I downloaded VLC media player and now my windows virus checker won't complete a full scan, it freezes. I tried running EST online scanner and that won't run either.
Could I be infected?
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26.02.2024 01
Ran by domin (administrator) on DOMSLAPTOP (LENOVO 82XV) (29-02-2024 08:17:52)
Running from C:\Users\domin\OneDrive\Desktop\FRST64.exe
Loaded Profiles: domin
Platform: Microsoft Windows 11 Home Version 23H2 22631.3155 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(A-Volute SAS -> A-Volute) C:\Users\domin\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantage-(LenovoGamingSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\87.0.2.0\crashpad_handler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.170.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe <6>
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(DriverStore\FileRepository\ipf_cpu.inf_amd64_cf5beef3831571d4\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_cf5beef3831571d4\ipf_helper.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_fdde6ecd49c3a98b\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_fdde6ecd49c3a98b\FnHotkeyCapsLKNumLK.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_fdde6ecd49c3a98b\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_fdde6ecd49c3a98b\FnHotkeyUtility.exe
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Marti Climent -> Martí Climent) C:\Program Files\WingetUI\wingetui.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <27>
(Lenovo -> Lenovo) C:\ProgramData\Lenovo\Vantage\AddinData\LenovoBatteryGaugeAddin\x64\QSHelper.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_4a0efaf978352e5b\ipfsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_cf5beef3831571d4\ipf_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_9d96bfc242ae9e60\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_33284f5d2f7b1562\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\lenovo\UDC\Service\UDClientService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_fdde6ecd49c3a98b\LenovoUtilityService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_4e93878658043b21\OneApp.IGCC.WinService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4621730b308e6e22\IntelCpHDCPSvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_9a2c79b60d6607c6\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c607c18cb15933d8\RtkAudUService64.exe <2>
(sihost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5336.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(svchost.exe ->) (21E1B422-257A-44A2-9C8F-379165856473 -> ) C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.22.0_x64__w2gh52qy24etm\Nahimic3.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5336.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\domin\AppData\Local\Microsoft\OneDrive\24.020.0128.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.170.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Trend Micro, Inc. -> Trend Micro, Inc.) C:\Program Files (x86)\Cleaner One Pro\Cleaner One Pro.exe <4>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c607c18cb15933d8\RtkAudUService64.exe [1958696 2023-10-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3302288 2024-02-04] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-23] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-23] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\Run: [MicrosoftEdgeAutoLaunch_83497DAD29FF071D0AEDF40311C6C56D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4067896 2024-02-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\Run: [LenovoVantageToolbar] => C:\ProgramData\Lenovo\Vantage\AddinData\LenovoBatteryGaugeAddin\x64\QSHelper.exe [85928 2023-12-25] (Lenovo -> Lenovo)
HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\Run: [LenovoVantage] => C:\ProgramData\Lenovo\Vantage\Addins\LenovoCompanionAppAddin\1.0.0.37\LenovoVantage.exe [25512 2023-12-26] (Lenovo -> Lenovo)
HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-23] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\Run: [WingetUI] => C:\Program Files\WingetUI\WingetUI.exe [6322528 2023-12-24] (Marti Climent -> Martí Climent)
HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\Run: [Cleaner One Pro] => C:\Program Files (x86)\Cleaner One Pro\Cleaner One Pro.exe [109902192 2024-01-22] (Trend Micro, Inc. -> Trend Micro, Inc.)
HKU\S-1-5-21-1072368098-1498503301-1659025735-1004\...\Run: [MicrosoftEdgeAutoLaunch_47EB614B1D46B7F0DB4A133F2CFEA00F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4067896 2024-02-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1072368098-1498503301-1659025735-1004\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-23] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-23] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\OKHSPP3: C:\Windows\System32\spool\prtprocs\x64\OKHSPP3.DLL [62464 2013-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\...\Print\Monitors\OKI HiperC Language Monitor7 x64: C:\Windows\system32\OPDMN075.DLL [167936 2012-11-06] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
Startup: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2023-12-01]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {48E81013-9FCA-48A6-AFF6-92B19404F354} - System32\Tasks\CleanerOneProAutoUAC => C:\Program Files (x86)\Cleaner One Pro\Cleaner One Pro.exe [109902192 2024-01-22] (Trend Micro, Inc. -> Trend Micro, Inc.)
Task: {E17C3A99-6A79-42CF-B42E-405522563514} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6315.0{F4A04241-A040-4AA7-B981-C5E81C5F758D} => C:\Program Files (x86)\Google\GoogleUpdater\124.0.6315.0\updater.exe [4698400 2024-02-22] (Google LLC -> Google LLC) <==== ATTENTION
Task: {C52D9C18-E47E-46AD-8188-A4BA786843B2} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\Windows\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {7BF0A4E1-DD08-4AC9-BC3D-5B226553F013} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\Windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {886ED9A3-2B06-486A-A160-C0FE2232A700} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\006ce972-469e-477a-8da0-e05df4148a87 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {BE82D3F7-6375-4A71-B15E-D574666535A5} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0235fd33-d58c-4c49-bc85-4570b910d726 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {516D5726-45D6-4958-9936-AC50E68D4FD0} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\96fcb842-56b7-49f0-9e98-e2b78fc61184 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {43B0E0B7-5DDC-4A1D-8F16-593A591BD1FC} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c1687ca9-c231-4623-9fcb-60d4e3b072ef => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {AD7C60CF-4865-47C3-96FE-37379A0190E7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\da621ac5-85b7-45e2-a2ad-e6eac0b2d975 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {FD19DC0D-1DAD-435B-9099-86AC785F7BDC} - System32\Tasks\Lenovo\LenovoNowLauncher => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.exe [1634728 2024-01-26] (Lenovo -> Lenovo)
Task: {3198B0CB-37C6-40A3-A485-B9D3E97CDEEC} - System32\Tasks\Lenovo\LenovoNowQuarterlyLaunch => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [1522088 2024-01-26] (Lenovo -> Lenovo)
Task: {886F1670-97E5-4E9F-946C-7991B1A57BF1} - System32\Tasks\Lenovo\LenovoNowTask => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [1522088 2024-01-26] (Lenovo -> Lenovo)
Task: {56192B4F-268D-46BD-B244-0D09F0AC6BDE} - System32\Tasks\Lenovo\UDC\Lenovo UDC Diagnostic Scan => C:\Windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 210
Task: {A48378E5-4125-4438-A375-23954537B9DB} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\Windows\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [185312 2023-11-02] (Lenovo -> Lenovo Group Ltd.)
Task: {2BE6DA42-0A56-456C-B394-3CAA54F7ECC8} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\Windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {BCBC5CE4-C67E-4F1A-A6FA-01A1CF173F76} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {0B2B9731-4C55-478E-AF11-966A839FEB05} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {17C7D8FF-995D-48DB-AFD8-8D42A18294B7} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {030C5FA0-4E8F-4D66-9228-1E57223B15F9} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {1C93F10F-9B5E-4973-8DAE-A55BC9A0555E} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {5E2F0068-6EFD-4BB8-8218-DA7B5C0E910B} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {C718668D-E379-466A-8D9A-016492AA1803} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.SScan => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {1C5FB9E7-7C03-4ED3-B310-F69628A2DE6F} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {CA73CCC5-C9E0-437C-8493-0FFE2BFFBD81} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {DBB41A61-3A88-459A-8E70-11159E07BBF8} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\4.0.49.0\ScheduleEventAction.exe NotificationCenter (No File)
Task: {A682A84F-AAAD-4313-94AB-71437C3D3500} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {8B6BFE0E-041E-467D-88AC-AF3A945152B1} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {0FC06E31-AD32-4BBE-8425-DD99D6B79F34} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {F711DE62-8CBD-43C3-A3C1-489A30AD01D7} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\uninstall.exe [311776 2023-12-15] (Lenovo -> Lenovo)
Task: {A76164F2-55EA-499A-B144-D4BA8E3C1635} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {C6BAA5F6-F3A0-4ABC-A703-746BC3ACA4EC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E18D6592-F8C5-469E-B439-DA9008E7DA13} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306328 2024-02-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {C8171506-B77E-4E93-8B01-396438F72A0E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306328 2024-02-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {3831CF32-BA69-4428-B97D-B0ECA478D0E4} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170128 2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {EA0FB99F-67BC-4FD2-87E9-BB556267B57B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {129D4EA5-9CB9-40B0-8662-30A2A53EB016} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2B205105-233D-4C09-8F55-53938829E1D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EB9CC4AE-988A-4379-AA0D-D8B1DEF2020F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C7130C70-B7C5-42BD-84CC-95A2171CBA03} - System32\Tasks\NahimicTask32 => C:\Windows\system32\..\SysWOW64\NahimicSvc32.exe [1117352 ] (A-Volute SAS -> Nahimic)
Task: {CFC6C7F7-1876-431A-9A73-6E5E067E2D81} - System32\Tasks\NahimicTask64 => C:\Windows\system32\.\NahimicSvc64.exe [1437352 ] (A-Volute SAS -> Nahimic)
Task: {138E5F37-A7D0-4D5B-B2EC-A51E0B85717F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {2D3DA6C5-DD15-41F3-A76A-8C84FE9CF653} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A2D7B599-B928-4E8B-8F45-13A61AFF9494} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {673C69D8-EAF6-416D-AFE3-20893F208E99} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DAECD7B6-1787-495F-86D5-D45BF877F193} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C82DEEEF-5280-42D4-AD16-C439D5DB2354} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {756C9B8D-DB62-45FF-9C6F-0DAF0C264371} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9D7EA6E4-FD8D-41B3-9E7A-7374A20B735D} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2B84DF82-5331-4DF1-B375-2DD463D92CDB} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{27dc87c9-d227-4bde-8eb8-10d8faf25d0a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{27dc87c9-d227-4bde-8eb8-10d8faf25d0a}: [DhcpDomain] lan
Tcpip\..\Interfaces\{27dc87c9-d227-4bde-8eb8-10d8faf25d0a}\244524D273A534742345: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{27dc87c9-d227-4bde-8eb8-10d8faf25d0a}\244524D273A534742345: [DhcpDomain] home
Tcpip\..\Interfaces\{b888dd24-08bf-4c09-9162-cc59ce9e3e8e}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b888dd24-08bf-4c09-9162-cc59ce9e3e8e}: [DhcpDomain] lan
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\domin\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-29]
Edge HomePage: Default -> hxxp://google.co.uk/
Edge Session Restore: Default -> is enabled.
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\domin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-02-28]
Edge Extension: (Tabox - Save and Share Tab Groups) - C:\Users\domin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ekkmpemnpkaecapbjcgidkflglondcem [2023-12-02]
Edge Extension: (Google Docs Offline) - C:\Users\domin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-21]
Edge Extension: (Edge relevant text changes) - C:\Users\domin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Profile: C:\Users\domin\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2023-12-03]
Edge Extension: (Google Docs Offline) - C:\Users\domin\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-03]
Edge Extension: (Edge relevant text changes) - C:\Users\domin\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-12-03]
Edge Profile: C:\Users\domin\AppData\Local\Microsoft\Edge\User Data\Profile 2 [2023-12-03]
Edge Extension: (Google Docs Offline) - C:\Users\domin\AppData\Local\Microsoft\Edge\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-03]
Edge Extension: (Edge relevant text changes) - C:\Users\domin\AppData\Local\Microsoft\Edge\User Data\Profile 2\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-12-03]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14048768 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
R2 dptftcs; C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_4a0efaf978352e5b\ipfsvc.exe [545432 2022-10-27] (Intel Corporation -> Intel Corporation)
R2 FMAPOService; C:\Windows\System32\FMService64.exe [990136 2023-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S2 GoogleUpdaterInternalService124.0.6315.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6315.0\updater.exe [4698400 2024-02-22] (Google LLC -> Google LLC) <==== ATTENTION
S2 GoogleUpdaterService124.0.6315.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6315.0\updater.exe [4698400 2024-02-22] (Google LLC -> Google LLC) <==== ATTENTION
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R2 IntelAudioService; C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_33284f5d2f7b1562\AS\IAS\IntelAudioService.exe [531800 2023-07-25] (Intel Corporation -> Intel)
R2 ipfsvc; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_cf5beef3831571d4\ipf_uf.exe [2778760 2022-10-28] (Intel Corporation -> Intel Corporation)
R2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_fdde6ecd49c3a98b\LenovoUtilityService.exe [161760 2024-01-15] (Lenovo -> Lenovo)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantageService.exe [34272 2023-12-15] (Lenovo -> Lenovo)
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123320 2024-01-29] (The Document Foundation -> The Document Foundation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-01-24] (Malwarebytes Inc. -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [889400 2024-02-16] (McAfee, LLC -> McAfee, LLC)
R2 NahimicService; C:\Windows\system32\NahimicService.exe [1909528 2023-09-21] (A-Volute SAS -> Nahimic)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_9a2c79b60d6607c6\Display.NvContainer\NVDisplay.Container.exe [1274992 2023-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
R2 UDCService; C:\Windows\system32\DRIVERS\Lenovo\udc\Service\UDClientService.exe [72160 2023-11-02] (Lenovo -> Lenovo Group Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe [3191256 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe [133576 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2023-09-04] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 FBNetFilter; C:\Windows\System32\drivers\FBNetFlt.sys [60784 2023-12-06] (Lenovo -> Lenovo)
R0 fse; C:\Windows\System32\drivers\fse.sys [218592 2023-12-01] (Microsoft Windows -> Microsoft Corporation)
R1 googledrivefs31357; C:\Windows\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 iaLPSS2_GPIO2_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_302e75596cffa74a\iaLPSS2_GPIO2_ADL.sys [150616 2022-10-17] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_e736c048ca307ed2\iaLPSS2_I2C_ADL.sys [220224 2022-10-17] (Intel Corporation -> Intel Corporation)
R3 ipf_acpi; C:\Windows\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_cf69bf74fab8a0f5\ipf_acpi.sys [87176 2022-10-28] (Intel Corporation -> Intel Corporation)
R3 ipf_cpu; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_cf5beef3831571d4\ipf_cpu.sys [80520 2022-10-28] (Intel Corporation -> Intel Corporation)
R3 ipf_lf; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_cf5beef3831571d4\ipf_lf.sys [443528 2022-10-28] (Intel Corporation -> Intel Corporation)
S3 LenovoDiagnosticsDriver; C:\ProgramData\Lenovo\Vantage\Addins\LenovoHardwareScanAddin\3.3.0.19\LenovoDiagnosticsDriver.sys [53184 2023-11-23] (Lenovo -> Lenovo Group Limited ®)
S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [52832 2023-12-21] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223296 2024-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-12-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2024-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [43664 2024-01-12] (Chongqing NIUBI Technology Co., Ltd. -> )
R3 MpKsl3485dd02; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CDFF812B-C7D3-416B-9B20-53D0A137F679}\MpKslDrv.sys [272664 2024-02-28] (Microsoft Windows -> Microsoft Corporation)
R3 NahimicBTLink; C:\Windows\System32\drivers\NahimicBTLink.sys [86200 2022-12-01] (A-Volute SAS -> Windows ® Win 7 DDK provider)
R3 NahimicXVAD; C:\Windows\System32\drivers\NahimicXVAD.sys [86216 2022-08-26] (A-Volute SAS -> Windows ® Win 7 DDK provider)
R3 Nahimic_Mirroring; C:\Windows\System32\drivers\Nahimic_Mirroring.sys [86224 2022-12-01] (A-Volute SAS -> Windows ® Win 7 DDK provider)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-13] (Nvidia Corporation -> NVIDIA Corporation)
R3 nvpcf; C:\Windows\System32\drivers\nvpcf.sys [239256 2023-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt68cx21; C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_043a02d7d5d8270f\rt68cx21x64.sys [752512 2023-08-31] (Realtek Semiconductor Corp. -> Realtek)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [813112 2023-12-09] (Microsoft Windows Hardware Compatibility Publisher -> IDRIX)
S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [94208 2023-12-01] (Microsoft Windows -> )
R0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21040 2024-02-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [608648 2024-02-28] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105752 2024-02-28] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-29 08:17 - 2024-02-29 08:18 - 000037088 _____ C:\Users\domin\OneDrive\Desktop\FRST.txt
2024-02-29 08:17 - 2024-02-29 08:18 - 000000000 ____D C:\FRST
2024-02-29 08:16 - 2024-02-29 08:16 - 002386944 _____ (Farbar) C:\Users\domin\OneDrive\Desktop\FRST64.exe
2024-02-29 07:34 - 2024-02-29 08:15 - 000000000 ____D C:\Users\domin\AppData\Roaming\CleanerOnePro
2024-02-29 07:34 - 2024-02-29 07:35 - 000000000 ____D C:\Users\domin\AppData\Roaming\Cleaner One Pro
2024-02-29 07:34 - 2024-02-29 07:34 - 000003172 _____ C:\Windows\system32\Tasks\CleanerOneProAutoUAC
2024-02-29 07:34 - 2024-02-29 07:34 - 000001144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cleaner One Pro.lnk
2024-02-29 07:34 - 2024-02-29 07:34 - 000000000 ____D C:\Users\domin\AppData\Local\cleaneronepro-updater
2024-02-29 07:34 - 2024-02-29 07:34 - 000000000 ____D C:\ProgramData\Trend Micro
2024-02-29 07:34 - 2024-02-29 07:34 - 000000000 ____D C:\Program Files (x86)\Cleaner One Pro
2024-02-29 00:36 - 2024-02-29 00:36 - 001505510 _____ C:\Users\domin\AppData\Local\census.cache
2024-02-29 00:35 - 2024-02-29 00:35 - 000429731 _____ C:\Users\domin\AppData\Local\ars.cache
2024-02-28 22:23 - 2024-02-28 22:24 - 000000000 ____D C:\Program Files\Trend Micro
2024-02-28 22:23 - 2024-02-28 22:23 - 000000036 _____ C:\Users\domin\AppData\Local\housecall.guid.cache
2024-02-28 22:21 - 2024-02-29 07:37 - 000001409 _____ C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2024-02-28 22:21 - 2024-02-29 07:37 - 000001309 _____ C:\Users\domin\OneDrive\Desktop\ESET Online Scanner.lnk
2024-02-28 22:21 - 2024-02-28 22:21 - 000000000 ____D C:\Users\domin\AppData\Local\ESET
2024-02-28 22:19 - 2024-02-28 22:19 - 000003108 _____ C:\Windows\system32\Tasks\NahimicTask32
2024-02-28 22:19 - 2024-02-28 22:19 - 000003088 _____ C:\Windows\system32\Tasks\NahimicTask64
2024-02-28 22:19 - 2024-02-28 22:19 - 000000000 ___HD C:\OneDriveTemp
2024-02-28 22:16 - 2024-02-28 22:16 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2024-02-28 16:48 - 2024-02-28 16:48 - 000000000 ____D C:\Users\domin\AppData\Local\npm-cache
2024-02-28 16:25 - 2024-02-28 16:25 - 002717516 _____ C:\Users\domin\Downloads\output1.mp4
2024-02-28 15:54 - 2024-02-28 15:55 - 057578491 _____ C:\Users\domin\OneDrive\Desktop\Untitled.mp4
2024-02-28 14:45 - 2024-02-28 14:45 - 003503523 _____ C:\Users\domin\Downloads\output.mp4
2024-02-28 14:34 - 2023-12-17 11:02 - 681474381 _____ C:\Users\domin\OneDrive\Desktop\20231217_105917.mp4
2024-02-28 14:33 - 2024-02-25 15:28 - 016636371 _____ C:\Users\domin\OneDrive\Desktop\20240225_152828.mp4
2024-02-28 14:31 - 2024-02-28 15:56 - 000000000 ____D C:\Users\domin\.transparent-background
2024-02-28 14:28 - 2024-02-28 14:28 - 000000000 ____D C:\Users\domin\.matplotlib
2024-02-28 14:08 - 2024-02-28 14:08 - 000000000 ____D C:\ProgramData\Windows App Certification Kit
2024-02-28 14:08 - 2024-02-28 14:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2024-02-28 14:08 - 2024-02-28 14:08 - 000000000 ____D C:\Program Files\Application Verifier
2024-02-28 14:08 - 2024-02-28 14:08 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2024-02-28 14:08 - 2024-02-28 14:08 - 000000000 ____D C:\Program Files (x86)\Application Verifier
2024-02-28 14:03 - 2024-02-28 14:13 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
2024-02-28 14:03 - 2024-01-27 13:40 - 020488329 _____ C:\Users\domin\OneDrive\Desktop\20240127_134020.mp4
2024-02-28 14:02 - 2024-02-28 14:13 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2024-02-28 14:02 - 2024-02-28 14:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019
2024-02-28 14:02 - 2024-02-28 14:02 - 000000000 ____D C:\Program Files (x86)\MSBuild
2024-02-28 14:01 - 2024-02-28 14:14 - 000000000 ____D C:\Users\domin\AppData\Roaming\Visual Studio Setup
2024-02-28 14:01 - 2024-02-28 14:01 - 000001458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2024-02-28 14:01 - 2024-02-28 14:01 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio
2024-02-28 14:01 - 2024-02-28 14:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2024-02-28 14:00 - 2024-02-28 14:00 - 000000000 ____D C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)
2024-02-28 13:59 - 2024-02-28 13:59 - 000000043 _____ C:\Users\domin\.condarc
2024-02-28 13:59 - 2024-02-28 13:59 - 000000000 ____D C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Miniconda3 (64-bit)
2024-02-28 13:59 - 2024-02-28 13:59 - 000000000 ____D C:\Users\domin\AppData\Local\conda
2024-02-28 13:59 - 2024-02-28 13:59 - 000000000 ____D C:\Users\domin\.conda
2024-02-28 13:57 - 2024-02-28 16:48 - 000000000 ____D C:\Users\domin\pinokio
2024-02-28 13:56 - 2024-02-28 22:09 - 000000000 ____D C:\Users\domin\AppData\Roaming\Pinokio
2024-02-28 13:56 - 2024-02-28 13:56 - 000002268 _____ C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pinokio.lnk
2024-02-28 13:56 - 2024-02-28 13:56 - 000002266 _____ C:\Users\domin\OneDrive\Desktop\Pinokio.lnk
2024-02-28 13:56 - 2024-02-28 13:56 - 000000000 ____D C:\Users\domin\Downloads\Pinokio-1.2.0-win32
2024-02-28 13:56 - 2024-02-28 13:56 - 000000000 ____D C:\Users\domin\AppData\Local\pinokio-updater
2024-02-27 15:24 - 2024-02-27 15:24 - 000059597 _____ C:\Users\domin\AppData\Local\recently-used.xbel
2024-02-27 15:19 - 2024-02-27 15:19 - 000001736 _____ C:\Users\domin\OneDrive\Desktop\XnView MP.lnk
2024-02-27 13:58 - 2024-02-27 13:58 - 000000000 ____D C:\Users\domin\AppData\Local\enchant
2024-02-27 13:38 - 2024-02-27 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HandBrake
2024-02-27 12:02 - 2024-02-27 12:02 - 000000000 ____D C:\Users\domin\AppData\Roaming\tor
2024-02-20 21:24 - 2024-02-20 21:24 - 000000000 ____D C:\Windows\system32\Tasks\GoogleSystem
2024-02-19 12:41 - 2024-02-19 12:41 - 000000000 ____D C:\Users\domin\AppData\Local\ElevatedDiagnostics
2024-02-19 12:09 - 2024-02-19 12:09 - 000000000 ____D C:\Users\domin\AppData\Roaming\CANON INC
2024-02-19 11:53 - 2024-02-19 11:53 - 000000000 ____D C:\Users\domin\AppData\Roaming\canon
2024-02-19 11:53 - 2024-02-19 11:53 - 000000000 ____D C:\ProgramData\Canon_Inc_IC
2024-02-17 23:13 - 2024-02-17 23:13 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-02-16 22:49 - 2024-02-16 22:49 - 000003370 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1072368098-1498503301-1659025735-1001
2024-02-16 22:49 - 2024-02-16 22:49 - 000002394 _____ C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-02-11 11:36 - 2024-02-11 11:36 - 000000020 _____ C:\Users\domin\OneDrive\Desktop\SDE.txt
2024-02-11 11:35 - 2024-02-11 11:35 - 000000000 _____ C:\Users\domin\OneDrive\Desktop\New Text Document (3).txt
2024-02-09 14:23 - 2024-02-09 14:23 - 000000974 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2024-02-08 17:02 - 2024-02-08 17:02 - 000000000 ____D C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2024-02-07 14:26 - 2024-02-07 14:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 24.2
2024-02-07 14:25 - 2024-02-07 14:25 - 000000000 ____D C:\Program Files\LibreOffice
2024-02-04 14:44 - 2020-02-23 01:19 - 000009132 _____ C:\Users\Mandy\OneDrive\Documents\Book.xlsx
2024-02-04 14:44 - 2019-11-07 19:26 - 000660066 _____ C:\Users\Mandy\OneDrive\Documents\TTheakerIndividual-Entry-Form-British-2019.xlsx
2024-02-04 14:37 - 2024-02-04 14:37 - 000000000 ____D C:\Users\Mandy\AppData\Local\OneDrive
2024-02-04 14:08 - 2024-02-04 14:08 - 000003370 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1072368098-1498503301-1659025735-1004
2024-02-04 14:08 - 2024-02-04 14:08 - 000002394 _____ C:\Users\Mandy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-02-02 14:16 - 2024-02-02 14:41 - 000168262 _____ C:\Users\domin\OneDrive\Desktop\Torrin_2024_1.html
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-29 08:17 - 2023-09-04 18:17 - 000804932 _____ C:\Windows\system32\PerfStringBackup.INI
2024-02-29 08:17 - 2022-05-07 05:22 - 000000000 ____D C:\Windows\INF
2024-02-29 08:15 - 2022-05-07 05:24 - 000000000 ____D C:\Windows\SystemTemp
2024-02-29 08:14 - 2022-05-25 19:05 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-02-29 07:36 - 2023-12-04 10:34 - 000000000 ____D C:\ProgramData\TEMP
2024-02-29 07:36 - 2023-12-01 10:51 - 000000000 ____D C:\Users\domin\AppData\Local\CrashDumps
2024-02-29 07:21 - 2023-12-02 00:06 - 000000000 ___SD C:\Users\domin\AppData\Roaming\Microsoft\Credentials
2024-02-29 00:24 - 2023-12-27 10:12 - 000000000 ____D C:\Users\domin\AppData\Local\Malwarebytes
2024-02-28 23:19 - 2022-05-07 05:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-28 22:22 - 2022-05-07 05:24 - 000000000 ____D C:\Windows\ServiceState
2024-02-28 22:19 - 2023-12-04 10:31 - 000000000 ____D C:\Users\domin\.wingetui
2024-02-28 22:19 - 2023-12-02 00:51 - 000000000 ___RD C:\Users\domin\OneDrive
2024-02-28 22:19 - 2023-09-04 18:24 - 000000000 ____D C:\ProgramData\NVIDIA
2024-02-28 22:19 - 2022-05-25 19:05 - 000012288 ___SH C:\DumpStack.log.tmp
2024-02-28 22:19 - 2022-05-25 19:05 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-02-28 22:19 - 2022-05-07 05:24 - 000000000 ____D C:\Windows\AppReadiness
2024-02-28 22:18 - 2023-09-04 18:09 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2024-02-28 22:18 - 2022-05-07 05:17 - 001048576 _____ C:\Windows\system32\config\BBI
2024-02-28 17:02 - 2022-05-07 05:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-28 16:16 - 2023-12-02 00:51 - 000000000 ____D C:\Users\domin\AppData\Local\D3DSCache
2024-02-28 14:31 - 2023-12-02 00:06 - 000000000 ___HD C:\Users\domin
2024-02-28 14:28 - 2023-12-07 11:01 - 000000000 ____D C:\Users\domin\.cache
2024-02-28 14:28 - 2022-05-07 05:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-02-28 14:25 - 2022-05-07 05:17 - 000000000 ____D C:\Windows\CbsTemp
2024-02-28 14:13 - 2022-05-07 05:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-02-28 14:08 - 2023-09-04 18:26 - 000000000 ____D C:\ProgramData\Package Cache
2024-02-28 13:37 - 2022-05-25 19:05 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-02-27 15:24 - 2023-12-02 07:55 - 000000000 ____D C:\Users\domin\AppData\Roaming\inkscape
2024-02-27 15:19 - 2023-12-01 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView MP
2024-02-27 15:19 - 2023-12-01 18:34 - 000000000 ____D C:\Program Files\XnViewMP
2024-02-27 15:18 - 2023-12-13 15:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFgear
2024-02-27 15:18 - 2023-12-13 15:04 - 000000000 ____D C:\Program Files\PDFgear
2024-02-27 15:17 - 2023-12-24 08:37 - 000000000 ____D C:\Program Files\dotnet
2024-02-27 15:17 - 2023-12-04 09:21 - 000000888 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2024-02-27 15:17 - 2023-12-02 00:46 - 000000000 ____D C:\Users\domin\AppData\Local\packages
2024-02-27 13:07 - 2023-12-02 07:55 - 000000000 ____D C:\Users\domin\.dbus-keyrings
2024-02-27 11:44 - 2023-12-04 09:21 - 000000000 ____D C:\Users\domin\AppData\Roaming\Notepad++
2024-02-27 11:37 - 2022-05-25 19:06 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-23 10:33 - 2022-05-25 19:06 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-23 10:33 - 2022-05-25 19:06 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-23 09:36 - 2023-12-01 17:34 - 000002181 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-02-23 09:36 - 2023-12-01 17:34 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-22 11:28 - 2023-12-01 18:02 - 000000000 ____D C:\Users\domin\AppData\Roaming\KeePass
2024-02-22 09:12 - 2023-12-01 18:34 - 000000000 ____D C:\Users\domin\AppData\Roaming\XnViewMP
2024-02-20 21:16 - 2023-12-07 09:30 - 000000000 ____D C:\Users\domin\AppData\Local\babl-0.1
2024-02-20 21:04 - 2023-12-07 11:08 - 000000000 ____D C:\Users\domin\AppData\Local\gtk-2.0
2024-02-17 23:12 - 2023-09-04 18:12 - 000000000 ____D C:\Program Files\Microsoft Office
2024-02-16 22:49 - 2023-12-02 00:51 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1072368098-1498503301-1659025735-1001
2024-02-16 11:22 - 2022-05-07 05:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-02-16 10:02 - 2022-05-07 05:17 - 000032768 _____ C:\Windows\system32\config\ELAM
2024-02-14 15:14 - 2023-12-02 00:32 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-02-14 15:14 - 2022-05-07 05:24 - 000000000 ____D C:\Windows\SystemResources
2024-02-14 15:14 - 2022-05-07 05:24 - 000000000 ____D C:\Windows\system32\Sgrm
2024-02-14 15:14 - 2022-05-07 05:24 - 000000000 ____D C:\Windows\bcastdvr
2024-02-14 12:02 - 2023-12-01 10:48 - 000000000 ____D C:\Windows\system32\MRT
2024-02-14 11:59 - 2023-12-01 10:48 - 191155960 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-02-14 11:56 - 2022-05-25 19:08 - 003212800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-02-13 09:27 - 2023-12-02 00:06 - 000000000 ___SD C:\Users\domin\AppData\Roaming\Microsoft\Protect
2024-02-09 14:24 - 2023-12-27 10:12 - 000002052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-02-09 14:23 - 2023-12-27 10:11 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-02-09 14:23 - 2023-12-27 10:11 - 000000000 ____D C:\Program Files\Malwarebytes
2024-02-09 14:23 - 2023-12-01 18:02 - 000000000 ____D C:\Program Files\KeePass Password Safe 2
2024-02-08 17:02 - 2023-12-01 18:54 - 000000000 ____D C:\Program Files\Blackmagic Design
2024-02-08 16:59 - 2023-12-01 18:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2024-02-08 16:59 - 2023-12-01 18:53 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
2024-02-08 11:03 - 2023-12-09 09:47 - 000634464 _____ C:\Windows\system32\FNTCACHE.DAT
2024-02-06 19:47 - 2023-09-04 18:31 - 000000000 ____D C:\Windows\system32\zh-hant
2024-02-06 19:47 - 2023-09-04 18:31 - 000000000 ____D C:\Windows\system32\zh-hans
2024-02-04 15:34 - 2023-12-23 23:29 - 000000000 ___RD C:\Users\Mandy\OneDrive
2024-02-04 15:30 - 2023-12-23 19:16 - 000000000 ___SD C:\Users\Mandy\AppData\Roaming\Microsoft\Protect
2024-02-04 15:17 - 2024-01-12 11:59 - 000000000 ____D C:\Users\Mandy\AppData\Local\Malwarebytes
2024-02-04 14:59 - 2023-12-23 19:16 - 000000000 ____D C:\Users\Mandy\AppData\Roaming\Microsoft\Spelling
2024-02-04 14:49 - 2023-12-23 19:16 - 000000000 ____D C:\Users\Mandy\AppData\Local\ConnectedDevicesPlatform
2024-02-04 14:45 - 2023-12-23 19:16 - 000000000 ____D C:\Users\Mandy\AppData\Local\Packages
2024-02-04 14:44 - 2023-12-23 19:16 - 000000000 ____D C:\Users\Mandy
2024-02-04 14:38 - 2023-12-23 19:16 - 000000000 ____D C:\Users\Mandy\AppData\Local\D3DSCache
2024-02-04 14:24 - 2022-05-25 19:09 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-02-04 14:10 - 2022-05-07 05:24 - 000000000 ____D C:\Windows\system32\WebThreatDefSvc
2024-02-04 14:08 - 2023-12-23 23:29 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1072368098-1498503301-1659025735-1004
2024-02-02 10:29 - 2022-05-07 05:24 - 000000000 ____D C:\Windows\LiveKernelReports
2024-02-01 10:37 - 2023-09-04 18:34 - 000000000 ____D C:\Program Files (x86)\Lenovo
==================== Files in the root of some directories ========
2024-02-29 00:35 - 2024-02-29 00:35 - 000429731 _____ () C:\Users\domin\AppData\Local\ars.cache
2024-02-29 00:36 - 2024-02-29 00:36 - 001505510 _____ () C:\Users\domin\AppData\Local\census.cache
2024-02-28 22:23 - 2024-02-28 22:23 - 000000036 _____ () C:\Users\domin\AppData\Local\housecall.guid.cache
2024-02-27 15:24 - 2024-02-27 15:24 - 000059597 _____ () C:\Users\domin\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26.02.2024 01
Ran by domin (29-02-2024 08:18:27)
Running from C:\Users\domin\OneDrive\Desktop
Microsoft Windows 11 Home Version 23H2 22631.3155 (X64) (2023-12-01 23:52:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1072368098-1498503301-1659025735-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1072368098-1498503301-1659025735-503 - Limited - Disabled)
domin (S-1-5-21-1072368098-1498503301-1659025735-1001 - Administrator - Enabled) => C:\Users\domin
Guest (S-1-5-21-1072368098-1498503301-1659025735-501 - Limited - Disabled)
Mandy (S-1-5-21-1072368098-1498503301-1659025735-1004 - Limited - Enabled) => C:\Users\Mandy
TTsco (S-1-5-21-1072368098-1498503301-1659025735-1002 - Limited - Disabled)
veggi (S-1-5-21-1072368098-1498503301-1659025735-1003 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1072368098-1498503301-1659025735-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Disabled) {C6A3F647-45D9-6AEE-30AE-DACD13562181}
FW: McAfee (Enabled) {2FDD6819-222E-5E9F-F5E7-E13A2241D502}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Application Verifier x64 External Package (HKLM\...\{8A4CD158-E6B3-6D91-D7DE-10098BC980E2}) (Version: 10.1.19041.685 - Microsoft) Hidden
Audacity 3.4.2 (HKLM\...\Audacity_is1) (Version: 3.4.2 - Audacity Team)
Autodesk Fusion 360 (HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.17954 - Autodesk, Inc.)
Beyond Compare Version 3.3.4 (HKLM-x32\...\BeyondCompare3_is1) (Version: - Scooter Software)
Blackmagic RAW Common Components (HKLM\...\{F4268583-A17F-43C8-AAAE-57CCA111273C}) (Version: 3.6.1 - Blackmagic Design)
Cleaner One Pro 6.8.0 (HKLM-x32\...\23e8a7f8-26bf-11ee-be56-0242ac120002) (Version: 6.8.0 - Trend Micro, Inc.)
DaVinci Resolve (HKLM\...\{3AF5FB42-AA97-4582-B73C-8185234B7FFC}) (Version: 18.6.50007 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{D1ACF467-9FB4-45DA-942F-A19452E70A3F}) (Version: 2.0.7.0 - Blackmagic Design)
DJI Flight Simulator 2.2.0.0 (HKLM-x32\...\DJI Flight Simulator) (Version: 2.2.0.0 - DJI)
GIMP 2.10.36 (HKLM\...\GIMP-2_is1) (Version: 2.10.36 - The GIMP Team)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 87.0.2.0 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HandBrake 1.7.3 (HKLM-x32\...\HandBrake) (Version: 1.7.3 - )
Inkscape (HKLM\...\{2AB0D298-5B41-4C70-BB32-46F153F7A1BF}) (Version: 1.3.2 - Inkscape)
K40 Whisperer 0.68 (HKLM\...\{156E35A7-AF8F-484E-B3AE-4701378B066D}_is1) (Version: 0.68 - Scorch Works)
KeePass Password Safe 2.56 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.56 - Dominik Reichl)
Kits Configuration Installer (HKLM-x32\...\{E75A9998-E979-760B-6AEB-49763F279EDD}) (Version: 10.1.19041.685 - Microsoft) Hidden
Lenovo Now (HKLM-x32\...\Lenovo Now) (Version: 3.12.2.2 - Lenovo Group Ltd.)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.0.52.0 - Lenovo Group Ltd.)
LibreOffice 24.2.0.3 (HKLM\...\{5A433714-C509-4707-BF0C-410D3FBCE8B3}) (Version: 24.2.0.3 - The Document Foundation)
Malwarebytes version 4.6.8.311 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.8.311 - Malwarebytes)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.27 (x64) (HKLM\...\{3A96B93E-763F-41E7-85C7-1F3CCC37EF27}) (Version: 48.108.8828 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.27 (x64) (HKLM\...\{7447A794-FA2E-42BE-BA9A-5FCBD54C5DF3}) (Version: 48.108.8828 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.27 (x64) (HKLM\...\{79043ED0-7ED1-4227-A5E5-04C5594D21F7}) (Version: 48.108.8828 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.52 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.52 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\OneDriveSetup.exe) (Version: 24.020.0128.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1072368098-1498503301-1659025735-1004\...\OneDriveSetup.exe) (Version: 24.010.0114.0003 - Microsoft Corporation)
Microsoft OneNote - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.17231.20236 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Debug Runtime - 14.29.30153 (HKLM\...\{36C28914-B045-41DB-8966-1C1692AF3BB7}) (Version: 14.29.30153 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Debug Runtime - 14.29.30153 (HKLM-x32\...\{CA4E811F-BFF9-43CC-894C-D4D2EC262E49}) (Version: 14.29.30153 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.6.2122.36397 - Microsoft Corporation)
Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{6AC5612A-D067-44B9-9C8E-2C1B3473B429}) (Version: 3.7.2182.35401 - Microsoft Corporation) Hidden
Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{E281F6E2-136B-4AF0-895B-253279711697}) (Version: 3.7.2182.35401 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.27 (x64) (HKLM\...\{E634F316-BEB6-4FB3-A612-F7102F576165}) (Version: 48.108.8836 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.27 (x64) (HKLM-x32\...\{d87ae0f4-64a6-4b94-859a-530b9c313c27}) (Version: 6.0.27.33320 - Microsoft Corporation)
Miniconda3 py310_23.5.2-0 (Python 3.10.12 64-bit) (HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\Miniconda3 py310_23.5.2-0 (Python 3.10.12 64-bit)) (Version: py310_23.5.2-0 - Anaconda, Inc.)
MSI Development Tools (HKLM-x32\...\{7AAC93B0-F3D7-6B24-6B37-9E74980C1C81}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.6.4 - Notepad++ Team)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Graphics Driver 546.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 546.33 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
PDFgear 2.1.4 (HKLM\...\{7DACF63A-4EE4-4837-9AF9-C65D4509FFB4}_is1) (Version: 2.1.4 - PDFgear)
Pinokio 1.2.0 (HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\f78f0b07-434a-5120-b014-8caf2017cc1a) (Version: 1.2.0 - hxxps://twitter.com/cocktailpeanut)
RawTherapee version 5.9 (HKLM\...\RawTherapee5.9_is1) (Version: 5.9 - rawtherapee.com)
SDK ARM Additions (HKLM-x32\...\{FCF9D89E-6F79-64FB-B08D-B0E69FF54DEE}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{72DB07D6-E166-5A3F-B6E6-4664383781B8}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
SpywareBlaster 6.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 6.0.0 - BrightFort LLC)
TreeSize Free V4.7.1 (64 bit) (HKLM\...\TreeSize Free_is1) (Version: 4.7.1 - JAM Software)
Universal CRT Extension SDK (HKLM-x32\...\{4D69FB64-4443-F2DD-DE1C-F14FD98AAC59}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{6B56745A-F6A4-C51C-933A-AD96C00683EA}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A57CD0A6-4297-FD30-34A4-34758B6F5F69}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{CD06199B-41C1-AE6D-7567-984CC68792C3}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{BD75F257-50A4-E0CD-9942-C3550CA3E66A}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{A7E95C47-B5F4-110C-D27A-DECB03412B96}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{A45B4CF2-2E27-40E0-81F0-7307F19D20F2}) (Version: 14.29.30153 - Microsoft Corporation) Hidden
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.26.7 - IDRIX)
Visual Studio Build Tools 2019 (HKLM-x32\...\7777503a) (Version: 16.11.34 - Microsoft Corporation)
VS Script Debugging Common (HKLM\...\{A4272808-82F5-410F-A5F9-1BF6F63F6B9A}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{5C127D2C-BC0B-44B8-A1A5-34E9E7A116FC}) (Version: 16.11.31911 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{3751D1CF-9A44-43D2-B4BB-80FA6E7925A8}) (Version: 16.10.31213 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{102E83BD-B6A0-4C74-AD22-7D594A3435D3}) (Version: 16.11.31503 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{6CBDE7BE-E956-4E0E-81FB-2CB79190C924}) (Version: 16.11.31503 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{05CA3463-0B45-425D-9AF2-E1964AB85CBB}) (Version: 16.10.31303 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{883D29E5-9A41-4C45-A192-C10B8078BF0C}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{8D5F2001-0BFF-4319-B939-785F13A23A2E}) (Version: 16.11.34407 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{0916C6E1-6A0A-4887-9E00-D96FD44AFACE}) (Version: 16.10.31303 - Microsoft Corporation) Hidden
WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.866 - McAfee, LLC)
WinAppDeploy (HKLM-x32\...\{2ADF1977-BF31-E127-B651-AC28A8658317}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows App Certification Kit Native Components (HKLM\...\{D2886D0B-F38D-EB07-2108-B6218761F8F9}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows App Certification Kit SupportedApiList x86 (HKLM-x32\...\{26D02D07-8007-2FD2-6DFE-14B29D09B5FD}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (HKLM-x32\...\{6487BFDF-6FA4-7CC5-0341-AA5D1AB69856}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK (HKLM-x32\...\{D3B54AAA-2B64-5DE2-EA64-9900152E5282}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK Contracts (HKLM-x32\...\{A34A6580-86EF-A26A-33A5-80E1919B7F75}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows IoT Extension SDK (HKLM-x32\...\{084094EF-6AC9-480A-7CC1-04199047BBDD}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows IoT Extension SDK Contracts (HKLM-x32\...\{497B2D49-F5C2-CA3B-05FF-22ABF39F2873}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK (HKLM-x32\...\{718C25EB-084C-6341-1C3E-589DA641C28F}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK Contracts (HKLM-x32\...\{7A9E937D-9757-80CB-A6E3-F4AB6081AEA6}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK (HKLM-x32\...\{7B891B74-6BE8-1581-357C-72DD8A82F0F7}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{E18618EC-D9DB-4BCE-B382-85ADA2CBB340}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows SDK ARM Desktop Tools (HKLM-x32\...\{940042ED-CB90-8E03-BE68-DF8A76E661FD}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm (HKLM-x32\...\{4BD2B107-B0D3-850C-7135-ACA153D30C78}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm64 (HKLM-x32\...\{C88797F9-0AD8-E022-5BBB-596BC78D4C76}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x64 (HKLM-x32\...\{C81D239D-863A-D4B4-3562-BC8D3D7C271E}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x86 (HKLM-x32\...\{3D5981B5-ABF0-1495-7FC3-102D1C75B9C8}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm (HKLM-x32\...\{2AC29D7B-F29F-34FA-4434-C5DF1F086264}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm64 (HKLM-x32\...\{9555AB64-6A00-776F-CA44-568E0E7B9632}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x64 (HKLM-x32\...\{170B023D-7C1B-2EF4-D3E9-B974A26752AC}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x86 (HKLM-x32\...\{7DD1F495-F1BF-6A30-620F-AC064DD302D8}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools arm64 (HKLM-x32\...\{06E580FA-F3B2-08E9-4DC0-0AB55D985CBB}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x64 (HKLM-x32\...\{F9BDEC71-9E56-CFBF-0AE8-E7AF032D07C7}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x86 (HKLM-x32\...\{1C966E96-8553-EF1E-A06F-A8174B3CAA60}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK DirectX x64 Remote (HKLM\...\{EBD149F6-9F46-49E4-ED99-25D2A0ECDBBD}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK DirectX x86 Remote (HKLM-x32\...\{313B416A-97E7-F3EF-EDFC-A903A8CA4BC2}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK EULA (HKLM-x32\...\{A50A075D-973C-1867-4228-738205D555C8}) (Version: 10.1.19041.685 - Microsoft Corporations) Hidden
Windows SDK Facade Windows WinMD Versioned (HKLM-x32\...\{2D296649-CFBE-CF23-EA8E-E24554187B3F}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps (HKLM-x32\...\{A5E4C2C0-D963-40D6-8E5F-60A4DD995331}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Contracts (HKLM-x32\...\{2A8533B3-8D16-67E4-E729-5BB04EDD2FE4}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps DirectX x86 Remote (HKLM-x32\...\{0E2FEA3B-C853-DE2A-8A04-BB7D5BF010E0}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Headers (HKLM-x32\...\{8E9DD3FE-3338-8012-81C5-F3AA9B617BAE}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Libs (HKLM-x32\...\{1FBBD022-F751-FE7B-54DF-9FED23892B2F}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Metadata (HKLM-x32\...\{2CFB2180-7C20-5470-4B8A-747512A6AB70}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Tools (HKLM-x32\...\{4AC6C7FB-D848-9D68-DCB0-1376083FEA3A}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Managed Apps Libs (HKLM-x32\...\{FF7D4409-CF59-34AE-BDC7-8A6146A9BA36}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Modern Non-Versioned Developer Tools (HKLM-x32\...\{43AA42C2-D292-CF91-6264-63B7A99CDE99}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Modern Versioned Developer Tools (HKLM-x32\...\{FC5A59F8-6BEE-FBB4-C720-47C565A92798}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Redistributables (HKLM-x32\...\{43B3CDF5-CD8F-9A5E-4598-765F8CB27170}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Signing Tools (HKLM-x32\...\{B62A26BB-90A0-82FB-2DDC-3157ADF07833}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows Software Development Kit - Windows 10.0.19041.685 (HKLM-x32\...\{4591faf1-a2db-4a3d-bfda-aa5a4ebb1587}) (Version: 10.1.19041.685 - Microsoft Corporation)
Windows Team Extension SDK (HKLM-x32\...\{CE7E4A6A-45A2-2968-4B34-D0D4CFCC0E1D}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows Team Extension SDK Contracts (HKLM-x32\...\{5F616EBF-DF09-A2DA-AB66-3A5341FA611C}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WingetUI (HKLM-x32\...\{889610CC-4337-4BDB-AC3B-4F21806C0BDE}_is1) (Version: 2.2.0 - Martí Climent)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{BCF7CA0F-E53C-2A4F-B128-A751EC9A1016}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{B42BF427-AFDB-C00F-DB60-6F51395D74A1}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{3335615C-ABEB-960E-2226-4274CD28E046}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{216D5F47-257D-6284-5849-B51037875EFA}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{443FF51E-16C3-F23B-18FC-0D1D66024B0B}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{15E29AFF-CB19-A20B-9A81-B0765A63115F}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{FF2B49B7-0254-3D6A-4BE0-EF4C59DBCC2B}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{0AF3B821-474B-1885-473A-6E3FB4F1CF71}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{8832F8ED-1035-9ABE-FD73-4E5ABAA84A5C}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
XnView MP (x64) (HKLM\...\XnView MP (x64)_is1) (Version: 1.6.5.0 - Pierre-e Gougelet)
Packages:
=========
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5336.0_x64__8j3eq9eme6ctt [2024-02-14] (INTEL CORP) [Startup Task]
Dev Home (Preview) -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1101.416.0_x64__8wekyb3d8bbwe [2024-02-22] (Microsoft Corporation)
Journal -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJournal_1.23306.1292.0_x64__8wekyb3d8bbwe [2024-01-12] (Microsoft Corporation)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2401.24.0_x64__k1h2ywk1493x8 [2024-02-23] (LENOVO INC.)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.5.109.0_x64__5grkq8ppsgwt4 [2023-12-23] (LENOVO INC) [Startup Task]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2311.21003.0_x64__8wekyb3d8bbwe [2024-01-12] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-12-23] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.21027.539.0_x64__8wekyb3d8bbwe [2024-01-12] (Microsoft Corporation)
Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-12-23] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-02-07] (Microsoft Corporation)
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-12-23] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-01-12] (Microsoft Corporation)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.22.0_x64__w2gh52qy24etm [2024-02-08] (A-Volute)
Narrator Extension - Excel -> C:\Program Files\WindowsApps\MicrosoftWindows.NarratorScript.Excel_1.0.14.0_neutral__cw5n1h2txyewy [2024-01-19] (Microsoft Windows)
Narrator Extension - Outlook -> C:\Program Files\WindowsApps\MicrosoftWindows.NarratorScript.Outlook_1.0.6.0_neutral__cw5n1h2txyewy [2024-01-19] (Microsoft Windows)
Notepad++ -> C:\Program Files\Notepad++\contextMenu [2024-02-27] (Notepad++)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-12-23] (NVIDIA Corp.)
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_11.2402.223.0_x64__8wekyb3d8bbwe [2024-02-18] (Microsoft Corporation) [Startup Task]
Speech Pack - English (United Kingdom) -> C:\Program Files\WindowsApps\MicrosoftWindows.Speech.en-GB.1_1.0.7.0_x64__cw5n1h2txyewy [2023-12-07] (Microsoft Windows)
Speech Pack - English (United States) -> C:\Program Files\WindowsApps\MicrosoftWindows.Speech.en-US.1_1.0.16.0_x64__cw5n1h2txyewy [2023-12-04] (Microsoft Windows)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0 [2024-02-28] (Spotify AB) [Startup Task]
WinAppRuntime.Main.1.2 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2023-12-23] (Microsoft Corp.)
WinAppRuntime.Main.1.4 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.4_4000.1136.2333.0_x64__8wekyb3d8bbwe [2024-02-14] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_4000.1136.2333.0_x64__8wekyb3d8bbwe [2024-02-14] (Microsoft Corp.)
Windows App Runtime DDLM 2000.802.31.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.802.31.0-x6_2000.802.31.0_x64__8wekyb3d8bbwe [2023-12-23] (Microsoft Corporation)
Windows App Runtime DDLM 2000.802.31.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.802.31.0-x8_2000.802.31.0_x86__8wekyb3d8bbwe [2023-12-23] (Microsoft Corporation)
Windows App Runtime DDLM 4000.1049.117.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1049.117.0-x6_4000.1049.117.0_x64__8wekyb3d8bbwe [2023-12-23] (Microsoft Corporation)
Windows App Runtime DDLM 4000.1049.117.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1049.117.0-x8_4000.1049.117.0_x86__8wekyb3d8bbwe [2023-12-23] (Microsoft Corporation)
Windows App Runtime DDLM 4000.964.11.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.964.11.0-x6_4000.964.11.0_x64__8wekyb3d8bbwe [2023-12-23] (Microsoft Corporation)
Windows App Runtime DDLM 4000.964.11.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.964.11.0-x8_4000.964.11.0_x86__8wekyb3d8bbwe [2023-12-23] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-01-24] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1072368098-1498503301-1659025735-1001_Classes\CLSID\{1a46400f-4c81-802a-c2c1-1e9a687a9340}\localserver32 -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-1072368098-1498503301-1659025735-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\domin\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
CustomCLSID: HKU\S-1-5-21-1072368098-1498503301-1659025735-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\domin\AppData\Local\Autodesk\webdeploy\production\b0c303e70bd97cfdc195adab65922cfeffcb363a\NPreview10.dll (Autodesk, Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-23] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-23] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-23] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-23] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [CirrusShellEx] -> {57FA2D12-D22D-490A-805A-5CB48E84F12A} => C:\Program Files (x86)\Beyond Compare 3\BCShellEx64.dll [2010-03-01] (Scooter Software) [File not signed]
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-23] (Google LLC -> Google, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-12-27] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [CirrusShellEx] -> {57FA2D12-D22D-490A-805A-5CB48E84F12A} => C:\Program Files (x86)\Beyond Compare 3\BCShellEx64.dll [2010-03-01] (Scooter Software) [File not signed]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-23] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-23] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_9a2c79b60d6607c6\nvshext.dll [2023-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [CirrusShellEx] -> {57FA2D12-D22D-490A-805A-5CB48E84F12A} => C:\Program Files (x86)\Beyond Compare 3\BCShellEx64.dll [2010-03-01] (Scooter Software) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-12-27] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Miniconda3 (64-bit)\Anaconda Prompt (miniconda).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\domin\pinokio\bin\miniconda\Scripts\activate.bat C:\Users\domin\pinokio\bin\miniconda
==================== Loaded Modules (Whitelisted) =============
2023-12-27 10:16 - 2023-12-12 17:53 - 000072704 _____ () [File not signed] C:\Program Files\WingetUI\_cffi_backend.cp311-win_amd64.pyd
2023-12-27 10:16 - 2023-12-12 17:53 - 000029968 _____ () [File not signed] C:\Program Files\WingetUI\libffi-8.dll
2023-12-27 10:16 - 2023-12-12 17:53 - 000011264 _____ () [File not signed] C:\Program Files\WingetUI\markupsafe\_speedups.cp311-win_amd64.pyd
2023-12-27 10:16 - 2023-12-12 17:53 - 000105616 _____ () [File not signed] C:\Program Files\WingetUI\pyside6.abi3.dll
2023-12-27 10:16 - 2023-12-15 23:18 - 000815760 _____ () [File not signed] C:\Program Files\WingetUI\PySide6\QtCore.pyd
2023-12-27 10:16 - 2023-12-15 23:18 - 000837264 _____ () [File not signed] C:\Program Files\WingetUI\PySide6\QtGui.pyd
2023-12-27 10:16 - 2023-12-15 23:18 - 001223312 _____ () [File not signed] C:\Program Files\WingetUI\PySide6\QtWidgets.pyd
2023-12-27 10:16 - 2023-12-12 17:53 - 000063488 _____ () [File not signed] C:\Program Files\WingetUI\pywintypes311.dll
2023-12-27 10:16 - 2023-12-15 23:18 - 000025232 _____ () [File not signed] C:\Program Files\WingetUI\shiboken6\Shiboken.pyd
2023-12-27 10:16 - 2023-12-15 23:18 - 000152208 _____ () [File not signed] C:\Program Files\WingetUI\shiboken6\shiboken6.abi3.dll
2023-12-27 10:16 - 2023-12-12 17:53 - 000295424 _____ () [File not signed] C:\Program Files\WingetUI\toasts_winrt\_winrt.pyd
2023-12-27 10:16 - 2023-12-12 17:53 - 000067584 _____ () [File not signed] C:\Program Files\WingetUI\win32gui.pyd
2023-12-27 10:16 - 2023-12-12 17:53 - 000080896 _____ () [File not signed] C:\Program Files\WingetUI\yaml\_yaml.cp311-win_amd64.pyd
2023-12-27 10:16 - 2023-12-12 17:53 - 000008192 _____ (ClrLoader) [File not signed] [File is in use] C:\Program Files\WingetUI\clr_loader\ffi\dlls\amd64\ClrLoader.dll
2023-12-27 10:16 - 2023-12-12 17:53 - 000037136 _____ (Python Software Foundation) [File not signed] C:\Program Files\WingetUI\_asyncio.pyd
2023-12-27 10:16 - 2023-12-12 17:53 - 000049424 _____ (Python Software Foundation) [File not signed] C:\Program Files\WingetUI\_bz2.pyd
2023-12-27 10:16 - 2023-12-12 17:53 - 000059672 _____ (Python Software Foundation) [File not signed] C:\Program Files\WingetUI\_ctypes.pyd
2023-12-27 10:16 - 2023-12-12 17:53 - 000109328 _____ (Python Software Foundation) [File not signed] C:\Program Files\WingetUI\_decimal.pyd
2023-12-27 10:16 - 2023-12-12 17:53 - 000036120 _____ (Python Software Foundation) [File not signed] C:\Program Files\WingetUI\_hashlib.pyd
2023-12-27 10:16 - 2023-12-12 17:53 - 000087832 _____ (Python Software Foundation) [File not signed] C:\Program Files\WingetUI\_lzma.pyd
2023-12-27 10:16 - 2023-12-12 17:53 - 000033040 _____ (Python Software Foundation) [File not signed] C:\Program Files\WingetUI\_overlapped.pyd
2023-12-27 10:16 - 2023-12-12 17:53 - 000026392 _____ (Python Software Foundation) [File not signed] C:\Program Files\WingetUI\_queue.pyd
2023-12-27 10:16 - 2023-12-12 17:53 - 000044304 _____ (Python Software Foundation) [File not signed] C:\Program Files\WingetUI\_socket.pyd
2023-12-27 10:16 - 2023-12-12 17:53 - 000063768 _____ (Python Software Foundation) [File not signed] C:\Program Files\WingetUI\_ssl.pyd
2023-12-27 10:16 - 2023-12-12 17:53 - 000089872 _____ (Python Software Foundation) [File not signed] C:\Program Files\WingetUI\pyexpat.pyd
2023-12-27 10:16 - 2023-12-12 17:53 - 001703696 _____ (Python Software Foundation) [File not signed] C:\Program Files\WingetUI\python311.dll
2023-12-27 10:16 - 2023-12-12 17:53 - 000026384 _____ (Python Software Foundation) [File not signed] C:\Program Files\WingetUI\select.pyd
2023-12-27 10:16 - 2023-12-12 17:53 - 000302872 _____ (Python Software Foundation) [File not signed] C:\Program Files\WingetUI\unicodedata.pyd
2023-12-01 17:52 - 2010-03-01 09:54 - 000390648 _____ (Scooter Software) [File not signed] C:\Program Files (x86)\Beyond Compare 3\BCShellEx64.dll
2023-12-27 10:16 - 2023-12-12 17:53 - 001112856 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\WingetUI\libcrypto-1_1.dll
2023-12-27 10:16 - 2023-12-12 17:53 - 000209688 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\WingetUI\libssl-1_1.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [136]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\1001movie.com -> 1001movie.com
There are 6091 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 05:24 - 2022-05-07 05:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\domin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-1072368098-1498503301-1659025735-1004\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "KeePass 2 PreLoad"
HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\StartupApproved\Run: => "LenovoVantage"
HKU\S-1-5-21-1072368098-1498503301-1659025735-1001\...\StartupApproved\Run: => "LenovoVantageToolbar"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{6FF1F58C-E5CC-4121-A2ED-8929F0AB4A4B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2C235E25-7CD2-458F-908A-67AEBA8B0671}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3B493AD8-3A88-43E9-993D-D7B774F54966}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23306.3309.2530.1346_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1255C64B-CFA9-4A41-8B21-09F50A728557}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23306.3309.2530.1346_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{CD0EF840-B2C9-4A63-A62A-CD60E19F1F7D}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{D7350CF8-D11C-4E88-9B42-70F0B114D4EB}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{279DCA1D-ABCD-4F01-ACE5-59B65B7BDD90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B4F4698E-27E1-4545-BB0F-9F2141CB93F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A8EC4702-08FF-4435-AC6E-A9606FE1BA49}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{268FCC11-BB06-40EF-8985-41B8A4D6BE80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{46D81BE4-25C7-4621-86B6-6B54BDF8A989}C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe] => (Block) C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe (Blackmagic Design Pty Ltd -> Blackmagic Design)
FirewallRules: [UDP Query User{C3209F48-47D7-4F36-892A-7FA3800ED668}C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe] => (Block) C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe (Blackmagic Design Pty Ltd -> Blackmagic Design)
FirewallRules: [{1C999503-4ECD-4680-BE71-CA42265B1EE3}] => (Allow) C:\Users\domin\AppData\Roaming\Zoom\bin\Zoom.exe => No File
FirewallRules: [{9BAFE9CA-93A0-49F1-8DB9-83A4CCDE6FF2}] => (Allow) C:\Users\domin\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{942D2A6F-0ED2-4944-95E0-B498E95AE314}] => (Allow) C:\Users\domin\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{5EBE9852-9882-4DFD-8BF7-42972866C12C}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{246CAA44-4273-4E2E-8FCF-7ED45A723979}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{C2696F2D-0230-47CD-A7D8-7601DFE5276D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{83122B52-023C-42BE-AB2D-351F286ED4EA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{00474DD0-24DC-4DB9-9138-E34371188CAB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{ABAF839B-AB49-486E-B478-DBB8C5F0C44F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{2E21D2EC-2C0C-4565-A7B5-383F5AC96A3D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{E6FE7E3F-E157-41CD-8FDD-3A41B8760CD2}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{09A22AB9-668C-4EDC-B63A-5BA77FA2942C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{5B03559C-236B-4E79-BB8A-141959DC81C5}C:\users\domin\appdata\local\programs\pinokio\pinokio.exe] => (Allow) C:\users\domin\appdata\local\programs\pinokio\pinokio.exe (hxxps://twitter.com/cocktailpeanut) [File not signed]
FirewallRules: [UDP Query User{53908C4E-BC4C-4B5A-A068-D5C004356B70}C:\users\domin\appdata\local\programs\pinokio\pinokio.exe] => (Allow) C:\users\domin\appdata\local\programs\pinokio\pinokio.exe (hxxps://twitter.com/cocktailpeanut) [File not signed]
FirewallRules: [{563F5909-EEE7-4AD5-BD9D-2CEB4FD253D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DE194028-777B-4C12-A67D-E87237E8F37F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BE933A2F-7371-46CC-B0B2-7F2698CAE53A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8384C296-5483-40A3-96F5-BA128EDE4C9D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{090D604B-7295-4E0A-A2F3-49CE09E07C52}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5E87F422-26F1-4DCD-869F-5A42DDB415BB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CF773633-BD0B-4C79-9408-251966D85EA3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CC700262-95AE-45AA-A855-799CFC2A896B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E2DAE986-7033-49C8-B978-6D71E265C0AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DDE4A5D8-1680-45D5-A389-EEA9E5B739DC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
==================== Restore Points =========================
28-02-2024 14:07:52 Windows Software Development Kit - Windows 10.0.19041.685
==================== Faulty Device Manager Devices ============
Name: Universal Device Client Device
Description: Universal Device Client Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Lenovo
Service: WUDFRd
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: ========================
Application errors:
==================
Error: (02/23/2024 03:42:53 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: Recovery phase failed.
Context: Application, SystemIndex Catalog
Details:
0x%08x (0x80040d23 - The gatherer is shutting down. (HRESULT : 0x80040d23))
Error: (02/23/2024 03:42:53 PM) (Source: Windows Search Service) (EventID: 3602) (User: )
Description: Error ID 1 happened in Windows Search recovery stage, please restart the service. If this error persists, please recreate the index.
Context: Application, SystemIndex Catalog
Details:
0x%08x (0x80040d23 - The gatherer is shutting down. (HRESULT : 0x80040d23))
Error: (02/23/2024 03:13:13 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: Recovery phase failed.
Context: Application, SystemIndex Catalog
Details:
0x%08x (0x80040d23 - The gatherer is shutting down. (HRESULT : 0x80040d23))
Error: (02/23/2024 03:13:13 PM) (Source: Windows Search Service) (EventID: 3602) (User: )
Description: Error ID 1 happened in Windows Search recovery stage, please restart the service. If this error persists, please recreate the index.
Context: Application, SystemIndex Catalog
Details:
0x%08x (0x80040d23 - The gatherer is shutting down. (HRESULT : 0x80040d23))
Error: (02/20/2024 04:58:43 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program gimp-2.10.exe version 2.10.36.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Error: (02/19/2024 01:36:17 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress..
Error: (02/19/2024 01:36:17 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.]
Error: (02/19/2024 12:43:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Canon\ImageBrowser EX\MFC80U.DLL".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
System errors:
=============
Error: (02/28/2024 10:21:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (02/28/2024 10:21:36 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\domin\AppData\Local\Temp\ehdrv.sys
Error: (02/28/2024 10:21:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (02/28/2024 10:21:35 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\domin\AppData\Local\Temp\ehdrv.sys
Error: (02/28/2024 10:21:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (02/28/2024 10:21:35 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\domin\AppData\Local\Temp\ehdrv.sys
Error: (02/28/2024 10:21:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (02/28/2024 10:21:35 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\domin\AppData\Local\Temp\ehdrv.sys
Windows Defender:
================
Date: 2024-02-29 07:38:09
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-02-29 07:38:06
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-02-29 07:36:42
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Full Scan
Date: 2024-02-28 22:11:30
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Full Scan
Date: 2024-02-28 16:40:09
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Full Scan
Event[0]
Date: 2024-02-28 22:16:10
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2024-02-14 20:59:35
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.403.3727.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23110.2
Error code: 0x8024001e
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2023-12-05 11:01:35
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.401.1643.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23100.2009
Error code: 0x80240022
Error description: The program can't check for definition updates.
Date: 2023-12-05 11:01:35
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.401.1643.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23100.2009
Error code: 0x80240022
Error description: The program can't check for definition updates.
CodeIntegrity:
===============
Date: 2024-02-28 22:21:36
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Users\domin\AppData\Local\Temp\ehdrv.sys that is not compatible with hypervisor enforcement. Failure bitmap 0x1. Status 0xC00000BB.
Date: 2024-02-28 16:49:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\AudioDevProps2.dll that did not meet the Microsoft signing level requirements.
Date: 2024-02-28 15:09:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\domin\AppData\Local\Programs\Pinokio\Pinokio.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Microsoft signing level requirements.
Date: 2024-02-28 14:39:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO LZCN33WW 11/08/2023
Motherboard: LENOVO LNVNB161216
Processor: 13th Gen Intel® Core™ i5-13500H
Percentage of memory in use: 60%
Total physical RAM: 16108.05 MB
Available physical RAM: 6362.36 MB
Total Virtual: 35564.05 MB
Available Virtual: 23147.02 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:474.72 GB) (Free:342.7 GB) (Model: Micron MTFDKCD512QFM-1BD1AABLA) NTFS
Drive d: (doms) (Fixed) (Total:931.5 GB) (Free:168.97 GB) (Model: WDS100T3X0C-00SJG0) NTFS
Drive g: (veggiedom@googlemail.com - Go...) (Fixed) (Total:15 GB) (Free:4.8 GB) (Model: Micron MTFDKCD512QFM-1BD1AABLA) FAT32
Drive i: (dominic.theaker@gmail.com - G...) (Fixed) (Total:15 GB) (Free:13.87 GB) (Model: Micron MTFDKCD512QFM-1BD1AABLA) FAT32
\\?\Volume{a6bb45b6-9b5d-4e23-a8d5-7913014b0d32}\ (WINRE_DRV) (Fixed) (Total:1.95 GB) (Free:1.22 GB) NTFS
\\?\Volume{1883167f-a18a-4e88-9eb2-4d41238a018e}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: FE6167F0)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Back to top
back to 
