Laptop downloading data without reason

Collapse
X
Collapse
 
  • Page of 3
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 template Next
  • Data838
    PCHF Member
    • Nov 2021
    • 90
    #1

    Laptop downloading data without reason

    Hi, I’m seeing that my laptop has started downloading data by itself (lots of GB for no reason) and I suppose it could be a virus. I had a similar problem some time ago and you helped me a lot by writing a specific file to use with FRST tool. I was wondering if I could use the same file in order to solve the problem because it was written for this very laptop?
    If not, here are FRST scan results (I scanned my laptop with AdwCleaner and Malwarebytes but they didn’t find anything). I would be very grateful for your help

    Code:
    FRST.text

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-01-2023
Ran by acco5 (administrator) on LAPTOP-6ODOHNQP (ASUSTeK COMPUTER INC. ROG Strix G513IC_G513IC) (01-02-2023 05:19:32)
Running from C:\Users\acco5\Desktop
Loaded Profiles: acco5
Platform: Microsoft Windows 10 Home Version 21H2 19044.2486 (X64) Language: English (United Kingdom)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSACCI\ArmouryCrateControlInterface.exe ->) (ASUSTEK COMPUTER INCORPORATION → ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ACCIMonitor.exe
(ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSOptimization\AsusOSD.exe
(ASUSTEK COMPUTER INCORPORATION → ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK Computer Inc. → ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\Speedify\SpeedifyUI.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.70\msedgewebview2.exe <6>
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe ->) (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\DenoiseAIPlugin\ArmouryCrate.DenoiseAI.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. → Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\u0382793.inf_amd64_1c9c9d36a5813460\B384051\atiesrxx.exe ->) (Advanced Micro Devices Inc. → AMD) C:\Windows\System32\DriverStore\FileRepository\u0382793.inf_amd64_1c9c9d36a5813460\B384051\atieclxx.exe
(explorer.exe ->) () [File not signed] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
(explorer.exe ->) (Connectify (Connectify, Inc.) → Connectify) C:\Program Files (x86)\Speedify\SpeedifyUI.exe
(Mozilla Corporation → Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <77>
(services.exe ->) (Adobe Inc. → Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. → AMD) C:\Windows\System32\DriverStore\FileRepository\u0382793.inf_amd64_1c9c9d36a5813460\B384051\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. → ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkRemote\AsusLinkRemote.exe
(services.exe ->) (ASUSTeK Computer Inc. → ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. → ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. → ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ASUS MultiAntenna Service\AsusMultiAntennaSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe
(services.exe ->) (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. → ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkNear\AsusLinkNear.exe
(services.exe ->) (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTeK COMPUTER INC. → ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (ASUSTEK COMPUTER INCORPORATION → ASUSTek Computer Inc.) C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe
(services.exe ->) (Connectify (Connectify, Inc.) → Connectify) C:\Program Files (x86)\Speedify\speedify.exe
(services.exe ->) (Dolby Laboratories, Inc. → Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_a379f9cda17dd4b1\DAX3API.exe <2>
(services.exe ->) (Malwarebytes Inc. → Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher → Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Nvidia Corporation → NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. → Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_719a4f3eb3c3c65a\RtkAudUService64.exe <3>
(sihost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5a894077.mcafeesecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. → ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <2>
(svchost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5a894077.mcafeesecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.53.43112.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Realtek Semiconductor Corp) C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.37.275.0_x64__dt26b99r8h8gj\RtkUWP.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM...\Run: [Speedify] => C:\Program Files (x86)\Speedify\SpeedifyLauncher.exe [2198624 2022-12-16] (Connectify (Connectify, Inc.) → Connectify)
HKLM-x32...\Run: [ASUS Smart Display Control] => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [143960 2021-03-25] (ASUSTEK COMPUTER INCORPORATION → ASUSTeK Computer Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-895565649-3931333595-811618271-1001...\Run: [Rainlendar2] => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2433024 2011-08-12] () [File not signed]
HKU\S-1-5-21-895565649-3931333595-811618271-1001...\Run: [LilySpeechUtilA] => C:\Users\acco5\AppData\Local\LilySpeechApp\LilySpeechUtilA\assets\engine\LilySpeech64-2a.exe [1332688 2022-11-24] (Vertical Thinking Print & Web Inc → )
HKU\S-1-5-21-895565649-3931333595-811618271-1001...\Run: [LilySpeechUtilB] => C:\Users\acco5\AppData\Local\LilySpeechApp\LilySpeechUtilB\assets\engine\LilySpeech64-2b.exe [1332688 2022-11-24] (Vertical Thinking Print & Web Inc → )
HKU\S-1-5-21-895565649-3931333595-811618271-1001...\Run: [LilySpeechRec] => C:\Users\acco5\AppData\Local\LilySpeechRec\LilySpeechRec.exe [1035216 2022-11-24] (Vertical Thinking Print & Web Inc → )
HKU\S-1-5-21-895565649-3931333595-811618271-1001...\Run: [LilySpeechComms] => C:\Users\acco5\AppData\Local\LilySpeechApp\LilySpeechComms\LilyCommsCli.exe [123856 2022-11-24] (Vertical Thinking Print & Web Inc → CoreCommsCliWTCP)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0171895D-5195-4597-BF0A-B56970948807} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSoftwareManager\AsusUpdateChecker.exe [788104 2022-12-07] (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.)
Task: {11755330-1251-4CAE-9D10-855C11DA1D85} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {1456FBB7-855A-4361-9232-A6A6496AE261} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3606624 2022-12-07] (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.)
Task: {168DD57A-4D2D-4015-9EC3-1A9FA1B7777B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144288 2023-01-13] (Microsoft Corporation → Microsoft Corporation)
Task: {222688D0-243A-4CA6-84F0-CC830769A89B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. → Adobe Inc.)
Task: {245A66D6-9C64-4A13-B3C0-9FC3A6E58386} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144288 2023-01-13] (Microsoft Corporation → Microsoft Corporation)
Task: {4BA1119B-7D8D-4647-971B-ECC4015857C8} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-08-08] (ASUSTeK Computer Inc. → ASUSTeK Computer Inc.)
Task: {5CED5C46-BD93-4367-92AA-276677D5DA9E} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [160696 2023-01-13] (Microsoft Corporation → Microsoft Corporation)
Task: {7FE7A185-C3D1-409E-978B-2C0CBB28478A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26326520 2023-01-13] (Microsoft Corporation → Microsoft Corporation)
Task: {98AAEA1D-5A24-4210-8535-3E88E55B91DA} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSOptimization\AsusHotkey.exe [263784 2022-12-07] (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.)
Task: {AD74412B-B73B-4515-B286-509B8B2AC5E4} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d8c6df9cf467e6 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-08-08] (ASUSTeK Computer Inc. → ASUSTeK Computer Inc.)
Task: {C19160BB-6AFD-4196-A830-5044D6EE72C5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task “308046B0AF4A39CB”
Task: {C6C0FF51-0027-459B-B893-5A6D2781C979} - System32\Tasks\WaterfoxLimited\Waterfox Default Browser Agent 6F940AC27A98DD61 => C:\Program Files\Waterfox\default-browser-agent.exe [913760 2022-11-14] (WATERFOX LIMITED → Mozilla Foundation)
Task: {DB45AA09-EC6D-408B-9A5E-E3E6A023A630} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26326520 2023-01-13] (Microsoft Corporation → Microsoft Corporation)
Task: {EB595763-BF8E-4FA0-BD51-254DF4BC1504} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_719a4f3eb3c3c65a\RtkAudUService64.exe [1588040 2022-08-11] (Realtek Semiconductor Corp. → Realtek Semiconductor)
Task: {FE320D9D-19CA-4953-840F-18514DDC33CD} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [43509488 2022-07-08] (ASUSTeK COMPUTER INC. → ASUSTek Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip..\Interfaces{0ac74aa6-98d2-4fa3-852f-3071b9d2dde6}: [DhcpNameServer] 192.168.43.1
Tcpip..\Interfaces{29e692aa-8946-4b4c-b7d7-dcae16a34d82}: [NameServer] 10.202.0.1
[HEADING=1]Edge:[/HEADING]
Edge Profile: C:\Users\acco5\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-25]
[HEADING=1]FireFox:[/HEADING]
FF DefaultProfile: 47lu9k1b.68-edition-default
FF DefaultProfile: gvfemib7.default
FF ProfilePath: C:\Users\acco5\AppData\Roaming\Waterfox\Profiles\47lu9k1b.68-edition-default [2022-12-09]
FF ProfilePath: C:\Users\acco5\AppData\Roaming\Waterfox\Profiles\sv19yli3.default-release [2022-12-10]
FF Session Restore: Waterfox\Profiles\sv19yli3.default-release → is enabled.
FF ProfilePath: C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\gvfemib7.default [2022-09-16]
FF ProfilePath: C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release [2023-02-01]
FF Session Restore: Mozilla\Firefox\Profiles\h2m6kk2k.default-release → is enabled.
FF Extension: (uBlock Origin) - C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\Extensions\uBlock0@raymondhill.net.xpi [2022-12-25]
FF Extension: (Ecosia - The search engine that plants trees) - C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\Extensions{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2023-01-30]
FF Plugin: @microsoft.com/SharePoint,version=14.0 → C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-18] (Microsoft Corporation → Microsoft Corporation)
FF Plugin: Adobe Acrobat → C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-01-21] (Adobe Inc. → Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 → C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-18] (Microsoft Corporation → Microsoft Corporation)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. → Adobe Inc.)
R2 ArmouryCrateControlInterface; C:\WINDOWS\System32\ASUSACCI\ArmouryCrateControlInterface.exe [1181296 2022-08-18] (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [394864 2022-11-24] (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-08-08] (ASUSTeK Computer Inc. → ASUSTeK Computer Inc.)
R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\AsusAppService\AsusAppService.exe [1162376 2022-12-07] (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [181576 2021-09-30] (ASUSTeK Computer Inc. → ASUSTek COMPUTER INC.)
R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkNear\AsusLinkNear.exe [1320072 2022-12-07] (ASUSTeK COMPUTER INC. → ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkRemote\AsusLinkRemote.exe [764504 2022-12-07] (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-08-08] (ASUSTeK Computer Inc. → ASUSTeK Computer Inc.)
R2 AsusMultiAntennaSvc; C:\Program Files\ASUS\ASUS MultiAntenna Service\AsusMultiAntennaSvc.exe [949872 2022-09-21] (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSOptimization\AsusOptimization.exe [394344 2022-12-07] (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSoftwareManager\AsusSoftwareManager.exe [1113176 2022-12-07] (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSwitch\AsusSwitch.exe [635480 2022-12-07] (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3606624 2022-12-07] (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [791176 2022-12-07] (ASUSTeK COMPUTER INC. → ASUSTek COMPUTER INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12548520 2023-01-13] (Microsoft Corporation → Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_a379f9cda17dd4b1\DAX3API.exe [2431544 2022-03-09] (Dolby Laboratories, Inc. → Dolby Laboratories)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. → ASUS Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3887976 2022-09-26] (ASUSTeK COMPUTER INC. → ASUSTek Computer Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8966256 2023-02-01] (Malwarebytes Inc. → Malwarebytes)
R2 RefreshRateService; C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe [40672 2021-09-10] (ASUSTEK COMPUTER INCORPORATION → ASUSTek Computer Inc.)
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [6739056 2022-09-21] (ASUSTeK COMPUTER INC. → ASUSTek COMPUTER INC.)
R2 Speedify; C:\Program Files (x86)\Speedify\Speedify.exe [5365344 2022-12-16] (Connectify (Connectify, Inc.) → Connectify)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher → Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher → Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25016 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher → Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0382793.inf_amd64_1c9c9d36a5813460\B384051\amdkmdag.sys [80465832 2022-10-03] (Advanced Micro Devices Inc. → Advanced Micro Devices, Inc.)
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [43168 2021-09-30] (ASUSTeK Computer Inc. → )
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [112848 2020-09-27] (ASUSTek Computer Inc. → ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSystemAnalysis\AsusSAIO.sys [46736 2022-12-07] (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSOptimization\AsusWmiAcpi.sys [45248 2022-12-07] (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [287232 2022-07-01] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. → Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-09-15] (Microsoft Windows Hardware Compatibility Publisher → Malwarebytes)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [33424 2021-07-18] (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.)
R3 IGO_VSD; C:\WINDOWS\system32\drivers\igovsd.sys [42344 2021-07-05] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch → Intelligo Technology Inc.)
R3 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [35344 2022-11-24] (ASUSTEK COMPUTER INC. → ASUSTeK Computer Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-02-01] (Microsoft Windows Hardware Compatibility Publisher → Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-09-15] (Microsoft Windows Early Launch Anti-malware Publisher → Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198088 2023-02-01] (Microsoft Windows Hardware Compatibility Publisher → Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [76216 2023-02-01] (Microsoft Windows Hardware Compatibility Publisher → Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-12-11] (Microsoft Windows Hardware Compatibility Publisher → Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181816 2023-02-01] (Malwarebytes Inc. → Malwarebytes)
R3 MTKBTFilterX64; C:\WINDOWS\system32\DRIVERS\mtkbtfilterx.sys [280040 2022-08-17] (Microsoft Windows Hardware Compatibility Publisher → MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1403248 2022-04-27] (Microsoft Windows Hardware Compatibility Publisher → MediaTek Inc.)
R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [234568 2022-06-24] (Nvidia Corporation → NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher → NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. → Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144 2021-10-08] (Samsung Electronics Co., Ltd. → QUALCOMM Incorporated)
R3 tap0901cn; C:\WINDOWS\System32\drivers\tap0901cn.sys [47448 2020-07-09] (Connectify (Connectify, Inc.) → The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher → Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows → Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows → Microsoft Corporation)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-01 05:19 - 2023-02-01 05:19 - 000026481 _____ C:\Users\acco5\Desktop\FRST.txt
2023-02-01 05:16 - 2023-02-01 05:16 - 002376704 _____ (Farbar) C:\Users\acco5\Desktop\FRST64.exe
2023-02-01 04:46 - 2023-02-01 04:48 - 000000000 ____D C:\ProgramData\HitmanPro
2023-02-01 04:38 - 2023-02-01 04:43 - 000000000 ____D C:\ProgramData\Ultra Adware Killer
2023-02-01 04:38 - 2023-02-01 04:38 - 001319192 ____H (Carifred) C:\Users\acco5\Downloads\UltraAdwareKiller64.exe
2023-02-01 04:33 - 2023-02-01 04:47 - 000000000 ____D C:\Program Files\9-lab
2023-02-01 04:33 - 2023-02-01 04:33 - 000000000 ____D C:\Users\acco5\AppData\Roaming\9-lab
2023-02-01 04:33 - 2023-02-01 04:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\9-lab Removal Tool
2023-02-01 04:33 - 2023-02-01 04:33 - 000000000 ____D C:\ProgramData\9-lab
2023-02-01 02:48 - 2023-02-01 02:48 - 000181816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-01-31 08:39 - 2023-01-31 08:39 - 000042211 _____ C:\Users\acco5\Downloads\01356123_doc_htm.htm
2023-01-28 08:48 - 2023-01-28 08:48 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-01-27 17:15 - 2023-01-27 17:15 - 000055460 _____ C:\Users\acco5\Desktop\Facture SCI Rezo - AB.pdf
2023-01-27 17:03 - 2023-01-27 17:03 - 000180814 _____ C:\Users\acco5\Desktop\Attestation d’hébergement.pdf
2023-01-27 09:34 - 2023-01-27 13:37 - 000016173 _____ C:\Users\acco5\Desktop\Facture SCI Rezo.odt
2023-01-24 06:15 - 2023-01-24 06:15 - 005997079 _____ C:\Users\acco5\Desktop\Eckhart Tolle The Power of Now.pdf
2023-01-23 21:46 - 2023-01-23 21:46 - 000111021 _____ C:\Users\acco5\Downloads\wsmtb_prologue.pdf
2023-01-21 15:23 - 2023-01-28 17:49 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-01-20 06:02 - 2023-01-30 09:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-01-16 15:55 - 2023-01-16 15:55 - 000675311 _____ C:\Users\acco5\Desktop\Jeff Foster Membership offers.pdf
2023-01-14 21:09 - 2023-01-10 09:34 - 000000000 ___D C:\Users\acco5\Desktop\Secret Diaries - Manage a Manor
2023-01-14 20:13 - 2023-01-14 21:09 - 341926203 _____ C:\Users\acco5\Downloads\Secret_Diaries-_Manage_a_Manor.rar
2023-01-11 17:10 - 2023-01-11 17:10 - 000000000 ____D C:\Users\acco5\Documents\Zoom
2023-01-11 17:09 - 2023-01-11 17:09 - 000000000 ____D C:\Users\acco5\AppData\Roaming\Zoom
2023-01-11 17:09 - 2023-01-11 17:09 - 000000000 ____D C:\Users\acco5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2023-01-11 17:09 - 2023-01-11 17:09 - 000000000 ____D C:\Users\acco5\AppData\Local\Zoom
2023-01-11 12:51 - 2023-01-11 12:51 - 000000000 ___HD C:$WinREAgent
2023-01-11 12:32 - 2023-01-31 23:52 - 000000000 ____D C:\Users\acco5\AppData\Local\CrashDumps
2023-01-11 11:46 - 2023-01-11 12:09 - 000001687 _____ C:\Users\acco5\Desktop\Writings.txt
2023-01-11 11:12 - 2023-01-11 14:04 - 000000000 ____D C:\Users\acco5\AppData\Local\LilySpeechRec
2023-01-11 11:12 - 2023-01-11 11:12 - 000000000 ____D C:\Users\acco5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LilySpeech
2023-01-11 10:56 - 2023-01-11 10:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2023-01-11 10:53 - 2023-01-11 11:12 - 000000000 ____D C:\Users\acco5\AppData\Local\LilySpeechApp
2023-01-10 15:21 - 2023-01-10 15:21 - 000157357 _____ C:\Users\acco5\Desktop\urssaf-justificatif-declaration-2022-T4-20230110-15h21.pdf
2023-01-08 19:01 - 2023-01-08 19:01 - 009180856 _____ (Connectify) C:\Users\acco5\Downloads\SpeedifyInstaller.exe
2023-01-08 19:01 - 2023-01-08 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speedify

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-01 05:19 - 2022-09-14 13:43 - 000000000 ____D C:\FRST
2023-02-01 04:32 - 2022-09-13 06:17 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-01 03:45 - 2022-09-13 06:17 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-01 03:45 - 2022-09-13 06:17 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-02-01 02:45 - 2022-09-15 09:05 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-02-01 02:42 - 2022-09-15 09:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-02-01 02:42 - 2022-09-15 09:03 - 000000000 ____D C:\Program Files\Malwarebytes
2023-02-01 01:43 - 2022-09-13 05:33 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2023-02-01 01:39 - 2022-09-12 21:32 - 000000000 ____D C:\Users\acco5\AppData\LocalLow\Mozilla
2023-02-01 01:37 - 2022-11-19 05:04 - 000000000 ____D C:\ProgramData\Speedify
2023-02-01 01:37 - 2022-09-13 06:20 - 000000000 ____D C:\WINDOWS\system32\ASUSACCI
2023-01-31 22:06 - 2022-09-13 05:24 - 000000000 ____D C:\ProgramData\ASUS
2023-01-31 22:06 - 2021-08-08 16:56 - 000000000 ____D C:\Program Files\ASUS
2023-01-31 22:06 - 2021-08-08 16:56 - 000000000 ____D C:\Program Files (x86)\ASUS
2023-01-31 22:06 - 2021-08-08 16:54 - 000000000 ____D C:\ProgramData\Package Cache
2023-01-31 19:29 - 2022-09-13 05:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-30 09:58 - 2022-09-13 06:17 - 000000000 ____D C:\WINDOWS\INF
2023-01-30 09:58 - 2022-09-13 05:36 - 000333402 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-01-30 09:56 - 2022-09-12 20:43 - 000000000 ____D C:\Users\acco5\AppData\Local\D3DSCache
2023-01-30 09:56 - 2022-09-12 20:40 - 000000000 ____D C:\Users\acco5
2023-01-30 09:53 - 2022-09-12 21:32 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-01-30 09:52 - 2022-09-12 21:32 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-01-30 09:52 - 2022-09-12 21:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-01-30 09:52 - 2022-09-12 21:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-01-30 09:51 - 2022-09-13 06:17 - 000000000 ____D C:\WINDOWS\ServiceState
2023-01-30 09:51 - 2022-09-13 05:25 - 000000000 ____D C:\ProgramData\NVIDIA
2023-01-30 09:51 - 2022-09-13 05:24 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-30 09:51 - 2022-09-13 05:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-30 09:51 - 2022-09-12 22:42 - 000000000 ____D C:\Users\acco5.rainlendar2
2023-01-30 09:50 - 2022-09-13 06:14 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-01-30 00:42 - 2022-11-18 17:31 - 000026133 _____ C:\Users\acco5\Desktop\Movies.ods
2023-01-28 17:49 - 2022-09-13 05:25 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-01-28 08:48 - 2022-11-18 17:16 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-01-28 08:48 - 2022-11-18 17:16 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-01-25 20:48 - 2022-09-12 20:47 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-895565649-3931333595-811618271-1001
2023-01-25 20:48 - 2022-09-12 20:44 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-895565649-3931333595-811618271-1001
2023-01-25 20:48 - 2022-09-12 20:40 - 000002381 _____ C:\Users\acco5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-01-24 08:16 - 2022-12-20 09:34 - 000000000 ____D C:\Users\acco5\AppData\Local\ElevatedDiagnostics
2023-01-24 08:04 - 2022-09-12 22:02 - 000015042 _____ C:\Users\acco5\Desktop\Life Without Resistance.odt
2023-01-24 05:49 - 2022-09-12 22:02 - 000000000 ____D C:\Users\acco5\Desktop\Newest files from other computer
2023-01-19 13:31 - 2022-09-15 08:30 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-14 21:09 - 2022-10-29 03:29 - 000000000 ____D C:\Users\acco5\AppData\LocalLow\SQRT3
2023-01-13 18:48 - 2020-11-21 13:43 - 000000000 ____D C:\Program Files\Microsoft Office
2023-01-11 14:47 - 2022-11-18 22:03 - 000009838 _____ C:\GetDeviceStatus.xml
2023-01-11 14:47 - 2022-11-18 22:03 - 000005458 _____ C:\GetDeviceCap.xml
2023-01-11 14:47 - 2022-11-18 22:03 - 000000538 _____ C:\QueryAllDevice.xml
2023-01-11 14:47 - 2022-11-18 22:03 - 000000228 _____ C:\SetMatrixLEDScript.xml
2023-01-11 14:47 - 2022-09-13 05:24 - 000630048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-01-11 14:46 - 2022-09-13 06:17 - 000000000 ____D C:\WINDOWS\SystemResources
2023-01-11 14:46 - 2022-09-13 06:17 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-01-11 14:46 - 2022-09-13 06:17 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-01-11 14:46 - 2022-09-13 06:17 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-01-11 14:34 - 2022-09-12 23:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-01-11 12:55 - 2022-09-13 06:14 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-01-11 12:54 - 2022-09-13 05:26 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-01-11 09:33 - 2022-09-12 23:05 - 150199536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-01-10 15:30 - 2022-11-18 16:58 - 000000000 ____D C:\Users\acco5\Desktop\Temporary folder for old computer
2023-01-08 19:01 - 2022-11-19 05:06 - 000001233 _____ C:\Users\acco5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Speedify.lnk
2023-01-08 19:01 - 2022-11-19 05:04 - 000001311 _____ C:\Users\Public\Desktop\Speedify.lnk
2023-01-08 19:01 - 2022-11-19 05:04 - 000000000 ____D C:\Program Files (x86)\Speedify
2023-01-08 03:22 - 2022-09-13 05:25 - 000004122 _____ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2023-01-08 03:22 - 2022-09-13 05:24 - 000003756 _____ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2023-01-04 01:26 - 2022-09-13 05:24 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-04 01:26 - 2022-09-13 05:24 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2022-12-22 02:38 - 2022-11-15 08:02 - 000000416 ___RH () C:\Users\acco5\AppData\Roaming_fwwin32bk-3DEF-8688.cfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional.txt
[HEADING=1]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-01-2023
Ran by acco5 (01-02-2023 05:20:14)
Running from C:\Users\acco5\Desktop
Microsoft Windows 10 Home Version 21H2 19044.2486 (X64) (2022-09-13 04:33:03)
Boot Mode: Normal[/HEADING]
==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

acco5 (S-1-5-21-895565649-3931333595-811618271-1001 - Administrator - Enabled) => C:\Users\acco5
Administrator (S-1-5-21-895565649-3931333595-811618271-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-895565649-3931333595-811618271-503 - Limited - Disabled)
Guest (S-1-5-21-895565649-3931333595-811618271-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-895565649-3931333595-811618271-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM...{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 22.003.20314 - Adobe)
AI Noise Cancelation Audio Software (HKLM-x32...{ab5f014e-883d-470d-bc2d-127ef91e5611}) (Version: 2.0.3 - ASUSTek Computer Inc.)
AI Noise Cancelation Audio Software SDK (HKLM...{9B441197-6389-46FC-BE60-56C8B6E5ADE9}) (Version: 1.0.6 - ASUSTeK COMPUTER INC.)
ARMOURY CRATE Service (HKLM...{01378DC3-088F-4F55-AAFA-DC6A9CCA292A}) (Version: 5.3.3 - ASUS)
ASUS Aac_GmAcc HAL (HKLM...{998249B1-6913-447E-AA37-F445B8CA33D0}) (Version: 1.0.0.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_GmAcc HAL (HKLM-x32...{fd4cf3d0-9937-417e-89b4-56658158819a}) (Version: 1.0.0.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM...{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.5.24.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32...{ba95a7ce-ede3-4308-a5d6-6c08a15bff04}) (Version: 2.5.24.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Display Component (HKLM...{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.2.12.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32...{fe2996bf-7174-4ad7-af8c-3e8e510c8263}) (Version: 1.2.12.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Headset Component (HKLM...{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.3.26.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32...{b351ae91-a5dd-4741-8830-883dddd22eb7}) (Version: 1.3.26.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM...{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.19 - ASUSTek COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32...{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 3.1.0.2 - ASUSTeK Computer Inc.)
ASUS Framework Service (HKLM-x32...{80f60ecc-98e1-474b-aee2-0c470f02dbbc}) (Version: 2.0.2.6 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32...{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.0.2.6 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM...{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.1.48.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32...{79497ebd-229a-42ac-9410-87264af2e929}) (Version: 1.1.48.0 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM...{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.35 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32...{193a2068-8738-4276-ab1b-9133f9403487}) (Version: 1.0.35 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM...{B8F984F2-7887-4DD2-8D96-F9A4BC5A4AC5}) (Version: 1.1.0.45 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32...{559342ce-3e0f-4daf-bd9f-dfb67f065c28}) (Version: 1.1.0.45 - ASUSTek COMPUTER INC.) Hidden
ASUS MultiAntenna Service (HKLM...{EBB02F2E-0856-4B8A-9E70-980102C90BBA}) (Version: 3.2.2 - ASUSTeK COMPUTER INC.)
ASUS Smart Display Control (HKLM-x32...{8714A8D1-0F08-4681-9DF6-A8C4607A58B4}) (Version: 1.2.0 - ASUSTek COMPUTER INC.)
ASUS Update Helper (HKLM-x32...{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.93 - ASUSTeK Computer Inc.) Hidden
AURA lighting effect add-on (HKLM-x32...{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.24 - ASUS)
AURA lighting effect add-on x64 (HKLM...{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.24 - ASUS)
AURA Service (HKLM-x32...{0760271b-d7d2-407b-a2ec-f17c8ce203c7}) (Version: 3.05.78 - ASUSTeK Computer Inc.)
AURA Service (HKLM-x32...{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.05.78 - ASUSTeK Computer Inc.) Hidden
FreeWriter (HKLM-x32...{6BB5F8AA-0329-400C-B4B9-82DBE033746F}) (Version: 1.0.7 - Lifestyle Toolbox)
GameSDK Service (HKLM-x32...{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32...{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
LibreOffice 7.1.3.2 (HKLM...{76B2DBF3-5773-4463-9EEB-D4A099EB6265}) (Version: 7.1.3.2 - The Document Foundation)
LilySpeech Version 3 (HKU\S-1-5-21-895565649-3931333595-811618271-1001...\LilySpeech) (Version: 3 - LilySpeech)
Malwarebytes version 4.5.21.231 (HKLM...{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.21.231 - Malwarebytes)
Microsoft .NET Host - 5.0.14 (x64) (HKLM...{61A6E3A7-F406-418A-B2A6-0606DB55B325}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.14 (x64) (HKLM...{8D88F0E2-CE9B-4A6D-8309-FDC562195F5B}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.14 (x64) (HKLM...{B810ACDF-1C0C-4108-9B92-12F1674FA444}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft 365 - en-us (HKLM...\O365HomePremRetail - en-us) (Version: 16.0.15928.20216 - Microsoft Corporation)
Microsoft Edge (HKLM-x32...\Microsoft Edge) (Version: 109.0.1518.70 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32...\Microsoft EdgeWebView) (Version: 109.0.1518.70 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32...{6BBE9278-659F-FA16-E4B8-C2D60DE0DCC7}) (Version: 10.1.22621.1863 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-895565649-3931333595-811618271-1001...\OneDriveSetup.exe) (Version: 23.002.0102.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM...{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 (HKLM-x32...{7d607fb4-7e28-4c7a-a92f-3fcdaf555faf}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.26.28720 (HKLM-x32...{86380aef-fd23-4fc3-8723-a98ccad8f2c6}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.26.28720 (HKLM...{CB4A0FDE-1126-4AE2-97C6-A243692C3D95}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.26.28720 (HKLM...{DD1EC0FD-3F0A-4740-A05E-1DCD14A6B0D1}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.26.28720 (HKLM-x32...{2F69FB2B-2C48-491C-B249-22C1BDCE1117}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.26.28720 (HKLM-x32...{31C9EB3A-5F0C-49E7-8E6C-D404E48F433D}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.14 (x64) (HKLM...{4CD6FFC6-FA14-4016-A7A6-B7E3D6286331}) (Version: 40.56.30911 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.14 (x64) (HKLM-x32...{d21a4f20-968a-4b0c-bf04-a38da5f06e41}) (Version: 5.0.14.30911 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM...\Mozilla Firefox 109.0 (x64 en-US)) (Version: 109.0 - Mozilla)
Mozilla Maintenance Service (HKLM...\MozillaMaintenanceService) (Version: 104.0.2 - Mozilla)
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Graphics Driver 462.06 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 462.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.40 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.20.0221 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM...{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM...{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15928.20198 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM...{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Rainlendar2 (remove only) (HKLM-x32...\Rainlendar2) (Version: - )
RefreshRateService (HKLM-x32...{7E5E84CB-B190-4658-A4DC-166779C329D1}) (Version: 2.1.0 - ASUSTeK COMPUTER INC.)
ROG CustomHotkey (HKLM-x32...{374883e6-b31d-4a3c-9c4a-2685a840aed4}) (Version: 1.1.1 - ASUSTek Computer Inc.)
ROG Live Service (HKLM-x32...{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.6.4.0 - ASUSTek COMPUTER INC.)
Shotcut (HKLM...\Shotcut) (Version: 21.10.31 - Meltytech, LLC)
Speedify (HKLM...\Speedify) (Version: 12.8.0.10689 - Connectify)
Undercover - Blood Bonds (HKLM-x32...\Undercover - Blood BondsFinal) (Version: Final - Game Owl)
Waterfox (x64 en-US) (HKLM...\Waterfox 102.5.0 (x64 en-US)) (Version: 102.5.0 - WaterfoxLimited)
Windows PC Health Check (HKLM...{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 6.02 (64-bit) (HKLM...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-895565649-3931333595-811618271-1001...\ZoomUMX) (Version: 5.13.4 (11835) - Zoom Video Communications, Inc.)
[HEADING=1]Packages:[/HEADING]
AMD Radeon Software → C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.21.30024.0_x64__0a9344xs7nr4m [2022-09-12] (Advanced Micro Devices Inc.) [Startup Task]
ARMOURY CRATE → C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.4.8.0_x64__qmba6cd70vzyy [2023-02-01] (ASUSTeK COMPUTER INC.)
AURA Creator → C:\Program Files\WindowsApps\B9ECED6F.AURACreator_3.5.6.0_x64__qmba6cd70vzyy [2023-02-01] (ASUSTeK COMPUTER INC.)
Disney+ → C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.44.2.0_x64__6rarf9sa4v8jt [2022-12-20] (Disney)
Dolby Access → C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.16.345.0_x64__rz1tebttyb220 [2023-01-23] (Dolby Laboratories)
McAfee® Personal Security → C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2022-11-27] (McAfee LLC.)
Microsoft Whiteboard → C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10114.505.0_x64__8wekyb3d8bbwe [2023-01-20] (Microsoft Corporation)
MyASUS → C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.13.0_x64__qmba6cd70vzyy [2022-12-23] (ASUSTeK COMPUTER INC.)
NVIDIA Control Panel → C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-29] (NVIDIA Corp.)
Realtek Audio Control → C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.37.275.0_x64__dt26b99r8h8gj [2022-11-14] (Realtek Semiconductor Corp)
Solitaire & Casual Games → C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-08] (Microsoft Studios) [MS Ad]
Spotify Music → C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0 [2023-01-20] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] → {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH → Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] → {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH → Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] → {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-09-15] (Malwarebytes Inc. → Malwarebytes)
ContextMenuHandlers5: [ACE] → {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2022-10-03] (Advanced Micro Devices Inc. → Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] → {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\nvshext.dll [2022-06-24] (Nvidia Corporation → NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] → {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-09-15] (Malwarebytes Inc. → Malwarebytes)
ContextMenuHandlers6: [WinRAR] → {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH → Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] → {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH → Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-09-12 20:48 - 2022-06-20 15:14 - 000520704 _____ () [File not signed] \?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ac_node_addon\prebuilds\win32-ia32\node.napi.node
2022-09-12 20:48 - 2022-06-08 10:33 - 000479744 _____ () [File not signed] \?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2022-09-12 20:48 - 2022-06-08 10:33 - 000470016 _____ () [File not signed] \?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2022-09-12 20:48 - 2022-06-08 10:33 - 000832512 _____ () [File not signed] \?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\usb-detection\prebuilds\win32-ia32\node.napi.node
2022-09-12 20:48 - 2022-06-08 10:33 - 000081920 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2010-05-23 19:20 - 2010-05-23 19:20 - 000012288 _____ () [File not signed] C:\Program Files (x86)\Rainlendar2\lfs.dll
2010-05-23 19:20 - 2010-05-23 19:20 - 000126976 _____ () [File not signed] C:\Program Files (x86)\Rainlendar2\lua51.dll
2011-08-12 06:45 - 2011-08-12 06:45 - 000198144 _____ () [File not signed] C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll
2020-11-21 13:17 - 2020-11-21 13:17 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\e_sqlite3.dll
2021-12-24 00:02 - 2021-12-24 00:03 - 016742912 _____ (McAfee LLC) [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.dll
2022-09-05 09:18 - 2022-09-05 09:18 - 000023552 _____ (MTK) [File not signed] C:\Program Files\ASUS\ASUS MultiAntenna Service\mtkwlan.dll
2021-08-08 17:02 - 2021-08-08 17:02 - 000023040 _____ (Synaptics Incorporated.) [File not signed] C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.37.275.0_x64__dt26b99r8h8gj\SynAudSrvDll.dll
2011-07-28 19:20 - 2011-07-28 19:20 - 000244736 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\Rainlendar2\libcurl.dll
2011-01-29 12:59 - 2011-01-29 12:59 - 001102336 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Rainlendar2\LIBEAY32.dll
2011-01-29 12:59 - 2011-01-29 12:59 - 000237056 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Rainlendar2\SSLEAY32.dll
2010-12-12 11:56 - 2010-12-12 11:56 - 001205760 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Rainlendar2\wxbase28u_vc_rny.dll
2010-12-12 11:58 - 2010-12-12 11:58 - 000131584 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Rainlendar2\wxbase28u_xml_vc_rny.dll
2010-12-12 11:57 - 2010-12-12 11:57 - 000707584 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Rainlendar2\wxmsw28u_adv_vc_rny.dll
2010-12-12 11:57 - 2010-12-12 11:57 - 002633216 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Rainlendar2\wxmsw28u_core_vc_rny.dll
2010-12-12 11:57 - 2010-12-12 11:57 - 000485376 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Rainlendar2\wxmsw28u_html_vc_rny.dll
2010-12-12 11:58 - 2010-12-12 11:58 - 000502784 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Rainlendar2\wxmsw28u_xrc_vc_rny.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => “”=“Service”

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper → {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} → C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-18] (Microsoft Corporation → Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-13] (Microsoft Corporation → Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-13] (Microsoft Corporation → Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-13] (Microsoft Corporation → Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-13] (Microsoft Corporation → Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-13] (Microsoft Corporation → Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-13] (Microsoft Corporation → Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-13] (Microsoft Corporation → Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-13] (Microsoft Corporation → Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\DefaultUser\Control Panel\Desktop\Wallpaper → C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-895565649-3931333595-811618271-1001\Control Panel\Desktop\Wallpaper → C:\Users\acco5\Desktop\white_flowers_nature_plants-21425.jpg!d.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM...\StartupApproved\Run: => “Speedify”
HKU\S-1-5-21-895565649-3931333595-811618271-1001...\StartupApproved\Run: => “OneDrive”
HKU\S-1-5-21-895565649-3931333595-811618271-1001...\StartupApproved\Run: => “LilySpeechRec”
HKU\S-1-5-21-895565649-3931333595-811618271-1001...\StartupApproved\Run: => “LilySpeechUtilB”
HKU\S-1-5-21-895565649-3931333595-811618271-1001...\StartupApproved\Run: => “LilySpeechUtilA”
HKU\S-1-5-21-895565649-3931333595-811618271-1001...\StartupApproved\Run: => “LilySpeechComms”
HKU\S-1-5-21-895565649-3931333595-811618271-1001...\StartupApproved\Run: => “MicrosoftEdgeAutoLaunch_96584F32951EA856FAD305C03C256217”

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{17E6E1DB-6811-46A9-9D95-6FF0F770842A}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. → )
FirewallRules: [{A476B622-4E44-4FA0-8B1E-3984980C05AF}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. → ASUS)
FirewallRules: [{15E5C64C-D0C1-42AC-B54B-87414F296814}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. → ASUSTek Computer Inc.)
FirewallRules: [{0ABC14FF-2DD3-4306-B489-6815B4D35391}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. → ASUS)
FirewallRules: [{290CFDAB-452B-4756-8486-CE1697ADB12F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation → NVIDIA Corporation)
FirewallRules: [{78223492-85A2-4C09-8B02-8F05A70674EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation → NVIDIA Corporation)
FirewallRules: [{221E9954-E8A6-4AD5-B0E2-8305A673B1FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation → NVIDIA Corporation)
FirewallRules: [{2B07C2C0-3BEE-4BE4-A94E-44F581AD28A1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation → NVIDIA Corporation)
FirewallRules: [{6D1214D2-3A49-4047-9F79-485FC62A24F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation → NVIDIA Corporation)
FirewallRules: [{ACCA6159-C91A-4E60-AD8B-C49343D5A97D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation → NVIDIA Corporation)
FirewallRules: [{74AC523A-DA02-400B-8FFE-84EE96C86817}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. → ASUSTek Computer Inc.)
FirewallRules: [{86A5642A-2677-4672-B769-FEB907D76DB3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation → Mozilla Corporation)
FirewallRules: [{F5432C84-7BAE-4701-8499-B081794565CF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation → Mozilla Corporation)
FirewallRules: [{F5906D05-2716-4053-A7B1-F8FF25C1B060}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [{CCC6F4B6-A842-46C5-AC07-D18B60F5CA72}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (WATERFOX LIMITED → Waterfox Limited)
FirewallRules: [{69B16CF9-2BAB-4881-9E7A-A9A2A9795D47}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (WATERFOX LIMITED → Waterfox Limited)
FirewallRules: [{78D4E73B-8CC1-4316-A801-F9A6864A9F3D}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.13.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{6FE4EFEC-EF7E-4B8C-A4A6-A8A50FB4096F}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.13.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{32023D90-46C2-4406-9AF8-C1837360F049}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.13.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{51ABEC01-6DD7-4B6B-A11E-913C9BCD653D}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.13.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [TCP Query User{41BE3A4D-7FB7-4AF0-9846-7C64592E370E}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation → Mozilla Corporation)
FirewallRules: [UDP Query User{6108C299-8287-4934-AA62-00727B615DA0}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation → Mozilla Corporation)
FirewallRules: [{C06E6B6A-D7FE-4FBE-A3BF-9B391C865022}] => (Allow) C:\Users\acco5\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. → Zoom Video Communications, Inc.)
FirewallRules: [{CD530114-8C3F-426A-BE06-942D00940991}] => (Allow) C:\Users\acco5\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{9DDC40A0-6896-455A-946E-C3A40123ADB6}] => (Allow) C:\Users\acco5\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{19D4D41B-BFE7-4646-8A46-1D96B2774A84}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB → Spotify Ltd)
FirewallRules: [{BB093BA8-D1BD-4CED-A108-21162CD5663F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB → Spotify Ltd)
FirewallRules: [{AD8C1482-6FE8-4316-84E0-A99C32B3A718}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB → Spotify Ltd)
FirewallRules: [{81DA57A2-D96A-4B3A-B78E-29E64E9B7D01}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB → Spotify Ltd)
FirewallRules: [{1790F7C7-DD37-458F-93B5-82882983E9BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB → Spotify Ltd)
FirewallRules: [{261E5A9D-408D-4316-8814-2492E52C7D8D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB → Spotify Ltd)
FirewallRules: [{17064249-E5DC-4A5D-A9D4-3350EF84F61C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB → Spotify Ltd)
FirewallRules: [{2E574DEF-F598-49C3-BCE4-1D156590BCCD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB → Spotify Ltd)
FirewallRules: [{97101B25-F1AD-4053-BE3E-3D1856DDEB70}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl → Skype Technologies S.A.)
FirewallRules: [{DD86AD83-562F-4F4D-864B-2B0F79F1D565}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl → Skype Technologies S.A.)
FirewallRules: [{0890B265-E172-4B86-A9F6-1FDC30BA1E8E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl → Skype Technologies S.A.)
FirewallRules: [{FA74B675-C119-4582-880E-3885FEDCCF75}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl → Skype Technologies S.A.)
FirewallRules: [{742607C3-422A-405E-ADEA-8554FACF8239}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.70\msedgewebview2.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [{2BEA612F-9747-450E-875D-702E66E2F0D1}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.)
FirewallRules: [{F6894205-F7A6-478D-83CC-4E4323E1A89C}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.)
FirewallRules: [{A8E17B48-2DBB-4DBC-95E2-F3B9F9A644BF}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. → ASUSTeK COMPUTER INC.)
FirewallRules: [{2C0D1780-3F7F-4845-B623-319CB6BAB8C4}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. → )
FirewallRules: [{5B38CA7E-B37E-4E9E-9FB6-80819A278734}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. → )
FirewallRules: [{B7FAC268-8A06-4B4C-A84F-2EADFDF5BB4E}] => (Allow) C:\Users\acco5\Downloads\UltraAdwareKiller.exe => No File
FirewallRules: [{DF049D3F-3BC7-4030-ACCA-377B05F74DC7}] => (Allow) C:\Users\acco5\Downloads\UltraAdwareKiller.exe => No File
FirewallRules: [{B2F7F46A-24A7-4A97-9992-C0A57307950F}] => (Allow) C:\Users\acco5\Downloads\UltraAdwareKiller64.exe (DOS SANTOS DA SILVA ALFREDO → Carifred)
FirewallRules: [{3C0125D9-35D0-4E24-90D0-A2330715A42A}] => (Allow) C:\Users\acco5\Downloads\UltraAdwareKiller64.exe (DOS SANTOS DA SILVA ALFREDO → Carifred)

==================== Restore Points =========================

11-01-2023 12:51:08 Windows Modules Installer
21-01-2023 06:08:22 Scheduled Checkpoint
30-01-2023 08:17:03 Scheduled Checkpoint
31-01-2023 22:06:26 ASUS Aac_NBDT HAL
01-02-2023 04:43:10 Ultra Adware Killer threat removal

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================
[HEADING=1]Application errors:[/HEADING]
Error: (01/31/2023 11:52:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Microsoft.SharePoint.exe, version: 23.2.102.4, time stamp: 0x9ff405d5
Faulting module name: ucrtbase.dll, version: 10.0.19041.789, time stamp: 0x2bd748bf
Exception code: 0xc0000409
Fault offset: 0x000000000007286e
Faulting process ID: 0x324c
Faulting application start time: 0x01d935c6a582ba85
Faulting application path: C:\Users\acco5\AppData\Local\Microsoft\OneDrive\23.002.0102.0004\Microsoft.SharePoint.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report ID: fb523a32-eb7a-4b82-9046-fd14f5b883c0
Faulting package full name:
Faulting package-relative application ID:

Error: (01/31/2023 01:45:52 PM) (Source: Waterfox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (01/31/2023 01:45:52 PM) (Source: Waterfox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/30/2023 11:31:03 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Unable to read the “First Counter” value under the usbperf\Performance Key. Status codes returned in data.

Error: (01/30/2023 11:11:02 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Unable to read the “First Counter” value under the usbperf\Performance Key. Status codes returned in data.

Error: (01/30/2023 10:51:02 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Unable to read the “First Counter” value under the usbperf\Performance Key. Status codes returned in data.

Error: (01/30/2023 10:31:02 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Unable to read the “First Counter” value under the usbperf\Performance Key. Status codes returned in data.

Error: (01/30/2023 10:11:02 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Unable to read the “First Counter” value under the usbperf\Performance Key. Status codes returned in data.
[HEADING=1]System errors:[/HEADING]
Error: (12/25/2022 01:45:46 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-6ODOHNQP)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (12/25/2022 01:45:46 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-6ODOHNQP)
Description: The server Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.

Error: (12/18/2022 09:17:48 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (12/17/2022 07:33:03 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-6ODOHNQP)
Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca did not register with DCOM within the required timeout.

Error: (11/27/2022 02:05:48 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} did not register with DCOM within the required timeout.

Error: (11/27/2022 02:05:45 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} did not register with DCOM within the required timeout.

Error: (11/27/2022 02:05:44 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-6ODOHNQP)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.

Error: (11/27/2022 02:05:44 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-6ODOHNQP)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.
[HEADING=1]Windows Defender:[/HEADING]
Date: 2023-01-31 18:17:46
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-01-30 08:15:57
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-01-29 18:02:14
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-01-27 12:31:00
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-01-26 07:52:34
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
[HEADING=1]CodeIntegrity:[/HEADING]
Date: 2023-02-01 02:49:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2023-01-31 18:17:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-12-17 07:34:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.

Date: 2022-12-17 07:34:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends International, LLC. G513IC.314 03/30/2022
Motherboard: ASUSTeK COMPUTER INC. G513IC
Processor: AMD Ryzen 7 4800H with Radeon Graphics
Percentage of memory in use: 90%
Total physical RAM: 15792.36 MB
Available physical RAM: 1543.6 MB
Total Virtual: 31584.73 MB
Available Virtual: 7308.22 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:453.5 GB) (Free:30.76 GB) (Model: HFM512GD3JX013N) (Protected) NTFS

\?\Volume{66a3209f-eb4a-4404-8e69-a0688f1f2f8d}\ (RECOVERY) (Fixed) (Total:0.98 GB) (Free:0.09 GB) NTFS
\?\Volume{f51f1b4c-8df5-41a8-8f65-bdf58564b60b}\ (RESTORE) (Fixed) (Total:22 GB) (Free:4.52 GB) NTFS
\?\Volume{c59d0604-e288-4986-a06e-e17a96ca7a64}\ (MYASUS) (Fixed) (Total:0.19 GB) (Free:0.13 GB) FAT32
\?\Volume{1b46213c-b1f2-4ef0-bf62-3e223d1cbb73}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: C0F51CB1)

Partition: GPT.

==================== End of Addition.txt =======================
    Tags: None
    • Malnutrition
      PCHF Moderator
      • Jul 2016
      • 7041
      #2
      First remove the Mcafee Security App, if you are unable then remove it with App buster.


      Copy the content of the code box below.
      [COLOR=rgb(184, 49, 47)]Do not copy the word code!!!
      Right Click FRST and run as Administrator.
      Click Fix once (!) and wait. The program will create a log file (Fixlog.txt).
      Attach it to your next message.

      [ICODE] Start:: CloseProcesses: SystemRestore: On CreateRestorePoint: RemoveProxy: HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION Task: {0171895D-5195-4597-BF0A-B56970948807} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_0100494bef227dd5\ASUSSoftwareManag er\AsusUpdateChecker.exe [788104 2022-12-07] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) Task: {11755330-1251-4CAE-9D10-855C11DA1D85} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump :5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundup date.moz_log --backgroundtask backgroundupdate Task: {1456FBB7-855A-4361-9232-A6A6496AE261} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_0100494bef227dd5\ASUSSystemAnalysi s\AsusSystemAnalysis.exe [3606624 2022-12-07] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) Task: {222688D0-243A-4CA6-84F0-CC830769A89B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.) Task: {4BA1119B-7D8D-4647-971B-ECC4015857C8} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-08-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) Task: {98AAEA1D-5A24-4210-8535-3E88E55B91DA} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_0100494bef227dd5\ASUSOptimization\ AsusHotkey.exe [263784 2022-12-07] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) Task: {AD74412B-B73B-4515-B286-509B8B2AC5E4} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d8c6 df9cf467e6 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-08-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) Task: {C19160BB-6AFD-4196-A830-5044D6EE72C5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {C6C0FF51-0027-459B-B893-5A6D2781C979} - System32\Tasks\WaterfoxLimited\Waterfox Default Browser Agent 6F940AC27A98DD61 => C:\Program Files\Waterfox\default-browser-agent.exe [913760 2022-11-14] (WATERFOX LIMITED -> Mozilla Foundation) Task: {FE320D9D-19CA-4953-840F-18514DDC33CD} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [43509488 2022-07-08] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{0ac74aa6-98d2-4fa3-852f-3071b9d2dde6}: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{29e692aa-8946-4b4c-b7d7-dcae16a34d82}: [NameServer] 10.202.0.1 U1 aswbdisk; no ImagePath C:\Users\acco5\AppData\Roaming\_fwwin32bk-3DEF-8688.cfg FirewallRules: [{CD530114-8C3F-426A-BE06-942D00940991}] => (Allow) C:\Users\acco5\AppData\Roaming\Zoom\bin\airhost.ex e => No File FirewallRules: [{9DDC40A0-6896-455A-946E-C3A40123ADB6}] => (Allow) C:\Users\acco5\AppData\Roaming\Zoom\bin\airhost.ex e => No File FirewallRules: [{B7FAC268-8A06-4B4C-A84F-2EADFDF5BB4E}] => (Allow) C:\Users\acco5\Downloads\UltraAdwareKiller.exe => No File FirewallRules: [{DF049D3F-3BC7-4030-ACCA-377B05F74DC7}] => (Allow) C:\Users\acco5\Downloads\UltraAdwareKiller.exe => No File C:\WINDOWS\system32\drivers\etc\hosts hosts: C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0 _x64__wafk5atnkzcwy C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0 _x64__wafk5atnkzcwy\mcafee-security.dll HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\MCODS => ""="Service" cmd: netsh winsock reset catalog cmd: netsh int ip reset C:\resettcpip.txt cmd: net stop bits Move: C:\ProgramData\Microsoft\Network\Downloader\qmgr*. db C:\ProgramData\Microsoft\Network\Downloader\qmgr*. db.old cmd: net start bits cmd: bitsadmin /list /allusers CMD: "%WINDIR%\SYSTEM32\lodctr.exe /R" CMD: "%WINDIR%\SysWOW64\lodctr.exe /R" CMD: "C:\Windows\SYSTEM32\lodctr.exe /R" CMD: "C:\Windows\SysWOW64\lodctr.exe /R" CMD: del /f /s /q %windir%\prefetch\*.* CMD: del /s /q C:\Windows\SoftwareDistribution\download\*.* CMD: del /s /q "%userprofile%\AppData\Local\Google\Chrome\Use r Data\Default\Cache\*.*" cmd: del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\Us er Data\Default\Cache\*.*" cmd: del /s /q "%userprofile%\AppData\Local\Opera Software\Opera Stable\Cache\Cache_Data\*.*" CMD: del /s /q "%userprofile%\AppData\Local\temp\*.*" CMD: ipconfig /flushdns C:\Windows\Temp\*.* C:\WINDOWS\system32\*.tmp C:\WINDOWS\syswow64\*.tmp emptytemp: Reboot: End:: [/ICODE]


      Download Kaspersky Virus Removal Tool B[/B] and save it to your Desktop.
      [COLOR=rgb(184, 49, 47)]Very important to save this to your desktop!![/COLOR][COLOR=rgb(184, 49, 47)]

      Select the Windows Key and R Key together, the Run box should open.
      Copy and paste the following into the run box.
      [COLOR=rgb(184, 49, 47)]C:\Users\acco5\Desktop\KVRT.exe -dontencrypt

      Select „Ok“ in the Run box.
      If the „Windows protected your PC“ window opens, select „More info“. A new windows will open, select „Run anyway“.
      An EULA window from KVRT will open, tick all confirmation boxes then select “Accept”.
      A window from KVRT will open, select “Change Parameters”.
      In the new window ensure the following boxes are ticked:

      [ul]
      [li]System memory[/li][li]Startup objects[/li][li]Boot sectors[/li][li]System drive[/li][/ul]
      Then select “OK” and „Start scan“.
      When completed: If entries are found, there will be options to choose. If “Cure” is offered, leave as it is. For any other options change to “Delete”, then select “Continue”.
      Usually, your system needs a reboot to finish the removal process.
      Logfiles can be found on your systemdrive (usually C: ), similar like this:
      [COLOR=rgb(184, 49, 47)]

      [COLOR=rgb(184, 49, 47)]C:\KVRT2020_Data\Reports\report__.klr

      Right click direct onto those reports, select > open with > Notepad.
      Save the files and attach them with your next reply.[/COLOR][/COLOR][/COLOR][/color][/COLOR]

        Comment

        • Data838
          PCHF Member
          • Nov 2021
          • 90
          #3
          Thank you very much for all the information. Please see the attached files below.
          There was only one thing I’m not sure I understood well. When copying the code you provided, did I have to paste it somewhere? I just copied it and then launched the fix on FRST as you instructed.

            Comment

            • Malnutrition
              PCHF Moderator
              • Jul 2016
              • 7041
              #4
              Originally posted by Data838
              When copying the code you provided, did I have to paste it somewhere?
              No the instructions were followed correctly. So FRST uses the clipboard it’s self to delete/repair the files copied.


              Let’s check with a couple more tools to make certain there is nothing on the machine that we need to worry about.

              [COLOR=rgb(147, 101, 184)]ZHP cleaner Scan.

              Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.
              Once you have started the program, you will need to click the scanner button.
              The program will close all open browsers!
              Once the scan is completed, the you will want to click the Repair button.
              At the end of the process you may be asked to reboot your machine.
              After you reboot a report will open on your desktop.
              Attach the report here in your next reply.

              [COLOR=rgb(147, 101, 184)] ZHP Diag Scanner.

              Download ZHP Suite to your desktop.
              Right Click Run as admin.
              Hit the scanner button.
              Once it is complete a file name ZHPdiag.txt will be on your desktop.
              Attach it.

              @Data838[/COLOR][/COLOR]

                Comment

                • Data838
                  PCHF Member
                  • Nov 2021
                  • 90
                  #5
                  Weird, I don’t see the Attach files button anymore, so I’m posting contents of the reports here.

                  Code:
                  ~ ZHPDiag v2023.1.31.6 By Nicolas Coolman (2023/01/31)
~ Run by acco5 (Administrator) (2023/02/02 06:46:19)
~ Assistance: https://forum.nicolascoolman.eu/
~ Blog: https://nicolascoolman.eu/
~ Facebook: ZHP
~ Certificate ZHPDiag: Legal
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\acco5\Desktop\ZHPDiag.txt
~ Report: C:\Users\acco5\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 10 Home, 64-bit (Build 19044) =>.Microsoft Corporation

—\ Internet Browsers (4) - 0s
~ MFIE: Mozilla Firefox 109.0.1 (x64 en-US)
~ MFIE: Waterfox 102.5.0 (x64 en-US)
~ MSIE: Internet Explorer v11.789.19041.0
~ OBIE: Microsoft Edge v109.0.1518.70

—\ Windows Product Information (3) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK

—\ System protection software (2) - 1s
Windows Defender W10 (Deactivate) (Protection)
Malwarebytes version 4.5.21.231 v4.5.21.231 (Protection)

—\ Informations on the system (18) - 0s
~ Operating System: AMD64 Family 23 Model 96 Stepping 1, AuthenticAMD
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
System Restore: Activé (Enable)
System drive C: has 26 GB (5%) free of 464 GB : OK =>.Disk Space

—\ INFORMATIONS MÉMOIRE (MEMORY INFORMATIONS)
~ Slots Total (Total Slots) : 2
~ Slots Utilisés (Used Slots) : 2
~ Slots Disponibles (Free Slots) : 0
~ Type de barrette (FormFactor): SO-DIMM
~ Taille (Size) : 8 Go
~ Vitesse (Speed) : 3200

~ Charge mémoire (Memory Usage) : 29%
~ RAM physique Total (Total Physical) : 15 Go : OK
~ RAM physique Disponible (Available Physical) : 11 Go
~ Total virtuelle (Total Virtual) : 30.84 Go
~ Disponible virtuelle (Available Virtual): 24.13 Go

—\ Connection to the system mode (3) - 0s
~ Computer Name: LAPTOP-6ODOHNQP
~ User Name: acco5
~ Logged in as Administrator

—\ Enumeration of the disk units (1) - 0s
~ Drive C: has 26 GB free of 464 GB (System)

—\ SYSTEM DISK MAIN FEATURES (1) - 1s
~ La technologie SMART n’est pas active sur le disque système

—\ State of the Windows Security Center (7) - 0s
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

—\ Search Generic System Files (25) - 0s
[MD5.DEEEE5E9267B65A9A82BE24BE2693365] - 11/01/2023 - (.Microsoft Corporation - Windows Explorer.) – C:\WINDOWS\Explorer.exe [5142728] =>.Microsoft®
[MD5.EF3179D498793BF4234F708D3BE28633] - 27/12/2021 - (.Microsoft Corporation - Windows host process (Rundll32).) – C:\WINDOWS\System32\rundll32.exe [71680] [Unsigned] =>.Microsoft Corporation
[MD5.D6E3B995E46D08046875E60ECCFF109B] - 14/12/2022 - (.Microsoft Corporation - Windows Start-Up Application.) – C:\WINDOWS\System32\Wininit.exe [420456] [Unsigned] =>.Microsoft Corporation
[MD5.98738C0F9001C09D25E68B80C0BCB907] - 18/11/2022 - (.Microsoft Corporation - Internet Extensions for Win32.) – C:\WINDOWS\System32\wininet.dll [5046784] [Unsigned] =>.Microsoft Corporation
[MD5.F597FA958FD63ACCC90CB469E7DDC2A5] - 18/11/2022 - (.Microsoft Corporation - Windows Log-on Application.) – C:\WINDOWS\System32\Winlogon.exe [906752] [Unsigned] =>.Microsoft Corporation
[MD5.E6C31BCDFB65E2DB98AD082E5DABD164] - 11/08/2022 - (.Microsoft Corporation - Software Licensing Library.) – C:\WINDOWS\System32\sppcomapi.dll [316416] [Unsigned] =>.Microsoft Corporation
[MD5.C34BA7E91B599463DA4E7B6FA5207BE7] - 11/08/2022 - (.Microsoft Corporation - DNS Client API DLL.) – C:\WINDOWS\System32\dnsapi.dll [821272] =>.Microsoft®
[MD5.1849E5C84B6EB6EB56EEB842D8CD467E] - 11/08/2022 - (.Microsoft Corporation - DNS Client API DLL.) – C:\WINDOWS\Syswow64\dnsapi.dll [583144] =>.Microsoft®
[MD5.BCB077E85C58AEBAB32A2D9317A15C5A] - 14/12/2022 - (.Microsoft Corporation - Windows Update Agent.) – C:\WINDOWS\System32\wuaueng.dll [3405824] [Unsigned] =>.Microsoft Corporation
[MD5.AADECAAEE10B5A45E75A9E4DACB49259] - 01/07/2022 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) – C:\WINDOWS\System32\drivers\AFD.sys [651104] [Unsigned] =>.Microsoft Corporation
[MD5.B2C716CEBC11930E3C1E38C3B6B9DDED] - 11/08/2022 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) – C:\WINDOWS\System32\drivers\atapi.sys [31064] [Unsigned] =>.Microsoft Corporation
[MD5.BD8897A464332FA5802486DC64248E03] - 18/11/2022 - (.Microsoft Corporation - CD-ROM File System Driver.) – C:\WINDOWS\System32\drivers\Cdfs.sys [100864] [Unsigned] =>.Microsoft Corporation
[MD5.054ABC6C64AE969D033B7876C04D52B4] - 27/12/2021 - (.Microsoft Corporation - SCSI CD-ROM Driver.) – C:\WINDOWS\System32\drivers\Cdrom.sys [175616] [Unsigned] =>.Microsoft Corporation
[MD5.EBA0C7839FCA85666A822DDD2040A809] - 14/12/2022 - (.Microsoft Corporation - DFS Namespace Client Driver.) – C:\WINDOWS\System32\drivers\DfsC.sys [152064] [Unsigned] =>.Microsoft Corporation
[MD5.4F39254C6E087D4789D2C3EBD3C7F744] - 30/03/2022 - (.Microsoft Corporation - High Definition Audio Bus Driver.) – C:\WINDOWS\System32\drivers\HDAudBus.sys [134656] [Unsigned] =>.Microsoft Corporation
[MD5.E4B36C6EAAAB703CBFECB92EE590FB31] - 07/12/2019 - (.Microsoft Corporation - i8042 Port Driver.) – C:\WINDOWS\System32\drivers\i8042prt.sys [118272] [Unsigned] =>.Microsoft Corporation
[MD5.333FC381E4A82DDA2F1836B65BC40CA9] - 18/11/2022 - (.Microsoft Corporation - IP Network Address Translator.) – C:\WINDOWS\System32\drivers\IpNat.sys [227328] [Unsigned] =>.Microsoft Corporation
[MD5.2754863CC7F7170C8225A3E66A1BE2BB] - 18/11/2022 - (.Microsoft Corporation - Windows NT SMB Minirdr.) – C:\WINDOWS\System32\drivers\MRxSmb.sys [580464] [Unsigned] =>.Microsoft Corporation
[MD5.49F7DE6F689C47B64A2C2D46CD98E327] - 21/11/2020 - (.Microsoft Corporation - MBT Transport driver.) – C:\WINDOWS\System32\drivers\netBT.sys [341504] [Unsigned] =>.Microsoft Corporation
[MD5.EF392BFC830AB71173D98BBAAA664ECD] - 14/12/2022 - (.Microsoft Corporation - NT File System Driver.) – C:\WINDOWS\System32\drivers\ntfs.sys [2838912] [Unsigned] =>.Microsoft Corporation
[MD5.138FDB1EBCB61287A645BD3B06DBED5E] - 07/12/2019 - (.Microsoft Corporation - Parallel Port Driver.) – C:\WINDOWS\System32\drivers\Parport.sys [109056] [Unsigned] =>.Microsoft Corporation
[MD5.3C642DC5EFCB662C25EA7C0E2640896F] - 11/01/2023 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) – C:\WINDOWS\System32\drivers\Rasl2tp.sys [117248] [Unsigned] =>.Microsoft Corporation
[MD5.64991B36F0BD38026F7589572C98E3D6] - 27/12/2021 - (.Microsoft Corporation - Microsoft RDP Device redirector.) – C:\WINDOWS\System32\drivers\rdpdr.sys [169984] [Unsigned] =>.Microsoft Corporation
[MD5.2A8B28579A4964AA7EA8CEB1AC121243] - 27/12/2021 - (.Microsoft Corporation - TDI Translation Driver.) – C:\WINDOWS\System32\drivers\tdx.sys [117584] [Unsigned] =>.Microsoft Corporation
[MD5.988A7A685BB51BAC62F4E176BE5432AC] - 21/11/2020 - (.Microsoft Corporation - Volume Shadow Copy driver.) – C:\WINDOWS\System32\drivers\volsnap.sys [429880] [Unsigned] =>.Microsoft Corporation

—\ No disabled Windows Services (83) - 3s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Inc. - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Inc.®
O23 - Service: (AMD Crash Defender Service) . (.Advanced Micro Devices, Inc. - AMD Crash Defender Service.) - C:\WINDOWS\System32\amdfendrsr.exe [Unsigned] =>.Advanced Micro Devices, Inc.
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\DriverStore\FileRepository\u0382793.inf_amd64_1c9c9d36a5813460\B384051\atiesrxx.exe =>.Advanced Micro Devices Inc.®
O23 - Service: Armoury Crate Control Interface (ArmouryCrateControlInterface) . (.ASUSTeK COMPUTER INC. - Armoury Crate Control Interface.) - C:\WINDOWS\System32\ASUSACCI\ArmouryCrateControlInterface.exe [Unsigned] =>.ASUSTek Computer Inc.
O23 - Service: ARMOURY CRATE Service (ArmouryCrateService) . (.ASUSTeK COMPUTER INC. - ARMOURY CRATE Service.) - C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe =>.ASUSTeK COMPUTER INC.®
O23 - Service: ASUS Update Service (asus) (asus) . (.ASUSTeK Computer Inc. - ASUS Update.) - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe =>.ASUSTeK Computer Inc.®
O23 - Service: ASUS App Service (AsusAppService) . (.ASUSTeK COMPUTER INC. - ASUS App Service.) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\AsusAppService\AsusAppService.exe =>.ASUSTeK COMPUTER INC.®
O23 - Service: AsusCertService (AsusCertService) . (.ASUSTek COMPUTER INC. - AsusCertService.exe.) - C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe =>.ASUSTeK Computer Inc.®
O23 - Service: ASUS Link Near (ASUSLinkNear) . (.ASUSTek Computer Inc. - ASUS Link - Near.) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkNear\AsusLinkNear.exe =>.ASUSTeK COMPUTER INC.®
O23 - Service: ASUS Link Remote (ASUSLinkRemote) . (.ASUSTeK COMPUTER INC. - ASUS Link Remote.) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkRemote\AsusLinkRemote.exe =>.ASUSTeK COMPUTER INC.®
O23 - Service: ASUS MultiAntenna Service (AsusMultiAntennaSvc) . (.ASUSTeK COMPUTER INC. - Asus MultiAntenna Service Executable.) - C:\Program Files\ASUS\ASUS MultiAntenna Service\AsusMultiAntennaSvc.exe =>.ASUSTeK COMPUTER INC.®
O23 - Service: ASUS Optimization (ASUSOptimization) . (.ASUSTeK COMPUTER INC. - ASUS Optimization.) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSOptimization\AsusOptimization.exe =>.ASUSTeK COMPUTER INC.®
O23 - Service: ASUS Software Manager (ASUSSoftwareManager) . (.ASUSTeK COMPUTER INC. - ASUS Software Manager.) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSoftwareManager\AsusSoftwareManager.exe =>.ASUSTeK COMPUTER INC.®
O23 - Service: ASUS Switch (ASUSSwitch) . (.ASUSTeK COMPUTER INC. - ASUS Switch.) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSwitch\AsusSwitch.exe =>.ASUSTeK COMPUTER INC.®
O23 - Service: ASUS System Analysis (ASUSSystemAnalysis) . (.ASUSTeK COMPUTER INC. - ASUS System Analysis.) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSystemAnalysis\AsusSystemAnalysis.exe =>.ASUSTeK COMPUTER INC.®
O23 - Service: ASUS System Diagnosis (ASUSSystemDiagnosis) . (.ASUSTek COMPUTER INC. - ASUS System Diagnosis.) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe =>.ASUSTeK COMPUTER INC.®
O23 - Service: C:\WINDOWS\System32\AudioEndpointBuilder.dll (AudioEndpointBuilder) . (.Microsoft Corporation - Windows Audio Endpoint Builder.) - C:\WINDOWS\System32\AudioEndpointBuilder.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\audiosrv.dll (Audiosrv) . (.Microsoft Corporation - Windows Audio Service.) - C:\WINDOWS\System32\Audiosrv.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\bfe.dll (BFE) . (.Microsoft Corporation - Base Filtering Engine.) - C:\WINDOWS\System32\bfe.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\system32\bisrv.dll (BrokerInfrastructure) . (.Microsoft Corporation - Process State Manager (PSM) Service.) - C:\WINDOWS\System32\psmsrv.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\cdpusersvc.dll (CDPUserSvc) . (.Microsoft Corporation - Microsoft (R) CDP User Components.) - C:\WINDOWS\System32\CDPUserSvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: CDPUserSvc_33b10 (CDPUserSvc_33b10) . (.Microsoft Corporation - Host Process for Windows Services.) - C:\Windows\System32\svchost.exe =>.Microsoft®
O23 - Service: Microsoft Office Click-to-Run Service (ClickToRunSvc) . (.Microsoft Corporation - Microsoft Office Click-to-Run (SxS).) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe =>.Microsoft®
O23 - Service: C:\Windows\System32\coremessaging.dll (CoreMessagingRegistrar) . (.Microsoft Corporation - Microsoft CoreMessaging Dll.) - C:\Windows\System32\coremessaging.dll =>.Microsoft®
O23 - Service: C:\WINDOWS\System32\cryptsvc.dll (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) - C:\WINDOWS\System32\cryptsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dhcpcore.dll (Dhcp) . (.Microsoft Corporation - DHCP Client Service.) - C:\Windows\System32\dhcpcore.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\dispbroker.desktop.dll (DispBrokerDesktopSvc) . (.Microsoft Corporation - Desktop Display Broker.) - C:\WINDOWS\System32\DispBroker.Desktop.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dnsapi.dll (Dnscache) . (.Microsoft Corporation - DNS Caching Resolver Service.) - C:\WINDOWS\System32\dnsrslvr.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: Dolby DAX API Service (DolbyDAXAPI) . (.Dolby Laboratories - DAX API.) - C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_a379f9cda17dd4b1\DAX3API.exe =>.Dolby Laboratories, Inc.®
O23 - Service: C:\WINDOWS\System32\dosvc.dll (DoSvc) . (.Microsoft Corporation - Host Process for Windows Services.) - C:\Windows\System32\svchost.exe =>.Microsoft®
O23 - Service: C:\WINDOWS\System32\dusmsvc.dll (DusmSvc) . (.Microsoft Corporation - Data Usage Service.) - C:\WINDOWS\System32\dusmsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: Microsoft Edge Update Service (edgeupdate) (edgeupdate) . (.Microsoft Corporation - Microsoft Edge Update.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe =>.Microsoft®
O23 - Service: C:\WINDOWS\System32\wevtsvc.dll (EventLog) . (.Microsoft Corporation - Event Logging Service.) - C:\WINDOWS\System32\wevtsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: @comres.dll,-2450 (EventSystem) . (.Microsoft Corporation - COM+.) - C:\Windows\System32\es.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\FntCache.dll (FontCache) . (.Microsoft Corporation - Windows Font Cache Service.) - C:\WINDOWS\System32\FntCache.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: GameInput Service (GameInput Service) . (.Microsoft Corporation - GameInput Host Service.) - C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe =>.Microsoft®
O23 - Service: GameSDK Service (GameSDK Service) . (.ASUS Inc. - GameSDK.) - C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe =>.ASUSTeK COMPUTER INC.®
O23 - Service: Gaming Services (GamingServices) . (.Microsoft Corporation - GamingServices.) - C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\GamingServices.exe =>.Microsoft®
O23 - Service: Gaming Services (GamingServicesNet) . (.Microsoft Corporation - GamingServices.) - C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe =>.Microsoft®
O23 - Service: @gpapi.dll,-112 (gpsvc) . (.Microsoft Corporation - Group Policy Client.) - C:\WINDOWS\System32\gpsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\ikeext.dll (IKEEXT) . (.Microsoft Corporation - IKE extension.) - C:\WINDOWS\System32\ikeext.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\iphlpsvc.dll (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) - C:\WINDOWS\System32\iphlpsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\srvsvc.dll (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) - C:\WINDOWS\System32\srvsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wkssvc.dll (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) - C:\WINDOWS\System32\wkssvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: LightingService (LightingService) . (.ASUSTek Computer Inc. - LightingService.) - C:\Program Files (x86)\LightingService\LightingService.exe {0BBE02C8838FBF02AB56EDABB1E34C19}. =>.ASUSTek Computer Inc.
O23 - Service: C:\WINDOWS\system32\lsm.dll (LSM) . (.Microsoft Corporation - Local Session Manager Service.) - C:\WINDOWS\System32\lsm.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\moshost.dll (MapsBroker) . (.Microsoft Corporation - Downloaded Maps Manager.) - C:\WINDOWS\System32\moshost.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: Malwarebytes Service (MBAMService) . (.Malwarebytes - Malwarebytes Service.) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe =>.Malwarebytes Inc.®
O23 - Service: C:\Windows\System32\FirewallAPI.dll (mpssvc) . (.Microsoft Corporation - Microsoft Protection Service.) - C:\WINDOWS\System32\mpssvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\nlasvc.dll (NlaSvc) . (.Microsoft Corporation - Network Location Awareness 2.) - C:\WINDOWS\System32\nlasvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\nsisvc.dll (nsi) . (.Microsoft Corporation - Network Store Interface RPC server.) - C:\WINDOWS\System32\nsisvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\Display.NvContainer\NVDisplay.Container.exe =>.Nvidia Corporation®
O23 - Service: C:\WINDOWS\System32\APHostRes.dll (OneSyncSvc) . (.Microsoft Corporation - Accounts Host Service.) - C:\WINDOWS\System32\APHostService.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: OneSyncSvc_33b10 (OneSyncSvc_33b10) . (.Microsoft Corporation - Host Process for Windows Services.) - C:\Windows\System32\svchost.exe =>.Microsoft®
O23 - Service: C:\WINDOWS\System32\umpo.dll (Power) . (.Microsoft Corporation - User-mode Power Service.) - C:\WINDOWS\System32\umpo.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\profsvc.dll (ProfSvc) . (.Microsoft Corporation - ProfSvc.) - C:\WINDOWS\System32\profsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\rasmans.dll (RasMan) . (.Microsoft Corporation - Remote Access Connection Manager.) - C:\WINDOWS\System32\rasmans.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: RefreshRateService (RefreshRateService) . (.ASUSTek Computer Inc. - MonitorRefreshRateService.) - C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe =>.ASUSTEK COMPUTER INCORPORATION®
O23 - Service: ROG Live Service (ROG Live Service) . (.ASUSTek COMPUTER INC. - ROG Live Service.) - C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe =>.ASUSTeK COMPUTER INC.®
O23 - Service: C:\WINDOWS\system32\RpcEpMap.dll (RpcEptMapper) . (.Microsoft Corporation - RPC Endpoint Mapper.) - C:\WINDOWS\System32\RpcEpMap.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: @combase.dll,-5010 (RpcSs) . (.Microsoft Corporation - Distributed COM Services.) - C:\WINDOWS\System32\rpcss.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) . (.Realtek Semiconductor - Realtek HD Audio Universal Service.) - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_719a4f3eb3c3c65a\RtkAudUService64.exe =>.Realtek Semiconductor Corp.®
O23 - Service: C:\WINDOWS\System32\schedsvc.dll (Schedule) . (.Microsoft Corporation - Task Scheduler Service.) - C:\WINDOWS\System32\schedsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\Sens.dll (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) - C:\WINDOWS\System32\sens.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\SgrmBroker.exe,-100 (SgrmBroker) . (.Microsoft Corporation - System Guard Runtime Monitor Broker Service.) - C:\WINDOWS\System32\SgrmBroker.exe [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\shsvcs.dll (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) - C:\Windows\System32\shsvcs.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: Speedify (Speedify) . (.Connectify - .) - C:\Program Files (x86)\Speedify\speedify.exe {0934A6D29414C6BEEFCBE7C2260D7FFB}. =>.Connectify
O23 - Service: C:\WINDOWS\System32\spoolsv.exe,-1 (Spooler) . (.Microsoft Corporation - Spooler SubSystem App.) - C:\WINDOWS\System32\spoolsv.exe [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\sppsvc.exe,-101 (sppsvc) . (.Microsoft Corporation - Microsoft Software Protection Platform Serv.) - C:\WINDOWS\System32\sppsvc.exe [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wiaservc.dll (StiSvc) . (.Microsoft Corporation - Still Image Devices Service.) - C:\WINDOWS\System32\wiaservc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\StorSvc.dll (StorSvc) . (.Microsoft Corporation - Storage Services.) - C:\WINDOWS\System32\storsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\system32\SystemEventsBrokerServer.dll (SystemEventsBroker) . (.Microsoft Corporation - System Events Broker.) - C:\WINDOWS\System32\SystemEventsBrokerServer.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\themeservice.dll (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) - C:\WINDOWS\System32\themeservice.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\usermgr.dll (UserManager) . (.Microsoft Corporation - UserMgr.) - C:\WINDOWS\System32\usermgr.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\usosvc.dll (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Service.) - C:\WINDOWS\System32\usosvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wcmsvc.dll (Wcmsvc) . (.Microsoft Corporation - Windows Connection Manager Service DLL.) - C:\WINDOWS\System32\wcmsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wbem\wmisvc.dll (Winmgmt) . (.Microsoft Corporation - WMI.) - C:\WINDOWS\System32\wbem\WMIsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wlansvc.dll (WlanSvc) . (.Microsoft Corporation - Windows WLAN AutoConfig Service DLL.) - C:\WINDOWS\System32\wlansvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wpnservice.dll (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) - C:\WINDOWS\System32\WpnService.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\WpnUserService.dll (WpnUserService) . (.Microsoft Corporation - Windows Push Notification User Service.) - C:\WINDOWS\System32\WpnUserService.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: WpnUserService_33b10 (WpnUserService_33b10) . (.Microsoft Corporation - Host Process for Windows Services.) - C:\Windows\System32\svchost.exe =>.Microsoft®
O23 - Service: C:\WINDOWS\System32\wscsvc.dll (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) - C:\WINDOWS\System32\wscsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\SearchIndexer.exe,-103 (WSearch) . (.Microsoft Corporation - Microsoft Windows Search Indexer.) - C:\Windows\System32\SearchIndexer.exe [Unsigned] =>.Microsoft Corporation

—\ Services not Microsoft (SR=Run, SS=Stop) (123) - 7s
SR - Boot [07/12/2019] [ 107320] (3ware) . (.LSI.) - C:\WINDOWS\System32\drivers\3ware.sys =>.Microsoft®
SR - Auto [26/09/2022] [ 173040] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Inc..) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Inc.®
SR - Boot [07/12/2019] [ 1135416] (ADP80XX) . (.PMC-Sierra.) - C:\WINDOWS\System32\drivers\ADP80XX.SYS =>.Microsoft®
SR - Auto [29/10/2021] [ 586680] (AMD Crash Defender Service) . (.Advanced Micro Devices, Inc..) - C:\WINDOWS\System32\amdfendrsr.exe =>.Microsoft®
SR - Auto [03/10/2022] [ 598864] (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\DriverStore\FileRepository\u0382793.inf_amd64_1c9c9d36a5813460\B384051\atiesrxx.exe =>.Advanced Micro Devices Inc.®
SR - Demand [25/01/2022] [ 5843432] Audio Coprocessr Driver for (amdacpbus) . (.Advanced Micro Devices.) - C:\Windows\System32\DriverStore\FileRepository\amdacpbus.inf_amd64_2a1424d35664c96c\amdacpbus.sys =>.Advanced Micro Devices Inc.®
SR - Demand [29/10/2021] [ 147872] AMD Crash Defender Driver (amdfendr) . (.Advanced Micro Devices, Inc..) - C:\WINDOWS\System32\drivers\amdfendr.sys =>.Microsoft®
SR - Demand [29/10/2021] [ 25016] AMD Crash Defender Manager (amdfendrmgr) . (.Advanced Micro Devices, Inc..) - C:\WINDOWS\System32\drivers\amdfendrmgr.sys =>.Microsoft®
SR - Demand [18/06/2021] [ 54984] AMD GPIO Client Driver (amdgpio2) . (.Advanced Micro Devices, Inc.) - C:\WINDOWS\System32\drivers\amdgpio2.sys =>.Advanced Micro Devices INC.®
SR - Demand [18/06/2021] [ 76456] AMD I2C Controller Service (amdi2c) . (.Advanced Micro Devices, Inc.) - C:\WINDOWS\System32\drivers\amdi2c.sys =>.Advanced Micro Devices INC.®
SR - Boot [12/07/2021] [ 236448] AMD Micro PEP Device (AmdMicroPEP) . (.Advanced Micro Devices, Inc..) - C:\WINDOWS\System32\drivers\AmdMicroPEP.sys =>.Microsoft®
SR - Demand [06/10/2020] [ 34096] AMD PCI (AMDPCIDev) . (.Advanced Micro Devices.) - C:\WINDOWS\System32\drivers\AMDPCIDev.sys =>.Advanced Micro Devices INC.®
SR - Demand [17/08/2020] [ 78552] AMDRyzenMasterDri (AMDRyzenMasterDriverV16) . (.Advanced Micro Devices.) - C:\WINDOWS\System32\drivers\AMDRyzenMasterDriver.sys =>.Advanced Micro Devices INC.®
SR - Boot [07/12/2019] [ 83256] (amdsata) . (.Advanced Micro Devices.) - C:\WINDOWS\System32\drivers\amdsata.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 259384] (amdsbs) . (.AMD Technologies Inc..) - C:\WINDOWS\System32\drivers\amdsbs.sys =>.Microsoft®
SR - Demand [03/10/2022] [80465832] (amdwddmg) . (.Advanced Micro Devices, Inc..) - C:\Windows\System32\DriverStore\FileRepository\u0382793.inf_amd64_1c9c9d36a5813460\B384051\amdkmdag.sys =>.Advanced Micro Devices Inc.®
SR - Boot [07/12/2019] [ 26936] (amdxata) . (.Advanced Micro Devices.) - C:\WINDOWS\System32\drivers\amdxata.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 131896] Adaptec SAS/SATA-II RAID S (arcsas) . (.PMC-Sierra, Inc..) - C:\WINDOWS\System32\drivers\arcsas.sys =>.Microsoft®
SR - Auto [18/08/2022] [ 1181296] Armoury Crate Control Inter (ArmouryCrateControlInterface) . (.ASUSTeK COMPUTER INC..) - C:\WINDOWS\System32\ASUSACCI\ArmouryCrateControlInterface.exe =>.ASUSTeK COMPUTER INC.®
SR - Auto [24/11/2022] [ 394864] ARMOURY CRATE Service (ArmouryCrateService) . (.ASUSTeK COMPUTER INC..) - C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe =>.ASUSTeK COMPUTER INC.®
SR - Auto [08/08/2021] [ 167384] ASUS Update Service (asus) (asus) . (.ASUSTeK Computer Inc..) - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe =>.ASUSTeK Computer Inc.®
SR - Auto [07/12/2022] [ 1162376] ASUS App Service (AsusAppService) . (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\AsusAppService\AsusAppService.exe =>.ASUSTeK COMPUTER INC.®
SR - Auto [30/09/2021] [ 181576] AsusCertService (AsusCertService) . (.ASUSTek COMPUTER INC..) - C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe =>.ASUSTeK Computer Inc.®
SR - System [30/09/2021] [ 43168] Asusgio3 (Asusgio3) . (.ASUSTeK Computer Inc..) - C:\WINDOWS\system32\drivers\AsIO3.sys =>.ASUSTeK Computer Inc.®
SR - Auto [07/12/2022] [ 1320072] ASUS Link Near (ASUSLinkNear) . (.ASUSTek Computer Inc..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkNear\AsusLinkNear.exe =>.ASUSTeK COMPUTER INC.®
SR - Auto [07/12/2022] [ 764504] ASUS Link Remote (ASUSLinkRemote) . (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkRemote\AsusLinkRemote.exe =>.ASUSTeK COMPUTER INC.®
SS - Demand [08/08/2021] [ 167384] ASUS Update Service (asusm) (asusm) . (.ASUSTeK Computer Inc..) - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe =>.ASUSTeK Computer Inc.®
SR - Auto [21/09/2022] [ 949872] ASUS MultiAntenna Service (AsusMultiAntennaSvc) . (.ASUSTeK COMPUTER INC..) - C:\Program Files\ASUS\ASUS MultiAntenna Service\AsusMultiAntennaSvc.exe =>.ASUSTeK COMPUTER INC.®
SR - Auto [07/12/2022] [ 394344] ASUS Optimization (ASUSOptimization) . (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSOptimization\AsusOptimization.exe =>.ASUSTeK COMPUTER INC.®
SR - Demand [27/09/2020] [ 112848] ASUS Touch Service (AsusPTPDrv) . (.ASUSTek COMPUTER INC..) - C:\WINDOWS\System32\drivers\AsusPTPFilter.sys =>.ASUSTek Computer Inc.®
SR - Demand [07/12/2022] [ 46736] AsusSAIO (AsusSAIO) . (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSystemAnalysis\AsusSAIO.sys =>.ASUSTeK COMPUTER INC.®
SR - Auto [07/12/2022] [ 1113176] ASUS Software Manager (ASUSSoftwareManager) . (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSoftwareManager\AsusSoftwareManager.exe =>.ASUSTeK COMPUTER INC.®
SR - Auto [07/12/2022] [ 635480] ASUS Switch (ASUSSwitch) . (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSwitch\AsusSwitch.exe =>.ASUSTeK COMPUTER INC.®
SR - Auto [07/12/2022] [ 3606624] ASUS System Analysis (ASUSSystemAnalysis) . (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSystemAnalysis\AsusSystemAnalysis.exe =>.ASUSTeK COMPUTER INC.®
SR - Auto [07/12/2022] [ 791176] ASUS System Diagnosis (ASUSSystemDiagnosis) . (.ASUSTek COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe =>.ASUSTeK COMPUTER INC.®
SR - Demand [30/07/2021] [ 246200] AMD Function Driver f (AtiHDAudioService) . (.Advanced Micro Devices.) - C:\WINDOWS\System32\drivers\AtihdWT6.sys =>.Microsoft®
SR - System [07/12/2022] [ 45248] ATKWMIACPI Driver (ATKWMIACPIIO) . (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSOptimization\AsusWmiAcpi.sys =>.ASUSTeK COMPUTER INC.®
SR - Boot [07/12/2019] [ 533816] QLogic Network Adapter VBD (b06bdrv) . (.QLogic Corporation.) - C:\WINDOWS\System32\drivers\bxvbda.sys =>.Microsoft®
SR - Demand [07/12/2019] [ 9728] bcmfn2 Service (bcmfn2) . (…) - C:\WINDOWS\System32\drivers\bcmfn2.sys [Unsigned] =>.Broadcom Corporation
SR - Boot [07/12/2019] [ 319800] (cht4iscsi) . (.Chelsio Communications.) - C:\WINDOWS\System32\drivers\cht4sx64.sys =>.Microsoft®
SR - Demand [07/12/2019] [ 1853752] Chelsio Virtual Bus Driver (cht4vbd) . (.Chelsio Communications.) - C:\WINDOWS\System32\drivers\cht4vx64.sys =>.Microsoft®
SR - Demand [30/09/2022] [ 167440] SAMSUNG Mobile USB Com (dg_ssudbus) . (.Samsung Electronics Co., Ltd..) - C:\WINDOWS\System32\DRIVERS\ssudbus2.sys =>.Samsung Electronics CO., LTD.®
SR - Auto [09/03/2022] [ 2431544] Dolby DAX API Service (DolbyDAXAPI) . (.Dolby Laboratories.) - C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_a379f9cda17dd4b1\DAX3API.exe =>.Dolby Laboratories, Inc.®
SR - Boot [07/12/2019] [ 3418936] QLogic 10 Gigabit Ethernet Ada (ebdrv) . (.QLogic Corporation.) - C:\WINDOWS\System32\drivers\evbda.sys =>.Microsoft®
SR - System [15/09/2022] [ 158640] Malwarebytes Anti-Exploit (ESProtectionDriver) . (.Malwarebytes.) - C:\WINDOWS\system32\drivers\mbae64.sys =>.Microsoft®
SS - Demand [25/01/2021] [ 410864] NVIDIA FrameView SDK service (FvSvc) . (.NVIDIA.) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe =>.NVIDIA Corporation®
SR - Auto [31/05/2022] [ 397544] GameSDK Service (GameSDK Service) . (.ASUS Inc..) - C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe =>.ASUSTeK COMPUTER INC.®
SR - Demand [18/07/2021] [ 33424] ASUS Wireless Radio Control (HIDSwitch) . (.ASUSTeK COMPUTER INC..) - C:\WINDOWS\System32\drivers\AsRadioControl.sys =>.ASUSTeK COMPUTER INC.®
SR - Boot [07/12/2019] [ 64312] (HpSAMD) . (.Hewlett-Packard Company.) - C:\WINDOWS\System32\drivers\HpSAMD.sys =>.Microsoft®
SR - Demand [07/12/2019] [ 36352] Intel Serial IO GPIO Controlle (iagpio) . (.Intel(R) Corporation.) - C:\WINDOWS\System32\drivers\iagpio.sys [Unsigned] =>.Intel(R) Corporation
SR - Demand [07/12/2019] [ 91136] Intel(R) Serial IO I2C Host Cont (iai2c) . (.Intel(R) Corporation.) - C:\WINDOWS\System32\drivers\iai2c.sys [Unsigned] =>.Intel(R) Corporation
SR - Demand [07/12/2019] [ 79360] Intel(R) S (iaLPSS2i_GPIO2) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/12/2019] [ 93184] In (iaLPSS2i_GPIO2_BXT_P) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/12/2019] [ 112128] Intel( (iaLPSS2i_GPIO2_CNL) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/12/2019] [ 96256] Intel( (iaLPSS2i_GPIO2_GLK) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/12/2019] [ 171520] Intel(R) Seria (iaLPSS2i_I2C) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/12/2019] [ 175104] Intel( (iaLPSS2i_I2C_BXT_P) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/12/2019] [ 177152] Intel(R) S (iaLPSS2i_I2C_CNL) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/12/2019] [ 177664] Intel(R) S (iaLPSS2i_I2C_GLK) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/12/2019] [ 38128] Intel(R) Serial IO (iaLPSSi_GPIO) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys =>.Intel Corporation - Client Components Group®
SR - Demand [07/12/2019] [ 113152] Intel(R) Serial IO I (iaLPSSi_I2C) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [Unsigned] =>.Intel Corporation
SR - Boot [07/12/2019] [ 884752] Intel Chipset SATA RAI (iaStorAVC) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaStorAVC.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 412176] Intel RAID Controller Wi (iaStorV) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaStorV.sys =>.Microsoft®
SR - Demand [07/12/2019] [ 558904] Mellanox InfiniBand Bus/A (ibbus) . (.Mellanox.) - C:\WINDOWS\System32\drivers\ibbus.sys =>.Microsoft®
SR - Demand [05/07/2021] [ 42344] Intelligo Virtual Audio Cable (IGO_VSD) . (.Intelligo Technology Inc..) - C:\WINDOWS\System32\drivers\igovsd.sys {3E5CA31B817BD1E41CB45024}.
SR - Demand [11/08/2022] [ 6322920] Service for Realtek HD Audio (WDM) (IntcAzAudAddService) . (.Realtek Semiconductor Corp..) - C:\WINDOWS\System32\drivers\RTKVHD64.sys =>.Realtek Semiconductor Corp.®
SR - Demand [24/11/2022] [ 35344] IOMap (IOMap) . (.ASUSTeK Computer Inc..) - C:\WINDOWS\system32\drivers\IOMap64.sys =>.ASUSTEK COMPUTER INC.®
SR - Boot [07/12/2019] [ 172344] (ItSas35i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\ItSas35i.sys =>.Microsoft®
SR - Auto [26/09/2022] [ 3887976] LightingService (LightingService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\LightingService\LightingService.exe {0BBE02C8838FBF02AB56EDABB1E34C19}. =>.ASUSTek Computer Inc.
SR - Boot [07/12/2019] [ 108856] (LSI_SAS) . (.LSI Corporation.) - C:\WINDOWS\System32\drivers\lsi_sas.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 124216] (LSI_SAS2i) . (.LSI Corporation.) - C:\WINDOWS\System32\drivers\lsi_sas2i.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 135992] (LSI_SAS3i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\lsi_sas3i.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 82744] (LSI_SSS) . (.LSI Corporation.) - C:\WINDOWS\System32\drivers\lsi_sss.sys =>.Microsoft®
SR - Auto [01/02/2023] [ 223176] MBAMChameleon (MBAMChameleon) . (.Malwarebytes.) - C:\WINDOWS\System32\Drivers\MbamChameleon.sys =>.Microsoft®
SR - Boot [15/09/2022] [ 21480] MbamElam (MbamElam) . (.Malwarebytes.) - C:\WINDOWS\System32\DRIVERS\MbamElam.sys =>.Microsoft®
SR - Demand [01/02/2023] [ 198088] MBAMFarflt (MBAMFarflt) . (.Malwarebytes.) - C:\WINDOWS\System32\DRIVERS\farflt.sys =>.Microsoft®
SR - Demand [01/02/2023] [ 76216] MBAMProtection (MBAMProtection) . (.Malwarebytes.) - C:\WINDOWS\system32\DRIVERS\mbam.sys =>.Microsoft®
SR - Auto [01/02/2023] [ 8966256] Malwarebytes Service (MBAMService) . (.Malwarebytes.) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe =>.Malwarebytes Inc.®
SR - Demand [11/12/2022] [ 239544] MBAMSwissArmy (MBAMSwissArmy) . (.Malwarebytes.) - C:\WINDOWS\System32\Drivers\mbamswissarmy.sys =>.Microsoft®
SR - Demand [01/02/2023] [ 181816] MBAMWebProtection (MBAMWebProtection) . (.Malwarebytes.) - C:\WINDOWS\System32\DRIVERS\mwac.sys =>.Malwarebytes Inc.®
SR - Boot [07/12/2019] [ 59704] (megasas) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\megasas.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 81720] (megasas2i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\MegaSas2i.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 105480] (megasas35i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\megasas35i.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 575800] (megasr) . (.LSI Corporation, Inc..) - C:\WINDOWS\System32\drivers\megasr.sys =>.Microsoft®
SR - Demand [07/12/2019] [ 1131320] Mellanox ConnectX Bus E (mlx4_bus) . (.Mellanox.) - C:\WINDOWS\System32\drivers\mlx4_bus.sys =>.Microsoft®
SS - Demand [01/02/2023] [ 247200] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SR - Demand [17/08/2022] [ 280040] MTK BT Filter Driver (MTKBTFilterX64) . (.MediaTek Inc..) - C:\WINDOWS\System32\DRIVERS\mtkbtfilterx.sys =>.Microsoft®
SR - Demand [27/04/2022] [ 1403248] Mediatek PCI LE Extens (mtkwlex) . (.MediaTek Inc..) - C:\WINDOWS\System32\drivers\mtkwl6ex.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 63800] (mvumis) . (.Marvell Semiconductor, Inc..) - C:\WINDOWS\System32\drivers\mvumis.sys =>.Microsoft®
SR - Demand [07/12/2019] [ 146232] NetworkDirect Service (ndfltr) . (.Mellanox.) - C:\WINDOWS\System32\drivers\ndfltr.sys =>.Microsoft®
SS - Demand [11/01/2021] [ 874472] NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
SR - Auto [24/06/2022] [ 1015344] NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\Display.NvContainer\NVDisplay.Container.exe =>.Nvidia Corporation®
SR - Demand [01/06/2022] [ 144504] Service for NVIDIA High Definiti (NVHDA) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvhda64v.sys =>.Nvidia Corporation®
SR - Demand [24/06/2022] [43718136] (nvlddmkm) . (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\nvlddmkm.sys =>.Nvidia Corporation®
SR - Demand [03/06/2021] [ 43408] NvModuleTracker (NvModuleTracker) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\NvModuleTracker.sys =>.NVIDIA Corporation®
SR - Demand [24/06/2022] [ 234568] NVPCF Service (nvpcf) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvpcf.sys =>.Nvidia Corporation®
SR - Boot [07/12/2019] [ 150328] (nvraid) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvraid.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 166200] (nvstor) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvstor.sys =>.Microsoft®
SR - Demand [15/06/2021] [ 53768] NVIDIA SHIELD Wireless Con (NVSWCFilter) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvswcfilter.sys =>.NVIDIA Corporation®
SR - Demand [01/11/2021] [ 48552] NVIDIA Virtual Aud (nvvad_WaveExtensible) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvvad64v.sys =>.Microsoft®
SR - Demand [02/06/2021] [ 67464] NVVHCI Enumerator Service (nvvhci) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvvhci.sys =>.NVIDIA Corporation®
SR - Boot [07/12/2019] [ 58680] (percsas2i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\percsas2i.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 68408] (percsas3i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\percsas3i.sys =>.Microsoft®
SR - Boot [30/03/2021] [ 92360] AMD-RAID Bottom Service (rcbottom) . (.Advanced Micro Devices, Inc..) - C:\WINDOWS\System32\drivers\rcbottom.sys {3A95E200607A8AE01F5391A1377C82F1}. =>.Advanced Micro Devices, Inc.
SR - Demand [30/03/2021] [ 30920] AMD-RAID Config Device (rccfg) . (.Advanced Micro Devices, Inc..) - C:\WINDOWS\System32\drivers\rccfg.sys {3A95E200607A8AE01F5391A1377C82F1}. =>.Advanced Micro Devices, Inc.
SR - Boot [30/03/2021] [ 552136] (rcraid) . (.Advanced Micro Devices, Inc..) - C:\WINDOWS\System32\drivers\rcraid.sys {3A95E200607A8AE01F5391A1377C82F1}. =>.Advanced Micro Devices, Inc.
SR - Auto [10/09/2021] [ 40672] RefreshRateService (RefreshRateService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe =>.ASUSTEK COMPUTER INCORPORATION®
SR - Auto [21/09/2022] [ 6739056] ROG Live Service (ROG Live Service) . (.ASUSTek COMPUTER INC..) - C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe =>.ASUSTeK COMPUTER INC.®
SR - Demand [21/04/2021] [ 1149952] Realtek RT640 NT Driver (rt640x64) . (.Realtek.) - C:\WINDOWS\System32\drivers\rt640x64.sys =>.Realtek Semiconductor Corp.®
SR - Auto [11/08/2022] [ 1588040] Realtek Audio Universal Service (RtkAudioUniversalService) . (.Realtek Semiconductor.) - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_719a4f3eb3c3c65a\RtkAudUService64.exe =>.Realtek Semiconductor Corp.®
SR - Boot [07/12/2019] [ 44856] (SiSRaid2) . (.Silicon Integrated Systems Corp..) - C:\WINDOWS\System32\drivers\SiSRaid2.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 81720] (SiSRaid4) . (.Silicon Integrated Systems.) - C:\WINDOWS\System32\drivers\sisraid4.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 209720] (SmartSAMD) . (.Microsemi Corportation.) - C:\WINDOWS\System32\drivers\SmartSAMD.sys =>.Microsoft®
SR - Auto [16/12/2022] [ 5365344] Speedify (Speedify) . (.Connectify.) - C:\Program Files (x86)\Speedify\speedify.exe {0934A6D29414C6BEEFCBE7C2260D7FFB}. =>.Connectify
SR - Demand [30/09/2022] [ 174112] SAMSUNG Mobile USB Modem Dr (ssudmdm) . (.Samsung Electronics Co., Ltd..) - C:\WINDOWS\System32\DRIVERS\ssudmdm.sys =>.Samsung Electronics CO., LTD.®
SR - Demand [08/10/2021] [ 65144] SAMSUNG Mobile USB QCRMNE (ssudqcfilter) . (.QUALCOMM Incorporated.) - C:\WINDOWS\System32\drivers\ssudqcfilter.sys =>.Samsung Electronics Co., Ltd.®
SR - Boot [07/12/2019] [ 31032] (stexstor) . (.Promise Technology, Inc..) - C:\WINDOWS\System32\drivers\stexstor.sys =>.Microsoft®
SR - Demand [09/07/2020] [ 47448] Speedify Virtual Adapter (tap0901cn) . (.The OpenVPN Project.) - C:\WINDOWS\System32\drivers\tap0901cn.sys =>.Connectify (Connectify, Inc.)®
SR - Demand [01/06/2022] [ 724352] NVIDIA USB Type-C PPC S (UcmCxUcsiNvppc) . (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvppc.inf_amd64_9e64b3394e9674c4\UcmCxUcsiNvppc.sys =>.NVIDIA Corporation®
SR - Boot [07/12/2019] [ 166712] (vsmraid) . (.VIA Technologies Inc.,Ltd.) - C:\WINDOWS\System32\drivers\vsmraid.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 305464] VIA StorX Storage RAID Co (VSTXRAID) . (.VIA Corporation.) - C:\WINDOWS\System32\drivers\vstxraid.sys =>.Microsoft®
SR - Demand [07/12/2019] [ 36152] WinMad Service (WinMad) . (.Mellanox.) - C:\WINDOWS\System32\drivers\winmad.sys =>.Microsoft®
SR - Demand [07/12/2019] [ 73016] WinVerbs Service (WinVerbs) . (.Mellanox.) - C:\WINDOWS\System32\drivers\winverbs.sys =>.Microsoft®

—\ Task Planned Automatically (Register) (10) - 5s
O38 - TASK: {2ABEEE59-E55F-4B47-A1A3-15BA0035616D} [64Bits][\Mozilla\Firefox Background Update 308046B0AF4A39CB] - (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe [661408] =>.Mozilla Corporation
O38 - TASK: {7B5D860C-085F-4F4B-9D99-D7C612E11F31} [64Bits][\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB] - (.Mozilla Foundation - Firefox Default Browser Agent.) – C:\Program Files\Mozilla Firefox\default-browser-agent.exe [710560] =>.Mozilla Foundation
O38 - TASK: {7CF2CD93-BEDB-4432-AF97-A7BF23629636} [64Bits][\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474] - (.ASUSTeK COMPUTER INC. - ASUS System Analysis.) – C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3606624] =>.ASUSTek Computer Inc.
O38 - TASK: {A90DA6B6-602E-4BA6-B9A2-70198EF1701B} [64Bits][\ASUS Update Checker 2.0] - (.ASUSTeK COMPUTER INC. - ASUS Update Checker.) – C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSoftwareManager\AsusUpdateChecker.exe [788104] =>.ASUSTek Computer Inc.
O38 - TASK: {EB595763-BF8E-4FA0-BD51-254DF4BC1504} [64Bits][\RtkAudUService64_BG] - (.Realtek Semiconductor - Realtek HD Audio Universal Service.) – C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_719a4f3eb3c3c65a\RtkAudUService64.exe [1588040] =>.Realtek Semiconductor
C:\WINDOWS\System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB - (.Mozilla Corporation.) – C:\Program Files\Mozilla Firefox\firefox.exe [–MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla] =>.Mozilla Corporation
C:\WINDOWS\System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - (.Mozilla Foundation.) – C:\Program Files\Mozilla Firefox\default-browser-agent.exe [do-task "308046B0AF4A39CB.do-task] =>.Mozilla Foundation
C:\WINDOWS\System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 - (.ASUSTeK COMPUTER INC..) – C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSystemAnalysis\AsusSystemAnalysis.exe [-j0] =>.ASUSTek Computer Inc.
C:\WINDOWS\System32\Tasks\ASUS Update Checker 2.0 - (.ASUSTeK COMPUTER INC..) – C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSoftwareManager\AsusUpdateChecker.exe =>.ASUSTek Computer Inc.
C:\WINDOWS\System32\Tasks\RtkAudUService64_BG - (.Realtek Semiconductor.) – C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_719a4f3eb3c3c65a\RtkAudUService64.exe [-background] =>.Realtek Semiconductor

—\ Auto loading programs from Registry and folders (19) - 1s
O4 - HKLM..\Run: [SecurityHealth] . (.Microsoft Corporation - Windows Security notification icon.) – C:\WINDOWS\system32\SecurityHealthSystray.exe [Unsigned] =>.Microsoft Corporation
O4 - HKLM..\Run: [Speedify] . (.Connectify - .) – C:\Program Files (x86)\Speedify\SpeedifyLauncher.exe {0934A6D29414C6BEEFCBE7C2260D7FFB}. =>.Connectify
O4 - HKCU..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) – C:\Users\acco5\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft®
O4 - HKCU..\Run: [Rainlendar2] . (.Kimmo ‘Rainy’ Pekkola - Rainlendar2.) – C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [Unsigned] =>.Kimmo ‘Rainy’ Pekkola
O4 - HKCU..\Run: [LilySpeechUtilA] . (. - LilySpeech.) – C:\Users\acco5\AppData\Local\LilySpeechApp\LilySpeechUtilA\assets\engine\LilySpeech64-2a.exe {0C29F10216F4CD91F5971051BAAB8BC1}.
O4 - HKCU..\Run: [LilySpeechUtilB] . (. - LilySpeech.) – C:\Users\acco5\AppData\Local\LilySpeechApp\LilySpeechUtilB\assets\engine\LilySpeech64-2b.exe {0C29F10216F4CD91F5971051BAAB8BC1}.
O4 - HKCU..\Run: [LilySpeechRec] . (. - LilySpeech.) – C:\Users\acco5\AppData\Local\LilySpeechRec\LilySpeechRec.exe {0C29F10216F4CD91F5971051BAAB8BC1}.
O4 - HKCU..\Run: [LilySpeechComms] . (. - .) – C:\Users\acco5\AppData\Local\LilySpeechApp\LilySpeechComms\ "C:\Users\acco5\AppData\Local\LilySpeechApp\LilySpeechComms\LilyCommsCli.exe (.Not File.) =>.SUP.Orphan
O4 - HKUS\S-1-5-19..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive (32 bit) Setup.) – C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-20..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive (32 bit) Setup.) – C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKLM..\Wow6432Node\Run: [ASUS Smart Display Control] . (.ASUSTeK Computer Inc. - ASUS Smart Display Control.) – C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe =>.ASUSTEK COMPUTER INCORPORATION®
O4 - HKUS\S-1-5-19..\StartupApproved\Run: [OneDriveSetup] . (. - .) – 0x020000000000000000000000
O4 - HKUS\S-1-5-20..\StartupApproved\Run: [OneDriveSetup] . (. - .) – 0x020000000000000000000000
O4 - HKUS\S-1-5-21-895565649-3931333595-811618271-1001..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) – C:\Users\acco5\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft®
O4 - HKUS\S-1-5-21-895565649-3931333595-811618271-1001..\Run: [Rainlendar2] . (.Kimmo ‘Rainy’ Pekkola - Rainlendar2.) – C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [Unsigned] =>.Kimmo ‘Rainy’ Pekkola
O4 - HKUS\S-1-5-21-895565649-3931333595-811618271-1001..\Run: [LilySpeechUtilA] . (. - LilySpeech.) – C:\Users\acco5\AppData\Local\LilySpeechApp\LilySpeechUtilA\assets\engine\LilySpeech64-2a.exe {0C29F10216F4CD91F5971051BAAB8BC1}.
O4 - HKUS\S-1-5-21-895565649-3931333595-811618271-1001..\Run: [LilySpeechUtilB] . (. - LilySpeech.) – C:\Users\acco5\AppData\Local\LilySpeechApp\LilySpeechUtilB\assets\engine\LilySpeech64-2b.exe {0C29F10216F4CD91F5971051BAAB8BC1}.
O4 - HKUS\S-1-5-21-895565649-3931333595-811618271-1001..\Run: [LilySpeechRec] . (. - LilySpeech.) – C:\Users\acco5\AppData\Local\LilySpeechRec\LilySpeechRec.exe {0C29F10216F4CD91F5971051BAAB8BC1}.
O4 - HKUS\S-1-5-21-895565649-3931333595-811618271-1001..\Run: [LilySpeechComms] . (. - .) – C:\Users\acco5\AppData\Local\LilySpeechApp\LilySpeechComms\ "C:\Users\acco5\AppData\Local\LilySpeechApp\LilySpeechComms\LilyCommsCli.exe (.Not File.) =>.SUP.Orphan

—\ Process running (59) - 3s
[MD5.6999C74554D6947A249AD8859D037301] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\Display.NvContainer\NVDisplay.Container.exe [1015344] [PID.2720] =>.Nvidia Corporation®
[MD5.36EF515F2B9C9B974FF72B9713A1FF41] - (.Advanced Micro Devices, Inc. - AMD Crash Defender Service.) – C:\Windows\System32\amdfendrsr.exe [586680] [PID.2872] [Unsigned] =>.Advanced Micro Devices, Inc.
[MD5.DFE9B288CA2839DBF232CFA93C8387FD] - (.AMD - AMD External Events Service Module.) – C:\Windows\System32\DriverStore\FileRepository\u0382793.inf_amd64_1c9c9d36a5813460\B384051\atiesrxx.exe [598864] [PID.2884] =>.Advanced Micro Devices Inc.®
[MD5.459D58D89817626FAAA32B74EBC8CE3B] - (.ASUSTek COMPUTER INC. - AsusCertService.exe.) – C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [181576] [PID.2892] =>.ASUSTeK Computer Inc.®
[MD5.6999C74554D6947A249AD8859D037301] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\Display.NvContainer\NVDisplay.Container.exe [1015344] [PID.3076] =>.Nvidia Corporation®
[MD5.B460DE36BBC4EC8B1CF050638EF98829] - (.AMD - AMD External Events Client Module.) – C:\Windows\System32\DriverStore\FileRepository\u0382793.inf_amd64_1c9c9d36a5813460\B384051\atieclxx.exe [847704] [PID.3116] =>.Advanced Micro Devices Inc.®
[MD5.1FEF0544B731A0D688B7BF8D4010B1F1] - (.ASUSTeK COMPUTER INC. - ASUS Optimization.) – C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSOptimization\AsusOptimization.exe [394344] [PID.3264] =>.ASUSTeK COMPUTER INC.®
[MD5.F627BE21D639D965521182E3FF1EAC28] - (.ASUSTeK COMPUTER INC. - ASUS Optimization Startup Task.) – C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSOptimization\AsusOptimizationStartupTask.exe [334440] [PID.4540] =>.ASUSTeK COMPUTER INC.®
[MD5.2CFFD569B3578484D3B1E20FC161D16C] - (.ASUSTeK COMPUTER INC. - ASUS Link Remote.) – C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkRemote\AsusLinkRemote.exe [764504] [PID.4988] =>.ASUSTeK COMPUTER INC.®
[MD5.88DE7A8D36D45E779E24EDD3E2C4AB31] - (.ASUSTeK COMPUTER INC. - ASUS Switch.) – C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSwitch\AsusSwitch.exe [635480] [PID.4996] =>.ASUSTeK COMPUTER INC.®
[MD5.0826DB7CFCE67CEDF8ED6DF780C158F5] - (.ASUSTeK COMPUTER INC. - ASUS App Service.) – C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\AsusAppService\AsusAppService.exe [1162376] [PID.5004] =>.ASUSTeK COMPUTER INC.®
[MD5.0B6178B0FEBD39F9ABF211B13DCBA2D4] - (.Adobe Inc. - Adobe Acrobat Update Service.) – C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040] [PID.5012] =>.Adobe Inc.®
[MD5.5876133CC6244C8FABACC583C6526ABB] - (.ASUSTek COMPUTER INC. - ASUS System Diagnosis.) – C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [791176] [PID.5028] =>.ASUSTeK COMPUTER INC.®
[MD5.33B76846D412C77796621D377DF79921] - (.ASUSTeK COMPUTER INC. - ARMOURY CRATE Service.) – C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [394864] [PID.5036] =>.ASUSTeK COMPUTER INC.®
[MD5.25ABC2D4BD997F2CEFA706FB36F8D970] - (.ASUSTeK COMPUTER INC. - Armoury Crate Control Interface.) – C:\WINDOWS\System32\ASUSACCI\ArmouryCrateControlInterface.exe [1181296] [PID.5052] [Unsigned] =>.ASUSTek Computer Inc.
[MD5.AE403D726C7DD7B309C4373CE98ADFA6] - (.ASUSTek Computer Inc. - ASUS Link - Near.) – C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkNear\AsusLinkNear.exe [1320072] [PID.5060] =>.ASUSTeK COMPUTER INC.®
[MD5.85136EDFB2A61458C3F678677BC43219] - (.ASUSTeK COMPUTER INC. - ASUS Software Manager.) – C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSoftwareManager\AsusSoftwareManager.exe [1113176] [PID.5100] =>.ASUSTeK COMPUTER INC.®
[MD5.6680706DFD1B1BC408352DE1EBD2176D] - (.ASUSTeK COMPUTER INC. - Asus MultiAntenna Service Executable.) – C:\Program Files\ASUS\ASUS MultiAntenna Service\AsusMultiAntennaSvc.exe [949872] [PID.5108] =>.ASUSTeK COMPUTER INC.®
[MD5.572230C7CFFCE2B6A0EE5BF6CE54F983] - (.Dolby Laboratories - DAX API.) – C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_a379f9cda17dd4b1\DAX3API.exe [2431544] [PID.5116] =>.Dolby Laboratories, Inc.®
[MD5.CDC37AC3E5A3F2E5F97EDA6D9A2B6F64] - (.ASUSTeK COMPUTER INC. - ASUS System Analysis.) – C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3606624] [PID.4300] =>.ASUSTeK COMPUTER INC.®
[MD5.AA51980C871FADC3FCFB74C0D117639C] - (.ASUS Inc. - GameSDK.) – C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544] [PID.4408] =>.ASUSTeK COMPUTER INC.®
[MD5.B2A676117FBED1BCB9125A81BA779109] - (.ASUSTek Computer Inc. - MonitorRefreshRateService.) – C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe [40672] [PID.4832] =>.ASUSTEK COMPUTER INCORPORATION®
[MD5.9DE4B2ACED352568A35A9717C75D57D3] - (.ASUSTek Computer Inc. - LightingService.) – C:\Program Files (x86)\LightingService\LightingService.exe [3887976] [PID.5140] {0BBE02C8838FBF02AB56EDABB1E34C19}. =>.ASUSTek Computer Inc.
[MD5.9AAF32719F2AF1936623ACBC4D536365] - (.Realtek Semiconductor - Realtek HD Audio Universal Service.) – C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_719a4f3eb3c3c65a\RtkAudUService64.exe [1588040] [PID.5172] =>.Realtek Semiconductor Corp.®
[MD5.1EEF279EEA63E1F5B3E4182CCCA512DF] - (.ASUSTek COMPUTER INC. - ROG Live Service.) – C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [6739056] [PID.5188] =>.ASUSTeK COMPUTER INC.®
[MD5.1F9876199D486870B056F2932638331F] - (.Connectify - .) – C:\Program Files (x86)\Speedify\speedify.exe [5365344] [PID.5392] {0934A6D29414C6BEEFCBE7C2260D7FFB}. =>.Connectify
[MD5.A21D3266FBA3327E2B06359CA30DFAEF] - (.ASUSTeK COMPUTER INC. - ARMOURY CRATE User Session Helper.) – C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe [225904] [PID.8128] =>.ASUSTeK COMPUTER INC.®
[MD5.572230C7CFFCE2B6A0EE5BF6CE54F983] - (.Dolby Laboratories - DAX API.) – C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_a379f9cda17dd4b1\DAX3API.exe [2431544] [PID.7484] =>.Dolby Laboratories, Inc.®
[MD5.5CDDF06A40E89358807A2B9506F064D9] - (…) – C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe [793416] [PID.9700] =>.Microsoft®
[MD5.8D779CABCA5C1E034FB2B8645328AE1D] - (.ASUSTeK COMPUTER INC. - ARMOURY CRATE DenoiseAI.) – C:\Program Files\ASUS\ARMOURY CRATE Service\DenoiseAIPlugin\ArmouryCrate.DenoiseAI.exe [157808] [PID.13120] =>.ASUSTeK COMPUTER INC.®
[MD5.9AAF32719F2AF1936623ACBC4D536365] - (.Realtek Semiconductor - Realtek HD Audio Universal Service.) – C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_719a4f3eb3c3c65a\RtkAudUService64.exe [1588040] [PID.13108] =>.Realtek Semiconductor Corp.®
[MD5.EADC846FEEBC8D7A03FCABA219CB712D] - (.Malwarebytes - Malwarebytes Tray Application.) – C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [8319696] [PID.13556] =>.Malwarebytes Inc.®
[MD5.F957E33E40BB3C5F559D1C2FBF2E3BEA] - (.ASUSTeK COMPUTER INC. - ASUS On-Screen Display.) – C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSOptimization\AsusOSD.exe [118440] [PID.13972] =>.ASUSTeK COMPUTER INC.®
[MD5.4EC4F5D73390B99962CDBF2D88AA5769] - (…) – C:\Program Files\WindowsApps\Microsoft.BingWeather_4.53.43112.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe [20480] [PID.13724] [Unsigned] =>.Microsoft Corporation
[MD5.B67322F9FF401846E56F3D719069270E] - (.Kimmo ‘Rainy’ Pekkola - Rainlendar2.) – C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2433024] [PID.14676] [Unsigned] =>.Kimmo ‘Rainy’ Pekkola
[MD5.151206581F852A8AF9303A449B2ACF45] - (.ASUSTeK Computer Inc. - ASUS Smart Display Control.) – C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [143960] [PID.15052] =>.ASUSTEK COMPUTER INCORPORATION®
[MD5.9AAF32719F2AF1936623ACBC4D536365] - (.Realtek Semiconductor - Realtek HD Audio Universal Service.) – C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_719a4f3eb3c3c65a\RtkAudUService64.exe [1588040] [PID.14716] =>.Realtek Semiconductor Corp.®
[MD5.9FAC084E46D15CA7EBF78F3E26AD02FE] - (.ASUSTeK Computer Inc. - ASUS Update.) – C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384] [PID.5956] =>.ASUSTeK Computer Inc.®
[MD5.825482A7A217594F60FB3696B3DEA240] - (.ASUSTeK COMPUTER INC. - ASUS Software Manager Agent.) – C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe [153224] [PID.16000] =>.ASUSTeK COMPUTER INC.®
[MD5.3D8BEAEEA865FAD76D755B0F6D67AACA] - (…) – C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2022.30120.12007.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe [756736] [PID.6048] [Unsigned] =>.Microsoft Corporation
[MD5.64F4D432F6111875100F5EE229746A69] - (.ASUSTeK COMPUTER INC. - Armoury Crate Control Interface Monitor.) – C:\Windows\System32\ASUSACCI\ACCIMonitor.exe [193736] [PID.19428] [Unsigned] =>.ASUSTek Computer Inc.
[MD5.7DEA82F6D5AB7213706556934BCEA017] - (.Nicolas Coolman - ZHPCleaner.) – C:\Users\acco5\Desktop\ZHPCleaner.exe [3306184] [PID.16312] [Unsigned] =>.Nicolas Coolman
[MD5.0A685AB75DB134C0A93B86AB25A1039B] - (.Realtek Semiconductor - Realtek Audio Console.) – C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.37.275.0_x64__dt26b99r8h8gj\RtkUWP.exe [548712] [PID.19152] =>.Realtek Semiconductor Corp.®
[MD5.411ED5C921216F7C6EB66B7581521B03] - (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe [661408] [PID.15132] =>.Mozilla Corporation®
[MD5.411ED5C921216F7C6EB66B7581521B03] - (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe [661408] [PID.16144] =>.Mozilla Corporation®
[MD5.411ED5C921216F7C6EB66B7581521B03] - (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe [661408] [PID.10280] =>.Mozilla Corporation®
[MD5.411ED5C921216F7C6EB66B7581521B03] - (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe [661408] [PID.20420] =>.Mozilla Corporation®
[MD5.411ED5C921216F7C6EB66B7581521B03] - (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe [661408] [PID.17916] =>.Mozilla Corporation®
[MD5.411ED5C921216F7C6EB66B7581521B03] - (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe [661408] [PID.17868] =>.Mozilla Corporation®
[MD5.411ED5C921216F7C6EB66B7581521B03] - (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe [661408] [PID.9036] =>.Mozilla Corporation®
[MD5.411ED5C921216F7C6EB66B7581521B03] - (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe [661408] [PID.19388] =>.Mozilla Corporation®
[MD5.411ED5C921216F7C6EB66B7581521B03] - (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe [661408] [PID.18828] =>.Mozilla Corporation®
[MD5.411ED5C921216F7C6EB66B7581521B03] - (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe [661408] [PID.15880] =>.Mozilla Corporation®
[MD5.411ED5C921216F7C6EB66B7581521B03] - (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe [661408] [PID.3344] =>.Mozilla Corporation®
[MD5.411ED5C921216F7C6EB66B7581521B03] - (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe [661408] [PID.18984] =>.Mozilla Corporation®
[MD5.411ED5C921216F7C6EB66B7581521B03] - (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe [661408] [PID.19016] =>.Mozilla Corporation®
[MD5.411ED5C921216F7C6EB66B7581521B03] - (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe [661408] [PID.16420] =>.Mozilla Corporation®
[MD5.411ED5C921216F7C6EB66B7581521B03] - (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe [661408] [PID.1536] =>.Mozilla Corporation®
[MD5.5A7D1FB047839F501B61FB20AB44350C] - (.Nicolas Coolman - ZHPSuite.) – C:\Users\acco5\Desktop\ZHPSuite.exe [3512520] [PID.11796] [Unsigned] =>.Nicolas Coolman

—\ Mozilla Firefox,Plugins,Start,Search,Extensions (25) - 1s
P2 - EXT FILE: (.uBlock Origin.) – C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\extensions\uBlock0@raymondhill.net.xpi [Unsigned] =>.uBlock Origin
P2 - EXT FILE: (…) – C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\extensions{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [Unsigned]
P2 - EXT FILE: (.Mozilla - Firefox.) – C:\Program Files\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi =>.Mozilla
P2 - EXT FILE: (.Mozilla - Firefox.) – C:\Program Files\Mozilla Firefox\browser\features\pictureinpicture@mozilla.org.xpi =>.Mozilla
P2 - EXT FILE: (.Mozilla - Firefox.) – C:\Program Files\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi =>.Mozilla
P2 - EXT FILE: (.Mozilla - Firefox.) – C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi =>.Mozilla
P2 - EXT FILE: (.Mozilla - Firefox.) – C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi =>.Mozilla
C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\bookmarkbackups =>Mozilla Corporation
C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\browser-extension-data =>Mozilla Corporation
C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\crashes =>Mozilla Corporation
C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\datareporting =>Mozilla Corporation
C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\extension-store =>Mozilla Corporation
C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\extensions =>Mozilla Corporation
C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\gmp =>Mozilla Corporation
C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\gmp-gmpopenh264 =>Mozilla Corporation
C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\gmp-widevinecdm =>Mozilla Corporation
C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\minidumps =>Mozilla Corporation
C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\saved-telemetry-pings =>Mozilla Corporation
C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\security_state =>Mozilla Corporation
C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\sessionstore-backups =>Mozilla Corporation
C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\settings =>Mozilla Corporation
C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\shader-cache =>Mozilla Corporation
C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\storage =>Mozilla Corporation
C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\weave =>Mozilla Corporation
C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\browser-extension-data{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}

—\ Internet Explorer Extensions, Start, Search (16) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Browser.) (11.00.19041.2364 (WinBuild.160101.0800)) – C:\Windows\System32\ieframe.dll =>.Microsoft Corporation

—\ INTERNET EXPLORER, trusted site and sensitive site (1) - 0s
~ Microsoft Internet Explorer Restricted Site(s) Domains: 0(Good) / 0(Bad)

—\ Microsoft Edge,Plugins,Start,Search,Extensions (1) - 0s
E2 - GCE: Preference [acco5][User Data\Default\Local Extension Settings] [jdiccldimpdaibmpdkjnbmckianbfold] =>.Microsoft Corporation

—\ Internet Explorer, Proxy Management (3) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 =>.Default.Value
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies =>.Microsoft

—\ Line Analysis, IniFiles, Auto loading programs (3) - 1s
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=

—\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (1)

—\ Browser Helper Object (BHO) (1) - 0s
O2 - BHO: IEToEdge BHO [64Bits] - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} . (.Microsoft Corporation - IEToEdge BHO.) – C:\Program Files (x86)\Microsoft\Edge\Application\109.0.1518.70\BHO\ie_to_edge_bho_64.dll =>.Microsoft®

—\ Global shortcuts Startup (73) - 3s
O4 - GS\Desktop [acco5]: Grim Tales 19 Heritage CE .lnk . (…) C:\Wowangames\Grim Tales 19 Heritage CE upd\GrimTales_Heritage_CE.exe [Unsigned]
O4 - GS\Desktop [acco5]: SUPERAntiSpyware Free Edition.lnk . (…) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [Unsigned]
O4 - GS\Desktop [acco5]: Undercover - Blood Bonds.lnk . (…) C:\Program Files (x86)\Undercover - Blood Bonds\Undercover_BloodBonds.exe [Unsigned]
O4 - GS\Desktop [acco5]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\acco5\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [acco5]: ZHPSuite.lnk . (.Nicolas Coolman - ZHPSuite.) C:\Users\acco5\AppData\Roaming\ZHP\ZHPSuite.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [acco5]: Microsoft Edge.lnk . (.Microsoft Corporation - Microsoft Edge.) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft®
O4 - GS\sendTo [acco5]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - Transfers files between device.) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [acco5]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [acco5]: AdwCleaner.lnk . (.Malwarebytes - AdwCleaner.) C:\Users\acco5\Desktop\Setups offline\adwcleaner(1).exe =>.Malwarebytes Inc.®
O4 - GS\TaskBar [acco5]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Programs [acco5]: Firefox Private Browsing.lnk . (.Mozilla Corporation - Firefox Private Browsing.) C:\Program Files (x86)\Mozilla Firefox\private_browsing.exe [Unsigned] =>.Mozilla Corporation
O4 - GS\Programs [acco5]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\acco5\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft®
O4 - GS\Programs [acco5]: Speedify.lnk . (.Connectify - .) C:\Program Files (x86)\Speedify\SpeedifyUI.exe {0934A6D29414C6BEEFCBE7C2260D7FFB}. =>.Connectify
O4 - GS\Desktop [Administrator]: Grim Tales 19 Heritage CE .lnk . (…) C:\Wowangames\Grim Tales 19 Heritage CE upd\GrimTales_Heritage_CE.exe [Unsigned]
O4 - GS\Desktop [Administrator]: SUPERAntiSpyware Free Edition.lnk . (…) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [Unsigned]
O4 - GS\Desktop [Administrator]: Undercover - Blood Bonds.lnk . (…) C:\Program Files (x86)\Undercover - Blood Bonds\Undercover_BloodBonds.exe [Unsigned]
O4 - GS\Desktop [Administrator]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\acco5\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [Administrator]: ZHPSuite.lnk . (.Nicolas Coolman - ZHPSuite.) C:\Users\acco5\AppData\Roaming\ZHP\ZHPSuite.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Microsoft Edge.lnk . (.Microsoft Corporation - Microsoft Edge.) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft®
O4 - GS\sendTo [Administrator]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - Transfers files between device.) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [Administrator]: AdwCleaner.lnk . (.Malwarebytes - AdwCleaner.) C:\Users\acco5\Desktop\Setups offline\adwcleaner(1).exe =>.Malwarebytes Inc.®
O4 - GS\TaskBar [Administrator]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Programs [Administrator]: Firefox Private Browsing.lnk . (.Mozilla Corporation - Firefox Private Browsing.) C:\Program Files (x86)\Mozilla Firefox\private_browsing.exe [Unsigned] =>.Mozilla Corporation
O4 - GS\Programs [Administrator]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\acco5\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft®
O4 - GS\Programs [Administrator]: Speedify.lnk . (.Connectify - .) C:\Program Files (x86)\Speedify\SpeedifyUI.exe {0934A6D29414C6BEEFCBE7C2260D7FFB}. =>.Connectify
O4 - GS\Desktop [Guest]: Grim Tales 19 Heritage CE .lnk . (…) C:\Wowangames\Grim Tales 19 Heritage CE upd\GrimTales_Heritage_CE.exe [Unsigned]
O4 - GS\Desktop [Guest]: SUPERAntiSpyware Free Edition.lnk . (…) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [Unsigned]
O4 - GS\Desktop [Guest]: Undercover - Blood Bonds.lnk . (…) C:\Program Files (x86)\Undercover - Blood Bonds\Undercover_BloodBonds.exe [Unsigned]
O4 - GS\Desktop [Guest]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\acco5\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [Guest]: ZHPSuite.lnk . (.Nicolas Coolman - ZHPSuite.) C:\Users\acco5\AppData\Roaming\ZHP\ZHPSuite.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: Microsoft Edge.lnk . (.Microsoft Corporation - Microsoft Edge.) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft®
O4 - GS\sendTo [Guest]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - Transfers files between device.) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [Guest]: AdwCleaner.lnk . (.Malwarebytes - AdwCleaner.) C:\Users\acco5\Desktop\Setups offline\adwcleaner(1).exe =>.Malwarebytes Inc.®
O4 - GS\TaskBar [Guest]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Programs [Guest]: Firefox Private Browsing.lnk . (.Mozilla Corporation - Firefox Private Browsing.) C:\Program Files (x86)\Mozilla Firefox\private_browsing.exe [Unsigned] =>.Mozilla Corporation
O4 - GS\Programs [Guest]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\acco5\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft®
O4 - GS\Programs [Guest]: Speedify.lnk . (.Connectify - .) C:\Program Files (x86)\Speedify\SpeedifyUI.exe {0934A6D29414C6BEEFCBE7C2260D7FFB}. =>.Connectify
O4 - GS\CommonDesktop [Public]: Adobe Acrobat.lnk . (.Adobe Systems Incorporated - .) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe [Unsigned] =>.Adobe Systems Incorporated
O4 - GS\CommonDesktop [Public]: FreeWriter.lnk . (…) C:\WINDOWS\Installer{6BB5F8AA-0329-400C-B4B9-82DBE033746F}_017EDA6F176DA1C580FD0F.exe [Unsigned]
O4 - GS\CommonDesktop [Public]: Microsoft Edge.lnk . (.Microsoft Corporation - Microsoft Edge.) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft®
O4 - GS\CommonDesktop [Public]: Speedify.lnk . (.Connectify - .) C:\Program Files (x86)\Speedify\SpeedifyLauncher.exe show {0934A6D29414C6BEEFCBE7C2260D7FFB}. =>.Connectify
O4 - GS\Programs [Public]: Firefox Private Browsing.lnk . (.Mozilla Corporation - Firefox Private Browsing.) C:\Program Files (x86)\Mozilla Firefox\private_browsing.exe [Unsigned] =>.Mozilla Corporation
O4 - GS\Programs [Public]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\acco5\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft®
O4 - GS\Programs [Public]: Speedify.lnk . (.Connectify - .) C:\Program Files (x86)\Speedify\SpeedifyUI.exe {0934A6D29414C6BEEFCBE7C2260D7FFB}. =>.Connectify
O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft®
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\WINDOWS\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\WINDOWS\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\WINDOWS\system32\quickassist.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\WINDOWS\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\WINDOWS\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Steps Recorder.) C:\WINDOWS\system32\psr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\WINDOWS\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Access.lnk . (.Microsoft Corporation - Build a professional app quick.) C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Adobe Acrobat.lnk . (.Adobe Systems Incorporated - .) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe [Unsigned] =>.Adobe Systems Incorporated
O4 - GS\ProgramsCommon [Public]: Excel.lnk . (.Microsoft Corporation - Easily discover, visualize, an.) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\System32\Control.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Malwarebytes.lnk . (.Malwarebytes - .) C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbam.exe [Unsigned] =>.Malwarebytes
O4 - GS\ProgramsCommon [Public]: Microsoft Edge.lnk . (.Microsoft Corporation - Microsoft Edge.) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft®
O4 - GS\ProgramsCommon [Public]: OneNote.lnk . (.Microsoft Corporation - Take notes and have them when .) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Outlook.lnk . (.Microsoft Corporation - Manage your email, schedules, .) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: PC Health Check.lnk . (…) C:\Program Files (x86)\PCHealthCheck\PCHealthCheck.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: PowerPoint.lnk . (.Microsoft Corporation - Design and deliver beautiful p.) C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Publisher.lnk . (.Microsoft Corporation - Create professional-grade publ.) C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Shotcut.lnk . (…) C:\Program Files (x86)\Shotcut\shotcut.exe [Unsigned]
O4 - GS\ProgramsCommon [Public]: Waterfox.lnk . (.Waterfox Limited - Waterfox.) C:\Program Files\Waterfox\waterfox.exe {26953C08B49D365512E76066}. =>.Waterfox Limited
O4 - GS\ProgramsCommon [Public]: Word.lnk . (.Microsoft Corporation - Create beautiful documents, ea.) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE =>.Microsoft Corporation

—\ Lop.com/Domain Hijackers (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.43.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip..{29e692aa-8946-4b4c-b7d7-dcae16a34d82}: NameServer = 10.202.0.1 =>.Private IP
O17 - HKLM\System\CCS\Services\Tcpip..{0ac74aa6-98d2-4fa3-852f-3071b9d2dde6}: DhcpNameServer = 192.168.43.1 =>.Local IP Adress

—\ Extra protocols (24) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\System32\MSVidCtl.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) – C:\Windows\System32\inetcomm.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: mso-minsb-roaming.16 [64Bits] - {83C25742-A9F7-49FB-9138-434302C88D07} . (.Microsoft Corporation - Microsoft Office component.) – C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft®
O18 - Handler: mso-minsb.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office component.) – C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft®
O18 - Handler: osf-roaming.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office component.) – C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft®
O18 - Handler: osf.16 [64Bits] - {5504BE45-A83B-4808-900A-3A5C36E7F77A} . (.Microsoft Corporation - Microsoft Office component.) – C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft®
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) – C:\Windows\System32\tbauth.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\System32\MSVidCtl.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) – C:\Windows\System32\tbauth.dll [Unsigned] =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) – C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL =>.Microsoft®

—\ AppInit_DLLs Registry value Autorun (1) - 0s
O20 - Winlogon : UserInit . (.Microsoft Corporation - Userinit Log-on Application.) - C:\Windows\system32\userinit.exe =>.Microsoft Corporation

—\ List of key exploring StartupApproved (18) - 1s
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OneDrive =>.Microsoft Corporation
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Rainlendar2 =>.Rainy
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:LilySpeechRec
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:LilySpeechUtilB
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:LilySpeechUtilA
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:LilySpeechComms
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:MicrosoftEdgeAutoLaunch_96584F32951EA856FAD305C03C256217
[HKEY_USERS\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OneDrive =>.Microsoft Corporation
[HKEY_USERS\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Rainlendar2 =>.Rainy
[HKEY_USERS\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:LilySpeechRec
[HKEY_USERS\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:LilySpeechUtilB
[HKEY_USERS\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:LilySpeechUtilA
[HKEY_USERS\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:LilySpeechComms
[HKEY_USERS\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:MicrosoftEdgeAutoLaunch_96584F32951EA856FAD305C03C256217
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:SecurityHealth =>.Microsoft Corporation
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Speedify
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]:ASUS Smart Display Control
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:ASUSCD64.cmd

—\ ASIC (ActiveSetup Installed Components) (6) - 0s
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Microsoft Windows Media Player Setup Utilit.) – C:\Windows\System32\unregmp2.exe [Unsigned] =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) – C:\Windows\System32\wmpdxm.dll [Unsigned] =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Microsoft Windows Media Player Setup Utilit.) – C:\Windows\System32\unregmp2.exe [Unsigned] =>.Microsoft Corporation
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialisation Utility.) – C:\Windows\System32\ie4uinit.exe [Unsigned] =>.Microsoft Corporation
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) – C:\Windows\System32\mscories.dll =>.Microsoft®
O40 - ASIC: Microsoft Edge [64Bits] - {9459C573-B17A-45AE-9F64-1857B5D58CEE} . (.Microsoft Corporation - Microsoft Edge Installer.) – C:\Program Files (x86)\Microsoft\Edge\Application\109.0.1518.70\Installer\setup.exe =>.Microsoft®

—\ Software installed (97) - 11s
O42 - Logiciel: Adobe Acrobat (64-bit) - (.Adobe.) [HKLM][64Bits] – {AC76BA86-1033-1033-7760-BC15014EA700} [Unsigned] =>.Adobe
O42 - Logiciel: AI Noise Cancelation Audio Software - (.ASUSTek Computer Inc..) [HKLM][64Bits] – {ab5f014e-883d-470d-bc2d-127ef91e5611} =>.ASUSTeK Computer Inc.®
O42 - Logiciel: AI Noise Cancelation Audio Software SDK - (.ASUSTeK COMPUTER INC..) [HKLM][64Bits] – {9B441197-6389-46FC-BE60-56C8B6E5ADE9} [Unsigned] =>.ASUSTek Computer Inc.
O42 - Logiciel: ARMOURY CRATE Service - (.ASUS.) [HKLM][64Bits] – {01378DC3-088F-4F55-AAFA-DC6A9CCA292A} =>.ASUSTeK Computer Inc.®
O42 - Logiciel: ASUS Aac_GmAcc HAL - (.ASUSTek COMPUTER INC..) [HKLM][64Bits] – {998249B1-6913-447E-AA37-F445B8CA33D0} [Unsigned] =>.ASUSTek Computer Inc. (Hidden)
O42 - Logiciel: ASUS Aac_GmAcc HAL - (.ASUSTek COMPUTER INC..) [HKLM][64Bits] – {fd4cf3d0-9937-417e-89b4-56658158819a} =>.ASUSTEK COMPUTER INCORPORATION® (Hidden)
O42 - Logiciel: ASUS Aac_NBDT HAL - (.ASUSTek COMPUTER INC..) [HKLM][64Bits] – {01D3B7AA-D078-4506-B460-60877FCDDBD6} [Unsigned] =>.ASUSTek Computer Inc. (Hidden)
O42 - Logiciel: ASUS Aac_NBDT HAL - (.ASUSTek COMPUTER INC..) [HKLM][64Bits] – {ba95a7ce-ede3-4308-a5d6-6c08a15bff04} =>.ASUSTeK COMPUTER INC.® (Hidden)
O42 - Logiciel: ASUS AURA Display Component - (.ASUSTek COMPUTER INC..) [HKLM][64Bits] – {AFD1CF98-FE97-434C-A095-9F27C5BEA53C} [Unsigned] =>.ASUSTek Computer Inc. (Hidden)
O42 - Logiciel: ASUS AURA Display Component - (.ASUSTek COMPUTER INC..) [HKLM][64Bits] – {fe2996bf-7174-4ad7-af8c-3e8e510c8263} {0D15AE420C16138D734703C134CADF3D}. =>.ASUSTek Computer Inc. (Hidden)
O42 - Logiciel: ASUS AURA Headset Component - (.ASUSTek COMPUTER INC..) [HKLM][64Bits] – {A3C4120D-8096-4307-91A2-FFE37EBD5A3D} [Unsigned] =>.ASUSTek Computer Inc. (Hidden)
O42 - Logiciel: ASUS AURA Headset Component - (.ASUSTek COMPUTER INC..) [HKLM][64Bits] – {b351ae91-a5dd-4741-8830-883dddd22eb7} =>.ASUSTeK Computer Inc.® (Hidden)
O42 - Logiciel: ASUS Aura SDK - (.ASUSTek COMPUTER INC..) [HKLM][64Bits] – {CF8E6E00-9C03-4440-81C0-21FACB921A6B} [Unsigned] =>.ASUSTek Computer Inc. (Hidden)
O42 - Logiciel: ASUS Framework Service - (.ASUSTeK Computer Inc..) [HKLM][64Bits] – {339A6383-7862-46DA-8A9D-E84180EF9424} {0BBE02C8838FBF02AB56EDABB1E34C19}. =>.ASUSTek Computer Inc.
O42 - Logiciel: ASUS Framework Service - (.ASUSTek COMPUTER INC..) [HKLM][64Bits] – {80f60ecc-98e1-474b-aee2-0c470f02dbbc} =>.ASUSTeK Computer Inc.®
O42 - Logiciel: ASUS Framework Service - (.ASUSTek COMPUTER INC..) [HKLM][64Bits] – {EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332} [Unsigned] =>.ASUSTek Computer Inc. (Hidden)
O42 - Logiciel: ASUS Keyboard HAL - (.ASUSTek COMPUTER INC..) [HKLM][64Bits] – {0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3} [Unsigned] =>.ASUSTek Computer Inc. (Hidden)
O42 - Logiciel: ASUS Keyboard HAL - (.ASUSTek COMPUTER INC..) [HKLM][64Bits] – {79497ebd-229a-42ac-9410-87264af2e929} =>.ASUSTeK Computer Inc.® (Hidden)
O42 - Logiciel: ASUS MB Peripheral Products - (.ASUSTeK Computer Inc..) [HKLM][64Bits] – {193a2068-8738-4276-ab1b-9133f9403487} =>.ASUSTeK Computer Inc.® (Hidden)
O42 - Logiciel: ASUS MB Peripheral Products - (.ASUSTeK Computer Inc..) [HKLM][64Bits] – {BFED9861-7D96-4528-89F1-B090ABBF11A7} [Unsigned] =>.ASUSTek Computer Inc. (Hidden)
O42 - Logiciel: ASUS Mouse HAL - (.ASUSTek COMPUTER INC..) [HKLM][64Bits] – {559342ce-3e0f-4daf-bd9f-dfb67f065c28} =>.ASUSTeK Computer Inc.® (Hidden)
O42 - Logiciel: ASUS Mouse HAL - (.ASUSTek COMPUTER INC..) [HKLM][64Bits] – {B8F984F2-7887-4DD2-8D96-F9A4BC5A4AC5} [Unsigned] =>.ASUSTek Computer Inc. (Hidden)
O42 - Logiciel: ASUS MultiAntenna Service - (.ASUSTeK COMPUTER INC..) [HKLM][64Bits] – {EBB02F2E-0856-4B8A-9E70-980102C90BBA} [Unsigned] =>.ASUSTek Computer Inc.
O42 - Logiciel: ASUS Smart Display Control - (.ASUSTek COMPUTER INC..) [HKLM][64Bits] – {8714A8D1-0F08-4681-9DF6-A8C4607A58B4} [Unsigned] =>.ASUSTek Computer Inc.
O42 - Logiciel: AURA lighting effect add-on - (.ASUS.) [HKLM][64Bits] – {1E2EA04B-FCA7-457E-B6F4-F33E1858E859} [Unsigned] =>.ASUS
O42 - Logiciel: AURA lighting effect add-on x64 - (.ASUS.) [HKLM][64Bits] – {C5A4A164-4428-4931-B728-96EEF0FA3C44} [Unsigned] =>.ASUS
O42 - Logiciel: AURA Service - (.ASUSTeK Computer Inc..) [HKLM][64Bits] – {0760271b-d7d2-407b-a2ec-f17c8ce203c7} {0BBE02C8838FBF02AB56EDABB1E34C19}. =>.ASUSTek Computer Inc.
O42 - Logiciel: AURA Service - (.ASUSTeK Computer Inc..) [HKLM][64Bits] – {0E536061-3B55-4D45-BF58-0BDA261C94B0} [Unsigned] =>.ASUSTek Computer Inc. (Hidden)
O42 - Logiciel: FreeWriter - (.Lifestyle Toolbox.) [HKLM][64Bits] – {6BB5F8AA-0329-400C-B4B9-82DBE033746F} [Unsigned]
O42 - Logiciel: GameSDK Service - (.ASUSTek COMPUTER INC..) [HKLM][64Bits] – {021d69c3-d686-4a94-8fb5-fd1ee782fb14} =>.ASUSTeK COMPUTER INC.®
O42 - Logiciel: GameSDK Service - (.ASUSTek COMPUTER INC..) [HKLM][64Bits] – {7160DA8D-3F25-4F6E-ABC8-F693551D82FA} [Unsigned] =>.ASUSTek Computer Inc. (Hidden)
O42 - Logiciel: LibreOffice 7.1.3.2 - (.The Document Foundation.) [HKLM][64Bits] – {76B2DBF3-5773-4463-9EEB-D4A099EB6265} [Unsigned] =>.The Document Foundation
O42 - Logiciel: LilySpeech Version 3 - (.LilySpeech.) [HKCU][64Bits] – LilySpeech {0C29F10216F4CD91F5971051BAAB8BC1}.
O42 - Logiciel: Malwarebytes version 4.5.21.231 - (.Malwarebytes.) [HKLM][64Bits] – {35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1 =>.Malwarebytes Inc.®
O42 - Logiciel: Microsoft .NET Host - 5.0.14 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {61A6E3A7-F406-418A-B2A6-0606DB55B325} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Host FX Resolver - 5.0.14 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {8D88F0E2-CE9B-4A6D-8309-FDC562195F5B} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Runtime - 5.0.14 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {B810ACDF-1C0C-4108-9B92-12F1674FA444} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft 365 - en-us - (.Microsoft Corporation.) [HKLM][64Bits] – O365HomePremRetail - en-us =>.Microsoft®
O42 - Logiciel: Microsoft Edge - (.Microsoft Corporation.) [HKLM][64Bits] – Microsoft Edge =>.Microsoft®
O42 - Logiciel: Microsoft Edge Update - (.Microsoft Corporation.) [HKLM][64Bits] – Microsoft Edge Update [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Edge WebView2 Runtime - (.Microsoft Corporation.) [HKLM][64Bits] – Microsoft EdgeWebView =>.Microsoft®
O42 - Logiciel: Microsoft GameInput - (.Microsoft Corporation.) [HKLM][64Bits] – {6BBE9278-659F-FA16-E4B8-C2D60DE0DCC7} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] – OneDriveSetup.exe =>.Microsoft®
O42 - Logiciel: Microsoft Update Health Tools - (.Microsoft Corporation.) [HKLM][64Bits] – {89581302-705F-42C5-99B0-E368A845DAD5} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 - (.Microsoft Corporation.) [HKLM][64Bits] – {7d607fb4-7e28-4c7a-a92f-3fcdaf555faf} =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.26.28720 - (.Microsoft Corporation.) [HKLM][64Bits] – {86380aef-fd23-4fc3-8723-a98ccad8f2c6} =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2019 X64 Additional Runtime - 14.26.28720 - (.Microsoft Corporation.) [HKLM][64Bits] – {CB4A0FDE-1126-4AE2-97C6-A243692C3D95} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.26.28720 - (.Microsoft Corporation.) [HKLM][64Bits] – {DD1EC0FD-3F0A-4740-A05E-1DCD14A6B0D1} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2019 X86 Additional Runtime - 14.26.28720 - (.Microsoft Corporation.) [HKLM][64Bits] – {2F69FB2B-2C48-491C-B249-22C1BDCE1117} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.26.28720 - (.Microsoft Corporation.) [HKLM][64Bits] – {31C9EB3A-5F0C-49E7-8E6C-D404E48F433D} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Windows Desktop Runtime - 5.0.14 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {4CD6FFC6-FA14-4016-A7A6-B7E3D6286331} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Windows Desktop Runtime - 5.0.14 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {d21a4f20-968a-4b0c-bf04-a38da5f06e41} =>.Microsoft®
O42 - Logiciel: Mozilla Firefox (x64 en-US) - (.Mozilla.) [HKLM][64Bits] – Mozilla Firefox 109.0.1 (x64 en-US) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] – MozillaMaintenanceService [Unsigned] =>.Mozilla
O42 - Logiciel: NVAPI Monitor plugin for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA ABHub - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvAbHub [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Backend - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA FrameView SDK 1.1.4923.29548709 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk [Unsigned] =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA GeForce Experience 3.21.0.36 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience [Unsigned] =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Graphics Driver 462.06 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver [Unsigned] =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA HD Audio Driver 1.3.38.40 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver [Unsigned] =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA LocalSystem Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Message Bus for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA NetworkService Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ServiceUser [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA NodeJS - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA PhysX System Software 9.20.0221 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX [Unsigned] =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Platform Controllers and Framework - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVPCF [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Session Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA ShadowPlay 3.21.0.36 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: Nvidia Share - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA SHIELD Streaming - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA SHIELD Wireless Controller Driver - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Telemetry Client - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA TelemetryApi helper for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ContainerTelemetryApiHelper [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Update Core - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA User Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Virtual Audio 4.13.0.0 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Virtual Host Controller - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvVHCI [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Watchdog Plugin for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NvModuleTracker - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: Office 16 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] – {90160000-008C-0000-1000-0000000FF1CE} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Office 16 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] – {90160000-007E-0000-1000-0000000FF1CE} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Office 16 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] – {90160000-008C-0409-1000-0000000FF1CE} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Rainlendar2 (remove only) - (.Rainy.) [HKLM][64Bits] – Rainlendar2 [Unsigned] =>.Rainy
O42 - Logiciel: RefreshRateService - (.ASUSTeK COMPUTER INC..) [HKLM][64Bits] – {7E5E84CB-B190-4658-A4DC-166779C329D1} [Unsigned] =>.ASUSTek Computer Inc.
O42 - Logiciel: ROG CustomHotkey - (.ASUSTek Computer Inc..) [HKLM][64Bits] – {374883e6-b31d-4a3c-9c4a-2685a840aed4} =>.ASUSTeK Computer Inc.®
O42 - Logiciel: ROG Live Service - (.ASUSTek COMPUTER INC..) [HKLM][64Bits] – {2D87BFB6-C184-4A59-9BBE-3E20CE797631} [Unsigned] =>.ASUSTek Computer Inc.
O42 - Logiciel: Shotcut - (.Meltytech, LLC.) [HKLM][64Bits] – Shotcut [Unsigned] =>.Meltytech, LLC
O42 - Logiciel: Speedify - (.Connectify.) [HKLM][64Bits] – Speedify [Unsigned] =>.Connectify
O42 - Logiciel: Undercover - Blood Bonds - (.Game Owl.) [HKLM][64Bits] – Undercover - Blood BondsFinal [Unsigned]
O42 - Logiciel: Waterfox (x64 en-US) - (.WaterfoxLimited.) [HKLM][64Bits] – Waterfox 102.5.0 (x64 en-US) {26953C08B49D365512E76066}.
O42 - Logiciel: WebAdvisor by McAfee - (.McAfee, LLC.) [HKLM][64Bits] – {35ED3F83-4BDC-4c44-8EC6-6A8301C7413A} [Unsigned] =>.McAfee, LLC
O42 - Logiciel: Windows PC Health Check - (.Microsoft Corporation.) [HKLM][64Bits] – {6798C408-2636-448C-8AC6-F4E341102D27} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: WinRAR 6.02 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] – WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: Zoom - (.Zoom Video Communications, Inc..) [HKCU][64Bits] – ZoomUMX {02009F3FD86C9A6051C97108379B1201}. =>.Zoom Video Communications, Inc.

—\ HKCU & HKLM Software Keys (119) - 11s
HKLM\SOFTWARE\Adobe =>.Adobe
HKLM\SOFTWARE\AGEIA Technologies =>.AGEIA Technologies
HKLM\SOFTWARE\AMD =>.AMD
HKLM\SOFTWARE\AMDLOG
HKLM\SOFTWARE\ASIO =>.Steinberg Media Technologies
HKLM\SOFTWARE\ASUS =>.ASUS
HKLM\SOFTWARE\Avast Software =>.AVAST Software
HKLM\SOFTWARE\CVSM =>.Legitimate
HKLM\SOFTWARE\DefaultUserEnvironment =>.Microsoft Corporation
HKLM\SOFTWARE\Dolby =>.Dolby
HKLM\SOFTWARE\dotnet
HKLM\SOFTWARE\Google =>.Google
HKLM\SOFTWARE\HitmanPro =>.EIDOS hitman Game
HKLM\SOFTWARE\Intel =>.Intel
HKLM\SOFTWARE\LibreOffice =>.LibreOffice
HKLM\SOFTWARE\Macromedia =>.Macromedia
HKLM\SOFTWARE\Malwarebytes =>.Malwarebytes
HKLM\SOFTWARE\McAfee =>.McAfee Inc.
HKLM\SOFTWARE\Mozilla =>.Mozilla
HKLM\SOFTWARE\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\mtkbt
HKLM\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\OEM =>.OEM
HKLM\SOFTWARE\OpenSSH =>.OpenBSD
HKLM\SOFTWARE\Partner =>.Google Inc.
HKLM\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKLM\SOFTWARE\Shotcut
HKLM\SOFTWARE\Speedify
HKLM\SOFTWARE\The Document Foundation =>.The Document Foundation
HKLM\SOFTWARE\Ultra adware killer =>.Carifred
HKLM\SOFTWARE\waterfox.net =>.waterfox.net
HKLM\SOFTWARE\WaterfoxLimited =>.Legitimate
HKLM\SOFTWARE\Windows =>.Microsoft Corporation
HKLM\SOFTWARE\WinRAR =>.WinRAR
HKLM\SOFTWARE\WOW6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\Adobe =>.Adobe
HKLM\SOFTWARE\WOW6432Node\AGEIA Technologies =>.AGEIA Technologies
HKLM\SOFTWARE\WOW6432Node\ASIO =>.Steinberg Media Technologies
HKLM\SOFTWARE\WOW6432Node\ASUS =>.ASUS
HKLM\SOFTWARE\WOW6432Node\Avast Software =>.AVAST Software
HKLM\SOFTWARE\WOW6432Node\dotnet
HKLM\SOFTWARE\WOW6432Node\Google =>.Google
HKLM\SOFTWARE\WOW6432Node\Intel =>.Intel
HKLM\SOFTWARE\WOW6432Node\KasperskyLab =>.Kaspersky Labs
HKLM\SOFTWARE\WOW6432Node\Macromedia =>.Macromedia
HKLM\SOFTWARE\WOW6432Node\Malwarebytes =>.Malwarebytes
HKLM\SOFTWARE\WOW6432Node\McAfee NGI =>.McAfee Inc.
HKLM\SOFTWARE\WOW6432Node\Mozilla =>.Mozilla
HKLM\SOFTWARE\WOW6432Node\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\WOW6432Node\NVIDIA Corporation =>.nVidia Corporation
HKLM\SOFTWARE\WOW6432Node\nwjs =>.NW.js
HKLM\SOFTWARE\WOW6432Node\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\WOW6432Node\Rainlendar2 =>.Rainy
HKLM\SOFTWARE\WOW6432Node\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\9-lab =>.9-lab
HKCU\SOFTWARE\Adobe =>.Adobe
HKCU\SOFTWARE\AMD =>.AMD
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\ASUS =>.ASUS
HKCU\SOFTWARE\ATI =>.ATI
HKCU\SOFTWARE\AVAST Software =>.AVAST Software
HKCU\SOFTWARE\Chromium =>.Chromium
HKCU\SOFTWARE\Geek Uninstaller =>.Geek Uninstaller
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\Malwarebytes =>.Malwarebytes
HKCU\SOFTWARE\McAfee =>.McAfee Inc.
HKCU\SOFTWARE\Meltytech =>.Meltytech LLC
HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKCU\SOFTWARE\nwjs =>.NW.js
HKCU\SOFTWARE\QtProject =>.QtProject
HKCU\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\SQRT3
HKCU\SOFTWARE\Starco Games
HKCU\SOFTWARE\SyncEngines =>.Microsoft Corporation
HKCU\SOFTWARE\The Document Foundation =>.The Document Foundation
HKCU\SOFTWARE\WaterfoxLimited =>.Legitimate
HKCU\SOFTWARE\WinRAR =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\ZoomUMX
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
HKU.DEFAULT\SOFTWARE\AMD =>.AMD
HKU.DEFAULT\SOFTWARE\ATI =>.ATI
HKU.DEFAULT\SOFTWARE\Malwarebytes =>.Malwarebytes
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\9-lab =>.9-lab
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\Adobe =>.Adobe
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\AMD =>.AMD
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\ASUS =>.ASUS
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\ATI =>.ATI
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\AVAST Software =>.AVAST Software
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\Chromium =>.Chromium
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\Geek Uninstaller =>.Geek Uninstaller
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\Google =>.Google
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\Malwarebytes =>.Malwarebytes
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\McAfee =>.McAfee Inc.
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\Meltytech =>.Meltytech LLC
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\Mozilla =>.Mozilla
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\nwjs =>.NW.js
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\QtProject =>.QtProject
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\SQRT3
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\Starco Games
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\SyncEngines =>.Microsoft Corporation
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\The Document Foundation =>.The Document Foundation
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\WaterfoxLimited =>.Legitimate
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\WinRAR =>.WinRAR
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\WinRAR SFX =>.RarLab
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\ZHP =>.Nicolas Coolman
HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\ZoomUMX

—\ Packages (11) - 0s
C:\Program Files (x86)\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m - (..) [AMD Radeon Software]
C:\Program Files (x86)\WindowsApps\B9ECED6F.ArmouryCrate_5.2.12.0_x64__qmba6cd70vzyy - (.ASUSTeK COMPUTER INC..) [ARMOURY CRATE] =>ASUSTeK COMPUTER INC.
C:\Program Files (x86)\WindowsApps\B9ECED6F.ArmouryCrate_5.4.8.0_x64__qmba6cd70vzyy - (.ASUSTeK COMPUTER INC..) [ARMOURY CRATE] =>ASUSTeK COMPUTER INC.
C:\Program Files (x86)\WindowsApps\B9ECED6F.AURACreator_3.5.6.0_x64__qmba6cd70vzyy - (.ASUSTeK COMPUTER INC..) [AURA Creator] =>ASUSTeK COMPUTER INC.
C:\Program Files (x86)\WindowsApps\Disney.37853FC22B2CE_1.44.2.0_x64__6rarf9sa4v8jt - (.Disney.) [Disney+]
C:\Program Files (x86)\WindowsApps\DolbyLaboratories.DolbyAccess_3.16.345.0_x64__rz1tebttyb220 - (.Dolby Laboratories.) [Dolby Access] =>Dolby Laboratories
C:\Program Files (x86)\WindowsApps\MicrosoftWindows.UndockedDevKit_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy - (.Microsoft Corporation.) [UDK Package] =>Microsoft Corporation
C:\Program Files (x86)\WindowsApps\NcsiUwpApp_1000.19041.1023.0_neutral_neutral_8wekyb3d8bbwe - (.Microsoft.) [NcsiUwpApp] =>Microsoft
C:\Program Files (x86)\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj - (.nVidia Corporation.) [NVIDIA Control Panel] =>nVidia Corporation
C:\Program Files (x86)\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.37.275.0_x64__dt26b99r8h8gj - (.Realtek Semiconductor Corp.) [Realtek Audio Control] =>Realtek Semiconductor Corp
C:\Program Files (x86)\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0 - (.Spotify.) [Spotify Music] =>Spotify

—\ Contents of the Common Files folders (199) - 7s
O43 - CFD: 01/02/2023 - [0] D – C:\Program Files\9-lab =>.9-lab
O43 - CFD: 18/11/2022 - D – C:\Program Files\Adobe =>.Adobe Inc.®
O43 - CFD: 13/09/2022 - D – C:\Program Files\AMD =>.AMD
O43 - CFD: 31/01/2023 - D – C:\Program Files\ASUS =>.ASUSTeK COMPUTER INC.®
O43 - CFD: 18/11/2022 - D – C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 12/09/2022 - D – C:\Program Files\dotnet =>.Microsoft®
O43 - CFD: 21/11/2022 - D – C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 16/09/2022 - D – C:\Program Files\LibreOffice =>.LibreOffice
O43 - CFD: 01/02/2023 - D – C:\Program Files\Malwarebytes =>.Malwarebytes
O43 - CFD: 01/02/2023 - D – C:\Program Files\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - D – C:\Program Files\Microsoft Office 15 =>.Microsoft Corporation
O43 - CFD: 19/01/2023 - D – C:\Program Files\Microsoft Update Health Tools =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - [0] D – C:\Program Files\ModifiableWindowsApps =>.Microsoft Corporation
O43 - CFD: 01/02/2023 - D – C:\Program Files\Mozilla Firefox =>.Mozilla
O43 - CFD: 13/09/2022 - D – C:\Program Files\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 12/09/2022 - D – C:\Program Files\PCHealthCheck =>.Microsoft®
O43 - CFD: 25/12/2022 - D – C:\Program Files\Shotcut [Unsigned]
O43 - CFD: 13/09/2022 - [0] HD – C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 09/12/2022 - D – C:\Program Files\Waterfox {26953C08B49D365512E76066}. =>.Waterfox
O43 - CFD: 21/11/2022 - D – C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 14/12/2022 - D – C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 21/11/2022 - D – C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - D – C:\Program Files\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - D – C:\Program Files\Windows NT =>.Microsoft Corporation
O43 - CFD: 21/11/2022 - D – C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - D – C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - D – C:\Program Files\Windows Security =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - SHD – C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 01/02/2023 - HD – C:\Program Files\WindowsApps =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - D – C:\Program Files\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 16/09/2022 - D – C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 31/01/2023 - D – C:\Program Files (x86)\ASUS =>.ASUSTeK Computer Inc.®
O43 - CFD: 25/09/2022 - D – C:\Program Files (x86)\ASUSTeK COMPUTER INC =>.ASUSTEK COMPUTER INCORPORATION®
O43 - CFD: 18/11/2022 - D – C:\Program Files (x86)\Common Files =>.Microsoft Corporation
O43 - CFD: 22/12/2022 - D – C:\Program Files (x86)\FreeWriter {44850B673A677BD66A388730B0202F74}.
O43 - CFD: 12/09/2022 - HD – C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield
O43 - CFD: 21/11/2022 - D – C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 24/11/2022 - D – C:\Program Files (x86)\LightingService =>.ASUSTEK COMPUTER INCORPORATION®
O43 - CFD: 12/09/2022 - D – C:\Program Files (x86)\Microsoft =>.Microsoft Corporation
O43 - CFD: 24/11/2022 - D – C:\Program Files (x86)\Microsoft GameInput =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - D – C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 01/02/2023 - D – C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla
O43 - CFD: 13/09/2022 - D – C:\Program Files (x86)\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 12/09/2022 - D – C:\Program Files (x86)\Rainlendar2 =>.Rainy
O43 - CFD: 08/01/2023 - D – C:\Program Files (x86)\Speedify {0934A6D29414C6BEEFCBE7C2260D7FFB}.
O43 - CFD: 29/10/2022 - D – C:\Program Files (x86)\Undercover - Blood Bonds [Unsigned]
O43 - CFD: 21/11/2022 - D – C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation
O43 - CFD: 24/11/2022 - D – C:\Program Files (x86)\Windows Kits =>.Microsoft Corporation
O43 - CFD: 14/12/2022 - D – C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 21/11/2022 - D – C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - D – C:\Program Files (x86)\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - D – C:\Program Files (x86)\Windows NT =>.Microsoft Corporation
O43 - CFD: 21/11/2022 - D – C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - D – C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - SHD – C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - D – C:\Program Files (x86)\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 01/02/2023 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\9-lab Removal Tool
O43 - CFD: 13/09/2022 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 11/01/2023 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 22/12/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeWriter
O43 - CFD: 16/09/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1 =>.LibreOffice
O43 - CFD: 13/09/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 29/10/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 12/09/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainlendar2 =>.Rainy
O43 - CFD: 08/01/2023 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speedify
O43 - CFD: 13/09/2022 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell =>.Microsoft Corporation
O43 - CFD: 16/09/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 01/02/2023 - D – C:\ProgramData\9-lab =>.9-lab
O43 - CFD: 18/11/2022 - D – C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 13/09/2022 - [0] SHD – C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 31/01/2023 - D – C:\ProgramData\ASUS =>.ASUS
O43 - CFD: 13/09/2022 - [0] SHD – C:\ProgramData\Desktop =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - [0] SHD – C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - D – C:\ProgramData\Dolby =>.Dolby
O43 - CFD: 01/02/2023 - D – C:\ProgramData\HitmanPro =>.EIDOS hitman Game
O43 - CFD: 01/02/2023 - D – C:\ProgramData\Malwarebytes =>.Malwarebytes
O43 - CFD: 13/09/2022 - D – C:\ProgramData\McInstTemp0069471628438385
O43 - CFD: 16/09/2022 - SD – C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 12/09/2022 - D – C:\ProgramData\Microsoft OneDrive =>.Microsoft Corporation
O43 - CFD: 02/02/2023 - D – C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 =>.Mozilla Corporation
O43 - CFD: 01/02/2023 - D – C:\ProgramData\NVIDIA =>.nVidia Corporation
O43 - CFD: 12/09/2022 - D – C:\ProgramData\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 31/01/2023 - D – C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 12/09/2022 - D – C:\ProgramData\Packages =>.Microsoft Corporation
O43 - CFD: 02/02/2023 - D – C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - [0] D – C:\ProgramData\SoftwareDistribution =>.Microsoft Corporation
O43 - CFD: 02/02/2023 - D – C:\ProgramData\Speedify
O43 - CFD: 13/09/2022 - [0] D – C:\ProgramData\ssh =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - [0] SHD – C:\ProgramData\Start Menu =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - [0] SHD – C:\ProgramData\Templates =>.Microsoft Corporation
O43 - CFD: 01/02/2023 - D – C:\ProgramData\Ultra Adware Killer =>.Carifred
O43 - CFD: 13/09/2022 - D – C:\ProgramData\USOPrivate =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - D – C:\ProgramData\USOShared =>.Microsoft Corporation
O43 - CFD: 09/12/2022 - D – C:\ProgramData\Waterfox-1de4eec8-1241-4177-a864-e594e8d1fb38
O43 - CFD: 13/09/2022 - D – C:\ProgramData\WindowsHolographicDevices =>.Microsoft Corporation
O43 - CFD: 18/11/2022 - D – C:\Program Files (x86)\Common Files\Adobe =>.Adobe
O43 - CFD: 13/09/2022 - D – C:\Program Files (x86)\Common Files\InstallShield =>.InstallShield
O43 - CFD: 13/09/2022 - D – C:\Program Files (x86)\Common Files\Microsoft Shared =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - D – C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 14/12/2022 - D – C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation
O43 - CFD: 01/02/2023 - D – C:\Users\acco5\AppData\Roaming\9-lab =>.9-lab
O43 - CFD: 18/11/2022 - D – C:\Users\acco5\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 18/11/2022 - D – C:\Users\acco5\AppData\Roaming\com.adobe.dunamis =>.Adobe Inc.
O43 - CFD: 15/09/2022 - D – C:\Users\acco5\AppData\Roaming\Geek Uninstaller =>.Geek Uninstaller
O43 - CFD: 16/09/2022 - D – C:\Users\acco5\AppData\Roaming\LibreOffice =>.LibreOffice
O43 - CFD: 22/12/2022 - D – C:\Users\acco5\AppData\Roaming\Lifestyle Toolbox
O43 - CFD: 18/11/2022 - SD – C:\Users\acco5\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 12/09/2022 - D – C:\Users\acco5\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 16/09/2022 - D – C:\Users\acco5\AppData\Roaming\NVIDIA =>.nVidia Corporation
O43 - CFD: 16/09/2022 - D – C:\Users\acco5\AppData\Roaming\Starco Games
O43 - CFD: 09/12/2022 - D – C:\Users\acco5\AppData\Roaming\Waterfox =>.Waterfox
O43 - CFD: 16/09/2022 - D – C:\Users\acco5\AppData\Roaming\WinRAR =>.WinRAR
O43 - CFD: 02/02/2023 - D – C:\Users\acco5\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 11/01/2023 - D – C:\Users\acco5\AppData\Roaming\Zoom =>.ZOOM
O43 - CFD: 12/09/2022 - D – C:\Users\acco5\AppData\Local\AcSdkInsLog
O43 - CFD: 18/11/2022 - D – C:\Users\acco5\AppData\Local\Adobe =>.Adobe
O43 - CFD: 16/09/2022 - D – C:\Users\acco5\AppData\Local\AMD =>.AMD
O43 - CFD: 12/09/2022 - [0] SHD – C:\Users\acco5\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 16/09/2022 - D – C:\Users\acco5\AppData\Local\ASUS =>.ASUS
O43 - CFD: 25/12/2022 - D – C:\Users\acco5\AppData\Local\cache =>.Legitimate
O43 - CFD: 12/09/2022 - D – C:\Users\acco5\AppData\Local\CEF =>.CEF
O43 - CFD: 12/09/2022 - D – C:\Users\acco5\AppData\Local\Comms =>.Microsoft Corporation
O43 - CFD: 12/09/2022 - D – C:\Users\acco5\AppData\Local\ConnectedDevicesPlatform =>.Microsoft Corporation
O43 - CFD: 31/01/2023 - D – C:\Users\acco5\AppData\Local\CrashDumps =>.Microsoft Corporation
O43 - CFD: 30/01/2023 - D – C:\Users\acco5\AppData\Local\D3DSCache =>.Legitimate
O43 - CFD: 12/09/2022 - [0] D – C:\Users\acco5\AppData\Local\DBG =>.DBG
O43 - CFD: 20/12/2022 - [0] D – C:\Users\acco5\AppData\Local\Diagnostics =>.Microsoft Corporation
O43 - CFD: 24/01/2023 - [0] D – C:\Users\acco5\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
O43 - CFD: 12/09/2022 - [0] SHD – C:\Users\acco5\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 22/12/2022 - D – C:\Users\acco5\AppData\Local\Lifestyle_Toolbox
O43 - CFD: 11/01/2023 - D – C:\Users\acco5\AppData\Local\LilySpeechApp
O43 - CFD: 11/01/2023 - D – C:\Users\acco5\AppData\Local\LilySpeechRec
O43 - CFD: 15/09/2022 - D – C:\Users\acco5\AppData\Local\mbam =>.Malwarebytes
O43 - CFD: 25/12/2022 - D – C:\Users\acco5\AppData\Local\Meltytech
O43 - CFD: 23/12/2022 - D – C:\Users\acco5\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 12/09/2022 - D – C:\Users\acco5\AppData\Local\Mozilla =>.Mozilla Corporation
O43 - CFD: 16/09/2022 - D – C:\Users\acco5\AppData\Local\NVIDIA =>.nVidia Corporation
O43 - CFD: 12/09/2022 - D – C:\Users\acco5\AppData\Local\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 12/09/2022 - D – C:\Users\acco5\AppData\Local\OneDrive =>.Microsoft Corporation
O43 - CFD: 01/02/2023 - D – C:\Users\acco5\AppData\Local\OO Software =>.O&O Software GmbH
O43 - CFD: 01/02/2023 - D – C:\Users\acco5\AppData\Local\Packages =>.Microsoft Corporation
O43 - CFD: 21/11/2022 - D – C:\Users\acco5\AppData\Local\PlaceholderTileLogoFolder =>.Microsoft Corporation
O43 - CFD: 12/09/2022 - D – C:\Users\acco5\AppData\Local\Publishers =>.Microsoft Corporation
O43 - CFD: 18/11/2022 - D – C:\Users\acco5\AppData\Local\SolidDocuments =>.SolidDocuments
O43 - CFD: 19/11/2022 - D – C:\Users\acco5\AppData\Local\Speedify
O43 - CFD: 02/02/2023 - D – C:\Users\acco5\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 12/09/2022 - [0] SHD – C:\Users\acco5\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 12/09/2022 - [0] D – C:\Users\acco5\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 09/12/2022 - D – C:\Users\acco5\AppData\Local\Waterfox =>.Waterfox
O43 - CFD: 02/02/2023 - D – C:\Users\acco5\AppData\Local\ZHP =>.Nicolas Coolman
O43 - CFD: 11/01/2023 - D – C:\Users\acco5\AppData\Local\Zoom =>.ZOOM
O43 - CFD: 18/11/2022 - D – C:\Users\acco5\AppData\LocalLow\Adobe =>.Adobe
O43 - CFD: 12/09/2022 - D – C:\Users\acco5\AppData\LocalLow\AMD =>.AMD
O43 - CFD: 02/02/2023 - D – C:\Users\acco5\AppData\LocalLow\IGDump
O43 - CFD: 18/11/2022 - SD – C:\Users\acco5\AppData\LocalLow\Microsoft =>.Microsoft Corporation
O43 - CFD: 02/02/2023 - D – C:\Users\acco5\AppData\LocalLow\Mozilla =>.Mozilla Corporation
O43 - CFD: 21/11/2022 - D – C:\Users\acco5\AppData\LocalLow\NVIDIA =>.nVidia Corporation
O43 - CFD: 14/01/2023 - D – C:\Users\acco5\AppData\LocalLow\SQRT3
O43 - CFD: 16/09/2022 - D – C:\Users\acco5\AppData\LocalLow\Starco Games
O43 - CFD: 01/02/2023 - [0] D – C:\Users\acco5\AppData\LocalLow\Temp =>.Microsoft Corporation
O43 - CFD: 12/09/2022 - D – C:\Users\acco5\Desktop\Fog Effects
O43 - CFD: 12/09/2022 - D – C:\Users\acco5\Desktop\Nature sound videos
O43 - CFD: 12/09/2022 - D – C:\Users\acco5\Desktop\New Nature Sounds
O43 - CFD: 24/01/2023 - D – C:\Users\acco5\Desktop\Newest files from other computer
O43 - CFD: 12/09/2022 - D – C:\Users\acco5\Desktop\PB - Free Fog Overlays
O43 - CFD: 12/09/2022 - D – C:\Users\acco5\Desktop\Rdv CAF
O43 - CFD: 10/01/2023 - D – C:\Users\acco5\Desktop\Secret Diaries - Manage a Manor
O43 - CFD: 24/12/2022 - D – C:\Users\acco5\Desktop\Setups offline
O43 - CFD: 14/06/2022 - [0] D – C:\Users\acco5\Desktop\Shift plus u for at symbol
O43 - CFD: 10/01/2023 - D – C:\Users\acco5\Desktop\Temporary folder for old computer
O43 - CFD: 12/09/2022 - D – C:\Users\acco5\Desktop\USB
O43 - CFD: 13/09/2022 - RD – C:\Users\acco5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 12/09/2022 - RD – C:\Users\acco5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 12/09/2022 - RD – C:\Users\acco5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 11/01/2023 - D – C:\Users\acco5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LilySpeech
O43 - CFD: 13/09/2022 - D – C:\Users\acco5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 12/09/2022 - RD – C:\Users\acco5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - RD – C:\Users\acco5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 29/10/2022 - D – C:\Users\acco5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Undercover - Blood Bonds
O43 - CFD: 13/09/2022 - D – C:\Users\acco5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell =>.Microsoft Corporation
O43 - CFD: 16/09/2022 - D – C:\Users\acco5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 11/01/2023 - D – C:\Users\acco5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom =>.ZOOM
O43 - CFD: 13/09/2022 - [0] SHD – C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - [0] SHD – C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 12/09/2022 - D – C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - [0] D – C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - [0] SHD – C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - [0] SHD – C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - [0] SHD – C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 12/09/2022 - D – C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - [0] D – C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - [0] SHD – C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 10/01/2023 - – C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Adobe =>.Adobe
O43 - CFD: 13/09/2022 - D – C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 18/11/2022 - SD – C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\Microsoft =>.Microsoft Corporation

—\ ShellIconOverlayIdentifiers (SIOI) (1) - 0s
O106 - SIOI: [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) – C:\Windows\System32\EhStorShell.dll [Unsigned] =>.Microsoft Corporation

—\ Search Context Menu Handlers (SCMH) (30) - 1s
O108 - CMH1: ModernSharing [64Bits] - {e2bf9676-5f8f-435c-97eb-11607a5bedf7} . (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH1: Open With [64Bits] - {09799AFB-AD67-11d1-ABCD-00C04FC30936} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH1: Open With EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH1: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH1: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) – C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
O108 - CMH1: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.) [Unsigned]
O108 - CMH1: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) – C:\Windows\System32\WorkfoldersShell.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH2: NvAppShExt [64Bits] - {A929C4CE-FD36-4270-B4F5-34ECAC5BD63C} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) – C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\nv3dappshext.dll =>.Nvidia Corporation®
O108 - CMH2: OpenContainingFolderMenu [64Bits] - {37ea3a21-7493-4208-a011-7f9ea79ce9f5} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH2: OpenGLShExt [64Bits] - {E97DEC16-A50D-49bb-AE24-CF682282E08D} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) – C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\nv3dappshext.dll =>.Nvidia Corporation®
O108 - CMH2: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) – C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
O108 - CMH2: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.) [Unsigned]
O108 - CMH3: CopyAsPathMenu [64Bits] - {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH3: MBAMShlExt [64Bits] - {57CE581A-0CB6-4266-9CA0-19364C90A0B3} . (.Malwarebytes - Malwarebytes.) – C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll =>.Malwarebytes Inc.®
O108 - CMH3: SendTo [64Bits] - {7BA4C740-9E81-11CF-99D3-00AA004AE837} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH4: EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH4: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH4: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) – C:\Windows\System32\WorkfoldersShell.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH5: ACE [64Bits] - {5E2121EE-0300-11D4-8D3B-444553540000} . (.Advanced Micro Devices, Inc. - Radeon Software: Desktop Control Panel.) – C:\WINDOWS\System32\atiacm64.dll [Unsigned] =>.Advanced Micro Devices, Inc.
O108 - CMH5: New [64Bits] - {D969A300-E7FF-11d0-A93B-00A0C90F2719} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH5: NvCplDesktopContext [64Bits] - {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} . (.NVIDIA Corporation - NVIDIA Display Shell Extension.) – C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\nvshext.dll =>.Nvidia Corporation®
O108 - CMH5: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH5: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) – C:\Windows\System32\WorkfoldersShell.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH6: Library Location [64Bits] - {3dad6c5d-2167-4cae-9914-f99e41c12cfa} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH6: MBAMShlExt [64Bits] - {57CE581A-0CB6-4266-9CA0-19364C90A0B3} . (.Malwarebytes - Malwarebytes.) – C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll =>.Malwarebytes Inc.®
O108 - CMH6: PintoStartScreen [64Bits] - {470C0EBD-5D73-4d58-9CED-E91E22E23282} . (.Microsoft Corporation - App Resolver.) – C:\Windows\System32\appresolver.dll =>.Microsoft®
O108 - CMH6: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) – C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
O108 - CMH6: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.) [Unsigned]
O108 - CMH7: EnhancedStorageShell [64Bits] - {2854F705-3548-414C-A113-93E27C808C85} . (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) – C:\Windows\System32\EhStorShell.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH7: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation

—\ Image File Execution Options (10) - 0s
O50 - IFEO:C:\WINDOWS\System32\ie4uinit.exe - (.Microsoft Corporation - IE Per-User Initialisation Utility.) [MitigationOptions\256] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) [MitigationOptions\256] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\MRT.exe - (.Microsoft Corporation - Microsoft Windows Malicious Software Remova.) [CFGOptions\1] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\256] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Microsoft (R) HTML Application host.) [MitigationOptions\256] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation Host.) [MitigationOptions\1118481] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\2097152] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\4294967296] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [MitigationOptions\2097152] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Host Process for Windows Services.) [MinimumStackCommitInBytes\32768] =>.Microsoft®

—\ System Drivers List (445) - 14s
O58 - SDL:2019/12/07 10:07:53 A . (.Microsoft Corporation - 1394 OpenHCI Driver.) – C:\WINDOWS\System32\drivers\1394ohci.sys [266240] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:53 A . (.LSI - LSI 3ware SCSI Storport Driver.) – C:\WINDOWS\System32\drivers\3ware.sys [107320] =>.Microsoft®
O58 - SDL:2022/07/01 07:16:53 A . (.Microsoft Corporation - ACPI Driver for NT.) – C:\WINDOWS\System32\drivers\acpi.sys [810344] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Microsoft Corporation - ACPI Devices Driver.) – C:\WINDOWS\System32\drivers\AcpiDev.sys [23040] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:09 A . (.Microsoft Corporation - ACPIEx Driver.) – C:\WINDOWS\System32\drivers\acpiex.sys [139792] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - ACPI Processor Aggregator Device Driver.) – C:\WINDOWS\System32\drivers\acpipagr.sys [14336] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:50 A . (.Microsoft Corporation - ACPI Power Metering Driver.) – C:\WINDOWS\System32\drivers\acpipmi.sys [18432] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - ACPI Wake Alarm.) – C:\WINDOWS\System32\drivers\acpitime.sys [16384] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/02/23 21:14:27 A . (.Microsoft Corporation - Audio KMDF Class Extension.) – C:\WINDOWS\System32\drivers\Acx01000.sys [694272] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:53 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) – C:\WINDOWS\System32\drivers\adp80xx.sys [1135416] =>.Microsoft®
O58 - SDL:2022/07/01 07:17:19 A . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) – C:\WINDOWS\System32\drivers\afd.sys [651104] =>.Microsoft®
O58 - SDL:2022/08/11 11:23:38 A . (.Microsoft Corporation - AF_UNIX socket provider.) – C:\WINDOWS\System32\drivers\afunix.sys [44032] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/11/18 21:29:08 A . (.Microsoft Corporation - RAS Agile Vpn Miniport Call Manager.) – C:\WINDOWS\System32\drivers\agilevpn.sys [114176] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/27 16:48:58 A . (.Microsoft Corporation - Application Compatibility Cache.) – C:\WINDOWS\System32\drivers\ahcache.sys [292352] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/10/29 06:04:22 A . (.Advanced Micro Devices, Inc. - AMD Crash Defender.) – C:\WINDOWS\System32\drivers\amdfendr.sys [147872] =>.Microsoft®
O58 - SDL:2021/10/29 06:04:26 A . (.Advanced Micro Devices, Inc. - AMD Crash Defender Manager Driver.) – C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25016] =>.Microsoft®
O58 - SDL:2021/06/18 19:58:10 A . (.Advanced Micro Devices, Inc - AMD GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\amdgpio2.sys [54984] =>.Advanced Micro Devices INC.®
O58 - SDL:2021/06/18 19:58:14 A . (.Advanced Micro Devices, Inc - AMD I2C Controller Driver.) – C:\WINDOWS\System32\drivers\amdi2c.sys [76456] =>.Advanced Micro Devices INC.®
O58 - SDL:2022/11/18 21:28:47 A . (.Microsoft Corporation - Processor Device Driver.) – C:\WINDOWS\System32\drivers\amdk8.sys [209752] =>.Microsoft®
O58 - SDL:2021/07/12 14:52:10 A . (.Advanced Micro Devices, Inc. - AMD Micro PEP driver.) – C:\WINDOWS\System32\drivers\AmdMicroPEP.sys [236448] =>.Microsoft®
O58 - SDL:2020/10/06 20:12:42 A . (.Advanced Micro Devices - AMD PCI Device driver.) – C:\WINDOWS\System32\drivers\AMDPCIDev.sys [34096] =>.Advanced Micro Devices INC.®
O58 - SDL:2022/11/18 21:28:47 A . (.Microsoft Corporation - Processor Device Driver.) – C:\WINDOWS\System32\drivers\amdppm.sys [213840] =>.Microsoft®
O58 - SDL:2021/06/17 00:37:38 A . (.Advanced Micro Devices, Inc. - amdpsp sys.) – C:\WINDOWS\System32\drivers\amdpsp.sys [55096] =>.Advanced Micro Devices, Inc.®
O58 - SDL:2020/08/17 17:51:40 A . (.Advanced Micro Devices - AMD Ryzen Master Service Driver.) – C:\WINDOWS\System32\drivers\AMDRyzenMasterDriver.sys [78552] =>.Advanced Micro Devices INC.®
O58 - SDL:2019/12/07 10:07:53 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) – C:\WINDOWS\System32\drivers\amdsata.sys [83256] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) – C:\WINDOWS\System32\drivers\amdsbs.sys [259384] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Advanced Micro Devices - Storage Filter Driver.) – C:\WINDOWS\System32\drivers\amdxata.sys [26936] =>.Microsoft®
O58 - SDL:2022/12/14 11:20:55 A . (.Microsoft Corporation - AppID Driver.) – C:\WINDOWS\System32\drivers\appid.sys [212320] =>.Microsoft®
O58 - SDL:2022/12/14 11:20:55 A . (.Microsoft Corporation - Applocker Filter.) – C:\WINDOWS\System32\drivers\applockerfltr.sys [18432] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:53 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) – C:\WINDOWS\System32\drivers\arcsas.sys [131896] =>.Microsoft®
O58 - SDL:2021/09/30 10:14:58 A . (…) – C:\WINDOWS\System32\drivers\AsIO3.sys [43168] =>.ASUSTeK Computer Inc.®
O58 - SDL:2021/07/18 22:20:00 A . (.ASUSTeK COMPUTER INC. - ASUS Wireless Radio Control.) – C:\WINDOWS\System32\drivers\AsRadioControl.sys [33424] =>.ASUSTeK COMPUTER INC.®
O58 - SDL:2020/09/27 16:41:16 A . (.ASUSTek COMPUTER INC. - Asus PTP Filter Driver (x64).) – C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [112848] =>.ASUSTek Computer Inc.®
O58 - SDL:2019/12/07 10:09:07 A . (.Microsoft Corporation - MS Remote Access serial network driver.) – C:\WINDOWS\System32\drivers\asyncmac.sys [31232] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/08/11 11:23:19 A . (.Microsoft Corporation - ATAPI IDE Miniport Driver.) – C:\WINDOWS\System32\drivers\atapi.sys [31064] =>.Microsoft®
O58 - SDL:2022/08/11 11:23:19 A . (.Microsoft Corporation - ATAPI Driver Extension.) – C:\WINDOWS\System32\drivers\ataport.sys [225104] =>.Microsoft®
O58 - SDL:2021/07/30 10:23:46 A . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) – C:\WINDOWS\System32\drivers\AtihdWT6.sys [246200] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:41 A . (.Microsoft Corporation - BAM Kernel Driver.) – C:\WINDOWS\System32\drivers\bam.sys [78136] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Battery Class Driver.) – C:\WINDOWS\System32\drivers\battc.sys [41272] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:47 A . (. - BCM Function 2 Device Driver.) – C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] [Unsigned] =>.Broadcom Corporation
O58 - SDL:2019/12/07 10:09:00 A . (.Microsoft Corporation - BEEP Driver.) – C:\WINDOWS\System32\drivers\beep.sys [10240] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/01/11 12:54:39 A . (.Microsoft Corporation - Windows Bind Filter Driver.) – C:\WINDOWS\System32\drivers\bindflt.sys [145760] =>.Microsoft®
O58 - SDL:2022/03/30 10:14:26 A . (.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) – C:\WINDOWS\System32\drivers\bowser.sys [117760] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:39 A . (.Microsoft Corporation - MAC Bridge Driver.) – C:\WINDOWS\System32\drivers\bridge.sys [127488] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Microsoft Corporation - Microsoft Bluetooth Audio Multiprofile Mana.) – C:\WINDOWS\System32\drivers\BtaMPM.sys [36352] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/07/01 07:16:53 N . (.Microsoft Corporation - Bluetooth A2DP Driver.) – C:\WINDOWS\System32\drivers\BthA2dp.sys [287232] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/01/11 12:54:38 A . (.Microsoft Corporation - Bluetooth Bus Extender.) – C:\WINDOWS\System32\drivers\bthenum.sys [113664] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/07/01 07:16:53 A . (.Microsoft Corporation - Bluetooth Hands-Free Audio and Call Control.) – C:\WINDOWS\System32\drivers\BthHfEnum.sys [147968] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/01/11 12:54:38 A . (.Microsoft Corporation - Bluetooth Transport Extensibility Miniport.) – C:\WINDOWS\System32\drivers\BthMini.SYS [45568] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:50 A . (.Microsoft Corporation - Bluetooth Communications Driver.) – C:\WINDOWS\System32\drivers\bthmodem.sys [76800] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Bluetooth Personal Area Networking.) – C:\WINDOWS\System32\drivers\bthpan.sys [133632] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/01/11 12:54:38 A . (.Microsoft Corporation - Bluetooth Bus Driver.) – C:\WINDOWS\System32\drivers\bthport.sys [1565696] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/01/11 12:54:38 A . (.Microsoft Corporation - Bluetooth Miniport Driver.) – C:\WINDOWS\System32\drivers\BTHUSB.SYS [110592] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - VHD BTT Filter Driver.) – C:\WINDOWS\System32\drivers\bttflt.sys [43832] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Button Converter Driver.) – C:\WINDOWS\System32\drivers\buttonconverter.sys [44032] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:50 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) – C:\WINDOWS\System32\drivers\bxvbda.sys [533816] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:47 A . (.Microsoft Corporation - Charge Arbiration Driver.) – C:\WINDOWS\System32\drivers\CAD.sys [66576] =>.Microsoft®
O58 - SDL:2022/11/18 21:29:15 A . (.Microsoft Corporation - CD-ROM File System Driver.) – C:\WINDOWS\System32\drivers\cdfs.sys [100864] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/27 16:48:18 A . (.Microsoft Corporation - SCSI CD-ROM Driver.) – C:\WINDOWS\System32\drivers\cdrom.sys [175616] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/03/30 10:14:30 A . (.Microsoft Corporation - Event Aggregation Kernel Mode Library.) – C:\WINDOWS\System32\drivers\CEA.sys [82256] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) – C:\WINDOWS\System32\drivers\cht4dx64.sys [144184] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) – C:\WINDOWS\System32\drivers\cht4sx64.sys [319800] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Chelsio Communications - VF library for Chelsio ® T5/T6 Chipset.) – C:\WINDOWS\System32\drivers\cht4vfx.sys [28672] [Unsigned] =>.Chelsio Communications
O58 - SDL:2019/12/07 10:07:54 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T5/T6 Chip.) – C:\WINDOWS\System32\drivers\cht4vx64.sys [1853752] =>.Microsoft®
O58 - SDL:2022/11/18 21:29:00 A . (…) – C:\WINDOWS\System32\drivers\cimfs.sys [98816] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:50 A . (.Microsoft Corporation - Consumer IR Class Driver for eHome.) – C:\WINDOWS\System32\drivers\circlass.sys [52224] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/08/11 11:23:35 A . (.Microsoft Corporation - SCSI Class System Dll.) – C:\WINDOWS\System32\drivers\Classpnp.sys [432472] =>.Microsoft®
O58 - SDL:2022/11/18 21:29:03 A . (.Microsoft Corporation - Cloud Files Mini Filter Driver.) – C:\WINDOWS\System32\drivers\cldflt.sys [496128] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/11/18 21:29:04 A . (.Microsoft Corporation - Common Log File System Driver.) – C:\WINDOWS\System32\drivers\clfs.sys [419680] =>.Microsoft®
O58 - SDL:2022/12/14 11:20:51 A . (.Microsoft Corporation - CLIP Service.) – C:\WINDOWS\System32\drivers\ClipSp.sys [1104768] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Control Method Battery Driver.) – C:\WINDOWS\System32\drivers\CmBatt.sys [36864] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/27 16:48:22 A . (.Microsoft Corporation - Kernel Configuration Manager Initial Config.) – C:\WINDOWS\System32\drivers\cmimcext.sys [29000] =>.Microsoft®
O58 - SDL:2023/01/11 12:54:40 A . (.Microsoft Corporation - Kernel Cryptography, Next Generation.) – C:\WINDOWS\System32\drivers\cng.sys [747448] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:37 A . (.Microsoft Corporation - CNG Hardware Assist algorithm provider.) – C:\WINDOWS\System32\drivers\cnghwassist.sys [40968] =>.Microsoft®
O58 - SDL:2021/12/27 16:48:44 A . (.Microsoft Corporation - Console Driver.) – C:\WINDOWS\System32\drivers\condrv.sys [57144] =>.Microsoft®
O58 - SDL:2022/11/18 21:29:04 A . (.Microsoft Corporation - Crash Dump Driver.) – C:\WINDOWS\System32\drivers\crashdmp.sys [101736] =>.Microsoft®
O58 - SDL:2021/12/27 16:48:47 A . (.Microsoft Corporation - DAM Kernel Driver.) – C:\WINDOWS\System32\drivers\dam.sys [97096] =>.Microsoft®
O58 - SDL:2022/03/30 10:14:25 A . (.Microsoft Corporation - Xbox Device Authentication Driver.) – C:\WINDOWS\System32\drivers\devauthe.sys [47104] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/12/14 11:20:56 A . (.Microsoft Corporation - DFS Namespace Client Driver.) – C:\WINDOWS\System32\drivers\dfsc.sys [152064] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/08/11 11:23:19 A . (.Microsoft Corporation - PnP Disk Driver.) – C:\WINDOWS\System32\drivers\disk.sys [106336] =>.Microsoft®
O58 - SDL:2022/11/18 21:29:05 A . (.Microsoft Corporation - Crash Dump Disk Driver.) – C:\WINDOWS\System32\drivers\Diskdump.sys [41312] =>.Microsoft®
O58 - SDL:2022/11/18 21:29:05 A . (.Microsoft Corporation - Boot Over USB Dump Driver.) – C:\WINDOWS\System32\drivers\Dmpusbstor.sys [20480] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:57 A . (.Microsoft Corporation - Dynamic Memory.) – C:\WINDOWS\System32\drivers\dmvsc.sys [59192] =>.Microsoft®
O58 - SDL:2021/12/27 16:48:18 A . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) – C:\WINDOWS\System32\drivers\drmk.sys [97792] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/27 16:48:18 A . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) – C:\WINDOWS\System32\drivers\drmkaud.sys [16128] =>.Microsoft®
O58 - SDL:2022/11/18 21:29:01 A . (.Microsoft Corporation - ATAPI Dump Driver.) – C:\WINDOWS\System32\drivers\Dumpata.sys [40784] =>.Microsoft®
O58 - SDL:2022/11/18 21:29:31 A . (.Microsoft Corporation - Bitlocker Drive Encryption Crashdump Filter.) – C:\WINDOWS\System32\drivers\dumpfve.sys [95176] =>.Microsoft®
O58 - SDL:2022/11/18 21:28:47 A . (.Microsoft Corporation - SD Crashdump Port Driver.) – C:\WINDOWS\System32\drivers\dumpsd.sys [198504] =>.Microsoft®
O58 - SDL:2022/07/01 07:17:13 A . (.Microsoft Corporation - SD Host Controller Crashdump Port Driver.) – C:\WINDOWS\System32\drivers\dumpsdport.sys [32768] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/11/18 21:29:05 A . (.Microsoft Corporation - Storport Dump Driver.) – C:\WINDOWS\System32\drivers\Dumpstorport.sys [38232] =>.Microsoft®
O58 - SDL:2022/12/14 11:20:52 A . (.Microsoft Corporation - DirectX Graphics Kernel.) – C:\WINDOWS\System32\drivers\dxgkrnl.sys [3814784] =>.Microsoft®
O58 - SDL:2022/12/14 11:20:52 A . (.Microsoft Corporation - DirectX Graphics MMS.) – C:\WINDOWS\System32\drivers\dxgmms1.sys [456032] =>.Microsoft®
O58 - SDL:2022/12/14 11:20:52 A . (.Microsoft Corporation - DirectX Graphics MMS.) – C:\WINDOWS\System32\drivers\dxgmms2.sys [902992] =>.Microsoft®
O58 - SDL:2021/12/27 16:49:25 A . (.Microsoft Corporation - Enhanced Storage Class driver for IEEE 1667.) – C:\WINDOWS\System32\drivers\EhStorClass.sys [95032] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:50 A . (.Microsoft Corporation - Microsoft driver for storage devices suppor.) – C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys [124728] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Error Device Driver.) – C:\WINDOWS\System32\drivers\errdev.sys [15872] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:50 A . (.QLogic Corporation - QLogic 10 GigE VBD.) – C:\WINDOWS\System32\drivers\evbda.sys [3418936] =>.Microsoft®
O58 - SDL:2022/11/18 21:28:48 A . (.Microsoft Corporation - Microsoft Extended FAT File System.) – C:\WINDOWS\System32\drivers\exfat.sys [418640] =>.Microsoft®
O58 - SDL:2023/02/01 22:30:00 A . (.Malwarebytes - Malwarebytes Anti-Ransomware Protection.) – C:\WINDOWS\System32\drivers\farflt.sys [198088] =>.Microsoft®
O58 - SDL:2022/11/18 21:28:48 A . (.Microsoft Corporation - Fast FAT File System Driver.) – C:\WINDOWS\System32\drivers\fastfat.sys [426328] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Floppy Disk Controller Driver.) – C:\WINDOWS\System32\drivers\fdc.sys [34816] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:09 A . (.Microsoft Corporation - Windows sandboxing and encryption filter.) – C:\WINDOWS\System32\drivers\filecrypt.sys [59392] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:46 A . (.Microsoft Corporation - FileInfo Filter Driver.) – C:\WINDOWS\System32\drivers\fileinfo.sys [94736] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:46 A . (.Microsoft Corporation - File Trace Filter Driver.) – C:\WINDOWS\System32\drivers\filetrace.sys [40448] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Floppy Driver.) – C:\WINDOWS\System32\drivers\flpydisk.sys [28672] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/07/15 11:43:45 A . (.Microsoft Corporation - Microsoft Filesystem Filter Manager.) – C:\WINDOWS\System32\drivers\fltMgr.sys [429928] =>.Microsoft®
O58 - SDL:2022/12/14 11:20:50 A . (.Microsoft Corporation - File System Dependency Manager Mini Filter.) – C:\WINDOWS\System32\drivers\fsdepends.sys [71040] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - File System Recognizer Driver.) – C:\WINDOWS\System32\drivers\fs_rec.sys [33592] =>.Microsoft®
O58 - SDL:2022/11/18 21:29:31 A . (.Microsoft Corporation - BitLocker Drive Encryption Driver.) – C:\WINDOWS\System32\drivers\fvevol.sys [802624] =>.Microsoft®
O58 - SDL:2022/12/14 11:20:56 A . (.Microsoft Corporation - FWP/IPsec Kernel-Mode API.) – C:\WINDOWS\System32\drivers\FWPKCLNT.SYS [503632] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:05 A . (.Microsoft Corporation - GPU Energy Kernel Driver.) – C:\WINDOWS\System32\drivers\gpuenergydrv.sys [8704] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/03/30 10:14:25 A . (.Microsoft Corporation - High Definition Audio Bus Driver.) – C:\WINDOWS\System32\drivers\hdaudbus.sys [134656] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2020/11/21 13:27:23 A . (.Microsoft Corporation - High Definition Audio Function Driver.) – C:\WINDOWS\System32\drivers\HdAudio.sys [430080] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Hid Battery Driver.) – C:\WINDOWS\System32\drivers\hidbatt.sys [39440] =>.Microsoft®
O58 - SDL:2020/11/21 13:27:24 A . (.Microsoft Corporation - Bluetooth Miniport Driver for HID Devices.) – C:\WINDOWS\System32\drivers\hidbth.sys [120320] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/01/11 12:54:38 A . (.Microsoft Corporation - Hid Class Library.) – C:\WINDOWS\System32\drivers\hidclass.sys [241152] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - I2C HID Miniport Driver.) – C:\WINDOWS\System32\drivers\hidi2c.sys [57344] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - HID Button over Interrupt Driver.) – C:\WINDOWS\System32\drivers\hidinterrupt.sys [55824] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:50 A . (.Microsoft Corporation - Infrared Miniport Driver for Input Devices.) – C:\WINDOWS\System32\drivers\hidir.sys [48640] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/01/11 12:54:38 A . (.Microsoft Corporation - Hid Parsing Library.) – C:\WINDOWS\System32\drivers\hidparse.sys [46080] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - SPI HID Miniport Driver.) – C:\WINDOWS\System32\drivers\hidspi.sys [66560] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/01/11 12:54:38 A . (.Microsoft Corporation - USB Miniport Driver for Input Devices.) – C:\WINDOWS\System32\drivers\hidusb.sys [44032] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:53 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) – C:\WINDOWS\System32\drivers\HpSAMD.sys [64312] =>.Microsoft®
O58 - SDL:2022/11/18 21:29:03 A . (.Microsoft Corporation - HTTP Protocol Stack.) – C:\WINDOWS\System32\drivers\http.sys [1583488] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:57 A . (.Microsoft Corporation - Hyper-V Crashdump.) – C:\WINDOWS\System32\drivers\hvcrash.sys [35128] =>.Microsoft®
O58 - SDL:2022/12/14 11:21:02 A . (.Microsoft Corporation - Hypervisor Boot Driver.) – C:\WINDOWS\System32\drivers\hvservice.sys [96080] =>.Microsoft®
O58 - SDL:2022/07/01 07:17:43 A . (.Microsoft Corporation - Microsoft Hyper-V Socket Provider.) – C:\WINDOWS\System32\drivers\hvsocket.sys [149328] =>.Microsoft®
O58 - SDL:2020/11/21 13:28:03 A . (.Microsoft Corporation - Hardware Policy Driver.) – C:\WINDOWS\System32\drivers\hwpolicy.sys [33096] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:57 A . (.Microsoft Corporation - Microsoft VMBus Synthetic Keyboard Driver.) – C:\WINDOWS\System32\drivers\hyperkbd.sys [27448] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:57 A . (.Microsoft Corporation - Microsoft VMBus Video Device Miniport Drive.) – C:\WINDOWS\System32\drivers\HyperVideo.sys [41784] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - i8042 Port Driver.) – C:\WINDOWS\System32\drivers\i8042prt.sys [118272] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\iagpio.sys [36352] [Unsigned] =>.Intel(R) Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) – C:\WINDOWS\System32\drivers\iai2c.sys [91136] [Unsigned] =>.Intel(R) Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [79360] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [93184] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [171520] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [175104] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [177152] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 10:07:50 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group®
O58 - SDL:2019/12/07 10:07:50 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) – C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 10:07:54 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) – C:\WINDOWS\System32\drivers\iaStorAVC.sys [884752] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) – C:\WINDOWS\System32\drivers\iaStorV.sys [412176] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Mellanox - InfiniBand Fabric Bus Driver.) – C:\WINDOWS\System32\drivers\ibbus.sys [558904] =>.Microsoft®
O58 - SDL:2021/07/05 00:12:40 A . (.Intelligo Technology Inc. - Virtual Audio Driver.) – C:\WINDOWS\System32\drivers\igovsd.sys [42344] {3E5CA31B817BD1E41CB45024}.
O58 - SDL:2020/11/21 13:27:54 A . (.Microsoft Corporation - Indirect displays kernel-mode filter driver.) – C:\WINDOWS\System32\drivers\IndirectKmd.sys [47104] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/08/11 11:23:19 A . (.Microsoft Corporation - Intel PCI IDE Driver.) – C:\WINDOWS\System32\drivers\intelide.sys [20816] =>.Microsoft®
O58 - SDL:2021/12/27 16:48:18 A . (.Microsoft Corporation - Intel Power Engine Plugin.) – C:\WINDOWS\System32\drivers\intelpep.sys [418800] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:47 A . (.Microsoft Corporation - Intel Power Limit Driver.) – C:\WINDOWS\System32\drivers\intelpmax.sys [30720] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/11/18 21:28:47 A . (.Microsoft Corporation - Processor Device Driver.) – C:\WINDOWS\System32\drivers\intelppm.sys [233344] =>.Microsoft®
O58 - SDL:2020/11/21 13:27:23 A . (.Microsoft Corporation - Intel Telemetry Driver.) – C:\WINDOWS\System32\drivers\IntelTA.sys [26608] =>.Microsoft®
O58 - SDL:2022/11/24 17:50:14 A . (.ASUSTeK Computer Inc. - ASUS Kernel Mode Driver for NT.) – C:\WINDOWS\System32\drivers\IOMap64.sys [35344] =>.ASUSTEK COMPUTER INC.®
O58 - SDL:2021/12/27 16:48:20 A . (.Microsoft Corporation - I/O rate control Filter.) – C:\WINDOWS\System32\drivers\iorate.sys [57168] =>.Microsoft®
O58 - SDL:2022/11/18 21:29:08 A . (.Microsoft Corporation - IP FILTER DRIVER.) – C:\WINDOWS\System32\drivers\ipfltdrv.sys [91648] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/27 16:48:18 A . (.Microsoft Corporation - WMI IPMI DRIVER.) – C:\WINDOWS\System32\drivers\IPMIDrv.sys [117584] =>.Microsoft®
O58 - SDL:2022/11/18 21:29:00 A . (.Microsoft Corporation - IP Network Address Translator.) – C:\WINDOWS\System32\drivers\ipnat.sys [227328] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:09 A . (.Microsoft Corporation - IPT Driver.) – C:\WINDOWS\System32\drivers\ipt.sys [59704] =>.Microsoft®
O58 - SDL:2021/12/27 16:48:18 A . (.Microsoft Corporation - PNP ISA Bus Driver.) – C:\WINDOWS\System32\drivers\isapnp.sys [22864] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Avago Technologies - Avago SAS Gen3.5 Driver (StorPort).) – C:\WINDOWS\System32\drivers\ItSas35i.sys [172344] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Keyboard Class Driver.) – C:\WINDOWS\System32\drivers\kbdclass.sys [71480] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - HID Keyboard Filter Driver.) – C:\WINDOWS\System32\drivers\kbdhid.sys [46592] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Microsoft Kernel Debugger Network Miniport.) – C:\WINDOWS\System32\drivers\kdnic.sys [33296] =>.Microsoft®
O58 - SDL:2022/07/01 07:16:55 A . (.Microsoft Corporation - Network Power Dependency Broker.) – C:\WINDOWS\System32\drivers\KNetPwrDepBroker.sys [32256] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/12/14 11:20:57 A . (.Microsoft Corporation - Kernel CSA Library.) – C:\WINDOWS\System32\drivers\ks.sys [454656] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/11/18 21:29:04 A . (.Microsoft Corporation - Kernel Security Support Provider Interface.) – C:\WINDOWS\System32\drivers\ksecdd.sys [149368] =>.Microsoft®
O58 - SDL:2023/01/11 12:54:40 A . (.Microsoft Corporation - Kernel Security Support Provider Interface.) – C:\WINDOWS\System32\drivers\ksecpkg.sys [181072] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:58 A . (.Microsoft Corporation - Kernel Streaming WOW Thunk Service.) – C:\WINDOWS\System32\drivers\ksthunk.sys [29696] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:55 A . (.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) – C:\WINDOWS\System32\drivers\lltdio.sys [72704] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:53 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas.sys [108856] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas2i.sys [124216] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas3i.sys [135992] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sss.sys [82744] =>.Microsoft®
O58 - SDL:2022/11/18 21:29:07 A . (.Microsoft Corporation - LUA File Virtualization Filter Driver.) – C:\WINDOWS\System32\drivers\luafv.sys [146944] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - MA-USB Host Controller Driver.) – C:\WINDOWS\System32\drivers\mausbhost.sys [537608] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - MA-USB IP Driver.) – C:\WINDOWS\System32\drivers\mausbip.sys [64016] =>.Microsoft®
O58 - SDL:2022/09/15 09:05:28 A . (.Malwarebytes - Malwarebytes Anti-Exploit.) – C:\WINDOWS\System32\drivers\mbae64.sys [158640] =>.Microsoft®
O58 - SDL:2023/02/01 22:30:03 A . (.Malwarebytes - Malwarebytes Real-Time Protection.) – C:\WINDOWS\System32\drivers\mbam.sys [76216] =>.Microsoft®
O58 - SDL:2023/02/01 02:45:05 A . (.Malwarebytes - Malwarebytes Chameleon.) – C:\WINDOWS\System32\drivers\MbamChameleon.sys [223176] =>.Microsoft®
O58 - SDL:2022/09/15 09:05:02 A . (.Malwarebytes - Malwarebytes Early Launch Anti-Malware Driv.) – C:\WINDOWS\System32\drivers\MbamElam.sys [21480] =>.Microsoft®
O58 - SDL:2022/12/11 16:54:22 A . (.Malwarebytes - Malwarebytes SwissArmy.) – C:\WINDOWS\System32\drivers\mbamswissarmy.sys [239544] =>.Microsoft®
O58 - SDL:2022/07/01 07:16:55 A . (.Microsoft Corporation - Windows Mobile Broadband Class Extension.) – C:\WINDOWS\System32\drivers\MbbCx.sys [386048] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:00 A . (.Microsoft Corporation - Medium changer class driver.) – C:\WINDOWS\System32\drivers\mcd.sys [25088] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\megasas.sys [59704] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\MegaSas2i.sys [81720] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\megasas35i.sys [105480] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) – C:\WINDOWS\System32\drivers\megasr.sys [575800] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:47 A . (.Microsoft Corporation - Microsoft Bluetooth Avrcp Transport Driver.) – C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [65024] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2020/11/21 13:27:24 A . (.Microsoft Corporation - Legacy Bluetooth LE Bus Enumerator.) – C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [106496] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:54 A . (.Mellanox - MLX4 Bus Driver.) – C:\WINDOWS\System32\drivers\mlx4_bus.sys [1131320] =>.Microsoft®
O58 - SDL:2020/11/21 13:27:27 A . (.Microsoft Corporation - MMCSS Driver.) – C:\WINDOWS\System32\drivers\mmcss.sys [53248] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/27 16:49:31 A . (.Microsoft Corporation - Modem Device Driver.) – C:\WINDOWS\System32\drivers\modem.sys [47104] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/27 16:48:18 A . (.Microsoft Corporation - Monitor Driver.) – C:\WINDOWS\System32\drivers\monitor.sys [83968] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Mouse Class Driver.) – C:\WINDOWS\System32\drivers\mouclass.sys [67600] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - HID Mouse Filter Driver.) – C:\WINDOWS\System32\drivers\mouhid.sys [35328] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - Mount Point Manager.) – C:\WINDOWS\System32\drivers\mountmgr.sys [110392] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:33 A . (.Microsoft Corporation - Microsoft Protection Service Driver.) – C:\WINDOWS\System32\drivers\mpsdrv.sys [80896] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/03/30 10:14:50 A . (.Microsoft Corporation - Windows NT WebDav Minirdr.) – C:\WINDOWS\System32\drivers\mrxdav.sys [165888] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/11/18 21:29:04 A . (.Microsoft Corporation - Windows NT SMB Minirdr.) – C:\WINDOWS\System32\drivers\mrxsmb.sys [580464] =>.Microsoft®
O58 - SDL:2022/11/18 21:29:04 A . (.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) – C:\WINDOWS\System32\drivers\mrxsmb20.sys [263008] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - Mailslot driver.) – C:\WINDOWS\System32\drivers\msfs.sys [44048] =>.Microsoft®
O58 - SDL:2020/11/21 13:27:37 A . (.Microsoft Corporation - GPIO Class Extension Driver.) – C:\WINDOWS\System32\drivers\msgpioclx.sys [183112] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - GPIO Button Driver.) – C:\WINDOWS\System32\drivers\msgpiowin32.sys [56120] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:36 A . (.Microsoft Corporation - Pass-through HID to KMDF Filter Driver.) – C:\WINDOWS\System32\drivers\mshidkmdf.sys [8192] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:16 A . (.Microsoft Corporation - Pass-through Driver for HID-UMDF Interface.) – C:\WINDOWS\System32\drivers\mshidumdf.sys [12288] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:36 A . (.Microsoft Corporation - Hardware Notification Class Extension Drive.) – C:\WINDOWS\System32\drivers\mshwnclx.sys [30208] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/27 16:48:18 A . (.Microsoft Corporation - ISA Driver.) – C:\WINDOWS\System32\drivers\msisadrv.sys [20280] =>.Microsoft®
O58 - SDL:2021/12/27 16:48:18 A . (.Microsoft Corporation - Microsoft iSCSI Initiator Driver.) – C:\WINDOWS\System32\drivers\msiscsi.sys [293176] =>.Microsoft®
O58 - SDL:2022/12/14 11:20:57 A . (.Microsoft Corporation - MS KS Server.) – C:\WINDOWS\System32\drivers\mskssrv.sys [45568] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:05 A . (.Microsoft Corporation - Microsoft Link-Layer Discovery Protocol Dri.) – C:\WINDOWS\System32\drivers\mslldp.sys [78848] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:58 A . (.Microsoft Corporation - MS Proxy Clock.) – C:\WINDOWS\System32\drivers\mspclock.sys [11264] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:58 A . (.Microsoft Corporation - MS Proxy Quality Manager.) – C:\WINDOWS\System32\drivers\mspqm.sys [11264] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2020/11/21 13:28:01 A . (.Microsoft Corporation - Windows QUIC Driver.) – C:\WINDOWS\System32\drivers\msquic.sys [322376] =>.Microsoft®
O58 - SDL:2022/07/01 07:17:19 A . (.Microsoft Corporation - Kernel Remote Procedure Call Provider.) – C:\WINDOWS\System32\drivers\msrpc.sys [376688] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - System Management BIOS Driver.) – C:\WINDOWS\System32\drivers\mssmbios.sys [47928] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:58 A . (.Microsoft Corporation - WDM Tee/Communication Transform Filter.) – C:\WINDOWS\System32\drivers\mstee.sys [12288] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:53 A . (.Microsoft Corporation - Microsoft Multi-Touch HID Driver.) – C:\WINDOWS\System32\drivers\MTConfig.sys [17920] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/08/17 22:30:20 A . (.MediaTek Inc. - MTK Filter driver.) – C:\WINDOWS\System32\drivers\mtkbtfilterx.sys [280040] =>.Microsoft®
O58 - SDL:2022/04/27 20:06:18 A . (.MediaTek Inc. - MediaTek 802.11AX Wireless Adapter Driver.) – C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1403248] =>.Microsoft®
O58 - SDL:2022/12/14 11:20:56 A . (.Microsoft Corporation - Multiple UNC Provider Driver.) – C:\WINDOWS\System32\drivers\mup.sys [134480] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) – C:\WINDOWS\System32\drivers\mvumis.sys [63800] =>.Microsoft®
O58 - SDL:2023/02/01 22:29:59 A . (.Malwarebytes - Malwarebytes Web Protection.) – C:\WINDOWS\System32\drivers\mwac.sys [181816] =>.Malwarebytes Inc.®
O58 - SDL:2019/12/07 10:07:54 A . (.Mellanox - NetworkDirect Support Filter Driver.) – C:\WINDOWS\System32\drivers\ndfltr.sys [146232] =>.Microsoft®
O58 - SDL:2021/12/27 16:48:55 A . (.Microsoft Corporation - Network Driver Interface Specification (NDI.) – C:\WINDOWS\System32\drivers\ndis.sys [1476944] =>.Microsoft®
O58 - SDL:2019/12/07 10:09:48 A . (.Microsoft Corporation - Microsoft NDIS Packet Capture Filter Driver.) – C:\WINDOWS\System32\drivers\ndiscap.sys [54272] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2020/11/21 13:28:09 A . (.Microsoft Corporation - Microsoft Network Adapter Multiplexor.) – C:\WINDOWS\System32\drivers\NdisImPlatform.sys [135168] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2020/11/21 13:28:11 A . (.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) – C:\WINDOWS\System32\drivers\ndistapi.sys [28672] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - NDIS User mode I/O driver.) – C:\WINDOWS\System32\drivers\ndisuio.sys [70656] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:05 A . (.Microsoft Corporation - Microsoft Virtual Network Adapter Enumerato.) – C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [23040] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/07/01 07:17:25 A . (.Microsoft Corporation - MS PPP Framing Driver (Strong Encryption).) – C:\WINDOWS\System32\drivers\ndiswan.sys [208384] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:48 A . (.Microsoft Corporation - RDMA Sample Driver.) – C:\WINDOWS\System32\drivers\NDKPing.sys [72720] =>.Microsoft®
O58 - SDL:2020/11/21 13:28:11 A . (.Microsoft Corporation - NDIS Proxy.) – C:\WINDOWS\System32\drivers\ndproxy.sys [93696] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:33 A . (.Microsoft Corporation - Windows Network Data Usage Monitoring Drive.) – C:\WINDOWS\System32\drivers\Ndu.sys [131584] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/07/01 07:17:19 A . (.Microsoft Corporation - Network Adapter Class Extension for WDF.) – C:\WINDOWS\System32\drivers\NetAdapterCx.sys [210944] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:04 A . (.Microsoft Corporation - NetBIOS interface driver.) – C:\WINDOWS\System32\drivers\netbios.sys [64312] =>.Microsoft®
O58 - SDL:2020/11/21 13:28:09 A . (.Microsoft Corporation - MBT Transport driver.) – C:\WINDOWS\System32\drivers\netbt.sys [341504] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/11/18 21:29:04 A . (.Microsoft Corporation - Network I/O Subsystem.) – C:\WINDOWS\System32\drivers\netio.sys [608592] =>.Microsoft®
O58 - SDL:2022/07/01 07:16:54 A . (.Microsoft Corporation - Virtual NDIS Miniport.) – C:\WINDOWS\System32\drivers\netvsc.sys [252264] =>.Microsoft®
O58 - SDL:2022/02/23 21:14:54 A . (.Microsoft Corporation - NPFS Driver.) – C:\WINDOWS\System32\drivers\npfs.sys [87368] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Named pipe service triggers.) – C:\WINDOWS\System32\drivers\npsvctrig.sys [27648] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2020/11/21 13:28:04 A . (.Microsoft Corporation - NSI Proxy.) – C:\WINDOWS\System32\drivers\nsiproxy.sys [48640] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/12/14 11:20:55 A . (.Microsoft Corporation - NT File System Driver.) – C:\WINDOWS\System32\drivers\ntfs.sys [2838912] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:58 A . (.Microsoft Corporation - NTOS extension host driver.) – C:\WINDOWS\System32\drivers\ntosext.sys [20792] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - NULL Driver.) – C:\WINDOWS\System32\drivers\null.sys [7680] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - NVDIMM device driver.) – C:\WINDOWS\System32\drivers\nvdimm.sys [168464] =>.Microsoft®
O58 - SDL:2022/06/01 09:16:22 A . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) – C:\WINDOWS\System32\drivers\nvhda64v.sys [144504] =>.Nvidia Corporation®
O58 - SDL:2021/06/03 14:56:36 A . (.NVIDIA Corporation - Process and module monitoring driver.) – C:\WINDOWS\System32\drivers\NvModuleTracker.sys [43408] =>.NVIDIA Corporation®
O58 - SDL:2022/06/24 04:05:46 A . (.NVIDIA Corporation - NVIDIA Platform Controllers and Framework.) – C:\WINDOWS\System32\drivers\nvpcf.sys [234568] =>.Nvidia Corporation®
O58 - SDL:2019/12/07 10:07:53 A . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) – C:\WINDOWS\System32\drivers\nvraid.sys [150328] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) – C:\WINDOWS\System32\drivers\nvstor.sys [166200] =>.Microsoft®
O58 - SDL:2021/06/15 01:14:48 A . (.NVIDIA Corporation - Filter Driver for the blake Device (Framewo.) – C:\WINDOWS\System32\drivers\nvswcfilter.sys [53768] =>.NVIDIA Corporation®
O58 - SDL:2021/11/01 04:00:10 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) – C:\WINDOWS\System32\drivers\nvvad64v.sys [48552] =>.Microsoft®
O58 - SDL:2021/06/02 15:03:18 A . (.NVIDIA Corporation - Virtual USB Host Controller driver.) – C:\WINDOWS\System32\drivers\nvvhci.sys [67464] =>.NVIDIA Corporation®
O58 - SDL:2021/12/27 16:48:25 A . (.Microsoft Corporation - NativeWiFi Miniport Driver.) – C:\WINDOWS\System32\drivers\nwifi.sys [757760] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2020/11/21 13:27:52 A . (.Microsoft Corporation - QoS Packet Scheduler.) – C:\WINDOWS\System32\drivers\pacer.sys [161608] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Parallel Port Driver.) – C:\WINDOWS\System32\drivers\parport.sys [109056] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/11/18 21:29:04 A . (.Microsoft Corporation - Partition driver.) – C:\WINDOWS\System32\drivers\partmgr.sys [185728] =>.Microsoft®
O58 - SDL:2022/11/18 21:28:47 A . (.Microsoft Corporation - NT Plug and Play PCI Enumerator.) – C:\WINDOWS\System32\drivers\pci.sys [473424] =>.Microsoft®
O58 - SDL:2022/08/11 11:23:19 A . (.Microsoft Corporation - Generic PCI IDE Bus Driver.) – C:\WINDOWS\System32\drivers\pciide.sys [17752] =>.Microsoft®
O58 - SDL:2022/08/11 11:23:19 A . (.Microsoft Corporation - PCI IDE Bus Driver Extension.) – C:\WINDOWS\System32\drivers\pciidex.sys [57680] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:50 A . (.Microsoft Corporation - PCMCIA Bus Driver.) – C:\WINDOWS\System32\drivers\pcmcia.sys [127800] =>.Microsoft®
O58 - SDL:2022/07/15 11:43:45 A . (.Microsoft Corporation - Performance Counters for Windows Driver.) – C:\WINDOWS\System32\drivers\pcw.sys [60232] =>.Microsoft®
O58 - SDL:2021/12/27 16:48:22 A . (.Microsoft Corporation - Power Dependency Coordinator Driver.) – C:\WINDOWS\System32\drivers\pdc.sys [159056] =>.Microsoft®
O58 - SDL:2022/07/01 07:16:56 A . (.Microsoft Corporation - Protected Environment Authentication and Au.) – C:\WINDOWS\System32\drivers\PEAuth.sys [825344] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\percsas2i.sys [58680] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\percsas3i.sys [68408] =>.Microsoft®
O58 - SDL:2022/11/18 21:29:18 A . (.Microsoft Corporation - Packet Monitor Driver.) – C:\WINDOWS\System32\drivers\PktMon.sys [131424] =>.Microsoft®
O58 - SDL:2022/11/18 21:28:47 A . (.Microsoft Corporation - Persistent memory driver.) – C:\WINDOWS\System32\drivers\pmem.sys [142176] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:50 A . (.Microsoft Corporation - Plug and Play Memory Driver.) – C:\WINDOWS\System32\drivers\pnpmem.sys [17408] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:36 A . (.Microsoft Corporation - Port Device Class Configuration Filter Driv.) – C:\WINDOWS\System32\drivers\portcfg.sys [27136] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/27 16:48:18 A . (.Microsoft Corporation - Port Class (Class Driver for Port/Miniport.) – C:\WINDOWS\System32\drivers\portcls.sys [388608] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/11/18 21:28:47 A . (.Microsoft Corporation - Processor Device Driver.) – C:\WINDOWS\System32\drivers\processr.sys [218968] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:33 A . (.Microsoft Corporation - Time Travel Debugging Process Launch Monito.) – C:\WINDOWS\System32\drivers\ProcLaunchMon.sys [43448] =>.Microsoft®
O58 - SDL:2019/12/07 10:09:05 A . (.Microsoft Corporation - Microsoft Quality Windows Audio Video Exper.) – C:\WINDOWS\System32\drivers\qwavedrv.sys [53248] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:09 A . (.Microsoft Corporation - RAM Disk Driver.) – C:\WINDOWS\System32\drivers\ramdisk.sys [42296] =>.Microsoft®
O58 - SDL:2020/11/21 13:28:11 A . (.Microsoft Corporation - RAS Automatic Connection Driver.) – C:\WINDOWS\System32\drivers\rasacd.sys [20480] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/01/11 12:54:41 A . (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) – C:\WINDOWS\System32\drivers\rasl2tp.sys [117248] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:07 A . (.Microsoft Corporation - RAS PPPoE mini-port/call-manager driver.) – C:\WINDOWS\System32\drivers\raspppoe.sys [87552] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/11/18 21:29:08 A . (.Microsoft Corporation - Peer-to-Peer Tunneling Protocol.) – C:\WINDOWS\System32\drivers\raspptp.sys [105984] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/01/11 12:54:41 A . (.Microsoft Corporation - RAS SSTP Miniport Call Manager.) – C:\WINDOWS\System32\drivers\rassstp.sys [94208] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/03/30 08:55:20 A . (.Advanced Micro Devices, Inc. - AMD-RAID rcbottom.) – C:\WINDOWS\System32\drivers\rcbottom.sys [92360] {3A95E200607A8AE01F5391A1377C82F1}. =>.Advanced Micro Devices, Inc.
O58 - SDL:2021/03/30 08:55:21 A . (.Advanced Micro Devices, Inc. - AMD-RAID Configuration driver.) – C:\WINDOWS\System32\drivers\rccfg.sys [30920] {3A95E200607A8AE01F5391A1377C82F1}. =>.Advanced Micro Devices, Inc.
O58 - SDL:2021/03/30 08:55:19 A . (.Advanced Micro Devices, Inc. - AMD-RAID StorPort.) – C:\WINDOWS\System32\drivers\rcraid.sys [552136] {3A95E200607A8AE01F5391A1377C82F1}. =>.Advanced Micro Devices, Inc.
O58 - SDL:2022/07/15 11:43:46 A . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) – C:\WINDOWS\System32\drivers\rdbss.sys [457568] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Microsoft RDP Bus Device driver.) – C:\WINDOWS\System32\drivers\rdpbus.sys [28672] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/27 16:49:31 A . (.Microsoft Corporation - Microsoft RDP Device redirector.) – C:\WINDOWS\System32\drivers\rdpdr.sys [169984] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/11/18 21:29:18 A . (.Microsoft Corporation - Microsoft RDP Video Miniport driver.) – C:\WINDOWS\System32\drivers\rdpvideominiport.sys [32616] =>.Microsoft®
O58 - SDL:2019/12/07 10:09:54 A . (.Microsoft Corporation - ReadyBoost Driver.) – C:\WINDOWS\System32\drivers\rdyboost.sys [297784] =>.Microsoft®
O58 - SDL:2022/11/18 21:29:01 A . (.Microsoft Corporation - NT ReFS FS Driver.) – C:\WINDOWS\System32\drivers\refs.sys [2008960] =>.Microsoft®
O58 - SDL:2022/01/17 18:46:14 A . (.Microsoft Corporation - NT ReFS FS Driver.) – C:\WINDOWS\System32\drivers\refsv1.sys [990536] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Bluetooth RFCOMM Driver.) – C:\WINDOWS\System32\drivers\rfcomm.sys [213504] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/27 16:48:19 A . (.Microsoft Corporation - Microsoft RemoteFX VM Transport.) – C:\WINDOWS\System32\drivers\RfxVmt.sys [8192] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:50 A . (.Microsoft Corporation - ResourceHub Proxy Driver.) – C:\WINDOWS\System32\drivers\rhproxy.sys [115712] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:41 A . (.Microsoft Corporation - Reliable Multicast Transport.) – C:\WINDOWS\System32\drivers\rmcast.sys [158208] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:07 A . (.Microsoft Corporation - Remote NDIS Miniport.) – C:\WINDOWS\System32\drivers\RNDISMP.sys [37376] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:51 A . (.Microsoft Corporation - Legacy Non-Pnp Modem Device Driver.) – C:\WINDOWS\System32\drivers\rootmdm.sys [13824] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:55 A . (.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) – C:\WINDOWS\System32\drivers\rspndr.sys [89088] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/04/21 21:06:24 A . (.Realtek - Realtek 8125/8136/8168/8169 NDIS 6.40 64-bi.) – C:\WINDOWS\System32\drivers\rt640x64.sys [1149952] =>.Realtek Semiconductor Corp.®
O58 - SDL:2019/12/07 10:08:09 A . (.Realtek - Realtek PCIe GBE Family Controller Flight.) – C:\WINDOWS\System32\drivers\rteth.sys [48640] [Unsigned] =>.Realtek
O58 - SDL:2022/08/11 01:52:54 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) – C:\WINDOWS\System32\drivers\RTKVHD64.sys [6322920] =>.Realtek Semiconductor Corp.®
O58 - SDL:2021/12/27 16:48:18 A . (.Microsoft Corporation - SBP-2 Protocol Driver.) – C:\WINDOWS\System32\drivers\sbp2port.sys [118088] =>.Microsoft®
O58 - SDL:2023/01/11 12:54:40 A . (.Microsoft Corporation - Microsoft Smart Card Reader Filter Driver.) – C:\WINDOWS\System32\drivers\scfilter.sys [44032] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/02/23 21:14:26 A . (.Microsoft Corporation - Storage Class Memory Bus Driver.) – C:\WINDOWS\System32\drivers\scmbus.sys [158520] =>.Microsoft®
O58 - SDL:2021/12/27 16:48:59 A . (.Microsoft Corporation - SCSI Port Driver.) – C:\WINDOWS\System32\drivers\scsiport.sys [188232] =>.Microsoft®
O58 - SDL:2022/11/18 21:28:47 A . (.Microsoft Corporation - SecureDigital Bus Driver.) – C:\WINDOWS\System32\drivers\sdbus.sys [306520] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:50 A . (.Microsoft Corporation - SDF Reflector.) – C:\WINDOWS\System32\drivers\SDFRd.sys [35128] =>.Microsoft®
O58 - SDL:2022/07/01 07:16:56 A . (.Microsoft Corporation - SD Host Controller Port Driver.) – C:\WINDOWS\System32\drivers\sdport.sys [106344] =>.Microsoft®
O58 - SDL:2021/12/27 16:48:19 A . (.Microsoft Corporation - SD Storage Class Driver.) – C:\WINDOWS\System32\drivers\sdstor.sys [104264] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:36 A . (.Microsoft Corporation - Serial Class Extension.) – C:\WINDOWS\System32\drivers\SerCx.sys [86328] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:36 A . (.Microsoft Corporation - Serial Class Extension V2.) – C:\WINDOWS\System32\drivers\SerCx2.sys [173072] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Serial Port Enumerator.) – C:\WINDOWS\System32\drivers\serenum.sys [27648] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Serial Device Driver.) – C:\WINDOWS\System32\drivers\serial.sys [90624] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Serial Mouse Filter Driver.) – C:\WINDOWS\System32\drivers\sermouse.sys [29184] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - SCSI Floppy Driver.) – C:\WINDOWS\System32\drivers\sfloppy.sys [19456] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:33 A . (.Microsoft Corporation - System Guard Runtime Monitor Agent Driver.) – C:\WINDOWS\System32\drivers\SgrmAgent.sys [88080] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) – C:\WINDOWS\System32\drivers\sisraid2.sys [44856] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) – C:\WINDOWS\System32\drivers\sisraid4.sys [81720] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - Sleep Study Helper.) – C:\WINDOWS\System32\drivers\SleepStudyHelper.sys [38200] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Microsemi Corportation - Storport Miniport Driver for SmartRAID/Smar.) – C:\WINDOWS\System32\drivers\SmartSAMD.sys [209720] =>.Microsoft®
O58 - SDL:2019/12/07 10:09:09 A . (.Microsoft Corporation - Smart Card Driver Library.) – C:\WINDOWS\System32\drivers\smclib.sys [21504] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/11/18 21:28:47 A . (.Microsoft Corporation - Storage Spaces Dump Driver.) – C:\WINDOWS\System32\drivers\spacedump.sys [219984] =>.Microsoft®
O58 - SDL:2019/12/07 10:09:34 A . (.Microsoft Corporation - Storage Spaces Parser.) – C:\WINDOWS\System32\drivers\spaceparser.sys [26624] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/11/18 21:28:47 A . (.Microsoft Corporation - Storage Spaces Driver.) – C:\WINDOWS\System32\drivers\spaceport.sys [687440] =>.Microsoft®
O58 - SDL:2019/12/07 10:52:37 A . (.Microsoft Corporation - Holographic Spatial Graph Filter.) – C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [90936] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:37 A . (.Microsoft Corporation - SPB Class Extension.) – C:\WINDOWS\System32\drivers\SpbCx.sys [87352] =>.Microsoft®
O58 - SDL:2022/11/18 21:29:04 A . (.Microsoft Corporation - Smb 2.0 Server driver.) – C:\WINDOWS\System32\drivers\srv2.sys [784896] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/08/11 11:23:36 A . (.Microsoft Corporation - Server Network driver.) – C:\WINDOWS\System32\drivers\srvnet.sys [318976] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/09/30 05:23:56 A . (.Samsung Electronics Co., Ltd. - SAMSUNG USB Composite Device Driver.) – C:\WINDOWS\System32\drivers\ssudbus2.sys [167440] =>.Samsung Electronics CO., LTD.®
O58 - SDL:2022/09/30 05:24:08 A . (.Samsung Electronics Co., Ltd. - SAMSUNG Android Modem Device Driver.) – C:\WINDOWS\System32\drivers\ssudmdm.sys [174112] =>.Samsung Electronics CO., LTD.®
O58 - SDL:2021/10/08 11:00:46 A . (.QUALCOMM Incorporated - Filter Driver for the Qualcomm USB Driver S.) – C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144] =>.Samsung Electronics Co., Ltd.®
O58 - SDL:2019/12/07 10:07:53 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) – C:\WINDOWS\System32\drivers\stexstor.sys [31032] =>.Microsoft®
O58 - SDL:2022/08/11 11:23:19 A . (.Microsoft Corporation - MS AHCI Storport Miniport Driver.) – C:\WINDOWS\System32\drivers\storahci.sys [187240] =>.Microsoft®
O58 - SDL:2022/11/18 21:28:47 A . (.Microsoft Corporation - Microsoft NVM Express Storport Miniport Dri.) – C:\WINDOWS\System32\drivers\stornvme.sys [169816] =>.Microsoft®
O58 - SDL:2022/12/14 11:20:50 A . (.Microsoft Corporation - Microsoft Storage Port Driver.) – C:\WINDOWS\System32\drivers\storport.sys [726864] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:37 A . (.Microsoft Corporation - Storage QoS Filter.) – C:\WINDOWS\System32\drivers\storqosflt.sys [92984] =>.Microsoft®
O58 - SDL:2022/11/18 21:28:47 A . (.Microsoft Corporation - MS UFS Storport Miniport Driver.) – C:\WINDOWS\System32\drivers\storufs.sys [64872] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:57 A . (.Microsoft Corporation - Storage VSC Driver.) – C:\WINDOWS\System32\drivers\storvsc.sys [44048] =>.Microsoft®
O58 - SDL:2019/12/07 10:09:00 A . (.Microsoft Corporation - WDM CODEC Class Device Driver 2.0.) – C:\WINDOWS\System32\drivers\stream.sys [82432] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/27 16:48:19 A . (.Microsoft Corporation - Microsoft RemoteFX Synth3D Video VSC.) – C:\WINDOWS\System32\drivers\Synth3dVsc.sys [6656] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2020/07/09 20:06:58 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) – C:\WINDOWS\System32\drivers\tap0901cn.sys [47448] =>.Connectify (Connectify, Inc.)®
O58 - SDL:2019/12/07 10:09:00 A . (.Microsoft Corporation - SCSI Tape Class Driver.) – C:\WINDOWS\System32\drivers\tape.sys [33280] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/27 16:48:24 A . (.Microsoft Corporation - Export driver for kernel mode TPM API.) – C:\WINDOWS\System32\drivers\tbs.sys [31568] =>.Microsoft®
O58 - SDL:2022/12/14 11:20:56 A . (.Microsoft Corporation - TCP/IP Driver.) – C:\WINDOWS\System32\drivers\tcpip.sys [3001152] =>.Microsoft®
O58 - SDL:2022/11/18 21:29:07 A . (.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) – C:\WINDOWS\System32\drivers\tcpipreg.sys [60416] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - TDI Wrapper.) – C:\WINDOWS\System32\drivers\tdi.sys [39736] =>.Microsoft®
O58 - SDL:2021/12/27 16:49:22 A . (.Microsoft Corporation - TDI Translation Driver.) – C:\WINDOWS\System32\drivers\tdx.sys [117584] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Terminal Server Input Driver.) – C:\WINDOWS\System32\drivers\terminpt.sys [41272] =>.Microsoft®
O58 - SDL:2021/12/27 16:48:55 A . (.Microsoft Corporation - Kernel Transaction Manager Driver.) – C:\WINDOWS\System32\drivers\tm.sys [142136] =>.Microsoft®
O58 - SDL:2021/12/27 16:48:19 A . (.Microsoft Corporation - TPM Device Driver.) – C:\WINDOWS\System32\drivers\tpm.sys [255288] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:09 A . (.Microsoft Corporation - Remote Desktop USB Hub Filter Driver.) – C:\WINDOWS\System32\drivers\TsUsbFlt.sys [66560] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/27 16:48:18 A . (.Microsoft Corporation - Remote Desktop Generic USB Driver.) – C:\WINDOWS\System32\drivers\TsUsbGD.sys [37888] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/11/18 21:29:07 A . (.Microsoft Corporation - Microsoft Tunnel Interface Driver.) – C:\WINDOWS\System32\drivers\tunnel.sys [129024] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/11/18 21:28:47 A . (.Microsoft Corporation - Microsoft Uasp Driver.) – C:\WINDOWS\System32\drivers\uaspstor.sys [83816] =>.Microsoft®
O58 - SDL:2021/12/27 16:48:44 A . (.Microsoft Corporation - USB Connector Manager KMDF Class Extension.) – C:\WINDOWS\System32\drivers\UcmCx.sys [160256] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:37 A . (.Microsoft Corporation - UCM-TCPCI KMDF Class Extension.) – C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [188416] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - UCM-UCSI ACPI Client Driver.) – C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [36864] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2020/11/21 13:27:54 A . (.Microsoft Corporation - UCM-UCSI KMDF Class Extension.) – C:\WINDOWS\System32\drivers\UcmUcsiCx.sys [113152] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:09 A . (.Microsoft Corporation - USB Controller Extension.) – C:\WINDOWS\System32\drivers\Ucx01000.sys [259896] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:09 A . (.Microsoft Corporation - “udecx.DRIVER”.) – C:\WINDOWS\System32\drivers\Udecx.sys [52736] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:51 A . (.Microsoft Corporation - UDF File System Driver.) – C:\WINDOWS\System32\drivers\udfs.sys [344064] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/27 16:48:44 A . (.Microsoft Corporation - USB Function Driver Class Extension.) – C:\WINDOWS\System32\drivers\ufx01000.sys [324432] =>.Microsoft®
O58 - SDL:2022/11/18 21:28:47 A . (.Microsoft Corporation - UFX Synopsys Client Driver.) – C:\WINDOWS\System32\drivers\ufxsynopsys.sys [169344] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Generic pass-through driver.) – C:\WINDOWS\System32\drivers\umpass.sys [15360] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:37 A . (.Microsoft Corporation - USB Role-Switch Class Extension.) – C:\WINDOWS\System32\drivers\urscx01000.sys [76304] =>.Microsoft®
O58 - SDL:2019/12/07 10:09:07 A . (.Microsoft Corporation - Remote NDIS USB Driver.) – C:\WINDOWS\System32\drivers\usb8023.sys [24064] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/11/18 21:28:47 A . (.Microsoft Corporation - USB Audio Class Driver.) – C:\WINDOWS\System32\drivers\USBAUDIO.sys [205824] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:50 A . (.Microsoft Corporation - Microsoft USB Audio Class 2.0 Driver.) – C:\WINDOWS\System32\drivers\usbaudio2.sys [260608] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:41 A . (.Microsoft Corporation - Universal Serial Bus Camera Driver.) – C:\WINDOWS\System32\drivers\USBCAMD2.sys [40448] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/11/18 21:28:47 A . (.Microsoft Corporation - USB Common Class Generic Parent Driver.) – C:\WINDOWS\System32\drivers\usbccgp.sys [190800] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:50 A . (.Microsoft Corporation - USB Consumer IR Driver for eHome.) – C:\WINDOWS\System32\drivers\usbcir.sys [107520] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Universal Serial Bus Driver.) – C:\WINDOWS\System32\drivers\usbd.sys [33080] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - EHCI eUSB Miniport Driver.) – C:\WINDOWS\System32\drivers\usbehci.sys [86544] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Default Hub Driver for USB.) – C:\WINDOWS\System32\drivers\usbhub.sys [528184] =>.Microsoft®
O58 - SDL:2021/12/27 16:48:18 A . (.Microsoft Corporation - USB3 HUB Driver.) – C:\WINDOWS\System32\drivers\USBHUB3.SYS [648016] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - OHCI USB Miniport Driver.) – C:\WINDOWS\System32\drivers\usbohci.sys [30208] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:37 A . (…) – C:\WINDOWS\System32\drivers\UsbPmApi.sys [53248] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - USB 1.1 & 2.0 Port Driver.) – C:\WINDOWS\System32\drivers\usbport.sys [473400] =>.Microsoft®
O58 - SDL:2022/11/18 21:28:47 A . (.Microsoft Corporation - USB Printer driver.) – C:\WINDOWS\System32\drivers\usbprint.sys [43008] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/11/18 21:28:47 A . (.Microsoft Corporation - USB Serial Driver.) – C:\WINDOWS\System32\drivers\usbser.sys [81408] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/11/18 21:28:47 A . (.Microsoft Corporation - USB Mass Storage Class Driver.) – C:\WINDOWS\System32\drivers\USBSTOR.SYS [139624] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - UHCI USB Miniport Driver.) – C:\WINDOWS\System32\drivers\usbuhci.sys [39424] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/11/18 21:28:47 A . (.Microsoft Corporation - USB XHCI Driver.) – C:\WINDOWS\System32\drivers\USBXHCI.SYS [620368] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Virtual Drive Root Enumerator.) – C:\WINDOWS\System32\drivers\vdrvroot.sys [67384] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - Driver Verifier Extension.) – C:\WINDOWS\System32\drivers\VerifierExt.sys [347448] =>.Microsoft®
O58 - SDL:2022/12/14 11:20:49 A . (.Microsoft Corporation - VHD Miniport Driver.) – C:\WINDOWS\System32\drivers\vhdmp.sys [824144] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Virtual HID Framework (VHF) Driver.) – C:\WINDOWS\System32\drivers\vhf.sys [47616] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/12/14 11:20:50 A . (.Microsoft Corporation - Microsoft Hyper-V Virtualization Infrastruc.) – C:\WINDOWS\System32\drivers\Vid.sys [642384] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - Video Port Driver.) – C:\WINDOWS\System32\drivers\videoprt.sys [47104] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/11/18 21:29:19 A . (.Microsoft Corporation - Hyper-V VMBus KMCL.) – C:\WINDOWS\System32\drivers\vmbkmcl.sys [116048] =>.Microsoft®
O58 - SDL:2022/11/18 21:28:48 A . (.Microsoft Corporation - Microsoft Hyper-V Virtual Machine Bus Child.) – C:\WINDOWS\System32\drivers\vmbus.sys [162128] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:57 A . (.Microsoft Corporation - Microsoft VMBus HID Miniport.) – C:\WINDOWS\System32\drivers\VMBusHID.sys [36664] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:57 A . (.Microsoft Corporation - Virtual Machine Generation Counter.) – C:\WINDOWS\System32\drivers\vmgencounter.sys [23864] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:57 A . (.Microsoft Corporation - Virtual Machine Guest Infrastructure Driver.) – C:\WINDOWS\System32\drivers\vmgid.sys [19768] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:57 A . (.Microsoft Corporation - Microsoft S3 Emulated Device Cap Driver.) – C:\WINDOWS\System32\drivers\vms3cap.sys [18960] =>.Microsoft®
O58 - SDL:2021/12/27 16:48:19 A . (.Microsoft Corporation - Virtual Storage Filter Driver.) – C:\WINDOWS\System32\drivers\vmstorfl.sys [54080] =>.Microsoft®
O58 - SDL:2022/07/15 11:43:34 A . (.Microsoft Corporation - Volume Manager Driver.) – C:\WINDOWS\System32\drivers\volmgr.sys [92000] =>.Microsoft®
O58 - SDL:2019/12/07 10:09:37 A . (.Microsoft Corporation - Volume Manager Extension Driver.) – C:\WINDOWS\System32\drivers\volmgrx.sys [389432] =>.Microsoft®
O58 - SDL:2020/11/21 13:27:32 A . (.Microsoft Corporation - Volume Shadow Copy driver.) – C:\WINDOWS\System32\drivers\volsnap.sys [429880] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Microsoft Corporation - Volume driver.) – C:\WINDOWS\System32\drivers\volume.sys [16696] =>.Microsoft®
O58 - SDL:2022/11/18 21:28:48 A . (.Microsoft Corporation - Virtual PCI Bus.) – C:\WINDOWS\System32\drivers\vpci.sys [95576] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) – C:\WINDOWS\System32\drivers\vsmraid.sys [166712] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) – C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305464] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:13 A . (.Microsoft Corporation - Virtual Wireless Bus Driver.) – C:\WINDOWS\System32\drivers\vwifibus.sys [29184] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/27 16:48:25 A . (.Microsoft Corporation - Virtual WiFi Filter Driver.) – C:\WINDOWS\System32\drivers\vwififlt.sys [77824] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:13 A . (.Microsoft Corporation - Virtual WiFi Miniport Driver.) – C:\WINDOWS\System32\drivers\vwifimp.sys [50688] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:53 A . (.Microsoft Corporation - Wacom Serial Pen Tablet HID Driver.) – C:\WINDOWS\System32\drivers\wacompen.sys [31232] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2020/11/21 13:28:11 A . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) – C:\WINDOWS\System32\drivers\wanarp.sys [93184] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/27 16:48:32 A . (.Microsoft Corporation - Watchdog Driver.) – C:\WINDOWS\System32\drivers\watchdog.sys [74752] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/11/18 21:29:00 A . (.Microsoft Corporation - Windows Container Isolation FS Filter Drive.) – C:\WINDOWS\System32\drivers\wcifs.sys [209248] =>.Microsoft®
O58 - SDL:2022/07/01 07:17:13 A . (.Microsoft Corporation - Windows Container Name Virtualization FS Fi.) – C:\WINDOWS\System32\drivers\wcnfs.sys [93184] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:15 A . (.Microsoft Corporation - Microsoft antimalware boot driver.) – C:\WINDOWS\System32\drivers\WdBoot.sys [46688] =>.Microsoft®
O58 - SDL:2022/11/18 21:29:04 A . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) – C:\WINDOWS\System32\drivers\Wdf01000.sys [828752] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:15 A . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) – C:\WINDOWS\System32\drivers\WdFilter.sys [350136] =>.Microsoft®
O58 - SDL:2021/12/27 16:48:55 A . (.Microsoft Corporation - Kernel Mode Driver Framework Loader.) – C:\WINDOWS\System32\drivers\WdfLdr.sys [59192] =>.Microsoft®
O58 - SDL:2022/12/14 11:20:50 A . (.Microsoft Corporation - WDI Driver Framework Driver.) – C:\WINDOWS\System32\drivers\WdiWiFi.sys [967168] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:39 A . (.Microsoft Corporation - WDM Companion Filter.) – C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [23560] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:16 A . (.Microsoft Corporation - Windows Defender Network Stream Filter.) – C:\WINDOWS\System32\drivers\WdNisDrv.sys [54200] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - Windows Error Reporting Kernel Driver.) – C:\WINDOWS\System32\drivers\werkernel.sys [52024] =>.Microsoft®
O58 - SDL:2023/01/11 12:54:39 A . (.Microsoft Corporation - WFP NDIS 6.30 Lightweight Filter Driver.) – C:\WINDOWS\System32\drivers\wfplwfs.sys [181584] =>.Microsoft®
O58 - SDL:2021/12/27 16:48:51 A . (.Microsoft Corporation - Wim file system Driver.) – C:\WINDOWS\System32\drivers\wimmount.sys [39760] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:37 A . (.Microsoft Corporation - Windows Trusted Runtime Interface Driver.) – C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [76984] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Windows Trusted Runtime Service Proxy Drive.) – C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [18920] =>.Microsoft®
O58 - SDL:2019/12/07 10:09:51 A . (.Microsoft Corporation - Windows Hypervisor Interface Driver.) – C:\WINDOWS\System32\drivers\winhv.sys [32784] =>.Microsoft®
O58 - SDL:2019/12/07 10:09:33 A . (.Microsoft Corporation - Windows Hypervisor Root Interface Driver.) – C:\WINDOWS\System32\drivers\winhvr.sys [96056] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Mellanox - Kernel WinMad.) – C:\WINDOWS\System32\drivers\winmad.sys [36152] =>.Microsoft®
O58 - SDL:2022/03/30 10:14:25 A . (.Microsoft Corporation - Windows NAT Driver.) – C:\WINDOWS\System32\drivers\winnat.sys [261120] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Windows WinUSB Class Driver.) – C:\WINDOWS\System32\drivers\winusb.sys [107008] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:54 A . (.Mellanox - Kernel WinVerbs.) – C:\WINDOWS\System32\drivers\winverbs.sys [73016] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Windows Management Interface for ACPI.) – C:\WINDOWS\System32\drivers\wmiacpi.sys [19456] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - WMILIB WMI support library Dll.) – C:\WINDOWS\System32\drivers\wmilib.sys [19472] =>.Microsoft®
O58 - SDL:2023/01/11 12:54:39 A . (.Microsoft Corporation - Windows Overlay Filter.) – C:\WINDOWS\System32\drivers\wof.sys [235392] =>.Microsoft®
O58 - SDL:2019/12/07 10:52:38 A . (.Microsoft Corporation - Windows Portable Device Upper Class Filter.) – C:\WINDOWS\System32\drivers\WpdUpFltr.sys [32568] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - WPP Trace Recorder.) – C:\WINDOWS\System32\drivers\WppRecorder.sys [43832] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:41 A . (.Microsoft Corporation - Winsock2 IFS Layer.) – C:\WINDOWS\System32\drivers\ws2ifsl.sys [25088] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/08/11 11:23:38 A . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) – C:\WINDOWS\System32\drivers\WUDFPf.sys [136192] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/08/11 11:23:38 A . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) – C:\WINDOWS\System32\drivers\WUDFRd.sys [315392] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/03/30 10:14:25 A . (.Microsoft Corporation - Game Input Protocol Driver.) – C:\WINDOWS\System32\drivers\xboxgip.sys [332288] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/12/14 11:20:49 A . (.Microsoft Corporation - XINPUT filter driver for HID.) – C:\WINDOWS\System32\drivers\xinputhid.sys [57856] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/01/11 12:54:39 A . (.Microsoft Corporation - Multi-User Win32 Driver.) – C:\WINDOWS\System32\win32k.sys [604160] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/01/11 12:54:38 A . (.Microsoft Corporation - Base Win32k Kernel Driver.) – C:\WINDOWS\System32\win32kbase.sys [2885120] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/01/11 12:54:39 A . (.Microsoft Corporation - Full/Desktop Win32k Kernel Driver.) – C:\WINDOWS\System32\win32kfull.sys [3812352] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:34 A . (.Microsoft Corporation - Win32k non session driver.) – C:\WINDOWS\System32\win32kns.sys [30208] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/01/11 12:54:42 A . (.Microsoft Corporation - Multi-User Win32 Driver.) – C:\WINDOWS\SysWOW64\win32k.sys [335360] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/01/11 12:54:42 A . (.Microsoft Corporation - Full/Desktop Win32k Kernel Driver.) – C:\WINDOWS\SysWOW64\win32kfull.sys [2754048] [Unsigned] =>.Microsoft Corporation

—\ File Associations Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> [HKLM..\open\Command] (…) – “%1” %* =>.Default.Value
O67 - Shell Spawning: <.cpl> [HKLM..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) – C:\Windows\System32\control.exe [Unsigned] =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM..\open\Command] (…) – “%1” %* =>.Default.Value
O67 - Shell Spawning: <.com> [HKLM..\open\Command] (…) – “%1” %* =>.Default.Value
O67 - Shell Spawning: <.evt> [HKLM..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) – C:\Windows\System32\eventvwr.exe [Unsigned] =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> [HKLM..\open\Command] (…) – “%1” %* =>.Default.Value
O67 - Shell Spawning: <.html> [HKLM..\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft®
O67 - Shell Spawning: <.js> [HKLM..\open\Command] (…) – C:\Windows\System32\WScript.exe “%1” %* =>.Default.Value
O67 - Shell Spawning: <.reg> [HKLM..\open\Command] (.Microsoft Corporation - Registry Editor.) – C:\Windows\regedit.exe [Unsigned] =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> [HKLM..\open\Command] (…) – “%1” /S =>.Default.Value

—\ Start Menu Internet (16) - 1s
O68 - StartMenuInternet: [64Bits][HKLM..\Shell\open\Command] (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft®
O68 - StartMenuInternet: [64Bits][HKLM..\Shell\open\Command] (.Microsoft Corporation - Microsoft Edge.) – C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft®
O68 - StartMenuInternet: [64Bits][HKLM..\Shell\open\Command] (.Waterfox Limited - Waterfox.) – C:\Program Files\Waterfox\waterfox.exe {26953C08B49D365512E76066}. =>.Waterfox Limited
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Show IE Icon Utility.) – C:\WINDOWS\System32\ie4ushowIE.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Microsoft Edge.) – C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Waterfox Limited - Waterfox Helper.) – C:\Program Files\Waterfox\uninstall\helper.exe =>.Waterfox Limited
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialisation Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Microsoft Edge.) – C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Waterfox Limited - Waterfox Helper.) – C:\Program Files\Waterfox\uninstall\helper.exe =>.Waterfox Limited
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Show IE Icon Utility.) – C:\WINDOWS\System32\ie4ushowIE.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Microsoft Edge.) – C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Waterfox Limited - Waterfox Helper.) – C:\Program Files\Waterfox\uninstall\helper.exe =>.Waterfox Limited

—\ Search Browser Infection (1) - 5s
O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com

—\ Search Svchost Services (50) - 2s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smart card Certificate Propagatio.) – C:\WINDOWS\System32\certprop.dll [196608] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smart card Certificate Propagatio.) – C:\Windows\System32\certprop.dll [196608] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) – C:\Windows\System32\srvsvc.dll [302592] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) – C:\Windows\System32\gpsvc.dll [1335296] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) – C:\Windows\System32\IKEEXT.DLL [1055232] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) – C:\Windows\System32\iphlpsvc.dll [836608] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Log-on Service DLL.) – C:\Windows\System32\seclogon.dll [37376] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) – C:\Windows\System32\iscsiexe.dll [160768] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) – C:\Windows\System32\eapsvc.dll [112640] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) – C:\Windows\System32\schedsvc.dll [813056] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) – C:\Windows\System32\wbem\WMIsvc.dll [243712] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) – C:\Windows\System32\profsvc.dll [487936] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) – C:\Windows\System32\SessEnv.dll [542208] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports.) – C:\Windows\System32\wercplsupport.dll [128000] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: InstallService (InstallService) . (.Microsoft Corporation - InstallService.) – C:\Windows\System32\InstallService.dll [2459648] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: PushToInstall (PushToInstall) . (.Microsoft Corporation - PushToInstall.) – C:\Windows\System32\PushToInstall.dll [333824] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: TroubleshootingSvc (TroubleshootingSvc) . (.Microsoft Corporation - MitigationClient.) – C:\Windows\System32\MitigationClient.dll [487936] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: LxpSvc (LxpSvc) . (.Microsoft Corporation - Provides infrastructure support for deployi.) – C:\Windows\System32\LanguageOverlayServer.dll [436736] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) – C:\Windows\System32\Windows.Internal.Management.dll [1116672] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) – C:\Windows\System32\XblGameSave.dll [1291264] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) – C:\Windows\System32\Windows.SharedPC.AccountManager.dll [223232] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: WManSvc (WManSvc) . (.Microsoft Corporation - Windows Management Service DLL.) – C:\Windows\System32\Windows.Management.Service.dll [852480] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) – C:\Windows\System32\XblAuthManager.dll [1049088] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - Natural Authentication Service.) – C:\Windows\System32\NaturalAuth.dll [454656] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) – C:\Windows\System32\bdesvc.dll [556032] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) – C:\Windows\System32\NetSetupSvc.dll [329216] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) – C:\Windows\System32\wlidsvc.dll [2254848] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) – C:\Windows\System32\usermgr.dll [1483776] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) – C:\Windows\System32\appinfo.dll [217600] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) – C:\Windows\System32\themeservice.dll [70656] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) – C:\Windows\System32\XboxGipSvc.dll [72704] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Token Broker.) – C:\Windows\System32\TokenBroker.dll [1522176] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) – C:\Windows\System32\lfsvc.dll [48640] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) – C:\Windows\System32\rasauto.dll [111616] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) – C:\Windows\System32\rasmans.dll [1009152] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) – C:\Windows\System32\mprdim.dll [551936] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) – C:\Windows\System32\Sens.dll [77824] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) – C:\Windows\System32\ipnathlp.dll [619008] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows™ Telephony Server.) – C:\Windows\System32\tapisrv.dll [316928] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) – C:\Windows\System32\wuaueng.dll [3405824] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) – C:\Windows\System32\qmgr.dll [1481216] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) – C:\Windows\System32\shsvcs.dll [283136] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) – C:\Windows\System32\dmwappushsvc.dll [58880] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Flight Settings.) – C:\Windows\System32\flightsettings.dll [940520] =>.Microsoft®
O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) – C:\Windows\System32\WpnService.dll [245248] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) – C:\Windows\System32\XboxNetApiSvc.dll [1295360] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Service.) – C:\Windows\System32\usosvc.dll [570368] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) – C:\Windows\System32\NcaSvc.dll [171520] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) – C:\Windows\System32\DeviceSetupManager.dll [288256] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: DcSvc (DcSvc) . (.Microsoft Corporation - dcsvc.) – C:\Windows\System32\dcsvc.dll [791040] [Unsigned] =>.Microsoft Corporation

—\ Firewall Active Exception List (41) - 2s
O87 - FAEL: “{17E6E1DB-6811-46A9-9D95-6FF0F770842A}” [In-None-P17-TRUE] .(…) – C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe =>.ASUSTeK COMPUTER INC.®
O87 - FAEL: “{A476B622-4E44-4FA0-8B1E-3984980C05AF}” [In-None-P17-TRUE] .(.ASUS - ArmourySocketServer.) – C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe =>.ASUSTeK Computer Inc.®
O87 - FAEL: “{15E5C64C-D0C1-42AC-B54B-87414F296814}” [In-None-P17-TRUE] .(.ASUSTek Computer Inc. - ASUS NodeJS Web Framework.) – C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe {0BBE02C8838FBF02AB56EDABB1E34C19}. =>.ASUSTek Computer Inc.
O87 - FAEL: “{0ABC14FF-2DD3-4306-B489-6815B4D35391}” [In-None-P17-TRUE] .(.ASUS - ArmouryHtmlDebugServer.) – C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe =>.ASUSTeK Computer Inc.®
O87 - FAEL: “{290CFDAB-452B-4756-8486-CE1697ADB12F}” [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Streamer Server Component.) – C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe =>.NVIDIA Corporation®
O87 - FAEL: “{78223492-85A2-4C09-8B02-8F05A70674EE}” [In-None-P6-TRUE] .(.NVIDIA Corporation - NVIDIA Streamer Server Component.) – C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe =>.NVIDIA Corporation®
O87 - FAEL: “{221E9954-E8A6-4AD5-B0E2-8305A673B1FE}” [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
O87 - FAEL: “{2B07C2C0-3BEE-4BE4-A94E-44F581AD28A1}” [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
O87 - FAEL: “{6D1214D2-3A49-4047-9F79-485FC62A24F9}” [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
O87 - FAEL: “{ACCA6159-C91A-4E60-AD8B-C49343D5A97D}” [In-None-P6-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
O87 - FAEL: “{74AC523A-DA02-400B-8FFE-84EE96C86817}” [In-None-P6-TRUE] .(.ASUSTek Computer Inc. - ASUS NodeJS Web Framework.) – C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe {0BBE02C8838FBF02AB56EDABB1E34C19}. =>.ASUSTek Computer Inc.
O87 - FAEL: “{86A5642A-2677-4672-B769-FEB907D76DB3}” [In-None-P6-TRUE] .(.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O87 - FAEL: “{F5432C84-7BAE-4701-8499-B081794565CF}” [In-None-P17-TRUE] .(.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O87 - FAEL: “{CCC6F4B6-A842-46C5-AC07-D18B60F5CA72}” [In-None-P6-TRUE] .(.Waterfox Limited - Waterfox.) – C:\Program Files\Waterfox\waterfox.exe {26953C08B49D365512E76066}. =>.Waterfox Limited
O87 - FAEL: “{69B16CF9-2BAB-4881-9E7A-A9A2A9795D47}” [In-None-P17-TRUE] .(.Waterfox Limited - Waterfox.) – C:\Program Files\Waterfox\waterfox.exe {26953C08B49D365512E76066}. =>.Waterfox Limited
O87 - FAEL: “{78D4E73B-8CC1-4316-A801-F9A6864A9F3D}” [In-None-P6-TRUE] .(.ASUSTeK COMPUTER INC. - MyASUS.) – C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.13.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe [Unsigned] =>.ASUSTek Computer Inc.
O87 - FAEL: “{6FE4EFEC-EF7E-4B8C-A4A6-A8A50FB4096F}” [In-None-P17-TRUE] .(.ASUSTeK COMPUTER INC. - MyASUS.) – C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.13.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe [Unsigned] =>.ASUSTek Computer Inc.
O87 - FAEL: “{32023D90-46C2-4406-9AF8-C1837360F049}” [Out-None-P6-TRUE] .(.ASUSTeK COMPUTER INC. - MyASUS.) – C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.13.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe [Unsigned] =>.ASUSTek Computer Inc.
O87 - FAEL: “{51ABEC01-6DD7-4B6B-A11E-913C9BCD653D}” [Out-None-P17-TRUE] .(.ASUSTeK COMPUTER INC. - MyASUS.) – C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.13.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe [Unsigned] =>.ASUSTek Computer Inc.
O87 - FAEL: “TCP Query User{41BE3A4D-7FB7-4AF0-9846-7C64592E370E}C:\program files\mozilla firefox\firefox.exe” [In-None-P6-TRUE] .(.Mozilla Corporation - Firefox.) – C:\program files\mozilla firefox\firefox.exe =>.Mozilla Corporation®
O87 - FAEL: “UDP Query User{6108C299-8287-4934-AA62-00727B615DA0}C:\program files\mozilla firefox\firefox.exe” [In-None-P17-TRUE] .(.Mozilla Corporation - Firefox.) – C:\program files\mozilla firefox\firefox.exe =>.Mozilla Corporation®
O87 - FAEL: “{C06E6B6A-D7FE-4FBE-A3BF-9B391C865022}” [In-None-P17-TRUE] .(.Zoom Video Communications, Inc. - Zoom Meetings.) – C:\Users\acco5\AppData\Roaming\Zoom\bin\Zoom.exe {02009F3FD86C9A6051C97108379B1201}. =>.Zoom Video Communications, Inc.
O87 - FAEL: “{19D4D41B-BFE7-4646-8A46-1D96B2774A84}” [In-None-P6-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
O87 - FAEL: “{BB093BA8-D1BD-4CED-A108-21162CD5663F}” [In-None-P6-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
O87 - FAEL: “{AD8C1482-6FE8-4316-84E0-A99C32B3A718}” [In-None-P6-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
O87 - FAEL: “{81DA57A2-D96A-4B3A-B78E-29E64E9B7D01}” [In-None-P17-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
O87 - FAEL: “{1790F7C7-DD37-458F-93B5-82882983E9BA}” [In-None-P17-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
O87 - FAEL: “{261E5A9D-408D-4316-8814-2492E52C7D8D}” [In-None-P6-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
O87 - FAEL: “{17064249-E5DC-4A5D-A9D4-3350EF84F61C}” [Out-None-P6-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
O87 - FAEL: “{2E574DEF-F598-49C3-BCE4-1D156590BCCD}” [Out-None-P17-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
O87 - FAEL: “{97101B25-F1AD-4053-BE3E-3D1856DDEB70}” [In-None-P6-TRUE] .(.Skype Technologies S.A. - Skype.) – C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe =>.Skype Software Sarl®
O87 - FAEL: “{DD86AD83-562F-4F4D-864B-2B0F79F1D565}” [Out-None-P6-TRUE] .(.Skype Technologies S.A. - Skype.) – C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe =>.Skype Software Sarl®
O87 - FAEL: “{0890B265-E172-4B86-A9F6-1FDC30BA1E8E}” [In-None-P17-TRUE] .(.Skype Technologies S.A. - Skype.) – C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe =>.Skype Software Sarl®
O87 - FAEL: “{FA74B675-C119-4582-880E-3885FEDCCF75}” [Out-None-P17-TRUE] .(.Skype Technologies S.A. - Skype.) – C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe =>.Skype Software Sarl®
O87 - FAEL: “{B2F7F46A-24A7-4A97-9992-C0A57307950F}” [In-None-P6-TRUE] .(.Carifred - Ultra Adware Killer malware and adware remo.) – C:\Users\acco5\Downloads\UltraAdwareKiller64.exe {009EB86320BC00ABF185BBDE0332C26F58}. =>.Carifred
O87 - FAEL: “{3C0125D9-35D0-4E24-90D0-A2330715A42A}” [In-None-P17-TRUE] .(.Carifred - Ultra Adware Killer malware and adware remo.) – C:\Users\acco5\Downloads\UltraAdwareKiller64.exe {009EB86320BC00ABF185BBDE0332C26F58}. =>.Carifred
O87 - FAEL: “{60184505-A899-44B9-AE54-580B2A510B71}” [In-None-P17-TRUE] .(.ASUSTek Computer Inc. - ASUS Link - Near.) – C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkNear\AsusLinkNear.exe =>.ASUSTeK COMPUTER INC.®
O87 - FAEL: “{BE573F21-1A4A-4CB4-A36A-48EE2ACBA427}” [In-None-P6-TRUE] .(.ASUSTeK COMPUTER INC. - ASUS Link Remote Agent.) – C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkRemote\AsusLinkRemoteAgent.exe =>.ASUSTeK COMPUTER INC.®
O87 - FAEL: “{E374C2E1-758A-4D91-AACC-38DF8BE4C37E}” [In-None-P17-TRUE] .(.ASUSTeK COMPUTER INC. - ASUS Link Remote Agent.) – C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkRemote\AsusLinkRemoteAgent.exe =>.ASUSTeK COMPUTER INC.®
O87 - FAEL: “{6095659A-F884-4636-B505-6829ED17C423}” [In-None-P6-TRUE] .(…) – C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe =>.ASUSTeK COMPUTER INC.®
O87 - FAEL: “{15A51325-6915-4CA5-AE8B-C5BE77017BB1}” [In-None-P17-TRUE] .(…) – C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe =>.ASUSTeK COMPUTER INC.®

—\ Product Upgrade Codes (38) - 1s
O90 - PUC: “00006109C80000000100000000F01FEC” [HKLM] . (.Office 16 Click-to-Run Extensibility Component.) =>.Microsoft Corporation
O90 - PUC: “00006109C80090400100000000F01FEC” [HKLM] . (.Office 16 Click-to-Run Localization Component.) =>.Microsoft Corporation
O90 - PUC: “00006109E70000000100000000F01FEC” [HKLM] . (.Office 16 Click-to-Run Licensing Component.) =>.Microsoft Corporation
O90 - PUC: “00E6E8FC30C90444180C12AFBC29A1B6” [HKLM] . (.ASUS Aura SDK.) =>.ASUSTeK
O90 - PUC: “160635E055B354D4FB85B0AD62C1490B” [HKLM] . (.AURA Service.)
O90 - PUC: “1689DEFB69D78254981F0B09BAFB117A” [HKLM] . (.ASUS MB Peripheral Products.) =>.ASUSTeK
O90 - PUC: “1B9428993196E744AA734F548BAC330D” [HKLM] . (.ASUS Aac_GmAcc HAL.) =>.ASUSTeK
O90 - PUC: “1D8A417880F01864D96F8A4C06A7854B” [HKLM] . (.ASUS Smart Display Control.) =>.ASUSTeK
O90 - PUC: “20318598F5075C24990B3E868A54AD5D” [HKLM] . (.Microsoft Update Health Tools.) =>.Microsoft Corporation
O90 - PUC: “2E0F88D8B9ECD6A43890DF5C2691F5B5” [HKLM] . (.Microsoft .NET Host FX Resolver - 5.0.14 (x64).) =>.Microsoft Corporation
O90 - PUC: “2F489F8B78872DD4D8699F4ACBA5A45C” [HKLM] . (.ASUS Mouse HAL.) =>.ASUSTeK
O90 - PUC: “3CD87310F88055F4AAAFCDA6C9AC92A2” [HKLM] . (.ARMOURY CRATE Service.) – C:\Windows\Installer{01378DC3-088F-4F55-AAFA-DC6A9CCA292A}_853F67D554F05449430E7E.exe
O90 - PUC: “3FBD2B6737753644E9BE4D0A99BE2656” [HKLM] . (.LibreOffice 7.1.3.2.) – C:\WINDOWS\Installer{76B2DBF3-5773-4463-9EEB-D4A099EB6265}\soffice.ico =>.Open Source
O90 - PUC: “461A4A5C824413947B8269EE0FAFC344” [HKLM] . (.AURA lighting effect add-on x64.)
O90 - PUC: “5913FB66427791A49AEEEF7BBD9F7922” [HKLM] . (.Armoury Crate Service Core.)
O90 - PUC: “68AB67CA330133017706CB5110E47A00” [HKLM] . (.Adobe Acrobat (64-bit).) – C:\WINDOWS\Installer{AC76BA86-1033-1033-7760-BC15014EA700}_SC_Acrobat.ico =>.Adobe Inc.
O90 - PUC: “6BFB78D2481C95A4B9EBE302EC976713” [HKLM] . (.ROG Live Service.)
O90 - PUC: “6CFF6DC441AF61047A6A7B3E6D823613” [HKLM] . (.Microsoft Windows Desktop Runtime - 5.0.14 (x64).) =>.Microsoft Corporation
O90 - PUC: “791144B99836CF64EB06658C6B5EDA9E” [HKLM] . (.AI Noise Cancelation Audio Software SDK.)
O90 - PUC: “7A3E6A16604FA8142B6A6060BD553B52” [HKLM] . (.Microsoft .NET Host - 5.0.14 (x64).) =>.Microsoft Corporation
O90 - PUC: “804C89766362C844A86C4F3E1401D272” [HKLM] . (.Windows PC Health Check.) – C:\WINDOWS\Installer{6798C408-2636-448C-8AC6-F4E341102D27}\ArpIcon.ico
O90 - PUC: “8729EBB6F95661AF4E8B2C6DD00ECD7C” [HKLM] . (.Microsoft GameInput.) =>.Microsoft Corporation
O90 - PUC: “89FC1DFA79EFC4340A59F9725CEB5AC3” [HKLM] . (.ASUS AURA Display Component.) =>.ASUSTeK
O90 - PUC: “93BAD29AC2E44034A96BCB446EB8552E” [HKLM] . (.ASUS Update Helper.) =>.ASUSTeK
O90 - PUC: “A3BE9C13C0F57E94E8C64D404EF834D3” [HKLM] . (.Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.26.28720.) =>.Microsoft Corporation
O90 - PUC: “AA7B3D10870D60544B060678F7DCBD6D” [HKLM] . (.ASUS Aac_NBDT HAL.) =>.ASUSTeK
O90 - PUC: “AA8F5BB69230C0044B9B28BD0E3347F6” [HKLM] . (.FreeWriter.) – C:\WINDOWS\Installer{6BB5F8AA-0329-400C-B4B9-82DBE033746F}_112D608FD02CD87FDC7735.exe
O90 - PUC: “B2BF96F284C2C1942B94221CDBEC1171” [HKLM] . (.Microsoft Visual C++ 2019 X86 Additional Runtime - 14.26.28720.) =>.Microsoft Corporation
O90 - PUC: “B40AE2E17ACFE7546B4F3FE381858E95” [HKLM] . (.AURA lighting effect add-on.)
O90 - PUC: “BC48E5E7091B85644ACD6176973C921D” [HKLM] . (.RefreshRateService.)
O90 - PUC: “D0214C3A69087034192AFF3EE7DBA5D3” [HKLM] . (.ASUS AURA Headset Component.) =>.ASUSTeK
O90 - PUC: “D8AD061752F3E6F4BA8C6F3955D128AF” [HKLM] . (.GameSDK Service.)
O90 - PUC: “DF0CE1DDA0F304740AE5D1DC416A0B1D” [HKLM] . (.Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.26.28720.) =>.Microsoft Corporation
O90 - PUC: “E2F20BBE6580A8B4E9078910209CB0AB” [HKLM] . (.ASUS MultiAntenna Service.) =>.ASUSTeK
O90 - PUC: “EB78A6AE3DA82D0449C4D95FBFFF3423” [HKLM] . (.ASUS Framework Service.) =>.ASUSTeK
O90 - PUC: “EDF0A4BC62112EA4796C2A3496C2D359” [HKLM] . (.Microsoft Visual C++ 2019 X64 Additional Runtime - 14.26.28720.) =>.Microsoft Corporation
O90 - PUC: “EEDC0AF08CD5E1249AD77CF46A6EF63C” [HKLM] . (.ASUS Keyboard HAL.) =>.ASUSTeK
O90 - PUC: “FDCA018BC0C18014B929211F76F44A44” [HKLM] . (.Microsoft .NET Runtime - 5.0.14 (x64).) =>.Microsoft Corporation

—\ Windows Installer Scan (28) - 4s
[MD5.FC35622FA0B391FF8EC81C0EDF2CD010] [WIS][2021/03/29 19:20:44] (.ASUSTek COMPUTER INC. - ASUS Framework Service.) – C:\WINDOWS\Installer\128fb.msi [19517440] =>.ASUSTek COMPUTER INC.
[MD5.1D55317E2932CD4D83ED2E1893F23EEA] [WIS][2021/04/02 01:24:28] (.ASUSTek COMPUTER INC. - Display HAL Component.) – C:\WINDOWS\Installer\1290b.msi [2719744] =>.ASUSTek COMPUTER INC.
[MD5.F19B4737A7049A3FE153B9169574CEAE] [WIS][2021/03/05 00:11:38] (.ASUSTek COMPUTER INC. - ASUS Aac_GmAcc HAL.) – C:\WINDOWS\Installer\1290f.msi [733184] =>.ASUSTek COMPUTER INC.
[MD5.A6CAB81D0E8F032862371008CA0E1791] [WIS][2021/04/21 18:33:28] (.ASUSTek COMPUTER INC. - AacAudio HAL Component.) – C:\WINDOWS\Installer\12913.msi [13148160] =>.ASUSTek COMPUTER INC.
[MD5.BDC678D07341A46951DE920052188A8C] [WIS][2021/03/25 17:49:44] (.ASUSTek COMPUTER INC. - ASUS Keyboard HAL.) – C:\WINDOWS\Installer\12917.msi [2928640] =>.ASUSTek COMPUTER INC.
[MD5.425CD90B3110BC1FEB3E6C3EC4D2649B] [WIS][2021/03/10 00:00:12] (.ASUSTek COMPUTER INC. - ASUS Mouse HAL.) – C:\WINDOWS\Installer\1291b.msi [13094912] =>.ASUSTek COMPUTER INC.
[MD5.E23D4ECC82A1A196E97CFDE39C7BE9AD] [WIS][2020/07/10 17:45:22] (.ASUSTeK Computer Inc. - ASUS MB Peripheral Products.) – C:\WINDOWS\Installer\1291f.msi [675840] =>.ASUSTeK Computer Inc.
[MD5.1DDA74259D1A35917D8347388531B187] [WIS][2021/04/15 04:40:50] (.ASUS.) – C:\WINDOWS\Installer\1292f.msi [2889216] =>.ASUS
[MD5.D9626EE780643022B23A842FD87EF44C] [WIS][2021/04/15 04:40:54] (.ASUS.) – C:\WINDOWS\Installer\12936.msi [60508672] =>.ASUS
[MD5.F6EBDB502EACB959DFCF1D04350A59A3] [WIS][2022/11/14 04:02:10] (.ASUSTeK Computer Inc. - ASUS Update Helper.) – C:\WINDOWS\Installer\1582b28e.msi [45056] =>.ASUSTeK Computer Inc.
[MD5.AD6072A6AAEA9D4D9F4B47DE04E85AD9] [WIS][2022/10/03 15:01:20] (.ASUSTeK COMPUTER INC. - ASUS MultiAntenna Service.) – C:\WINDOWS\Installer\1730cee.msi [696320] =>.ASUSTeK COMPUTER INC.
[MD5.9741193D60B43422B7EE95C4D70B8424] [WIS][2013/10/10 15:06:08] (.Lifestyle Toolbox.) – C:\WINDOWS\Installer\18b06455.msi [14304768]
[MD5.1BED0C46BEA2834157FD822E3A938AE0] [WIS][2022/09/21 15:54:10] (.ASUSTek COMPUTER INC. - ROG Live Service.) – C:\WINDOWS\Installer\1a76a519.msi [17477632] =>.ASUSTek COMPUTER INC.
[MD5.7B414A53DD3C2F90DE94D00F1709E4F5] [WIS][2022/06/01 16:40:50] (.ASUS.) – C:\WINDOWS\Installer\1a76a529.msi [971264] =>.ASUS
[MD5.44F2A3BC6D6869656459AAA3CE65ECA2] [WIS][2022/06/01 16:40:56] (.ASUS.) – C:\WINDOWS\Installer\1a76a52d.msi [996352] =>.ASUS
[MD5.AC7A9B4F8F4B19462F2F927C1FFCCDF6] [WIS][2022/09/19 17:30:48] (.ASUSTek COMPUTER INC. - ASUS Aura SDK.) – C:\WINDOWS\Installer\1a76a553.msi [696320] =>.ASUSTek COMPUTER INC.
[MD5.DFC31B283D441F2D30500A0AD2A0F140] [WIS][2022/09/26 18:47:16] (.ASUSTeK Computer Inc. - ASUS AURA Service.) – C:\WINDOWS\Installer\1a76a557.msi [5345280] =>.ASUSTeK Computer Inc.
[MD5.CA80D702C5DB335255F92CEE2D8D5197] [WIS][2022/12/26 16:46:12] (.ASUSTek COMPUTER INC. - ASUS Aac_NBDT HAL.) – C:\WINDOWS\Installer\291820c.msi [1286144] =>.ASUSTek COMPUTER INC.
[MD5.C660910814201CED2A7C0560C008F8F4] [WIS][2021/09/10 10:27:22] (.ASUSTeK COMPUTER INC..) – C:\WINDOWS\Installer\2f178b4b.msi [989184] =>.ASUSTeK COMPUTER INC.
[MD5.502B391009FA5FE2F7A04951E93F9C5B] [WIS][2021/08/08 17:02:33] (.ASUS.) – C:\WINDOWS\Installer\34fe9.msi [15094272] =>.ASUS
[MD5.2A08127CB509B3A8AEB4F5A495AEEE02] [WIS][2022/11/14 23:33:28] (.Adobe - Installers.) – C:\WINDOWS\Installer\65fa95.msi [11624448] =>.Adobe
[MD5.409B67A810AA6FE8EA18DD12CACDDCA8] [WIS][2023/01/04 11:57:36] (.ASUSTek COMPUTER INC. - ASUS Aac_NBDT HAL.) – C:\WINDOWS\Installer\7c7ec33.msi [1286144] =>.ASUSTek COMPUTER INC.
[MD5.C634CEC3AA18F7EE2B0E91E9C7DF6BD1] [WIS][2021/05/19 13:07:08] (.The Document Foundation - LibreOffice 7.1.) – C:\WINDOWS\Installer\8b4979.msi [328675328] =>.The Document Foundation
[MD5.EBF83698B3AEDEEDC5DFAE1E4DBBB14C] [WIS][2021/12/08 15:35:08] (.ASUSTeK COMPUTER INC. - AI Noise Cancelation Audio Software SDK.) – C:\WINDOWS\Installer\d8560.msi [25124864] =>.ASUSTeK COMPUTER INC.
[MD5.0C7CA6045451C5A59D2EE43E507C5078] [WIS][2022/05/31 13:54:28] (.ASUSTek COMPUTER INC. - ASUS GameSDK Service.) – C:\WINDOWS\Installer\d8564.msi [5914624] =>.ASUSTek COMPUTER INC.
[MD5.AC57B0CD6401F4C717B52D403CB6892E] [WIS][2023/01/21 09:08:41] (.Adobe Inc..) – C:\WINDOWS\Installer\5643b965.msp [69443584] =>.Adobe Inc.
[MD5.323C2BEF57D6462C558B5D14B1A24F06] [WIS][2022/11/14 23:34:01] (.Adobe Inc..) – C:\WINDOWS\Installer\65fa96.msp [378015744] =>.Adobe Inc.
[MD5.9D655F34CE959E02D9DB7A5983B98956] [WIS][2022/12/24 08:46:24] (.Adobe Inc..) – C:\WINDOWS\Installer\f130f16.msp [256380928] =>.Adobe Inc.

—\ FEATURE CONTROL. (144) - 0s
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION]:presentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:infopath.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:presentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]:presentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]:presentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:Acrodist.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:AcroLicApp.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:Acrobat.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:AASIapp.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION]:presentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPfewgsrv.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPGUI.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPGuiIT.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPLgPad.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPLOGON.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:Scale_for_R3.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]:ieuser.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]:presentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK]:YahooMusicEngine.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:devenv.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:dexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:helppane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:presentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS]:msfeedssync.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]:presentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG]:msiexec.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:cs.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:waol.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:wm.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS]:helppane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS]:wlmail.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:presentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:eek:utlook.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:sidebar.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING]:communicator.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:presentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:msimn.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:winmail.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE]:presentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:presentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG]:presentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX]:presentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:msimn.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:eek:utlook.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:winmail.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:infopath.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD]:msn.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:presentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:VSTOInstaller.exe =>.Legitimate

—\ Observer Of Events (90) - 29s

Application.Error: CertEnroll (4)
~Numéro: 25463
~Date: 02/01/2023 10:30:07 PM
~ID: 86
~Description: WORKGROUP\LAPTOP-6ODOHNQP$https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scepGetCACapsGetCACaps: Not Found{“Message”:"The authority "amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azu
~Suggestion: Aucune

Application.Error: Windows Search Service (30)
~Numéro: 25461
~Date: 02/01/2023 10:30:00 PM
~ID: 10021
~Description: Could not get performance counter registry information for %1 for instance %2 %3 due to the following error: %4.

Application.Error: VSS (4)
~Numéro: 25439
~Date: 02/01/2023 10:29:32 PM
~ID: 8193
~Description: Volume Shadow Copy Service error: Unexpected error calling routine %1. hr = %2.
~Suggestion: Utiliser la procédure de reconstruction du VSS

Application.Warning: ESENT (4)
~Numéro: 25406
~Date: 02/01/2023 09:29:48 PM
~ID: 636
~Description: %1 (%2) %3Flush map file “%4” will be deleted. Reason: %5.

Application.Error: Application Error (56)
~Numéro: 25373
~Date: 02/01/2023 09:27:09 PM
~ID: 1000
~Description: Faulting application name: %1, version: %2, time stamp: 0x90d61c52 Faulting module name: %4, version: %5, time stamp: 0x90d61c52 Exception code: 0xc0000005 Fault offset: 0x0000000000004c9d Faulting process ID: 0x2a44 Faulting application start time:
~Suggestion: Réparer ou réinstaller l’application.

Application.Error: Waterfox Default Browser Agent (44)
~Numéro: 24978
~Date: 02/01/2023 06:16:07 PM
~ID: 2
~Description: 0xA0000002 in IsAgentRemoteDisabledInternal:68

Application.Error: usbperf (141)
~Numéro: 24827
~Date: 01/30/2023 11:31:03 PM
~ID: 2001
~Description: Unable to read the “First Counter” value under the usbperf\Performance Key. Status codes returned in data.

Application.Warning: Microsoft-Windows-Perflib (24)
~Numéro: 24643
~Date: 01/30/2023 12:16:09 AM
~ID: 1008
~Description: The Open procedure for service “%1” in DLL “%2” failed with error code %3. Performance data for this service will not be available.
~Suggestion: Rechercher le concerné et décocher «Compteurs de performances activés».

Application.Error: .NET Runtime (49)
~Numéro: 23123
~Date: 01/11/2023 12:59:23 PM
~ID: 1026
~Description: Application: LilyCommsCli.exeCoreCLR Version: 5.0.220.61120.NET Version: 5.0.2Description: The process was terminated due to an unhandled exception.Exception Info: System.Net.WebException: No such host is known. (serpsource.io:443) —> System.Net.H
~Suggestion: Essayer d’installer la dernière version de l’application ou du dernier correctif

System.Warning: DCOM (181)
~Numéro: 9062
~Date: 02/02/2023 06:32:14 AM
~ID: 10016
~Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}LAPTOP-6ODOHNQPacco5S-1-5-21-895565649-3931333595-811618271-1001LocalHost (Using LRPC)Microsoft.Windows.ShellExperienceHost_10.0.19041.1949_neut
~Suggestion: Vérifier les autorisations pour l’accès DCOM

System.Warning: i8042prt (28)
~Numéro: 9053
~Date: 02/02/2023 06:22:12 AM
~ID: 17
~Description: The device sent an incorrect response(s) following a keyboard reset.

System.Warning: Microsoft-Windows-Kernel-PnP (9)
~Numéro: 9009
~Date: 02/01/2023 10:29:52 PM
~ID: 219
~Description: The driver %5 failed to load for the device %2.
~Suggestion: Vérifier que le pilote a bien été chargé dans les informations système

System.Warning: Microsoft-Windows-WLAN-AutoConfig (11)
~Numéro: 8964
~Date: 02/01/2023 10:29:33 PM
~ID: 10002
~Description: WLAN Extensibility Module has stopped. Module Path: C:\WINDOWS\system32\mtkihvx.dll
~Suggestion: 1)Désactivez/Réactiver la connexion réseau sans fil. ou 2) Redémarrer le service WLAN AutoConfig

System.Warning: Microsoft-Windows-DNS-Client (76)
~Numéro: 8941
~Date: 02/01/2023 09:34:27 PM
~ID: 1014
~Description: Name resolution for the name %1 timed out after none of the configured DNS servers responded.
~Suggestion: Event ID 1014: Microsoft Windows DNS Client | Microsoft Learn

System.Error: Service Control Manager (30)
~Numéro: 8938
~Date: 02/01/2023 09:31:01 PM
~ID: 7023
~Description: The %1 service terminated with the following error: %%1

System.Error: Microsoft-Windows-WindowsUpdateClient (1)
~Numéro: 5637
~Date: 12/18/2022 09:17:48 PM
~ID: 20
~Description: Installation Failure: Windows failed to install the following update with error %1: %2.
~Suggestion: EventTracker KB --Event Id: 20 Source: Microsoft-Windows-WindowsUpdateClient

—\ Additional Scan (O88) (8) - 4s
HKLM\Software\Classes*\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
HKLM\Software\Classes\CLSID{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>.SUP.Orphan
HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\acco5\Desktop\Setups offline\adwcleaner.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\acco5\Desktop\Setups offline\adwcleaner.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-895565649-3931333595-811618271-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\acco5\Desktop\Setups offline\adwcleaner.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-895565649-3931333595-811618271-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\acco5\Desktop\Setups offline\adwcleaner.exe.ApplicationCompany =>.SUP.Orphan.MUICache

—\ Summary of the elements found (4) - 0s
Zone Anti-Malware - ZAM =>.SUP.Orphan
Zone Anti-Malware - ZAM =>Warning.EventLogApp
Zone Anti-Malware - ZAM =>Warning.EventLogSys
Zone Anti-Malware - ZAM =>.SUP.Orphan.MUICache

—\ Serial Number
[009EB86320BC00ABF185BBDE0332C26F58] [01/02/2023] (.DOS SANTOS DA SILVA ALFREDO.) - C:\Users\acco5\Downloads\UltraAdwareKiller64.exe =>.Not verified
[00A657F778B31AE523D667131718D16EB2] [01/02/2023] (.Malwarebytes Inc..) - C:\Program Files\Malwarebytes\Anti-Malware\mb4uns.exe =>.Malwarebytes Inc.
[00A657F778B31AE523D667131718D16EB2] [01/02/2023] (.Malwarebytes Inc..) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe =>.Malwarebytes Inc.
[00A657F778B31AE523D667131718D16EB2] [01/02/2023] (.Malwarebytes Inc..) - C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe =>.Malwarebytes Inc.
[00A657F778B31AE523D667131718D16EB2] [01/02/2023] (.Malwarebytes Inc..) - C:\ProgramData\Malwarebytes\MBAMService\lkg_db\ig.exe =>.Malwarebytes Inc.
[00A657F778B31AE523D667131718D16EB2] [01/02/2023] (.Malwarebytes Inc..) - C:\ProgramData\Malwarebytes\MBAMService\lkg_db\MBAMCore.dll =>.Malwarebytes Inc.
[00A657F778B31AE523D667131718D16EB2] [01/02/2023] (.Malwarebytes Inc..) - C:\ProgramData\Malwarebytes\MBAMService\lkg_db\sample.dll =>.Malwarebytes Inc.
[00A657F778B31AE523D667131718D16EB2] [01/02/2023] (.Malwarebytes Inc..) - C:\WINDOWS\System32\DRIVERS\mwac.sys =>.Malwarebytes Inc.
[00A657F778B31AE523D667131718D16EB2] [15/09/2022] (.Malwarebytes Inc..) - C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll =>.Malwarebytes Inc.
[00A657F778B31AE523D667131718D16EB2] [25/11/2022] (.Malwarebytes Inc..) - C:\Users\acco5\Desktop\Setups offline\adwcleaner(1).exe =>.Malwarebytes Inc.
[010A2D797092EA03E8A1F2725F76FC58] [27/09/2020] (.ASUSTek Computer Inc..) - C:\WINDOWS\System32\drivers\AsusPTPFilter.sys =>.ASUSTek Computer Inc.
[02009F3FD86C9A6051C97108379B1201] [11/01/2023] (.Zoom Video Communications, Inc..) - C:\Users\acco5\AppData\Roaming\Zoom\bin\Zoom.exe =>.Not verified
[02009F3FD86C9A6051C97108379B1201] [11/01/2023] (.Zoom Video Communications, Inc..) - C:\Users\acco5\AppData\Roaming\Zoom\uninstall\Installer.exe =>.Not verified
[0266ADFA176389D9B4301AC87EFD6A96] [01/06/2022] (.Nvidia Corporation.) - C:\WINDOWS\System32\drivers\nvhda64v.sys =>.Nvidia Corporation
[03C364883635B9CA96A5349D6F8349C9] [09/03/2022] (.Dolby Laboratories, Inc..) - C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_a379f9cda17dd4b1\DAX3API.exe =>.Dolby Laboratories, Inc.
[045296F8FCD829A75DC94294F5A415A4] [21/01/2023] (.Adobe Inc..) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe =>.Adobe Inc.
[045296F8FCD829A75DC94294F5A415A4] [26/09/2022] (.Adobe Inc..) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Inc.
[04C530703A210EC1D6F83CB4FE1118C5] [20/01/2023] (.Spotify AB.) - C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe =>.Spotify AB
[055100FDBCB3E2F470A627F03FCFE5B8] [24/06/2022] (.Nvidia Corporation.) - C:\WINDOWS\System32\drivers\nvpcf.sys =>.Nvidia Corporation
[06680CEE465B856F613A3BDD20482E71] [30/09/2022] (.Samsung Electronics CO., LTD..) - C:\WINDOWS\System32\DRIVERS\ssudbus2.sys =>.Samsung Electronics CO., LTD.
[06680CEE465B856F613A3BDD20482E71] [30/09/2022] (.Samsung Electronics CO., LTD..) - C:\WINDOWS\System32\DRIVERS\ssudmdm.sys =>.Samsung Electronics CO., LTD.
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\AsusAppService\AsusAppService.exe =>.ASUSTeK COMPUTER INC.
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkNear\AsusLinkNear.exe =>.ASUSTeK COMPUTER INC.
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkRemote\AsusLinkRemote.exe =>.ASUSTeK COMPUTER INC.
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkRemote\AsusLinkRemoteAgent.exe =>.ASUSTeK COMPUTER INC.
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSOptimization\AsusOptimization.exe =>.ASUSTeK COMPUTER INC.
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSOptimization\AsusOptimizationStartupTask.exe =>.ASUSTeK COMPUTER INC.
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSOptimization\AsusOSD.exe =>.ASUSTeK COMPUTER INC.
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSOptimization\AsusWmiAcpi.sys =>.ASUSTeK COMPUTER INC.
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSoftwareManager\AsusSoftwareManager.exe =>.ASUSTeK COMPUTER INC.
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe =>.ASUSTeK COMPUTER INC.
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSwitch\AsusSwitch.exe =>.ASUSTeK COMPUTER INC.
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSystemAnalysis\AsusSAIO.sys =>.ASUSTeK COMPUTER INC.
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSystemAnalysis\AsusSystemAnalysis.exe =>.ASUSTeK COMPUTER INC.
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe =>.ASUSTeK COMPUTER INC.
[07207B3A1ACB44E4DC39EBD389A96D65] [18/07/2021] (.ASUSTeK COMPUTER INC..) - C:\WINDOWS\System32\drivers\AsRadioControl.sys =>.ASUSTeK COMPUTER INC.
[07EC0CF3D333673B2602D410FE0C4D21] [17/06/2021] (.Advanced Micro Devices, Inc..) - C:\WINDOWS\System32\drivers\amdpsp.sys =>.Advanced Micro Devices, Inc.
[0800EE4ED1A959CC9887E905AD662BFE] [24/06/2022] (.Nvidia Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\Display.NvContainer\NVDisplay.Container.exe =>.Nvidia Corporation
[0800EE4ED1A959CC9887E905AD662BFE] [24/06/2022] (.Nvidia Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\nv3dappshext.dll =>.Nvidia Corporation
[0800EE4ED1A959CC9887E905AD662BFE] [24/06/2022] (.Nvidia Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\nvlddmkm.sys =>.Nvidia Corporation
[0800EE4ED1A959CC9887E905AD662BFE] [24/06/2022] (.Nvidia Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\nvshext.dll =>.Nvidia Corporation
[085081AC808931622FA4543E468F7DBF] [15/04/2021] (.ASUSTeK Computer Inc..) - C:\ProgramData\ASUS\ARMOURYCRATEServiceUninstall\Uninstall.exe =>.ASUSTeK Computer Inc.
[0934A6D29414C6BEEFCBE7C2260D7FFB] [16/12/2022] (.Connectify (Connectify, Inc.).) - C:\Program Files (x86)\Speedify\speedify.exe =>.Not verified
[0934A6D29414C6BEEFCBE7C2260D7FFB] [16/12/2022] (.Connectify (Connectify, Inc.).) - C:\Program Files (x86)\Speedify\SpeedifyLauncher.exe =>.Not verified
[0934A6D29414C6BEEFCBE7C2260D7FFB] [16/12/2022] (.Connectify (Connectify, Inc.).) - C:\Program Files (x86)\Speedify\SpeedifyUI.exe =>.Not verified
[0B8F52FAF64C421EABB2275AE148C519] [11/08/2022] (.Realtek Semiconductor Corp..) - C:\WINDOWS\System32\drivers\RTKVHD64.sys =>.Realtek Semiconductor Corp.
[0B8F52FAF64C421EABB2275AE148C519] [11/08/2022] (.Realtek Semiconductor Corp..) - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_719a4f3eb3c3c65a\RtkAudUService64.exe =>.Realtek Semiconductor Corp.
[0B8F52FAF64C421EABB2275AE148C519] [14/11/2022] (.Realtek Semiconductor Corp..) - C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.37.275.0_x64__dt26b99r8h8gj\RtkUWP.exe =>.Realtek Semiconductor Corp.
[0BB125B299BF587BDC90DB83A2A825BA] [09/07/2020] (.Connectify (Connectify, Inc.).) - C:\WINDOWS\System32\drivers\tap0901cn.sys =>.Connectify (Connectify, Inc.)
[0BBE02C8838FBF02AB56EDABB1E34C19] [08/06/2022] (.ASUSTeK COMPUTER INC..) - C:\Program Files (x86)\InstallShield Installation Information{339A6383-7862-46DA-8A9D-E84180EF9424}\FrameworkServiceSetup.exe =>.Not verified
[0BBE02C8838FBF02AB56EDABB1E34C19] [08/07/2022] (.ASUSTeK COMPUTER INC..) - C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe =>.Not verified
[0BBE02C8838FBF02AB56EDABB1E34C19] [24/11/2022] (.ASUSTeK COMPUTER INC..) - C:\ProgramData\Package Cache{0760271b-d7d2-407b-a2ec-f17c8ce203c7}\AuraServiceSetup.exe =>.Not verified
[0BBE02C8838FBF02AB56EDABB1E34C19] [26/09/2022] (.ASUSTeK COMPUTER INC..) - C:\Program Files (x86)\LightingService\LightingService.exe =>.Not verified
[0BFCFAC08E216A1C1FDAA6B77BB2D66E] [21/04/2021] (.Realtek Semiconductor Corp..) - C:\WINDOWS\System32\drivers\rt640x64.sys =>.Realtek Semiconductor Corp.
[0C1CD3EEA47EDDA7A032573B014D0AFD] [01/02/2023] (.Mozilla Corporation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation
[0C1CD3EEA47EDDA7A032573B014D0AFD] [01/02/2023] (.Mozilla Corporation.) - C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation
[0C1CD3EEA47EDDA7A032573B014D0AFD] [01/02/2023] (.Mozilla Corporation.) - C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
[0C29F10216F4CD91F5971051BAAB8BC1] [24/11/2022] (.Vertical Thinking Print & Web Inc.) - C:\Users\acco5\AppData\Local\LilySpeechApp\LilySpeechUninstall\LilySpeechUninstall.exe =>.Not verified
[0C29F10216F4CD91F5971051BAAB8BC1] [24/11/2022] (.Vertical Thinking Print & Web Inc.) - C:\Users\acco5\AppData\Local\LilySpeechApp\LilySpeechUtilA\assets\engine\LilySpeech64-2a.exe =>.Not verified
[0C29F10216F4CD91F5971051BAAB8BC1] [24/11/2022] (.Vertical Thinking Print & Web Inc.) - C:\Users\acco5\AppData\Local\LilySpeechApp\LilySpeechUtilB\assets\engine\LilySpeech64-2b.exe =>.Not verified
[0C29F10216F4CD91F5971051BAAB8BC1] [24/11/2022] (.Vertical Thinking Print & Web Inc.) - C:\Users\acco5\AppData\Local\LilySpeechRec\LilySpeechRec.exe =>.Not verified
[0C5167C023B9ADEDF0F8918EE65712A1] [24/11/2022] (.ASUSTEK COMPUTER INC..) - C:\WINDOWS\system32\drivers\IOMap64.sys =>.ASUSTEK COMPUTER INC.
[0C64962E4467EDCC1579646B7337EC8C] [08/08/2021] (.ASUSTeK Computer Inc..) - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe =>.ASUSTeK Computer Inc.
[0C64962E4467EDCC1579646B7337EC8C] [08/08/2021] (.ASUSTeK Computer Inc..) - C:\ProgramData\Package Cache{193a2068-8738-4276-ab1b-9133f9403487}\AacTerminalHal.exe =>.ASUSTeK Computer Inc.
[0C64962E4467EDCC1579646B7337EC8C] [08/08/2021] (.ASUSTeK Computer Inc..) - C:\ProgramData\Package Cache{559342ce-3e0f-4daf-bd9f-dfb67f065c28}\AacMouseSetup.exe =>.ASUSTeK Computer Inc.
[0C64962E4467EDCC1579646B7337EC8C] [08/08/2021] (.ASUSTeK Computer Inc..) - C:\ProgramData\Package Cache{79497ebd-229a-42ac-9410-87264af2e929}\AacKbSetup.exe =>.ASUSTeK Computer Inc.
[0C64962E4467EDCC1579646B7337EC8C] [08/08/2021] (.ASUSTeK Computer Inc..) - C:\ProgramData\Package Cache{80f60ecc-98e1-474b-aee2-0c470f02dbbc}\FrameworkServiceSetup.exe =>.ASUSTeK Computer Inc.
[0C64962E4467EDCC1579646B7337EC8C] [08/08/2021] (.ASUSTeK Computer Inc..) - C:\ProgramData\Package Cache{b351ae91-a5dd-4741-8830-883dddd22eb7}\AacHeadSetSetup.exe =>.ASUSTeK Computer Inc.
[0C64962E4467EDCC1579646B7337EC8C] [21/07/2021] (.ASUSTeK Computer Inc..) - C:\Program Files (x86)\InstallShield Installation Information{374883e6-b31d-4a3c-9c4a-2685a840aed4}\Setup.exe =>.ASUSTeK Computer Inc.
[0C64962E4467EDCC1579646B7337EC8C] [21/07/2021] (.ASUSTeK Computer Inc..) - C:\Program Files (x86)\InstallShield Installation Information{ab5f014e-883d-470d-bc2d-127ef91e5611}\Setup.exe =>.ASUSTeK Computer Inc.
[0C64962E4467EDCC1579646B7337EC8C] [23/04/2021] (.ASUSTeK Computer Inc..) - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe =>.ASUSTeK Computer Inc.
[0C64962E4467EDCC1579646B7337EC8C] [23/04/2021] (.ASUSTeK Computer Inc..) - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe =>.ASUSTeK Computer Inc.
[0C64962E4467EDCC1579646B7337EC8C] [30/09/2021] (.ASUSTeK Computer Inc..) - C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe =>.ASUSTeK Computer Inc.
[0C64962E4467EDCC1579646B7337EC8C] [30/09/2021] (.ASUSTeK Computer Inc..) - C:\WINDOWS\system32\drivers\AsIO3.sys =>.ASUSTeK Computer Inc.
[0C9838F673F9B1CCE395CFAB2B6684E4] [12/09/2022] (.ASUSTeK COMPUTER INC..) - C:\ProgramData\Package Cache{021d69c3-d686-4a94-8fb5-fd1ee782fb14}\GameSDK.exe =>.ASUSTeK COMPUTER INC.
[0C9838F673F9B1CCE395CFAB2B6684E4] [16/09/2022] (.ASUSTeK COMPUTER INC..) - C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe =>.ASUSTeK COMPUTER INC.
[0C9838F673F9B1CCE395CFAB2B6684E4] [18/08/2022] (.ASUSTeK COMPUTER INC..) - C:\WINDOWS\System32\ASUSACCI\ArmouryCrateControlInterface.exe =>.ASUSTeK COMPUTER INC.
[0C9838F673F9B1CCE395CFAB2B6684E4] [21/09/2022] (.ASUSTeK COMPUTER INC..) - C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe =>.ASUSTeK COMPUTER INC.
[0C9838F673F9B1CCE395CFAB2B6684E4] [21/09/2022] (.ASUSTeK COMPUTER INC..) - C:\Program Files\ASUS\ASUS MultiAntenna Service\AsusMultiAntennaSvc.exe =>.ASUSTeK COMPUTER INC.
[0C9838F673F9B1CCE395CFAB2B6684E4] [24/11/2022] (.ASUSTeK COMPUTER INC..) - C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe =>.ASUSTeK COMPUTER INC.
[0C9838F673F9B1CCE395CFAB2B6684E4] [24/11/2022] (.ASUSTeK COMPUTER INC..) - C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe =>.ASUSTeK COMPUTER INC.
[0C9838F673F9B1CCE395CFAB2B6684E4] [30/01/2023] (.ASUSTeK COMPUTER INC..) - C:\ProgramData\Package Cache{41769dc1-7824-49a8-9532-2a38a2fff82b}\AacNBDTSetup.exe =>.ASUSTeK COMPUTER INC.
[0C9838F673F9B1CCE395CFAB2B6684E4] [31/01/2023] (.ASUSTeK COMPUTER INC..) - C:\Program Files\ASUS\ARMOURY CRATE Service\DenoiseAIPlugin\ArmouryCrate.DenoiseAI.exe =>.ASUSTeK COMPUTER INC.
[0C9838F673F9B1CCE395CFAB2B6684E4] [31/01/2023] (.ASUSTeK COMPUTER INC..) - C:\ProgramData\Package Cache{ba95a7ce-ede3-4308-a5d6-6c08a15bff04}\AacNBDTSetup.exe =>.ASUSTeK COMPUTER INC.
[0C9838F673F9B1CCE395CFAB2B6684E4] [31/05/2022] (.ASUSTeK COMPUTER INC..) - C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe =>.ASUSTeK COMPUTER INC.
[0D15AE420C16138D734703C134CADF3D] [08/08/2021] (.ASUSTek Computer Inc.) - C:\ProgramData\Package Cache{fe2996bf-7174-4ad7-af8c-3e8e510c8263}\AacDisplaySetup.exe =>.Not verified
[14781BC862E8DC503A559346F5DCC518] [15/06/2021] (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvswcfilter.sys =>.NVIDIA Corporation
[1885B7E188D8FAFD38A43D48967D7488] [06/10/2020] (.Advanced Micro Devices INC..) - C:\WINDOWS\System32\drivers\AMDPCIDev.sys =>.Advanced Micro Devices INC.
[1885B7E188D8FAFD38A43D48967D7488] [17/08/2020] (.Advanced Micro Devices INC..) - C:\WINDOWS\System32\drivers\AMDRyzenMasterDriver.sys =>.Advanced Micro Devices INC.
[1885B7E188D8FAFD38A43D48967D7488] [18/06/2021] (.Advanced Micro Devices INC..) - C:\WINDOWS\System32\drivers\amdgpio2.sys =>.Advanced Micro Devices INC.
[1885B7E188D8FAFD38A43D48967D7488] [18/06/2021] (.Advanced Micro Devices INC..) - C:\WINDOWS\System32\drivers\amdi2c.sys =>.Advanced Micro Devices INC.
[26953C08B49D365512E76066] [14/11/2022] (.WATERFOX LIMITED.) - C:\Program Files\Waterfox\default-browser-agent.exe =>.Not verified
[26953C08B49D365512E76066] [14/11/2022] (.WATERFOX LIMITED.) - C:\Program Files\Waterfox\uninstall\helper.exe =>.Not verified
[26953C08B49D365512E76066] [14/11/2022] (.WATERFOX LIMITED.) - C:\Program Files\Waterfox\waterfox.exe =>.Not verified
[32B5C7F8C18A7A2BFBB52746] [08/08/2021] (.ASUSTEK COMPUTER INCORPORATION.) - C:\ProgramData\Package Cache{fd4cf3d0-9937-417e-89b4-56658158819a}\AacGmAccSetup.exe =>.ASUSTEK COMPUTER INCORPORATION
[32B5C7F8C18A7A2BFBB52746] [10/09/2021] (.ASUSTEK COMPUTER INCORPORATION.) - C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\GetMonitorInfo.exe =>.ASUSTEK COMPUTER INCORPORATION
[32B5C7F8C18A7A2BFBB52746] [10/09/2021] (.ASUSTEK COMPUTER INCORPORATION.) - C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe =>.ASUSTEK COMPUTER INCORPORATION
[32B5C7F8C18A7A2BFBB52746] [25/03/2021] (.ASUSTEK COMPUTER INCORPORATION.) - C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe =>.ASUSTEK COMPUTER INCORPORATION
[32B5C7F8C18A7A2BFBB52746] [26/05/2020] (.ASUSTEK COMPUTER INCORPORATION.) - C:\Program Files (x86)\LightingService\AsusInstallVerifier.exe =>.ASUSTEK COMPUTER INCORPORATION
[33000003183E18830F1770AD20000000000318] [25/01/2023] (.Skype Software Sarl.) - C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe =>.Skype Software Sarl
[3A95E200607A8AE01F5391A1377C82F1] [30/03/2021] (.Advanced Micro Devices INC..) - C:\WINDOWS\System32\drivers\rcbottom.sys =>.Not verified
[3A95E200607A8AE01F5391A1377C82F1] [30/03/2021] (.Advanced Micro Devices INC..) - C:\WINDOWS\System32\drivers\rccfg.sys =>.Not verified
[3A95E200607A8AE01F5391A1377C82F1] [30/03/2021] (.Advanced Micro Devices INC..) - C:\WINDOWS\System32\drivers\rcraid.sys =>.Not verified
[3E5CA31B817BD1E41CB45024] [05/07/2021] (.British Cayman Islands Intelligo Technology Inc. Taiwan Branch.) - C:\WINDOWS\System32\drivers\igovsd.sys =>.Not verified
[44850B673A677BD66A388730B0202F74] [10/10/2013] (.Lifestyle Toolbox Ltd.) - C:\Program Files (x86)\FreeWriter\FreeWriter.Application.exe =>.Not verified
[535091E6CAB13AF393B51EAD0825F627] [03/10/2022] (.Advanced Micro Devices Inc..) - C:\Windows\System32\DriverStore\FileRepository\u0382793.inf_amd64_1c9c9d36a5813460\B384051\amdkmdag.sys =>.Advanced Micro Devices Inc.
[535091E6CAB13AF393B51EAD0825F627] [03/10/2022] (.Advanced Micro Devices Inc..) - C:\Windows\System32\DriverStore\FileRepository\u0382793.inf_amd64_1c9c9d36a5813460\B384051\atieclxx.exe =>.Advanced Micro Devices Inc.
[535091E6CAB13AF393B51EAD0825F627] [03/10/2022] (.Advanced Micro Devices Inc..) - C:\Windows\System32\DriverStore\FileRepository\u0382793.inf_amd64_1c9c9d36a5813460\B384051\atiesrxx.exe =>.Advanced Micro Devices Inc.
[535091E6CAB13AF393B51EAD0825F627] [25/01/2022] (.Advanced Micro Devices Inc..) - C:\Windows\System32\DriverStore\FileRepository\amdacpbus.inf_amd64_2a1424d35664c96c\amdacpbus.sys =>.Advanced Micro Devices Inc.
[62E745E92165213C971F5C490AEA12A5] [01/06/2022] (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvppc.inf_amd64_9e64b3394e9674c4\UcmCxUcsiNvppc.sys =>.NVIDIA Corporation
[62E745E92165213C971F5C490AEA12A5] [03/06/2021] (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\NvModuleTracker.sys =>.NVIDIA Corporation
[62E745E92165213C971F5C490AEA12A5] [11/01/2021] (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation
[62E745E92165213C971F5C490AEA12A5] [25/01/2021] (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe =>.NVIDIA Corporation
[62E745E92165213C971F5C490AEA12A5] [29/12/2020] (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe =>.NVIDIA Corporation
[71E68684F7A885A24ABF921CBBF4E0C3] [02/06/2021] (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvvhci.sys =>.NVIDIA Corporation
[731D40AE3F3A1FB2BC3D8395] [11/06/2021] (.win.rar GmbH.) - C:\Program Files\WinRAR\Rar.exe =>.win.rar GmbH
[731D40AE3F3A1FB2BC3D8395] [11/06/2021] (.win.rar GmbH.) - C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH
[731D40AE3F3A1FB2BC3D8395] [14/06/2021] (.win.rar GmbH.) - C:\Program Files\WinRAR\uninstall.exe =>.win.rar GmbH
[75B5499C96D676A5FAE2656B351E1FD6] [08/10/2021] (.Samsung Electronics Co., Ltd..) - C:\WINDOWS\System32\drivers\ssudqcfilter.sys =>.Samsung Electronics Co., Ltd.

~ Unselected Options: O82,
~ End of the scan, 9153 items in 02mn01s (2124)(0)

ZHPDiag Diagnostic Report

Serial Number

[009EB86320BC00ABF185BBDE0332C26F58] [01/02/2023] (.DOS SANTOS DA SILVA ALFREDO.) - C:\Users\acco5\Downloads\UltraAdwareKiller64.exe =>.Not verified
[00A657F778B31AE523D667131718D16EB2] [01/02/2023] (.Malwarebytes Inc..) - C:\Program Files\Malwarebytes\Anti-Malware\mb4uns.exe
[00A657F778B31AE523D667131718D16EB2] [01/02/2023] (.Malwarebytes Inc..) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
[00A657F778B31AE523D667131718D16EB2] [01/02/2023] (.Malwarebytes Inc..) - C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
[00A657F778B31AE523D667131718D16EB2] [01/02/2023] (.Malwarebytes Inc..) - C:\ProgramData\Malwarebytes\MBAMService\lkg_db\ig.exe
[00A657F778B31AE523D667131718D16EB2] [01/02/2023] (.Malwarebytes Inc..) - C:\ProgramData\Malwarebytes\MBAMService\lkg_db\MBAMCore.dll
[00A657F778B31AE523D667131718D16EB2] [01/02/2023] (.Malwarebytes Inc..) - C:\ProgramData\Malwarebytes\MBAMService\lkg_db\sample.dll
[00A657F778B31AE523D667131718D16EB2] [01/02/2023] (.Malwarebytes Inc..) - C:\WINDOWS\System32\DRIVERS\mwac.sys
[00A657F778B31AE523D667131718D16EB2] [15/09/2022] (.Malwarebytes Inc..) - C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
[00A657F778B31AE523D667131718D16EB2] [25/11/2022] (.Malwarebytes Inc..) - C:\Users\acco5\Desktop\Setups offline\adwcleaner(1).exe
[010A2D797092EA03E8A1F2725F76FC58] [27/09/2020] (.ASUSTek Computer Inc..) - C:\WINDOWS\System32\drivers\AsusPTPFilter.sys
[02009F3FD86C9A6051C97108379B1201] [11/01/2023] (.Zoom Video Communications, Inc..) - C:\Users\acco5\AppData\Roaming\Zoom\bin\Zoom.exe =>.Not verified
[02009F3FD86C9A6051C97108379B1201] [11/01/2023] (.Zoom Video Communications, Inc..) - C:\Users\acco5\AppData\Roaming\Zoom\uninstall\Installer.exe =>.Not verified
[0266ADFA176389D9B4301AC87EFD6A96] [01/06/2022] (.Nvidia Corporation.) - C:\WINDOWS\System32\drivers\nvhda64v.sys
[03C364883635B9CA96A5349D6F8349C9] [09/03/2022] (.Dolby Laboratories, Inc..) - C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_a379f9cda17dd4b1\DAX3API.exe
[045296F8FCD829A75DC94294F5A415A4] [21/01/2023] (.Adobe Inc..) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
[045296F8FCD829A75DC94294F5A415A4] [26/09/2022] (.Adobe Inc..) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
[04C530703A210EC1D6F83CB4FE1118C5] [20/01/2023] (.Spotify AB.) - C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe
[055100FDBCB3E2F470A627F03FCFE5B8] [24/06/2022] (.Nvidia Corporation.) - C:\WINDOWS\System32\drivers\nvpcf.sys
[06680CEE465B856F613A3BDD20482E71] [30/09/2022] (.Samsung Electronics CO., LTD..) - C:\WINDOWS\System32\DRIVERS\ssudbus2.sys
[06680CEE465B856F613A3BDD20482E71] [30/09/2022] (.Samsung Electronics CO., LTD..) - C:\WINDOWS\System32\DRIVERS\ssudmdm.sys
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\AsusAppService\AsusAppService.exe
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkNear\AsusLinkNear.exe
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkRemote\AsusLinkRemote.exe
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkRemote\AsusLinkRemoteAgent.exe
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSOptimization\AsusOptimization.exe
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSOptimization\AsusOptimizationStartupTask.exe
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSOptimization\AsusOSD.exe
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSOptimization\AsusWmiAcpi.sys
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSoftwareManager\AsusSoftwareManager.exe
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSwitch\AsusSwitch.exe
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSystemAnalysis\AsusSAIO.sys
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSystemAnalysis\AsusSystemAnalysis.exe
[07207B3A1ACB44E4DC39EBD389A96D65] [07/12/2022] (.ASUSTeK COMPUTER INC..) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
[07207B3A1ACB44E4DC39EBD389A96D65] [18/07/2021] (.ASUSTeK COMPUTER INC..) - C:\WINDOWS\System32\drivers\AsRadioControl.sys
[07EC0CF3D333673B2602D410FE0C4D21] [17/06/2021] (.Advanced Micro Devices, Inc..) - C:\WINDOWS\System32\drivers\amdpsp.sys
[0800EE4ED1A959CC9887E905AD662BFE] [24/06/2022] (.Nvidia Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\Display.NvContainer\NVDisplay.Container.exe
[0800EE4ED1A959CC9887E905AD662BFE] [24/06/2022] (.Nvidia Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\nv3dappshext.dll
[0800EE4ED1A959CC9887E905AD662BFE] [24/06/2022] (.Nvidia Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\nvlddmkm.sys
[0800EE4ED1A959CC9887E905AD662BFE] [24/06/2022] (.Nvidia Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\nvshext.dll
[085081AC808931622FA4543E468F7DBF] [15/04/2021] (.ASUSTeK Computer Inc..) - C:\ProgramData\ASUS\ARMOURYCRATEServiceUninstall\Uninstall.exe
[0934A6D29414C6BEEFCBE7C2260D7FFB] [16/12/2022] (.Connectify (Connectify, Inc.).) - C:\Program Files (x86)\Speedify\speedify.exe =>.Not verified
[0934A6D29414C6BEEFCBE7C2260D7FFB] [16/12/2022] (.Connectify (Connectify, Inc.).) - C:\Program Files (x86)\Speedify\SpeedifyLauncher.exe =>.Not verified
[0934A6D29414C6BEEFCBE7C2260D7FFB] [16/12/2022] (.Connectify (Connectify, Inc.).) - C:\Program Files (x86)\Speedify\SpeedifyUI.exe =>.Not verified
[0B8F52FAF64C421EABB2275AE148C519] [11/08/2022] (.Realtek Semiconductor Corp..) - C:\WINDOWS\System32\drivers\RTKVHD64.sys
[0B8F52FAF64C421EABB2275AE148C519] [11/08/2022] (.Realtek Semiconductor Corp..) - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_719a4f3eb3c3c65a\RtkAudUService64.exe
[0B8F52FAF64C421EABB2275AE148C519] [14/11/2022] (.Realtek Semiconductor Corp..) - C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.37.275.0_x64__dt26b99r8h8gj\RtkUWP.exe
[0BB125B299BF587BDC90DB83A2A825BA] [09/07/2020] (.Connectify (Connectify, Inc.).) - C:\WINDOWS\System32\drivers\tap0901cn.sys
[0BBE02C8838FBF02AB56EDABB1E34C19] [08/06/2022] (.ASUSTeK COMPUTER INC..) - C:\Program Files (x86)\InstallShield Installation Information{339A6383-7862-46DA-8A9D-E84180EF9424}\FrameworkServiceSetup.exe =>.Not verified
[0BBE02C8838FBF02AB56EDABB1E34C19] [08/07/2022] (.ASUSTeK COMPUTER INC..) - C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe =>.Not verified
[0BBE02C8838FBF02AB56EDABB1E34C19] [24/11/2022] (.ASUSTeK COMPUTER INC..) - C:\ProgramData\Package Cache{0760271b-d7d2-407b-a2ec-f17c8ce203c7}\AuraServiceSetup.exe =>.Not verified
[0BBE02C8838FBF02AB56EDABB1E34C19] [26/09/2022] (.ASUSTeK COMPUTER INC..) - C:\Program Files (x86)\LightingService\LightingService.exe =>.Not verified
[0BFCFAC08E216A1C1FDAA6B77BB2D66E] [21/04/2021] (.Realtek Semiconductor Corp..) - C:\WINDOWS\System32\drivers\rt640x64.sys
[0C1CD3EEA47EDDA7A032573B014D0AFD] [01/02/2023] (.Mozilla Corporation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
[0C1CD3EEA47EDDA7A032573B014D0AFD] [01/02/2023] (.Mozilla Corporation.) - C:\Program Files\Mozilla Firefox\firefox.exe
[0C1CD3EEA47EDDA7A032573B014D0AFD] [01/02/2023] (.Mozilla Corporation.) - C:\Program Files\Mozilla Firefox\uninstall\helper.exe
[0C29F10216F4CD91F5971051BAAB8BC1] [24/11/2022] (.Vertical Thinking Print & Web Inc.) - C:\Users\acco5\AppData\Local\LilySpeechApp\LilySpeechUninstall\LilySpeechUninstall.exe =>.Not verified
[0C29F10216F4CD91F5971051BAAB8BC1] [24/11/2022] (.Vertical Thinking Print & Web Inc.) - C:\Users\acco5\AppData\Local\LilySpeechApp\LilySpeechUtilA\assets\engine\LilySpeech64-2a.exe =>.Not verified
[0C29F10216F4CD91F5971051BAAB8BC1] [24/11/2022] (.Vertical Thinking Print & Web Inc.) - C:\Users\acco5\AppData\Local\LilySpeechApp\LilySpeechUtilB\assets\engine\LilySpeech64-2b.exe =>.Not verified
[0C29F10216F4CD91F5971051BAAB8BC1] [24/11/2022] (.Vertical Thinking Print & Web Inc.) - C:\Users\acco5\AppData\Local\LilySpeechRec\LilySpeechRec.exe =>.Not verified
[0C5167C023B9ADEDF0F8918EE65712A1] [24/11/2022] (.ASUSTEK COMPUTER INC..) - C:\WINDOWS\system32\drivers\IOMap64.sys
[0C64962E4467EDCC1579646B7337EC8C] [08/08/2021] (.ASUSTeK Computer Inc..) - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
[0C64962E4467EDCC1579646B7337EC8C] [08/08/2021] (.ASUSTeK Computer Inc..) - C:\ProgramData\Package Cache{193a2068-8738-4276-ab1b-9133f9403487}\AacTerminalHal.exe
[0C64962E4467EDCC1579646B7337EC8C] [08/08/2021] (.ASUSTeK Computer Inc..) - C:\ProgramData\Package Cache{559342ce-3e0f-4daf-bd9f-dfb67f065c28}\AacMouseSetup.exe
[0C64962E4467EDCC1579646B7337EC8C] [08/08/2021] (.ASUSTeK Computer Inc..) - C:\ProgramData\Package Cache{79497ebd-229a-42ac-9410-87264af2e929}\AacKbSetup.exe
[0C64962E4467EDCC1579646B7337EC8C] [08/08/2021] (.ASUSTeK Computer Inc..) - C:\ProgramData\Package Cache{80f60ecc-98e1-474b-aee2-0c470f02dbbc}\FrameworkServiceSetup.exe
[0C64962E4467EDCC1579646B7337EC8C] [08/08/2021] (.ASUSTeK Computer Inc..) - C:\ProgramData\Package Cache{b351ae91-a5dd-4741-8830-883dddd22eb7}\AacHeadSetSetup.exe
[0C64962E4467EDCC1579646B7337EC8C] [21/07/2021] (.ASUSTeK Computer Inc..) - C:\Program Files (x86)\InstallShield Installation Information{374883e6-b31d-4a3c-9c4a-2685a840aed4}\Setup.exe
[0C64962E4467EDCC1579646B7337EC8C] [21/07/2021] (.ASUSTeK Computer Inc..) - C:\Program Files (x86)\InstallShield Installation Information{ab5f014e-883d-470d-bc2d-127ef91e5611}\Setup.exe
[0C64962E4467EDCC1579646B7337EC8C] [23/04/2021] (.ASUSTeK Computer Inc..) - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe
[0C64962E4467EDCC1579646B7337EC8C] [23/04/2021] (.ASUSTeK Computer Inc..) - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
[0C64962E4467EDCC1579646B7337EC8C] [30/09/2021] (.ASUSTeK Computer Inc..) - C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
[0C64962E4467EDCC1579646B7337EC8C] [30/09/2021] (.ASUSTeK Computer Inc..) - C:\WINDOWS\system32\drivers\AsIO3.sys
[0C9838F673F9B1CCE395CFAB2B6684E4] [12/09/2022] (.ASUSTeK COMPUTER INC..) - C:\ProgramData\Package Cache{021d69c3-d686-4a94-8fb5-fd1ee782fb14}\GameSDK.exe
[0C9838F673F9B1CCE395CFAB2B6684E4] [16/09/2022] (.ASUSTeK COMPUTER INC..) - C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe
[0C9838F673F9B1CCE395CFAB2B6684E4] [18/08/2022] (.ASUSTeK COMPUTER INC..) - C:\WINDOWS\System32\ASUSACCI\ArmouryCrateControlInterface.exe
[0C9838F673F9B1CCE395CFAB2B6684E4] [21/09/2022] (.ASUSTeK COMPUTER INC..) - C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
[0C9838F673F9B1CCE395CFAB2B6684E4] [21/09/2022] (.ASUSTeK COMPUTER INC..) - C:\Program Files\ASUS\ASUS MultiAntenna Service\AsusMultiAntennaSvc.exe
[0C9838F673F9B1CCE395CFAB2B6684E4] [24/11/2022] (.ASUSTeK COMPUTER INC..) - C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
[0C9838F673F9B1CCE395CFAB2B6684E4] [24/11/2022] (.ASUSTeK COMPUTER INC..) - C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
[0C9838F673F9B1CCE395CFAB2B6684E4] [30/01/2023] (.ASUSTeK COMPUTER INC..) - C:\ProgramData\Package Cache{41769dc1-7824-49a8-9532-2a38a2fff82b}\AacNBDTSetup.exe
[0C9838F673F9B1CCE395CFAB2B6684E4] [31/01/2023] (.ASUSTeK COMPUTER INC..) - C:\Program Files\ASUS\ARMOURY CRATE Service\DenoiseAIPlugin\ArmouryCrate.DenoiseAI.exe
[0C9838F673F9B1CCE395CFAB2B6684E4] [31/01/2023] (.ASUSTeK COMPUTER INC..) - C:\ProgramData\Package Cache{ba95a7ce-ede3-4308-a5d6-6c08a15bff04}\AacNBDTSetup.exe
[0C9838F673F9B1CCE395CFAB2B6684E4] [31/05/2022] (.ASUSTeK COMPUTER INC..) - C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
[0D15AE420C16138D734703C134CADF3D] [08/08/2021] (.ASUSTek Computer Inc.) - C:\ProgramData\Package Cache{fe2996bf-7174-4ad7-af8c-3e8e510c8263}\AacDisplaySetup.exe =>.Not verified
[14781BC862E8DC503A559346F5DCC518] [15/06/2021] (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvswcfilter.sys
[1885B7E188D8FAFD38A43D48967D7488] [06/10/2020] (.Advanced Micro Devices INC..) - C:\WINDOWS\System32\drivers\AMDPCIDev.sys
[1885B7E188D8FAFD38A43D48967D7488] [17/08/2020] (.Advanced Micro Devices INC..) - C:\WINDOWS\System32\drivers\AMDRyzenMasterDriver.sys
[1885B7E188D8FAFD38A43D48967D7488] [18/06/2021] (.Advanced Micro Devices INC..) - C:\WINDOWS\System32\drivers\amdgpio2.sys
[1885B7E188D8FAFD38A43D48967D7488] [18/06/2021] (.Advanced Micro Devices INC..) - C:\WINDOWS\System32\drivers\amdi2c.sys
[26953C08B49D365512E76066] [14/11/2022] (.WATERFOX LIMITED.) - C:\Program Files\Waterfox\default-browser-agent.exe =>.Not verified
[26953C08B49D365512E76066] [14/11/2022] (.WATERFOX LIMITED.) - C:\Program Files\Waterfox\uninstall\helper.exe =>.Not verified
[26953C08B49D365512E76066] [14/11/2022] (.WATERFOX LIMITED.) - C:\Program Files\Waterfox\waterfox.exe =>.Not verified
[32B5C7F8C18A7A2BFBB52746] [08/08/2021] (.ASUSTEK COMPUTER INCORPORATION.) - C:\ProgramData\Package Cache{fd4cf3d0-9937-417e-89b4-56658158819a}\AacGmAccSetup.exe
[32B5C7F8C18A7A2BFBB52746] [10/09/2021] (.ASUSTEK COMPUTER INCORPORATION.) - C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\GetMonitorInfo.exe
[32B5C7F8C18A7A2BFBB52746] [10/09/2021] (.ASUSTEK COMPUTER INCORPORATION.) - C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe
[32B5C7F8C18A7A2BFBB52746] [25/03/2021] (.ASUSTEK COMPUTER INCORPORATION.) - C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe
[32B5C7F8C18A7A2BFBB52746] [26/05/2020] (.ASUSTEK COMPUTER INCORPORATION.) - C:\Program Files (x86)\LightingService\AsusInstallVerifier.exe
[33000003183E18830F1770AD20000000000318] [25/01/2023] (.Skype Software Sarl.) - C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
[3A95E200607A8AE01F5391A1377C82F1] [30/03/2021] (.Advanced Micro Devices INC..) - C:\WINDOWS\System32\drivers\rcbottom.sys =>.Not verified
[3A95E200607A8AE01F5391A1377C82F1] [30/03/2021] (.Advanced Micro Devices INC..) - C:\WINDOWS\System32\drivers\rccfg.sys =>.Not verified
[3A95E200607A8AE01F5391A1377C82F1] [30/03/2021] (.Advanced Micro Devices INC..) - C:\WINDOWS\System32\drivers\rcraid.sys =>.Not verified
[3E5CA31B817BD1E41CB45024] [05/07/2021] (.British Cayman Islands Intelligo Technology Inc. Taiwan Branch.) - C:\WINDOWS\System32\drivers\igovsd.sys =>.Not verified
[44850B673A677BD66A388730B0202F74] [10/10/2013] (.Lifestyle Toolbox Ltd.) - C:\Program Files (x86)\FreeWriter\FreeWriter.Application.exe =>.Not verified
[535091E6CAB13AF393B51EAD0825F627] [03/10/2022] (.Advanced Micro Devices Inc..) - C:\Windows\System32\DriverStore\FileRepository\u0382793.inf_amd64_1c9c9d36a5813460\B384051\amdkmdag.sys
[535091E6CAB13AF393B51EAD0825F627] [03/10/2022] (.Advanced Micro Devices Inc..) - C:\Windows\System32\DriverStore\FileRepository\u0382793.inf_amd64_1c9c9d36a5813460\B384051\atieclxx.exe
[535091E6CAB13AF393B51EAD0825F627] [03/10/2022] (.Advanced Micro Devices Inc..) - C:\Windows\System32\DriverStore\FileRepository\u0382793.inf_amd64_1c9c9d36a5813460\B384051\atiesrxx.exe
[535091E6CAB13AF393B51EAD0825F627] [25/01/2022] (.Advanced Micro Devices Inc..) - C:\Windows\System32\DriverStore\FileRepository\amdacpbus.inf_amd64_2a1424d35664c96c\amdacpbus.sys
[62E745E92165213C971F5C490AEA12A5] [01/06/2022] (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvppc.inf_amd64_9e64b3394e9674c4\UcmCxUcsiNvppc.sys
[62E745E92165213C971F5C490AEA12A5] [03/06/2021] (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\NvModuleTracker.sys
[62E745E92165213C971F5C490AEA12A5] [11/01/2021] (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
[62E745E92165213C971F5C490AEA12A5] [25/01/2021] (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
[62E745E92165213C971F5C490AEA12A5] [29/12/2020] (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
[71E68684F7A885A24ABF921CBBF4E0C3] [02/06/2021] (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvvhci.sys
[731D40AE3F3A1FB2BC3D8395] [11/06/2021] (.win.rar GmbH.) - C:\Program Files\WinRAR\Rar.exe
[731D40AE3F3A1FB2BC3D8395] [11/06/2021] (.win.rar GmbH.) - C:\Program Files\WinRAR\RarExt.dll
[731D40AE3F3A1FB2BC3D8395] [14/06/2021] (.win.rar GmbH.) - C:\Program Files\WinRAR\uninstall.exe
[75B5499C96D676A5FAE2656B351E1FD6] [08/10/2021] (.Samsung Electronics Co., Ltd..) - C:\WINDOWS\System32\drivers\ssudqcfilter.sys

Information about ZHPDiag modules
[G0 Google Chrome Page de démarrage] [G2 Google Chrome Extension] [M2 Mozilla Firefox Extension] [R5 Proxy Management] [O1 Redirection du fichier Hosts] [O2 Browser Helper Objects de navigateur] [O3 Internet Explorer Toolbars] [O4 Applications démarrées par le système] [O4G Raccourcis Global Startup] [O10 Winsock hijacker] [O17 Modification Adresse/Domaine DNS] [O18 Protocoles Additionnels] [O22 Clé Registre SharedTaskScheduler] [O23 Services NT non Microsoft] [O34 BootExecute] [O38 Tâches planifiées Automatique] [O40 ActiveSetup Installed Components] [O42 Logiciels installés] [O43 Contenu des dossiers Programes] [O45 Derniers fichiers Prefetcher] [O46 ShellExecuteHooks] [O50 Image File Execution Options] [O53 ShareTools MSconfig StartupReg] [O58 Pilotes du Système] [O68 Start Menu Internet] [O69 Search Browser Infection] [O83 Services démarrés par Svchost] [O87 Firewall Activ Exception List] [O108 Raccourcis de menu contextuels]
ZHPDiag report End

                    Comment

                    • Malnutrition
                      PCHF Moderator
                      • Jul 2016
                      • 7041
                      #6
                      That is ZHP diag, I also need the ZHP cleaner log.

                      The Attach files button is here…

                      [ATTACH type=“full”]11460[/ATTACH]

                        Comment

                        • Data838
                          PCHF Member
                          • Nov 2021
                          • 90
                          #7
                          I just realized ZHPCleaner generated two reports, I think maybe the first one was before repair. Here is the second one

                          [HEADING=2]ZHPCleaner Report[/HEADING]

                          Code:
                          ~ ZHPCleaner v2023.1.31.6 by Nicolas Coolman (2023/01/31)
~ Run by acco5 (Administrator) (02/02/2023 06:41:59)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : ZHP
~ State version : Version KO
~ Certificate ZHPCleaner: Legal
~ Type : Repair
~ Report : C:\Users\acco5\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\acco5\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 19044)

—\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found. (ADS)

—\ Services (0)
~ No malicious or unnecessary items found. (Service)

—\ Browser internet (0)
~ No malicious or unnecessary items found. (Browser)

—\ Hosts file (1)
~ The hosts file is legitimate (1)

—\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found. (Task)

—\ Explorer ( File, Folder) (1)
MOVED file: C:\Users\acco5\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>Préférences Chromium

—\ Registry ( Key, Value, Data) (1)
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [ASUSTeK Computer Inc.] =>Heuristic.Suspect

—\ Summary of the elements found (2)
Zone Anti-Malware - ZAM =>Préférences Chromium
Zone Anti-Malware - ZAM =>Heuristic.Suspect

—\ Other deletions. (26)
~ Registry Keys Tracing deleted (26)
~ Remove the old reports ZHPCleaner. (0)

—\ Result of repair
~ Repair carried out successfully
~ Mozilla Firefox OK
~ Internet Explorer OK

—\ Statistics
~ Items scanned : 1537
~ Items found : 0
~ Items cancelled : 0
~ Space saving (bytes) : 0
~ Items options : 9/17

—\ OPTIONS NOT ACTIVES
~ Temporary file analysis
~ Temporary folder analysis
~ Empty Folder CLSID Analysis
~ Empty Other Folder Analysis
~ Empty LocalLow Folder Analysis
~ Empty Local Folder Analysis
~ Obsolete Installer File Analysis
~ Start browsers with extensions removed

~ End of clean in 00h00mn11s

—\ Reports (2)
ZHPCleaner–02022023-06_39_38.txt
ZHPCleaner-[R]-02022023-06_42_10.txt
                          [HEADING=2]ZHPCleaner report End[/HEADING]

                            Comment

                            • Malnutrition
                              PCHF Moderator
                              • Jul 2016
                              • 7041
                              #8
                              Originally posted by Data838
                              I just realized ZHPCleaner generated two reports,
                              It is two different tools.

                              I am about to get some sleep. So you can run this scanner, and I will check these logs tomorrow after I get home from work.



                              Make sure and disable your antivirus/defender prior to the scan.

                              [ul]
                              [li]Download ESET Online Scanner from herea nd save it to your Desktop.[/li][li]Right click the esetonlinescanner.exe file you downloaded and select Run as administrator.[/li][li]Click Get started.[/li][li]In the Terms of use screen, click Accept if you agree to the Terms of use.[/li][li]Click Get started in the welcome screen.[/li][li]Select your preference for the Customer Experience Improvement Program and the Detection feedback system.Click Continue.[/li][li]Click Computer scan, in the Welcome back screen.[/li][li]Choose Full scan on the next screen.[/li][li]Select Enable ESET to detect and quarantine potentially unwanted applications.Then click Start scan[/li][li]When the scan is finished click Save scan log and save it to your Desktop as ESETScan.txt. Click Continue.[/li][li]ESET Online Scanner will now ask if you wish to turn on the Periodic Scan feature.Click Continue[/li][li]You will now be offered a trial version of ESET Internet Security.Click continue[/li][li]On the next screen, you can leave feedback about the program if you wish.[/li][li]Select Delete application’s data on closing, if you are short of disk space or do not wish to retain the program for future use.[/li][li]If you left feedback, click Submit and continue. If not, Close without feedback.[/li][li]Copy and paste the contents of the ESETScan.txt file in your next reply.[/li][/ul]

                                Comment

                                • Data838
                                  PCHF Member
                                  • Nov 2021
                                  • 90
                                  #9
                                  Yes, I know where the button was ???, but for the previous post it just didn’t appear, I even reloaded the page.
                                  Anyway, I’m attaching all the three reports here.

                                    Comment

                                    • Data838
                                      PCHF Member
                                      • Nov 2021
                                      • 90
                                      #10
                                      ESET scan results

                                      Code:
                                      02/02/2023 08:25:32
Files scanned: 454374
Detected files: 8
Cleaned files: 8
Total scan time 00:31:36
Scan status: Finished
C:\Users\acco5\Desktop\Temporary folder for old computer\Desktop 18.11.2022\Desktop - current\Desktop\Incredible Dracula Games\Incredible Dracula 6 - The Ice Kingdom\wrapper.dll a variant of Win32/Alawar.A potentially unwanted application cleaned by deleting

C:\Users\acco5\Desktop\Temporary folder for old computer\Desktop 18.11.2022\Desktop - current\Desktop\Incredible Dracula Games\Incredible Dracula 9 Legacy of the Valkyries Collectors Edition\wrapper.dll a variant of Win32/Alawar.A potentially unwanted application cleaned by deleting

C:\Users\acco5\Desktop\Temporary folder for old computer\Desktop 18.11.2022\Desktop - current\Desktop\Incredible Dracula The Ice Kingdom\wrapper.dll a variant of Win32/Alawar.A potentially unwanted application cleaned by deleting

C:\Users\acco5\Desktop\Temporary folder for old computer\Desktop 18.11.2022\Desktop - current\Rescue Team Games\Rescue Team 10 - Danger from Outer Space Collectors Edition\wrapper.dll a variant of Win32/Alawar.A potentially unwanted application cleaned by deleting

C:\Users\acco5\Desktop\Temporary folder for old computer\Desktop 18.11.2022\Desktop - current\Rescue Team Games\Rescue Team 2 - Full PreCracked - Foxy Games\Rescue Team 2 - Full PreCracked - Foxy Games.exe a variant of Win32/Alawar.A potentially unwanted application cleaned by deleting

C:\Users\acco5\Desktop\Temporary folder for old computer\Desktop 18.11.2022\Desktop - current\Rescue Team Games\Rescue Team 3 - Full PreCracked - Foxy Games\Rescue Team 3 - Full PreCracked - Foxy Games.exe a variant of Win32/Alawar.A potentially unwanted application cleaned by deleting

C:\Users\acco5\Desktop\Temporary folder for old computer\Desktop 18.11.2022\Desktop - current\Rescue Team Games\Rescue Team 9 - Evil Genius\wrapper.dll a variant of Win32/Alawar.A potentially unwanted application cleaned by deleting

C:\Users\acco5\Desktop\Temporary folder for old computer\Desktop 18.11.2022\Golden Rails Small Town Story Collectors Edition\wrapper.dll a variant of Win32/Alawar.A potentially unwanted application cleaned by deleting

                                        Comment

                                        • Data838
                                          PCHF Member
                                          • Nov 2021
                                          • 90
                                          #11
                                          I’m writing this post because I had observed my laptop for several hours since I did all the scans and repairs, but it was still continuing to download some unnecessary data filling up my C disk. It has stopped for now, so I’ll continue to observe the changes and let you know when you’re back.

                                            Comment

                                            • Malnutrition
                                              PCHF Moderator
                                              • Jul 2016
                                              • 7041
                                              #12
                                              Uninstall: WebAdvisor by McAfee

                                              @Data838

                                              Copy the content of the code box below.
                                              [COLOR=rgb(184, 49, 47)]Do not copy the word code!!!
                                              Right Click FRST and run as Administrator.
                                              Click Fix once (!) and wait. The program will create a log file (Fixlog.txt).
                                              Attach it to your next message.

                                              [ICODE] Start:: CloseProcesses: SystemRestore: On CreateRestorePoint: DeleteKey: HKLM\SOFTWARE\Avast Software DeleteKey: HKLM\SOFTWARE\WOW6432Node\Avast Software DeleteKey: HKCU\SOFTWARE\AVAST Software DeleteKey: HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\AVAST Software DeleteKey: HKCU\SOFTWARE\9-lab DeleteKey: HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\9-lab DeleteKey: HKLM\SOFTWARE\McAfee DeleteKey: HKLM\SOFTWARE\WOW6432Node\McAfee NGI DeleteKey: HKCU\SOFTWARE\McAfee DeleteKey: HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\McAfee DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run|OneDrive DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run|MicrosoftEdgeAutoLaunch_ 96584F32951EA856FAD305C03C256217 DeleteValue: HKEY_USERS\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run|OneDrive DeleteValue: HKEY_USERS\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run|MicrosoftEdgeAutoLaunch_ 96584F32951EA856FAD305C03C256217 DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\StartupFolder|ASUSCD64.cmd C:\Program Files\9-lab C:\ProgramData\Microsoft\Windows\Start Menu\Programs\9-lab Removal Tool C:\ProgramData\9-lab C:\Users\acco5\AppData\Roaming\9-lab C:\Program Files (x86)\Mozilla Maintenance Service C:\WINDOWS\System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB C:\WINDOWS\System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB C:\WINDOWS\System32\Tasks\ASUS Update Checker C:\Program Files\SUPERAntiSpyware C:\Program Files (x86)\WindowsApps\Disney.37853FC22B2CE_1.44.2.0_x6 4__6rarf9sa4v8jt C:\ProgramData\McInstTemp0069471628438385 CMD: sc stop RasAuto CMD: sc stop RasMan CMD: sc stop SessionEnv CMD: sc stop TermService CMD: sc stop UmRdpService CMD: sc stop RemoteAccess CMD: sc config RasAuto start= disabled CMD: sc config RasMan start= disabled CMD: sc config SessionEnv start= disabled CMD: sc config TermService start= disabled CMD: sc config UmRdpService start= disabled CMD: sc config RemoteAccess start= disabled CMD: sc stop sysmain CMD: sc config sysmain start= disabled CMD: sc stop iphlpsvc CMD: sc config iphlpsvc start= disabled CMD: sc stop DiagTrack CMD: sc config DiagTrack start= disabled CMD: sc stop dmwappushservice CMD: sc config dmwappushservice start= disabled CMD: sc stop WSearch CMD: sc config WSearch start= disabled CMD: sc stop lfsvc CMD: sc config lfsvc start= disabled emptytemp: Reboot: End::[/ICODE][/COLOR]

                                                Comment

                                                • Malnutrition
                                                  PCHF Moderator
                                                  • Jul 2016
                                                  • 7041
                                                  #13
                                                  @Data838
                                                  Also, how are you able to tell the machine is downloading?

                                                    Comment

                                                    • Data838
                                                      PCHF Member
                                                      • Nov 2021
                                                      • 90
                                                      #14
                                                      I tried uninstalling it in Settings but the Uninstall button isn’t activated, so I can’t even begin the process. I also tried GeekUninstaller, WebAdvisor appeared in the list, but it didn’t give me Uninstall option, so I made a mistake by removing it from the list thinking that that was the right option. Now it doesn’t appear there anymore. Maybe you can suggest another way or software?

                                                      I’m able to tell that it’s downloading something because my C disk is filling up by itself and I’m not downloading anything. Also, I know how much GB I use daily on the internet, and it increased significantly since the moment I thought I got the virus. I also observed that sometimes I wasn’t doing anything on my laptop and it was still downloading something because the amount of used GBs was increasing by itself.

                                                        Comment

                                                        • Malnutrition
                                                          PCHF Moderator
                                                          • Jul 2016
                                                          • 7041
                                                          #15
                                                          If web advisor was removed from the list, it is gone, just run the fix and post the log, let me know what issue remains.

                                                            Comment

                                                            Previous 1 2 3 template Next
                                                            Working...

                                                              We process personal data about users of our site, through the use of cookies and other technologies, to deliver our services, personalize advertising, and to analyze site activity. We may share certain information about our users with our advertising and analytics partners. For additional details, refer to our Privacy Policy.

                                                              By clicking "I AGREE" below, you agree to our Privacy Policy and our personal data processing and cookie practices as described therein. You also acknowledge that this forum may be hosted outside your country and you consent to the collection, storage, and processing of your data in the country where this forum is hosted.

                                                              I Agree