Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    Malware dev lures child exploiters into honeytrap to extort them

Featured Deal: Get work organized with $230 off Microsoft Project Professional 2021

Latest Buyer's Guide:    How to setup a VPN on your router: Detailed walkthrough

Generic User Avatar

Strange Behavior, Nonresponsive, Random Inputs, and more...

Started by strottart , Apr 19 2024 08:05 PM

  • This topic is locked This topic is locked
1 reply to this topic

#1 strottart

strottart

  • Avatar image
  • Members
  • 21 posts
  • OFFLINE
    •  
  • Local time:06:24 AM

Posted 19 April 2024 - 08:05 PM

I have been battling an ongoing issue with Windows for 3 weeks now (you can read that post here)
Sporadically, my mouse will remain active, but I cannot click on anything (unless I hit CTRL + ALT + DEL)
Keyboard also sometimes behaves strangely, not typing in boxes, or keyboard shortcuts repeating themselves or coming at a delay, switching out accessories has no effect.
Other issues include my browser tabs/Photoshop/Illustrator closing while I am working on them.
Instead of scrolling like normal, the mouse scroll wheel will instead zoom in or out.
If I hit CTRL + ALT + DEL and click on Task Manager (the only thing I can click on) the problem will go away for a little while.

I performed MANY malware scans over the last few days. On 4/16 Windows Defender picked up and removed malware that are in the attached images.
I have done many scans since, as well as doing a clean re-install of windows, and 24 hour stress test to all my hardware, of which nothing was discovered and everything was operating as normal but the problem still persists.

Here are my results from FRST, thank you for your support:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2024 01
Ran by strot (administrator) on DESKTOP-5BUDU1O (ASUS System Product Name) (19-04-2024 20:53:35)
Running from C:\Users\strot\Downloads\FRST64.exe
Loaded Profiles: strot
Platform: Microsoft Windows 11 Home Version 23H2 22631.2861 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Crash Processor.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Creative Cloud UI Helper.exe <4>
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> com.logitech) C:\ProgramData\Logishrd\LogiOptionsPlus\logi_ai_prompt_builder\LogiAiPromptBuilder.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.51\msedgewebview2.exe <13>
(Discord Inc. -> Discord Inc.) C:\Users\strot\AppData\Local\Discord\app-1.0.9040\Discord.exe <6>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <31>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(explorer.exe ->) (Veeam Software Group GmbH -> Veeam Software Group GmbH) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Tray.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_dfe0347ef8af4743\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Veeam Software Group GmbH -> Veeam Software Group GmbH) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_2.622.3232.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM\...\Run: [Veeam.EndPoint.Tray.exe] => C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Tray.exe [931488 2023-11-22] (Veeam Software Group GmbH -> Veeam Software Group GmbH)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1131488 2024-04-19] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2024-04-19] (Adobe Inc. -> )
HKU\S-1-5-21-930256209-3759145529-792892756-1001\...\Run: [MicrosoftEdgeAutoLaunch_435E2056D65E59C066A5244CE53EB644] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4082112 2024-04-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-930256209-3759145529-792892756-1001\...\Run: [Discord] => C:\Users\strot\AppData\Local\Discord\Update.exe [1526504 2024-04-16] (Discord Inc. -> GitHub)
HKU\S-1-5-21-930256209-3759145529-792892756-1001\...\Run: [ScreenRec] => C:\Users\strot\AppData\Local\StreamingVideoProvider\ScreenRec_app\screenrec.exe (No File)
HKU\S-1-5-21-930256209-3759145529-792892756-1001\...\RunOnce: [Uninstall logs\Common] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\strot\AppData\Local\Microsoft\OneDrive\logs\Common" [0 2024-04-19] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-930256209-3759145529-792892756-1001\...\RunOnce: [Uninstall 24.062.0326.0002] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\strot\AppData\Local\Microsoft\OneDrive\24.062.0326.0002" [0 2024-04-19] () <==== ATTENTION [zero byte File/Folder]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\124.0.6367.61\Installer\chrmstp.exe [2024-04-19] (Google LLC -> Google LLC)
 
==================== Scheduled Tasks (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {730CB03A-86E4-4C72-BB39-5849974284F4} - System32\Tasks\GoogleUpdateTaskMachineCore{8FD8B10D-7A5A-4F04-A150-D762565A6A47} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-04-19] (Google LLC -> Google LLC)
Task: {2B0094CD-9426-4886-95B3-A7E4B69A0E40} - System32\Tasks\GoogleUpdateTaskMachineUA{3DF253C7-4676-40EA-B828-7EF02811D7C8} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-04-19] (Google LLC -> Google LLC)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (No File)
Task: {AF2D3EC2-43B4-4706-8A63-4F28998C0EA7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0ECC9DE0-C5A1-4582-AAEB-428B6C2DD441} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BAFBE4AF-F8C4-4951-A02A-A73625A6CDD0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {61524CF7-E2BA-456E-8A78-1DEF585E4CAD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-19] (Microsoft Windows Publisher -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{704003b3-45ca-4d1c-a2ad-61fca50bc6ba}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{704003b3-45ca-4d1c-a2ad-61fca50bc6ba}: [DhcpDomain] lan
 
Edge: 
=======
Edge Profile: C:\Users\strot\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-19]
Edge Extension: (Google Docs Offline) - C:\Users\strot\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-19]
Edge Extension: (Edge relevant text changes) - C:\Users\strot\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-04-19]
 
FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2024-04-19] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2024-04-19] (Adobe Inc. -> Adobe Systems)
 
Chrome: 
=======
CHR Profile: C:\Users\strot\AppData\Local\Google\Chrome\User Data\Default [2024-04-19]
CHR StartupUrls: Default -> "hxxp://www.reddit.com/r/news","hxxp://www.silive.com/#/0","hxxps://news.google.com/?authuser=1","hxxp://www.nydailynews.com/","hxxp://www.nytimes.com/"
CHR Extension: (PocketTube: Youtube PlayList Manager) - C:\Users\strot\AppData\Local\Google\Chrome\User Data\Default\Extensions\bplnofkhjdphoihfkfcddikgmecfehdd [2024-04-19]
CHR Extension: (Stylus) - C:\Users\strot\AppData\Local\Google\Chrome\User Data\Default\Extensions\clngdbkpkpeebahjckkjfobafhncgmne [2024-04-19]
CHR Extension: (Google Docs Offline) - C:\Users\strot\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-19]
CHR Extension: (Muzli - Design inspiration hub) - C:\Users\strot\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcipcfhmopcgidicgdociohdoicpdfc [2024-04-19]
CHR Extension: (Save to Pinterest) - C:\Users\strot\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2024-04-19]
CHR Extension: (Google Keep - Notes and Lists) - C:\Users\strot\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2024-04-19]
CHR Extension: (YouTube Sort Subscriptions) - C:\Users\strot\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefhgledaaogappbeeabcapnhbdajkec [2024-04-19]
CHR Extension: (SteamDB) - C:\Users\strot\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdbmhfkmnlmbkgbabkdealhhbfhlmmon [2024-04-19]
CHR Extension: (PocketTube: Youtube Subscription Manager) - C:\Users\strot\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmnjgijlmjgmimahnillepgcgeemffb [2024-04-19]
CHR Extension: (Forest: stay focused, be present) - C:\Users\strot\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjacjjdnoddnpbbcjilcajfhhbdhkpgk [2024-04-19]
CHR Extension: (Auto Scroll Down) - C:\Users\strot\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnagemjinihjlbhmohaaacdflafjdkmm [2024-04-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\strot\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-04-19]
CHR Extension: (WebP / Avif image converter) - C:\Users\strot\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcfbdlbkdfobidmdoondbgdfpjolhci [2024-04-19]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944096 2024-04-19] (Adobe Inc. -> Adobe Inc.)
S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [842128 2024-04-19] (ASUSTeK Computer Inc. -> )
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8887264 2024-04-19] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-04-19] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpDefenderCoreService.exe [1459968 2024-04-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [19145472 2024-04-19] (Logitech Inc -> Logitech, Inc.)
R2 VeeamEndpointBackupSvc; C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe [143520 2023-11-22] (Veeam Software Group GmbH -> Veeam Software Group GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-04-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-04-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_dfe0347ef8af4743\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_dfe0347ef8af4743\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-04-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2024-04-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl05b51cbe; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{85BE3178-12C6-4221-98F1-BF956456C351}\MpKslDrv.sys [301336 2024-04-19] (Microsoft Windows -> Microsoft Corporation)
R3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
R3 sshid; C:\Windows\System32\drivers\sshid.sys [48800 2022-02-24] (SteelSeries ApS -> SteelSeries ApS)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20936 2024-04-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [601376 2024-04-19] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-19] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2024-04-19 21:59 - 2024-04-19 22:00 - 000000000 ____D C:\Windows\Microsoft Antimalware
2024-04-19 20:53 - 2024-04-19 20:53 - 000018108 _____ C:\Users\strot\Downloads\FRST.txt
2024-04-19 20:46 - 2024-04-19 20:53 - 000000000 ____D C:\FRST
2024-04-19 20:46 - 2024-04-19 20:46 - 002394112 _____ (Farbar) C:\Users\strot\Downloads\FRST64.exe
2024-04-19 20:42 - 2024-04-19 20:42 - 002092544 _____ (Farbar) C:\Users\strot\Downloads\FRST.exe
2024-04-19 19:35 - 2024-04-19 20:42 - 000000000 ____D C:\Users\strot\AppData\Local\Malwarebytes
2024-04-19 19:35 - 2024-04-19 19:35 - 000002100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-04-19 19:35 - 2024-04-19 19:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-04-19 19:35 - 2024-04-19 19:35 - 000000000 ____D C:\Program Files\Malwarebytes
2024-04-19 19:33 - 2024-04-19 19:34 - 002589624 _____ (Malwarebytes) C:\Users\strot\Downloads\MBSetup.exe
2024-04-19 19:33 - 2024-04-19 19:33 - 008790880 _____ (Malwarebytes) C:\Users\strot\Downloads\adwcleaner.exe
2024-04-19 19:14 - 2024-04-19 19:24 - 000000000 ____D C:\Users\strot\AppData\Roaming\logioptionsplus
2024-04-19 19:14 - 2024-04-19 19:24 - 000000000 ____D C:\Users\strot\AppData\Local\LogiOptionsPlus
2024-04-19 19:14 - 2024-04-19 19:14 - 000000000 ____D C:\Users\strot\AppData\Roaming\com.logitech
2024-04-19 19:14 - 2024-04-19 19:14 - 000000000 ____D C:\Users\strot\AppData\Local\flutter_webview_windows
2024-04-19 19:14 - 2024-04-19 19:14 - 000000000 ____D C:\Users\strot\ai_overlay_tmp
2024-04-19 19:14 - 2024-04-19 19:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-04-19 19:14 - 2024-04-19 19:14 - 000000000 ____D C:\Program Files\LogiOptionsPlus
2024-04-19 19:12 - 2024-04-19 19:14 - 000000000 ____D C:\ProgramData\Logishrd
2024-04-19 19:12 - 2024-04-19 19:14 - 000000000 ____D C:\ProgramData\LogiOptionsPlus
2024-04-19 19:12 - 2024-04-19 19:12 - 030827776 _____ (Logitech, Inc.) C:\Users\strot\Downloads\logioptionsplus_installer.exe
2024-04-19 16:37 - 2024-04-19 16:37 - 000000000 ____D C:\Users\strot\AppData\Local\Backup
2024-04-19 16:10 - 2024-04-19 16:10 - 000000000 ____D C:\Users\strot\AppData\Local\LogMeIn Rescue Applet
2024-04-19 16:10 - 2024-04-19 16:10 - 000000000 ____D C:\Program Files (x86)\LogMeIn Rescue Applet
2024-04-19 16:08 - 2024-04-19 16:08 - 000000000 ____D C:\Users\strot\AppData\Roaming\Veeam_Software_Group_GmbH
2024-04-19 16:07 - 2024-04-19 16:07 - 000000000 ____D C:\Users\strot\AppData\Local\Veeam
2024-04-19 16:07 - 2024-04-19 16:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Veeam
2024-04-19 16:07 - 2024-04-19 16:07 - 000000000 ____D C:\Program Files\Veeam
2024-04-19 16:07 - 2024-04-19 16:07 - 000000000 ____D C:\Program Files\Common Files\Veeam
2024-04-19 16:06 - 2024-04-19 18:02 - 000000000 ____D C:\ProgramData\Veeam
2024-04-19 16:05 - 2024-04-19 16:05 - 154231883 _____ C:\Users\strot\Downloads\VeeamAgentWindows_6.1.0.349.zip
2024-04-19 15:52 - 2024-04-19 14:57 - 000000000 ____D C:\Windows\Panther
2024-04-19 15:51 - 2024-04-19 15:51 - 000000000 ____D C:\Windows.old.000
2024-04-19 15:02 - 2024-04-19 18:07 - 000804932 _____ C:\Windows\system32\PerfStringBackup.INI
2024-04-19 14:58 - 2024-04-19 16:28 - 000000000 ____D C:\ProgramData\Packages
2024-04-19 14:53 - 2024-04-19 19:00 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-04-19 14:53 - 2024-04-19 18:13 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-04-19 14:53 - 2024-04-19 18:02 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-04-19 14:53 - 2024-04-19 15:03 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-04-19 14:53 - 2024-04-19 14:53 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2024-04-19 14:53 - 2024-04-19 14:53 - 000000000 ____D C:\Windows\system32\config\BFS
2024-04-19 14:53 - 2024-04-19 14:53 - 000000000 ____D C:\Windows\ServiceProfiles
2024-04-19 14:53 - 2024-04-19 13:09 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-04-19 14:53 - 2024-04-19 13:09 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-04-19 14:53 - 2024-04-19 12:21 - 000000000 ____D C:\ProgramData\ASUS
2024-04-19 14:52 - 2024-04-19 18:02 - 000880672 _____ C:\Windows\system32\wpbbin.exe
2024-04-19 14:52 - 2024-04-19 18:02 - 000842128 _____ C:\Windows\system32\AsusUpdateCheck.exe
2024-04-19 14:52 - 2024-04-19 14:53 - 000295328 _____ C:\Windows\system32\FNTCACHE.DAT
2024-04-19 14:50 - 2024-04-19 19:24 - 000000000 ____D C:\Users\strot\AppData\Local\StreamingVideoProvider
2024-04-19 14:47 - 2024-04-19 15:06 - 000000000 ____D C:\Users\strot\OneDrive\Documents\FONTS_deletewhendone
2024-04-19 14:22 - 2024-04-19 14:22 - 000000000 ____D C:\Users\strot\AppData\Local\NVIDIA
2024-04-19 14:17 - 2024-04-19 14:17 - 000000000 ____D C:\Users\strot\AppData\Local\OneDrive
2024-04-19 14:14 - 2024-04-19 14:14 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2024.lnk
2024-04-19 14:13 - 2024-04-19 14:13 - 000000000 ____D C:\Users\strot\AppData\Local\CEF
2024-04-19 14:11 - 2024-04-19 14:19 - 000000000 ____D C:\Users\strot\AppData\LocalLow\Adobe
2024-04-19 14:11 - 2024-04-19 14:14 - 000000000 ____D C:\Program Files\Common Files\Adobe
2024-04-19 14:11 - 2024-04-19 14:13 - 000000000 ____D C:\Program Files\Adobe
2024-04-19 14:11 - 2024-04-19 14:12 - 000000000 ____D C:\ProgramData\Adobe
2024-04-19 14:11 - 2024-04-19 14:12 - 000000000 ____D C:\Program Files (x86)\Adobe
2024-04-19 14:11 - 2024-04-19 14:11 - 000001389 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2024-04-19 14:11 - 2024-04-19 14:11 - 000000000 ____D C:\ProgramData\Package Cache
2024-04-19 14:08 - 2024-04-19 20:01 - 000000000 ____D C:\Users\strot\AppData\Local\Discord
2024-04-19 14:08 - 2024-04-19 14:18 - 000000000 ____D C:\Users\strot\AppData\Roaming\com.adobe.dunamis
2024-04-19 14:08 - 2024-04-19 14:13 - 000000000 ____D C:\Users\strot\AppData\Local\Adobe
2024-04-19 14:06 - 2024-04-19 19:02 - 000000000 ____D C:\Users\strot\AppData\Roaming\discord
2024-04-19 14:06 - 2024-04-19 14:09 - 000002242 _____ C:\Users\strot\OneDrive\Desktop\Discord.lnk
2024-04-19 14:06 - 2024-04-19 14:09 - 000000000 ____D C:\Users\strot\AppData\Local\SquirrelTemp
2024-04-19 14:06 - 2024-04-19 14:08 - 000000000 ____D C:\Users\strot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2024-04-19 14:06 - 2024-04-19 14:06 - 000000000 ____D C:\Users\strot\AppData\Roaming\NVIDIA
2024-04-19 14:06 - 2024-04-19 14:06 - 000000000 ____D C:\ProgramData\strot
2024-04-19 13:14 - 2024-04-19 13:14 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2024-04-19 13:13 - 2024-04-19 13:14 - 000000000 ___HD C:\$WinREAgent
2024-04-19 12:56 - 2024-04-19 12:56 - 000000000 ____D C:\Windows\system32\MRT
2024-04-19 12:54 - 2024-04-19 12:54 - 000000000 ____D C:\Windows\system32\SteelSeries
2024-04-19 12:54 - 2024-04-19 12:54 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2024-04-19 12:54 - 2023-08-14 12:13 - 005182888 _____ (Intel Corporation) C:\Windows\system32\Drivers\Netwtw10.sys
2024-04-19 12:54 - 2023-08-14 12:13 - 001475496 _____ (Intel Corporation) C:\Windows\system32\IntelIHVRouter10.dll
2024-04-19 12:52 - 2024-04-19 12:52 - 000000000 ____D C:\Users\strot\AppData\Roaming\Microsoft\MMC
2024-04-19 12:39 - 2024-04-19 12:39 - 000000000 ____D C:\Users\strot\AppData\Local\Comms
2024-04-19 12:23 - 2024-04-19 12:23 - 000000000 ____D C:\Users\strot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2024-04-19 12:22 - 2024-04-19 20:27 - 000000000 ____D C:\Program Files (x86)\Google
2024-04-19 12:22 - 2024-04-19 12:22 - 000003790 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{3DF253C7-4676-40EA-B828-7EF02811D7C8}
2024-04-19 12:22 - 2024-04-19 12:22 - 000003666 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{8FD8B10D-7A5A-4F04-A150-D762565A6A47}
2024-04-19 12:22 - 2024-04-19 12:22 - 000002326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-04-19 12:22 - 2024-04-19 12:22 - 000000000 ____D C:\Users\strot\AppData\Local\Google
2024-04-19 12:22 - 2024-04-19 12:22 - 000000000 ____D C:\Program Files\Google
2024-04-19 12:21 - 2024-04-19 12:23 - 000000000 ____D C:\Program Files (x86)\ASUS
2024-04-19 12:21 - 2024-04-19 12:21 - 001189784 _____ (ASUSTeK Computer Inc.) C:\Windows\system32\AsusDownloadAgent.exe
2024-04-19 12:21 - 2024-04-19 12:21 - 000378376 _____ C:\Windows\system32\syncas.dll
2024-04-19 12:20 - 2024-04-19 12:20 - 000000000 ____D C:\Users\strot\AppData\Local\VirtualStore
2024-04-19 12:15 - 2024-04-19 14:24 - 000000000 ___RD C:\Users\strot\OneDrive
2024-04-19 12:15 - 2024-04-19 14:24 - 000000000 ____D C:\Users\strot\OneDrive\Documents\Photoshop
2024-04-19 12:15 - 2024-04-19 14:18 - 000000000 ____D C:\Users\strot\OneDrive\Documents\PCSX2
2024-04-19 12:15 - 2024-04-19 12:15 - 000000000 ____D C:\Users\strot\OneDrive\Documents\Rainmeter
2024-04-19 12:15 - 2024-04-19 12:15 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2024-04-19 12:14 - 2024-04-19 19:00 - 000000000 ____D C:\Users\strot\AppData\Local\D3DSCache
2024-04-19 12:14 - 2024-04-19 12:14 - 000000000 ____D C:\Users\strot\AppData\Local\Publishers
2024-04-19 12:13 - 2024-04-19 17:35 - 000000000 ____D C:\Users\strot\AppData\Local\Packages
2024-04-19 12:13 - 2024-04-19 14:19 - 000000000 ____D C:\Users\strot\AppData\Roaming\Adobe
2024-04-19 12:13 - 2024-04-19 12:15 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-04-19 12:12 - 2024-04-19 12:27 - 000000000 ____D C:\Users\strot\AppData\Local\ConnectedDevicesPlatform
2024-04-19 12:12 - 2024-04-19 12:12 - 000000000 ___SD C:\Users\strot\AppData\Roaming\Microsoft\Crypto
2024-04-19 12:12 - 2024-04-19 12:12 - 000000000 ____D C:\Users\strot\AppData\Roaming\Microsoft\Vault
2024-04-19 12:08 - 2024-04-19 19:35 - 000000000 ____D C:\Users\strot\AppData\Local\PlaceholderTileLogoFolder
2024-04-19 12:08 - 2024-04-19 12:08 - 000000000 ___SD C:\Users\strot\AppData\Roaming\Microsoft\SystemCertificates
2024-04-19 12:08 - 2024-04-19 12:08 - 000000000 ____D C:\Users\strot\AppData\Roaming\Microsoft\Network
2024-04-19 12:07 - 2024-04-19 19:14 - 000000000 ____D C:\Users\strot
2024-04-19 12:07 - 2024-04-19 12:18 - 000000000 ____D C:\Users\strot\AppData\Roaming\Microsoft\Spelling
2024-04-19 12:07 - 2024-04-19 12:14 - 000000000 ____D C:\Users\strot\AppData\Roaming\Microsoft\Windows
2024-04-19 12:07 - 2024-04-19 12:07 - 000000020 ___SH C:\Users\strot\ntuser.ini
2024-04-19 12:07 - 2024-04-19 12:07 - 000000000 ___SD C:\Users\strot\AppData\Roaming\Microsoft\Protect
2024-04-19 12:07 - 2024-04-19 12:07 - 000000000 ___SD C:\Users\strot\AppData\Roaming\Microsoft\Credentials
2024-04-19 12:06 - 2024-04-19 18:02 - 000000000 ____D C:\ProgramData\NVIDIA
2024-04-19 12:06 - 2024-04-19 15:48 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-04-19 12:06 - 2024-04-19 12:06 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2024-04-19 12:06 - 2024-04-19 12:06 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-04-19 12:06 - 2020-11-30 11:50 - 001769688 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2024-04-19 12:06 - 2020-11-30 11:50 - 001769688 _____ C:\Windows\system32\vulkaninfo.exe
2024-04-19 12:06 - 2020-11-30 11:50 - 001370328 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-04-19 12:06 - 2020-11-30 11:50 - 001370328 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2024-04-19 12:06 - 2020-11-30 11:50 - 001054944 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2024-04-19 12:06 - 2020-11-30 11:50 - 001054944 _____ C:\Windows\system32\vulkan-1.dll
2024-04-19 12:06 - 2020-11-30 11:50 - 000917720 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2024-04-19 12:06 - 2020-11-30 11:50 - 000917720 _____ C:\Windows\SysWOW64\vulkan-1.dll
2024-04-19 12:06 - 2020-11-30 11:48 - 000674712 _____ C:\Windows\system32\nvofapi64.dll
2024-04-19 12:06 - 2020-11-30 11:48 - 000543128 _____ C:\Windows\SysWOW64\nvofapi.dll
2024-04-19 12:06 - 2020-11-30 11:47 - 002096880 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2024-04-19 12:06 - 2020-11-30 11:47 - 001585560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2024-04-19 12:06 - 2020-11-30 11:47 - 001507224 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2024-04-19 12:06 - 2020-11-30 11:47 - 001159920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2024-04-19 12:06 - 2020-11-30 11:47 - 001027992 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2024-04-19 12:06 - 2020-11-30 11:47 - 000816368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2024-04-19 12:06 - 2020-11-30 11:47 - 000813464 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2024-04-19 12:06 - 2020-11-30 11:47 - 000670616 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2024-04-19 12:06 - 2020-11-30 11:47 - 000656112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2024-04-19 12:06 - 2020-11-30 11:47 - 000590576 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2024-04-19 12:06 - 2020-11-30 11:47 - 000556440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2024-04-19 12:06 - 2020-11-30 11:47 - 000230720 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2024-04-19 12:06 - 2020-11-30 11:47 - 000047240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2024-04-19 12:06 - 2020-11-30 11:46 - 007706352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2024-04-19 12:06 - 2020-11-30 11:46 - 006860184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2024-04-19 12:06 - 2020-11-30 11:46 - 005519600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2024-04-19 12:06 - 2020-11-30 11:46 - 004175256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2024-04-19 12:06 - 2020-11-30 11:46 - 002508528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2024-04-19 12:06 - 2020-11-30 11:46 - 000445848 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2024-04-19 12:06 - 2020-11-30 11:45 - 007006712 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2024-04-19 12:06 - 2020-11-30 11:45 - 005978008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2024-04-19 12:06 - 2020-11-30 11:45 - 000849648 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2024-04-19 12:06 - 2020-11-30 11:27 - 000080930 _____ C:\Windows\system32\nvinfo.pb
2024-04-19 12:03 - 2024-04-19 12:21 - 000338272 _____ () C:\Windows\system32\AsusDownLoadLicense.exe
2024-04-18 21:52 - 2024-04-18 22:01 - 000000000 ____D C:\ESD
2024-04-18 21:50 - 2024-04-18 21:50 - 000000000 ___HD C:\$Windows.~WS
2024-04-16 16:15 - 2024-04-16 16:16 - 000000000 ____D C:\AdwCleaner
2024-04-12 15:39 - 2024-04-12 15:39 - 000000000 ____D C:\Users\strot\OneDrive\Documents\Misc
2024-04-07 15:37 - 2024-04-07 15:40 - 000000000 ____D C:\Windows.old
2024-04-05 22:43 - 2024-04-05 22:47 - 000000000 ____D C:\Users\strot\OneDrive\Documents\Prime
2024-04-05 18:58 - 2024-04-05 18:58 - 000148505 _____ C:\Users\strot\OneDrive\Documents\HWMonitorPRO.txt
2024-03-28 00:03 - 2024-04-17 15:13 - 000000000 ____D C:\Users\strot\OneDrive\Documents\Budget
2024-03-27 00:20 - 2024-03-27 00:20 - 000000000 ____D C:\Users\strot\OneDrive\Documents\X
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2024-04-19 20:42 - 2022-05-07 01:24 - 000000000 ____D C:\Windows\SystemTemp
2024-04-19 19:35 - 2022-05-07 01:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-04-19 19:35 - 2022-05-07 01:22 - 000000000 ____D C:\Windows\INF
2024-04-19 18:13 - 2022-05-07 01:24 - 000000000 ____D C:\Program Files\Windows Defender
2024-04-19 18:04 - 2022-05-07 01:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-04-19 18:02 - 2022-05-07 01:24 - 000000000 ____D C:\Windows\ServiceState
2024-04-19 18:02 - 2020-06-18 17:43 - 000012288 ___SH C:\DumpStack.log.tmp
2024-04-19 17:59 - 2022-05-07 01:17 - 000262144 _____ C:\Windows\system32\config\BBI
2024-04-19 16:34 - 2022-05-07 01:24 - 000000000 ____D C:\Windows\appcompat
2024-04-19 16:28 - 2022-05-07 01:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-04-19 16:28 - 2022-05-07 01:24 - 000000000 ____D C:\Windows\AppReadiness
2024-04-19 15:52 - 2022-05-07 01:24 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2024-04-19 15:21 - 2022-05-07 01:17 - 000000000 ____D C:\Windows\CbsTemp
2024-04-19 15:00 - 2022-05-07 01:24 - 000000000 ____D C:\Windows\system32\spool
2024-04-19 14:58 - 2022-05-07 01:24 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2024-04-19 14:55 - 2022-05-07 01:24 - 000000000 ____D C:\Windows\system32\AppLocker
2024-04-19 14:23 - 2021-02-23 20:29 - 000000000 ___HD C:\OneDriveTemp
2024-04-19 12:57 - 2022-05-07 01:17 - 000032768 _____ C:\Windows\system32\config\ELAM
2024-04-19 12:55 - 2022-05-07 01:24 - 000000000 ____D C:\Windows\system32\SecurityHealth
2024-04-19 12:52 - 2022-05-07 01:17 - 000000000 ____D C:\Windows\servicing
2024-04-19 12:39 - 2022-05-07 01:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-04-19 12:37 - 2022-05-07 01:24 - 000000000 ___RD C:\Windows\PrintDialog
2024-04-19 12:27 - 2022-05-07 01:24 - 000000000 ____D C:\Windows\system32\Drivers\DriverData
2024-04-19 12:13 - 2022-05-07 01:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-04-16 15:41 - 2023-05-04 13:56 - 000000000 ____D C:\Users\strot\OneDrive\Documents\Data, Old Files, Etc
2024-04-12 13:39 - 2021-06-27 11:13 - 000000000 ____D C:\Users\strot\OneDrive\Documents\Adobe
2024-04-10 13:10 - 2021-09-30 10:24 - 000000000 ____D C:\Users\strot\OneDrive\Documents\Medical
2024-04-09 22:13 - 2021-10-25 17:53 - 000000000 ____D C:\Users\strot\OneDrive\Documents\Portfolio
2024-04-09 17:46 - 2023-11-04 00:03 - 000000000 ____D C:\Users\strot\OneDrive\Documents\Projects
2024-04-01 09:55 - 2022-11-14 03:07 - 000000000 ____D C:\Users\strot\OneDrive\Documents\DuckStation
2024-03-25 13:58 - 2021-08-30 09:02 - 000000000 ____D C:\Users\strot\OneDrive\Documents\Tax
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.04.2024 01
Ran by strot (19-04-2024 20:54:12)
Running from C:\Users\strot\Downloads
Microsoft Windows 11 Home Version 23H2 22631.2861 (X64) (2024-04-19 18:58:09)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-930256209-3759145529-792892756-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-930256209-3759145529-792892756-503 - Limited - Disabled)
Guest (S-1-5-21-930256209-3759145529-792892756-501 - Limited - Disabled)
strot (S-1-5-21-930256209-3759145529-792892756-1001 - Administrator - Enabled) => C:\Users\strot
WDAGUtilityAccount (S-1-5-21-930256209-3759145529-792892756-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.1.0.587.7 - Adobe Inc.)
Adobe Illustrator 2024 (HKLM-x32\...\ILST_28_4_1) (Version: 28.4.1 - Adobe Inc.)
Discord (HKU\S-1-5-21-930256209-3759145529-792892756-1001\...\Discord) (Version: 1.0.9040 - Discord Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 124.0.6367.61 - Google LLC)
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.70.551909 - Logitech)
Malwarebytes version 5.1.3.110 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.3.110 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 124.0.2478.51 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 124.0.2478.51 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
NVIDIA Graphics Driver 457.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.51 - NVIDIA Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
Veeam Agent for Microsoft Windows (HKLM\...\{ABD0AE66-A804-4FCB-8969-CC0DF6ACA027}) (Version: 6.1.0.349 - Veeam Software Group GmbH)
 
Packages:
=========
 
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2024-04-19] (Adobe Systems Incorporated)
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.8.9.0_x64__qmba6cd70vzyy [2024-04-19] (ASUSTeK COMPUTER INC.)
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1200.442.0_x64__8wekyb3d8bbwe [2024-04-19] (Microsoft Corporation)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.1.28.0_x64__8wekyb3d8bbwe [2024-04-19] (Microsoft Corp.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2024-04-19] (Microsoft Studios) [MS Ad]
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-04-19] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.965.0_x64__56jybvy8sckqj [2024-04-19] (NVIDIA Corp.)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-04-19] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-930256209-3759145529-792892756-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-930256209-3759145529-792892756-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-19] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-19] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-19] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-19] (Adobe Inc. -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-04-19] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_dfe0347ef8af4743\nvshext.dll [2020-11-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-19] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-04-19] (Malwarebytes Inc. -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\strot\OneDrive\Documents\Games\ultimaithefirstageofdarkness\ultimaithefirstageofdarkness.bat - Shortcut.lnk -> C:\Users\strot\OneDrive\Documents\Games\ultimaithefirstageofdarkness\ultimaithefirstageofdarkness.bat ()
ShortcutWithArgument: C:\Users\strot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep - Notes and Lists.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
 
==================== Loaded Modules (Whitelisted) =============
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2022-05-07 01:24 - 2022-05-07 01:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-930256209-3759145529-792892756-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\strot\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\14983373544345433236\133580270341863469.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{EF9B6EE0-5601-46E9-AB2C-11EADBA8A257}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.51\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7749663D-1582-41E4-9126-0165FAA14BE4}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{473A22ED-9C1B-4588-B02C-B2E542BAF95C}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Recovery.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{7745E66B-1E23-4795-BDD0-3311A194B25A}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{EC0A3722-9A98-4D28-A0FB-C3A20FB2A338}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{557CA843-E26D-4C79-9741-24303936FF9E}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{E36FAF76-2F40-4A93-86B5-95E64C742C63}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{23016331-C85A-4F1F-88DA-8EEDE139512D}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{880C4B9D-63A9-4FAA-AEC8-CCB54BE4974B}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{9F70CAA0-FB64-44E6-9308-7B4F8EB73707}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{7BDC0324-A458-4C47-9010-F7056DF1D026}] => (Allow) C:\Program Files\LogiOptionsPlus\logivoice\logioptionsplus_logivoice => No File
 
==================== Restore Points =========================
 
19-04-2024 12:20:17 Windows Update
19-04-2024 15:03:16 Windows Modules Installer
 
==================== Faulty Device Manager Devices ============
 
Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: PCI Device
Description: PCI Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (04/19/2024 04:09:07 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-5BUDU1O)
Description: Faulting application name: explorer.exe, version: 10.0.22621.2792, time stamp: 0xfbda1990
Faulting module name: Taskbar.dll, version: 10.0.22621.2792, time stamp: 0x26f0389b
Exception code: 0xc0000005
Fault offset: 0x0000000000162e4b
Faulting process id: 0x0x30e4
Faulting application start time: 0x0x1da9285355eb390
Faulting application path: C:\Windows\explorer.exe
Faulting module path: C:\Windows\System32\Taskbar.dll
Report Id: 52601838-76fb-444f-a8b0-f8c7aed6631f
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/19/2024 02:12:58 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DESKTOP-5BUDU1O)
Description: Application or service 'Windows Explorer' could not be shut down.
 
Error: (04/19/2024 02:56:37 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Windows Defender status to SECURITY_PRODUCT_STATE_ON.
 
 
System errors:
=============
Error: (04/19/2024 06:18:18 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (04/19/2024 05:59:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5BUDU1O)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.
 
Error: (04/19/2024 05:59:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5BUDU1O)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.
 
Error: (04/19/2024 05:59:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5BUDU1O)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.
 
Error: (04/19/2024 05:59:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5BUDU1O)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.
 
Error: (04/19/2024 05:59:13 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5BUDU1O)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.
 
Error: (04/19/2024 05:59:13 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5BUDU1O)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.
 
Error: (04/19/2024 05:59:13 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5BUDU1O)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.
 
 
CodeIntegrity:
===============
Date: 2024-04-19 20:42:26
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. 
 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. 1621 10/12/2021
Motherboard: ASUSTeK COMPUTER INC. PRIME Z490-V
Processor: Intel® Core™ i7-10700K CPU @ 3.80GHz
Percentage of memory in use: 36%
Total physical RAM: 32667.17 MB
Available physical RAM: 20888.06 MB
Total Virtual: 37787.17 MB
Available Virtual: 22232.74 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:930.66 GB) (Free:142.95 GB) (Model: WDC WDS100T2B0C-00PXH0) NTFS
Drive d: () (Fixed) (Total:2048 GB) (Free:1464.23 GB) (Model: WD My Passport 2626 USB Device) NTFS
 
\\?\Volume{d79f1abc-8420-4fb9-bf3c-624f24048f67}\ () (Fixed) (Total:0.74 GB) (Free:0.08 GB) NTFS
\\?\Volume{2a5b6384-f3b4-4c06-8e63-a4d85231f51c}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A23D0CDA)
 
Partition: GPT.
 
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 3726 GB) (Disk ID: 38123232)
Partition 1: (Not Active) - (Size=2048 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt =======================

 

Attached Files


BC AdBot (Login to Remove)

 

#2 hamluis

hamluis

    Moderator


  • Avatar image
  • Moderator
  • 63,785 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:24 AM

Posted 19 April 2024 - 08:23 PM

Open MRL topic at https://www.bleepingcomputer.com/forums/t/796247/windows-10-behaving-very-strangely/ .

 

This topic initiated today is now closed pending completion of the open MRL topic.

 

Louis


BC Malware Forum

Back to Virus, Trojan, Spyware, and Malware Removal Help


2 user(s) are reading this topic

0 members, 2 guests, 0 anonymous users


  1. BleepingComputer Forums
  2. Security
  3. Virus, Trojan, Spyware, and Malware Removal Help
  4. Privacy Policy
  5. Rules ·