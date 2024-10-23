Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2022

Ran by henry (30-11-2022 23:00:36)

Running from C:\Users\henry\OneDrive\Desktop\KS

Microsoft Windows 11 Pro Version 22H2 22621.819 (X64) (2022-11-24 01:01:42)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1327980298-1667911545-2908986163-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-1327980298-1667911545-2908986163-503 - Limited - Disabled)

Guest (S-1-5-21-1327980298-1667911545-2908986163-501 - Limited - Disabled)

henry (S-1-5-21-1327980298-1667911545-2908986163-1001 - Administrator - Enabled) => C:\Users\henry

WDAGUtilityAccount (S-1-5-21-1327980298-1667911545-2908986163-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Norton 360 (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

FW: Norton 360 (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}

FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avast One (HKLM\...\Avast Antivirus) (Version: 22.11.6041 - Avast Software)

Malwarebytes version 4.5.17.221 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.17.221 - Malwarebytes)

Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.62 - Microsoft Corporation)

Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.62 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-1327980298-1667911545-2908986163-1001\...\OneDriveSetup.exe) (Version: 22.227.1030.0001 - Microsoft Corporation)

Microsoft Update Health Tools (HKLM\...\{A40EC9FA-6D3F-4B66-B254-D9B42634931F}) (Version: 5.68.0.0 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)

Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)

Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden

Norton 360 (HKLM-x32\...\NGC) (Version: 22.22.10.9 - NortonLifeLock Inc)

NVIDIA Graphics Driver 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)

VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.25.9 - IDRIX)

Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.4.0-11 - Wacom Technology Corp.)

WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)

ZBrush 2022.0.5 Updater (HKLM\...\ZBrush 2022 2022) (Version: 2022.0.5 - Pixologic)

Packages:

=========

Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.2.8.0_neutral__yxz26nhyzhsrt [2022-11-23] (Microsoft Corp.)

Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.42.5.0_x64__6rarf9sa4v8jt [2022-11-20] (Disney)

Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-11-22] (Microsoft Studios) [MS Ad]

ms-resource:APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.5.0_x64__8wekyb3d8bbwe [2022-11-23] (Microsoft Corp.)

ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.30391.0_x64__8wekyb3d8bbwe [2022-11-23] (Microsoft Corporation)

ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-11-23] (Microsoft Corporation)

Norton Security -> C:\Program Files\Norton Security\Engine\22.22.10.9 [2022-11-30] (0)

NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-11-23] (NVIDIA Corp.)

Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2022-11-20] (Realtek Semiconductor Corp)

Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.198.691.0_x86__zpdnekdrzrea0 [2022-11-20] (Spotify AB) [Startup Task]

Waves MaxxAudio For Acer -> C:\Program Files\WindowsApps\WavesAudio.20761030F5EAC_1.0.67.0_x64__fh4rh281wavaa [2022-11-20] (Waves Audio)

Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2022-11-23] (Microsoft Windows)

WinRAR -> C:\Program Files\WinRAR [2022-11-27] (0)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.22.10.9\buShell.dll [2022-11-07] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.22.10.9\buShell.dll [2022-11-07] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.22.10.9\buShell.dll [2022-11-07] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-11-20] (Avast Software s.r.o. -> AVAST Software)

ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.22.10.9\buShell.dll [2022-11-07] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.22.10.9\buShell.dll [2022-11-07] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.22.10.9\buShell.dll [2022-11-07] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-11-20] (Avast Software s.r.o. -> AVAST Software)

ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-11-20] (Avast Software s.r.o. -> AVAST Software)

ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.22.10.9\buShell.dll [2022-11-07] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.22.10.9\NavShExt.dll [2022-11-07] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.22.10.9\NavShExt.dll [2022-11-07] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-11-20] (Avast Software s.r.o. -> AVAST Software)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-11-20] (Malwarebytes Inc. -> Malwarebytes)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository

vacegpu.inf_amd64_d6e443c3f366fc32

vshext.dll [2020-07-23] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-11-20] (Avast Software s.r.o. -> AVAST Software)

ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.22.10.9\buShell.dll [2022-11-07] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-11-20] (Malwarebytes Inc. -> Malwarebytes)

ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.22.10.9\NavShExt.dll [2022-11-07] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-06-05 08:08 - 2021-06-05 08:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2022-11-21 21:33 - 2022-11-27 23:52 - 000000516 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

530

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1327980298-1667911545-2908986163-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\henry\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper

DNS Servers: 10.255.0.0 - 208.94.176.20

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1327980298-1667911545-2908986163-1001\...\StartupApproved\Run: => "OneDrive"

HKU\S-1-5-21-1327980298-1667911545-2908986163-1001\...\StartupApproved\Run: => "VeraCrypt"

HKU\S-1-5-21-1327980298-1667911545-2908986163-1001\...\StartupApproved\Run: => "OneDriveSetup"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8B53DA4E-34C2-424D-8283-0CE76D8C712E}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)

FirewallRules: [{15D615D0-8551-436A-9650-A4D96E8899B4}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)

FirewallRules: [{1A6B544F-D6CD-4A58-983F-98B25FF34C7A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.198.691.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{6E729EAB-0E63-4353-A59D-72F2165EAED7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.198.691.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{ED791397-202E-433F-B281-5E7BE3BB10B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.198.691.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{1A2F1A66-B4A2-4EF2-A447-F96FAE74B9A3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.198.691.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{D19C8476-D39A-4E8A-98EC-E65C69ED0D0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.198.691.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{3019420F-0927-496A-8336-2D12C1481AEA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.198.691.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{D6CDB87C-C5CF-47EC-8E11-7DEF2BDB14A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.198.691.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{B12EEA42-2CD2-43AE-9DD8-5879B650F118}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.198.691.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{272B15EA-462E-427B-B515-C6960936D0F4}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22287.702.1670.9453_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{D900A6B1-13CE-4B93-9F59-9F98AFD23038}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22287.702.1670.9453_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{E94D06F6-AFED-416B-9EB5-A0D51ACB5860}] => (Allow) C:\Users\henry\AppData\Local\Temp\bittorrent\bittorrent.exe => No File

FirewallRules: [{3432493B-99DE-43FA-9F31-C38891BC0689}] => (Allow) C:\Users\henry\AppData\Local\Temp\bittorrent\bittorrent.exe => No File

FirewallRules: [{BD49A010-4E71-49F1-B2CA-1393A4E6EB07}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

28-11-2022 22:17:00 KpRm

==================== Faulty Device Manager Devices ============

Name: Intel(R) Wireless Bluetooth(R)

Description: Intel(R) Wireless Bluetooth(R)

Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}

Manufacturer: Intel Corporation

Service: BTHUSB

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HD User Facing

Description: USB Video Device

Class Guid: {ca3e7ab9-b4c3-4ae6-8251-579ef933890f}

Manufacturer: Microsoft

Service: usbvideo

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Base System Device

Description: Base System Device

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Intel(R) Wi-Fi 6 AX200 160MHz

Description: Intel(R) Wi-Fi 6 AX200 160MHz

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Intel Corporation

Service: Netwtw10

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.