...... and many other mentionable errors/problems on a clean install (x 2) for Windows 10 Pro.
BC Moderator sent me here for additional help with cleanup of the device. See previous posts at this forum:
Here is my Speccy:
http://speccy.piriform.com/results/og1t4fWUROPlCYhI3uAbyrT
Here is the updated MTB.txt
MiniToolBox by Farbar Version: 13-05-2022
Ran by nc2un (administrator) on 10-04-2024 at 16:46:41
Running from "C:\Users\nc2un\Downloads"
Microsoft Windows 10 Pro (X64)
Model: OptiPlex 9020 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************
========================= Event log errors: ===============================
Application errors:
==================
Error: (04/10/2024 04:44:59 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80040d07, "iehistory://{S-1-5-21-2886619696-1302744882-3861898303-1001}/">.
Error: (04/10/2024 04:38:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: StartMenuExperienceHost.exe, version: 0.0.0.0, time stamp: 0x0cb7f68b
Faulting module name: ucrtbase.dll, version: 10.0.19041.3636, time stamp: 0x81cf5d89
Exception code: 0xc0000409
Fault offset: 0x000000000007286e
Faulting process id: 0xa38
Faulting application start time: 0x01da8b8db6e214f0
Faulting application path: C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: c70a4500-97d6-449f-90c3-3b1fe288000b
Faulting package full name: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.4239_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App
Error: (04/10/2024 10:46:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPPrintScanDoctorExt.exe, version: 6.0.0.0, time stamp: 0x65d87539
Faulting module name: ntdll.dll, version: 10.0.19041.3996, time stamp: 0x39215800
Exception code: 0xc0000409
Fault offset: 0x000000000007e72c
Faulting process id: 0x2688
Faulting application start time: 0x01da8b5e45717f88
Faulting application path: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6\DesktopExtension\HPPrintScanDoctorExt.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 491a1d14-7617-4175-8a87-887ec483b08f
Faulting package full name: AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6
Faulting package-relative application ID: AD2F1837.HPPrinterControl
Error: (04/10/2024 10:46:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPPrintScanDoctorExt.exe, version: 6.0.0.0, time stamp: 0x65d87539
Faulting module name: ntdll.dll, version: 10.0.19041.3996, time stamp: 0x39215800
Exception code: 0xc0000005
Fault offset: 0x00000000000a0af0
Faulting process id: 0x2688
Faulting application start time: 0x01da8b5e45717f88
Faulting application path: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6\DesktopExtension\HPPrintScanDoctorExt.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: f920fdb3-fa81-45f0-a108-ba77aea025f4
Faulting package full name: AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6
Faulting package-relative application ID: AD2F1837.HPPrinterControl
Error: (04/09/2024 11:54:39 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service Bonjour Service since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (04/09/2024 11:54:18 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service Bonjour Service since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (04/08/2024 04:25:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TCUI-App.exe, version: 19.87.2403.13001, time stamp: 0x65f1d80d
Faulting module name: KERNELBASE.dll, version: 10.0.19041.3996, time stamp: 0xb756c9ff
Exception code: 0xc000027b
Fault offset: 0x000000000012d952
Faulting process id: 0x13a4
Faulting application start time: 0x01da89fb3c6d3f49
Faulting application path: C:\Program Files\WindowsApps\Microsoft.GamingServices_19.87.13001.0_x64__8wekyb3d8bbwe\TCUI-App.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 3dcec1cb-3a43-4807-a93e-bae49fd2f11c
Faulting package full name: Microsoft.GamingServices_19.87.13001.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: Microsoft.GamingServices
Error: (04/08/2024 02:14:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 4.0.0.1750, time stamp: 0x65d75d57
Faulting module name: Qt5Core.dll, version: 5.15.8.0, time stamp: 0x620c5b61
Exception code: 0xc0000005
Fault offset: 0x0000000000245d71
Faulting process id: 0x23e4
Faulting application start time: 0x01da87d90aca4632
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: ea69e192-41f5-4bea-8085-5f602846ac1c
Faulting package full name:
Faulting package-relative application ID:
Error: (04/06/2024 03:22:40 AM) (Source: MsiInstaller) (EventID: 11920) (User: BLUEZ9020)
Description: Product: iTunes -- Error 1920. Service 'Apple Mobile Device' (Apple Mobile Device) failed to start. Verify that you have sufficient privileges to start system services.
Error: (04/06/2024 03:21:51 AM) (Source: MsiInstaller) (EventID: 11920) (User: BLUEZ9020)
Description: Product: iTunes -- Error 1920. Service 'Apple Mobile Device' (Apple Mobile Device) failed to start. Verify that you have sufficient privileges to start system services.
System errors:
=============
Error: (04/09/2024 04:48:18 PM) (Source: DCOM) (EventID: 10010) (User: BLUEZ9020)
Description: Event-ID 10010
Error: (04/09/2024 04:40:39 PM) (Source: DCOM) (EventID: 10010) (User: BLUEZ9020)
Description: Event-ID 10010
Error: (04/09/2024 03:53:36 PM) (Source: DCOM) (EventID: 10010) (User: BLUEZ9020)
Description: Event-ID 10010
Error: (04/09/2024 03:51:07 PM) (Source: DCOM) (EventID: 10010) (User: BLUEZ9020)
Description: Event-ID 10010
Error: (04/09/2024 11:48:12 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Apple Mobile Device Service service terminated unexpectedly. It has done this 1 time(s).
Error: (04/08/2024 06:42:18 PM) (Source: DCOM) (EventID: 10010) (User: BLUEZ9020)
Description: Event-ID 10010
Error: (04/08/2024 04:25:24 PM) (Source: DCOM) (EventID: 10010) (User: BLUEZ9020)
Description: Event-ID 10010
Error: (04/08/2024 03:55:31 PM) (Source: DCOM) (EventID: 10010) (User: BLUEZ9020)
Description: Event-ID 10010
Error: (04/06/2024 07:06:13 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NBLGGGZM6WM-ROBLOXCORPORATION.ROBLOX.
Error: (04/06/2024 09:59:18 AM) (Source: DCOM) (EventID: 10010) (User: BLUEZ9020)
Description: Event-ID 10010
Windows Defender:
================
Date: 2024-04-09 10:59:58
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-04-08 14:20:31
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-04-07 12:43:16
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-04-06 08:31:42
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-04-05 11:49:41
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: PUABundler:Win32/DisplayDriverUninstaller
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Users\nc2un\Downloads\DDU-v17.0.6.6.zip; webfile:_C:\Users\nc2un\Downloads\DDU-v17.0.6.6.zip|https://download.bleepingcomputer.com/dl/34f2593a0bead9d6c93944035b8365dc/66101eb9/windows/utilities/driver-utilities/d/display-driver-uninstaller/DDU-v17.0.6.6.zip|pid:2624,ProcessStart:133568061128103712
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.409.55.0, AS: 1.409.55.0, NIS: 1.409.55.0
Engine Version: AM: 1.1.24030.4, NIS: 1.1.24030.4
CodeIntegrity Errors:
====================
Date: 2024-04-10 16:34:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
Date: 2024-04-10 16:29:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
=========================== Installed Programs ============================
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.166.0.5679 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{df861f89-e998-47ba-bfff-9354af4d3751}) (Version: 13.166.0.5679 - Electronic Arts)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 123.0.6312.106 - Google LLC)
HWiNFO64 (HKLM\...\HWiNFO64_is1) (Version: 8.00 - Martin Malik, REALiX s.r.o.)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1035 - Intel Corporation)
Malwarebytes version 4.6.11.320 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.11.320 - Malwarebytes)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.243.1.1 - Overwolf Ltd.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6086 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 5.2.6 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 5.2.6 - VS Revo Group, Ltd.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.105.345.1020 - Electronic Arts Inc.)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
Packages:
=========
HEVC Video Extensions -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_2.0.61933.0_x64__8wekyb3d8bbwe [2024-04-03] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6 [2024-04-10] (HP Inc.)
Microsoft Copilot -> C:\Program Files\WindowsApps\microsoft.windows.ai.copilot.provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-31] (ms-resource:PublisherDisplayName)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2403.21001.0_x64__8wekyb3d8bbwe [2024-04-03] (Microsoft Corporation) [Startup Task]
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2024.403.300_x64__8wekyb3d8bbwe [2024-04-10] (Microsoft Corporation)
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.153.0_x64__pwbj9vvecjh7j [2024-03-29] (Amazon Development Centre (London) Ltd)
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\microsoft.windowsappruntime.1.1_1005.616.1651.0_x64__8wekyb3d8bbwe [2024-03-29] (Microsoft Corporation)
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\microsoft.windowsappruntime.1.1_1005.616.1651.0_x86__8wekyb3d8bbwe [2024-03-29] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\microsoft.windowsappruntime.1.3_3000.934.1904.0_x64__8wekyb3d8bbwe [2024-03-29] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\microsoft.windowsappruntime.1.3_3000.934.1904.0_x86__8wekyb3d8bbwe [2024-03-29] (Microsoft Corporation)
WindowsAppRuntime.1.4 -> C:\Program Files\WindowsApps\microsoft.windowsappruntime.1.4_4000.1136.2333.0_x64__8wekyb3d8bbwe [2024-03-29] (Microsoft Corporation)
WindowsAppRuntime.1.4 -> C:\Program Files\WindowsApps\microsoft.windowsappruntime.1.4_4000.1136.2333.0_x86__8wekyb3d8bbwe [2024-03-29] (Microsoft Corporation)
========================= Devices: ================================
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C02\1
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C02\2
Name: Officejet Pro 8600 [CEF74F]
Description: Officejet Pro 8600 [CEF74F]
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service:
Device ID: SWD\IPP\1C852A4D-B800-1F08-ABCD-A0D3C1CEF74F
Name: Microsoft Print to PDF
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service:
Device ID: SWD\PRINTENUM\{295F4838-E302-442A-937C-E50E60529F1F}
Name: Intel® 8 Series/C220 Series USB EHCI #1 - 8C26
Description: Intel® 8 Series/C220 Series USB EHCI #1 - 8C26
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci
Device ID: PCI\VEN_8086&DEV_8C26&SUBSYS_05A41028&REV_04\3&11583659&0&E8
Name: Root Print Queue
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service:
Device ID: SWD\PRINTENUM\PRINTQUEUES
Name: HP 2009 Series Wide LCD Monitor
Description: HP 2009 Series Wide LCD Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: monitor
Device ID: DISPLAY\HWP2827\4&2CBCB734&0&UID65793
Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C04\4&1E4CCCD9&0
Name: PLDS DVD+-RW DS-8ABSH
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Device ID: SCSI\CDROM&VEN_PLDS&PROD_DVD+-RW_DS-8ABSH\4&38668A08&0&000100
Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub
Device ID: USB\VID_8087&PID_8008\5&2F9E4607&0&1
Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: volmgr
Device ID: ROOT\VOLMGR\0000
Name: HPA6F249 (HP Officejet Pro 8600)
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: HP
Service:
Device ID: SWD\DAFWSDPROVIDER\URN:UUID:1C852A4D-B800-1F08-ABCD-A0D3C1CEF74F/HTTP://WWW.HP.COM/SCHEMAS/IMAGING/CON/LEDM/DISCOVERYTREE/2007/07/01
Name: Wi-Fi
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service:
Device ID: SWD\RADIO\{12702B3B-5FF4-4A6C-8B39-488572BD8591}
Name: Fax
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service:
Device ID: SWD\PRINTENUM\{FDC13B97-7C4E-43A9-8901-16AC15C4670E}
Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe
Device ID: SWD\MSRRAS\MS_PPPOEMINIPORT
Name: Microsoft Basic Display Driver
Description: Microsoft Basic Display Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard display types)
Service: BasicDisplay
Device ID: ROOT\BASICDISPLAY\0000
Name: Volume
Description: Volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volume
Device ID: STORAGE\VOLUME\{99C24B5C-EDA8-11EE-84AC-806E6F6E6963}#0000000000100000
Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\THERMALZONE\TZ00
Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\THERMALZONE\TZ01
Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb
Device ID: USB\VID_1EA7&PID_0064\5&2191CFCA&0&8
Name: Microsoft RRAS Root Enumerator
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service:
Device ID: SWD\MSRRAS\{5E259276-BC7E-40E3-B93B-8F89B5F3ABC0}
Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi
Device ID: ACPI\PNP0C14\0
Name: Legacy device
Description: Legacy device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:
Device ID: ACPI\INT0800\4&1E4CCCD9&0
Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport
Device ID: SWD\MSRRAS\MS_PPTPMINIPORT
Name: OneNote for Windows 10
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service:
Device ID: SWD\PRINTENUM\{082CA2FC-F4C0-4DE7-ABC8-70EC1E63BD62}
Name: Microsoft Hyper-V Virtualization Infrastructure Driver
Description: Microsoft Hyper-V Virtualization Infrastructure Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Vid
Device ID: ROOT\VID\0000
Name: HID-compliant vendor-defined device
Description: HID-compliant vendor-defined device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:
Device ID: HID\VID_1EA7&PID_0064&COL01\6&16BD2A5A&0&0000
Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0103\0
Name: OneNote for Windows 10
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service:
Device ID: SWD\PRINTENUM\{511573F4-A1F6-4A86-BC4B-CFBC35C598F6}
Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn
Device ID: SWD\MSRRAS\MS_AGILEVPNMINIPORT
Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus
Device ID: ROOT\COMPOSITEBUS\0000
Name: Microsoft Virtual Drive Enumerator
Description: Microsoft Virtual Drive Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vdrvroot
Device ID: ROOT\VDRVROOT\0000
Name: HPA6F249 (HP Officejet Pro 8600)
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: HP
Service:
Device ID: SWD\DAFWSDPROVIDER\URN:UUID:1C852A4D-B800-1F08-ABCD-A0D3C1CEF74F
Name: Microsoft Storage Spaces Controller
Description: Microsoft Storage Spaces Controller
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: spaceport
Device ID: ROOT\SPACEPORT\0000
Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Device ID: PCI\VEN_8086&DEV_8C20&SUBSYS_05A41028&REV_04\3&11583659&0&D8
Name: HP Officejet Pro 8600 Class Driver
Description: HP Officejet Pro 8600 Class Driver
Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Device ID: SWD\PRINTENUM\WSD-0E1E51B7-7DA1-414F-BDA6-C63D09972C18
Name: Intel® Active Management Technology - SOL (COM3)
Description: Intel® Active Management Technology - SOL
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: Serial
Device ID: PCI\VEN_8086&DEV_8C3D&SUBSYS_05A41028&REV_04\3&11583659&0&B3
Name: Communications Port (COM1)
Description: Communications Port
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard port types)
Service: Serial
Device ID: ACPI\PNP0501\1
Name: Microsoft Kernel Debug Network Adapter
Description: Microsoft Kernel Debug Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kdnic
Device ID: ROOT\KDNIC\0000
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT1
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT2
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT3
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT4
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT5
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT6
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT7
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT8
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT9
Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0100\4&1E4CCCD9&0
Name: Intel® USB 3.0 eXtensible Host Controller - 1.0 (Microsoft)
Description: USB xHCI Compliant Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Generic USB xHCI Host Controller
Service: USBXHCI
Device ID: PCI\VEN_8086&DEV_8C31&SUBSYS_05A41028&REV_04\3&11583659&0&A0
Name: Intel® Q87 LPC Controller - 8C4E
Description: Intel® Q87 LPC Controller - 8C4E
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: INTEL
Service: msisadrv
Device ID: PCI\VEN_8086&DEV_8C4E&SUBSYS_05A41028&REV_04\3&11583659&0&F8
Name: Volume
Description: Volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volume
Device ID: STORAGE\VOLUME\{99C24B5C-EDA8-11EE-84AC-806E6F6E6963}#0000000007500000
Name: Intel® HD Graphics 4600
Description: Intel® HD Graphics 4600
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Device ID: PCI\VEN_8086&DEV_0412&SUBSYS_05A41028&REV_06\3&11583659&0&10
Name: DBUtilDrv2 Device
Description: DBUtilDrv2 Device
Class Guid: {e0def58b-33e8-4ff0-a75d-f20e1f68e5d7}
Manufacturer: Dell Technologies
Service: DBUtilDrv2
Device ID: ROOT\DELLUTILS\0000
Name: Intel® Management Engine Interface
Description: Intel® Management Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
Device ID: PCI\VEN_8086&DEV_8C3A&SUBSYS_05A41028&REV_04\3&11583659&0&B0
Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: PCI\VEN_8086&DEV_0C00&SUBSYS_05A41028&REV_06\3&11583659&0&00
Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
Device ID: ROOT\UMBUS\0000
Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid
Device ID: HID\VID_1EA7&PID_0064&COL02\6&16BD2A5A&0&0001
Name: Intel Chipset SATA RAID Controller
Description: Intel Chipset SATA RAID Controller
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: iaStorAVC
Device ID: PCI\VEN_8086&DEV_2822&SUBSYS_05A41028&REV_04\3&11583659&0&FA
Name: Microsoft Radio Device Enumeration Bus
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service:
Device ID: SWD\RADIO\{3DB5895D-CC28-44B3-AD3D-6F01A782B8D2}
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT10
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT11
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT12
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT13
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT14
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT15
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT16
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT17
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT18
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT19
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT20
Name: Intel® Ethernet Connection I217-LM
Description: Intel® Ethernet Connection I217-LM
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: e1dexpress
Device ID: PCI\VEN_8086&DEV_153A&SUBSYS_05A41028&REV_04\3&11583659&0&C8
Name: Microsoft Device Association Root Enumerator
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service:
Device ID: SWD\MSDAS\{CE958E9A-424F-4C88-86F4-11314821E75A}
Name: ACPI x64-based PC
Description: ACPI x64-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL
Device ID: ROOT\ACPI_HAL\0000
Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: SWD\MSRRAS\MS_NDISWANBH
Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: SWD\MSRRAS\MS_NDISWANIP
Name: PCI Express Root Complex
Description: PCI Express Root Complex
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: ACPI\PNP0A08\0
Name: Volume
Description: Volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volume
Device ID: STORAGE\VOLUME\{99C24B5C-EDA8-11EE-84AC-806E6F6E6963}#0000000006500000
Name: SAMSUNG MZ7LN256HCHP-000L7
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
Device ID: SCSI\DISK&VEN_SAMSUNG&PROD_MZ7LN256HCHP-000\4&38668A08&0&000000
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0280&SUBSYS_102805A4&REV_1000\4&A201051&0&0001
Name: Intel® 8 Series/C220 Series SMBus Controller - 8C22
Description: Intel® 8 Series/C220 Series SMBus Controller - 8C22
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: INTEL
Service:
Device ID: PCI\VEN_8086&DEV_8C22&SUBSYS_05A41028&REV_04\3&11583659&0&FB
Name: HPA6F249 (HP Officejet Pro 8600)
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: HP
Service:
Device ID: SWD\PRINTENUM\{BB2E484C-F9C4-4712-A275-EC4511A734AC}
Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI
Device ID: ACPI_HAL\PNP0C08\0
Name:
Description:
Class Guid:
Manufacturer:
Service:
Device ID: HTREE\ROOT\0
Name: Microsoft Basic Render Driver
Description: Microsoft Basic Render Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BasicRender
Device ID: ROOT\BASICRENDER\0000
Name: Trusted Platform Module 1.2
Description: Trusted Platform Module 1.2
Class Guid: {d94ee5d8-d189-4994-83d2-f68d7d41b0e6}
Manufacturer: (Standard)
Service: TPM
Device ID: ACPI\PNP0C31\1
Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp
Device ID: SWD\MSRRAS\MS_SSTPMINIPORT
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB20\4&18851AC7&0
Name: Volume
Description: Volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volume
Device ID: STORAGE\VOLUME\{99C24B5C-EDA8-11EE-84AC-806E6F6E6963}#0000003B7C300000
Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\FIXEDBUTTON\2&DABA3FF&0
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C02\10
Name: HID Keyboard Device
Description: HID Keyboard Device
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: kbdhid
Device ID: HID\VID_413C&PID_2003\6&394249AC&0&0000
Name: Microsoft Wi-Fi Direct Virtual Adapter
Description: Microsoft Wi-Fi Direct Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\6&5AC7249&0&11
Name: Microsoft Wi-Fi Direct Virtual Adapter #2
Description: Microsoft Wi-Fi Direct Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\6&5AC7249&0&12
Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0B00\4&1E4CCCD9&0
Name: Xvdd SCSI Miniport
Description: Xvdd SCSI Miniport
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Xbox
Service: Xvdd
Device ID: SWD\XVDDENUM\XVDDROOTDEVICE_INSTANCE
Name: Microsoft GS Wavetable Synth
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service:
Device ID: SWD\MMDEVAPI\MICROSOFTGSWAVETABLESYNTH
Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C0C\AA
Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0000\4&1E4CCCD9&0
Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub
Device ID: USB\VID_8087&PID_8000\5&1E930CCD&0&1
Name: NDIS Virtual Network Adapter Enumerator
Description: NDIS Virtual Network Adapter Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisVirtualBus
Device ID: ROOT\NDISVIRTUALBUS\0000
Name: HPA6F249 (HP Officejet Pro 8600)
Description: WSD Print Device
Class Guid: {c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}
Manufacturer: HP
Service: WSDPrintDevice
Device ID: SWD\DAFWSDPROVIDER\URN:UUID:1C852A4D-B800-1F08-ABCD-A0D3C1CEF74F/HTTP://1C852A4D-B800-1F08-ABCD-A0D3C1CEF74F/PRINTSERVICE
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\INT3F0D\4&1E4CCCD9&0
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB20\4&2F9E09DE&0
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C02\111
Name: Speakers / Headphones (Realtek High Definition Audio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Device ID: SWD\MMDEVAPI\{0.0.0.00000000}.{CB806AA4-327D-40BB-A335-70CBD6BFD65C}
Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0200\4&1E4CCCD9&0
Name: Intel® 8 Series/C220 Series USB EHCI #2 - 8C2D
Description: Intel® 8 Series/C220 Series USB EHCI #2 - 8C2D
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci
Device ID: PCI\VEN_8086&DEV_8C2D&SUBSYS_05A41028&REV_04\3&11583659&0&D0
Name: Microsoft XPS Document Writer
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service:
Device ID: SWD\PRINTENUM\{A167EF39-495B-47F5-B688-33CAA331941B}
Name: Intel® Core i5-4590 CPU @ 3.30GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL®_CORE_I5-4590_CPU_@_3.30GHZ\_1
Name: Intel® Core i5-4590 CPU @ 3.30GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL®_CORE_I5-4590_CPU_@_3.30GHZ\_2
Name: Intel® Core i5-4590 CPU @ 3.30GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL®_CORE_I5-4590_CPU_@_3.30GHZ\_3
Name: Intel® Core i5-4590 CPU @ 3.30GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL®_CORE_I5-4590_CPU_@_3.30GHZ\_4
Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios
Device ID: ROOT\MSSMBIOS\0000
Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb
Device ID: USB\VID_413C&PID_2003\5&2191CFCA&0&4
Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum
Device ID: ROOT\SYSTEM\0000
Name: Realtek 8811CU Wireless LAN 802.11ac USB NIC
Description: Realtek 8811CU Wireless LAN 802.11ac USB NIC
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RtlWlanu
Device ID: USB\VID_0BDA&PID_C811\123456
Name: USB Root Hub (USB 3.0)
Description: USB Root Hub (USB 3.0)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB HUBs)
Service: USBHUB3
Device ID: USB\ROOT_HUB30\4&36E5125B&0&0
Name: Remote Desktop Device Redirector Bus
Description: Remote Desktop Device Redirector Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: rdpbus
Device ID: ROOT\RDPBUS\0000
Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: SWD\MSRRAS\MS_NDISWANIPV6
Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp
Device ID: SWD\MSRRAS\MS_L2TPMINIPORT
========================= Memory info: ===================================
Percentage of memory in use: 29%
Total physical RAM: 16292.2 MB
Available physical RAM: 11409.76 MB
Total Virtual: 17316.2 MB
Available Virtual: 12677.02 MB
========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:237.83 GB) (Free:89.27 GB) NTFS
========================= Users: ========================================
User accounts for \\BLUEZ9020
Administrator DefaultAccount Guest
Jade1 keyer_z86jbid nc2un
WDAGUtilityAccount
**** End of log ****
===============================================================================================
And the FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.04.2024
Ran by nc2un (administrator) on BLUEZ9020 (Dell Inc. OptiPlex 9020) (10-04-2024 16:48:10)
Running from C:\Users\nc2un\Desktop\FRST64 (1).exe
Loaded Profiles: nc2un
Platform: Microsoft Windows 10 Pro Version 22H2 19045.4291 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2403.21001.0_x64__8wekyb3d8bbwe\MicrosoftSecurityApp\MicrosoftSecurityApp.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <17>
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\Speccy\Speccy64.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscalculator_11.2401.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8538872 2016-01-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1415928 2016-01-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe [1203856 2017-06-26] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
HKU\S-1-5-21-2886619696-1302744882-3861898303-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1790472 2024-04-04] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-2886619696-1302744882-3861898303-1002\...\Run: [MicrosoftEdgeAutoLaunch_C1B12DAC5AAC1C54BB94C8721EB7C639] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4063784 2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2886619696-1302744882-3861898303-1002\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2735208 2024-04-02] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-2886619696-1302744882-3861898303-1008\...\Run: [MicrosoftEdgeAutoLaunch_00A91C241DD5E35E00006D7BD28FE8EA] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4063784 2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\123.0.6312.106\Installer\chrmstp.exe [2024-04-04] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {F9AD9235-1D24-40D4-A961-258B4FCDBC01} - System32\Tasks\GoogleUpdateTaskMachineCore{008A7899-0CE7-495B-A689-8A98ABC335A1} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-03-29] (Google LLC -> Google LLC)
Task: {0A3FAC08-2E69-4CCA-BFD5-E672EC501CEF} - System32\Tasks\GoogleUpdateTaskMachineUA{BC80E2C5-622E-4EE7-8620-EC3831DE40B0} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-03-29] (Google LLC -> Google LLC)
Task: {02906E85-B0FA-4ECD-83CF-D86E32A6B077} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [668464 2017-02-24] (Intel® Trust Services -> Intel® Corporation)
Task: {6E201403-5389-4C6F-B3C9-47B8B5DC9EB3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2CC3577D-8D37-427E-8D6F-38BA01C59E6F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2026938B-5C19-46A8-B704-028FEBAA2186} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B55D1C64-8CC5-438A-BCFB-996062A41F48} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {76F1C9C6-180B-4431-98EF-250DAD115295} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2886619696-1302744882-3861898303-1008 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {9B0273EA-E4F0-4D03-BC90-CBA460CEAFCD} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2886619696-1302744882-3861898303-1008 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {EA15B987-3F19-4F4D-8B43-4444162D9E1A} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2644488 2024-04-04] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.4.1
Tcpip\..\Interfaces\{12702b3b-5ff4-4a6c-8b39-488572bd8591}: [DhcpNameServer] 192.168.4.1
Tcpip\..\Interfaces\{8d55b88a-f43b-4265-975d-ab918fad7ec1}: [DhcpNameServer] 192.168.4.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\nc2un\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-10]
Edge HomePage: Default -> hxxps://www.bing.com/?homepage
Edge DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
Edge DefaultSearchKeyword: Default -> duckduckgo.com
Edge DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
Edge Extension: (LastPass: Free Password Manager) - C:\Users\nc2un\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bbcinlkgjjkejfdpemiealijmmooekmp [2024-04-03]
Edge Extension: (Microsoft Defender Browser Protection) - C:\Users\nc2un\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bkbeeeffjjeopflfhgeknacdieedcoml [2024-03-29]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\nc2un\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-04-10]
Edge Extension: (DuckDuckGo) - C:\Users\nc2un\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caoacbimdbbljakfhgikoodekdnlcgpk [2024-03-29]
Edge Extension: (Google Docs Offline) - C:\Users\nc2un\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-29]
Edge Extension: (Microsoft Editor: Spelling & Grammar Checker) - C:\Users\nc2un\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hokifickgkhplphjiodbggjmoafhignh [2024-03-29]
Edge Extension: (Edge relevant text changes) - C:\Users\nc2un\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-29]
Chrome:
=======
CHR Profile: C:\Users\nc2un\AppData\Local\Google\Chrome\User Data\Default [2024-04-10]
CHR Extension: (Google Docs Offline) - C:\Users\nc2un\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-04]
CHR Extension: (0) - C:\Users\nc2un\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-04-10]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [12200040 2024-04-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-04-10] (HP Inc. -> HP Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8882936 2024-03-29] (Malwarebytes Inc. -> Malwarebytes)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2644488 2024-04-04] (Overwolf Ltd -> Overwolf LTD)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKIS; C:\WINDOWS\System32\drivers\AppleKIS.sys [68032 2023-11-20] (Apple Inc. -> Apple Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [39272 2023-11-20] (Apple Inc. -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [55608 2023-11-20] (Apple Inc. -> Apple Inc.)
S3 AppleRSM; C:\WINDOWS\System32\drivers\AppleRSM.sys [79704 2023-11-20] (Apple Inc. -> Apple Inc.)
R3 cpuz149; C:\Users\nc2un\AppData\Local\Temp\cpuz149\cpuz149_x64.sys [44320 2024-04-10] (CPUID S.A.R.L.U. -> CPUID) <==== ATTENTION
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2024-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [46640 2023-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 HWiNFO_191; C:\Users\nc2un\AppData\Local\Temp\HWiNFO64A_191.SYS [57936 2024-03-29] (Microsoft Windows Hardware Compatibility Publisher -> REALiX) <==== ATTENTION
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-03-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20936 2024-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601376 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-04-10 16:47 - 2024-04-10 16:48 - 000013884 _____ C:\Users\nc2un\Desktop\FRST.txt
2024-04-10 16:47 - 2024-04-10 16:47 - 000032337 _____ C:\Users\nc2un\Desktop\Addition.txt
2024-04-10 16:30 - 2024-04-10 16:46 - 000041627 _____ C:\WINDOWS\SysWOW64\MTB.txt
2024-04-10 14:43 - 2024-04-10 14:44 - 002394112 _____ (Farbar) C:\Users\nc2un\Desktop\FRST64 (1).exe
2024-04-10 11:05 - 2024-04-10 11:05 - 000020861 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-04-10 11:04 - 2024-04-10 11:04 - 000020861 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-04-10 10:58 - 2024-04-10 10:58 - 000000000 ___HD C:\$WinREAgent
2024-04-10 10:47 - 2024-04-10 10:47 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-04-10 10:46 - 2024-04-10 16:38 - 000000000 ____D C:\Users\nc2un\AppData\Local\CrashDumps
2024-04-10 08:01 - 2024-04-10 08:03 - 000084054 _____ C:\Users\keyer_z86jbid\Downloads\WEST TEXAS TRIBUNE.pdf
2024-04-10 07:03 - 2024-04-10 07:03 - 000044064 _____ C:\Users\keyer_z86jbid\Downloads\il_1140xN.5840910967_kv4o.avif
2024-04-10 07:01 - 2024-04-10 07:01 - 000045284 _____ C:\Users\keyer_z86jbid\Downloads\il_794xN.1998461350_h2wy.webp
2024-04-10 06:47 - 2024-04-10 06:47 - 000124380 _____ C:\Users\keyer_z86jbid\Downloads\R (1).jfif
2024-04-10 06:40 - 2024-04-10 06:40 - 000706022 _____ C:\Users\keyer_z86jbid\Downloads\R.jfif
2024-04-09 12:12 - 2024-04-09 12:12 - 000098093 _____ C:\Users\nc2un\Documents\Completely Clean Install of Windows 10 - MCT USB Method.pdf
2024-04-09 01:57 - 2024-04-09 01:57 - 000000672 _____ C:\Users\nc2un\Documents\CREDIT REPORT.txt
2024-04-09 01:53 - 2024-04-09 01:53 - 000000097 _____ C:\Users\nc2un\Desktop\Application for Assistance.url
2024-04-08 23:59 - 2024-04-08 23:59 - 001171863 _____ C:\Users\nc2un\Documents\DetailedBillSep2023
2024-04-08 16:25 - 2024-04-09 16:40 - 000000000 ____D C:\Users\Jade1\AppData\Roaming\StardewValley
2024-04-08 16:25 - 2024-04-08 16:25 - 000000000 ____D C:\Users\Jade1\AppData\Local\GOG.com
2024-04-08 15:22 - 2024-04-08 15:22 - 000000199 _____ C:\Users\nc2un\Documents\apr Bills.txt
2024-04-08 14:14 - 2024-04-10 16:09 - 000000000 ____D C:\Users\Jade1\AppData\Local\CrashDumps
2024-04-08 13:48 - 2024-04-08 13:56 - 000015307 _____ C:\Users\nc2un\Downloads\MTB.txt
2024-04-08 13:47 - 2024-04-08 13:47 - 000956928 _____ (Farbar) C:\Users\nc2un\Downloads\MiniToolBox (1).exe
2024-04-06 07:58 - 2024-04-06 08:14 - 223437856 _____ (Dell Inc.) C:\Users\nc2un\Downloads\Intel-HD-4000-and-5000-Series-Graphics-Driver_4KV26_WIN_20.19.15.5063_A08_03 (3).EXE
2024-04-06 03:25 - 2024-04-06 03:25 - 000000000 ____D C:\Users\keyer_z86jbid\AppData\Local\Apple Inc
2024-04-06 03:24 - 2024-04-10 15:52 - 000000000 ____D C:\Users\nc2un\AppData\Roaming\Apple Computer
2024-04-06 03:24 - 2024-04-10 15:52 - 000000000 ____D C:\Users\nc2un\AppData\Local\Apple Computer
2024-04-06 03:22 - 2024-04-06 03:22 - 000000000 ____D C:\Users\keyer_z86jbid\AppData\Local\Apple
2024-04-06 03:20 - 2024-04-06 03:20 - 134650184 _____ (Apple Inc.) C:\Users\keyer_z86jbid\Downloads\iTunes64Setup (2).exe
2024-04-06 03:17 - 2024-04-10 15:52 - 000000000 ____D C:\Users\keyer_z86jbid\AppData\Roaming\Apple Computer
2024-04-06 03:17 - 2024-04-06 03:18 - 134650184 _____ (Apple Inc.) C:\Users\keyer_z86jbid\Downloads\iTunes64Setup (1).exe
2024-04-06 03:16 - 2024-04-06 03:16 - 000000000 ____D C:\Users\nc2un\AppData\Local\Apple
2024-04-06 03:16 - 2024-04-06 03:16 - 000000000 ____D C:\Program Files\Bonjour
2024-04-06 03:16 - 2024-04-06 03:16 - 000000000 ____D C:\Program Files (x86)\Bonjour
2024-04-06 03:15 - 2024-04-06 03:15 - 200998888 _____ (Apple Inc.) C:\Users\keyer_z86jbid\Downloads\iTunes64Setup.exe
2024-04-05 23:02 - 2024-04-05 23:02 - 000000000 ____D C:\Users\nc2un\AppData\Local\GlassWire
2024-04-05 11:41 - 2024-04-05 11:41 - 000000000 ____D C:\ProgramData\GlassWire
2024-04-05 11:14 - 2024-04-08 13:56 - 000000000 ____D C:\Users\nc2un\Documents\NC2U Logs Collections
2024-04-05 11:03 - 2024-04-05 11:37 - 000959488 _____ (Farbar) C:\Users\nc2un\Downloads\FSS.exe
2024-04-05 11:00 - 2024-04-05 11:01 - 306040584 _____ (Malwarebytes) C:\Users\nc2un\Downloads\MBSetup-076981.076981-5.1.1.106.exe
2024-04-05 10:59 - 2024-04-05 10:59 - 000956928 _____ (Farbar) C:\Users\nc2un\Downloads\MiniToolBox.exe
2024-04-05 10:56 - 2024-04-05 10:56 - 008791352 _____ (Malwarebytes) C:\Users\nc2un\Downloads\AdwCleaner.exe
2024-04-05 10:54 - 2024-04-05 10:54 - 040499088 _____ (SecureMix LLC) C:\Users\nc2un\Downloads\glasswire-setup-2.1.3167.exe
2024-04-05 10:37 - 2024-04-10 16:48 - 000000000 ____D C:\FRST
2024-04-05 10:36 - 2024-04-05 10:36 - 002393088 _____ (Farbar) C:\Users\nc2un\Downloads\FRST64.exe
2024-04-04 14:30 - 2024-04-04 14:30 - 183113960 _____ (Intel Corporation) C:\Users\nc2un\Downloads\win64_15407.4279.exe
2024-04-04 14:29 - 2024-04-04 14:29 - 000004066 _____ C:\Users\nc2un\Downloads\readme64.txt
2024-04-04 12:32 - 2024-04-04 12:33 - 000000000 ____D C:\Program Files\Speccy
2024-04-04 12:32 - 2024-04-04 12:32 - 000000837 _____ C:\Users\Public\Desktop\Speccy.lnk
2024-04-04 12:31 - 2024-04-04 12:31 - 004421736 _____ (Piriform Software Ltd) C:\Users\nc2un\Downloads\spsetup132_pro (1).exe
2024-04-03 04:10 - 2024-04-03 04:10 - 000000189 _____ C:\Users\nc2un\Desktop\Dell OptiPlex 9020 Small Form Factor Owner's Manual - Dell US.url
2024-04-03 03:09 - 2024-04-03 03:09 - 000000000 ___RD C:\Users\nc2un\Documents\DellInc.DellSupportAssistforPCs_htrsf667h5kn2!App
2024-04-03 02:50 - 2024-04-03 02:50 - 000000000 ____D C:\Users\nc2un\AppData\Local\PeerDistRepub
2024-04-02 13:14 - 2024-04-02 13:14 - 000000000 ____D C:\Users\keyer_z86jbid\AppData\Local\OneDrive
2024-04-02 10:05 - 2024-04-02 10:05 - 000337875 _____ C:\Users\keyer_z86jbid\Downloads\Weekly-Pay-Stub-Template-TemplateLab.com_3.pdf
2024-04-02 10:03 - 2024-04-02 10:03 - 000337867 _____ C:\Users\keyer_z86jbid\Downloads\Weekly-Pay-Stub-Template-TemplateLab.com_2.pdf
2024-04-02 09:58 - 2024-04-02 09:58 - 000338127 _____ C:\Users\keyer_z86jbid\Downloads\Weekly-Pay-Stub-Template-TemplateLab.com_1.pdf
2024-04-02 09:41 - 2024-04-02 09:57 - 000338127 _____ C:\Users\keyer_z86jbid\Downloads\Weekly-Pay-Stub-Template-TemplateLab.com_.pdf
2024-04-02 09:40 - 2024-04-02 09:40 - 000522070 _____ C:\Users\keyer_z86jbid\Downloads\Waitress-Pay-Stub-Template-TemplateLab.com_.pdf
2024-04-02 07:56 - 2024-04-02 07:56 - 000084615 _____ C:\Users\keyer_z86jbid\Downloads\Screenshot_2-4-2024_75627_formswift.com.jpeg
2024-04-02 07:56 - 2024-04-02 07:56 - 000060111 _____ C:\Users\keyer_z86jbid\Downloads\Screenshot_2-4-2024_75656_formswift.com.jpeg
2024-04-02 07:50 - 2024-04-02 07:50 - 000087331 _____ C:\Users\keyer_z86jbid\Downloads\Screenshot_2-4-2024_75015_formswift.com.jpeg
2024-04-02 07:47 - 2024-04-02 07:47 - 000143202 _____ C:\Users\keyer_z86jbid\Downloads\Screenshot_2-4-2024_7473_formswift.com.jpeg
2024-04-02 07:47 - 2024-04-02 07:47 - 000087331 _____ C:\Users\keyer_z86jbid\Downloads\Screenshot_2-4-2024_74743_formswift.com.jpeg
2024-04-02 07:46 - 2024-04-02 07:46 - 000143202 _____ C:\Users\keyer_z86jbid\Downloads\Screenshot_2-4-2024_74654_formswift.com.jpeg
2024-04-02 07:33 - 2024-04-02 07:33 - 000142160 _____ C:\Users\keyer_z86jbid\Downloads\Screenshot_2-4-2024_73330_formswift.com.jpeg
2024-04-02 07:33 - 2024-04-02 07:33 - 000060341 _____ C:\Users\keyer_z86jbid\Downloads\Screenshot_2-4-2024_73355_formswift.com.jpeg
2024-04-02 07:06 - 2024-04-02 07:06 - 000070143 _____ C:\Users\keyer_z86jbid\Downloads\OIP.jfif
2024-04-02 07:01 - 2024-04-02 07:01 - 000220733 _____ C:\Users\keyer_z86jbid\Downloads\Screenshot_2-4-2024_7121_formswift.com.jpeg
2024-04-02 07:00 - 2024-04-02 07:00 - 000220733 _____ C:\Users\keyer_z86jbid\Downloads\Screenshot_2-4-2024_7033_formswift.com.jpeg
2024-04-01 13:54 - 2024-04-01 13:54 - 000000000 ____D C:\Users\Jade1\AppData\Local\Comms
2024-04-01 11:08 - 2024-04-01 11:08 - 000000000 ____D C:\Users\keyer_z86jbid\AppData\Local\Backup
2024-03-31 16:46 - 2024-03-31 16:46 - 000000000 ____D C:\Users\keyer_z86jbid\AppData\Local\Comms
2024-03-31 16:43 - 2024-03-31 16:43 - 000000000 ____D C:\Users\keyer_z86jbid\AppData\Roaming\Microsoft\Spelling
2024-03-31 16:40 - 2024-03-31 16:40 - 000000000 ____D C:\Users\keyer_z86jbid\AppData\Local\Origin
2024-03-31 16:40 - 2024-03-31 16:40 - 000000000 ____D C:\Users\keyer_z86jbid\AppData\Local\Electronic Arts
2024-03-31 16:40 - 2024-03-31 16:40 - 000000000 ____D C:\Users\keyer_z86jbid\AppData\Local\EALaunchHelper
2024-03-31 16:40 - 2024-03-31 16:40 - 000000000 ____D C:\Users\keyer_z86jbid\AppData\Local\cache
2024-03-31 16:33 - 2024-04-09 14:13 - 000000000 ____D C:\Users\keyer_z86jbid\AppData\Local\PlaceholderTileLogoFolder
2024-03-31 16:32 - 2024-04-10 15:58 - 000003126 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2886619696-1302744882-3861898303-1008
2024-03-31 16:31 - 2024-04-10 15:58 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2886619696-1302744882-3861898303-1008
2024-03-31 16:31 - 2024-04-10 10:14 - 000000000 ____D C:\Users\keyer_z86jbid\AppData\Local\Packages
2024-03-31 16:31 - 2024-04-07 19:57 - 000000000 ____D C:\Users\keyer_z86jbid\AppData\Local\Malwarebytes
2024-03-31 16:31 - 2024-03-31 20:54 - 000000000 ____D C:\Users\keyer_z86jbid\AppData\Local\ConnectedDevicesPlatform
2024-03-31 16:31 - 2024-03-31 16:31 - 000000020 ___SH C:\Users\keyer_z86jbid\ntuser.ini
2024-03-31 16:31 - 2024-03-31 16:31 - 000000000 ____D C:\Users\keyer_z86jbid\AppData\Roaming\Microsoft\Network
2024-03-31 16:31 - 2024-03-31 16:31 - 000000000 ____D C:\Users\keyer_z86jbid\AppData\Local\VirtualStore
2024-03-31 16:31 - 2024-03-31 16:31 - 000000000 ____D C:\Users\keyer_z86jbid\AppData\Local\Publishers
2024-03-31 16:31 - 2024-03-31 16:31 - 000000000 ____D C:\Users\keyer_z86jbid\AppData\Local\Google
2024-03-31 10:37 - 2024-03-31 10:37 - 005727416 _____ C:\Users\Jade1\Downloads\norton_private_browser_setup.exe
2024-03-31 09:24 - 2024-03-31 09:24 - 000000000 ____D C:\Users\Jade1\AppData\Local\EALaunchHelper
2024-03-30 20:33 - 2024-03-30 20:33 - 000019281 _____ C:\Users\Jade1\Downloads\[bobatrait] banana cas background.package
2024-03-30 18:52 - 2024-03-30 18:52 - 002140704 _____ (Overwolf Ltd.) C:\Users\Jade1\Downloads\CurseForge - Installer (2).exe
2024-03-30 18:48 - 2024-03-30 18:50 - 000185930 _____ C:\Users\Jade1\Downloads\EA DLC Unlocker v2.7z
2024-03-30 16:48 - 2024-03-30 16:48 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2024-03-30 16:46 - 2024-03-30 16:46 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2024-03-30 08:59 - 2024-03-30 08:59 - 000000000 ____D C:\Users\nc2un\AppData\Local\Backup
2024-03-30 08:58 - 2024-03-30 08:58 - 000000000 ____D C:\Users\Jade1\AppData\Local\Backup
2024-03-30 08:57 - 2024-04-05 13:19 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-03-30 08:57 - 2024-03-30 08:57 - 000004408 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2024-03-30 08:57 - 2024-03-30 08:57 - 000002321 _____ C:\Users\Jade1\Desktop\CurseForge.lnk
2024-03-30 08:57 - 2024-03-30 08:57 - 000000000 ____D C:\Users\nc2un\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2024-03-30 08:57 - 2024-03-30 08:57 - 000000000 ____D C:\Users\Jade1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2024-03-30 08:57 - 2024-03-30 08:57 - 000000000 ____D C:\ProgramData\Overwolf
2024-03-30 08:56 - 2024-04-08 17:58 - 000000000 ____D C:\Users\Jade1\AppData\Local\Overwolf
2024-03-30 08:56 - 2024-04-03 01:04 - 000000000 ____D C:\Users\nc2un\AppData\Local\Overwolf
2024-03-30 08:56 - 2024-03-30 08:56 - 002140704 _____ (Overwolf Ltd.) C:\Users\Jade1\Downloads\CurseForge - Installer (1).exe
2024-03-30 08:50 - 2024-04-08 13:51 - 000000000 ____D C:\Users\Jade1\AppData\Local\Malwarebytes
2024-03-30 08:50 - 2024-03-30 08:50 - 000000000 ____D C:\Users\Jade1\AppData\Local\Google
2024-03-29 19:00 - 2024-04-06 03:19 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2024-03-29 18:57 - 2024-03-29 18:57 - 000000000 _____ C:\WINDOWS\SysWOW64\wsmand.log.lock
2024-03-29 18:56 - 2024-03-29 18:56 - 000000000 ____D C:\Users\nc2un\AppData\Local\Google
2024-03-29 18:48 - 2024-03-29 18:48 - 000003738 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2024-03-29 18:48 - 2019-05-17 04:17 - 000002291 ____N C:\WINDOWS\system32\SetupBD.din
2024-03-29 18:47 - 2024-03-29 18:48 - 000000000 ____D C:\ProgramData\Intel
2024-03-29 18:47 - 2024-03-29 18:48 - 000000000 ____D C:\Program Files (x86)\Intel
2024-03-29 18:45 - 2024-03-29 18:45 - 000000000 _____ C:\WINDOWS\invcol.tmp
2024-03-29 18:35 - 2024-04-09 11:53 - 000000000 ____D C:\Program Files\Dell
2024-03-29 18:35 - 2024-04-05 11:45 - 000000000 ____D C:\ProgramData\Dell
2024-03-29 18:35 - 2024-04-05 11:45 - 000000000 ____D C:\Program Files (x86)\Dell
2024-03-29 18:35 - 2024-03-29 18:35 - 000000000 ____D C:\Program Files\dotnet
2024-03-29 17:37 - 2024-04-10 16:21 - 000000000 ____D C:\Users\nc2un\AppData\Local\Malwarebytes
2024-03-29 17:37 - 2024-03-29 17:37 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-03-29 17:37 - 2024-03-29 17:37 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-03-29 17:36 - 2024-04-10 16:47 - 000000000 ____D C:\Program Files (x86)\Google
2024-03-29 17:36 - 2024-04-04 19:47 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-29 17:36 - 2024-04-04 19:47 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-03-29 17:36 - 2024-03-29 18:48 - 000000000 ____D C:\Program Files\HWiNFO64
2024-03-29 17:36 - 2024-03-29 17:42 - 000003790 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{BC80E2C5-622E-4EE7-8620-EC3831DE40B0}
2024-03-29 17:36 - 2024-03-29 17:42 - 000003666 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{008A7899-0CE7-495B-A689-8A98ABC335A1}
2024-03-29 17:36 - 2024-03-29 17:36 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-03-29 17:36 - 2024-03-29 17:36 - 000000000 ____D C:\Program Files\Malwarebytes
2024-03-29 17:36 - 2024-03-29 17:36 - 000000000 ____D C:\Program Files\Google
2024-03-29 09:57 - 2024-03-29 09:57 - 000000000 ____D C:\ProgramData\Origin
2024-03-29 09:51 - 2024-03-29 09:51 - 000000000 ____D C:\Users\Jade1\AppData\Local\PlaceholderTileLogoFolder
2024-03-29 09:50 - 2024-03-29 09:50 - 000000000 ____D C:\Users\Jade1\AppData\Local\OneDrive
2024-03-29 09:49 - 2024-03-29 10:00 - 000000000 ____D C:\Users\Jade1\AppData\Roaming\Microsoft\Spelling
2024-03-29 09:49 - 2024-03-29 09:49 - 000000000 ____D C:\Users\Jade1\AppData\Local\Origin
2024-03-29 09:49 - 2024-03-29 09:49 - 000000000 ____D C:\Users\Jade1\AppData\Local\Electronic Arts
2024-03-29 09:49 - 2024-03-29 09:49 - 000000000 ____D C:\Users\Jade1\AppData\Local\EADesktop
2024-03-29 09:49 - 2024-03-29 09:49 - 000000000 ____D C:\Users\Jade1\AppData\Local\cache
2024-03-29 09:48 - 2024-04-08 16:24 - 000000000 ____D C:\Users\Jade1\AppData\Local\Packages
2024-03-29 09:48 - 2024-03-30 08:50 - 000000000 ____D C:\Users\Jade1\AppData\Local\ConnectedDevicesPlatform
2024-03-29 09:48 - 2024-03-29 09:48 - 000000020 ___SH C:\Users\Jade1\ntuser.ini
2024-03-29 09:48 - 2024-03-29 09:48 - 000000000 ____D C:\Users\Jade1\AppData\Roaming\Microsoft\Network
2024-03-29 09:48 - 2024-03-29 09:48 - 000000000 ____D C:\Users\Jade1\AppData\Local\VirtualStore
2024-03-29 09:48 - 2024-03-29 09:48 - 000000000 ____D C:\Users\Jade1\AppData\Local\Publishers
2024-03-29 09:40 - 2024-03-29 09:40 - 000000000 ____D C:\ProgramData\PLUG
2024-03-29 09:18 - 2024-04-10 16:26 - 000000000 ____D C:\ProgramData\Apple Computer
2024-03-29 09:18 - 2024-04-10 10:38 - 000000000 ____D C:\ProgramData\Apple Inc
2024-03-29 09:18 - 2024-04-09 11:43 - 000000000 ____D C:\ProgramData\Apple
2024-03-29 09:16 - 2024-03-29 09:16 - 000000000 ____D C:\Program Files\RUXIM
2024-03-29 09:16 - 2024-03-29 09:16 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2024-03-29 09:15 - 2024-04-10 10:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-03-29 09:03 - 2024-03-29 09:03 - 000000000 ____D C:\Users\nc2un\AppData\Local\EALaunchHelper
2024-03-29 08:59 - 2024-04-10 10:34 - 000000000 ____D C:\Users\nc2un\AppData\Local\ElevatedDiagnostics
2024-03-29 08:42 - 2024-03-29 08:42 - 000001377 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2024-03-29 08:42 - 2024-03-29 08:42 - 000000000 ____D C:\ProgramData\Electronic Arts
2024-03-29 08:41 - 2024-03-29 08:41 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2024-03-29 08:41 - 2024-03-29 08:34 - 000447752 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2024-03-29 08:32 - 2024-04-09 11:53 - 000000000 ____D C:\ProgramData\Package Cache
2024-03-29 08:32 - 2024-04-02 13:26 - 000000000 ____D C:\ProgramData\EA Desktop
2024-03-29 08:32 - 2024-03-29 08:33 - 000000000 ____D C:\Users\nc2un\AppData\Local\Origin
2024-03-29 08:32 - 2024-03-29 08:33 - 000000000 ____D C:\Program Files\EA Games
2024-03-29 08:32 - 2024-03-29 08:32 - 000002138 _____ C:\Users\Public\Desktop\EA.lnk
2024-03-29 08:32 - 2024-03-29 08:32 - 000000000 ____D C:\Users\nc2un\AppData\Local\Electronic Arts
2024-03-29 08:32 - 2024-03-29 08:32 - 000000000 ____D C:\Users\nc2un\AppData\Local\EADesktop
2024-03-29 08:32 - 2024-03-29 08:32 - 000000000 ____D C:\Users\nc2un\AppData\Local\cache
2024-03-29 08:32 - 2024-03-29 08:32 - 000000000 ____D C:\Program Files\Electronic Arts
2024-03-29 08:31 - 2024-03-29 08:31 - 002458240 _____ (Electronic Arts) C:\Users\nc2un\Downloads\EAappInstaller.exe
2024-03-29 08:27 - 2024-03-29 08:27 - 000001122 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2024-03-29 08:27 - 2024-03-29 08:27 - 000000000 ____D C:\Users\nc2un\AppData\Local\VS Revo Group
2024-03-29 08:27 - 2024-03-29 08:27 - 000000000 ____D C:\ProgramData\VS Revo Group
2024-03-29 08:27 - 2024-03-29 08:27 - 000000000 ____D C:\Program Files\VS Revo Group
2024-03-29 08:10 - 2024-04-04 13:28 - 000000000 ____D C:\Users\nc2un\AppData\Roaming\Microsoft\MMC
2024-03-29 07:48 - 2024-04-10 10:38 - 000000000 ____D C:\Users\nc2un\AppData\Local\D3DSCache
2024-03-29 06:44 - 2024-03-29 03:55 - 000000000 ____D C:\WINDOWS\Panther
2024-03-29 06:42 - 2024-03-29 06:42 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2024-03-29 06:42 - 2024-03-29 03:55 - 000000000 ____D C:\Windows.old
2024-03-29 06:41 - 2024-04-10 16:47 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-03-29 06:41 - 2024-04-10 16:23 - 000000000 ____D C:\WINDOWS\InboxApps
2024-03-29 06:41 - 2024-03-29 06:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\mde
2024-03-29 06:41 - 2024-03-29 06:41 - 000000000 ____D C:\ProgramData\ssh
2024-03-29 06:30 - 2024-03-29 06:30 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2024-03-29 06:25 - 2024-03-29 06:25 - 000000000 ____D C:\Users\nc2un\AppData\Local\OneDrive
2024-03-29 06:14 - 2024-03-29 06:27 - 000000000 ____D C:\Users\nc2un\AppData\Roaming\Microsoft\Spelling
2024-03-29 06:12 - 2024-04-03 01:31 - 000000000 ____D C:\Users\nc2un\AppData\Local\Comms
2024-03-29 05:56 - 2024-04-08 23:21 - 000000000 ____D C:\Users\nc2un\AppData\Local\PlaceholderTileLogoFolder
2024-03-29 05:56 - 2024-03-29 05:56 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2024-03-29 05:55 - 2024-04-10 10:46 - 000000000 ____D C:\Users\nc2un\AppData\Local\Publishers
2024-03-29 05:55 - 2024-04-10 10:46 - 000000000 ____D C:\ProgramData\Packages
2024-03-29 05:54 - 2024-04-10 16:28 - 000000000 ____D C:\Users\nc2un\AppData\Local\Packages
2024-03-29 05:54 - 2024-04-03 01:09 - 000000000 ____D C:\Users\nc2un\AppData\Local\ConnectedDevicesPlatform
2024-03-29 05:54 - 2024-03-29 05:54 - 000000020 ___SH C:\Users\nc2un\ntuser.ini
2024-03-29 05:54 - 2024-03-29 05:54 - 000000000 ____D C:\Users\nc2un\AppData\Roaming\Microsoft\Network
2024-03-29 05:54 - 2024-03-29 05:54 - 000000000 ____D C:\Users\nc2un\AppData\Roaming\Adobe
2024-03-29 05:54 - 2024-03-29 05:54 - 000000000 ____D C:\Users\nc2un\AppData\Local\VirtualStore
2024-03-29 03:56 - 2024-04-10 16:29 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-29 03:51 - 2024-04-04 14:57 - 000003612 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{27F5E093-8A0C-4650-9BB2-AE86780AB3B1}
2024-03-29 03:51 - 2024-04-04 14:57 - 000003488 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{149F8DC8-3E66-43AD-9648-FD9C1DEE95FC}
2024-03-29 03:50 - 2024-04-10 16:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-29 03:50 - 2024-04-10 05:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-03-29 03:50 - 2024-03-29 03:50 - 000013922 _____ C:\Users\Jade1\Desktop\Removed Apps.html
2024-03-29 03:50 - 2024-03-29 03:50 - 000000000 ____D C:\Users\nc2un\Documents\FreshStart
2024-03-29 03:50 - 2024-03-29 03:50 - 000000000 ____D C:\Users\Jade1\Documents\FreshStart
2024-03-29 03:49 - 2024-03-29 03:49 - 000000000 ____D C:\Users\nc2un\AppData\Roaming\Microsoft\SystemCertificates
2024-03-29 03:49 - 2024-03-29 03:49 - 000000000 ____D C:\Users\nc2un\AppData\Roaming\Microsoft\IME
2024-03-29 03:49 - 2024-03-29 03:49 - 000000000 ____D C:\Users\nc2un\AppData\Roaming\Microsoft\Crypto
2024-03-29 03:49 - 2024-03-29 03:49 - 000000000 ____D C:\Users\keyer_z86jbid\AppData\Roaming\Microsoft\SystemCertificates
2024-03-29 03:49 - 2024-03-29 03:49 - 000000000 ____D C:\Users\keyer_z86jbid\AppData\Roaming\Microsoft\Crypto
2024-03-29 03:49 - 2024-03-29 03:49 - 000000000 ____D C:\Users\Jade1\AppData\Roaming\Microsoft\SystemCertificates
2024-03-29 03:49 - 2024-03-29 03:49 - 000000000 ____D C:\Users\Jade1\AppData\Roaming\Microsoft\Crypto
2024-03-29 03:48 - 2024-04-06 02:28 - 000002407 _____ C:\Users\keyer_z86jbid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-29 03:48 - 2024-04-03 03:45 - 000000000 ____D C:\Users\nc2un
2024-03-29 03:48 - 2024-04-02 12:49 - 000000000 ____D C:\Users\keyer_z86jbid
2024-03-29 03:48 - 2024-03-31 16:31 - 000000000 ____D C:\Users\keyer_z86jbid\AppData\Roaming\Microsoft\Windows
2024-03-29 03:48 - 2024-03-29 09:48 - 000000000 ____D C:\Users\Jade1\AppData\Roaming\Microsoft\Windows
2024-03-29 03:48 - 2024-03-29 09:48 - 000000000 ____D C:\Users\Jade1
2024-03-29 03:48 - 2024-03-29 05:54 - 000000000 ____D C:\Users\nc2un\AppData\Roaming\Microsoft\Windows
2024-03-29 03:46 - 2024-04-10 16:26 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-03-29 03:46 - 2024-03-29 18:48 - 000000000 ____D C:\Program Files\Intel
2024-03-29 03:46 - 2024-03-29 03:46 - 000561169 _____ C:\WINDOWS\system32\Drivers\rtwavesskdy.dat
2024-03-29 03:46 - 2024-03-29 03:46 - 000113697 _____ C:\WINDOWS\system32\Drivers\rtwavesvolpro.dat
2024-03-29 03:46 - 2024-03-29 03:46 - 000031095 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat
2024-03-29 03:46 - 2024-03-29 03:46 - 000010945 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat
2024-03-29 03:46 - 2024-03-29 03:46 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2024-03-29 03:46 - 2024-03-29 03:46 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2024-03-29 03:46 - 2024-03-29 03:46 - 000000000 ____D C:\Program Files\Realtek
2024-03-29 03:46 - 2024-03-29 03:46 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2024-03-29 03:44 - 2024-04-10 16:23 - 000259496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-03-29 03:44 - 2024-04-10 15:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-29 03:19 - 2024-03-29 03:50 - 000000000 ___HD C:\$SysReset
2024-03-29 00:44 - 2024-03-29 00:45 - 223437856 _____ (Dell Inc.) C:\Users\nc2un\Downloads\Intel-HD-4000-and-5000-Series-Graphics-Driver_4KV26_WIN_20.19.15.5063_A08_03 (2).EXE
2024-03-29 00:17 - 2024-03-29 00:20 - 000000000 ____D C:\Users\nc2un\Documents\Outlook Files
2024-03-28 07:05 - 2024-03-28 07:05 - 000000000 ____D C:\Users\Public\Documents\Electronic Arts
2024-03-28 05:48 - 2024-03-28 05:48 - 000001400 _____ C:\Users\Jade1\Desktop - Shortcut.lnk
2024-03-28 02:58 - 2024-04-02 13:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2024-03-28 02:31 - 2024-03-28 02:31 - 002596472 _____ (Patch My PC, LLC) C:\Users\nc2un\Downloads\PatchMyPC.exe
2024-03-28 02:30 - 2024-03-29 08:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2024-03-28 02:30 - 2024-03-28 02:30 - 017726648 _____ (VS Revo Group ) C:\Users\nc2un\Downloads\RevoUninProSetup.exe
2024-03-28 01:52 - 2024-03-28 01:52 - 000142744 _____ C:\Users\nc2un\Downloads\vtuploader2.2.exe
2024-03-28 01:52 - 2024-03-28 01:52 - 000000000 ____D C:\Users\nc2un\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirusTotal Uploader 2.2
2024-03-28 01:00 - 2024-03-29 06:20 - 000000000 ____D C:\Users\nc2un\Documents\Tenant . Landlord
2024-03-27 16:44 - 2024-03-27 16:44 - 002140712 _____ (Overwolf Ltd.) C:\Users\Jade1\Downloads\CurseForge - Installer.exe
2024-03-27 16:29 - 2024-03-27 16:29 - 000002156 _____ C:\Users\Jade1\Desktop\EA.lnk
2024-03-27 15:32 - 2024-03-27 15:32 - 223437856 _____ (Dell Inc.) C:\Users\nc2un\Downloads\Intel-HD-4000-and-5000-Series-Graphics-Driver_4KV26_WIN_20.19.15.5063_A08_03 (1).EXE
2024-03-27 11:05 - 2024-03-27 11:05 - 001362832 _____ () C:\Users\keyer_z86jbid\Downloads\free-pdf-creator.exe
2024-03-27 11:04 - 2024-03-27 11:04 - 047696672 _____ (Corel Corporation) C:\Users\keyer_z86jbid\Downloads\wzsus53 (2).exe
2024-03-27 11:04 - 2024-03-27 11:04 - 047696672 _____ (Corel Corporation) C:\Users\keyer_z86jbid\Downloads\wzsus53 (1).exe
2024-03-27 11:03 - 2024-03-27 11:03 - 047696672 _____ (Corel Corporation) C:\Users\keyer_z86jbid\Downloads\wzsus53.exe
2024-03-27 02:14 - 2024-03-27 02:14 - 000545857 _____ C:\Users\keyer_z86jbid\Downloads\Master your Mind - The Smart Read (2).epub
2024-03-27 02:04 - 2024-03-27 02:04 - 000545857 _____ C:\Users\keyer_z86jbid\Downloads\Master your Mind - The Smart Read (1).epub
2024-03-27 01:56 - 2024-03-27 01:56 - 000545857 _____ C:\Users\keyer_z86jbid\Downloads\Master your Mind - The Smart Read.epub
2024-03-26 23:54 - 2024-03-26 23:54 - 000060994 _____ C:\Users\keyer_z86jbid\Downloads\taxreturn (1).pdf
2024-03-26 23:47 - 2024-03-26 23:47 - 000139124 _____ C:\Users\keyer_z86jbid\Downloads\File_000.jpeg
2024-03-26 23:47 - 2024-03-26 23:47 - 000083554 _____ C:\Users\keyer_z86jbid\Downloads\2019TaxReturn (1).PDF
2024-03-26 23:45 - 2024-03-26 23:45 - 000109705 _____ C:\Users\keyer_z86jbid\Downloads\1.pdf
2024-03-26 11:59 - 2024-03-26 11:59 - 000771146 _____ C:\Users\keyer_z86jbid\Downloads\wellness-guidelines-adult-tx.pdf
2024-03-26 11:09 - 2024-03-26 11:09 - 000372740 _____ C:\Users\keyer_z86jbid\Downloads\bluecross id carx.pdf
2024-03-26 11:08 - 2024-03-26 11:08 - 000372740 _____ C:\Users\keyer_z86jbid\Downloads\ea5ddffe-5edf-4962-8f08-9a1be54a8986.pdf
2024-03-14 13:09 - 2024-03-14 13:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
2024-03-14 13:09 - 2024-03-14 13:09 - 000000000 ____D C:\Temp
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-04-10 16:38 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-04-10 16:29 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2024-04-10 16:28 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-04-10 16:28 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-04-10 16:26 - 2024-02-11 01:05 - 000000000 __SHD C:\Users\nc2un\IntelGraphicsProfiles
2024-04-10 16:26 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-04-10 16:23 - 2024-02-11 02:57 - 000008192 ___SH C:\DumpStack.log.tmp
2024-04-10 16:23 - 2019-12-07 04:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-04-10 16:23 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-04-10 16:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-04-10 16:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-04-10 16:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-04-10 16:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2024-04-10 16:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-04-10 16:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\Provisioning
2024-04-10 16:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-04-10 16:23 - 2019-12-07 04:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-04-10 16:11 - 2019-12-07 04:14 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2024-04-10 11:07 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-04-10 10:40 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-04-10 10:39 - 2024-02-11 01:07 - 000000000 ___HD C:\OneDriveTemp
2024-04-10 06:19 - 2024-02-13 12:13 - 000000000 ___RD C:\Users\keyer_z86jbid\OneDrive
2024-04-10 05:14 - 2024-02-13 12:14 - 000000000 __SHD C:\Users\keyer_z86jbid\IntelGraphicsProfiles
2024-04-05 23:15 - 2024-02-12 20:52 - 000000000 __SHD C:\Users\Jade1\IntelGraphicsProfiles
2024-04-05 22:11 - 2024-02-11 02:57 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-04-05 22:11 - 2024-02-11 02:57 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-04-04 12:32 - 2024-02-13 23:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2024-04-03 03:08 - 2024-02-11 01:03 - 000000000 ___SD C:\Users\nc2un\AppData\Roaming\Microsoft\Protect
2024-04-03 02:50 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2024-04-03 01:09 - 2024-02-11 01:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-04-01 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-03-31 16:31 - 2024-02-13 12:14 - 000000000 ___RD C:\Users\keyer_z86jbid\3D Objects
2024-03-30 08:53 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\appcompat
2024-03-29 17:37 - 2019-12-07 04:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-03-29 17:36 - 2024-02-13 23:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2024-03-29 09:49 - 2024-02-12 20:52 - 000000000 ___RD C:\Users\Jade1\OneDrive
2024-03-29 09:48 - 2024-02-12 20:52 - 000000000 ___RD C:\Users\Jade1\3D Objects
2024-03-29 09:20 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2024-03-29 09:20 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2024-03-29 09:20 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2024-03-29 09:20 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2024-03-29 09:20 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\servicing
2024-03-29 09:19 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2024-03-29 09:19 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2024-03-29 09:19 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2024-03-29 09:19 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2024-03-29 08:41 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-03-29 07:56 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Windows Defender
2024-03-29 07:54 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-03-29 06:43 - 2019-12-07 04:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2024-03-29 06:43 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2024-03-29 06:42 - 2024-02-11 05:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2024-03-29 06:41 - 2019-12-07 04:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2024-03-29 06:41 - 2019-12-07 04:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-03-29 06:41 - 2019-12-07 04:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-03-29 06:41 - 2019-12-07 04:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemApps
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Com
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\IME
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Common Files\System
2024-03-29 06:41 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-03-29 06:40 - 2019-12-07 04:54 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-03-29 06:40 - 2019-12-07 04:54 - 000020827 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-03-29 06:40 - 2019-12-07 04:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2024-03-29 06:40 - 2019-12-07 04:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2024-03-29 05:56 - 2024-02-11 01:06 - 000000000 ___RD C:\Users\nc2un\OneDrive
2024-03-29 05:54 - 2024-02-11 01:05 - 000000000 ___RD C:\Users\nc2un\3D Objects
2024-03-29 03:56 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\USOPrivate
2024-03-29 03:55 - 2019-12-07 04:51 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2024-03-29 03:55 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\spool
2024-03-29 03:50 - 2024-02-28 18:10 - 000000000 ____D C:\Users\Jade1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-03-28 06:02 - 2024-02-12 20:54 - 000000000 ___RD C:\Users\Jade1\Screenshots
2024-03-28 01:24 - 2024-02-12 08:37 - 000000000 ____D C:\Users\nc2un\Documents\LILAH SCHOOL
2024-03-27 14:06 - 2024-02-18 04:48 - 000000000 ____D C:\Tenorshare
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
and the Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.04.2024
Ran by nc2un (10-04-2024 16:49:36)
Running from C:\Users\nc2un\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.4291 (X64) (2024-03-29 08:55:47)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2886619696-1302744882-3861898303-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2886619696-1302744882-3861898303-503 - Limited - Disabled)
Guest (S-1-5-21-2886619696-1302744882-3861898303-501 - Limited - Disabled)
Jade1 (S-1-5-21-2886619696-1302744882-3861898303-1002 - Limited - Enabled) => C:\Users\Jade1
keyer_z86jbid (S-1-5-21-2886619696-1302744882-3861898303-1008 - Limited - Enabled) => C:\Users\keyer_z86jbid
nc2un (S-1-5-21-2886619696-1302744882-3861898303-1001 - Administrator - Enabled) => C:\Users\nc2un
WDAGUtilityAccount (S-1-5-21-2886619696-1302744882-3861898303-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
CurseForge (HKU\S-1-5-21-2886619696-1302744882-3861898303-1002\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.249.2.1 - Overwolf app)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.166.0.5679 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{df861f89-e998-47ba-bfff-9354af4d3751}) (Version: 13.166.0.5679 - Electronic Arts)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 123.0.6312.106 - Google LLC)
HWiNFO64 (HKLM\...\HWiNFO64_is1) (Version: 8.00 - Martin Malik, REALiX s.r.o.)
Intel® Chipset Device Software (HKLM\...\{8C91A5EB-2C62-4A6D-8802-CC79FD2ED390}) (Version: 10.1.1.7 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1035 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{212B25D1-7216-4140-B248-D24BA0F80029}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{81274252-3CCE-4ABF-91F0-811144288963}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{927853D5-9CCC-4ED8-9C64-113EB34E8728}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (HKLM\...\{F6AA7E43-41A4-4304-BA96-A495C5788231}) (Version: 1.45.447.1 - Intel Corporation) Hidden
Malwarebytes version 4.6.11.320 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.11.320 - Malwarebytes)
Microsoft .NET Host - 6.0.28 (x64) (HKLM\...\{CA84969C-64F9-4606-A998-E692A5DA9B9F}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.28 (x64) (HKLM\...\{7C4254A1-17EE-4840-B9D3-7CA9B34C75CD}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.28 (x64) (HKLM\...\{4BCC5DFD-5D10-4ACC-AAA9-8A1578A9F0C6}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 123.0.2420.81 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 123.0.2420.65 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2886619696-1302744882-3861898303-1008\...\OneDriveSetup.exe) (Version: 24.055.0317.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{93E32441-3402-439F-8EF7-8EC66D3B74CA}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{4ADC7996-3183-4E8D-8827-34E6558F5B83}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM\...\{443A7BE8-E5BE-4514-BDAB-0A872E3E846B}) (Version: 48.112.10435 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM-x32\...\{bd3c5800-9256-43b9-97a7-eb349fc38d78}) (Version: 6.0.28.33420 - Microsoft Corporation)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.243.1.1 - Overwolf Ltd.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6086 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 5.2.6 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 5.2.6 - VS Revo Group, Ltd.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.105.345.1020 - Electronic Arts Inc.)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
Packages:
=========
HEVC Video Extensions -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_2.0.61933.0_x64__8wekyb3d8bbwe [2024-04-03] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6 [2024-04-10] (HP Inc.)
Microsoft Copilot -> C:\Program Files\WindowsApps\microsoft.windows.ai.copilot.provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-31] (Microsoft Corporation)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2403.21001.0_x64__8wekyb3d8bbwe [2024-04-03] (Microsoft Corporation) [Startup Task]
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.153.0_x64__pwbj9vvecjh7j [2024-03-29] (Amazon Development Centre (London) Ltd)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-03-29] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-03-29] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2022-04-04] (VS Revo Group Ltd. -> VS Revo Group)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2024-03-29] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2024-03-29] (Electronic Arts -> On2.com)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Jade1\Downloads\RecRoomSetup.exe:MBAM.Zone.Identifier [133]
AlternateDataStreams: C:\Users\nc2un\Downloads\hwi_772.exe:MBAM.Zone.Identifier [122]
AlternateDataStreams: C:\Users\nc2un\Downloads\spsetup132_pro.exe:MBAM.Zone.Identifier [360]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 04:14 - 2019-12-07 04:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT
HKU\S-1-5-21-2886619696-1302744882-3861898303-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
HKU\S-1-5-21-2886619696-1302744882-3861898303-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Jade1\Downloads\Screenshot_10-3-2024_183742_www.youtube.com.jpeg
HKU\S-1-5-21-2886619696-1302744882-3861898303-1008\Control Panel\Desktop\\Wallpaper -> C:\Users\keyer_z86jbid\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Screenshot_20231203-001803.png
DNS Servers: 192.168.4.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "RtHDVBg"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKU\S-1-5-21-2886619696-1302744882-3861898303-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_186B36493624808C4C8AA94AFEF2776A"
HKU\S-1-5-21-2886619696-1302744882-3861898303-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-2886619696-1302744882-3861898303-1001\...\StartupApproved\Run: => "Overwolf"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C3F5A2F2-E052-4AEA-848A-D656D6DB236A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.65\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E470F2DD-62EA-45AE-B0C4-2BF791C1DB1A}] => (Allow) C:\Program Files\EA Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{4298D075-82BE-4938-BFF4-5D8301195CA2}] => (Allow) C:\Program Files\EA Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{53341709-1509-4C29-91BF-09D596168A91}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.116.3213.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1F198244-8C58-4509-9EE0-8945B68944AE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.116.3213.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{54360A56-E96C-4EEE-B23D-15EBBFAD9946}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.116.3213.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{734C0CF3-AE37-47E4-A9CD-C7C80B546689}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.116.3213.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1FE73125-D7CC-4614-B16C-7E6D45D53A34}] => (Allow) C:\Program Files (x86)\Overwolf\0.243.0.9\OverwolfBrowser.exe => No File
FirewallRules: [{D5B15308-E555-4161-93C8-ECF997F9757A}] => (Allow) C:\Program Files (x86)\Overwolf\0.243.0.9\OverwolfBrowser.exe => No File
FirewallRules: [{7334DB5C-D2B7-476B-B63E-E90882F5A4B0}] => (Block) C:\Program Files (x86)\Overwolf\0.243.0.9\OverwolfBrowser.exe => No File
FirewallRules: [{17D4744E-4E8E-4E05-857A-6950A847A1A2}] => (Block) C:\Program Files (x86)\Overwolf\0.243.0.9\OverwolfBrowser.exe => No File
FirewallRules: [{632C7A9F-0BFF-4DB6-93CE-4ED4124AD51C}] => (Allow) C:\Program Files (x86)\Overwolf\0.243.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{1FEA5E9A-E903-4AA1-B2AB-119131EA14DE}] => (Allow) C:\Program Files (x86)\Overwolf\0.243.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{B34D0FB2-C727-4B83-B629-0E3A8D7F7D0C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C7D21434-B9E3-4FA8-AA0D-8F94B75DBEC7}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{5CA3B1E6-23F5-4B24-A3BC-6F49E0DD0E34}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{0FD8DF03-B4B6-4208-AAED-7F2BDB2F3C23}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F9B372AC-290F-4E49-8197-C4AA84B493D6}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{0BAE3476-FC4F-4999-BC08-D94FA6D03B59}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{4DB32C34-1605-4C9A-9F3B-C1551CF4CCBA}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C3638A89-E213-4982-B757-148800FFF30D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{BDC039BD-A055-4086-A584-A9ED56EF8581}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{3C6CE58F-4772-4730-8595-B4ED2BCF4364}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{1C87F16A-18B7-4F58-AD7B-44745E68B367}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E35CA5A0-03FA-4DF0-BE80-648A46194857}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{535DDC9F-65C7-46E2-A2BF-C81006CEF9CB}] => (Allow) c:\program files\itunes\itunes.exe => No File
FirewallRules: [{B51BDDE9-90D0-4649-B76E-CF70D0C3CDCC}] => (Allow) c:\program files\itunes\itunes.exe => No File
==================== Restore Points =========================
01-04-2024 15:36:39 Scheduled Checkpoint
03-04-2024 03:04:27 Dell Client Management Service
03-04-2024 03:15:36 Dell Client Management Service
05-04-2024 11:45:16 Dell SupportAssist OS Recovery Plugin for Dell Update
09-04-2024 11:48:53 Revo Uninstaller Pro's restore point - Apple Software Update
09-04-2024 11:54:18 Installed Apple Mobile Device Support
09-04-2024 11:54:38 Installed Apple Application Support (32-bit)
10-04-2024 10:57:59 Windows Modules Installer
10-04-2024 10:58:30 Windows Modules Installer
10-04-2024 10:59:40 Windows Modules Installer
10-04-2024 15:40:01 Revo Uninstaller Pro's restore point - iTunes
10-04-2024 15:43:08 Revo Uninstaller Pro's restore point - itunes
10-04-2024 15:47:34 Revo Uninstaller Pro's restore point - iTunes
10-04-2024 15:53:12 Revo Uninstaller Pro's restore point - Microsoft Pay
10-04-2024 16:20:12 Revo Uninstaller Pro's restore point - Patch My PC
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/10/2024 04:44:59 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80040d07, "iehistory://{S-1-5-21-2886619696-1302744882-3861898303-1001}/">.
Error: (04/10/2024 04:38:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: StartMenuExperienceHost.exe, version: 0.0.0.0, time stamp: 0x0cb7f68b
Faulting module name: ucrtbase.dll, version: 10.0.19041.3636, time stamp: 0x81cf5d89
Exception code: 0xc0000409
Fault offset: 0x000000000007286e
Faulting process id: 0xa38
Faulting application start time: 0x01da8b8db6e214f0
Faulting application path: C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: c70a4500-97d6-449f-90c3-3b1fe288000b
Faulting package full name: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.4239_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App
Error: (04/10/2024 10:46:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPPrintScanDoctorExt.exe, version: 6.0.0.0, time stamp: 0x65d87539
Faulting module name: ntdll.dll, version: 10.0.19041.3996, time stamp: 0x39215800
Exception code: 0xc0000409
Fault offset: 0x000000000007e72c
Faulting process id: 0x2688
Faulting application start time: 0x01da8b5e45717f88
Faulting application path: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6\DesktopExtension\HPPrintScanDoctorExt.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 491a1d14-7617-4175-8a87-887ec483b08f
Faulting package full name: AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6
Faulting package-relative application ID: AD2F1837.HPPrinterControl
Error: (04/10/2024 10:46:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPPrintScanDoctorExt.exe, version: 6.0.0.0, time stamp: 0x65d87539
Faulting module name: ntdll.dll, version: 10.0.19041.3996, time stamp: 0x39215800
Exception code: 0xc0000005
Fault offset: 0x00000000000a0af0
Faulting process id: 0x2688
Faulting application start time: 0x01da8b5e45717f88
Faulting application path: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6\DesktopExtension\HPPrintScanDoctorExt.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: f920fdb3-fa81-45f0-a108-ba77aea025f4
Faulting package full name: AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6
Faulting package-relative application ID: AD2F1837.HPPrinterControl
Error: (04/09/2024 11:54:39 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service Bonjour Service since QueryServiceConfig API failed
System Error:
The system cannot find the file specified..
Error: (04/09/2024 11:54:18 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service Bonjour Service since QueryServiceConfig API failed
System Error:
The system cannot find the file specified..
Error: (04/08/2024 04:25:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TCUI-App.exe, version: 19.87.2403.13001, time stamp: 0x65f1d80d
Faulting module name: KERNELBASE.dll, version: 10.0.19041.3996, time stamp: 0xb756c9ff
Exception code: 0xc000027b
Fault offset: 0x000000000012d952
Faulting process id: 0x13a4
Faulting application start time: 0x01da89fb3c6d3f49
Faulting application path: C:\Program Files\WindowsApps\Microsoft.GamingServices_19.87.13001.0_x64__8wekyb3d8bbwe\TCUI-App.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 3dcec1cb-3a43-4807-a93e-bae49fd2f11c
Faulting package full name: Microsoft.GamingServices_19.87.13001.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: Microsoft.GamingServices
Error: (04/08/2024 02:14:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 4.0.0.1750, time stamp: 0x65d75d57
Faulting module name: Qt5Core.dll, version: 5.15.8.0, time stamp: 0x620c5b61
Exception code: 0xc0000005
Fault offset: 0x0000000000245d71
Faulting process id: 0x23e4
Faulting application start time: 0x01da87d90aca4632
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: ea69e192-41f5-4bea-8085-5f602846ac1c
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (04/10/2024 04:47:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
Unable to access a key.
Error: (04/10/2024 04:47:33 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630203.
Error: (04/09/2024 04:48:18 PM) (Source: DCOM) (EventID: 10010) (User: BLUEZ9020)
Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.
Error: (04/09/2024 04:40:39 PM) (Source: DCOM) (EventID: 10010) (User: BLUEZ9020)
Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.
Error: (04/09/2024 03:53:36 PM) (Source: DCOM) (EventID: 10010) (User: BLUEZ9020)
Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.
Error: (04/09/2024 03:51:07 PM) (Source: DCOM) (EventID: 10010) (User: BLUEZ9020)
Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.
Error: (04/09/2024 11:48:12 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Apple Mobile Device Service service terminated unexpectedly. It has done this 1 time(s).
Error: (04/08/2024 06:42:18 PM) (Source: DCOM) (EventID: 10010) (User: BLUEZ9020)
Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.
Windows Defender:
================
Date: 2024-04-09 10:59:58
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-04-08 14:20:31
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-04-07 12:43:16
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-04-06 08:31:42
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-04-05 11:49:41
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: PUABundler:Win32/DisplayDriverUninstaller
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Users\nc2un\Downloads\DDU-v17.0.6.6.zip; webfile:_C:\Users\nc2un\Downloads\DDU-v17.0.6.6.zip|https://download.bleepingcomputer.com/dl/34f2593a0bead9d6c93944035b8365dc/66101eb9/windows/utilities/driver-utilities/d/display-driver-uninstaller/DDU-v17.0.6.6.zip|pid:2624,ProcessStart:133568061128103712
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.409.55.0, AS: 1.409.55.0, NIS: 1.409.55.0
Engine Version: AM: 1.1.24030.4, NIS: 1.1.24030.4
CodeIntegrity:
===============
Date: 2024-04-10 16:49:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2024-04-10 16:34:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. A25 05/30/2019
Motherboard: Dell Inc. 00V62H
Processor: Intel® Core i5-4590 CPU @ 3.30GHz
Percentage of memory in use: 35%
Total physical RAM: 16292.2 MB
Available physical RAM: 10542.87 MB
Total Virtual: 17316.2 MB
Available Virtual: 11707.14 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.83 GB) (Free:89.2 GB) (Model: SAMSUNG MZ7LN256HCHP-000L7) NTFS
\\?\Volume{b77585c5-ac9e-4172-85bb-190e3816186a}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
\\?\Volume{7a8f27dd-982f-4a43-b065-f55d8986eb69}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: C6B8F3BE)
Partition: GPT.
==================== End of Addition.txt =======================