Hello, I finally was able to get this done. Sorry for the delay and Thank you again for your help!
Here are the results :
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26.02.2024 01
Ran by NCC1701_02.02.24 (administrator) on NEW-NCC1701 (Dell Inc. XPS 8940) (29-02-2024 11:33:33)
Running from C:\Users\NCC1701_02.02.24\Desktop\SEEK & DESTROY\FRST64.exe
Loaded Profiles: NCC1701_02.02.24
Platform: Microsoft Windows 11 Home Version 23H2 22631.3235 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.CoreServices.Client.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Intel\Intel Arc Control\ArcControl.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Arc Control\ArcControlAssist.exe <6>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(drivers\RivetNetworks\Killer\KAPSService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPS.exe
(drivers\RivetNetworks\Killer\KNDBWMService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_19704598c1c9840a\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_19704598c1c9840a\igfxEMN.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <16>
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Arc Control\ArcControl.exe
(Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_3de31b09a0024837\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Arc Control\ArcControlService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_19704598c1c9840a\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_64d7fcfcde9b9c10\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_2ca0a47853f51398\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ac65d2dfc98d80ce\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ca4b456b5e9690a6\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_f3c201b4c28c14d0\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a4555e9b35287491\RtkAudUService64.exe <3>
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSysSvc64.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.170.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a4555e9b35287491\RtkAudUService64.exe [1649504 2023-03-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSvc64.exe [5083736 2023-02-22] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM-x32\...\Run: [Intel® Arc™ Control] => C:\Program Files\Intel\Intel Arc Control\ArcControl.exe [1617960 2023-12-05] (Intel Corporation -> Intel Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-287634066-2289251947-2206231936-1001\...\Run: [MicrosoftEdgeAutoLaunch_D7447DCA6902CB0288A5F3AB362FEC18] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788736 2024-02-04] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\122.0.6261.95\Installer\chrmstp.exe [2024-02-29] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {CCD5E882-466F-4294-8FA8-2BF3547DEB72} - System32\Tasks\GoogleUpdateTaskMachineCore{6F9297AB-D53B-4C6B-A188-49DDD3563A0A} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-02-15] (Google LLC -> Google LLC)
Task: {3F4E2B57-72D4-4C77-BF3E-47FAA2D5151F} - System32\Tasks\GoogleUpdateTaskMachineUA{71AD4A40-F0BB-4603-BFB4-7258E1B41130} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-02-15] (Google LLC -> Google LLC)
Task: {5D82B75E-74BF-43D7-BEDD-0D6E648D65DD} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4922296 2023-12-19] (Intel Corporation -> Intel Corporation)
Task: {F933043F-E6F5-46BC-8273-971DAB0DF1C1} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4922296 2023-12-19] (Intel Corporation -> Intel Corporation)
Task: {99272C9D-9A3C-41F4-9E27-381D29A5D705} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671136 2024-02-05] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {4F0067C2-EE35-4CCE-84C9-F2FAE44EB357} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-02-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {3BFF8200-DBA5-4862-8CE5-FA37F85879CB} - System32\Tasks\RNIdle Task => C:\Windows\System32\drivers\RivetNetworks\Killer\RNIdleTask.exe [31536 2023-12-18] (Intel Corporation -> )
Task: {65365E6D-5510-4ECC-8775-6DAACE394058} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\Windows\System32\Wscript.exe [200704 2023-12-03] (Microsoft Windows -> Microsoft Corporation) -> //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.42.10
Tcpip\..\Interfaces\{97a53191-b85d-4d2e-bd6a-947d73e8eb30}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{97a53191-b85d-4d2e-bd6a-947d73e8eb30}\0534F4E4C495F5F4344523032333: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{f061f94f-7f6c-489f-a5e9-f0921c55f548}: [DhcpNameServer] 192.168.42.10
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\NCC1701_02.02.24\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-19]
Edge Extension: (Google Docs Offline) - C:\Users\NCC1701_02.02.24\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-02]
Edge Extension: (Edge relevant text changes) - C:\Users\NCC1701_02.02.24\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-02]
FireFox:
========
FF DefaultProfile: 8ixzsuoo.default
FF ProfilePath: C:\Users\NCC1701_02.02.24\AppData\Roaming\Mozilla\Firefox\Profiles\8ixzsuoo.default [2024-02-16]
FF ProfilePath: C:\Users\NCC1701_02.02.24\AppData\Roaming\Mozilla\Firefox\Profiles\yurzp3sj.default-release [2024-02-16]
Chrome:
=======
CHR Profile: C:\Users\NCC1701_02.02.24\AppData\Local\Google\Chrome\User Data\Default [2024-02-29]
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.essexapartmenthomes.com/"
CHR NewTab: Default -> Active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/override.html"
CHR Extension: (PayPal Honey: Automatic Coupons & Cash Back) - C:\Users\NCC1701_02.02.24\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2024-02-29]
CHR Extension: (PDF Editor for Docs:Edit, Fill, Sign, Print) - C:\Users\NCC1701_02.02.24\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjboohgkgchdnfnjiaggdbkdmpieoagi [2024-02-29]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\NCC1701_02.02.24\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-29]
CHR Extension: (Guardio Protection for Chrome) - C:\Users\NCC1701_02.02.24\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjfpmkejnolcfklaaddjnckanhhgegla [2024-02-29]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\NCC1701_02.02.24\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-02-29]
CHR Extension: (Speed Dial 2 New tab) - C:\Users\NCC1701_02.02.24\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2024-02-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\NCC1701_02.02.24\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-02-15]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458128 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [159632 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [481680 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [49880 2023-12-11] (Dell Inc -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [159664 2023-12-22] (Dell Technologies Inc. -> Dell)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [43784 2024-01-17] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [240392 2024-01-17] (Intel Corporation -> Intel)
R2 IntelArcControlService; C:\Program Files\Intel\Intel Arc Control\ArcControlService.exe [1656360 2023-12-05] (Intel Corporation -> Intel Corporation)
R3 KAPSService; C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe [78240 2023-12-18] (Intel Corporation -> Intel® Corporation)
R2 Killer Analytics Service; C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2385824 2023-12-18] (Intel Corporation -> Intel)
R2 Killer Network Service; C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2639776 2023-12-18] (Intel Corporation -> Intel)
R3 KNDBWM; C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [78128 2023-12-18] (Intel Corporation -> Intel® Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-02-15] (Malwarebytes Inc. -> Malwarebytes)
S2 PCManager Service Store; C:\Program Files\WindowsApps\Microsoft.MicrosoftPCManager_3.3.14.0_x64__8wekyb3d8bbwe\PCManager\MSPCManagerService.exe [153024 2024-02-19] (Microsoft Corporation -> MSPCManagerService)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [159072 2024-01-17] (Dell Inc -> Dell Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe [3191256 2024-02-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe [133576 2024-02-29] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcxHdAudio; C:\Windows\System32\drivers\AcxHdAudio.sys [561152 2023-12-03] (Microsoft Windows -> Microsoft Corporation)
R3 CyUcmClient_Device; C:\Windows\System32\drivers\CyUcmClient.sys [149864 2020-06-16] (Cypress Semiconductor Corporation -> Cypress Semiconductor Corporation)
R3 DellInstrumentation; C:\Windows\System32\drivers\DellInstrumentation.sys [46640 2023-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 e2k68cx21x64; C:\Windows\System32\DriverStore\FileRepository\e2k68cx21x64.inf_amd64_808162718b526a1e\e2k68cx21x64.sys [752448 2023-12-19] (Realtek Semiconductor Corp. -> Realtek)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2024-02-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 KfeCoSvc; C:\Windows\System32\drivers\RivetNetworks\Killer\KfeCo11X64.sys [254768 2023-12-18] (Intel Corporation -> Rivet Networks, LLC.)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223296 2024-02-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-02-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt11.sys [233704 2024-02-29] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78400 2024-02-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2024-02-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [188784 2024-02-29] (Malwarebytes Inc. -> Malwarebytes)
R3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [21040 2024-02-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [608648 2024-02-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105752 2024-02-29] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-29 11:24 - 2024-02-29 11:24 - 015274968 _____ (ESET) C:\Users\NCC1701_02.02.24\Downloads\esetonlinescanner.exe
2024-02-29 10:57 - 2024-02-29 10:57 - 000233704 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt11.sys
2024-02-29 10:57 - 2024-02-29 10:57 - 000188784 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2024-02-29 10:46 - 2024-02-29 10:46 - 000020023 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-29 10:44 - 2024-02-29 10:44 - 000020023 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-02-19 11:47 - 2024-02-19 11:47 - 000002359 _____ C:\Users\Public\Desktop\PC Manager.lnk
2024-02-19 11:47 - 2024-02-19 11:47 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Local\PC Manager Store
2024-02-19 11:46 - 2024-02-19 11:49 - 000000000 ____D C:\ProgramData\Windows Master Store
2024-02-15 12:10 - 2024-02-15 12:11 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-02-15 12:10 - 2024-02-15 12:10 - 000002038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Private Browsing.lnk
2024-02-15 12:10 - 2024-02-15 12:10 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-02-15 12:10 - 2024-02-15 12:10 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk
2024-02-15 12:10 - 2024-02-15 12:10 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2024-02-15 12:10 - 2024-02-15 12:10 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Roaming\Mozilla
2024-02-15 12:10 - 2024-02-15 12:10 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Local\Mozilla
2024-02-15 12:10 - 2024-02-15 12:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-02-15 12:10 - 2024-02-15 12:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-02-15 12:09 - 2024-02-29 11:31 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-02-15 12:09 - 2024-02-29 11:31 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-02-15 12:09 - 2024-02-15 12:09 - 000349976 _____ (Mozilla) C:\Users\NCC1701_02.02.24\Downloads\Firefox Installer.exe
2024-02-15 12:09 - 2024-02-15 12:09 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Local\Google
2024-02-15 12:09 - 2024-02-15 12:09 - 000000000 ____D C:\Program Files\Google
2024-02-15 12:08 - 2024-02-29 11:31 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-15 12:08 - 2024-02-15 12:08 - 001376816 _____ (Google LLC) C:\Users\NCC1701_02.02.24\Downloads\ChromeSetup.exe
2024-02-15 12:08 - 2024-02-15 12:08 - 000003790 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{71AD4A40-F0BB-4603-BFB4-7258E1B41130}
2024-02-15 12:08 - 2024-02-15 12:08 - 000003666 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{6F9297AB-D53B-4C6B-A188-49DDD3563A0A}
2024-02-15 12:05 - 2024-02-15 12:05 - 017724920 _____ (VS Revo Group ) C:\Users\NCC1701_02.02.24\Downloads\RevoUninProSetup.exe
2024-02-15 11:42 - 2024-02-29 11:33 - 000000000 ____D C:\FRST
2024-02-15 11:19 - 2024-02-15 11:19 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Local\mbam
2024-02-15 11:18 - 2024-02-29 11:29 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Local\Malwarebytes
2024-02-15 11:18 - 2024-02-15 11:18 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-02-15 11:17 - 2024-02-15 11:17 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-02-14 19:13 - 2024-02-14 19:21 - 000000000 ____D C:\AdwCleaner
2024-02-14 18:08 - 2024-02-15 11:17 - 000000000 ____D C:\Program Files\Malwarebytes
2024-02-14 18:06 - 2024-02-14 18:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2024-02-14 18:05 - 2024-02-14 18:06 - 000000000 ____D C:\ProgramData\Logishrd
2024-02-14 18:05 - 2024-02-14 18:05 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Local\FirmwareUpdateTool
2024-02-14 18:03 - 2024-02-14 18:03 - 000000000 ____D C:\Program Files\Common Files\LogiShrd
2024-02-14 17:55 - 2024-02-29 11:33 - 000000000 ____D C:\Users\NCC1701_02.02.24\Desktop\SEEK & DESTROY
2024-02-14 16:17 - 2024-02-14 16:17 - 000007673 _____ C:\Users\NCC1701_02.02.24\AppData\Local\Resmon.ResmonCfg
2024-02-14 13:56 - 2024-02-19 13:22 - 000000130 _____ C:\Users\NCC1701_02.02.24\AppData\LocalLow\f2f92f7da777fed42bd801386fe3fef40ecdd1f2f60852547650d0043e104074
2024-02-14 13:56 - 2024-02-19 12:38 - 000032382 _____ C:\Users\NCC1701_02.02.24\AppData\LocalLow\aef28520725e2ea3ed157453470b6474f3b9b25cc0cf9e98a9d4135711df3e8d
2024-02-14 12:07 - 2024-02-14 14:58 - 000011216 _____ C:\Users\NCC1701_02.02.24\AppData\LocalLow\147fce4307b24dcd765b311ec45e086e6b1a7280cbc4c293d9428641a4e96419
2024-02-14 12:07 - 2024-02-14 14:58 - 000000130 _____ C:\Users\NCC1701_02.02.24\AppData\LocalLow\5f7b2a37684df71cc6418884f811a9a498a120de21d85c6dfdd0b200d2f6d786
2024-02-14 11:33 - 2024-02-14 11:33 - 000002264 _____ C:\Users\NCC1701_02.02.24\AppData\LocalLow\edede1402b9ce1779b020af5609acb30ba9955601263375ef11894a57a33f68c
2024-02-08 12:45 - 2024-02-19 11:46 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Local\PlaceholderTileLogoFolder
2024-02-07 16:24 - 2024-02-07 16:24 - 000003298 _____ C:\Windows\system32\Tasks\RNIdle Task
2024-02-07 16:23 - 2024-02-07 16:23 - 000000000 ____D C:\Program Files\Killer Networking
2024-02-07 16:04 - 2024-02-07 16:04 - 000000112 ___SH C:\bootTel.dat
2024-02-07 10:50 - 2024-02-07 10:50 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Local\CEF
2024-02-07 10:44 - 2024-02-29 11:00 - 000000000 __SHD C:\Users\NCC1701_02.02.24\IntelGraphicsProfiles
2024-02-07 10:44 - 2024-02-07 10:44 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Local\NEO
2024-02-07 10:44 - 2024-02-07 10:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2024-02-07 10:41 - 2024-02-07 10:41 - 000003670 _____ C:\Windows\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2024-02-07 10:41 - 2024-01-23 02:06 - 000750616 _____ (Intel) C:\Windows\system32\libvpl.dll
2024-02-07 10:41 - 2024-01-23 02:06 - 000637440 _____ (Intel) C:\Windows\SysWOW64\libvpl.dll
2024-02-07 10:41 - 2024-01-23 02:05 - 000942696 _____ (Intel Corporation) C:\Windows\system32\libmfxhw64.dll
2024-02-07 10:41 - 2024-01-23 02:05 - 000705600 _____ (Intel Corporation) C:\Windows\SysWOW64\libmfxhw32.dll
2024-02-07 10:41 - 2024-01-23 02:03 - 000591480 _____ (Intel Corporation) C:\Windows\system32\intel_gfx_api-x64.dll
2024-02-07 10:41 - 2024-01-23 02:03 - 000525840 _____ C:\Windows\SysWOW64\IntelControlLib32.dll
2024-02-07 10:41 - 2024-01-23 02:03 - 000453000 _____ (Intel Corporation) C:\Windows\SysWOW64\intel_gfx_api-x86.dll
2024-02-07 10:41 - 2024-01-23 02:00 - 002095072 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2024-02-07 10:41 - 2024-01-23 02:00 - 002095072 _____ C:\Windows\system32\vulkaninfo.exe
2024-02-07 10:41 - 2024-01-23 02:00 - 001653328 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-02-07 10:41 - 2024-01-23 02:00 - 001653328 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2024-02-07 10:41 - 2024-01-23 02:00 - 000518112 _____ C:\Windows\system32\ze_tracing_layer.dll
2024-02-07 10:41 - 2024-01-23 02:00 - 000479312 _____ C:\Windows\system32\ze_loader.dll
2024-02-07 10:41 - 2024-01-23 02:00 - 000314856 _____ C:\Windows\system32\ze_validation_layer.dll
2024-02-07 10:41 - 2024-01-23 01:59 - 001442896 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2024-02-07 10:41 - 2024-01-23 01:59 - 001442896 _____ C:\Windows\system32\vulkan-1.dll
2024-02-07 10:41 - 2024-01-23 01:59 - 001285200 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2024-02-07 10:41 - 2024-01-23 01:59 - 001285200 _____ C:\Windows\SysWOW64\vulkan-1.dll
2024-02-07 10:41 - 2024-01-23 01:58 - 027963880 _____ (Intel Corporation) C:\Windows\system32\mfxplugin64_hw.dll
2024-02-07 10:41 - 2024-01-23 01:58 - 020687952 _____ (Intel Corporation) C:\Windows\SysWOW64\mfxplugin32_hw.dll
2024-02-07 10:41 - 2024-01-23 01:55 - 000303264 _____ C:\Windows\system32\ControlLib.dll
2024-02-07 10:41 - 2024-01-23 01:55 - 000250016 _____ C:\Windows\SysWOW64\ControlLib32.dll
2024-02-07 10:41 - 2024-01-05 17:19 - 000047240 _____ C:\Windows\system32\Drivers\semav6msr64.sys
2024-02-07 10:40 - 2024-02-07 10:51 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Local\Intel
2024-02-07 10:40 - 2024-02-07 10:44 - 000000000 ____D C:\ProgramData\Intel
2024-02-07 10:40 - 2024-02-07 10:41 - 000003762 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2024-02-07 10:40 - 2024-02-07 10:41 - 000003528 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2024-02-07 10:40 - 2024-02-07 10:40 - 000001510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2024-02-07 10:38 - 2024-02-07 10:38 - 006281760 _____ (Intel) C:\Users\NCC1701_02.02.24\Downloads\Intel-Driver-and-Support-Assistant-Installer.exe
2024-02-06 18:15 - 2024-02-07 10:44 - 000000000 ____D C:\Program Files\Intel
2024-02-06 18:10 - 2024-02-07 10:46 - 000000000 ____D C:\Program Files (x86)\Intel
2024-02-06 18:10 - 2024-02-06 18:10 - 000000000 ____D C:\ProgramData\Intel Package Cache {d8170687-85fa-4716-bafd-087205d0db72}
2024-02-06 18:10 - 2024-02-06 18:10 - 000000000 ____D C:\ProgramData\Intel Package Cache {9f9c9e51-d42f-4462-a27a-7d419da18045}
2024-02-06 18:10 - 2024-02-06 18:10 - 000000000 ____D C:\ProgramData\Intel Package Cache {58E22E6B-0E58-4E93-AF9A-036556EB66F5}
2024-02-06 18:10 - 2024-02-06 18:10 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}
2024-02-06 18:10 - 2022-11-02 05:26 - 003234504 _____ (Intel Corporation) C:\Windows\system32\iaStorAfsService.exe
2024-02-06 18:10 - 2022-11-02 05:26 - 000135368 _____ (Intel Corporation) C:\Windows\system32\Optane.dll
2024-02-06 18:10 - 2022-11-02 05:26 - 000025256 _____ (Intel Corporation) C:\Windows\system32\OptaneEventLogMsg.dll
2024-02-06 18:10 - 2022-11-02 05:25 - 000221352 _____ (Intel Corporation) C:\Windows\system32\iaStorAfsNative.exe
2024-02-06 18:10 - 2022-11-02 05:25 - 000075464 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorAfs.sys
2024-02-06 18:10 - 2022-10-27 11:10 - 001548488 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorAC.sys
2024-02-06 18:10 - 2022-10-27 11:10 - 000029384 _____ (Intel Corporation) C:\Windows\system32\RstMwEventLogMsg.dll
2024-02-06 18:04 - 2024-02-06 18:04 - 000000000 _____ C:\Windows\invcol.tmp
2024-02-06 18:03 - 2024-02-06 18:58 - 000000000 ____D C:\Program Files\Dell
2024-02-06 18:03 - 2024-02-06 18:03 - 000000000 ____D C:\Program Files (x86)\Dell
2024-02-06 18:02 - 2024-02-15 11:45 - 000000000 ____D C:\ProgramData\Package Cache
2024-02-06 18:02 - 2024-02-15 11:44 - 000000000 ____D C:\Program Files\dotnet
2024-02-06 18:02 - 2024-02-14 19:22 - 000000000 ____D C:\ProgramData\Dell
2024-02-06 18:01 - 2024-02-06 18:01 - 001236776 _____ (Dell Inc.) C:\Users\NCC1701_02.02.24\Downloads\SupportAssistLauncher.exe
2024-02-06 17:50 - 2024-02-07 17:21 - 000002264 _____ C:\Users\NCC1701_02.02.24\AppData\LocalLow\bef731b8d57eaff614901472069b64360e2d656bfd76ea1add4389efddc043fb
2024-02-06 17:35 - 2024-02-19 12:04 - 000000130 _____ C:\Users\NCC1701_02.02.24\AppData\LocalLow\6ade6f6d78ece8ee0e6a9896681e2a81cf10959a1401482cda8cbb570802b55d
2024-02-06 17:35 - 2024-02-19 11:44 - 000444619 _____ C:\Users\NCC1701_02.02.24\AppData\LocalLow\6fd7b3a63df1d4f9e5ebd8d3dc7595ddf69a3660fb7b0c2e9f98d13446fea740
2024-02-06 17:28 - 2024-02-06 17:28 - 000000000 ____D C:\Windows\system32\Tasks\Intel
2024-02-06 17:24 - 2024-02-06 17:24 - 000000000 ____D C:\Windows\system32\Drivers\RivetNetworks
2024-02-06 17:24 - 2024-02-06 17:24 - 000000000 ____D C:\ProgramData\RivetNetworks
2024-02-06 17:24 - 2023-03-02 22:35 - 000292096 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTHDASIO64.dll
2024-02-06 17:24 - 2023-03-02 22:35 - 000247040 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RTHDASIO.dll
2024-02-06 17:23 - 2024-02-06 17:23 - 000001814 _____ C:\Users\NCC1701_02.02.24\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MaxxAudio Pro by Waves – Speaker and Microphone Audio Control and Nx 3D Sound.lnk
2024-02-06 17:23 - 2024-02-06 17:23 - 000000000 ____D C:\Program Files\Waves
2024-02-06 17:22 - 2024-02-29 11:07 - 000016811 _____ C:\Users\NCC1701_02.02.24\AppData\LocalLow\9b7ccbd35dd68aa285baeafb7431630bce7ff8edf5a5899b484fc2d0af05f15c
2024-02-06 17:22 - 2024-02-29 10:55 - 000000000 ____D C:\Intel
2024-02-06 17:22 - 2024-02-07 10:52 - 000000026 _____ C:\Users\NCC1701_02.02.24\AppData\LocalLow\0ad9e46285ca5fbf9c6d578692d600f22ab51e3d84eb5e84d7d05af5f093e5d8
2024-02-06 17:22 - 2024-02-06 17:22 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\LocalLow\Intel
2024-02-06 17:21 - 2024-02-06 17:21 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2024-02-06 17:20 - 2024-02-06 17:20 - 000000000 ____D C:\Windows\Firmware
2024-02-06 17:20 - 2023-03-02 22:34 - 006449048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2024-02-06 17:16 - 2024-02-19 13:10 - 000000000 ____D C:\Windows\system32\MRT
2024-02-06 15:30 - 2024-02-06 17:25 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2024-02-06 15:19 - 2024-02-14 15:00 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Local\CrashDumps
2024-02-06 14:53 - 2024-02-06 14:53 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Local\NPE
2024-02-06 14:53 - 2024-02-06 14:53 - 000000000 ____D C:\ProgramData\Norton
2024-02-05 13:52 - 2024-02-05 13:52 - 000000000 ____D C:\Geek Squad
2024-02-05 13:51 - 2024-02-05 13:52 - 000000000 ____D C:\ProgramData\Geek Squad
2024-02-02 18:11 - 2024-02-05 13:44 - 002826002 _____ C:\Windows\ntbtlog.txt
2024-02-02 18:11 - 2024-02-05 13:43 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2024-02-02 18:10 - 2024-02-05 13:45 - 000000000 ____D C:\Windows\pss
2024-02-02 16:06 - 2024-02-29 10:55 - 000001607 _____ C:\Windows\system32\config\VSMIDK
2024-02-02 15:56 - 2024-02-02 15:56 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Local\VirtualStore
2024-02-02 15:36 - 2024-02-09 11:53 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Roaming\Microsoft\MMC
2024-02-02 15:32 - 2024-02-02 15:32 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Local\Comms
2024-02-02 15:16 - 2024-02-02 15:16 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Local\Publishers
2024-02-02 15:05 - 2024-02-02 15:05 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Local\OneDrive
2024-02-02 15:03 - 2024-02-19 10:10 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Local\D3DSCache
2024-02-02 15:02 - 2024-02-02 16:33 - 000000000 ___RD C:\Users\NCC1701_02.02.24\OneDrive
2024-02-02 15:02 - 2024-02-02 15:02 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2024-02-02 15:00 - 2024-02-02 15:00 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-02-02 15:00 - 2024-02-02 15:00 - 000000000 ___SD C:\Users\NCC1701_02.02.24\AppData\Roaming\Microsoft\SystemCertificates
2024-02-02 15:00 - 2024-02-02 15:00 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Roaming\Microsoft\Network
2024-02-02 14:59 - 2024-02-19 11:46 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Local\Packages
2024-02-02 14:59 - 2024-02-02 15:00 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Local\ConnectedDevicesPlatform
2024-02-02 14:59 - 2024-02-02 14:59 - 000000000 ___SD C:\Users\NCC1701_02.02.24\AppData\Roaming\Microsoft\Protect
2024-02-02 14:59 - 2024-02-02 14:59 - 000000000 ___SD C:\Users\NCC1701_02.02.24\AppData\Roaming\Microsoft\Crypto
2024-02-02 14:59 - 2024-02-02 14:59 - 000000000 ___SD C:\Users\NCC1701_02.02.24\AppData\Roaming\Microsoft\Credentials
2024-02-02 14:59 - 2024-02-02 14:59 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Roaming\Microsoft\Vault
2024-02-02 14:59 - 2024-02-02 14:59 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Roaming\Adobe
2024-02-02 14:58 - 2024-02-19 10:02 - 000000000 ____D C:\Users\NCC1701_02.02.24
2024-02-02 14:58 - 2024-02-02 15:14 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Roaming\Microsoft\Spelling
2024-02-02 14:58 - 2024-02-02 15:00 - 000000000 ____D C:\Users\NCC1701_02.02.24\AppData\Roaming\Microsoft\Windows
2024-02-02 14:58 - 2024-02-02 14:58 - 000000020 ___SH C:\Users\NCC1701_02.02.24\ntuser.ini
2024-02-02 14:44 - 2024-02-29 11:02 - 000804932 _____ C:\Windows\system32\PerfStringBackup.INI
2024-02-02 14:42 - 2024-02-19 11:46 - 000000000 ____D C:\ProgramData\Packages
2024-02-02 14:40 - 2024-02-02 14:40 - 000000000 _SHDL C:\Documents and Settings
2024-02-02 14:36 - 2024-02-15 12:14 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-02 14:35 - 2024-02-29 10:34 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-02 14:35 - 2024-02-29 10:34 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-02 14:34 - 2024-02-29 10:55 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-02-02 14:34 - 2024-02-29 10:36 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-02-02 14:34 - 2024-02-02 14:34 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2024-02-02 14:34 - 2024-02-02 14:34 - 000000000 ____D C:\Windows\system32\config\BFS
2024-02-02 14:33 - 2024-02-29 10:56 - 000295328 _____ C:\Windows\system32\FNTCACHE.DAT
2024-02-02 14:33 - 2024-02-29 10:55 - 000012288 ___SH C:\DumpStack.log.tmp
2024-02-02 14:33 - 2024-02-29 10:25 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-02-02 14:33 - 2024-02-06 14:48 - 000000000 ____D C:\Windows\Panther
2024-02-02 14:33 - 2024-02-02 14:33 - 000000000 ____D C:\Windows\ServiceProfiles
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-29 11:31 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\SystemTemp
2024-02-29 11:15 - 2022-05-06 21:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-02-29 11:02 - 2022-05-06 21:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-29 11:02 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\AppReadiness
2024-02-29 11:02 - 2022-05-06 21:22 - 000000000 ____D C:\Windows\INF
2024-02-29 10:59 - 2022-05-06 21:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-29 10:55 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\ServiceState
2024-02-29 10:55 - 2022-05-06 21:17 - 000524288 _____ C:\Windows\system32\config\BBI
2024-02-29 10:53 - 2022-05-06 21:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-02-29 10:53 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\SystemResources
2024-02-29 10:53 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\system32\oobe
2024-02-29 10:53 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-02-29 10:53 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-02-29 10:53 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\ShellComponents
2024-02-29 10:53 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\bcastdvr
2024-02-29 10:52 - 2022-05-06 21:17 - 000000000 ____D C:\Windows\CbsTemp
2024-02-16 20:57 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\system32\AppLocker
2024-02-15 12:20 - 2023-12-03 22:30 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-02-15 12:20 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\system32\Sgrm
2024-02-15 11:30 - 2022-05-06 21:17 - 000032768 _____ C:\Windows\system32\config\ELAM
2024-02-15 11:18 - 2022-05-06 21:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-02-14 13:28 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\system32\spool
2024-02-07 10:55 - 2022-05-06 21:17 - 000000000 ____D C:\Windows\servicing
2024-02-06 18:17 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\UUS
2024-02-06 18:17 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-02-06 18:17 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-02-06 18:17 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-02-06 18:17 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\system32\setup
2024-02-06 18:17 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-02-06 18:17 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\Provisioning
2024-02-06 18:17 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\BrowserCore
2024-02-06 17:26 - 2022-05-06 21:24 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2024-02-06 17:26 - 2022-05-06 21:24 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-02-06 17:19 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\system32\Drivers\DriverData
2024-02-06 15:38 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\appcompat
2024-02-05 13:48 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\system32\NDF
2024-02-02 20:44 - 2022-05-06 21:24 - 000000000 ____D C:\Program Files\Windows Defender
2024-02-02 16:01 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\PolicyDefinitions
2024-02-02 15:16 - 2022-05-06 21:24 - 000000000 ___RD C:\Windows\PrintDialog
2024-02-02 14:42 - 2022-05-06 21:24 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2024-02-02 14:33 - 2022-05-06 21:24 - 000028672 _____ C:\Windows\system32\config\BCD-Template
==================== Files in the root of some directories ========
2024-02-14 16:17 - 2024-02-14 16:17 - 000007673 _____ () C:\Users\NCC1701_02.02.24\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26.02.2024 01
Ran by NCC1701_02.02.24 (29-02-2024 11:34:59)
Running from C:\Users\NCC1701_02.02.24\Desktop\SEEK & DESTROY
Microsoft Windows 11 Home Version 23H2 22631.3235 (X64) (2024-02-02 22:41:50)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-287634066-2289251947-2206231936-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-287634066-2289251947-2206231936-503 - Limited - Disabled)
Guest (S-1-5-21-287634066-2289251947-2206231936-501 - Limited - Disabled)
NCC1701_02.02.24 (S-1-5-21-287634066-2289251947-2206231936-1001 - Administrator - Enabled) => C:\Users\NCC1701_02.02.24
WDAGUtilityAccount (S-1-5-21-287634066-2289251947-2206231936-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Dell SupportAssist (HKLM\...\{1E5C3247-B6FF-47F2-AEE9-A921B21E914F}) (Version: 4.0.0.51819 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{39BF0E71-7A16-4A80-BBCE-FBDD2D1CC2D5}) (Version: 5.5.9.18923 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{f6a4df94-48f2-459a-8d40-16b1fbed13c5}) (Version: 5.5.9.18923 - Dell Inc.)
Dynamic Application Loader Host Interface Service (HKLM\...\{EE5AFC69-5911-4A47-B78C-6BFBA883AF15}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 122.0.6261.95 - Google LLC)
Intel Driver && Support Assistant (HKLM-x32\...\{6045ACAB-3148-4E84-96EA-178F21611BD7}) (Version: 23.4.39.9 - Intel) Hidden
Intel® Computing Improvement Program (HKLM\...\{15E71D2B-4046-4B9D-A8BB-EBFC5CC12D86}) (Version: 2.4.10717 - Intel Corporation)
Intel® Icls (HKLM\...\{E50319E3-A4FF-4642-A969-5C89B0A22E54}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1B254687-4D73-4347-94CB-B25EFF73B9E4}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2313.4.16.0 - Intel Corporation)
Intel® Management Engine Driver (HKLM\...\{DD82CAB8-FEBE-4B83-BD5C-F125839A0F70}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® ME WMI Provider (HKLM\...\{5DDCAB56-E374-431D-A70D-BEE3C9F787D1}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000010-0230-1033-84C8-B8D95FA3C8C3}) (Version: 23.10.0.2 - Intel Corporation)
Intel® Arc™ Control (HKLM\...\{AFFBB7E9-51F0-4A68-B6B6-DB7B13E5E372}) (Version: 1.74.5391.3 - Intel Corporation) Hidden
Intel® Arc™ Control (HKLM-x32\...\{29da1471-6d4a-4198-af44-b83f9ba62651}) (Version: 1.74.5391.3 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{8ec91c89-74ee-47b9-95d4-3a036bf050a5}) (Version: 23.4.39.9 - Intel)
Killer Performance Driver Suite UWD (HKLM\...\{B13962C1-E499-4B6B-A472-81E7BAEEE94A}) (Version: 35.23.1292 - Rivet Networks)
Logitech Unifying Software 2.52 (HKLM\...\Logitech Unifying) (Version: 2.52.33 - Logitech)
Malwarebytes version 4.6.8.311 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.8.311 - Malwarebytes)
Microsoft .NET Host - 6.0.27 (x64) (HKLM\...\{3A96B93E-763F-41E7-85C7-1F3CCC37EF27}) (Version: 48.108.8828 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.16 (x64) (HKLM\...\{9F51D16B-42E8-4A4A-8228-75045541A2AE}) (Version: 56.64.8781 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.27 (x64) (HKLM\...\{7447A794-FA2E-42BE-BA9A-5FCBD54C5DF3}) (Version: 48.108.8828 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.16 (x64) (HKLM\...\{1B690A4C-381A-40D4-BA4A-3F8ACD5CE797}) (Version: 56.64.8781 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.27 (x64) (HKLM\...\{79043ED0-7ED1-4227-A5E5-04C5594D21F7}) (Version: 48.108.8828 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.16 (x64) (HKLM\...\{CE4D7AE0-FCBA-486F-A58F-DBA3626FBE4B}) (Version: 56.64.8781 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.16 - Shared Framework (x64) (HKLM-x32\...\{5cc1be84-7e3a-4ef7-9ed9-ff9256196077}) (Version: 7.0.16.24068 - Microsoft Corporation)
Microsoft ASP.NET Core 7.0.16 Shared Framework (x64) (HKLM\...\{1B81ED58-6B0A-3911-9BF1-D57357A9637E}) (Version: 7.0.16.24068 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.112 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 121.0.2277.112 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.27 (x64) (HKLM\...\{E634F316-BEB6-4FB3-A612-F7102F576165}) (Version: 48.108.8836 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.27 (x64) (HKLM-x32\...\{d87ae0f4-64a6-4b94-859a-530b9c313c27}) (Version: 6.0.27.33320 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 7.0.16 (x64) (HKLM\...\{01B2627D-8443-41C0-97F0-9F72AC2FD6A0}) (Version: 56.64.8804 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.16 (x64) (HKLM-x32\...\{ef5af41f-d68c-48f7-bfb0-5055718601fc}) (Version: 7.0.16.33318 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 122.0.1 (x64 en-US)) (Version: 122.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 122.0.1 - Mozilla)
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Packages:
=========
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_4.0.9.0_x64__htrsf667h5kn2 [2024-02-06] (Dell Inc)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1037.0_x64__8j3eq9eme6ctt [2024-02-06] (INTEL CORP)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-02-07] (Microsoft Corp.)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-02-07] (Microsoft Corporation)
Microsoft.MicrosoftPCManager -> C:\Program Files\WindowsApps\Microsoft.MicrosoftPCManager_3.3.14.0_x64__8wekyb3d8bbwe [2024-02-19] (Microsoft Corporation) [Startup Task]
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-02-29] (Microsoft Corporation)
Sysinternals Suite -> C:\Program Files\WindowsApps\Microsoft.SysinternalsSuite_2024.2.1.0_x64__8wekyb3d8bbwe [2024-02-19] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-02-29] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-287634066-2289251947-2206231936-1001_Classes\CLSID\{0BAD39CB-DD3E-4F21-9156-649B0156C28E}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_d51acc8493d6b911\OptaneShellExt.dll [2022-10-27] (Intel Corporation -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-02-15] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_d51acc8493d6b911\OptaneShellExt.dll [2022-10-27] (Intel Corporation -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-02-15] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2023-01-10 20:13 - 2023-01-10 20:13 - 001635328 _____ () [File not signed] C:\Program Files\Dell\Plugins\Public Secure Storage\e_sqlite3.DLL
2023-01-10 20:21 - 2023-01-10 20:21 - 000005120 _____ (SourceGear) [File not signed] C:\Program Files\Dell\Plugins\Public Secure Storage\SQLitePCLRaw.batteries_v2.dll
2023-01-10 20:18 - 2023-01-10 20:18 - 000050688 _____ (SourceGear) [File not signed] C:\Program Files\Dell\Plugins\Public Secure Storage\SQLitePCLRaw.core.dll
2023-01-10 20:18 - 2023-01-10 20:18 - 000035840 _____ (SourceGear) [File not signed] C:\Program Files\Dell\Plugins\Public Secure Storage\SQLitePCLRaw.provider.e_sqlite3.dll
2024-01-05 17:19 - 2024-01-05 17:19 - 002973696 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-06 21:24 - 2024-02-06 14:50 - 000000141 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-287634066-2289251947-2206231936-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\NCC1701_02.02.24\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.42.10
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKU\S-1-5-21-287634066-2289251947-2206231936-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_D7447DCA6902CB0288A5F3AB362FEC18"
HKU\S-1-5-21-287634066-2289251947-2206231936-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{FFF7DA16-82C0-493B-97BF-E212C9110B69}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B79A45D1-15AD-475C-A8CD-575D69D8B237}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DF91B770-5D55-43A6-A921-4F5347E1F2D9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.112\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E967D60-F6C4-4D85-8E6C-421C506BED3D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
14-02-2024 13:28:10 Windows Modules Installer
14-02-2024 19:20:57 AdwCleaner_BeforeCleaning_14/02/2024_19:20:56
19-02-2024 11:46:30 Windows Update
29-02-2024 10:38:10 Windows Update
==================== Faulty Device Manager Devices ============
Name: Killer® Wi-Fi 6 AX1650i 160MHz Wireless Network Adapter (201NGW)
Description: Killer® Wi-Fi 6 AX1650i 160MHz Wireless Network Adapter (201NGW)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: Netwtw10
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Remote Desktop Device Redirector Bus
Description: Remote Desktop Device Redirector Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: rdpbus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (02/19/2024 11:01:58 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid..
Operation:
Executing Asynchronous Operation
Context:
Current State: DoSnapshotSet
Error: (02/19/2024 11:01:34 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied..This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {6bdf45b0-4960-4e98-a440-214b393c48a3}
Error: (02/16/2024 09:12:11 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress..
Error: (02/16/2024 09:12:11 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.]
Error: (02/16/2024 09:12:11 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress..
Error: (02/16/2024 09:12:11 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.]
Error: (02/16/2024 09:12:11 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress..
Error: (02/16/2024 09:12:11 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.]
System errors:
=============
Error: (02/29/2024 10:57:18 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the PCManager Service (Store) service to connect.
Error: (02/29/2024 10:57:02 AM) (Source: Killer Network Service) (EventID: 16) (User: )
Description: Error Loading Configuration File user.xml
Error: (02/29/2024 10:57:02 AM) (Source: Killer Network Service) (EventID: 16) (User: )
Description: Error Loading Configuration File from Disk for C:\ProgramData\RivetNetworks\Killer\ConfigurationFiles\user.xml
Error: (02/29/2024 10:26:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The igccservice service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (02/29/2024 10:26:16 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the igccservice service to connect.
Error: (02/29/2024 10:25:55 AM) (Source: Killer Network Service) (EventID: 16) (User: )
Description: Error Loading Configuration File user.xml
Error: (02/29/2024 10:25:55 AM) (Source: Killer Network Service) (EventID: 16) (User: )
Description: Error Loading Configuration File from Disk for C:\ProgramData\RivetNetworks\Killer\ConfigurationFiles\user.xml
Error: (02/29/2024 10:25:29 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:14:04 PM on 2/19/2024 was unexpected.
Windows Defender:
================
Date: 2024-02-19 12:03:20
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-02-14 12:49:50
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]
Date: 2024-02-14 11:46:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.403.3482.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23110.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2024-02-14 11:46:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.403.3482.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23110.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2024-02-14 11:46:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.403.3482.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23110.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2024-02-14 11:46:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.403.3482.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23110.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2024-02-14 11:46:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.403.3482.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23110.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
CodeIntegrity:
===============
Date: 2024-02-29 11:33:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 2.17.0 12/11/2023
Motherboard: Dell Inc. 0K3CM7
Processor: 11th Gen Intel® Core i7-11700 @ 2.50GHz
Percentage of memory in use: 43%
Total physical RAM: 15957.25 MB
Available physical RAM: 8973.43 MB
Total Virtual: 16981.25 MB
Available Virtual: 9669.99 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:1863 GB) (Free:1803.66 GB) (Model: ST2000DM001-1ER164) NTFS
Drive d: (D) (Fixed) (Total:456.6 GB) (Free:456.49 GB) (Model: NVMe PM991a NVMe Sams) NTFS
\\?\Volume{00812eab-605c-4f2f-8ac8-6f380e8ceb93}\ (F) (Fixed) (Total:1.35 GB) (Free:0.63 GB) NTFS
\\?\Volume{ab0ecfc8-ae52-4d48-860d-b7cf99502eb7}\ (ESP) (Fixed) (Total:0.19 GB) (Free:0.09 GB) FAT32
==================== MBR & Partition Table ====================
==================== End of Addition.txt =======================
I'll post the ESET results once its done running.
Thank you again