[spoiler]Scan result of
Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2021Ran by Brit (administrator) on DESKTOP-731TIO5 (Dell Inc. Inspiron 5567) (11-12-2021 14:11:46)Running from C:\Users\\DownloadsLoaded Profiles:Platform: Microsoft Windows 10 Home Version 21H1 19043.1348 (X64) Language: English (United States)Default browser: EdgeBoot Mode: Normal==================== Processes (Whitelisted) =================(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)(Compal electronic ,inc -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe(Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe(Dell Inc -> Dell Inc.) C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistOsRecovery.exe(Dell Inc -> Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe(Entertainment Experience LLC -> ) C:\Program Files\TrueColor\TrueColorALS.exe(Entertainment Experience LLC -> Entertainment Experience) C:\Program Files\TrueColor\TrueColorUI.exe(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxCUIService.exe(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxEM.exe(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxext.exe(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\IntelCpHDCPSvc.exe(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\IntelCpHeciSvc.exe(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe\Cortana.exe(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>(OldTimer Tools) [File not signed] C:\Users\ninel\Downloads\OTL(2).exe(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe(Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:\Program Files (x86)\Qualcomm\Bluetooth Suite\AdminService.exe(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(Rivet Networks LLC -> DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe==================== Registry (Whitelisted) ===================(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel® Rapid Storage Technology -> Intel Corporation)HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [7824848 2016-07-20] (Compal electronic ,inc -> Dell Inc.)HKLM\...\Run: [TrueColor UI] => C:\Program Files\TrueColor\TrueColorUI.exe [19638160 2016-12-28] (Entertainment Experience LLC -> Entertainment Experience)HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [167496 2021-12-09] (ESET, spol. s r.o. -> ESET)HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1220416 2018-03-06] (Waves Inc -> Waves Audio Ltd.)HKU\S-1-5-21-3283282212-450907972-3644279267-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)HKU\S-1-5-21-3283282212-450907972-3644279267-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4267432 2021-11-23] (Valve Corp. -> Valve Corporation)HKU\S-1-5-21-3283282212-450907972-3644279267-1001\...\Run: [MicrosoftEdgeAutoLaunch_ABF75522AF2D4CDAACE604A2E0B9A1CD] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5HKU\S-1-5-21-3283282212-450907972-3644279267-1001\...\MountPoints2: {58680597-8556-11e7-8f7f-806e6f6e6963} - "D:\Install.exe"HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\96.0.4664.93\Installer\chrmstp.exe [2021-12-09] (Google LLC -> Google LLC)==================== Scheduled Tasks (Whitelisted) ============(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)Task: {0C9A5A22-BA76-40CD-BBCF-8E464082C873} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)Task: {2AEF8A43-FD88-4FB0-8DAD-300687E0E874} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111032 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)Task: {3F6EF3FD-26F3-480D-AC03-DE94A4FDFD81} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdateTask: {457107D3-0FD1-475B-AECD-FA205AD86DEF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)Task: {48250805-268E-4E6F-95C4-E14E0ACFB867} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)Task: {613FB29E-8AE5-4194-90AB-B61340226425} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe [110008 2016-04-27] (CyberLink Corp. -> CyberLink)Task: {63F3DE19-E1E3-4F86-84B1-124F13402898} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1060384 2021-11-15] (Dell Inc -> Dell Inc.)Task: {6C9AC551-646D-4380-A248-EE6A1AA62816} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22799320 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)Task: {6CF6D545-65CA-4A6B-A96D-4F2405A1A51D} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)Task: {75DDE363-23FC-4B86-9F18-3FDBF312B90A} - System32\Tasks\Dell Cleanup => c:\windows\system32\oem\startmenufix.vbs [1595 2016-09-14] () [File not signed]Task: {982680A6-F730-4C9E-AE7C-5BB6C14CCB36} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLVDLauncher.exe [340440 2015-01-29] (CyberLink Corp. -> CyberLink Corp.)Task: {99CA7457-B324-4CB2-9F56-A114C76908E6} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [96520 2021-08-13] (Rivet Networks LLC -> DELL)Task: {9FA72A1F-85D8-4970-83F2-FE0891846416} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"Task: {A2E33243-E6AE-436E-91CB-A76152836F27} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-04] (Google LLC -> Google LLC)Task: {A4F1FECB-4944-4D19-8F99-151A6B2C7EED} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [616232 2016-12-01] (Dropbox, Inc -> DropboxOEM)Task: {A7C91B05-62F4-4250-8611-FAA0709766EE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-04] (Google LLC -> Google LLC)Task: {C878643D-29DD-4282-8AA6-8C1C79E8CF70} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22799320 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)Task: {D9A84F67-553E-4AB7-A360-98EC6F21A7D8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)Task: {E56873E5-6608-4F1C-9825-574B4489F4F7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111032 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exeTask: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exeTask: C:\WINDOWS\Tasks\RunDLC.job => cmd c sc start Dell Help SupportWORKGROUP DESKTOP 731TIO5==================== Internet (Whitelisted) ====================(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)Tcpip\Parameters: [DhcpNameServer] 192.168.100.1Tcpip\..\Interfaces\{9d91c5e9-8e76-4fff-843d-d55c0c2e2acd}: [DhcpNameServer] 192.168.100.1Tcpip\..\Interfaces\{a39945ea-cd7b-4a8f-af68-31451f831701}: [DhcpNameServer] 192.168.100.1Edge:=======DownloadDir: C:\Users\ninel\DownloadsEdge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]Edge DefaultProfile: DefaultEdge Profile: C:\Users\ninel\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-11]FireFox:========FF DefaultProfile: nw03xgsx.defaultFF ProfilePath: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\nw03xgsx.default [2021-12-11]FF Extension: (***** Plus) - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\nw03xgsx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-12]FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-12-11]Chrome:=======CHR Profile: C:\Users\\AppData\Local\Google\Chrome\User Data\Default [2021-12-11]CHR Notifications: Default -> hxxps://www.tribalwars.netCHR DefaultSearchURL: Default -> hxxps://####.com/?q={searchTerms}CHR DefaultSearchKeyword: Default -> ####.comCHR DefaultNewTabURL: Default -> hxxps://####.com/chrome_newtabCHR DefaultSuggestURL: Default -> hxxps://####.com/ac/?q={searchTerms}&type=listCHR Extension: (Slides) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-04]CHR Extension: (Docs) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-04]CHR Extension: (Google Drive) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-04]CHR Extension: (YouTube) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-04]CHR Extension: (***** Plus - free ad blocker) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-11-24]CHR Extension: (Sheets) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-04]CHR Extension: (Google Docs Offline) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-30]CHR Extension: (Chrome Web Store Payments) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]CHR Extension: (Gmail) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-04]==================== Services (Whitelisted) ===================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)R2 AtherosSvc; C:\Program Files (x86)\Qualcomm\Bluetooth Suite\adminservice.exe [338312 2017-04-16] (Qualcomm Atheros -> Windows ® Win 7 DDK provider)R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129160 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [436256 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3847712 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [462880 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc -> Dell Inc.)R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1024680 2021-09-01] (PC-Doctor, Inc. -> PC-Doctor, Inc.)R2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [41008 2018-01-15] (Dell Inc -> Dell Inc.)R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [293528 2018-10-20] (Dell Inc -> Dell Inc.)R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-11-11] (Dell Inc -> )R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3141480 2021-12-09] (ESET, spol. s r.o. -> ESET)R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-16] (Malwarebytes Inc -> Malwarebytes)R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-07] (Dell Inc -> Dell)R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2015-09-02] (CyberLink Corp. -> CyberLink)S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2017072 2021-11-16] (Rockstar Games, Inc. -> Rockstar Games)R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1633040 2021-08-13] (Rivet Networks LLC -> Rivet Networks)R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2390800 2021-08-13] (Rivet Networks LLC -> Rivet Networks)R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-11-15] (Dell Inc -> Dell Inc.)R2 TrueColorALS; C:\Program Files\TrueColor\TrueColorALS.exe [93072 2016-12-13] (Entertainment Experience LLC -> )S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)===================== Drivers (Whitelisted) ===================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2021-12-11] (Microsoft Windows Hardware Compatibility Publisher -> Dell)R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [183408 2021-10-28] (ESET, spol. s r.o. -> ESET)R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [124496 2021-10-28] (ESET, spol. s r.o. -> ESET)S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [201984 2021-10-28] (ESET, spol. s r.o. -> ESET)R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107456 2021-10-28] (ESET, spol. s r.o. -> ESET)R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2021-01-15] (Malwarebytes Inc -> Malwarebytes)S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2021-02-16] (Malwarebytes Inc -> Malwarebytes)R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [166032 2021-08-13] (Intel Corporation -> Rivet Networks, LLC.)S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-13] (Microsoft Windows -> Microsoft Corporation)S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-13] (Microsoft Windows -> Microsoft Corporation)S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]==================== NetSvcs (Whitelisted) ===================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)==================== One month (created) (Whitelisted) =========(If an entry is included in the fixlist, the file/folder will be moved.)2021-12-11 14:11 - 2021-12-11 14:13 - 000023603 _____ C:\Users\\Downloads\FRST.txt2021-12-11 14:09 - 2021-12-11 14:12 - 000000000 ____D C:\FRST2021-12-11 14:08 - 2021-12-11 14:08 - 002311168 _____ (Farbar) C:\Users\\Downloads\FRST64.exe2021-12-11 12:53 - 2021-12-11 12:53 - 000602112 _____ (OldTimer Tools) C:\Users\\Downloads\OTL(2).exe2021-12-11 12:44 - 2021-12-11 12:46 - 000317712 _____ C:\TDSSKiller.3.1.0.28_11.12.2021_12.44.23_log.txt2021-12-11 12:43 - 2021-12-11 12:44 - 005054744 _____ (AO Kaspersky Lab) C:\Users\\Downloads\tdsskiller.exe2021-12-11 12:16 - 2021-12-11 12:16 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3283282212-450907972-3644279267-10012021-12-11 11:46 - 2021-12-11 11:46 - 000024968 _____ (Dell) C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys2021-12-08 22:13 - 2021-12-08 22:13 - 000602112 _____ (OldTimer Tools) C:\Users\\Downloads\OTL(1).exe2021-12-08 21:47 - 2021-12-11 13:36 - 000092302 _____ C:\Users\\Downloads\Extras.Txt2021-12-08 21:44 - 2021-12-11 13:33 - 000370758 _____ C:\Users\\Downloads\OTL.Txt2021-12-08 20:35 - 2021-12-08 20:35 - 000602112 _____ (OldTimer Tools) C:\Users\\Downloads\OTL.exe2021-12-08 12:12 - 2021-12-09 05:32 - 000000000 ____D C:\Program Files\Mozilla Firefox2021-12-04 09:56 - 2021-12-04 09:56 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3283282212-450907972-3644279267-10012021-12-04 09:56 - 2021-12-04 09:56 - 000002381 _____ C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk2021-11-29 12:04 - 2021-11-29 12:04 - 000003068 _____ C:\WINDOWS\system32\Tasks\SmartByte Telemetry2021-11-29 12:04 - 2021-11-29 12:04 - 000000000 ____D C:\Program Files\Rivet Networks2021-11-27 13:31 - 2021-11-27 13:31 - 000003914 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate2021-11-26 11:39 - 2021-11-26 11:39 - 000000000 _____ C:\WINDOWS\invcol.tmp2021-11-14 06:14 - 2021-11-14 06:14 - 000001156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk2021-11-14 06:14 - 2021-11-14 06:14 - 000000000 ____D C:\Program Files\PCHealthCheck2021-11-13 07:16 - 2021-11-13 07:16 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim2021-11-13 07:15 - 2021-11-13 07:15 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe2021-11-13 07:15 - 2021-11-13 07:15 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe2021-11-13 07:14 - 2021-11-13 07:14 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe2021-11-13 02:38 - 2021-11-13 02:38 - 000000000 ___HD C:\$WinREAgent==================== One month (modified) ==================(If an entry is included in the fixlist, the file/folder will be moved.)2021-12-11 13:46 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft2021-12-11 13:46 - 2017-09-03 20:06 - 000000000 ____D C:\Users\Brit\AppData\LocalLow\Mozilla2021-12-11 13:23 - 2020-12-04 05:52 - 000000000 ____D C:\Program Files (x86)\Google2021-12-11 12:17 - 2019-07-15 19:04 - 000000000 ____D C:\Program Files\CCleaner2021-12-11 11:46 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF2021-12-11 10:05 - 2020-08-24 10:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy2021-12-11 05:40 - 2019-10-10 10:25 - 000000000 ____D C:\Program Files (x86)\Steam2021-12-11 05:32 - 2020-08-24 11:06 - 000842418 _____ C:\WINDOWS\system32\PerfStringBackup.INI2021-12-11 05:30 - 2020-12-16 12:17 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update2021-12-11 05:29 - 2017-08-20 12:48 - 000000000 __SHD C:\Users\Brit\IntelGraphicsProfiles2021-12-11 05:26 - 2021-04-15 05:29 - 000008192 ___SH C:\DumpStack.log.tmp2021-12-11 05:26 - 2020-08-24 11:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT2021-12-11 05:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState2021-12-11 05:26 - 2017-08-20 04:24 - 000000000 ____D C:\Intel2021-12-10 12:06 - 2017-04-03 03:33 - 000000000 ____D C:\Program Files (x86)\Microsoft Office2021-12-09 21:02 - 2020-08-24 11:57 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA2021-12-09 21:02 - 2020-08-24 11:57 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore2021-12-09 11:28 - 2020-12-04 05:53 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk2021-12-09 11:28 - 2020-12-04 05:53 - 000002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk2021-12-09 10:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness2021-12-09 05:34 - 2020-08-24 10:38 - 000000000 ____D C:\Users\Brit2021-12-09 05:32 - 2020-10-19 21:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service2021-12-08 13:21 - 2021-07-25 02:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla2021-12-08 13:21 - 2020-10-19 21:08 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk2021-12-04 09:53 - 2020-12-16 18:32 - 000000000 ____D C:\Users\\AppData\Local\CrashDumps2021-12-03 22:50 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps2021-12-03 19:03 - 2020-06-09 04:58 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk2021-12-03 19:03 - 2020-06-09 04:58 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk2021-11-29 12:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration2021-11-27 13:47 - 2017-04-03 02:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell2021-11-24 19:47 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI2021-11-17 18:21 - 2017-04-03 02:59 - 000000000 ____D C:\ProgramData\PCDr2021-11-13 14:51 - 2019-09-09 15:23 - 000000000 ____D C:\Program Files (x86)\Rockstar Games2021-11-13 14:50 - 2020-06-27 15:52 - 000000000 ____D C:\Program Files\Rockstar Games2021-11-13 14:05 - 2020-08-24 10:30 - 000294720 _____ C:\WINDOWS\system32\FNTCACHE.DAT2021-11-13 14:05 - 2017-04-03 03:10 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job2021-11-13 14:05 - 2017-04-03 03:10 - 000000930 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job2021-11-13 13:59 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs2021-11-13 13:59 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel2021-11-13 13:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup2021-11-13 13:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism2021-11-13 13:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources2021-11-13 13:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup2021-11-13 13:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe2021-11-13 13:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism2021-11-13 13:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences2021-11-13 13:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr2021-11-13 13:59 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing2021-11-13 07:32 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp2021-11-12 16:21 - 2020-08-24 11:57 - 000003892 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA2021-11-12 16:21 - 2020-08-24 11:57 - 000003660 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore2021-11-11 06:25 - 2017-09-03 21:02 - 000000000 ____D C:\WINDOWS\system32\MRT2021-11-11 06:19 - 2017-09-03 21:01 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe==================== SigCheck ============================(There is no automatic fix for files that do not pass verification.)==================== End of
FRSTtxt ========================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2021Ran by ninel (11-12-2021 14:14:52)Running from C:\Users\\DownloadsMicrosoft Windows 10 Home Version 21H1 19043.1348 (X64) (2020-08-24 09:58:54)Boot Mode: Normal============================================================================== Accounts: =============================(If an entry is included in the fixlist, it will be removed.)Administrator (S-1-5-21-3283282212-450907972-3644279267-500 - Administrator - Disabled)DefaultAccount (S-1-5-21-3283282212-450907972-3644279267-503 - Limited - Disabled)Guest (S-1-5-21-3283282212-450907972-3644279267-501 - Limited - Disabled)Brit (S-1-5-21-3283282212-450907972-3644279267-1001 - Administrator - Enabled) => C:\Users\BritWDAGUtilityAccount (S-1-5-21-3283282212-450907972-3644279267-504 - Limited - Disabled)==================== Security Center ========================(If an entry is included in the fixlist, it will be removed.)AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}AV:
Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}==================== Installed Programs ======================(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12 - CyberLink Corp.)Dell Customer Connect (HKLM-x32\...\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}) (Version: 1.5.1.0 - Dell Inc.)Dell Help & Support (HKLM\...\{8917AEA5-01A5-476F-AA27-A52EA6C94212}) (Version: 2.6.1.0 - Dell Inc.) HiddenDell Help & Support (HKLM-x32\...\InstallShield_{8917AEA5-01A5-476F-AA27-A52EA6C94212}) (Version: 2.6.1.0 - Dell Inc.)Dell Product Registration (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.)Dell SupportAssist (HKLM\...\{E0659C89-D276-4B77-A5EC-A8F2F042E78F}) (Version: 3.10.4.18 - Dell Inc.)Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) HiddenDell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)Dell SupportAssist Remediation (HKLM\...\{5832D99C-C9C6-437F-861C-43ED6333956F}) (Version: 4.1.0.6828 - Dell Inc.) HiddenDell SupportAssist Remediation (HKLM-x32\...\{48253a97-70d4-4166-9a2b-80b3bb2fcc75}) (Version: 4.1.0.6828 - Dell Inc.)Dell Update (HKLM-x32\...\{944FB5B0-9588-45FD-ABE8-73FC879801ED}) (Version: 4.3.0 - Dell Inc.)Dropbox 20 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.)Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.541.1 - Dropbox, Inc.) HiddenESET Security (HKLM\...\{37E67F0A-50BB-430A-A2A5-F5E2F6EE96DB}) (Version: 15.0.21.0 - ESET, spol. s r.o.)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.93 - Google LLC)Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)Grand Theft Auto Vice City (HKLM-x32\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - )Hitman Blood Money (HKLM-x32\...\{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}) (Version: 1.00.0000 - Eidos)Hitman: Contracts (HKLM-x32\...\Hitman: Contracts) (Version: - Eidos)Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel® Corporation) HiddenIntel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10209.6897 - Intel Corporation)Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) HiddenIntel® Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) HiddenIntel® Wireless Bluetooth® (HKLM-x32\...\{00000060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)Intel® PROSet/Wireless Software (HKLM-x32\...\{8909c7f7-2f31-4786-b020-18218d3cabf3}) (Version: 21.40.1 - Intel Corporation)Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9434.5 - Waves Audio Ltd.) HiddenMicrosoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.43 - Microsoft Corporation)Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.14701.20226 - Microsoft Corporation)Microsoft OneDrive (HKU\S-1-5-21-3283282212-450907972-3644279267-1001\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)Mozilla
Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 95.0 (x64 en-US)) (Version: 95.0 - Mozilla)Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 81.0.2 - Mozilla)NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14701.20226 - Microsoft Corporation) HiddenOffice 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20210 - Microsoft Corporation) HiddenOffice 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20226 - Microsoft Corporation) HiddenOffice 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) HiddenproDAD Adorage 3.0 (HKLM-x32\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH)Product Registration (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.) HiddenQualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10426 - Qualcomm)Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.17.019 - Dell Inc.)Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8895.1 - Realtek Semiconductor Corp.)Realtek PC Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10586.11213 - Realtek Semiconductor Corp.)Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.52.574 - Rockstar Games)Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games)SmartByte Drivers and Services (HKLM\...\{A0CDAD3D-0329-4E3E-8DC1-30E333D6564D}) (Version: 3.1.995 - Rivet Networks)Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)True Color (HKLM\...\{843D1B75-7A4E-4C8C-8348-BDF6C6EC3333}) (Version: 1.0.1.1 - Entertainment Experience LLC) HiddenTrue Color (HKLM-x32\...\{c38d939e-31d4-44fa-a07a-d28915046b7d}) (Version: 7.9.0.0 - Entertainment Experience)True Color XML Tables (HKLM\...\{EAE8B515-AC0E-46A8-AA41-CAD18E4094CD}) (Version: 7.10.0.0 - Entertainment Experience LLC) HiddenTrueColorXMLTables (HKLM-x32\...\{bf377b78-c440-4ce9-a962-2fde04e6d4cd}) (Version: 7.10.0.0 - Entertainment Experience)Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) HiddenVulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) HiddenVulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) HiddenVulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-3) (Version: 1.0.54.1 - Intel Corporation Inc.)Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) HiddenVulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) HiddenWindows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)Packages:=========Asphalt 8: Airborne -> C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_6.0.12.0_x86__0pp20fcewvvtj [2021-12-03] (GAMELOFT SA)Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-01-10] (Autodesk Inc.)CyberLink Media Suite Essentials -> C:\Program Files\WindowsApps\DB6EA5DB.CyberLinkMediaSuiteEssentials_1.0.10.0_x86__mcezb6ze687jp [2021-11-28] (CYBERLINK CORPORATION.)Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.92.0_x64__htrsf667h5kn2 [2021-08-22] (Dell Inc)Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.7.0_x64__htrsf667h5kn2 [2021-11-27] (Dell Inc)Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2020-01-10] (Keeper Security Inc)Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-10] (Microsoft Corporation) [MS Ad]Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-10] (Microsoft Corporation) [MS Ad]Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-11-12] (Microsoft Studios) [MS Ad]Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.17.4101.0_x64__8wekyb3d8bbwe [2021-11-13] (Microsoft Studios)Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-14] (Netflix, Inc.)Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2020-01-10] (Plex)==================== Custom CLSID (Whitelisted): ==============(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)CustomCLSID: HKU\S-1-5-21-3283282212-450907972-3644279267-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)CustomCLSID: HKU\S-1-5-21-3283282212-450907972-3644279267-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\ninel\Dropbox [2017-08-20 12:49]ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No FileContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No FileContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No FileContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-04-28] (CyberLink Corp. -> Cyberlink)ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-12-09] (ESET, spol. s r.o. -> ESET)ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-04-28] (CyberLink Corp. -> Cyberlink)ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-12-09] (ESET, spol. s r.o. -> ESET)ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No FileContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No FileContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No FileContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No FileContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxDTCM.dll [2020-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No FileContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-12-09] (ESET, spol. s r.o. -> ESET)ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File==================== Codecs (Whitelisted) ====================(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\SysWOW64\prodad-codec.dll [506392 2016-04-28] (proDAD GmbH -> proDAD GmbH)==================== Shortcuts & WMI ============================================ Loaded Modules (Whitelisted) =============2016-07-20 20:18 - 2016-07-20 20:18 - 000105984 _____ (Compal Inc.) [File not signed] C:\Program Files\Dell\QuickSet\QSWMIMngr.dll2020-12-01 00:14 - 2020-12-01 00:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll==================== Alternate Data Streams (Whitelisted) ============================ Safe Mode (Whitelisted) ==================(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"==================== Association (Whitelisted) =====================================
Internet Explorer (Whitelisted) ==========HKU\S-1-5-21-3283282212-450907972-3644279267-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTEHKU\S-1-5-21-3283282212-450907972-3644279267-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTEBHO:
Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)==================== Hosts content: =========================(If needed Hosts: directive could be included in the fixlist to reset Hosts.)2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts2018-05-09 22:57 - 2018-09-02 12:23 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics==================== Other Areas ===========================(Currently there is no automatic fix for this section.)HKU\S-1-5-21-3283282212-450907972-3644279267-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpgDNS Servers: Media is not connected to internet.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )Windows Firewall is enabled.==================== MSCONFIG/TASK MANAGER disabled items ====================== FirewallRules (Whitelisted) ================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)FirewallRules: [{B57E7D08-B4EE-47FC-BEC4-3267B584A0D4}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe (Rockstar Games, Inc. -> Rockstar Games)FirewallRules: [{F3064DA3-B6D5-49F6-9BB8-7A48DF5C8581}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe (Rockstar Games, Inc. -> Rockstar Games)FirewallRules: [UDP Query User{7A97B6E9-E757-4A90-BC07-268F4970D90E}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe (Rockstar Games, Inc. -> Rockstar Games)FirewallRules: [TCP Query User{AE95FF20-55C0-4202-BBB1-26C03F116C85}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe (Rockstar Games, Inc. -> Rockstar Games)FirewallRules: [{8BA6C487-2386-4F74-B5D4-97F1BB055424}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe => No FileFirewallRules: [{37834010-F225-403F-BD00-60FECB80464F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe => No FileFirewallRules: [{1F57C3CF-69C3-44C0-A087-9295FB734A7A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)FirewallRules: [{BB61F262-F0AD-4BC7-AA36-338CA5F5E274}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)FirewallRules: [{182A99B6-E9FE-476C-842F-D3FFEE4D2640}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe (Sony DADC Austria AG) [File not signed]FirewallRules: [{4AE6D76B-4FE4-438F-8206-82CA364FBF2C}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe (Sony DADC Austria AG) [File not signed]FirewallRules: [{35F49ED6-6D63-441F-8C26-5216704D3BF8}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)FirewallRules: [{50CB9A19-9DC5-4E23-A31A-A27D90D318DC}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)FirewallRules: [{8E5E76B3-0E30-41B1-90A5-746C3E609491}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman Absolution\HMA.exe (Valve Corp. -> ) [File not signed]FirewallRules: [{18A3CB95-DC21-402C-BBE0-B6875860FEEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman Absolution\HMA.exe (Valve Corp. -> ) [File not signed]FirewallRules: [{B2A06705-363C-4B70-89E8-D0AC7AF74878}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)FirewallRules: [{0773131E-109D-4A47-A8AC-1184F0218951}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)FirewallRules: [{3BBF56B3-6378-4DF6-A19A-F93E9FE9A6A4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)FirewallRules: [{450A2DB7-A96E-4153-B7CA-8E842146F590}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)FirewallRules: [{903A7375-C1E3-409F-9616-3620C53C3EFD}] => (Allow) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink Corp. -> CyberLink Corp.)FirewallRules: [{B0DDAA5A-DCC1-4883-8374-1D049A5DD9A6}] => (Allow) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)FirewallRules: [{D36AD094-9C53-4F69-8AA0-9098758CCD78}] => (Allow) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)FirewallRules: [{10DD2083-2753-49C0-8C94-FB0CC149FDC5}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)FirewallRules: [{E8109645-7C9A-4CC9-B19C-29159E6EE4D0}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)FirewallRules: [{E839D036-60F9-48F6-BB5D-535429D01C6C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)FirewallRules: [{0BCB32C7-17D3-41DB-ABCD-BE79A4B2B987}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)FirewallRules: [{0CA3D6AC-D08D-431D-8B3D-E75B6D57D772}] => (Allow) C:\Program Files (x86)\Opera\opera.exe (Opera Software ASA -> Opera Software)FirewallRules: [{54909B28-E7EA-4438-9E2D-92CE1C14762C}] => (Allow) C:\Program Files (x86)\Opera\opera.exe (Opera Software ASA -> Opera Software)FirewallRules: [TCP Query User{2D2B4F29-779E-4552-BBC6-99F43277B6BC}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)FirewallRules: [UDP Query User{6E2AACCE-863F-4962-B9B3-42F03EB51EC7}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)FirewallRules: [{C788AD34-DDC0-42EB-B8C2-3D8C80BF9D92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)FirewallRules: [{132ED358-5D9D-47AC-B1CF-A5DD626E40D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)FirewallRules: [{B9A9060A-6348-4810-8576-FB065357C0C8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)FirewallRules: [{5EDF23BF-5A21-4977-8DAD-EFEE021BC70D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)FirewallRules: [{D5B93448-C3A8-4EC9-86BB-ABDF16B15D2E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)FirewallRules: [{4F17485A-93C2-4597-9DBA-796C762A893F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)FirewallRules: [{65912C79-F190-4B2B-9706-636F3419ECD4}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)==================== Restore Points =========================12-11-2021 15:57:38 Windows Modules Installer==================== Faulty Device Manager Devices ================================ Event log errors: ========================Application errors:==================Error: (12/11/2021 02:17:29 PM) (Source: TrueColorALS) (EventID: 4) (User: )Description: Event-ID 4Error: (12/11/2021 02:17:29 PM) (Source: TrueColorALS) (EventID: 4) (User: )Description: Event-ID 4Error: (12/11/2021 02:17:29 PM) (Source: TrueColorALS) (EventID: 4) (User: )Description: Event-ID 4Error: (12/11/2021 02:17:29 PM) (Source: TrueColorALS) (EventID: 4) (User: )Description: Event-ID 4Error: (12/11/2021 02:17:29 PM) (Source: TrueColorALS) (EventID: 4) (User: )Description: Event-ID 4Error: (12/11/2021 02:17:29 PM) (Source: TrueColorALS) (EventID: 4) (User: )Description: Event-ID 4Error: (12/11/2021 02:17:29 PM) (Source: TrueColorALS) (EventID: 4) (User: )Description: Event-ID 4Error: (12/11/2021 02:17:29 PM) (Source: TrueColorALS) (EventID: 4) (User: )Description: Event-ID 4System errors:=============Error: (12/11/2021 01:46:34 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.Error: (12/11/2021 11:18:38 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-731TIO5)Description: The server microsoft.windowscommunicationsapps_16005.14326.20436.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.Error: (12/11/2021 10:05:07 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-731TIO5)Description: The server Microsoft.Windows.Photos_2021.21070.22007.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca did not register with DCOM within the required timeout.Error: (12/11/2021 05:37:50 AM) (Source: Service Control Manager) (EventID: 7022) (User: )Description: The Intel® Management and Security Application Local Management Service service hung on starting.Error: (12/11/2021 05:35:07 AM) (Source: Service Control Manager) (EventID: 7022) (User: )Description: The Dell Client Management Service service hung on starting.Error: (12/11/2021 05:26:01 AM) (Source: EventLog) (EventID: 6008) (User: )Description: The previous system shutdown at 7:33:39 PM on 12/10/2021 was unexpected.Error: (12/10/2021 12:08:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Windows Search service failed to start due to the following error:The service did not respond to the start or control request in a timely fashion.Error: (12/10/2021 12:08:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (60000 milliseconds) while waiting for the Windows Search service to connect.Windows Defender:================Date: 2020-12-13 23:48:27Description:Microsoft Defender Antivirus scan has been stopped before completion.Scan Type: AntimalwareScan Parameters: Quick ScanDate: 2020-12-13 20:33:18Description:Microsoft Defender Antivirus scan has been stopped before completion.Scan Type: AntimalwareScan Parameters: Quick ScanDate: 2020-11-28 06:59:53Description:Microsoft Defender Antivirus scan has been stopped before completion.Scan Type: AntimalwareScan Parameters: Quick ScanDate: 2020-11-27 23:56:03Description:Microsoft Defender Antivirus scan has been stopped before completion.Scan Type: AntimalwareScan Parameters: Quick ScanDate: 2020-11-27 23:43:29Description:Microsoft Defender Antivirus scan has been stopped before completion.Scan Type: AntimalwareScan Parameters: Quick ScanEvent[0]:Date: 2020-12-13 14:39:39Description:Microsoft Defender Antivirus has encountered an error trying to update security intelligence.New security intelligence Version:Previous security intelligence Version: 1.327.1650.0Update Source: Microsoft Malware Protection CenterSecurity intelligence Type: AntiVirusUpdate Type: FullCurrent Engine Version:Previous Engine Version: 1.1.17600.5Error code: 0x80072ee7Error description: The server name or address could not be resolvedDate: 2020-12-13 14:39:39Description:Microsoft Defender Antivirus has encountered an error trying to update security intelligence.New security intelligence Version:Previous security intelligence Version: 1.327.1650.0Update Source: Microsoft Malware Protection CenterSecurity intelligence Type: AntiSpywareUpdate Type: FullCurrent Engine Version:Previous Engine Version: 1.1.17600.5Error code: 0x80072ee7Error description: The server name or address could not be resolvedDate: 2020-12-13 14:39:39Description:Microsoft Defender Antivirus has encountered an error trying to update security intelligence.New security intelligence Version:Previous security intelligence Version: 1.327.1650.0Update Source: Microsoft Malware Protection CenterSecurity intelligence Type: AntiVirusUpdate Type: FullCurrent Engine Version:Previous Engine Version: 1.1.17600.5Error code: 0x80072ee7Error description: The server name or address could not be resolvedDate: 2020-12-13 14:39:39Description:Microsoft Defender Antivirus has encountered an error trying to update security intelligence.New security intelligence Version:Previous security intelligence Version: 1.327.1650.0Update Source: Microsoft Malware Protection CenterSecurity intelligence Type: AntiVirusUpdate Type: FullCurrent Engine Version:Previous Engine Version: 1.1.17600.5Error code: 0x80072ee7Error description: The server name or address could not be resolvedDate: 2020-12-13 14:39:39Description:Microsoft Defender Antivirus has encountered an error trying to update security intelligence.New security intelligence Version:Previous security intelligence Version: 1.327.1650.0Update Source: Microsoft Malware Protection CenterSecurity intelligence Type: AntiSpywareUpdate Type: FullCurrent Engine Version:Previous Engine Version: 1.1.17600.5Error code: 0x80072ee7Error description: The server name or address could not be resolvedCodeIntegrity:===============Date: 2021-12-11 05:29:47Description:Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.Date: 2021-12-11 05:29:47Description:Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.Date: 2021-12-11 05:28:17Description:Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll that did not meet the Custom 3 /
AntiMalware signing level requirements.==================== Memory info ===========================BIOS: Dell Inc. 1.3.1 10/05/2020Motherboard: Dell Inc. 0KV9X5Processor: Intel® Core™ i3-7100U CPU @ 2.40GHzPercentage of memory in use: 57%Total physical RAM: 8090.59 MBAvailable physical RAM: 3435.3 MBTotal Virtual: 14234.59 MBAvailable Virtual: 8191.63 MB==================== Drives ================================Drive c: (OS) (Fixed) (Total:506.72 GB) (Free:355.37 GB) NTFSDrive d: (GTA_SAN_ANDREAS) (CDROM) (Total:3.93 GB) (Free:0 GB) UDFDrive e: (New Volume) (Fixed) (Total:311.52 GB) (Free:311.42 GB) NTFSDrive g: (New Volume) (Fixed) (Total:98.63 GB) (Free:98.54 GB) NTFS\\?\Volume{2b68aeca-06a9-47fb-82eb-9f9f696cea6f}\ () (Fixed) (Total:0.81 GB) (Free:0.29 GB) NTFS\\?\Volume{4723c7fb-47e1-42fc-974f-a62afee64d2a}\ (Image) (Fixed) (Total:12.13 GB) (Free:0.54 GB) NTFS\\?\Volume{1fe90b0b-8471-4bda-94f2-40ea550e42d6}\ (DELLSUPPORT) (Fixed) (Total:1.08 GB) (Free:0.49 GB) NTFS\\?\Volume{a4674ea4-5127-410e-9751-a6579e9e00a2}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.42 GB) FAT32==================== MBR & Partition Table ==============================================================================Disk: 0 (Size: 931.5 GB) (Disk ID: 269D245A)Partition: GPT.==================== End of Addition.txt =======================[/spoiler