Microsoft Corporation) Hidden Mozilla Firefox (x64 el) (HKLM\...\Mozilla Firefox 119.0.1 (x64 el)) (Version: 119.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 88.0.1 - Mozilla) NAPS2 6.1.2 (HKLM-x32\...\NAPS2 (Not Another PDF Scanner 2)_is1) (Version: - Ben Olden-Cooligan) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project) OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20124 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20150 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden Overwolf (HKLM-x32\...\Overwolf) (Version: 0.236.0.11 - Overwolf Ltd.) PlayStation™Now (HKLM-x32\...\{845D0080-3314-4D3A-96A4-D6FE948A2BA2}) (Version: 11.7.0 - Sony Interactive Entertainment Network America LLC) Python 3.11.2 (64-bit) (HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\{4d5f29cf-3d3f-455f-bd47-5a52fb830b25}) (Version: 3.11.2150.0 - Python Software Foundation) Python 3.11.2 Add to Path (64-bit) (HKLM\...\{48E8B3E4-EEE2-4DB3-A518-C2B8A3075B5A}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden Python 3.11.2 Core Interpreter (64-bit) (HKLM\...\{0D38B9A4-4312-465D-A472-450BF75A0460}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden Python 3.11.2 Development Libraries (64-bit) (HKLM\...\{A15F08D3-26E4-4F0B-BA8B-ED59A52D6A02}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden Python 3.11.2 Documentation (64-bit) (HKLM\...\{1F5C7063-8305-4755-A643-32DE2BE966F9}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden Python 3.11.2 Executables (64-bit) (HKLM\...\{D6BE8071-9505-4EE4-9E42-916584C2D21C}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden Python 3.11.2 pip Bootstrap (64-bit) (HKLM\...\{6E84DCAA-19DD-4560-AAE7-043EADF5C1F8}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden Python 3.11.2 Standard Library (64-bit) (HKLM\...\{6C19B2EE-FA34-4270-A87F-1FF008C1AC6E}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden Python 3.11.2 Tcl/Tk Support (64-bit) (HKLM\...\{6F13A394-E3EA-4585-9ADE-046B69F1F902}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden Python 3.11.2 Test Suite (64-bit) (HKLM\...\{83C32D05-F3C4-4D61-877E-0A4C6717E7DC}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden Python 3.11.2 Utility Scripts (64-bit) (HKLM\...\{6CE85987-8440-409D-BE75-F5128943F67B}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.24.34 - Razer Inc.) Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) SpotiFlyer (HKLM\...\{A9099229-3065-3338-99A8-617C9A6D3C85}) (Version: 3.6.1 - Shabinder) Spotify (HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\Spotify) (Version: 1.1.79.763.gc2965cdf - Spotify AB) Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.7174 - Microsoft Corporation) TeamViewer (HKLM\...\TeamViewer) (Version: 15.17.7 - TeamViewer) TFTactics (HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\Overwolf_delfmdadipjjmpajblkalfkbebcbldbknecigjpc) (Version: 1.10.0 - Overwolf app) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN) WinDirStat 1.1.2 (HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\WinDirStat) (Version: - ) Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23367 - Microsoft Corporation) Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 2.2 Build 10 - Windscribe Limited) Έλεγχος λειτουργίας υπολογιστή Windows (HKLM\...\{702FCC72-69E9-45C8-9BA3-A6C00B04B80C}) (Version: 3.6.2204.08001 - Microsoft Corporation) Εφαρμογές Microsoft 365 για μεγάλες επιχειρήσεις - el-gr (HKLM\...\O365ProPlusRetail - el-gr) (Version: 16.0.16924.20150 - Microsoft Corporation) Packages: ========= Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2650.3.0_x64__kgqvnymyfvs32 [2023-11-08] (king.com) Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.256.300.0_x64__kgqvnymyfvs32 [2023-11-15] (king.com) Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_2023.8.31.0_neutral__6rarf9sa4v8jt [2023-10-18] (Disney) Galaxy Buds -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.GalaxyBuds_5.8.0.0_x64__3c1yjt4zspk6g [2023-11-08] (Samsung Electronics Co. Ltd.) [Startup Task] Hades -> C:\Program Files\WindowsApps\SupergiantGamesLLC.Hades_1.0.38246.0_x64__q53c1yqmx7pha [2021-11-02] (Supergiant Games, LLC) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_150.1.1140.0_x64__v10z8vjag6ke6 [2023-11-14] (HP Inc.) Human Fall Flat -> C:\Program Files\WindowsApps\CurveDigital.HumanFallFlatPC_1.2.0.0_x64__1ezqdnbhnc70m [2021-11-02] (Curve Digital) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-09-18] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-09-18] (Microsoft Corporation) [MS Ad] Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.20.4102.0_x64__8wekyb3d8bbwe [2023-11-03] (Microsoft Studios) Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.3.7.0_x64__8wekyb3d8bbwe [2023-09-11] (Microsoft Studios) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-07-01] (Netflix, Inc.) Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.1108.0_x64__8wekyb3d8bbwe [2023-11-14] (Microsoft Corporation) Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-10-20] (Microsoft Corporation) Slime Rancher -> C:\Program Files\WindowsApps\MonomiPark.SlimeRancher_2.0.8.0_x64__9ahw7gx0g86p2 [2022-01-21] (Monomi Park) Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-08] (Microsoft Studios) [MS Ad] Stardew Valley -> C:\Program Files\WindowsApps\Mutable\ConcernedApe.StardewValleyPC_1.5.60002.0_x64__0c8vynj4cqe4e [2022-01-26] () ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3428885277-3589225921-2990357218-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22349.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3428885277-3589225921-2990357218-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\user\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.221.1024.0002\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.221.1024.0002\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.221.1024.0002\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.221.1024.0002\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.221.1024.0002\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.221.1024.0002\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.221.1024.0002\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.221.1024.0002\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.221.1024.0002\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.221.1024.0002\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.221.1024.0002\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.221.1024.0002\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.221.1024.0002\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.221.1024.0002\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.221.1024.0002\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-09-20] (Paramount Software UK Ltd -> Paramount Software UK Ltd) ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-09-20] (Paramount Software UK Ltd -> Paramount Software UK Ltd) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-11-15] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.221.1024.0002\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed] ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.221.1024.0002\FileSyncShell64.dll [2023-11-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-04-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-11-15] (Malwarebytes Inc. -> Malwarebytes) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\user\Desktop\Tartube.lnk -> C:\Users\user\AppData\Local\Tartube\msys64\home\user\tartube\tartube_64bit.bat () Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tartube\Tartube.lnk -> C:\Users\user\AppData\Local\Tartube\msys64\home\user\tartube\tartube_64bit.bat () ==================== Loaded Modules (Whitelisted) ============= 2020-07-27 10:23 - 2020-07-27 10:23 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2011-08-18 00:29 - 2011-08-18 00:29 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll 2023-11-09 22:21 - 2023-06-20 10:00 - 000101376 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll 2021-11-02 20:45 - 2023-11-17 09:53 - 000634880 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\gameplatformservices.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000735232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000480256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5RemoteObjects.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2020-07-27 10:23 - 2020-07-27 10:23 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\user\Desktop\esetonlinescanner.exe:MBAM.Zone.Identifier [160] ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-10-04] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\sharepoint.com -> hxxps://newyorkcollege-files.sharepoint.com ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2023-10-21 12:51 - 2023-11-15 11:29 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\SET ME FREE.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk" HKLM\...\StartupApproved\Run: => "Riot Vanguard" HKLM\...\StartupApproved\Run: => "Reflect UI" HKLM\...\StartupApproved\Run32: => "Lightshot" HKLM\...\StartupApproved\Run32: => "Razer Synapse" HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\StartupApproved\StartupFolder: => "IMVU.lnk" HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\StartupApproved\Run: => "Overwolf" HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\StartupApproved\Run: => "Synapse3" HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\StartupApproved\Run: => "OneDrive" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{C5732C72-C5E1-4B6A-A005-E4836DA4DE55}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [UDP Query User{31D89A89-E7BD-4103-8022-0C76097FA6C0}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{ABE4E02B-153A-4314-910B-66D382D0CF9E}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [{B7270866-09F3-441A-93FB-AD07BACD6A17}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9CD31E59-870F-49FA-98A1-0897477EB41B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0B5F0C5B-FCCB-4B93-A4C1-8FE7E6F81C62}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{50DCD0E8-FCCA-464A-A926-E0F65F1776F8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{4423CB4E-C0DF-414A-A94F-7ABE6AABE68C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3A8B97A1-C15F-455E-95EF-ECC1B9455885}] => (Allow) C:\Program Files (x86)\Overwolf\0.236.0.11\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{F20DD9D3-9A07-4549-88F7-8C9F05C3BA5A}] => (Allow) C:\Program Files (x86)\Overwolf\0.236.0.11\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{39CB2015-06F2-47E1-8997-ED7C79B99A03}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= 15-11-2023 13:25:35 Προγραμματισμένο σημείο ελέγχου ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (11/17/2023 09:35:11 AM) (Source: Universal Print) (EventID: 1) (User: ) Description: Failure Response trying to search for printers. HttpStatus=12030, ErrorResponse: , TraceId: mcpmanagementservice.dll Error: (11/16/2023 04:34:44 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, Γίνεται τερματισμός της λειτουργίας του συστήματος. . Error: (11/16/2023 04:34:44 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, Γίνεται τερματισμός της λειτουργίας του συστήματος. ] Error: (11/16/2023 04:32:18 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: The storage optimizer couldn't complete επανάληψη αποκοπής on \\?\Volume{56b2b961-d27b-3ed4-fca1-f56f8a1b8a56}\ because: Η ζητούμενη λειτουργία δεν υποστηρίζεται από το υλικό υποστήριξης του τόμου. (0x8900002A) Error: (11/16/2023 04:32:18 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: The storage optimizer couldn't complete επανάληψη αποκοπής on (D:) because: Η ζητούμενη λειτουργία δεν υποστηρίζεται από το υλικό υποστήριξης του τόμου. (0x8900002A) System errors: ============= Error: (11/17/2023 09:53:29 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-JC5DE83) Description: DCOM got error "87" attempting to start the service GamingServices with arguments "Μη διαθέσιμο" in order to run the server: {3E8C9ABE-9226-4609-BF5B-60288A391DEE} Error: (11/17/2023 09:53:28 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-JC5DE83) Description: DCOM got error "87" attempting to start the service GamingServices with arguments "Μη διαθέσιμο" in order to run the server: {3E8C9ABE-9226-4609-BF5B-60288A391DEE} Error: (11/16/2023 09:00:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The eapihdrv service failed to start due to the following error: This driver has been blocked from loading Error: (11/16/2023 09:00:34 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\user\AppData\Local\Temp\ehdrv.sys Error: (11/16/2023 09:00:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The eapihdrv service failed to start due to the following error: This driver has been blocked from loading Error: (11/16/2023 09:00:34 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\user\AppData\Local\Temp\ehdrv.sys Error: (11/16/2023 09:00:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The eapihdrv service failed to start due to the following error: This driver has been blocked from loading Error: (11/16/2023 09:00:34 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\user\AppData\Local\Temp\ehdrv.sys Windows Defender: ================ Date: 2023-11-17 00:17:58 Description: Προστασία του Microsoft Defender από ιούς has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=PUABundler:Win32/PiriformBundler&threatid=311950&enterprise=0 Name: PUABundler:Win32/PiriformBundler Severity: Χαμηλό Category: Πιθανώς ανεπιθύμητο λογισμικό Path: file:_D:\All here\Downloads\spsetup132.exe Detection Origin: Τοπικός υπολογιστής Detection Type: FastPath Detection Source: Προστασία σε πραγματικό χρόνο Process Name: C:\Users\user\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe Security intelligence Version: AV: 1.401.696.0, AS: 1.401.696.0, NIS: 1.401.696.0 Engine Version: AM: 1.1.23100.2009, NIS: 1.1.23100.2009 Date: 2023-11-17 00:16:19 Description: Προστασία του Microsoft Defender από ιούς has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=PUABundler:Win32/FusionCore&threatid=311944&enterprise=0 Name: PUABundler:Win32/FusionCore Severity: Χαμηλό Category: Πιθανώς ανεπιθύμητο λογισμικό Path: file:_D:\All here\Downloads\PowerISO7-x64.exe Detection Origin: Τοπικός υπολογιστής Detection Type: Συμπαγές Detection Source: Προστασία σε πραγματικό χρόνο Process Name: C:\Users\user\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe Security intelligence Version: AV: 1.401.696.0, AS: 1.401.696.0, NIS: 1.401.696.0 Engine Version: AM: 1.1.23100.2009, NIS: 1.1.23100.2009 Date: 2023-11-17 00:12:54 Description: Προστασία του Microsoft Defender από ιούς has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Misleading:Win32/Lodi&threatid=240849&enterprise=0 Name: Misleading:Win32/Lodi Severity: Υψηλό Category: Λογισμικό ανεπιθύμητων διαφημίσεων (adware) Path: file:_D:\All here\Downloads\DTLiteInstaller.exe Detection Origin: Τοπικός υπολογιστής Detection Type: Συμπαγές Detection Source: Προστασία σε πραγματικό χρόνο Process Name: C:\Users\user\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe Security intelligence Version: AV: 1.401.696.0, AS: 1.401.696.0, NIS: 1.401.696.0 Engine Version: AM: 1.1.23100.2009, NIS: 1.1.23100.2009 Date: 2023-11-17 00:11:11 Description: Προστασία του Microsoft Defender από ιούς has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Vigua.A&threatid=232714&enterprise=0 Name: PUA:Win32/Vigua.A Severity: Χαμηλό Category: Πιθανώς ανεπιθύμητο λογισμικό Path: file:_D:\All here\Downloads\Internet Download Manager (IDM) 6.30 Build 7\IDM (6.30) Build 7.exe Detection Origin: Τοπικός υπολογιστής Detection Type: FastPath Detection Source: Προστασία σε πραγματικό χρόνο Process Name: C:\Users\user\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe Security intelligence Version: AV: 1.401.696.0, AS: 1.401.696.0, NIS: 1.401.696.0 Engine Version: AM: 1.1.23100.2009, NIS: 1.1.23100.2009  CodeIntegrity: =============== Date: 2023-11-17 11:20:12 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. 2501 04/03/2014 Motherboard: ASUSTeK COMPUTER INC. M5A99X EVO R2.0 Processor: AMD FX(tm)-8350 Eight-Core Processor Percentage of memory in use: 44% Total physical RAM: 16283.51 MB Available physical RAM: 9054.46 MB Total Virtual: 32667.51 MB Available Virtual: 23501.71 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:237.87 GB) (Free:82.11 GB) (Model: ADATA SP900) NTFS Drive d: () (Fixed) (Total:1863.01 GB) (Free:792.87 GB) (Model: TOSHIBA DT01ACA200) NTFS \\?\Volume{20f49057-0a12-44fc-b45b-6a17e32a2b6e}\ () (Fixed) (Total:0.49 GB) (Free:0.04 GB) NTFS \\?\Volume{56b2b961-d27b-3ed4-fca1-f56f8a1b8a56}\ () (Fixed) (Total:0.63 GB) (Free:0 GB) NTFS \\?\Volume{e6cf92e4-6d31-3ba4-7155-c5e327c0ece4}\ () (Fixed) (Total:1.16 GB) (Free:0 GB) NTFS \\?\Volume{51a53fc6-1935-4d2c-6b80-22a2b2351870}\ () (Fixed) (Total:10.97 GB) (Free:0 GB) NTFS \\?\Volume{04e353d7-0490-f51f-2c85-9a43619a3142}\ () (Fixed) (Total:0.63 GB) (Free:0 GB) NTFS \\?\Volume{95b0e598-5cef-289f-7c39-1efdc41a6154}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS \\?\Volume{98bf42f1-6a8b-479c-8360-3db9e651ef89}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: 5FA6C048) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 5FA6C04C) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) Attempted reading MBR returned 0 bytes. Could not read MBR for disk 2. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 3. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 4. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 5. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 6. ==================== End of Addition.txt =======================