high disk usage everytime i opened a program

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-04-2022
Ran by Ganja (administrator) on DESKTOP-V4BFEG5 (ASUSTeK COMPUTER INC. X456URK) (15-04-2022 22:52:17)
Running from C:\Users\Ganja\Desktop
Loaded Profiles: Ganja
Platform: Microsoft Windows 10 Pro Version 20H2 19042.1586 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Conexant Systems LLC → Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Conexant Systems LLC → Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent 64.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_b8e0 1d9e8716d2a7\igfxCUIService.exe ->) (Intel(R) pGFX 2020 → Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui _dch.inf_amd64_b8e01d9e8716d2a7\igfxEM.exe
(explorer.exe ->) (Google LLC → Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <9>
(explorer.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1. 100.3407.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSys Tray\IGCCTray.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation → Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(services.exe ->) (Conexant Systems, Inc. → Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. → Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(services.exe ->) (Dropbox, Inc → Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (ICEpower a/s → ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\x40 plmwa.inf_amd64_0fe274d0aafd5420\ICEsoundService64 .exe
(services.exe ->) (Intel Corporation → Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel(R) pGFX 2020 → Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui _dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 → Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igc c_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinSe rvice.exe
(services.exe ->) (Intel(R) pGFX 2020 → Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_a086f01cc7be643a\IntelCpHDCPSvc.ex e
(services.exe ->) (Intel(R) pGFX 2020 → Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_a086f01cc7be643a\IntelCpHeciSvc.ex e
(services.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\Pres entationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher → Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher → Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation → NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nva mi.inf_amd64_036f20146ac187ce\Display.NvContainer\ NVDisplay.Container.exe <2>
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1. 100.3407.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe [509936 2018-04-11] (Adobe Systems Incorporated → Adobe Systems Incorporated)
HKLM...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-09] (Adobe Inc. → Adobe Systems, Incorporated)
HKLM...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation → Microsoft Corporation)
HKLM-x32...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [10586448 2022-04-12] (Dropbox, Inc → Dropbox, Inc.)
HKLM...\Policies\Explorer: [HideSCAMeetNow] 1
HKLM...\Policies\Explorer: [NoWindowsUpdate] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36705520 2022-04-07] (Piriform Software Ltd → Piriform Software Ltd)
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001...\Policies\Explorer: [HideSCAMeetNow] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] → C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.88\Inst aller\chrmstp.exe [2022-04-14] (Google LLC → Google LLC)
IFEO\EOSnotify.exe: [Debugger] /
IFEO\InstallAgent.exe: [Debugger] /
IFEO\MusNotification.exe: [Debugger] /
IFEO\MusNotificationUx.exe: [Debugger] /
IFEO\remsh.exe: [Debugger] /
IFEO\SihClient.exe: [Debugger] /
IFEO\UpdateAssistant.exe: [Debugger] /
IFEO\upfc.exe: [Debugger] /
IFEO\UsoClient.exe: [Debugger] /
IFEO\WaaSMedic.exe: [Debugger] /
IFEO\WaasMedicAgent.exe: [Debugger] /
IFEO\Windows10Upgrade.exe: [Debugger] /
IFEO\Windows10UpgraderApp.exe: [Debugger] /
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {21F74A47-3424-418E-A53B-4E2562C05ABA} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-29] (Dropbox, Inc → Dropbox, Inc.)
Task: {35C3CE0C-6E9C-4368-8970-5A1EC2984974} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Ganja\AppData\Local\ESET\ESETOnlineScanne r\ESETOnlineScanner.exe SCHED (No File)
Task: {38B1D35F-5B27-469E-9023-B883D23E4840} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-14] (Microsoft Windows Publisher → Microsoft Corporation)
Task: {6D49D09F-9853-422D-A970-E82C99B5D8DF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-14] (Microsoft Windows Publisher → Microsoft Corporation)
Task: {7F3569B1-34AE-46F6-B4D7-9D41822A766E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-14] (Microsoft Windows Publisher → Microsoft Corporation)
Task: {8B831FA3-91A3-4CA8-8115-CED07AB87029} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-04-07] (Piriform Software Ltd → Piriform)
Task: {A35BAD01-9115-4CE5-8E83-CE0363167108} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-09] (Adobe Inc. → Adobe Systems, Incorporated)
Task: {A9461498-6A3F-4F98-B10D-680CD902F8BB} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Ganja\AppData\Local\ESET\ESETOnlineScanne r\ESETOnlineScanner.exe LOGON (No File)
Task: {B40A30F0-F3F8-4F31-B890-EEC38512349B} - System32\Tasks\Microsoft\Windows\Conexant\SA2 => C:\Program Files\CONEXANT\SAII\SACpl.exe [1832280 2017-06-07] (Conexant Systems, Inc. → Conexant Systems, Inc.)
Task: {B9D60D3E-8E0C-48C1-B4EF-1EF747D27549} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-14] (Microsoft Windows Publisher → Microsoft Corporation)
Task: {C630BFDF-4B2F-4271-9B1F-2DB64E5A7F09} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2022-03-30] (Bluestack Systems, Inc → BlueStack Systems, Inc.)
Task: {DC0F9DAF-1B83-45D9-AA91-B9C6BD78042B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-29] (Dropbox, Inc → Dropbox, Inc.)
Task: {E8D71E94-B741-496F-BAFF-AFADFF2255A0} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [1823232 2016-07-05] (Conexant Systems, Inc.) [File not signed]
Task: {EF5C000F-603E-4C0E-B31C-A6C10E91FE43} - System32\Tasks\CCleanerSkipUAC - Ganja => C:\Program Files\CCleaner\CCleaner.exe [30836464 2022-04-07] (Piriform Software Ltd → Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.43.193
Tcpip..\Interfaces{bff8e11e-7cb0-43cd-8ed2-84f8481e005d}: [DhcpNameServer] 192.168.43.193
Tcpip..\Interfaces{fc72d37d-562e-4e97-a7cf-ea1989188cd8}: [DhcpNameServer] 192.168.1.1
[HEADING=1]FireFox:[/HEADING]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 → C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation → Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 → C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-19] (VideoLAN → VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 → C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-19] (VideoLAN → VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 → C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation → Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 → C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation → Microsoft Corporation)
[HEADING=1]Chrome:[/HEADING]
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Ganja\AppData\Local\Google\Chrome\User Data\Default [2022-04-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ganja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2021-02-16]
CHR Profile: C:\Users\Ganja\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-04-14]
CHR Profile: C:\Users\Ganja\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-04-15]
CHR Extension: (Slides) - C:\Users\Ganja\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-03-19]
CHR Extension: (Docs) - C:\Users\Ganja\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2022-03-19]
CHR Extension: (Google Drive) - C:\Users\Ganja\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-03-19]
CHR Extension: (YouTube) - C:\Users\Ganja\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-03-19]
CHR Extension: (Sheets) - C:\Users\Ganja\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-03-19]
CHR Extension: (Google Docs Offline) - C:\Users\Ganja\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ganja\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-19]
CHR Extension: (Gmail) - C:\Users\Ganja\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-03-19]
CHR Profile: C:\Users\Ganja\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-14]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-09] (Adobe Inc. → Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-09] (Adobe Inc. → Adobe Systems, Incorporated)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-29] (Dropbox, Inc → Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-29] (Dropbox, Inc → Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [45408 2022-04-12] (Dropbox, Inc → Dropbox, Inc.)
S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [805488 2019-10-16] (EasyAntiCheat Oy → EasyAntiCheat Ltd)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [7965288 2020-03-05] (INCA Internet Co.,Ltd. → INCA Internet Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6228008 2022-04-10] (Microsoft Windows Publisher → Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-14] (Microsoft Windows Publisher → Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-14] (Microsoft Windows Publisher → Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nva mi.inf_amd64_036f20146ac187ce\Display.NvContainer\ NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nva mi.inf_amd64_036f20146ac187ce\Display.NvContainer\ plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. → ASUSTek COMPUTER INC.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [320728 2022-03-30] (Bluestack Systems, Inc → Bluestack System Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. → ASUS)
S3 MpKslbaf14ff9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates{7F45780D-EC7B-4BC8-8BAA-D56A3AB21734}\MpKslDrv.sys [139536 2022-04-15] (Microsoft Windows → Microsoft Corporation)
R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824 2020-04-18] (SoftEther Corporation → SoftEther Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2020-01-10] (Apple Inc.) [File not signed]
R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [50624 2020-04-18] (SoftEther Corporation → SoftEther Corporation)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [31232 2019-12-02] (OpenVPN Technologies, Inc. → The OpenVPN Project)
S3 tesrsdt; C:\Windows\system32\drivers\tesrsdt.sys [812208 2020-06-29] (Tencent Technology(Shenzhen) Company Limited → TENCENT)
S3 UniSafe; C:\Windows\system32\drivers\UniSafe.sys [581912 2020-06-29] (Tencent Technology(Shenzhen) Company Limited → TENCENT)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-14] (Microsoft Windows Early Launch Anti-malware Publisher → Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-14] (Microsoft Windows → Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-14] (Microsoft Windows → Microsoft Corporation)
S3 MpKsl5fba685f; ??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates{2B02F115-5134-4409-8760-F9955DF0D9D3}\MpKslDrv.sys

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-15 22:52 - 2022-04-15 22:54 - 000016808 _____ C:\Users\Ganja\Desktop\FRST.txt
2022-04-15 22:49 - 2022-01-29 00:20 - 000000000 ____D C:\Users\Ganja\Desktop\Wub
2022-04-15 22:40 - 2022-04-15 22:41 - 000011406 _____ C:\ProgramData\DisplaySessionContainer1.log_backup 1
2022-04-15 21:43 - 2022-04-15 21:43 - 000000000 ____D C:\Users\Ganja\AppData\Local\OO Software
2022-04-15 21:25 - 2022-04-15 21:25 - 001604008 _____ (O&O Software GmbH) C:\Users\Ganja\Desktop\OOSU10.exe
2022-04-15 21:16 - 2022-04-15 22:41 - 000022706 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_back up1
2022-04-15 21:16 - 2022-04-15 22:41 - 000018632 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_ backup1
2022-04-15 21:16 - 2022-04-15 21:16 - 000001206 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2022-04-15 19:42 - 2022-04-15 21:06 - 000107535 _____ C:\Users\Ganja\Desktop\Fixlog.txt
2022-04-15 19:42 - 2022-04-15 19:42 - 002366464 _____ (Farbar) C:\Users\Ganja\Desktop\FRST64.exe
2022-04-15 19:40 - 2022-04-15 19:40 - 000000000 ____D C:\Users\Ganja\AppData\Local\BlueStacks
2022-04-15 19:21 - 2022-04-15 19:21 - 000000000 ____D C:\Users\Ganja\AppData\Local\Conexant
2022-04-14 22:51 - 2022-04-14 22:51 - 000000000 ____D C:\Users\Ganja\Downloads\Lang
2022-04-14 22:51 - 2019-10-18 02:19 - 000918718 ____N C:\Users\Ganja\Downloads\readme.txt
2022-04-14 22:51 - 2019-10-18 02:19 - 000038514 ____N C:\Users\Ganja\Downloads\Setup.if2
2022-04-14 22:51 - 2019-10-18 02:19 - 000014060 ____N C:\Users\Ganja\Downloads\Installation_Readme.txt
2022-04-14 22:51 - 2019-10-18 02:19 - 000007567 ____N C:\Users\Ganja\Downloads\mup.xml
2022-04-14 22:50 - 2022-04-15 19:09 - 000000000 ____D C:\Users\Ganja\Downloads\Graphics
2022-04-14 22:46 - 2022-04-15 08:11 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2022-04-14 22:39 - 2022-04-14 22:39 - 000000000 ____D C:\Program Files\Common Files\QCA_Bluetooth
2022-04-14 22:38 - 2022-04-14 22:39 - 000000000 ____D C:\Program Files (x86)\Qualcomm
2022-04-14 22:35 - 2022-04-15 19:09 - 000000000 ____D C:\ProgramData\AmUStor
2022-04-14 22:35 - 2022-04-15 19:09 - 000000000 ____D C:\Program Files (x86)\AmUStor
2022-04-14 22:01 - 2022-04-15 00:04 - 000000000 ____D C:\ProgramData\ASUS
2022-04-14 21:50 - 2022-04-14 21:50 - 000000000 ____D C:\Users\Ganja\Intel
2022-04-14 21:47 - 2022-04-15 00:04 - 000000000 ____D C:\Program Files (x86)\ASUS
2022-04-14 21:40 - 2022-04-14 21:44 - 379569687 _____ C:\Users\Ganja\Downloads\VGA_Intel_Win10_64_VER262 01007325_DriverOnly.zip.zip
2022-04-14 21:40 - 2022-04-14 21:42 - 135721680 _____ (ASUSTeK COMPUTER INC.) C:\Users\Ganja\Downloads\Audio_Conexant_Z_V8.66.95 .70Sub3_21875.exe
2022-04-14 21:40 - 2022-04-14 21:42 - 066241082 _____ C:\Users\Ganja\Downloads\MEI_Intel_15M_Win10_64_VE R11001177.zip
2022-04-14 20:20 - 2022-04-14 20:20 - 000001985 _____ C:\Users\Ganja\Desktop\RöX.lnk
2022-04-14 19:46 - 2022-04-14 19:46 - 000003938 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper_nxt
2022-04-14 19:46 - 2022-04-14 19:46 - 000002115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 5 Multi-Instance Manager.lnk
2022-04-14 19:46 - 2022-04-14 19:46 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 5.lnk
2022-04-14 19:44 - 2022-04-15 19:21 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
2022-04-14 19:44 - 2022-04-15 19:10 - 000000000 ____D C:\Program Files\BlueStacks_nxt
2022-04-14 19:40 - 2022-04-15 19:10 - 000000000 ____D C:\Users\Ganja\AppData\Local\BlueStacksSetup
2022-04-14 19:12 - 2022-04-14 19:12 - 000000000 ____D C:\LDPlayer
2022-04-14 19:06 - 2022-04-14 19:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-04-14 19:06 - 2022-04-14 19:06 - 000000000 ____D C:\Program Files\Google
2022-04-14 18:58 - 2022-04-14 21:19 - 000001050 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-04-14 18:58 - 2022-04-14 18:58 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-04-14 18:58 - 2022-04-14 18:58 - 000002904 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Ganja
2022-04-14 18:57 - 2022-04-14 19:07 - 000000000 ____D C:\PatchMyPCUpdates
2022-04-13 23:40 - 2022-04-13 23:40 - 000000000 ____D C:\Users\Ganja\AppData\Roaming\Tencent
2022-04-13 23:40 - 2022-04-13 23:40 - 000000000 ____D C:\ProgramData\Tencent
2022-04-13 18:15 - 2022-04-13 18:17 - 000000865 _____ C:\Users\Ganja\Desktop\ZHPDiag.lnk
2022-04-13 17:23 - 2022-04-13 17:29 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\subinacl.exe
2022-04-13 17:23 - 2022-04-13 17:23 - 000000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2022-04-13 17:21 - 2022-04-13 17:21 - 000752296 _____ C:\Users\Ganja\Desktop\adware-removal-tool-by-tsa.exe
2022-04-13 17:19 - 2022-04-13 17:19 - 003295944 _____ (Nicolas Coolman) C:\Users\Ganja\Desktop\ZHPCleaner.exe
2022-04-13 17:19 - 2022-04-13 17:19 - 003287240 _____ (Nicolas Coolman) C:\Users\Ganja\Desktop\ZHPDiag3.exe
2022-04-13 06:52 - 2022-04-13 06:52 - 000003858 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2022-04-13 06:52 - 2022-04-13 06:52 - 000003416 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2022-04-12 21:52 - 2022-04-12 21:52 - 000001398 _____ C:\Users\Ganja\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\ESET Online Scanner.lnk
2022-04-12 21:52 - 2022-04-12 21:52 - 000001292 _____ C:\Users\Ganja\Desktop\ESET Online Scanner.lnk
2022-04-12 21:52 - 2022-04-12 21:52 - 000000000 ____D C:\Users\Ganja\AppData\Local\ESET
2022-04-12 21:49 - 2022-04-12 21:49 - 015274968 _____ (ESET) C:\Users\Ganja\Desktop\esetonlinescanner.exe
2022-04-12 21:33 - 2022-04-12 21:33 - 000000008 __RSH C:\ProgramData\ntuser.pol
2022-04-12 21:28 - 2022-04-12 21:28 - 000010416 _____ C:\ProgramData\DisplaySessionContainer2.log_backup 1
2022-04-12 21:20 - 2022-04-12 21:25 - 000000000 ____D C:\Users\Ganja\AppData\Roaming\Geek Uninstaller
2022-04-12 21:19 - 2022-03-23 06:16 - 006392680 _____ (Geek UnС–nstaller) C:\Users\Ganja\Desktop\geek.exe
2022-04-12 21:15 - 2022-04-12 21:16 - 008540344 _____ (Malwarebytes) C:\Users\Ganja\Desktop\adwcleaner_8.3.1.exe
2022-04-12 08:52 - 2022-04-12 08:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-04-12 08:52 - 2022-04-12 08:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-04-12 08:52 - 2022-04-12 08:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-04-12 08:52 - 2022-04-12 08:52 - 000045408 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-04-10 04:33 - 2022-04-09 20:11 - 000000000 ____D C:\Windows.old
2022-04-10 04:20 - 2022-04-10 04:33 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-04-10 04:14 - 2022-04-10 04:20 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-04-10 04:14 - 2022-04-10 04:14 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-04-10 04:03 - 2022-04-10 04:03 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-04-10 04:03 - 2022-04-10 04:03 - 000000000 ____D C:\ProgramData\ssh
2022-04-10 03:48 - 2022-04-10 03:48 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2022-04-10 03:47 - 2022-04-10 03:47 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-04-10 03:47 - 2022-04-10 03:47 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2022-04-10 03:47 - 2022-04-10 03:47 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2022-04-10 03:46 - 2022-04-10 03:46 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-04-10 03:46 - 2022-04-10 03:46 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2022-04-10 03:46 - 2022-04-10 03:46 - 000195584 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-04-10 03:46 - 2022-04-10 03:46 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2022-04-10 03:46 - 2022-04-10 03:46 - 000158208 _____ C:\WINDOWS\system32\uwfcsp.dll
2022-04-10 03:46 - 2022-04-10 03:46 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2022-04-10 03:46 - 2022-04-10 03:46 - 000040960 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2022-04-10 03:45 - 2022-04-10 03:45 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-04-10 03:45 - 2022-04-10 03:45 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-04-10 03:45 - 2022-04-10 03:45 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2022-04-10 03:45 - 2022-04-10 03:45 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2022-04-10 03:44 - 2022-04-10 03:44 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2022-04-10 03:44 - 2022-04-10 03:44 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-04-10 03:44 - 2022-04-10 03:44 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2022-04-10 03:43 - 2022-04-10 03:43 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2022-04-10 03:43 - 2022-04-10 03:43 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2022-04-10 03:43 - 2022-04-10 03:43 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2022-04-10 03:43 - 2022-04-10 03:43 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2022-04-10 03:43 - 2022-04-10 03:43 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2022-04-10 03:43 - 2022-04-10 03:43 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-04-10 03:43 - 2022-04-10 03:43 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-10 03:42 - 2022-04-10 03:42 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2022-04-10 03:42 - 2022-04-10 03:42 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2022-04-10 03:42 - 2022-04-10 03:42 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-04-10 03:42 - 2022-04-10 03:42 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2022-04-10 03:42 - 2022-04-10 03:42 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2022-04-10 03:42 - 2022-04-10 03:42 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2022-04-10 03:42 - 2022-04-10 03:42 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2022-04-10 03:41 - 2022-04-10 03:41 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2022-04-10 03:41 - 2022-04-10 03:41 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2022-04-10 03:41 - 2022-04-10 03:41 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2022-04-10 03:41 - 2022-04-10 03:41 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2022-04-10 03:41 - 2022-04-10 03:41 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2022-04-10 03:41 - 2022-04-10 03:41 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2022-04-10 03:41 - 2022-04-10 03:41 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.Wind owTabManager.dll
2022-04-10 03:41 - 2022-04-10 03:41 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2022-04-10 03:41 - 2022-04-10 03:41 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-04-10 03:41 - 2022-04-10 03:41 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2022-04-10 03:41 - 2022-04-10 03:41 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter. exe
2022-04-10 03:39 - 2022-04-10 03:39 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-04-10 03:39 - 2022-04-10 03:39 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-04-10 03:39 - 2022-04-10 03:39 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-10 03:39 - 2022-04-10 03:39 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2022-04-10 03:38 - 2022-04-10 03:38 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-04-10 03:38 - 2022-04-10 03:38 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2022-04-10 03:38 - 2022-04-10 03:38 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2022-04-10 03:38 - 2022-04-10 03:38 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-04-10 03:37 - 2022-04-10 03:37 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2022-04-10 03:37 - 2022-04-10 03:37 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-04-10 03:37 - 2022-04-10 03:37 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2022-04-10 03:37 - 2022-04-10 03:37 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2022-04-10 03:37 - 2022-04-10 03:37 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2022-04-10 03:37 - 2022-04-10 03:37 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2022-04-10 03:37 - 2022-04-10 03:37 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2022-04-10 03:37 - 2022-04-10 03:37 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2022-04-10 03:35 - 2022-04-10 03:35 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2022-04-10 03:35 - 2022-04-10 03:35 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2022-04-10 03:35 - 2022-04-10 03:35 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.Wind owTabManager.dll
2022-04-10 03:35 - 2022-04-10 03:35 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjec ts.dll
2022-04-10 03:35 - 2022-04-10 03:35 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2022-04-10 03:35 - 2022-04-10 03:35 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-04-10 03:35 - 2022-04-10 03:35 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2022-04-10 03:35 - 2022-04-10 03:35 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-04-10 03:35 - 2022-04-10 03:35 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conve rsationalagent.proxystub.dll
2022-04-10 03:35 - 2022-04-10 03:35 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2022-04-10 03:35 - 2022-04-10 03:35 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conve rsationalagent.internal.proxystub.dll
2022-04-10 03:35 - 2022-04-10 03:35 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2022-04-10 03:35 - 2022-04-10 03:35 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter. exe
2022-04-10 03:04 - 2022-04-10 03:04 - 000417792 _____ C:\WINDOWS\system32\d3dconfig.exe
2022-04-10 03:04 - 2022-04-10 03:04 - 000374784 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DXCpl.exe
2022-04-10 03:04 - 2022-04-10 03:04 - 000365056 _____ C:\WINDOWS\SysWOW64\d3dconfig.exe
2022-04-10 03:04 - 2022-04-10 03:04 - 000347136 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DXCpl.exe
2022-04-10 03:01 - 2022-04-10 03:01 - 000002060 _____ C:\WINDOWS\system32\noise.jpn
2022-04-10 02:55 - 2022-04-12 21:31 - 000465578 _____ C:\WINDOWS\system32\perfh011.dat
2022-04-10 02:55 - 2022-04-12 21:31 - 000130494 _____ C:\WINDOWS\system32\perfc011.dat
2022-04-10 02:55 - 2022-04-10 02:55 - 000144624 _____ C:\WINDOWS\system32\perfi011.dat
2022-04-10 02:55 - 2022-04-10 02:55 - 000033402 _____ C:\WINDOWS\system32\perfd011.dat
2022-04-10 02:55 - 2022-04-10 02:55 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2022-04-10 02:55 - 2022-04-10 02:55 - 000000000 ____D C:\WINDOWS\SysWOW64\ja
2022-04-10 02:55 - 2022-04-10 02:55 - 000000000 ____D C:\WINDOWS\system32\ja
2022-04-10 02:39 - 2022-04-14 18:43 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-04-10 02:39 - 2022-04-10 02:39 - 000000000 ____D C:\Program Files\Reference Assemblies
2022-04-10 02:39 - 2022-04-10 02:39 - 000000000 ____D C:\Program Files\MSBuild
2022-04-10 02:39 - 2022-04-10 02:39 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2022-04-09 21:15 - 2022-04-09 21:15 - 000000000 ____D C:\WINDOWS\pss
2022-04-09 20:37 - 2022-04-09 20:37 - 000001154 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-04-09 20:37 - 2022-04-09 20:37 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-04-09 20:14 - 2022-04-09 20:14 - 000000020 ___SH C:\Users\Ganja\ntuser.ini
2022-04-09 20:09 - 2022-04-15 22:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-09 20:09 - 2022-04-09 20:10 - 000003410 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachine UA
2022-04-09 20:09 - 2022-04-09 20:10 - 000002668 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-04-09 20:09 - 2022-04-09 20:09 - 000003186 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachine Core
2022-04-09 20:09 - 2022-04-09 20:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\OfficeSoftwareProtection Platform
2022-04-09 20:08 - 2022-04-09 20:09 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2022-04-09 20:08 - 2022-04-09 20:09 - 000007623 _____ C:\WINDOWS\diagerr.xml
2022-04-09 20:00 - 2022-04-09 20:00 - 001451302 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-09 19:47 - 2022-04-15 19:16 - 000000000 ____D C:\Users\Ganja
2022-04-09 19:43 - 2016-10-27 16:14 - 000416576 _____ (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SASrv.exe
2022-04-09 19:43 - 2016-10-27 16:14 - 000416576 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\SASrv.exe
2022-04-09 19:43 - 2015-07-31 17:29 - 000004664 _____ C:\WINDOWS\system32\Drivers\CxSfPt.DAT
2022-04-09 19:43 - 2014-10-20 14:54 - 000207576 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe
2022-04-09 19:35 - 2022-04-15 21:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-09 19:34 - 2022-04-15 22:42 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-09 19:34 - 2022-04-09 19:35 - 000319144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-09 15:53 - 2022-04-09 20:36 - 000000000 ____D C:\Program Files\ruxim
2022-04-09 09:33 - 2022-04-14 21:22 - 000000000 ___DC C:\WINDOWS\Panther
2022-04-09 09:26 - 2022-04-09 09:26 - 000000000 ___HD C:$WinREAgent
2022-04-09 02:32 - 2022-04-09 02:32 - 000000000 ____D C:\Users\Ganja\AppData\Local\NemuPlayer
2022-04-09 02:32 - 2022-04-09 02:32 - 000000000 ____D C:\Users\Ganja\AppData\Local\cache
2022-04-09 02:02 - 2022-04-13 18:41 - 000000000 ____D C:\Users\Ganja\Documents\MuMuSharedFolder
2022-04-09 02:01 - 2022-04-09 02:01 - 000000000 ____D C:\Users\Ganja\AppData\Local\CrashRpt
2022-04-09 01:54 - 2022-04-14 18:03 - 000000000 ____D C:\Users\Public\Documents\MuMu Files
2022-04-09 01:54 - 2022-04-14 18:03 - 000000000 ____D C:\Program Files\NemuVbox
2022-04-09 01:50 - 2022-04-09 01:50 - 000000000 ____D C:\Program Files\MuMu
2022-04-09 01:49 - 2022-04-09 01:49 - 009731600 _____ (NetEase, Inc.) C:\Users\Ganja\Downloads\MuMuInstaller_1.4.0.0_gw-overseas_all_1644473805.exe
2022-04-09 01:21 - 2022-04-09 10:39 - 000000000 ____D C:\Users\Ganja.TianTianVM
2022-04-09 01:15 - 2022-04-09 01:15 - 000000299 _____ C:\Users\Ganja\d4ac4633ebd6440fa397b84f1bc94a3c.7z
2022-04-09 00:30 - 2022-04-09 01:23 - 000000000 ____D C:\Users\Ganja.android
2022-04-09 00:29 - 2022-04-09 00:29 - 000000066 _____ C:\Users\Ganja\inittk.ini
2022-04-09 00:27 - 2022-04-09 00:43 - 000000000 ____D C:\Users\Ganja\AppData\Local\NoxSrv
2022-04-09 00:27 - 2022-04-09 00:27 - 000000053 _____ C:\Users\Ganja\useruid.ini
2022-04-09 00:27 - 2022-04-09 00:27 - 000000045 _____ C:\Users\Ganja\nuuid.ini
2022-04-09 00:27 - 2022-04-09 00:27 - 000000041 _____ C:\Users\Ganja\inst.ini
2022-04-09 00:27 - 2022-04-09 00:27 - 000000000 ____D C:\Users\Ganja\Nox_share
2022-04-09 00:26 - 2022-04-09 00:43 - 000000000 ____D C:\Users\Ganja\vmlogs
2022-04-09 00:21 - 2022-04-14 18:04 - 000000000 ____D C:\Users\Ganja\AppData\Local\Nox
2022-04-09 00:16 - 2022-04-09 00:21 - 527327744 _____ (Duodian Technology Co. Ltd.) C:\Users\Ganja\Downloads\nox_setup_v7.0.2.5_full_i ntl.exe
2022-04-08 23:50 - 2022-04-08 23:50 - 000000000 ____D C:\Users\Ganja\AppData\Local\CrashDumps
2022-03-26 14:25 - 2022-03-27 20:00 - 000076461 _____ C:\Users\Ganja\Desktop\Ragnarok (Autosaved).xlsx
2022-03-26 10:43 - 2022-03-26 10:43 - 000000000 __RHD C:\MSOCache
2022-03-26 10:38 - 2022-03-26 10:38 - 000000165 ____H C:\Users\Ganja\Desktop~$Ragnarok.xlsx
2022-03-20 09:41 - 2022-03-20 09:45 - 000000000 ____D C:\Users\Ganja\Documents\CTK
2022-03-20 09:39 - 2022-03-20 09:39 - 000001124 _____ C:\Users\Ganja\Desktop\BloonsTK.exe - Shortcut.lnk
2022-03-19 16:32 - 2022-03-20 09:12 - 000014198 _____ C:\ProgramData\DisplaySessionContainer3.log_backup 1
2022-03-17 23:14 - 2022-03-17 23:14 - 000000112 ___SH C:\bootTel.dat

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-15 22:53 - 2022-03-14 17:42 - 000000000 ____D C:\FRST
2022-04-15 22:51 - 2019-03-19 13:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2022-04-15 22:47 - 2020-03-06 12:09 - 000000000 ____D C:\Program Files\CCleaner
2022-04-15 22:46 - 2019-12-07 18:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-15 22:45 - 2020-02-29 23:02 - 000000000 __SHD C:\Users\Ganja\IntelGraphicsProfiles
2022-04-15 22:42 - 2022-03-15 11:27 - 000000000 ____D C:\Intel
2022-04-15 22:42 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-04-15 22:41 - 2019-12-07 18:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-04-15 21:06 - 2019-12-07 18:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-15 19:10 - 2019-12-07 18:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-15 19:09 - 2020-02-29 21:10 - 000000000 ____D C:\Program Files\CONEXANT
2022-04-15 19:09 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\security
2022-04-15 18:59 - 2019-12-07 18:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-15 18:48 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\registration
2022-04-15 18:47 - 2021-04-07 09:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2022-04-15 08:13 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-04-15 07:28 - 2020-03-01 14:56 - 000000000 ____D C:\Users\Ganja\AppData\Local\ElevatedDiagnostics
2022-04-14 23:23 - 2020-02-29 21:19 - 000000000 ____D C:\Users\Ganja\AppData\Local\D3DSCache
2022-04-14 23:01 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-14 21:58 - 2020-02-29 21:10 - 000000000 ____D C:\ProgramData\UIU
2022-04-14 19:38 - 2021-12-15 22:03 - 000000000 ____D C:\Users\Ganja\AppData\Roaming\XuanZhi64
2022-04-14 19:22 - 2021-12-15 22:17 - 000000000 ____D C:\Users\Ganja.Ld2VirtualBox
2022-04-14 19:09 - 2020-03-08 23:49 - 000000000 ____D C:\Users\Ganja\AppData\Local\Dropbox
2022-04-14 19:08 - 2020-03-08 23:49 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-04-14 18:58 - 2020-02-29 21:12 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-14 18:58 - 2020-02-29 21:08 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-14 18:43 - 2020-04-29 14:24 - 000000000 ____D C:\Users\Ganja\AppData\Roaming\Visual Studio Setup
2022-04-14 18:43 - 2020-04-29 14:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2022-04-14 18:42 - 2020-04-29 14:36 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-04-14 18:42 - 2020-04-29 14:36 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
2022-04-14 18:38 - 2020-02-29 22:55 - 000000000 ____D C:\ProgramData\Package Cache
2022-04-14 18:12 - 2020-04-29 14:22 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio
2022-04-14 18:06 - 2020-02-29 21:37 - 000000000 ____D C:\Games
2022-04-14 18:02 - 2020-02-29 21:09 - 000000000 ___RD C:\Users\Ganja\OneDrive
2022-04-14 18:01 - 2020-03-01 04:04 - 000000000 ____D C:\Users\Ganja\AppData\Local\Packages
2022-04-14 17:59 - 2020-03-04 00:17 - 000000000 ____D C:\Program Files\Cheat Engine 7.0
2022-04-14 17:34 - 2020-03-06 15:40 - 000000000 ____D C:\Program Files (x86)\Adobe
2022-04-14 17:34 - 2020-03-06 15:39 - 000000000 ____D C:\ProgramData\Adobe
2022-04-14 17:34 - 2020-03-01 04:04 - 000000000 ____D C:\Users\Ganja\AppData\Roaming\Adobe
2022-04-14 04:27 - 2020-03-01 03:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-04-13 23:41 - 2020-06-29 19:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
2022-04-13 18:24 - 2020-03-11 19:31 - 000000000 ____D C:\Users\Ganja\AppData\Roaming\ZHP
2022-04-13 17:57 - 2022-03-14 17:15 - 000000877 _____ C:\Users\Ganja\Desktop\ZHPCleaner.lnk
2022-04-12 21:31 - 2020-04-30 19:39 - 000000000 ____D C:\Users\Ganja\AppData\LocalLow\Temp
2022-04-12 21:19 - 2020-03-11 11:39 - 000000000 ____D C:\Users\Ganja\AppData\Roaming\360DesktopLite
2022-04-12 21:18 - 2019-12-07 18:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-10 04:33 - 2021-11-29 19:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2022-04-10 04:33 - 2021-02-16 08:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2022-04-10 04:33 - 2020-05-29 19:42 - 000000000 ____D C:\Program Files\UNP
2022-04-10 04:33 - 2020-03-28 20:33 - 000000000 ____D C:\WINDOWS\system32\CleanLog
2022-04-10 04:33 - 2020-03-21 09:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2022-04-10 04:33 - 2020-03-06 12:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-04-10 04:33 - 2020-03-04 19:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-04-10 04:33 - 2020-03-04 00:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.0
2022-04-10 04:33 - 2020-03-03 14:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-04-10 04:33 - 2020-03-01 04:42 - 000000000 ____D C:\WINDOWS\ShellNew
2022-04-10 04:33 - 2020-02-29 23:03 - 000000000 ____D C:\Program Files\Intel
2022-04-10 04:33 - 2019-12-07 18:18 - 000000000 ____D C:\WINDOWS\Setup
2022-04-10 04:33 - 2019-12-07 18:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-04-10 04:33 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-04-10 04:33 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\system32\spool
2022-04-10 04:33 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-04-10 04:33 - 2019-12-07 18:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-04-10 04:33 - 2019-03-19 13:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-04-10 04:33 - 2019-03-19 13:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-04-10 04:22 - 2020-02-29 21:09 - 000000000 ____D C:\WINDOWS\system32\Intel
2022-04-10 04:20 - 2020-04-29 14:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019
2022-04-10 04:04 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-04-10 04:03 - 2019-12-07 23:49 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-04-10 04:03 - 2019-12-07 23:49 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-04-10 04:03 - 2019-12-07 23:49 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-04-10 04:03 - 2019-12-07 23:49 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-04-10 04:03 - 2019-12-07 23:46 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2022-04-10 04:03 - 2019-12-07 23:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2022-04-10 04:03 - 2019-12-07 23:45 - 000000000 ____D C:\WINDOWS\en-GB
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\system32\Com
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\IME
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-04-10 04:03 - 2019-12-07 18:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-04-10 04:03 - 2019-12-07 18:03 - 000000000 ____D C:\WINDOWS\servicing
2022-04-10 03:58 - 2019-12-07 23:49 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2022-04-10 03:58 - 2019-12-07 23:49 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2022-04-10 03:03 - 2019-12-07 23:47 - 000000000 ____D C:\WINDOWS\OCR
2022-04-10 03:01 - 2019-12-07 23:45 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2022-04-10 03:01 - 2019-12-07 23:45 - 000000000 ____D C:\WINDOWS\system32\WCN
2022-04-10 02:55 - 2019-12-07 23:45 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2022-04-10 02:55 - 2019-12-07 23:45 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2022-04-10 02:55 - 2019-12-07 23:45 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2022-04-10 02:55 - 2019-12-07 23:45 - 000000000 ____D C:\WINDOWS\system32\winrm
2022-04-10 02:55 - 2019-12-07 23:45 - 000000000 ____D C:\WINDOWS\system32\slmgr
2022-04-10 02:55 - 2019-12-07 23:45 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2022-04-10 02:55 - 2019-12-07 18:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2022-04-10 02:55 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2022-04-10 02:55 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2022-04-09 21:39 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\appcompat
2022-04-09 20:42 - 2020-10-07 17:08 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-09 20:36 - 2019-12-07 18:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-04-09 20:35 - 2020-02-29 21:54 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2022-04-09 20:19 - 2020-02-29 21:22 - 000000000 ____D C:\ProgramData\Packages
2022-04-09 20:19 - 2019-12-07 18:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-09 20:17 - 2020-03-01 04:04 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-04-09 20:17 - 2020-03-01 04:04 - 000000000 ___RD C:\Users\Ganja\3D Objects
2022-04-09 20:11 - 2019-12-07 18:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-09 20:10 - 2019-12-07 18:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-04-09 20:09 - 2019-12-07 18:14 - 000000000 ____D C:\ProgramData\USOPrivate
2022-04-09 20:09 - 2019-12-07 18:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-04-09 19:58 - 2019-12-07 18:14 - 000000000 __RHD C:\Users\Public\Libraries
2022-04-09 19:48 - 2022-03-12 16:42 - 000000000 ____D C:\Users\Ganja\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Redfinger
2022-04-09 19:48 - 2020-03-04 19:25 - 000000000 ____D C:\Users\Ganja\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\WinRAR
2022-04-09 19:45 - 2020-05-19 00:00 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-04-09 19:44 - 2021-04-07 09:07 - 000001963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\SmartAudio.lnk
2022-04-09 19:43 - 2020-02-29 21:10 - 001705080 _____ (TODO: ) C:\WINDOWS\SysWOW64\RebootPrompt.exe
2022-04-09 15:54 - 2020-04-29 14:32 - 000000000 ____D C:\Program Files\dotnet
2022-04-09 15:43 - 2020-02-29 22:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-09 15:42 - 2020-02-29 22:19 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-09 15:41 - 2020-04-29 14:32 - 000000000 ____D C:\Program Files (x86)\dotnet
2022-04-09 15:38 - 2020-04-29 14:35 - 000000000 ____D C:\Users\Ganja.dotnet
2022-04-09 09:23 - 2020-02-29 23:02 - 000000000 ____D C:\Users\Ganja\AppData\Local\Intel
2022-03-18 08:34 - 2022-03-15 13:00 - 000000000 ____D C:\Program Files (x86)\TurboVPN
2022-03-18 08:34 - 2022-03-12 16:42 - 000000000 ____D C:\Program Files (x86)\RedFingerPlayerGlobal
2022-03-18 08:18 - 2020-02-29 22:54 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-03-17 23:35 - 2020-03-08 23:50 - 000000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2022-03-17 23:35 - 2020-03-08 23:49 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job

==================== Files in the root of some directories ========

2020-04-10 11:34 - 2020-04-10 11:34 - 003295616 _____ (Nicolas Coolman) C:\Users\Ganja\ZHPCleaner.exe
2021-12-15 22:17 - 2021-12-15 22:17 - 000000068 _____ () C:\Users\Ganja\AppData\Roaming\changzhi_leidian.da ta
2021-12-15 22:17 - 2021-12-15 22:17 - 000000154 _____ () C:\Users\Ganja\AppData\Roaming\changzhi_leidianmac .data
2020-05-02 22:47 - 2021-01-04 14:51 - 000001190 _____ () C:\Users\Ganja\AppData\Roaming_encryptiondb.grf
2020-03-08 11:10 - 2020-03-08 11:10 - 000000000 _____ () C:\Users\Ganja\AppData\Local\oobelibMkey.log
2020-03-15 19:56 - 2020-03-15 19:56 - 000007625 _____ () C:\Users\Ganja\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[HEADING=1]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-04-2022
Ran by Ganja (15-04-2022 23:01:25)
Running from C:\Users\Ganja\Desktop
Microsoft Windows 10 Pro Version 20H2 19042.1586 (X64) (2022-04-09 11:11:09)
Boot Mode: Normal[/HEADING]
==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3947486154-1424391867-2577238500-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3947486154-1424391867-2577238500-503 - Limited - Disabled)
Ganja (S-1-5-21-3947486154-1424391867-2577238500-1001 - Administrator - Enabled) => C:\Users\Ganja
Guest (S-1-5-21-3947486154-1424391867-2577238500-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3947486154-1424391867-2577238500-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 21.07 (x64) (HKLM...\7-Zip) (Version: 21.07 - Igor Pavlov)
AutoHotkey 1.1.33.10 (HKLM...\AutoHotkey) (Version: 1.1.33.10 - Lexikos)
BlueStacks 5 (HKLM...\BlueStacks_nxt) (Version: 5.6.110.1002 - BlueStack Systems, Inc.)
CCleaner (HKLM...\CCleaner) (Version: 5.92 - Piriform)
Cheat Engine 7.0 (HKLM...\Cheat Engine 7.0_is1) (Version: - Cheat Engine)
Conexant HD Audio (HKLM...\CNXT_AUDIO_HDA) (Version: 8.66.95.69 - Conexant)
Dropbox (HKLM-x32...\Dropbox) (Version: 146.4.4836 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32...{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.583.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32...\Google Chrome) (Version: 100.0.4896.88 - Google LLC)
Intel(R) Graphics Driver Software (HKLM-x32...{7d2bdb54-268a-4ce6-8063-a6cad97dba41}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32...{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7870 - Intel Corporation)
Microsoft .NET Core Runtime - 2.1.30 (x64) (HKLM-x32...{e6e5b73d-9aea-4a61-9110-4f93d1b9bc75}) (Version: 2.1.30.30411 - Microsoft Corporation)
Microsoft .NET Core SDK 3.1.417 (x64) (HKLM-x32...{544cc8ed-e21c-4242-ab28-a1e70824f769}) (Version: 3.1.417.15931 - Microsoft Corporation)
Microsoft ASP.NET Core 2.1.30 - Shared Framework (HKLM-x32...{614a1747-bef3-44e7-86a8-799e4d2ab88d}) (Version: 2.1.30.60071 - Microsoft Corporation)
Microsoft ASP.NET Core 3.1.23 - Shared Framework (x86) (HKLM-x32...{8956749b-efd9-463b-9bcf-697d196c0c8a}) (Version: 3.1.23.22123 - Microsoft Corporation)
Microsoft Excel 2010 (HKLM...\Office14.EXCEL) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM...{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM...{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM...{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32...{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32...{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM...{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32...{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32...{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32...{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32...{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32...{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32...{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32...{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.23 (x86) (HKLM-x32...{b8f5b50f-4b72-421e-ac78-130b4bce05d1}) (Version: 3.1.23.31022 - Microsoft Corporation)
NVIDIA Graphics Driver 445.87 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.87 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Realtek Ethernet Controller Driver (HKLM-x32...{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek)
Redfinger (HKLM-x32...\Redfinger) (Version: 1.1.6 - REDFINGER CLOUD PHONE)
SciTE4AutoHotkey v3.0.06.01 (HKLM-x32...\SciTE4AutoHotkey) (Version: v3.0.06.01 - fincs)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM...{90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM...{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
VLC media player (HKLM...\VLC media player) (Version: 3.0.16 - VideoLAN)
Windows PC Health Check (HKLM...{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32...{E6F877A1-2F65-4BF0-87B6-A4071B7663D3}) (Version: 10.1.0.0 - Microsoft Corporation)
WinRAR 6.11 (64-bit) (HKLM...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
[HEADING=1]Packages:[/HEADING]
Cortana → C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.2 1713.0_x64__8wekyb3d8bbwe [2022-04-15] (Microsoft Corporation)
Intel® Graphics Command Center → C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1. 100.3407.0_x64__8j3eq9eme6ctt [2022-04-15] (INTEL CORP) [Startup Task]
Microsoft Advertising SDK for XAML → C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x64__8wekyb3d8bbwe [2022-04-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML → C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x86__8wekyb3d8bbwe [2022-04-15] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel → C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8. 1.962.0_x64__56jybvy8sckqj [2022-04-15] (NVIDIA Corp.)
TradingView → C:\Program Files\WindowsApps\TradingView.Desktop_1.0.0.679_x6 4__r4b1km8ya33za [2022-04-15] (TradingView, Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3947486154-1424391867-2577238500-1001_Classes\CLSID{E31EA727-12ED-4702-820C-4B6445F28E1A} → [Dropbox] => C:\Users\Ganja\Dropbox [2020-03-09 13:25]
ShellIconOverlayIdentifiers: [ DropboxExt01] → {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-27] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] → {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-27] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] → {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-27] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] → {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-27] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] → {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-27] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] → {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-27] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] → {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-27] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] → {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-27] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] → {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-27] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] → {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-27] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] → {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-27] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] → {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-27] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] → {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-27] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] → {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-27] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] → {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-27] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] → {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-27] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] → {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-27] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] → {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-27] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] → {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-27] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] → {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-27] (Dropbox, Inc → Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] → {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-27] (Dropbox, Inc → Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] → {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nva mi.inf_amd64_036f20146ac187ce\nvshext.dll [2020-04-12] (NVIDIA Corporation → NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Ganja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Magic - Chrome.lnk → C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) → --profile-directory=“Profile 1”

==================== Loaded Modules (Whitelisted) =============

2022-04-13 03:39 - 2022-04-13 03:39 - 000372736 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Int erop.CxHef9fb4ae#\30f57cce70ec929b188c9eaff729162c \Interop.CxHDAudioAPILib.ni.dll
2022-04-13 03:39 - 2022-04-13 03:39 - 000018944 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Int erop.CxUtilSvcLib\ce440403c28b3000d9873a046cf032cc \Interop.CxUtilSvcLib.ni.dll
2022-04-09 19:43 - 2018-03-13 10:21 - 001173504 _____ (Conexant Systems, Inc.) [File not signed] [File is in use] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
2022-03-26 09:59 - 2022-03-31 18:24 - 042859520 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1. 100.3407.0_x64__8j3eq9eme6ctt\IGCC.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Office Document Cache Handler → {B4F3A835-0E21-4959-BA22-42B3008E02FF} → C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation → Microsoft Corporation)
BHO-x32: Office Document Cache Handler → {B4F3A835-0E21-4959-BA22-42B3008E02FF} → C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation → Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-04-12 21:30 - 2022-04-12 21:30 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\Control Panel\Desktop\Wallpaper → C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.43.193
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
[HEADING=1]Network Binding:[/HEADING]
Ethernet: SoftEther Lightweight Network Protocol → SeLow (enabled)
WiFi: SoftEther Lightweight Network Protocol → SeLow (enabled)
VPN - VPN Client: SoftEther Lightweight Network Protocol → SeLow (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: dbupdate => 3
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: DbxSvc => 3
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 3
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: QHActiveDefense =>
MSCONFIG\Services: QMEmulatorService => 2
MSCONFIG\Services: SEVPNCLIENT => 3
MSCONFIG\Services: SSUService => 2
MSCONFIG\Services: Steam Client Service => 3
HKLM...\StartupApproved\StartupFolder: => “SoftEther VPN Client Manager Startup.lnk”
HKLM...\StartupApproved\Run: => “SecurityHealth”
HKLM...\StartupApproved\Run: => “AdobeAAMUpdater-1.0”
HKLM...\StartupApproved\Run: => “AdobeGCInvoker-1.0”
HKLM...\StartupApproved\Run: => “iTunesHelper”
HKLM...\StartupApproved\Run: => “BCSSync”
HKLM...\StartupApproved\Run: => “SoftEther VPN Client UI Helper”
HKLM...\StartupApproved\Run32: => “RazerCortex”
HKLM...\StartupApproved\Run32: => “AdobeAAMUpdater-1.0”
HKLM...\StartupApproved\Run32: => “AdobeGCInvoker-1.0”
HKLM...\StartupApproved\Run32: => “Dropbox”
HKLM...\StartupApproved\Run32: => “SecurityHealth”
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001...\StartupApproved\Run: => “OneDrive”
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001...\StartupApproved\Run: => “Discord”
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001...\StartupApproved\Run: => “CCleaner Smart Cleaning”
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001...\StartupApproved\Run: => “IDMan”
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001...\StartupApproved\Run: => “Steam”
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001...\StartupApproved\Run: => “NoxMultiPlayer”

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{00DD2D5B-35AC-4505-8572-AA4C92765065}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC → Google LLC)
FirewallRules: [UDP Query User{CCA87CB5-4478-4120-A651-06E6B64D3D65}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC → Google LLC)

==================== Restore Points =========================

14-04-2022 17:30:02 Removed Apple Mobile Device Support
14-04-2022 17:32:29 Removed Apple Software Update
14-04-2022 18:05:00 Removed Ragnarok Online
14-04-2022 18:06:46 Removed VEGAS Pro 17.0
14-04-2022 21:44:20 Installed WinFlash
14-04-2022 21:46:41 Installed WinFlash
14-04-2022 21:52:06 Installed ASUS Live Update
14-04-2022 22:22:40 Installed ATK Package (ASUS Keyboard Hotkeys)
15-04-2022 18:39:02 Restore Operation
15-04-2022 21:45:24 O&O ShutUp10++

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================
[HEADING=1]Application errors:[/HEADING]
Error: (04/15/2022 10:40:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (04/15/2022 10:40:59 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (04/15/2022 10:40:58 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (04/15/2022 10:40:58 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (04/15/2022 09:14:55 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (04/15/2022 09:14:55 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (04/15/2022 07:44:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.

Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (04/15/2022 07:42:49 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {946aad4f-feab-4f6f-9172-80a6823a792a}
[HEADING=1]System errors:[/HEADING]
Error: (04/15/2022 10:45:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (04/15/2022 10:45:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

Error: (04/15/2022 10:43:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NcaSvc service depends on the iphlpsvc service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (04/15/2022 10:42:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The luafv service failed to start due to the following error:
This driver has been blocked from loading

Error: (04/15/2022 09:19:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (04/15/2022 09:19:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

Error: (04/15/2022 09:16:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NcaSvc service depends on the iphlpsvc service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (04/15/2022 09:16:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The luafv service failed to start due to the following error:
This driver has been blocked from loading

Windows Defender:
================Event[0]:

Date: 2022-04-15 19:16:20
Description:
Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Security intelligence version: 0.0.0.0;0.0.0.0
Engine version: 0.0.0.0

Date: 2022-04-14 22:24:37
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.363.366.0
Previous security intelligence Version: 1.363.357.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.19100.5
Previous Engine Version: 1.1.19100.5
Error code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, then try to start the program again. For information on installing updates, see Help and Support.

Date: 2022-04-14 22:24:37
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.363.366.0
Previous security intelligence Version: 1.363.357.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.19100.5
Previous Engine Version: 1.1.19100.5
Error code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, then try to start the program again. For information on installing updates, see Help and Support.

Date: 2022-04-14 19:06:03
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.363.323.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19100.5
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2022-04-14 04:27:10
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.363.225.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19100.5
Error code: 0x80070422
Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
[HEADING=1]CodeIntegrity:[/HEADING]
Date: 2022-04-15 22:55:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Win dows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverSto re\FileRepository\iigd_dch.inf_amd64_a086f01cc7be6 43a\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-04-15 19:26:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Win dows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. X456URK.301 08/15/2016
Motherboard: ASUSTeK COMPUTER INC. X456URK
Processor: Intel(R) Core™ i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 88%
Total physical RAM: 3979.05 MB
Available physical RAM: 440.32 MB
Total Virtual: 14555.05 MB
Available Virtual: 10789.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.88 GB) (Free:812.26 GB) NTFS

\?\Volume{4d0c3d92-e68c-430b-ac53-d00cb67eac7a}\ (Recovery) (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\?\Volume{78358102-0e79-4195-82a7-05244e9173ab}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

================================================== ========
Disk: 0 (Size: 931.5 GB) (Disk ID: AD01BAF4)

Partition: GPT.

==================== End of Addition.txt =======================

~ ZHPDiag v2022.4.15.25 By Nicolas Coolman (2022/04/15)
~ Run by Ganja (Administrator) (2022/04/15 23:10:28)
~ Assistance: https://forum.nicolascoolman.eu/
~ Blog: https://nicolascoolman.eu/
~ Facebook: ZHP
~ Certificate ZHPDiag: Legal
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\Ganja\Desktop\ZHPDiag.txt
~ Report: C:\Users\Ganja\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ System startup: Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 19042) =>.Microsoft Corporation

—\ Internet Browsers (2) - 0s
~ GCIE: Google Chrome v100.0.4896.88
~ MSIE: Internet Explorer v11.789.19041.0

—\ Windows Product Information (3) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : KO

—\ System protection software (1) - 4s
Windows Defender W10 (Activate) (Protection)

—\ System optimization software (1) - 4s
~ CCleaner v5.92 (Optimisation)

—\ Informations on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 142 Stepping 9, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4074.544 MB (33% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 831 GB (87%) free of 953 GB : OK =>.Disk Space

—\ Connection to the system mode (3) - 0s
~ Computer Name: DESKTOP-V4BFEG5
~ User Name: Ganja
~ Logged in as Administrator

—\ Enumeration of the disk units (1) - 0s
~ Drive C: has 831 GB free of 953 GB (System)

—\ State of the Windows Security Center (7) - 0s
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\policies\system] EnableLUA: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\Associations] Application: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

—\ Search Generic System Files (25) - 4s
[MD5.25C8B9AE873248CD98AB17539F5B1F15] - 10/04/2022 - (.Microsoft Corporation - Windows Explorer.) – C:\WINDOWS\Explorer.exe [4967688] =>.Microsoft®
[MD5.EF3179D498793BF4234F708D3BE28633] - 10/04/2022 - (.Microsoft Corporation - Windows host process (Rundll32).) – C:\WINDOWS\System32\rundll32.exe [71680] [Unsigned] =>.Microsoft Corporation
[MD5.FDA73105E744211CB0E28008882DAF21] - 10/04/2022 - (.Microsoft Corporation - Windows Start-Up Application.) – C:\WINDOWS\System32\Wininit.exe [427192] [Unsigned] =>.Microsoft Corporation
[MD5.11F7419009AF2874C4B0E4505D185D79] - 10/04/2022 - (.Microsoft Corporation - Internet Extensions for Win32.) – C:\WINDOWS\System32\wininet.dll [5038592] [Unsigned] =>.Microsoft Corporation
[MD5.FC7F68EE85A3AE64D6E58C2B2D673793] - 10/04/2022 - (.Microsoft Corporation - Windows Log-on Application.) – C:\WINDOWS\System32\Winlogon.exe [910336] [Unsigned] =>.Microsoft Corporation
[MD5.A01E533388EF4141854A72CB9F17B5BE] - 10/04/2022 - (.Microsoft Corporation - Software Licensing Library.) – C:\WINDOWS\System32\sppcomapi.dll [316416] [Unsigned] =>.Microsoft Corporation
[MD5.914AE33E90AF8D3C19ED7678D56B4977] - 10/04/2022 - (.Microsoft Corporation - DNS Client API DLL.) – C:\WINDOWS\System32\dnsapi.dll [820728] =>.Microsoft®
[MD5.1EAD098027CC4D0CD3A8DBE7FFA4D244] - 10/04/2022 - (.Microsoft Corporation - DNS Client API DLL.) – C:\WINDOWS\Syswow64\dnsapi.dll [581568] =>.Microsoft®
[MD5.CBD095290A7B0970D87AEB53A44D9018] - 10/04/2022 - (.Microsoft Corporation - Windows Update Agent.) – C:\WINDOWS\System32\wuaueng.dll [3403776] [Unsigned] =>.Microsoft Corporation
[MD5.E04072187F967B0041C994CCCDB9E101] - 10/04/2022 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) – C:\WINDOWS\System32\drivers\AFD.sys [651096] [Unsigned] =>.Microsoft Corporation
[MD5.AF0AA60DD36E4FA227F3C441B008336E] - 10/04/2022 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) – C:\WINDOWS\System32\drivers\atapi.sys [30032] [Unsigned] =>.Microsoft Corporation
[MD5.764FE2149251A246F6B047A0F09F5F0B] - 07/12/2019 - (.Microsoft Corporation - CD-ROM File System Driver.) – C:\WINDOWS\System32\drivers\Cdfs.sys [100864] [Unsigned] =>.Microsoft Corporation
[MD5.054ABC6C64AE969D033B7876C04D52B4] - 10/04/2022 - (.Microsoft Corporation - SCSI CD-ROM Driver.) – C:\WINDOWS\System32\drivers\Cdrom.sys [175616] [Unsigned] =>.Microsoft Corporation
[MD5.3D3CCAFC76E02403E2963A2CB45D61F7] - 10/04/2022 - (.Microsoft Corporation - DFS Namespace Client Driver.) – C:\WINDOWS\System32\drivers\DfsC.sys [152064] [Unsigned] =>.Microsoft Corporation
[MD5.4F39254C6E087D4789D2C3EBD3C7F744] - 10/04/2022 - (.Microsoft Corporation - High Definition Audio Bus Driver.) – C:\WINDOWS\System32\drivers\HDAudBus.sys [134656] [Unsigned] =>.Microsoft Corporation
[MD5.E4B36C6EAAAB703CBFECB92EE590FB31] - 07/12/2019 - (.Microsoft Corporation - i8042 Port Driver.) – C:\WINDOWS\System32\drivers\i8042prt.sys [118272] [Unsigned] =>.Microsoft Corporation
[MD5.F63572DF4295C78B3F7036AEDA878176] - 07/12/2019 - (.Microsoft Corporation - IP Network Address Translator.) – C:\WINDOWS\System32\drivers\IpNat.sys [225280] [Unsigned] =>.Microsoft Corporation
[MD5.570402953F29A5AC0FBD2715454DED89] - 10/04/2022 - (.Microsoft Corporation - Windows NT SMB Minirdr.) – C:\WINDOWS\System32\drivers\MRxSmb.sys [579432] [Unsigned] =>.Microsoft Corporation
[MD5.49F7DE6F689C47B64A2C2D46CD98E327] - 10/04/2022 - (.Microsoft Corporation - MBT Transport driver.) – C:\WINDOWS\System32\drivers\netBT.sys [341504] [Unsigned] =>.Microsoft Corporation
[MD5.69B5F6B8793F3E59B84D08A70BB1240C] - 10/04/2022 - (.Microsoft Corporation - NT File System Driver.) – C:\WINDOWS\System32\drivers\ntfs.sys [2851664] [Unsigned] =>.Microsoft Corporation
[MD5.138FDB1EBCB61287A645BD3B06DBED5E] - 07/12/2019 - (.Microsoft Corporation - Parallel Port Driver.) – C:\WINDOWS\System32\drivers\Parport.sys [109056] [Unsigned] =>.Microsoft Corporation
[MD5.40CBDB4B80284451536C8CA49561E5CD] - 10/04/2022 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) – C:\WINDOWS\System32\drivers\Rasl2tp.sys [110080] [Unsigned] =>.Microsoft Corporation
[MD5.64991B36F0BD38026F7589572C98E3D6] - 10/04/2022 - (.Microsoft Corporation - Microsoft RDP Device redirector.) – C:\WINDOWS\System32\drivers\rdpdr.sys [169984] [Unsigned] =>.Microsoft Corporation
[MD5.2A8B28579A4964AA7EA8CEB1AC121243] - 10/04/2022 - (.Microsoft Corporation - TDI Translation Driver.) – C:\WINDOWS\System32\drivers\tdx.sys [117584] [Unsigned] =>.Microsoft Corporation
[MD5.988A7A685BB51BAC62F4E176BE5432AC] - 10/04/2022 - (.Microsoft Corporation - Volume Shadow Copy driver.) – C:\WINDOWS\System32\drivers\volsnap.sys [429880] [Unsigned] =>.Microsoft Corporation

—\ No disabled Windows Services (58) - 3s
O23 - Service: C:\WINDOWS\System32\AudioEndpointBuilder.dll (AudioEndpointBuilder) . (.Microsoft Corporation - Windows Audio Endpoint Builder.) - C:\WINDOWS\System32\AudioEndpointBuilder.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\audiosrv.dll (Audiosrv) . (.Microsoft Corporation - Windows Audio Service.) - C:\WINDOWS\System32\Audiosrv.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\bfe.dll (BFE) . (.Microsoft Corporation - Base Filtering Engine.) - C:\WINDOWS\System32\bfe.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\system32\bisrv.dll (BrokerInfrastructure) . (.Microsoft Corporation - Process State Manager (PSM) Service.) - C:\WINDOWS\System32\psmsrv.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\cdpusersvc.dll (CDPUserSvc) . (.Microsoft Corporation - Microsoft (R) CDP User Components.) - C:\WINDOWS\System32\CDPUserSvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: Connected Devices Platform User Service_6104c (CDPUserSvc_6104c) . (.Microsoft Corporation - Host Process for Windows Services.) - C:\Windows\System32\svchost.exe =>.Microsoft®
O23 - Service: C:\Windows\System32\coremessaging.dll (CoreMessagingRegistrar) . (.Microsoft Corporation - Microsoft CoreMessaging Dll.) - C:\Windows\System32\coremessaging.dll =>.Microsoft®
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) . (.Intel Corporation - Intel HD Graphics Drivers for Windows(R).) - C:\Windows\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_a086f01cc7be643a\IntelCpHDCPSvc.ex e =>.Intel(R) pGFX 2020®
O23 - Service: C:\WINDOWS\System32\cryptsvc.dll (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) - C:\WINDOWS\System32\cryptsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) . (.Conexant Systems Inc. - Conexant Audio Message Service.) - C:\WINDOWS\system32\CxAudMsg64.exe [Unsigned] =>.Conexant Systems Inc.
O23 - Service: DbxSvc (DbxSvc) . (.Dropbox, Inc. - Dropbox Service.) - C:\WINDOWS\System32\DbxSvc.exe [Unsigned] =>.Dropbox, Inc.
O23 - Service: C:\WINDOWS\System32\umpnpmgr.dll (DeviceInstall) . (.Microsoft Corporation - User-mode Plug-and-Play Service.) - C:\WINDOWS\System32\umpnpmgr.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dhcpcore.dll (Dhcp) . (.Microsoft Corporation - DHCP Client Service.) - C:\Windows\System32\dhcpcore.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\dispbroker.desktop.dll (DispBrokerDesktopSvc) . (.Microsoft Corporation - Desktop Display Broker.) - C:\WINDOWS\System32\DispBroker.Desktop.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dnsapi.dll (Dnscache) . (.Microsoft Corporation - DNS Caching Resolver Service.) - C:\WINDOWS\System32\dnsrslvr.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\dusmsvc.dll (DusmSvc) . (.Microsoft Corporation - Data Usage Service.) - C:\WINDOWS\System32\dusmsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: ESIF Upper Framework Service (esifsvc) . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) - C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [Unsigned] =>.Intel Corporation
O23 - Service: C:\WINDOWS\System32\wevtsvc.dll (EventLog) . (.Microsoft Corporation - Event Logging Service.) - C:\WINDOWS\System32\wevtsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: @comres.dll,-2450 (EventSystem) . (.Microsoft Corporation - COM+.) - C:\Windows\System32\es.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\FntCache.dll (FontCache) . (.Microsoft Corporation - Windows Font Cache Service.) - C:\WINDOWS\System32\FntCache.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: @gpapi.dll,-112 (gpsvc) . (.Microsoft Corporation - Group Policy Client.) - C:\WINDOWS\System32\gpsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: ICEsoundService (ICEsoundService) . (.ICEpower A/S - ICEpower ICEsound APO service.) - C:\Windows\System32\DriverStore\FileRepository\x40 plmwa.inf_amd64_0fe274d0aafd5420\ICEsoundService64 .exe {0B9DE2343AC13F9FDF2BC2D7F3A6C200}. =>.ICEpower a/s
O23 - Service: Intel(R) Graphics Command Center Service (igccservice) . (.Intel Corporation - Intel® Graphics Command Center Service.) - C:\Windows\System32\DriverStore\FileRepository\igc c_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinSe rvice.exe =>.Intel(R) pGFX 2020®
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\DriverStore\FileRepository\cui _dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe =>.Intel(R) pGFX 2020®
O23 - Service: C:\WINDOWS\System32\ikeext.dll (IKEEXT) . (.Microsoft Corporation - IKE extension.) - C:\WINDOWS\System32\ikeext.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\srvsvc.dll (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) - C:\WINDOWS\System32\srvsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wkssvc.dll (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) - C:\WINDOWS\System32\wkssvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\system32\lsm.dll (LSM) . (.Microsoft Corporation - Local Session Manager Service.) - C:\WINDOWS\System32\lsm.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\FirewallAPI.dll (mpssvc) . (.Microsoft Corporation - Microsoft Protection Service.) - C:\WINDOWS\System32\mpssvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\nlasvc.dll (NlaSvc) . (.Microsoft Corporation - Network Location Awareness 2.) - C:\WINDOWS\System32\nlasvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\nsisvc.dll (nsi) . (.Microsoft Corporation - Network Store Interface RPC server.) - C:\WINDOWS\System32\nsisvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Windows\System32\DriverStore\FileRepository\nva mi.inf_amd64_036f20146ac187ce\Display.NvContainer\ NVDisplay.Container.exe =>.NVIDIA Corporation®
O23 - Service: C:\WINDOWS\System32\APHostRes.dll (OneSyncSvc) . (.Microsoft Corporation - Accounts Host Service.) - C:\WINDOWS\System32\APHostService.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: Sync Host_6104c (OneSyncSvc_6104c) . (.Microsoft Corporation - Host Process for Windows Services.) - C:\Windows\System32\svchost.exe =>.Microsoft®
O23 - Service: C:\WINDOWS\System32\umpo.dll (Power) . (.Microsoft Corporation - User-mode Power Service.) - C:\WINDOWS\System32\umpo.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\profsvc.dll (ProfSvc) . (.Microsoft Corporation - ProfSvc.) - C:\WINDOWS\System32\profsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\rasmans.dll (RasMan) . (.Microsoft Corporation - Remote Access Connection Manager.) - C:\WINDOWS\System32\rasmans.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\system32\RpcEpMap.dll (RpcEptMapper) . (.Microsoft Corporation - RPC Endpoint Mapper.) - C:\WINDOWS\System32\RpcEpMap.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: @combase.dll,-5010 (RpcSs) . (.Microsoft Corporation - Distributed COM Services.) - C:\WINDOWS\System32\rpcss.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: Conexant SmartAudio service (SAService) . (.Conexant Systems, Inc. - SmartAudio Service Application.) - C:\Windows\System32\SASrv.exe =>.Conexant Systems, Inc.®
O23 - Service: C:\WINDOWS\System32\schedsvc.dll (Schedule) . (.Microsoft Corporation - Task Scheduler Service.) - C:\WINDOWS\System32\schedsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\Sens.dll (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) - C:\WINDOWS\System32\sens.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\SgrmBroker.exe,-100 (SgrmBroker) . (.Microsoft Corporation - System Guard Runtime Monitor Broker Service.) - C:\WINDOWS\System32\SgrmBroker.exe [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\shsvcs.dll (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) - C:\Windows\System32\shsvcs.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\sppsvc.exe,-101 (sppsvc) . (.Microsoft Corporation - Microsoft Software Protection Platform Serv.) - C:\WINDOWS\System32\sppsvc.exe [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\StorSvc.dll (StorSvc) . (.Microsoft Corporation - Storage Services.) - C:\WINDOWS\System32\storsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\system32\SystemEventsBrokerServer.dll (SystemEventsBroker) . (.Microsoft Corporation - System Events Broker.) - C:\WINDOWS\System32\SystemEventsBrokerServer.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\themeservice.dll (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) - C:\WINDOWS\System32\themeservice.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\usermgr.dll (UserManager) . (.Microsoft Corporation - UserMgr.) - C:\WINDOWS\System32\usermgr.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wcmsvc.dll (Wcmsvc) . (.Microsoft Corporation - Windows Connection Manager Service DLL.) - C:\WINDOWS\System32\wcmsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wecsvc.dll (Wecsvc) . (.Microsoft Corporation - Event Collector Service.) - C:\WINDOWS\System32\wecsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) . (.Microsoft Corporation - Antimalware Service Executable.) - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe =>.Microsoft®
O23 - Service: C:\WINDOWS\System32\wbem\wmisvc.dll (Winmgmt) . (.Microsoft Corporation - WMI.) - C:\WINDOWS\System32\wbem\WMIsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wlansvc.dll (WlanSvc) . (.Microsoft Corporation - Windows WLAN AutoConfig Service DLL.) - C:\WINDOWS\System32\wlansvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wpnservice.dll (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) - C:\WINDOWS\System32\WpnService.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\WpnUserService.dll (WpnUserService) . (.Microsoft Corporation - Windows Push Notification User Service.) - C:\WINDOWS\System32\WpnUserService.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: Windows Push Notifications User Service_6104c (WpnUserService_6104c) . (.Microsoft Corporation - Host Process for Windows Services.) - C:\Windows\System32\svchost.exe =>.Microsoft®
O23 - Service: C:\WINDOWS\System32\wscsvc.dll (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) - C:\WINDOWS\System32\wscsvc.dll [Unsigned] =>.Microsoft Corporation

—\ Services not Microsoft (SR=Run, SS=Stop) (92) - 25s
SR - Boot [07/12/2019] [ 107320] (3ware) . (.LSI.) - C:\WINDOWS\System32\drivers\3ware.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 1135416] (ADP80XX) . (.PMC-Sierra.) - C:\WINDOWS\System32\drivers\ADP80XX.SYS =>.Microsoft®
SR - Disabl [09/10/2019] [ 3147344] Adobe Genuine Monitor Service (AGMService) . (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe =>.Adobe Inc.®
SR - Disabl [09/10/2019] [ 2914896] Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Inc.®
SR - Demand [07/12/2019] [ 18432] AMD GPIO Client Driver (amdgpio2) . (.Advanced Micro Devices, Inc.) - C:\WINDOWS\System32\drivers\amdgpio2.sys [Unsigned] =>.Advanced Micro Devices, Inc
SR - Demand [07/12/2019] [ 45568] AMD I2C Controller Service (amdi2c) . (.Advanced Micro Devices, Inc.) - C:\WINDOWS\System32\drivers\amdi2c.sys [Unsigned] =>.Advanced Micro Devices, Inc
SR - Boot [07/12/2019] [ 83256] (amdsata) . (.Advanced Micro Devices.) - C:\WINDOWS\System32\drivers\amdsata.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 259384] (amdsbs) . (.AMD Technologies Inc..) - C:\WINDOWS\System32\drivers\amdsbs.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 26936] (amdxata) . (.Advanced Micro Devices.) - C:\WINDOWS\System32\drivers\amdxata.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 131896] Adaptec SAS/SATA-II RAID S (arcsas) . (.PMC-Sierra, Inc..) - C:\WINDOWS\System32\drivers\arcsas.sys =>.Microsoft®
SR - Demand [24/04/2019] [ 108504] ASUS Touch Service (AsusPTPDrv) . (.ASUSTek COMPUTER INC..) - C:\WINDOWS\System32\drivers\AsusPTPFilter.sys =>.ASUSTek Computer Inc.®
SR - Disabl [31/01/2019] [ 415992] AtherosSvc (AtherosSvc) . (.Qualcomm Atheros.) - C:\WINDOWS\System32\drivers\AdminService.exe =>.Qualcomm Atheros®
SR - Demand [21/05/2019] [ 4322552] Qualcomm Extensible Wire (athr) . (.Qualcomm Atheros Communications, Inc..) - C:\WINDOWS\System32\drivers\athw10x.sys =>.Qualcomm Atheros®
SR - Boot [07/12/2019] [ 533816] QLogic Network Adapter VBD (b06bdrv) . (.QLogic Corporation.) - C:\WINDOWS\System32\drivers\bxvbda.sys =>.Microsoft®
SR - Demand [07/12/2019] [ 9728] bcmfn2 Service (bcmfn2) . (…) - C:\WINDOWS\System32\drivers\bcmfn2.sys [Unsigned] =>.Broadcom Corporation
SR - Auto [30/03/2022] [ 320728] BlueStacks Hypervisor_nxt (BlueStacksDrv_nxt) . (.Bluestack System Inc..) - C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys =>.Bluestack Systems, Inc®
SR - Demand [31/01/2019] [ 69368] BtFilter (BtFilter) . (.Qualcomm.) - C:\WINDOWS\System32\drivers\btfilter.sys =>.Qualcomm Atheros®
SR - Boot [07/12/2019] [ 319800] (cht4iscsi) . (.Chelsio Communications.) - C:\WINDOWS\System32\drivers\cht4sx64.sys =>.Microsoft®
SR - Demand [07/12/2019] [ 1853752] Chelsio Virtual Bus Driver (cht4vbd) . (.Chelsio Communications.) - C:\WINDOWS\System32\drivers\cht4vx64.sys =>.Microsoft®
SR - Demand [05/01/2021] [ 3463992] Conexant U (CnxtHdAudService) . (.Conexant Systems Inc..) - C:\WINDOWS\System32\drivers\CHDRT64.sys =>.Synaptics Incorporated®
SS - Demand [11/09/2020] [ 513264] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_a086f01cc7be643a\IntelCpHeciSvc.ex e =>.Intel(R) pGFX 2020®
SR - Auto [11/09/2020] [ 527600] Intel(R) Content Protection HDCP Service (cplspcon) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_a086f01cc7be643a\IntelCpHDCPSvc.ex e =>.Intel(R) pGFX 2020®
SR - Auto [20/10/2014] [ 207576] @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) . (.Conexant Systems Inc..) - C:\WINDOWS\system32\CxAudMsg64.exe =>.Conexant Systems, Inc.®
SR - Disabl [29/11/2021] [ 130320] Dropbox Update Service (dbupdate) (dbupdate) . (.Dropbox, Inc..) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe =>.Dropbox, Inc®
SR - Disabl [29/11/2021] [ 130320] Dropbox Update Service (dbupdatem) (dbupdatem) . (.Dropbox, Inc..) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe =>.Dropbox, Inc®
SR - Auto [12/04/2022] [ 45408] DbxSvc (DbxSvc) . (.Dropbox, Inc..) - C:\WINDOWS\System32\DbxSvc.exe =>.Dropbox, Inc®
SR - Demand [18/05/2016] [ 65088] (dptf_cpu) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\dptf_cpu.sys =>.Intel Corporation®
SR - Disabl [16/10/2019] [ 805488] EasyAntiCheat (EasyAntiCheat) . (.EasyAntiCheat Ltd.) - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe =>.EasyAntiCheat Oy®
SR - Boot [07/12/2019] [ 3418936] QLogic 10 Gigabit Ethernet Ada (ebdrv) . (.QLogic Corporation.) - C:\WINDOWS\System32\drivers\evbda.sys =>.Microsoft®
SR - Auto [19/05/2016] [ 1592064] ESIF Upper Framework Service (esifsvc) . (.Intel Corporation.) - C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe =>.Intel Corporation®
SR - Demand [19/05/2016] [ 343608] (esif_lf) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\esif_lf.sys =>.Intel Corporation®
SS - Demand [09/04/2022] [ 1591184] Google Chrome Elevation Service (GoogleChromeElevationServi (GoogleChromeElevationService) . (.Google LLC.) - C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.88\elev ation_service.exe =>.Google LLC®
SR - Disabl [29/02/2020] [ 156104] Google Update Service (gupdate) (gupdate) . (.Google LLC.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google LLC®
SR - Disabl [29/02/2020] [ 156104] Google Update Service (gupdatem) (gupdatem) . (.Google LLC.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google LLC®
SR - Demand [19/11/2020] [ 32696] ASUS Wireless Radio Control (HIDSwitch) . (.ASUS.) - C:\WINDOWS\System32\drivers\AsRadioControl.sys =>.ASUSTek Computer Inc.®
SR - Boot [07/12/2019] [ 64312] (HpSAMD) . (.Hewlett-Packard Company.) - C:\WINDOWS\System32\drivers\HpSAMD.sys =>.Microsoft®
SR - Demand [07/12/2019] [ 36352] Intel Serial IO GPIO Controlle (iagpio) . (.Intel(R) Corporation.) - C:\WINDOWS\System32\drivers\iagpio.sys [Unsigned] =>.Intel(R) Corporation
SR - Demand [07/12/2019] [ 91136] Intel(R) Serial IO I2C Host Cont (iai2c) . (.Intel(R) Corporation.) - C:\WINDOWS\System32\drivers\iai2c.sys [Unsigned] =>.Intel(R) Corporation
SR - Demand [07/12/2019] [ 79360] Intel(R) S (iaLPSS2i_GPIO2) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/12/2019] [ 93184] In (iaLPSS2i_GPIO2_BXT_P) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.s ys [Unsigned] =>.Intel Corporation
SR - Demand [07/12/2019] [ 112128] Intel( (iaLPSS2i_GPIO2_CNL) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/12/2019] [ 96256] Intel( (iaLPSS2i_GPIO2_GLK) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/12/2019] [ 171520] Intel(R) Seria (iaLPSS2i_I2C) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/12/2019] [ 175104] Intel( (iaLPSS2i_I2C_BXT_P) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/12/2019] [ 177152] Intel(R) S (iaLPSS2i_I2C_CNL) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/12/2019] [ 177664] Intel(R) S (iaLPSS2i_I2C_GLK) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/12/2019] [ 38128] Intel(R) Serial IO (iaLPSSi_GPIO) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys =>.Intel Corporation - Client Components Group®
SR - Demand [07/12/2019] [ 113152] Intel(R) Serial IO I (iaLPSSi_I2C) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [Unsigned] =>.Intel Corporation
SR - Boot [07/12/2019] [ 884752] Intel Chipset SATA RAI (iaStorAVC) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaStorAVC.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 412176] Intel RAID Controller Wi (iaStorV) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaStorV.sys =>.Microsoft®
SR - Demand [07/12/2019] [ 558904] Mellanox InfiniBand Bus/A (ibbus) . (.Mellanox.) - C:\WINDOWS\System32\drivers\ibbus.sys =>.Microsoft®
SR - Auto [05/01/2021] [ 817432] ICEsoundService (ICEsoundService) . (.ICEpower A/S.) - C:\Windows\System32\DriverStore\FileRepository\x40 plmwa.inf_amd64_0fe274d0aafd5420\ICEsoundService64 .exe {0B9DE2343AC13F9FDF2BC2D7F3A6C200}. =>.ICEpower a/s
SR - Auto [11/09/2020] [ 41200] Intel(R) Graphics Command Center Service (igccservice) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\igc c_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinSe rvice.exe =>.Intel(R) pGFX 2020®
SR - Demand [11/09/2020] [27076848] (igfx) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_a086f01cc7be643a\igdkmd64.sys =>.Intel(R) pGFX 2020®
SR - Auto [11/09/2020] [ 409328] Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\cui _dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe =>.Intel(R) pGFX 2020®
SR - Demand [11/09/2020] [ 349936] Intel(R) Display Audio (IntcDAud) . (.Intel(R) Corporation.) - C:\Windows\System32\DriverStore\FileRepository\int cdaud.inf_amd64_1b570d7b9a790b1a\IntcDAud.sys =>.Intel(R) pGFX 2020®
SR - Boot [07/12/2019] [ 172344] (ItSas35i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\ItSas35i.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 108856] (LSI_SAS) . (.LSI Corporation.) - C:\WINDOWS\System32\drivers\lsi_sas.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 124216] (LSI_SAS2i) . (.LSI Corporation.) - C:\WINDOWS\System32\drivers\lsi_sas2i.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 135992] (LSI_SAS3i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\lsi_sas3i.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 82744] (LSI_SSS) . (.LSI Corporation.) - C:\WINDOWS\System32\drivers\lsi_sss.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 59704] (megasas) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\megasas.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 81720] (megasas2i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\MegaSas2i.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 105480] (megasas35i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\megasas35i.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 575800] (megasr) . (.LSI Corporation, Inc..) - C:\WINDOWS\System32\drivers\megasr.sys =>.Microsoft®
SR - Demand [14/04/2016] [ 202848] Intel(R) Management Engine Interfac (MEIx64) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys =>.Intel(R) Embedded Subsystems and IP Blocks Group®
SR - Demand [07/12/2019] [ 1131320] Mellanox ConnectX Bus E (mlx4_bus) . (.Mellanox.) - C:\WINDOWS\System32\drivers\mlx4_bus.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 63800] (mvumis) . (.Marvell Semiconductor, Inc..) - C:\WINDOWS\System32\drivers\mvumis.sys =>.Microsoft®
SR - Demand [07/12/2019] [ 146232] NetworkDirect Service (ndfltr) . (.Mellanox.) - C:\WINDOWS\System32\drivers\ndfltr.sys =>.Microsoft®
SR - Demand [18/04/2020] [ 37824] VPN Client Device Driver (Neo_VPN) . (.SoftEther Corporation.) - C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys =>.SoftEther Corporation®
SR - Demand [10/01/2020] [ 23040] Apple Mobile Device Ethernet Service (Netaapl) . (.Apple Inc..) - C:\WINDOWS\System32\drivers\netaapl64.sys [Unsigned] =>.Apple Inc.
SS - Demand [00/00/0000] [ 0] nProtect GameGuard Service (npggsvc) . (…) - C:\Windows\System32\GameMon.des (.not file.) [Unsigned] =>.INCA Internet
SR - Auto [12/04/2020] [ 883088] NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nva mi.inf_amd64_036f20146ac187ce\Display.NvContainer\ NVDisplay.Container.exe =>.NVIDIA Corporation®
SR - Demand [12/04/2020] [23446760] (nvlddmkm) . (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nva mi.inf_amd64_036f20146ac187ce\nvlddmkm.sys =>.NVIDIA Corporation®
SR - Boot [07/12/2019] [ 150328] (nvraid) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvraid.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 166200] (nvstor) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvstor.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 58680] (percsas2i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\percsas2i.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 68408] (percsas3i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\percsas3i.sys =>.Microsoft®
SR - Demand [19/03/2020] [ 1162832] Realtek RT640 NT Driver (rt640x64) . (.Realtek.) - C:\WINDOWS\System32\drivers\rt640x64.sys =>.Realtek Semiconductor Corp.®
SR - Auto [27/10/2016] [ 416576] Conexant SmartAudio service (SAService) . (.Conexant Systems, Inc..) - C:\Windows\System32\SASrv.exe =>.Conexant Systems, Inc.®
SR - System [18/04/2020] [ 50624] SoftEther Lightweight Networ (SeLow) . (.SoftEther Corporation.) - C:\WINDOWS\System32\DRIVERS\SeLow_x64.sys =>.SoftEther Corporation®
SR - Boot [07/12/2019] [ 44856] (SiSRaid2) . (.Silicon Integrated Systems Corp..) - C:\WINDOWS\System32\drivers\SiSRaid2.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 81720] (SiSRaid4) . (.Silicon Integrated Systems.) - C:\WINDOWS\System32\drivers\sisraid4.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 209720] (SmartSAMD) . (.Microsemi Corportation.) - C:\WINDOWS\System32\drivers\SmartSAMD.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 31032] (stexstor) . (.Promise Technology, Inc..) - C:\WINDOWS\System32\drivers\stexstor.sys =>.Microsoft®
SR - Demand [02/12/2019] [ 31232] TAP-Win32 Adapter V9 (tap0901) . (.The OpenVPN Project.) - C:\WINDOWS\System32\drivers\tap0901.sys [Unsigned] =>.The OpenVPN Project
SR - Demand [29/06/2020] [ 812208] tesrsdt (tesrsdt) . (.TENCENT.) - C:\Windows\system32\drivers\tesrsdt.sys =>.Tencent Technology(Shenzhen) Company Limited®
SR - Demand [29/06/2020] [ 581912] UniSafe (UniSafe) . (.TENCENT.) - C:\Windows\system32\drivers\UniSafe.sys =>.Tencent Technology(Shenzhen) Company Limited®
SR - Boot [07/12/2019] [ 166712] (vsmraid) . (.VIA Technologies Inc.,Ltd.) - C:\WINDOWS\System32\drivers\vsmraid.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 305464] VIA StorX Storage RAID Co (VSTXRAID) . (.VIA Corporation.) - C:\WINDOWS\System32\drivers\vstxraid.sys =>.Microsoft®
SR - Demand [07/12/2019] [ 36152] WinMad Service (WinMad) . (.Mellanox.) - C:\WINDOWS\System32\drivers\winmad.sys =>.Microsoft®
SR - Demand [07/12/2019] [ 73016] WinVerbs Service (WinVerbs) . (.Mellanox.) - C:\WINDOWS\System32\drivers\winverbs.sys =>.Microsoft®

—\ Task Planned Automatically (Register) (16) - 12s
O38 - TASK: {21F74A47-3424-418E-A53B-4E2562C05ABA} [64Bits][\DropboxUpdateTaskMachineCore] - (.Dropbox, Inc. - Dropbox Update.) – C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320] =>.Dropbox, Inc.
O38 - TASK: {8B831FA3-91A3-4CA8-8115-CED07AB87029} [64Bits][\CCleaner Update] - (.Piriform - Piriform CCleaner emergency updater.) – C:\Program Files\CCleaner\CCUpdate.exe [684976] =>.Piriform
O38 - TASK: {A35BAD01-9115-4CE5-8E83-CE0363167108} [64Bits][\AdobeGCInvoker-1.0] - (.Adobe Systems, Incorporated - Adobe GC Invoker Utility.) – C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400] =>.Adobe Systems, Incorporated
O38 - TASK: {B40A30F0-F3F8-4F31-B890-EEC38512349B} [64Bits][\Microsoft\Windows\Conexant\SA2] - (.Conexant Systems, Inc. - SmartAudio CPL (32bit).) – C:\Program Files\CONEXANT\SAII\SACpl.exe [1832280] =>.Conexant Systems, Inc.
O38 - TASK: {C630BFDF-4B2F-4271-9B1F-2DB64E5A7F09} [64Bits][\BlueStacksHelper_nxt] - (.BlueStack Systems, Inc. - BlueStacks Helper.) – C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136] =>.BlueStack Systems, Inc.
O38 - TASK: {DC0F9DAF-1B83-45D9-AA91-B9C6BD78042B} [64Bits][\DropboxUpdateTaskMachineUA] - (.Dropbox, Inc. - Dropbox Update.) – C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320] =>.Dropbox, Inc.
O38 - TASK: {E8D71E94-B741-496F-BAFF-AFADFF2255A0} [64Bits][\Microsoft\Windows\Conexant\AFA] - (.Conexant Systems, Inc. - SmartAudio CPL (32bit).) – C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [1823232] =>.Conexant Systems, Inc.
O38 - TASK: {EF5C000F-603E-4C0E-B31C-A6C10E91FE43} [64Bits][\CCleanerSkipUAC - Ganja] - (.Piriform Software Ltd - CCleaner.) – C:\Program Files\CCleaner\CCleaner.exe [30836464] =>.Piriform Software Ltd
C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachine Core - (.Dropbox, Inc..) – C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [/c] =>.Dropbox, Inc.
C:\WINDOWS\System32\Tasks\CCleaner Update - (.Piriform.) – C:\Program Files\CCleaner\CCUpdate.exe =>.Piriform
C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0 - (.Adobe Systems, Incorporated.) – C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [-mode=scheduled] =>.Adobe Systems, Incorporated
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Conexa nt\SA2 - (.Conexant Systems, Inc..) – C:\Program Files\CONEXANT\SAII\SACpl.exe [/c ./c] =>.Conexant Systems, Inc.
C:\WINDOWS\System32\Tasks\BlueStacksHelper_nxt - (.BlueStack Systems, Inc..) – C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [-sr] =>.BlueStack Systems, Inc.
C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachine UA - (.Dropbox, Inc..) – C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [/ua ./ua] =>.Dropbox, Inc.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Conexa nt\AFA - (.Conexant Systems, Inc..) – C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [/uid:cAudioFilterAgent] =>.Conexant Systems, Inc.
C:\WINDOWS\System32\Tasks\CCleanerSkipUAC - Ganja - (.Piriform Software Ltd.) – C:\Program Files\CCleaner\CCleaner.exe [$(Arg0)] =>.Piriform Software Ltd

—\ Auto loading programs from Registry and folders (9) - 3s
O4 - HKLM..\Run: [SecurityHealth] . (.Microsoft Corporation - Windows Security notification icon.) – C:\WINDOWS\system32\SecurityHealthSystray.exe [Unsigned] =>.Microsoft Corporation
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) – C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe =>.Adobe Systems Incorporated®
O4 - HKLM..\Run: [AdobeGCInvoker-1.0] . (.Adobe Systems, Incorporated - Adobe GC Invoker Utility.) – C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe =>.Adobe Inc.®
O4 - HKLM..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) – C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft®
O4 - HKCU..\Run: [CCleaner Smart Cleaning] . (.Piriform Software Ltd - CCleaner.) – C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Software Ltd®
O4 - HKUS\S-1-5-19..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive (32 bit) Setup.) – C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-20..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive (32 bit) Setup.) – C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKLM..\Wow6432Node\Run: [Dropbox] . (.Dropbox, Inc. - Dropbox.) – C:\Program Files (x86)\Dropbox\Client\Dropbox.exe =>.Dropbox, Inc®
O4 - HKUS\S-1-5-21-3947486154-1424391867-2577238500-1001..\Run: [CCleaner Smart Cleaning] . (.Piriform Software Ltd - CCleaner.) – C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Software Ltd®

—\ Process running (34) - 6s
[MD5.B9B6CA44BB89F814084D04B7DCF85ED6] - (.Intel Corporation - Intel HD Graphics Drivers for Windows(R).) – C:\Windows\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_a086f01cc7be643a\IntelCpHDCPSvc.ex e [527600] [PID.1500] =>.Intel(R) pGFX 2020®
[MD5.5E7EA9CA8FBA5925C184BE86EC90D2C5] - (.Intel Corporation - IntelCpHeciSvc Executable.) – C:\Windows\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_a086f01cc7be643a\IntelCpHeciSvc.ex e [513264] [PID.1668] =>.Intel(R) pGFX 2020®
[MD5.FA982D3189B9D683D4EE8F814F11D992] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Windows\System32\DriverStore\FileRepository\nva mi.inf_amd64_036f20146ac187ce\Display.NvContainer\ NVDisplay.Container.exe [883088] [PID.1676] =>.NVIDIA Corporation®
[MD5.00FA87158A61EDD41D7DC71BF435A711] - (.Intel Corporation - igfxCUIService Module.) – C:\Windows\System32\DriverStore\FileRepository\cui _dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe [409328] [PID.2276] =>.Intel(R) pGFX 2020®
[MD5.FA982D3189B9D683D4EE8F814F11D992] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Windows\System32\DriverStore\FileRepository\nva mi.inf_amd64_036f20146ac187ce\Display.NvContainer\ NVDisplay.Container.exe [883088] [PID.2552] =>.NVIDIA Corporation®
[MD5.6BAD46883E1336C4C8D6A6EEB6304C00] - (.Dropbox, Inc. - Dropbox Service.) – C:\Windows\System32\DbxSvc.exe [45408] [PID.3496] [Unsigned] =>.Dropbox, Inc.
[MD5.320D14F293288A92A67FAE822624D3E7] - (.Intel Corporation - Intel® Graphics Command Center Service.) – C:\Windows\System32\DriverStore\FileRepository\igc c_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinSe rvice.exe [41200] [PID.3568] =>.Intel(R) pGFX 2020®
[MD5.8F6A6F22FF33DECBBC89F574CB54A2F3] - (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) – C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1592064] [PID.3576] [Unsigned] =>.Intel Corporation
[MD5.07F3534C07C5110E9A424C04634C4A8D] - (.Conexant Systems Inc. - Conexant Audio Message Service.) – C:\WINDOWS\system32\CxAudMsg64.exe [207576] [PID.3592] [Unsigned] =>.Conexant Systems Inc.
[MD5.6F3A5BDDFC17DD4A3E0F9F8AC809C5FD] - (.Conexant Systems, Inc. - SmartAudio Service Application.) – C:\Windows\System32\SASrv.exe [416576] [PID.3600] =>.Conexant Systems, Inc.®
[MD5.9881CA7CD8792905DDA7109613B5F055] - (.ICEpower A/S - ICEpower ICEsound APO service.) – C:\Windows\System32\DriverStore\FileRepository\x40 plmwa.inf_amd64_0fe274d0aafd5420\ICEsoundService64 .exe [817432] [PID.3620] {0B9DE2343AC13F9FDF2BC2D7F3A6C200}. =>.ICEpower a/s
[MD5.01DDF9BC7198C71B445ED89B8EDD660B] - (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) – C:\Windows\Temp\DPTF\esif_assist_64.exe [254184] [PID.4464] =>.Intel Corporation®
[MD5.8EE9FF6DC61DC96A69FF9DB0F3F30A98] - (.Intel Corporation - igfxEM Module.) – C:\Windows\System32\DriverStore\FileRepository\cui _dch.inf_amd64_b8e01d9e8716d2a7\igfxEM.exe [896752] [PID.1368] =>.Intel(R) pGFX 2020®
[MD5.5CDDF06A40E89358807A2B9506F064D9] - (…) – C:\Windows\SystemApps\Microsoft.Windows.StartMenuE xperienceHost_cw5n1h2txyewy\StartMenuExperienceHos t.exe [793416] [PID.2680] =>.Microsoft®
[MD5.D96679A3D3095F8C7392807803CF3F10] - (.Intel Corporation - IGCCTray.) – C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1. 100.3407.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSys Tray\IGCCTray.exe [356864] [PID.6596] [Unsigned] =>.Intel Corporation
[MD5.1DB4EE21CDF12711DA62D0361EFE33AB] - (.Intel Corporation - IGCC.) – C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1. 100.3407.0_x64__8j3eq9eme6ctt\IGCC.exe [20480] [PID.6832] [Unsigned] =>.Intel Corporation
[MD5.0D769AB9BF218DAC9B3E6D257B3BFAC2] - (.Conexant Systems, Inc. - Conexant High Definition Audio Filter Agent.) – C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent 64.exe [604496] [PID.7032] =>.Conexant Systems LLC®
[MD5.3892AD0CC7DC6564D98EA5894A709857] - (.Conexant Systems, Inc - SmartAudio.) – C:\Program Files\CONEXANT\SAII\SmartAudio.exe [1100112] [PID.2664] =>.Conexant Systems LLC®
[MD5.BCFA5D72AB9F48067167E169ED8A8215] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2596240] [PID.1784] =>.Google LLC®
[MD5.BCFA5D72AB9F48067167E169ED8A8215] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2596240] [PID.7132] =>.Google LLC®
[MD5.BCFA5D72AB9F48067167E169ED8A8215] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2596240] [PID.1240] =>.Google LLC®
[MD5.BCFA5D72AB9F48067167E169ED8A8215] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2596240] [PID.3176] =>.Google LLC®
[MD5.BCFA5D72AB9F48067167E169ED8A8215] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2596240] [PID.4400] =>.Google LLC®
[MD5.BCFA5D72AB9F48067167E169ED8A8215] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2596240] [PID.6304] =>.Google LLC®
[MD5.BCFA5D72AB9F48067167E169ED8A8215] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2596240] [PID.2040] =>.Google LLC®
[MD5.BCFA5D72AB9F48067167E169ED8A8215] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2596240] [PID.1012] =>.Google LLC®
[MD5.BCFA5D72AB9F48067167E169ED8A8215] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2596240] [PID.5104] =>.Google LLC®
[MD5.BCFA5D72AB9F48067167E169ED8A8215] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2596240] [PID.5232] =>.Google LLC®
[MD5.BCFA5D72AB9F48067167E169ED8A8215] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2596240] [PID.1144] =>.Google LLC®
[MD5.BCFA5D72AB9F48067167E169ED8A8215] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2596240] [PID.6356] =>.Google LLC®
[MD5.BCFA5D72AB9F48067167E169ED8A8215] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2596240] [PID.1056] =>.Google LLC®
[MD5.BCFA5D72AB9F48067167E169ED8A8215] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2596240] [PID.1224] =>.Google LLC®
[MD5.BCFA5D72AB9F48067167E169ED8A8215] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2596240] [PID.6288] =>.Google LLC®
[MD5.AD397F4A6B926C7E65FC9B4B59B4573E] - (.Nicolas Coolman - ZHPDiag.) – C:\Users\Ganja\ZHPDiag3.exe [3287240] [PID.6732] [Unsigned] =>.Nicolas Coolman

—\ Google Chrome, Start,Search,Extensions (3) - 0s
G2 - GCE: Preference [Ganja][User Data\Default\Extensions] [nmmhkkegccagdldgiimedpiccmgmieda] =>.Google Inc. {Wallet}
G2 - GCE: Preference [Ganja][User Data\Default\Local Extension Settings] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] =>.Google Inc. {Docs hors connexion}
G2 - GCE: Preference [Ganja][User Data\Default\Local Extension Settings] [glcimepnljoholdmjchkloafkggfoijh] =>.Legitimate

—\ Internet Explorer Extensions, Start, Search (15) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Browser.) (11.00.19041.1503 (WinBuild.160101.0800)) – C:\Windows\System32\ieframe.dll =>.Microsoft Corporation

—\ INTERNET EXPLORER, trusted site and sensitive site (1) - 0s
~ Microsoft Internet Explorer Restricted Site(s) Domains: 0(Good) / 0(Bad)

—\ Internet Explorer, Proxy Management (3) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyEnable = 0 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,MigrateProxy = 1 =>.Default.Value
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Para meters\Internet\ManualProxies =>.Microsoft

—\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=

—\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (1)

—\ Browser Helper Object (BHO) (1) - 0s
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) – C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL =>.Microsoft®

—\ Global shortcuts Startup (63) - 8s
O4 - GS\Desktop [Administrator]: BloonsTK.exe - Shortcut.lnk . (.ClassicTK - ClassicTK.) C:\Games\BloonsTK\BloonsTK.exe [Unsigned]
O4 - GS\Desktop [Administrator]: ESET Online Scanner.lnk . (…) C:\Users\Ganja\AppData\Local\ESET\ESETOnlineScanne r\ESETOnlineScanner.exe [Unsigned]
O4 - GS\Desktop [Administrator]: Redfinger.lnk . (…) C:\Program Files (x86)\RedFingerPlayerGlobal\RedFingerPlayerGlobal. exe [Unsigned]
O4 - GS\Desktop [Administrator]: RöX.lnk . (.BlueStack Systems - .) C:\Program Files (x86)\BlueStacks_nxt\HD-Player.exe --instance Nougat32 --cmd launchApp --package “com.play.rosea” [Unsigned] =>.BlueStack Systems
O4 - GS\Desktop [Administrator]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\Ganja\AppData\Roaming\ZHP\ZHPCleaner.exe [Unsigned] =>.Nicolas Coolman
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Ganja\ZHPDiag3.exe [Unsigned] =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\sendTo [Administrator]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - Transfers files between device.) C:\Windows\System32\fsquirt.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo [Unsigned] =>.Microsoft Corporation
O4 - GS\TaskBar [Administrator]: CCleaner.lnk . (.Piriform Software Ltd - .) C:\Program Files (x86)\CCleaner\CCleaner64.exe [Unsigned] =>.Piriform Software Ltd
O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\TaskBar [Administrator]: Microsoft Edge.lnk . (…) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --profile-directory=Default [Unsigned]
O4 - GS\TaskBar [Administrator]: x64dbg.lnk . (.x64dbg.com - x64dbg.) C:\debugger\release\x96dbg.exe {4E0B86EECF78E905EF7CA498D841EA16}. =>.x64dbg.com
O4 - GS\Programs [Administrator]: ESET Online Scanner.lnk . (…) C:\Users\Ganja\AppData\Local\ESET\ESETOnlineScanne r\ESETOnlineScanner.exe [Unsigned]
O4 - GS\Desktop [Ganja]: BloonsTK.exe - Shortcut.lnk . (.ClassicTK - ClassicTK.) C:\Games\BloonsTK\BloonsTK.exe [Unsigned]
O4 - GS\Desktop [Ganja]: ESET Online Scanner.lnk . (…) C:\Users\Ganja\AppData\Local\ESET\ESETOnlineScanne r\ESETOnlineScanner.exe [Unsigned]
O4 - GS\Desktop [Ganja]: Redfinger.lnk . (…) C:\Program Files (x86)\RedFingerPlayerGlobal\RedFingerPlayerGlobal. exe [Unsigned]
O4 - GS\Desktop [Ganja]: RöX.lnk . (.BlueStack Systems - .) C:\Program Files (x86)\BlueStacks_nxt\HD-Player.exe --instance Nougat32 --cmd launchApp --package “com.play.rosea” [Unsigned] =>.BlueStack Systems
O4 - GS\Desktop [Ganja]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\Ganja\AppData\Roaming\ZHP\ZHPCleaner.exe [Unsigned] =>.Nicolas Coolman
O4 - GS\Desktop [Ganja]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Ganja\ZHPDiag3.exe [Unsigned] =>.Nicolas Coolman
O4 - GS\Quicklaunch [Ganja]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\sendTo [Ganja]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - Transfers files between device.) C:\Windows\System32\fsquirt.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\sendTo [Ganja]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo [Unsigned] =>.Microsoft Corporation
O4 - GS\TaskBar [Ganja]: CCleaner.lnk . (.Piriform Software Ltd - .) C:\Program Files (x86)\CCleaner\CCleaner64.exe [Unsigned] =>.Piriform Software Ltd
O4 - GS\TaskBar [Ganja]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\TaskBar [Ganja]: Microsoft Edge.lnk . (…) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --profile-directory=Default [Unsigned]
O4 - GS\TaskBar [Ganja]: x64dbg.lnk . (.x64dbg.com - x64dbg.) C:\debugger\release\x96dbg.exe {4E0B86EECF78E905EF7CA498D841EA16}. =>.x64dbg.com
O4 - GS\Programs [Ganja]: ESET Online Scanner.lnk . (…) C:\Users\Ganja\AppData\Local\ESET\ESETOnlineScanne r\ESETOnlineScanner.exe [Unsigned]
O4 - GS\Desktop [Guest]: BloonsTK.exe - Shortcut.lnk . (.ClassicTK - ClassicTK.) C:\Games\BloonsTK\BloonsTK.exe [Unsigned]
O4 - GS\Desktop [Guest]: ESET Online Scanner.lnk . (…) C:\Users\Ganja\AppData\Local\ESET\ESETOnlineScanne r\ESETOnlineScanner.exe [Unsigned]
O4 - GS\Desktop [Guest]: Redfinger.lnk . (…) C:\Program Files (x86)\RedFingerPlayerGlobal\RedFingerPlayerGlobal. exe [Unsigned]
O4 - GS\Desktop [Guest]: RöX.lnk . (.BlueStack Systems - .) C:\Program Files (x86)\BlueStacks_nxt\HD-Player.exe --instance Nougat32 --cmd launchApp --package “com.play.rosea” [Unsigned] =>.BlueStack Systems
O4 - GS\Desktop [Guest]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\Ganja\AppData\Roaming\ZHP\ZHPCleaner.exe [Unsigned] =>.Nicolas Coolman
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Ganja\ZHPDiag3.exe [Unsigned] =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\sendTo [Guest]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - Transfers files between device.) C:\Windows\System32\fsquirt.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo [Unsigned] =>.Microsoft Corporation
O4 - GS\TaskBar [Guest]: CCleaner.lnk . (.Piriform Software Ltd - .) C:\Program Files (x86)\CCleaner\CCleaner64.exe [Unsigned] =>.Piriform Software Ltd
O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\TaskBar [Guest]: Microsoft Edge.lnk . (…) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --profile-directory=Default [Unsigned]
O4 - GS\TaskBar [Guest]: x64dbg.lnk . (.x64dbg.com - x64dbg.) C:\debugger\release\x96dbg.exe {4E0B86EECF78E905EF7CA498D841EA16}. =>.x64dbg.com
O4 - GS\Programs [Guest]: ESET Online Scanner.lnk . (…) C:\Users\Ganja\AppData\Local\ESET\ESETOnlineScanne r\ESETOnlineScanner.exe [Unsigned]
O4 - GS\CommonDesktop [Public]: Binance.lnk . (.BinanceTech - Binance.) C:\Program Files\Binance\Binance.exe =>.Binance Holdings Limited®
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Software Ltd - .) C:\Program Files (x86)\CCleaner\CCleaner64.exe [Unsigned] =>.Piriform Software Ltd
O4 - GS\Programs [Public]: ESET Online Scanner.lnk . (…) C:\Users\Ganja\AppData\Local\ESET\ESETOnlineScanne r\ESETOnlineScanner.exe [Unsigned]
O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft®
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\WINDOWS\system32\notepad.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\WINDOWS\system32\mspaint.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\WINDOWS\system32\quickassist.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\WINDOWS\system32\mstsc.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\WINDOWS\system32\SnippingTool.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Steps Recorder.) C:\WINDOWS\system32\psr.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 [Unsigned] =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\WINDOWS\system32\charmap.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Binance.lnk . (.BinanceTech - Binance.) C:\Program Files\Binance\Binance.exe =>.Binance Holdings Limited®
O4 - GS\ProgramsCommon [Public]: BlueStacks 5 Multi-Instance Manager.lnk . (.BlueStack Systems - BlueStacks 5 Multi-Instance Ma.) C:\Program Files (x86)\BlueStacks_nxt\HD-MultiInstanceManager.exe [Unsigned] =>.BlueStack Systems
O4 - GS\ProgramsCommon [Public]: BlueStacks 5.lnk . (.BlueStack Systems - BlueStacks 5.lnk.) C:\Program Files (x86)\BlueStacks_nxt\HD-Player.exe --instance Nougat32 [Unsigned] =>.BlueStack Systems
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\System32\Control.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: PC Health Check.lnk . (…) C:\Program Files (x86)\PCHealthCheck\PCHealthCheck.exe [Unsigned] =>.Microsoft Corporation

—\ Lop.com/Domain Hijackers (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.43.193 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip..{bff8e11e-7cb0-43cd-8ed2-84f8481e005d}: DhcpNameServer = 192.168.43.193 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip..{fc72d37d-562e-4e97-a7cf-ea1989188cd8}: DhcpNameServer = 192.168.1.1 =>.Local IP Adress

—\ Extra protocols (24) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\System32\MSVidCtl.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) – C:\Windows\System32\inetcomm.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) – C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft®
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) – C:\Windows\System32\tbauth.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\System32\MSVidCtl.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) – C:\Windows\System32\tbauth.dll [Unsigned] =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll [Unsigned] =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll [Unsigned] =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll [Unsigned] =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) – C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL =>.Microsoft Corporation®

—\ AppInit_DLLs Registry value Autorun (1) - 0s
O20 - Winlogon : UserInit . (.Microsoft Corporation - Userinit Log-on Application.) - C:\Windows\system32\userinit.exe =>.Microsoft Corporation

—\ List of key exploring StartupApproved (24) - 1s
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run]:OneDrive =>.Microsoft Corporation
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run]iscord =>.SUP.Discord
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run]:CCleaner Smart Cleaning =>.Piriform Ltd
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run]:IDMan =>.Tonec Inc
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run]:Steam =>.Valve
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run]:NoxMultiPlayer
[HKEY_USERS\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run]:OneDrive =>.Microsoft Corporation
[HKEY_USERS\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run]iscord =>.SUP.Discord
[HKEY_USERS\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run]:CCleaner Smart Cleaning =>.Piriform Ltd
[HKEY_USERS\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run]:IDMan =>.Tonec Inc
[HKEY_USERS\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run]:Steam =>.Valve
[HKEY_USERS\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run]:NoxMultiPlayer
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run]:SecurityHealth =>.Microsoft Corporation
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run]:AdobeAAMUpdater-1.0 =>.Adobe Inc.
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run]:AdobeGCInvoker-1.0
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run]:iTunesHelper =>.Apple Inc.
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run]:BCSSync =>.Microsoft Corporation
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run]:SoftEther VPN Client UI Helper
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run32]:RazerCortex =>.Razer Inc
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run32]:AdobeAAMUpdater-1.0 =>.Adobe Inc.
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run32]:AdobeGCInvoker-1.0
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run32]ropbox =>.Dropbox Inc.
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run32]:SecurityHealth =>.Microsoft Corporation
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\StartupFolder]:SoftEther VPN Client Manager Startup.lnk

—\ ASIC (ActiveSetup Installed Components) (6) - 1s
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Microsoft Windows Media Player Setup Utilit.) – C:\Windows\System32\unregmp2.exe [Unsigned] =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) – C:\Windows\System32\wmpdxm.dll [Unsigned] =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Microsoft Windows Media Player Setup Utilit.) – C:\Windows\System32\unregmp2.exe [Unsigned] =>.Microsoft Corporation
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialisation Utility.) – C:\Windows\System32\ie4uinit.exe [Unsigned] =>.Microsoft Corporation
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) – C:\Windows\System32\mscories.dll =>.Microsoft®
O40 - ASIC: Google Chrome [64Bits] - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google LLC - Google Chrome Installer.) – C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.88\Inst aller\chrmstp.exe =>.Google LLC®

—\ Software installed (178) - 29s
O42 - Logiciel: 7-Zip 21.07 (x64) - (.Igor Pavlov.) [HKLM][64Bits] – 7-Zip [Unsigned] =>.Igor Pavlov
O42 - Logiciel: AutoHotkey 1.1.33.10 - (.Lexikos.) [HKLM][64Bits] – AutoHotkey [Unsigned] =>.Lexikos
O42 - Logiciel: BlueStacks 5 - (.BlueStack Systems, Inc..) [HKLM][64Bits] – BlueStacks_nxt {0BB14E1AFFF5879B9717256081844B4E}. =>.BlueStack Systems, Inc.
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] – CCleaner =>.Piriform Software Ltd®
O42 - Logiciel: Cheat Engine 7.0 - (.Cheat Engine.) [HKLM][64Bits] – Cheat Engine 7.0_is1 =>.Cheat Engine®
O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM][64Bits] – CNXT_AUDIO_HDA =>.Conexant Systems LLC®
O42 - Logiciel: Definition Update for Microsoft Office 2010 (KB3115475) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{2F7967D2-535C-4D3A-AEE8-CC9C204E7586} =>.Microsoft Corporation®
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKLM][64Bits] – Dropbox =>.Dropbox, Inc®
O42 - Logiciel: Dropbox Update Helper - (.Dropbox, Inc..) [HKLM][64Bits] – {099218A5-A723-43DC-8DB5-6173656A1E94} [Unsigned] =>.Dropbox, Inc. (Hidden)
O42 - Logiciel: Google Chrome - (.Google LLC.) [HKLM][64Bits] – Google Chrome =>.Google LLC®
O42 - Logiciel: Intel(R) Graphics Driver Software - (.Intel.) [HKLM][64Bits] – {7d2bdb54-268a-4ce6-8063-a6cad97dba41} =>.IntelGfxReleaseExternal2020® (Hidden)
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] – {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel®
O42 - Logiciel: Microsoft .NET Core 3.1 Templates 3.1.417 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {24764607-7353-45A3-B41D-B0E27DFD9324} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Core AppHost Pack - 3.1.23 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {832FC239-AE54-4957-AFC3-67A723C2883C} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Core AppHost Pack - 3.1.23 (x64_arm) - (.Microsoft Corporation.) [HKLM][64Bits] – {643977DC-2D85-4198-B73B-D287098396F8} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Core AppHost Pack - 3.1.23 (x64_arm64) - (.Microsoft Corporation.) [HKLM][64Bits] – {B0D52F62-1A2D-4023-8799-E8554E7E913E} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Core AppHost Pack - 3.1.23 (x64_x86) - (.Microsoft Corporation.) [HKLM][64Bits] – {112516EB-23D5-4F3A-AD7B-3AB68DC30E72} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Core Host - 2.1.30 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {8FD66631-B964-4E12-92E1-A8A4CAD5D14C} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Core Host - 3.1.23 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {9C7A4D28-C2E1-4CA7-A1F3-603049ED2937} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Core Host - 3.1.23 (x86) - (.Microsoft Corporation.) [HKLM][64Bits] – {50C787F3-AD71-498F-96AE-748293C32704} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Core Host FX Resolver - 2.1.30 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {EB291DFA-DEDE-4355-98D9-17F95E91C437} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Core Host FX Resolver - 3.1.23 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {7FF9BE57-3115-4282-BC9A-7FAB77C27235} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Core Host FX Resolver - 3.1.23 (x86) - (.Microsoft Corporation.) [HKLM][64Bits] – {C3E7A321-C146-47B7-9E3B-706A21031272} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Core Runtime - 2.1.30 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {92A0517D-D5F9-4D8F-87F9-83ABC04240C2} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Core Runtime - 2.1.30 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {e6e5b73d-9aea-4a61-9110-4f93d1b9bc75} =>.Microsoft®
O42 - Logiciel: Microsoft .NET Core Runtime - 3.1.23 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {81EDF4A0-FC57-48C3-B26A-E90C2DC266CE} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Core Runtime - 3.1.23 (x86) - (.Microsoft Corporation.) [HKLM][64Bits] – {E40BC6AB-5820-4457-A2B9-2C628F8C7BFA} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Core SDK 3.1.417 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {544cc8ed-e21c-4242-ab28-a1e70824f769} =>.Microsoft®
O42 - Logiciel: Microsoft .NET Core Targeting Pack - 3.1.0 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {31EDE1E7-C855-4633-9D73-56F566136567} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Core Toolset 3.1.417 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {40E525F8-4526-456F-8B8F-D74A40D2D019} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Framework 4.8 SDK - (.Microsoft Corporation.) [HKLM][64Bits] – {949C0535-171C-480F-9CF4-D25C9E60FE88} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {A7036CFB-B403-4598-85FF-D397ABB88173} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft ASP.NET Core 2.1.30 - Shared Framework - (.Microsoft Corporation.) [HKLM][64Bits] – {614a1747-bef3-44e7-86a8-799e4d2ab88d} =>.Microsoft®
O42 - Logiciel: Microsoft ASP.NET Core 2.1.30 Shared Framework (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {3F0FA3FE-95FA-3B48-ABD1-46FB4DA4021E} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft ASP.NET Core 3.1.10 Targeting Pack (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {FEA48357-CE2F-3ED0-B2A0-8548BEC6F111} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft ASP.NET Core 3.1.23 - Shared Framework (x86) - (.Microsoft Corporation.) [HKLM][64Bits] – {8956749b-efd9-463b-9bcf-697d196c0c8a} =>.Microsoft®
O42 - Logiciel: Microsoft ASP.NET Core 3.1.23 Shared Framework (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {5673D71A-7C3A-3C2E-BF77-EA4890864EE4} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft ASP.NET Core 3.1.23 Shared Framework (x86) - (.Microsoft Corporation.) [HKLM][64Bits] – {BF9694C8-23BA-3602-991A-1008206AB753} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Excel 2010 - (.Microsoft Corporation.) [HKLM][64Bits] – Office14.EXCEL =>.Microsoft®
O42 - Logiciel: Microsoft Office Excel 2010 - (.Microsoft Corporation.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Office Excel MUI (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] – {90140000-0016-0409-1000-0000000FF1CE} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Office Office 32-bit Components 2010 - (.Microsoft Corporation.) [HKLM][64Bits] – {90140000-0043-0000-1000-0000000FF1CE} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Office Proof (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] – {90140000-001F-0409-1000-0000000FF1CE} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Office Proof (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] – {90140000-001F-040C-1000-0000000FF1CE} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Office Proof (Spanish) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] – {90140000-001F-0C0A-1000-0000000FF1CE} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Office Proofing (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] – {90140000-002C-0409-1000-0000000FF1CE} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Office Shared 32-bit MUI (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] – {90140000-0043-0409-1000-0000000FF1CE} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Office Shared MUI (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] – {90140000-006E-0409-1000-0000000FF1CE} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Office Shared Setup Metadata MUI (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] – {90140000-0115-0409-1000-0000000FF1CE} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Update Health Tools - (.Microsoft Corporation.) [HKLM][64Bits] – {7B1FCD52-8F6B-4F12-A143-361EA39F5E7C} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] – {710f4c1c-cc18-4c49-8cbf-51240c89a1a2} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] – {837b34e3-7c30-493c-8f6a-2b0f04e2912c} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {071c9b48-7c32-4621-a0ac-3f809523288f} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {ad8a2fa1-06e7-4b0d-927d-6e54b3d31028} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] – {8220EEFE-38CD-377E-8595-13398D740ACE} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM][64Bits] – {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] – {9A25302D-30C0-39D9-BD6F-21E6EC160475} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM][64Bits] – {9BE518E6-ECC6-35A9-88E4-87755C07200F} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] – {1D8E6291-B0D5-35EC-8441-6616F567A0F7} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] – {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {37B8F9C7-03FB-3253-8781-2517C99D7C00} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {B175520C-86A2-35A7-8619-86DC379688B9} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {BD95A8CD-1D9F-35AD-981A-3E7925026EBB} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 - (.Microsoft Corporation.) [HKLM][64Bits] – {050d4fc8-5d48-4b8f-8972-47c82c46020f} =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 - (.Microsoft Corporation.) [HKLM][64Bits] – {f65db027-aff3-4070-886a-0d87064aabb1} =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] – {929FBD26-9020-399B-9A7A-751D61F0B942} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] – {A749D8E6-B613-3BE3-8F5F-045C84EBA29B} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] – {F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] – {13A4EE12-23EA-3371-91EE-EFB36DDFFF3E} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 - (.Microsoft Corporation.) [HKLM][64Bits] – {6913e92a-b64e-41c9-a5e6-cef39207fe89} =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 - (.Microsoft Corporation.) [HKLM][64Bits] – {65e650ff-30be-469d-b63a-418d71ea1765} =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508 - (.Microsoft Corporation.) [HKLM][64Bits] – {7D0B74C2-C3F8-4AF1-940F-CD79AB4B2DCE} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508 - (.Microsoft Corporation.) [HKLM][64Bits] – {EEA66967-97E2-4561-A999-5C22E3CDE428} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2019 X86 Additional Runtime - 14.25.28508 - (.Microsoft Corporation.) [HKLM][64Bits] – {0FA68574-690B-4B00-89AA-B28946231449} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.25.28508 - (.Microsoft Corporation.) [HKLM][64Bits] – {2BC3BD4D-FABA-4394-93C7-9AC82A263FE2} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {9495AEB4-AB97-39DE-8C42-806EEF75ECA7} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – Microsoft Visual Studio 2010 Tools for Office Runtime (x64) =>.Microsoft®
O42 - Logiciel: Microsoft Windows Desktop Runtime - 3.1.23 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {4456FDE5-AAE9-4E03-9B34-0D9A476CEF5A} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Windows Desktop Runtime - 3.1.23 (x86) - (.Microsoft Corporation.) [HKLM][64Bits] – {32D405E8-E1B0-4E1D-BCFF-B9FE5AB15F7E} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Windows Desktop Runtime - 3.1.23 (x86) - (.Microsoft Corporation.) [HKLM][64Bits] – {b8f5b50f-4b72-421e-ac78-130b4bce05d1} =>.Microsoft®
O42 - Logiciel: Microsoft Windows Desktop Targeting Pack - 3.1.0 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {7519423C-A977-4160-83A2-48633600A216} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: MSVCRT Redists - (.MAGIX Computer Products Intl. Co..) [HKLM][64Bits] – {E83D6FA1-B27C-11E9-B0DB-A5146957F833} [Unsigned] =>.MAGIX Computer Products Intl. Co. (Hidden)
O42 - Logiciel: NVIDIA Graphics Driver 445.87 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver [Unsigned] =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA PhysX System Software 9.21.0713 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX [Unsigned] =>.NVIDIA Corporation
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] – {8833FFB6-5B0C-4764-81AA-06DFEED9A476} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Redfinger - (.REDFINGER CLOUD PHONE.) [HKLM][64Bits] – Redfinger [Unsigned]
O42 - Logiciel: SciTE4AutoHotkey v3.0.06.01 - (.fincs.) [HKLM][64Bits] – SciTE4AutoHotkey [Unsigned]
O42 - Logiciel: Security Update for Microsoft Access 2010 (KB4484385) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0043-0000-1000-0000000FF1CE}Office14.EXCEL{8BF74FCB-3035-4DFF-BB71-FC05B1714AE2} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Excel 2010 (KB3017810) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{29A8C5C7-8B7E-4175-97ED-D653E9FBCAD5} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Excel 2010 (KB3017810) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0409-1000-0000000FF1CE}Office14.EXCEL{F36EA81A-47DA-41E2-B81B-40A1FB8A2753} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Excel 2010 (KB3017810) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0043-0000-1000-0000000FF1CE}Office14.EXCEL{29A8C5C7-8B7E-4175-97ED-D653E9FBCAD5} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Excel 2010 (KB3017810) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0043-0409-1000-0000000FF1CE}Office14.EXCEL{F36EA81A-47DA-41E2-B81B-40A1FB8A2753} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft InfoPath 2010 (KB3114414) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0043-0000-1000-0000000FF1CE}Office14.EXCEL{B78E5386-2F91-4CB4-A8CF-F5582CF3C920} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2553313) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{A97FC79A-3344-410B-8E6B-95931B630C42} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2553313) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0043-0000-1000-0000000FF1CE}Office14.EXCEL{A97FC79A-3344-410B-8E6B-95931B630C42} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2553332) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{0CC3786B-BA15-44EA-9210-3C3B1545EB8B} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2553332) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0043-0000-1000-0000000FF1CE}Office14.EXCEL{0CC3786B-BA15-44EA-9210-3C3B1545EB8B} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2553491) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0409-1000-0000000FF1CE}Office14.EXCEL{FB2AE127-529A-4105-8836-3676B1D30FAB} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2589361) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{DBA66980-EE63-43AC-AFAC-A2420C199328} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{DEE523DB-C590-45D3-B658-73F93062D7B3} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2880971) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{C7B639A9-54A9-4B30-87AA-45BD4F06E1A6} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2920748) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{58C697C0-E8B1-4AF2-9352-292877352216} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2956076) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-006E-0409-1000-0000000FF1CE}Office14.EXCEL{2CE7AC23-5E40-43BD-8DA3-8D17677D8199} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB3114565) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{7DF0FA0F-0C50-4065-91BE-E890C68BD33D} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB3191908) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0043-0000-1000-0000000FF1CE}Office14.EXCEL{E6C29785-2909-4FAA-8A61-085F2F1D92A0} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB3203468) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-001F-0409-1000-0000000FF1CE}Office14.EXCEL{BABE5F32-A2B5-498E-BCB5-1325170A8F56} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB3203468) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-001F-040C-1000-0000000FF1CE}Office14.EXCEL{569742BC-C32F-4C9C-9B21-18409AFF9599} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB3203468) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-001F-0C0A-1000-0000000FF1CE}Office14.EXCEL{512A0E32-6C63-4C73-9C82-FC1B10668ED8} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB3213626) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-006E-0409-1000-0000000FF1CE}Office14.EXCEL{437ECECB-17E8-4AC7-AF9E-F8A4308BBCC8} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB3213631) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{6BE89FBA-5B21-4752-85A2-1DE104A9F5DD} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB4011610) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-006E-0409-1000-0000000FF1CE}Office14.EXCEL{C799AC81-98A1-49EF-AA41-46F4534FAE06} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB4022206) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{8692BFE2-0A72-4503-A687-5B96B0815E76} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB4022206) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-006E-0409-1000-0000000FF1CE}Office14.EXCEL{8692BFE2-0A72-4503-A687-5B96B0815E76} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB4022208) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{337BCB84-C6C1-48F9-8370-425383A667CB} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB4484455) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{1CB487A7-9FC0-42DF-A550-B80291521A3A} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB4493143) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{65C22C4A-7374-42B3-9215-6CA7CCA92CCE} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB4504738) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{6C7AE074-5411-4DB8-B9A3-8F7A6F046771} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB4504738) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0043-0000-1000-0000000FF1CE}Office14.EXCEL{6C7AE074-5411-4DB8-B9A3-8F7A6F046771} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB4504739) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{E4848FE8-F0C1-43A3-84E8-3205B25C7AB0} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft OneNote 2010 (KB3114885) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0043-0000-1000-0000000FF1CE}Office14.EXCEL{31243FE5-01D6-47AF-9A5E-6D021AA63358} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft PowerPoint 2010 (KB4504702) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0043-0000-1000-0000000FF1CE}Office14.EXCEL{3935073D-AED7-4467-B884-CAA9680F90AB} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Project 2010 (KB4484463) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0043-0000-1000-0000000FF1CE}Office14.EXCEL{46BA48B6-73B5-41AE-992B-5B073F035616} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Publisher 2010 (KB4032216) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0043-0000-1000-0000000FF1CE}Office14.EXCEL{3F276C56-7A71-4B02-9E30-C332785D34A3} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Visio 2010 (KB4484376) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0043-0000-1000-0000000FF1CE}Office14.EXCEL{B9582F02-1DFC-4E97-AAE5-FD4F08527C15} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Word 2010 (KB4493218) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0043-0000-1000-0000000FF1CE}Office14.EXCEL{565C3C1B-B400-4DB6-B58B-589C66433C23} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{A3364707-2F53-4C83-8F68-C9877A9080C7} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0409-1000-0000000FF1CE}Office14.EXCEL{C7BC6847-623D-4D8F-B87C-82215F0752BA} =>.Microsoft Corporation® (Hidden)
O42 - Logiciel: Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-001F-0409-1000-0000000FF1CE}Office14.EXCEL{C814F7D9-CE9D-45AA-BA7C-88BDD0E1EB7C} =>.Microsoft Corporation® (Hidden)
O42 - Logiciel: Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-001F-040C-1000-0000000FF1CE}Office14.EXCEL{77A8B979-11B0-4774-8003-574EE8A4BC22} =>.Microsoft Corporation® (Hidden)
O42 - Logiciel: Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-001F-0C0A-1000-0000000FF1CE}Office14.EXCEL{05916788-991E-417B-A8F3-77F90A2B8271} =>.Microsoft Corporation® (Hidden)
O42 - Logiciel: Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-002C-0409-1000-0000000FF1CE}Office14.EXCEL{D4D48631-AC28-4250-B882-C956555B0B1D} =>.Microsoft Corporation® (Hidden)
O42 - Logiciel: Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0043-0000-1000-0000000FF1CE}Office14.EXCEL{F3FAAB68-7697-4B1F-A23A-72312565AEAB} =>.Microsoft Corporation® (Hidden)
O42 - Logiciel: Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0043-0409-1000-0000000FF1CE}Office14.EXCEL{944EFCFD-823D-4C0A-9B01-CD76EEAEA1F3} =>.Microsoft Corporation® (Hidden)
O42 - Logiciel: Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-006E-0409-1000-0000000FF1CE}Office14.EXCEL{58B1AD3E-54D7-42DC-AF42-218AA7C1ED8B} =>.Microsoft Corporation® (Hidden)
O42 - Logiciel: Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0115-0409-1000-0000000FF1CE}Office14.EXCEL{58B1AD3E-54D7-42DC-AF42-218AA7C1ED8B} =>.Microsoft Corporation® (Hidden)
O42 - Logiciel: Update for Microsoft Filter Pack 2.0 (KB3114879) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{85483BCA-BCA1-4046-9673-53FAB79E6979} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{DB0B0CDF-77EC-47B0-94E2-4738573A1E58} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{8C0FFF5F-4CC1-48F5-9B3F-8DE7DA2E116F} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-006E-0409-1000-0000000FF1CE}Office14.EXCEL{8C0FFF5F-4CC1-48F5-9B3F-8DE7DA2E116F} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0409-1000-0000000FF1CE}Office14.EXCEL{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-001F-0409-1000-0000000FF1CE}Office14.EXCEL{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-001F-040C-1000-0000000FF1CE}Office14.EXCEL{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-001F-0C0A-1000-0000000FF1CE}Office14.EXCEL{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-002C-0409-1000-0000000FF1CE}Office14.EXCEL{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0043-0000-1000-0000000FF1CE}Office14.EXCEL{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0043-0409-1000-0000000FF1CE}Office14.EXCEL{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-006E-0409-1000-0000000FF1CE}Office14.EXCEL{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0115-0409-1000-0000000FF1CE}Office14.EXCEL{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB2553388) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{08E1BF53-B96E-4ADF-935F-A90F867E8F6B} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB2553388) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0043-0000-1000-0000000FF1CE}Office14.EXCEL{08E1BF53-B96E-4ADF-935F-A90F867E8F6B} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{79C725A1-3964-421C-A528-78C1C083C7C7} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB2589318) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{9466D7C3-A2C9-457A-8135-03F20F3268B4} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB2589339) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{C91587A2-1FEA-4F7B-BBC5-4D8914E8C0D3} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{EBD18DE5-BC84-4B57-9A30-097044871F9A} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{4AD36582-256B-433D-8593-F31773A15CA4} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0043-0000-1000-0000000FF1CE}Office14.EXCEL{4AD36582-256B-433D-8593-F31773A15CA4} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB2881030) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{F1B89D7E-298C-49C3-A136-9962C9123CB7} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB2883019) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{956B3213-0246-42A8-A6FE-3EF7DC6E66A9} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB3054873) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{75A4ACD6-A407-41B3-8889-8AB7862A9D9D} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB3054886) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{4F55B2F9-E491-4630-A994-2F37D1AB3A77} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB3054886) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0043-0000-1000-0000000FF1CE}Office14.EXCEL{4F55B2F9-E491-4630-A994-2F37D1AB3A77} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB3055047) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{4BC0A78F-012B-47BF-80E8-963D44286558} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB4092436) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{8539273B-603A-4939-AC68-206447EB9536} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB4461579) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{D7C90ED7-E184-4423-B3FC-F3AA7BB856E0} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB4461579) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0043-0000-1000-0000000FF1CE}Office14.EXCEL{D7C90ED7-E184-4423-B3FC-F3AA7BB856E0} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB4461626) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{6E14E5FA-BB3A-4583-B77E-87284B73AD16} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2010 (KB4462172) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0016-0000-1000-0000000FF1CE}Office14.EXCEL{ED7A5337-C4D3-455F-8B84-E90FB9605977} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] – {90140000-0043-0000-1000-0000000FF1CE}Office14.EXCEL{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D} =>.Microsoft Corporation®
O42 - Logiciel: Update for Windows 10 for x64-based Systems (KB5001716) - (.Microsoft Corporation.) [HKLM][64Bits] – {82BD0A1C-815F-487F-9AE7-CE73DA413CFF} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] – VLC media player [Unsigned] =>.VideoLAN
O42 - Logiciel: Windows PC Health Check - (.Microsoft Corporation.) [HKLM][64Bits] – {B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Windows SDK AddOn - (.Microsoft Corporation.) [HKLM][64Bits] – {E6F877A1-2F65-4BF0-87B6-A4071B7663D3} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: WinRAR 6.11 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] – WinRAR archiver =>.win.rar GmbH®

—\ HKCU & HKLM Software Keys (187) - 29s
HKLM\SOFTWARE\7-Zip =>.Igor Pavlov
HKLM\SOFTWARE\Adobe =>.Adobe
HKLM\SOFTWARE\AGEIA Technologies =>.AGEIA Technologies
HKLM\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKLM\SOFTWARE\Atheros =>.Qualcomm Atheros
HKLM\SOFTWARE\AutoHotkey =>.AutoHotkey
HKLM\SOFTWARE\BANDISOFT =>.Bandisoft
HKLM\SOFTWARE\Binance =>.Binance
HKLM\SOFTWARE\BlueStacksInstaller =>.BlueStack Systems, Inc.
HKLM\SOFTWARE\BlueStacks_nxt
HKLM\SOFTWARE\Conexant =>.Conexant Systems, Inc.
HKLM\SOFTWARE\CVSM =>.Legitimate
HKLM\SOFTWARE\DefaultUserEnvironment =>.Microsoft Corporation
HKLM\SOFTWARE\dotnet
HKLM\SOFTWARE\ej-technologies =>.ej-technologies
HKLM\SOFTWARE\Google =>.Google
HKLM\SOFTWARE\ICEpower =>.ICEpower
HKLM\SOFTWARE\InstalledOptions =>.Installed Options
HKLM\SOFTWARE\Intel =>.Intel
HKLM\SOFTWARE\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\Khronos =>.Khronos
HKLM\SOFTWARE\Malwarebytes =>.Malwarebytes
HKLM\SOFTWARE\Mozilla =>.Mozilla
HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\Nahimic =>.Nahimic
HKLM\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\OEM =>.OEM
HKLM\SOFTWARE\OpenSSH =>.OpenBSD
HKLM\SOFTWARE\Partner =>.Google Inc.
HKLM\SOFTWARE\Patch My PC =>.Justin Chalfant
HKLM\SOFTWARE\Piriform =>.Piriform
HKLM\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKLM\SOFTWARE\RTLSetup =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\SoftEther Project =>.SoftEther Project
HKLM\SOFTWARE\TrendMicro =>.TrendMicro
HKLM\SOFTWARE\UIU =>.Legitimate
HKLM\SOFTWARE\UIUTask
HKLM\SOFTWARE\VideoLAN =>.VideoLan Team
HKLM\SOFTWARE\Windows =>.Microsoft Corporation
HKLM\SOFTWARE\WinRAR =>.WinRAR
HKLM\SOFTWARE\WOW6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\360DocProtect
HKLM\SOFTWARE\WOW6432Node\Adobe =>.Adobe
HKLM\SOFTWARE\WOW6432Node\Adware Removal Tool by TSA =>.TSA Softwares
HKLM\SOFTWARE\WOW6432Node\AGEIA Technologies =>.AGEIA Technologies
HKLM\SOFTWARE\WOW6432Node\Apple Inc. =>.Apple Inc.
HKLM\SOFTWARE\WOW6432Node\CDDB =>.Cddb Software
HKLM\SOFTWARE\WOW6432Node\Conexant =>.Conexant Systems, Inc.
HKLM\SOFTWARE\WOW6432Node\dotnet
HKLM\SOFTWARE\WOW6432Node\Dropbox =>.Dropbox
HKLM\SOFTWARE\WOW6432Node\DropboxUpdate =>.Dropbox Inc.
HKLM\SOFTWARE\WOW6432Node\EasyAntiCheat =>.EasyAntiCheat
HKLM\SOFTWARE\WOW6432Node\Eset =>.ESET
HKLM\SOFTWARE\WOW6432Node\Google =>.Google
HKLM\SOFTWARE\WOW6432Node\Gravity Soft =>.Gravity Soft
HKLM\SOFTWARE\WOW6432Node\Intel =>.Intel
HKLM\SOFTWARE\WOW6432Node\Khronos =>.Khronos
HKLM\SOFTWARE\WOW6432Node\kpzs
HKLM\SOFTWARE\WOW6432Node\Magix =>.MAGIX_Software_GmbH
HKLM\SOFTWARE\WOW6432Node\Malwarebytes =>.Malwarebytes
HKLM\SOFTWARE\WOW6432Node\Mozilla =>.Mozilla
HKLM\SOFTWARE\WOW6432Node\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\WOW6432Node\NemuServer
HKLM\SOFTWARE\WOW6432Node\Nexon =>.Nexon
HKLM\SOFTWARE\WOW6432Node\NVIDIA Corporation =>.nVidia Corporation
HKLM\SOFTWARE\WOW6432Node\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\WOW6432Node\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\WOW6432Node\SciTE4AutoHotkey =>.AutoHotkey
HKLM\SOFTWARE\WOW6432Node\SoftEther Project =>.SoftEther Project
HKLM\SOFTWARE\WOW6432Node\Sony Creative Software =>.Sony Creative Software
HKLM\SOFTWARE\WOW6432Node\Tencent =>.Tencent
HKLM\SOFTWARE\WOW6432Node\TrendMicro =>.TrendMicro
HKLM\SOFTWARE\WOW6432Node\Valve =>.Valve
HKLM\SOFTWARE\WOW6432Node\WOW6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\7-Zip =>.Igor Pavlov
HKCU\SOFTWARE\Adobe =>.Adobe
HKCU\SOFTWARE\Apowersoft =>.Apowersoft
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc. =>.Apple Inc.
HKCU\SOFTWARE\AutoHotkey =>.AutoHotkey
HKCU\SOFTWARE\AvastAdSDK =>.Avast Software s.r.o
HKCU\SOFTWARE\BlueStacksInstaller =>.BlueStack Systems, Inc.
HKCU\SOFTWARE\Browedit
HKCU\SOFTWARE\Cheat Engine =>.Dark Byte
HKCU\SOFTWARE\Chromium =>.Chromium
HKCU\SOFTWARE\ClassicTK
HKCU\SOFTWARE\CocCoc =>.Legitimate
HKCU\SOFTWARE\Conexant =>.Conexant Systems, Inc.
HKCU\SOFTWARE\DirectShow =>.Microsoft Corporation
HKCU\SOFTWARE\Dropbox =>.Dropbox
HKCU\SOFTWARE\DropboxUpdate =>.Dropbox Inc.
HKCU\SOFTWARE\DuoDianApp =>.DuoDianApp
HKCU\SOFTWARE\ej-technologies =>.ej-technologies
HKCU\SOFTWARE\ESET =>.ESET
HKCU\SOFTWARE\Geek Uninstaller =>.Geek Uninstaller
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\Gravity =>.Gravity
HKCU\SOFTWARE\Hex-Rays
HKCU\SOFTWARE\INCAInternet =>.INCAInternet
HKCU\SOFTWARE\Intel =>.Intel
HKCU\SOFTWARE\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\KRU
HKCU\SOFTWARE\LINE Games Corporation
HKCU\SOFTWARE\Magix =>.MAGIX_Software_GmbH
HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\Nexon =>.Nexon
HKCU\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\Piriform =>.Piriform
HKCU\SOFTWARE\QtProject =>.QtProject
HKCU\SOFTWARE\RedFingerPlayerGlobal
HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\SoftEther Project =>.SoftEther Project
HKCU\SOFTWARE\Sony Creative Software =>.Sony Creative Software
HKCU\SOFTWARE\TEAM R2R =>.TEAM R2R
HKCU\SOFTWARE\Tencent =>.Tencent
HKCU\SOFTWARE\University of Tsukuba =>.University of Tsukuba
HKCU\SOFTWARE\Valve =>.Valve
HKCU\SOFTWARE\WinRAR =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\XuanZhi
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
HKU.DEFAULT\SOFTWARE\Apple Inc. =>.Apple Inc.
HKU.DEFAULT\SOFTWARE\Conexant =>.Conexant Systems, Inc.
HKU.DEFAULT\SOFTWARE\Dropbox =>.Dropbox
HKU.DEFAULT\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKU.DEFAULT\SOFTWARE\Piriform =>.Piriform
HKU.DEFAULT\SOFTWARE\Razer =>.Razer
HKU.DEFAULT\SOFTWARE\Splashtop Inc. =>.Splashtop Inc.
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\7-Zip =>.Igor Pavlov
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Adobe =>.Adobe
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Apowersoft =>.Apowersoft
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Apple Inc. =>.Apple Inc.
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\AutoHotkey =>.AutoHotkey
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\AvastAdSDK =>.Avast Software s.r.o
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\BlueStacksInstaller =>.BlueStack Systems, Inc.
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Browedit
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Cheat Engine =>.Dark Byte
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Chromium =>.Chromium
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\ClassicTK
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\CocCoc =>.Legitimate
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Conexant =>.Conexant Systems, Inc.
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\DirectShow =>.Microsoft Corporation
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Dropbox =>.Dropbox
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\DropboxUpdate =>.Dropbox Inc.
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\DuoDianApp =>.DuoDianApp
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\ej-technologies =>.ej-technologies
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\ESET =>.ESET
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Geek Uninstaller =>.Geek Uninstaller
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Google =>.Google
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Gravity =>.Gravity
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Hex-Rays
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\INCAInternet =>.INCAInternet
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Intel =>.Intel
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\JavaSoft =>.JavaSoft
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\KRU
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\LINE Games Corporation
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Magix =>.MAGIX_Software_GmbH
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Mozilla =>.Mozilla
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Netscape =>.Netscape
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Nexon =>.Nexon
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Piriform =>.Piriform
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\QtProject =>.QtProject
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\RedFingerPlayerGlobal
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\SoftEther Project =>.SoftEther Project
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Sony Creative Software =>.Sony Creative Software
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\TEAM R2R =>.TEAM R2R
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Tencent =>.Tencent
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\University of Tsukuba =>.University of Tsukuba
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Valve =>.Valve
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\WinRAR =>.WinRAR
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\WinRAR SFX =>.RarLab
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\XuanZhi
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\ZHP =>.Nicolas Coolman

—\ Packages (5) - 0s
C:\Program Files (x86)\WindowsApps\MicrosoftWindows.UndockedDevKit_ 10.0.19041.1023_neutral_neutral_cw5n1h2txyewy - (.Microsoft Corporation.) [UDK Package] =>Microsoft Corporation
C:\Program Files (x86)\WindowsApps\NcsiUwpApp_1000.19041.1023.0_neu tral_neutral_8wekyb3d8bbwe - (.Microsoft.) [NcsiUwpApp] =>Microsoft
C:\Program Files (x86)\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8. 1.961.0_x64__56jybvy8sckqj - (.nVidia Corporation.) [NVIDIA Control Panel] =>nVidia Corporation
C:\Program Files (x86)\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8. 1.962.0_x64__56jybvy8sckqj - (.nVidia Corporation.) [NVIDIA Control Panel] =>nVidia Corporation
C:\Program Files (x86)\WindowsApps\TradingView.Desktop_1.0.0.679_x6 4__r4b1km8ya33za - (..) [TradingView]

—\ Contents of the Common Files folders (261) - 17s
O43 - CFD: 03/03/2020 - D – C:\Program Files\7-Zip =>.Igor Pavlov
O43 - CFD: 02/03/2020 - D – C:\Program Files\AutoHotkey =>.Chicony Multimedia
O43 - CFD: 13/04/2021 - D – C:\Program Files\Binance =>.Binance Holdings Limited®
O43 - CFD: 15/04/2022 - D – C:\Program Files\BlueStacks_nxt {02DC76C15066F447336766D85A04AF37}.
O43 - CFD: 15/04/2022 - D – C:\Program Files\CCleaner =>.Piriform Ltd
O43 - CFD: 14/04/2022 - D – C:\Program Files\Cheat Engine 7.0 =>.Dark Byte
O43 - CFD: 14/04/2022 - D – C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 15/04/2022 - D – C:\Program Files\CONEXANT =>.Conexant Systems, Inc.
O43 - CFD: 09/04/2022 - D – C:\Program Files\dotnet =>.Microsoft®
O43 - CFD: 14/04/2022 - D – C:\Program Files\Google =>.Google
O43 - CFD: 10/04/2022 - D – C:\Program Files\Intel =>.Intel Corporation
O43 - CFD: 10/04/2022 - D – C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 21/03/2020 - D – C:\Program Files\Microsoft Analysis Services =>.Microsoft Corporation
O43 - CFD: 21/03/2020 - D – C:\Program Files\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 21/03/2020 - D – C:\Program Files\Microsoft SQL Server Compact Edition =>.Microsoft Corporation
O43 - CFD: 21/03/2020 - D – C:\Program Files\Microsoft Synchronization Services =>.Microsoft Corporation
O43 - CFD: 09/04/2022 - D – C:\Program Files\Microsoft Update Health Tools =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [0] D – C:\Program Files\ModifiableWindowsApps =>.Microsoft Corporation
O43 - CFD: 10/04/2022 - D – C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 09/04/2022 - D – C:\Program Files\MuMu
O43 - CFD: 14/04/2022 - [0] D – C:\Program Files\NemuVbox
O43 - CFD: 18/05/2020 - D – C:\Program Files\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 09/04/2022 - D – C:\Program Files\PCHealthCheck =>.Microsoft®
O43 - CFD: 10/04/2022 - D – C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 09/04/2022 - D – C:\Program Files\ruxim =>.Microsoft®
O43 - CFD: 14/03/2022 - D – C:\Program Files\SoftEther VPN Client =>.SoftEther
O43 - CFD: 01/03/2020 - [0] HD – C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 10/04/2022 - D – C:\Program Files\UNP =>.Microsoft Corporation
O43 - CFD: 16/02/2021 - D – C:\Program Files\VideoLAN =>.VideoLan Team
O43 - CFD: 09/04/2022 - D – C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 10/04/2022 - D – C:\Program Files\Windows Defender Advanced Threat Protection =>.Microsoft Corporation
O43 - CFD: 10/04/2022 - D – C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 10/04/2022 - D – C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\Program Files\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\Program Files\Windows NT =>.Microsoft Corporation
O43 - CFD: 10/04/2022 - D – C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\Program Files\Windows Security =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - SHD – C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 15/04/2022 - HD – C:\Program Files\WindowsApps =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\Program Files\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 12/03/2022 - D – C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 14/04/2022 - D – C:\Program Files (x86)\Adobe =>.Adobe
O43 - CFD: 13/04/2022 - D – C:\Program Files (x86)\Adware Removal Tool by TSA =>.TSA Softwares
O43 - CFD: 15/04/2022 - D – C:\Program Files (x86)\AmUStor =>.Alocr Micro
O43 - CFD: 15/04/2022 - D – C:\Program Files (x86)\ASUS =>.ASUS
O43 - CFD: 14/04/2022 - D – C:\Program Files (x86)\Common Files =>.Microsoft Corporation
O43 - CFD: 09/04/2022 - D – C:\Program Files (x86)\dotnet =>.Microsoft®
O43 - CFD: 14/04/2022 - D – C:\Program Files (x86)\Dropbox =>.Dropbox, Inc®
O43 - CFD: 21/04/2020 - D – C:\Program Files (x86)\EasyAntiCheat =>.EasyAntiCheat
O43 - CFD: 30/03/2021 - D – C:\Program Files (x86)\eNexia750
O43 - CFD: 14/04/2022 - D – C:\Program Files (x86)\Google =>.Google LLC®
O43 - CFD: 01/03/2020 - HD – C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield
O43 - CFD: 29/02/2020 - D – C:\Program Files (x86)\Intel =>.Intel Corporation
O43 - CFD: 10/04/2022 - D – C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 14/04/2022 - D – C:\Program Files (x86)\Microsoft =>.Microsoft Corporation
O43 - CFD: 21/03/2020 - D – C:\Program Files (x86)\Microsoft Analysis Services =>.Microsoft Corporation
O43 - CFD: 21/03/2020 - D – C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 14/04/2022 - D – C:\Program Files (x86)\Microsoft SDKs =>.Microsoft Corporation
O43 - CFD: 14/04/2022 - D – C:\Program Files (x86)\Microsoft Visual Studio =>.Microsoft Corporation
O43 - CFD: 14/04/2022 - D – C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 14/04/2022 - D – C:\Program Files (x86)\MSBuild =>.Microsoft Corporation
O43 - CFD: 18/05/2020 - D – C:\Program Files (x86)\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 14/04/2022 - D – C:\Program Files (x86)\Qualcomm =>.Qualcomm Atheros
O43 - CFD: 01/03/2020 - D – C:\Program Files (x86)\Realtek =>.Realtek
O43 - CFD: 18/03/2022 - D – C:\Program Files (x86)\RedFingerPlayerGlobal [Unsigned]
O43 - CFD: 10/04/2022 - D – C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 18/03/2022 - D – C:\Program Files (x86)\TurboVPN
O43 - CFD: 10/04/2022 - D – C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation
O43 - CFD: 14/04/2022 - D – C:\Program Files (x86)\Windows Kits =>.Microsoft Corporation
O43 - CFD: 10/04/2022 - D – C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 10/04/2022 - D – C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\Program Files (x86)\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\Program Files (x86)\Windows NT =>.Microsoft Corporation
O43 - CFD: 10/04/2022 - D – C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - SHD – C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\Program Files (x86)\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 10/04/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip =>.Igor Pavlov
O43 - CFD: 10/04/2022 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 10/04/2022 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 10/04/2022 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 10/04/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey =>.Chicony Multimedia
O43 - CFD: 10/04/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner =>.Piriform Ltd
O43 - CFD: 10/04/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.0 =>.Dark Byte
O43 - CFD: 15/04/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant =>.Conexant Systems, Inc.
O43 - CFD: 14/04/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox =>.Dropbox
O43 - CFD: 07/12/2019 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 10/04/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp =>.Microsoft Corporation
O43 - CFD: 10/04/2022 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 13/04/2022 - [0] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
O43 - CFD: 10/04/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN =>.VideoLan Team
O43 - CFD: 10/04/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019 =>.Pinnacle Systems, Inc.
O43 - CFD: 07/12/2019 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell =>.Microsoft Corporation
O43 - CFD: 10/04/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 14/04/2022 - D – C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 15/04/2022 - D – C:\ProgramData\AmUStor =>.Alocr Micro
O43 - CFD: 10/10/2020 - D – C:\ProgramData\Apple =>.Apple Inc.
O43 - CFD: 23/03/2020 - D – C:\ProgramData\Apple Computer =>.Apple Inc.
O43 - CFD: 09/04/2022 - [0] SHD – C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 15/04/2022 - D – C:\ProgramData\ASUS =>.ASUS
O43 - CFD: 15/04/2022 - D – C:\ProgramData\ASUS Smart Gesture =>.ASUSTeK
O43 - CFD: 15/04/2022 - D – C:\ProgramData\BlueStacks_nxt
O43 - CFD: 07/04/2021 - D – C:\ProgramData\Conexant =>.Conexant Systems, Inc.
O43 - CFD: 09/04/2022 - [0] SHD – C:\ProgramData\Desktop =>.Microsoft Corporation
O43 - CFD: 09/04/2022 - [0] SHD – C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 08/03/2020 - D – C:\ProgramData\Dropbox =>.Dropbox
O43 - CFD: 29/02/2020 - D – C:\ProgramData\Intel =>.Intel Corporation
O43 - CFD: 07/10/2020 - D – C:\ProgramData\Magix =>.MAGIX_Software_GmbH
O43 - CFD: 14/04/2022 - SD – C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 15/04/2021 - D – C:\ProgramData\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 14/04/2022 - D – C:\ProgramData\Microsoft Visual Studio =>.Microsoft Corporation
O43 - CFD: 15/03/2022 - D – C:\ProgramData\NVIDIA =>.nVidia Corporation
O43 - CFD: 18/03/2022 - D – C:\ProgramData\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 29/03/2021 - D – C:\ProgramData\Oracle =>.Oracle
O43 - CFD: 14/04/2022 - D – C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 09/04/2022 - D – C:\ProgramData\Packages =>.Microsoft Corporation
O43 - CFD: 15/03/2020 - D – C:\ProgramData\Razer =>.Razer
O43 - CFD: 15/04/2022 - D – C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [0] D – C:\ProgramData\SoftwareDistribution =>.Microsoft Corporation
O43 - CFD: 03/03/2020 - [0] D – C:\ProgramData\Solid State Networks =>.Solid State Networks
O43 - CFD: 10/04/2022 - [0] D – C:\ProgramData\ssh =>.Microsoft Corporation
O43 - CFD: 09/04/2022 - [0] SHD – C:\ProgramData\Start Menu =>.Microsoft Corporation
O43 - CFD: 09/04/2022 - [0] SHD – C:\ProgramData\Templates =>.Microsoft Corporation
O43 - CFD: 13/04/2022 - D – C:\ProgramData\Tencent =>.Tencent
O43 - CFD: 14/04/2022 - D – C:\ProgramData\UIU
O43 - CFD: 09/04/2022 - D – C:\ProgramData\USOPrivate =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\ProgramData\USOShared =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\ProgramData\WindowsHolographicDevices =>.Microsoft Corporation
O43 - CFD: 14/04/2022 - D – C:\Program Files (x86)\Common Files\Adobe =>.Adobe
O43 - CFD: 14/04/2022 - [0] D – C:\Program Files (x86)\Common Files\Apple =>.Apple Inc.
O43 - CFD: 14/04/2022 - [0] D – C:\Program Files (x86)\Common Files\Atheros =>.Qualcomm Atheros
O43 - CFD: 14/04/2022 - D – C:\Program Files (x86)\Common Files\Microsoft Shared =>.Microsoft Corporation
O43 - CFD: 14/04/2022 - D – C:\Program Files (x86)\Common Files\Qualcomm =>.Qualcomm Atheros
O43 - CFD: 07/12/2019 - D – C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 18/05/2020 - D – C:\Program Files (x86)\Common Files\Steam =>.Steam Games
O43 - CFD: 10/04/2022 - D – C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation
O43 - CFD: 12/04/2022 - [0] D – C:\Users\Ganja\AppData\Roaming\360DesktopLite
O43 - CFD: 11/03/2020 - [0] D – C:\Users\Ganja\AppData\Roaming\360DrvMgr
O43 - CFD: 14/04/2022 - D – C:\Users\Ganja\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 29/06/2020 - D – C:\Users\Ganja\AppData\Roaming\AndroidTbox
O43 - CFD: 16/02/2021 - D – C:\Users\Ganja\AppData\Roaming\Apowersoft =>.Apowersoft
O43 - CFD: 23/03/2020 - D – C:\Users\Ganja\AppData\Roaming\Apple Computer =>.Apple Inc.
O43 - CFD: 18/04/2021 - D – C:\Users\Ganja\AppData\Roaming\Binance =>.Binance
O43 - CFD: 15/12/2021 - D – C:\Users\Ganja\AppData\Roaming\ChangZhi2
O43 - CFD: 29/11/2021 - D – C:\Users\Ganja\AppData\Roaming\discord
O43 - CFD: 08/03/2020 - D – C:\Users\Ganja\AppData\Roaming\Dropbox =>.Dropbox
O43 - CFD: 21/04/2020 - D – C:\Users\Ganja\AppData\Roaming\EasyAntiCheat =>.EasyAntiCheat
O43 - CFD: 12/04/2022 - D – C:\Users\Ganja\AppData\Roaming\Geek Uninstaller =>.Geek Uninstaller
O43 - CFD: 09/05/2020 - D – C:\Users\Ganja\AppData\Roaming\Hex-Rays
O43 - CFD: 29/03/2021 - D – C:\Users\Ganja\AppData\Roaming\java =>.Oracle
O43 - CFD: 15/12/2021 - D – C:\Users\Ganja\AppData\Roaming\lddownloader
O43 - CFD: 01/05/2020 - D – C:\Users\Ganja\AppData\Roaming\Mael Horz
O43 - CFD: 07/10/2020 - D – C:\Users\Ganja\AppData\Roaming\MAGIX =>.MAGIX_Software_GmbH
O43 - CFD: 09/04/2022 - SD – C:\Users\Ganja\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 30/04/2020 - D – C:\Users\Ganja\AppData\Roaming\Microsoft FxCop =>.Microsoft Corporation
O43 - CFD: 30/03/2021 - D – C:\Users\Ganja\AppData\Roaming\Mirroring360
O43 - CFD: 30/04/2020 - D – C:\Users\Ganja\AppData\Roaming\NuGet =>.Microsoft Corporation
O43 - CFD: 22/05/2020 - D – C:\Users\Ganja\AppData\Roaming\NVIDIA =>.nVidia Corporation
O43 - CFD: 12/03/2022 - D – C:\Users\Ganja\AppData\Roaming\RedFinger
O43 - CFD: 07/10/2020 - D – C:\Users\Ganja\AppData\Roaming\Sony =>.Sony
O43 - CFD: 13/04/2022 - D – C:\Users\Ganja\AppData\Roaming\Tencent =>.Tencent
O43 - CFD: 08/03/2020 - D – C:\Users\Ganja\AppData\Roaming\Tk Patcher
O43 - CFD: 07/10/2020 - D – C:\Users\Ganja\AppData\Roaming\VEGAS =>.VEGAS
O43 - CFD: 14/04/2022 - D – C:\Users\Ganja\AppData\Roaming\Visual Studio Setup =>.Pinnacle Systems, Inc.
O43 - CFD: 14/03/2022 - D – C:\Users\Ganja\AppData\Roaming\vlc =>.VideoLan Team
O43 - CFD: 29/04/2020 - D – C:\Users\Ganja\AppData\Roaming\vstelemetry =>.Legitimate
O43 - CFD: 29/04/2020 - D – C:\Users\Ganja\AppData\Roaming\vs_installershell
O43 - CFD: 04/03/2020 - D – C:\Users\Ganja\AppData\Roaming\WinRAR =>.WinRAR
O43 - CFD: 12/03/2022 - D – C:\Users\Ganja\AppData\Roaming\XuanZhi
O43 - CFD: 14/04/2022 - D – C:\Users\Ganja\AppData\Roaming\XuanZhi64
O43 - CFD: 15/04/2022 - D – C:\Users\Ganja\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 22/05/2020 - D – C:\Users\Ganja\AppData\Local.IdentityService
O43 - CFD: 06/03/2020 - D – C:\Users\Ganja\AppData\Local\Adobe =>.Adobe
O43 - CFD: 23/03/2020 - D – C:\Users\Ganja\AppData\Local\Apple Computer =>.Apple Inc.
O43 - CFD: 09/04/2022 - [0] SHD – C:\Users\Ganja\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 31/03/2021 - D – C:\Users\Ganja\AppData\Local\binance-updater
O43 - CFD: 15/04/2022 - D – C:\Users\Ganja\AppData\Local\BlueStacks =>.BlueStack Systems, Inc.
O43 - CFD: 15/04/2022 - D – C:\Users\Ganja\AppData\Local\BlueStacksSetup =>.BlueStack Systems, Inc.
O43 - CFD: 09/04/2022 - D – C:\Users\Ganja\AppData\Local\cache =>.Legitimate
O43 - CFD: 01/03/2020 - D – C:\Users\Ganja\AppData\Local\CEF =>.CEF
O43 - CFD: 12/03/2022 - D – C:\Users\Ganja\AppData\Local\Comms =>.Microsoft Corporation
O43 - CFD: 15/04/2022 - D – C:\Users\Ganja\AppData\Local\Conexant =>.Conexant Systems, Inc.
O43 - CFD: 27/03/2021 - D – C:\Users\Ganja\AppData\Local\ConnectedDevicesPlatf orm =>.Microsoft Corporation
O43 - CFD: 08/04/2022 - [0] D – C:\Users\Ganja\AppData\Local\CrashDumps =>.Microsoft Corporation
O43 - CFD: 09/04/2022 - D – C:\Users\Ganja\AppData\Local\CrashRpt
O43 - CFD: 14/04/2022 - D – C:\Users\Ganja\AppData\Local\D3DSCache =>.Legitimate
O43 - CFD: 05/04/2020 - [0] D – C:\Users\Ganja\AppData\Local\Diagnostics =>.Microsoft Corporation
O43 - CFD: 12/03/2022 - [0] D – C:\Users\Ganja\AppData\Local\Discord
O43 - CFD: 14/04/2022 - D – C:\Users\Ganja\AppData\Local\Dropbox =>.Dropbox
O43 - CFD: 15/04/2022 - D – C:\Users\Ganja\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
O43 - CFD: 12/04/2022 - D – C:\Users\Ganja\AppData\Local\ESET =>.ESET
O43 - CFD: 29/02/2020 - D – C:\Users\Ganja\AppData\Local\Google =>.Google
O43 - CFD: 09/04/2022 - [0] SHD – C:\Users\Ganja\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 09/04/2022 - D – C:\Users\Ganja\AppData\Local\Intel =>.Intel Corporation
O43 - CFD: 30/04/2020 - D – C:\Users\Ganja\AppData\Local\IsolatedStorage =>.id Software
O43 - CFD: 07/10/2020 - D – C:\Users\Ganja\AppData\Local\MAGIX =>.MAGIX_Software_GmbH
O43 - CFD: 15/04/2022 - D – C:\Users\Ganja\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 21/03/2020 - [0] D – C:\Users\Ganja\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 29/02/2020 - D – C:\Users\Ganja\AppData\Local\MicrosoftEdge =>.Microsoft Corporation
O43 - CFD: 09/04/2022 - D – C:\Users\Ganja\AppData\Local\NemuPlayer
O43 - CFD: 14/04/2022 - D – C:\Users\Ganja\AppData\Local\Nox =>.FFmpeg Project
O43 - CFD: 09/04/2022 - D – C:\Users\Ganja\AppData\Local\NoxSrv
O43 - CFD: 22/05/2020 - D – C:\Users\Ganja\AppData\Local\NuGet =>.Microsoft Corporation
O43 - CFD: 15/03/2022 - D – C:\Users\Ganja\AppData\Local\NVIDIA =>.nVidia Corporation
O43 - CFD: 15/04/2022 - D – C:\Users\Ganja\AppData\Local\OO Software =>.O&O Software GmbH
O43 - CFD: 14/04/2022 - D – C:\Users\Ganja\AppData\Local\Packages =>.Microsoft Corporation
O43 - CFD: 16/02/2021 - D – C:\Users\Ganja\AppData\Local\Patch_My_PC,_LLC
O43 - CFD: 02/03/2020 - [0] D – C:\Users\Ganja\AppData\Local\PeerDistRepub =>.Microsoft Corporation
O43 - CFD: 06/04/2021 - D – C:\Users\Ganja\AppData\Local\PlaceholderTileLogoFo lder =>.Microsoft Corporation
O43 - CFD: 07/10/2020 - D – C:\Users\Ganja\AppData\Local\Plugin.MxOfxRotation
O43 - CFD: 07/10/2020 - D – C:\Users\Ganja\AppData\Local\Plugin.ofx360Stabiliz er
O43 - CFD: 07/10/2020 - D – C:\Users\Ganja\AppData\Local\Plugin.OfxStitch
O43 - CFD: 29/02/2020 - D – C:\Users\Ganja\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 29/02/2020 - D – C:\Users\Ganja\AppData\Local\Publishers =>.Microsoft Corporation
O43 - CFD: 15/03/2020 - [0] D – C:\Users\Ganja\AppData\Local\Razer =>.Razer
O43 - CFD: 14/03/2022 - D – C:\Users\Ganja\AppData\Local\RedFingerPlayer
O43 - CFD: 29/04/2020 - D – C:\Users\Ganja\AppData\Local\ServiceHub
O43 - CFD: 07/10/2020 - D – C:\Users\Ganja\AppData\Local\Sony =>.Sony
O43 - CFD: 01/03/2020 - D – C:\Users\Ganja\AppData\Local\speech =>.Microsoft Corporation
O43 - CFD: 12/03/2022 - D – C:\Users\Ganja\AppData\Local\SquirrelTemp =>.Squirrels
O43 - CFD: 18/05/2020 - D – C:\Users\Ganja\AppData\Local\Steam =>.Steam Games
O43 - CFD: 15/04/2022 - D – C:\Users\Ganja\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 09/04/2022 - [0] SHD – C:\Users\Ganja\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 07/10/2020 - D – C:\Users\Ganja\AppData\Local\VEGAS Pro
O43 - CFD: 01/03/2020 - [0] D – C:\Users\Ganja\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 11/03/2020 - D – C:\Users\Ganja\AppData\Local\ZHP =>.Nicolas Coolman
O43 - CFD: 29/02/2020 - [0] D – C:\Users\Ganja\AppData\Local\Programs\Common =>.Microsoft Corporation
O43 - CFD: 06/03/2020 - D – C:\Users\Ganja\AppData\LocalLow\Adobe =>.Adobe
O43 - CFD: 29/02/2020 - D – C:\Users\Ganja\AppData\LocalLow\Intel =>.Intel Corporation
O43 - CFD: 18/05/2020 - D – C:\Users\Ganja\AppData\LocalLow\LINE Games Corporation
O43 - CFD: 06/03/2020 - SD – C:\Users\Ganja\AppData\LocalLow\Microsoft =>.Microsoft Corporation
O43 - CFD: 12/04/2022 - [0] D – C:\Users\Ganja\AppData\LocalLow\Temp =>.Microsoft Corporation
O43 - CFD: 14/03/2022 - D – C:\Users\Ganja\Desktop\macro
O43 - CFD: 29/01/2022 - D – C:\Users\Ganja\Desktop\Wub
O43 - CFD: 10/04/2022 - RD – C:\Users\Ganja\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 09/04/2022 - RD – C:\Users\Ganja\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 09/04/2022 - RD – C:\Users\Ganja\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 14/03/2022 - [0] D – C:\Users\Ganja\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\LDPlayer4
O43 - CFD: 07/12/2019 - D – C:\Users\Ganja\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 09/04/2022 - D – C:\Users\Ganja\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Redfinger
O43 - CFD: 12/04/2022 - RD – C:\Users\Ganja\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - RD – C:\Users\Ganja\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 15/04/2022 - D – C:\Users\Ganja\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Windows PowerShell =>.Microsoft Corporation
O43 - CFD: 09/04/2022 - D – C:\Users\Ganja\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 09/04/2022 - [0] SHD – C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 09/04/2022 - [0] SHD – C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 15/04/2022 - D – C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 15/04/2021 - [0] D – C:\Users\Default\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [0] D – C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 09/04/2022 - [0] SHD – C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 09/04/2022 - [0] SHD – C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 09/04/2022 - [0] SHD – C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 15/04/2022 - D – C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 15/04/2021 - [0] D – C:\Users\Default User\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [0] D – C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 09/04/2022 - [0] SHD – C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 11/04/2022 - D – C:\WINDOWS\System32\Config\systemprofile\AppData\L ocal\Microsoft =>.Microsoft Corporation
O43 - CFD: 09/04/2022 - – C:\WINDOWS\System32\Config\systemprofile\AppData\R oaming\360safe =>.Qihu 360 Software
O43 - CFD: 09/04/2022 - D – C:\WINDOWS\System32\Config\systemprofile\AppData\R oaming\Microsoft =>.Microsoft Corporation

—\ ShellIconOverlayIdentifiers (SIOI) (12) - 0s
O106 - SIOI: DropboxExt1 Class [ DropboxExt01] - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll =>.Dropbox, Inc®
O106 - SIOI: DropboxExt7 Class [ DropboxExt02] - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll =>.Dropbox, Inc®
O106 - SIOI: DropboxExt9 Class [ DropboxExt03] - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll =>.Dropbox, Inc®
O106 - SIOI: DropboxExt3 Class [ DropboxExt04] - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll =>.Dropbox, Inc®
O106 - SIOI: DropboxExt2 Class [ DropboxExt05] - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll =>.Dropbox, Inc®
O106 - SIOI: DropboxExt4 Class [ DropboxExt06] - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll =>.Dropbox, Inc®
O106 - SIOI: DropboxExt5 Class [ DropboxExt07] - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll =>.Dropbox, Inc®
O106 - SIOI: DropboxExt8 Class [ DropboxExt08] - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll =>.Dropbox, Inc®
O106 - SIOI: DropboxExt10 Class [ DropboxExt09] - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll =>.Dropbox, Inc®
O106 - SIOI: DropboxExt6 Class [ DropboxExt10] - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll =>.Dropbox, Inc®
O106 - SIOI: [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) – C:\Windows\System32\EhStorShell.dll [Unsigned] =>.Microsoft Corporation
O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - Client Side Caching UI.) – C:\WINDOWS\System32\cscui.dll [Unsigned] =>.Microsoft Corporation

—\ Search Context Menu Handlers (SCMH) (30) - 2s
O108 - CMH1: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client Shell Extension.) – C:\Program Files\Windows Defender\shellext.dll =>.Microsoft®
O108 - CMH1: ModernSharing [64Bits] - {e2bf9676-5f8f-435c-97eb-11607a5bedf7} . (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH1: Open With [64Bits] - {09799AFB-AD67-11d1-ABCD-00C04FC30936} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH1: Open With EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH1: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH1: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) – C:\Windows\System32\WorkfoldersShell.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH2: DropboxExt [64Bits] - {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} . (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll =>.Dropbox, Inc®
O108 - CMH2: NvAppShExt [64Bits] - {A929C4CE-FD36-4270-B4F5-34ECAC5BD63C} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) – C:\Windows\System32\DriverStore\FileRepository\nva mi.inf_amd64_036f20146ac187ce\nv3dappshext.dll =>.NVIDIA Corporation®
O108 - CMH2: OpenContainingFolderMenu [64Bits] - {37ea3a21-7493-4208-a011-7f9ea79ce9f5} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH2: OpenGLShExt [64Bits] - {E97DEC16-A50D-49bb-AE24-CF682282E08D} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) – C:\Windows\System32\DriverStore\FileRepository\nva mi.inf_amd64_036f20146ac187ce\nv3dappshext.dll =>.NVIDIA Corporation®
O108 - CMH2: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) – C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
O108 - CMH2: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.) [Unsigned]
O108 - CMH3: CopyAsPathMenu [64Bits] - {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH3: SendTo [64Bits] - {7BA4C740-9E81-11CF-99D3-00AA004AE837} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH4: EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH4: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client Shell Extension.) – C:\Program Files\Windows Defender\shellext.dll =>.Microsoft®
O108 - CMH4: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - Client Side Caching UI.) – C:\WINDOWS\System32\cscui.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH4: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH4: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) – C:\Windows\System32\WorkfoldersShell.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH5: DropboxExt [64Bits] - {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} . (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll =>.Dropbox, Inc®
O108 - CMH5: New [64Bits] - {D969A300-E7FF-11d0-A93B-00A0C90F2719} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH5: NvCplDesktopContext [64Bits] - {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} . (.NVIDIA Corporation - NVIDIA Display Shell Extension.) – C:\Windows\System32\DriverStore\FileRepository\nva mi.inf_amd64_036f20146ac187ce\nvshext.dll =>.NVIDIA Corporation®
O108 - CMH5: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH5: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) – C:\Windows\System32\WorkfoldersShell.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH6: Library Location [64Bits] - {3dad6c5d-2167-4cae-9914-f99e41c12cfa} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH6: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - Client Side Caching UI.) – C:\WINDOWS\System32\cscui.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH6: PintoStartScreen [64Bits] - {470C0EBD-5D73-4d58-9CED-E91E22E23282} . (.Microsoft Corporation - App Resolver.) – C:\Windows\System32\appresolver.dll =>.Microsoft®
O108 - CMH7: EnhancedStorageShell [64Bits] - {2854F705-3548-414C-A113-93E27C808C85} . (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) – C:\Windows\System32\EhStorShell.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH7: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client Shell Extension.) – C:\Program Files\Windows Defender\shellext.dll =>.Microsoft®
O108 - CMH7: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation

—\ Image File Execution Options (16) - 2s
O50 - IFEO:C:\WINDOWS\System32\ie4uinit.exe - (.Microsoft Corporation - IE Per-User Initialisation Utility.) [MitigationOptions\256] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) [MitigationOptions\256] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\MRT.exe - (.Microsoft Corporation - Microsoft Windows Malicious Software Remova.) [CFGOptions\1] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\256] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Microsoft (R) HTML Application host.) [MitigationOptions\256] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\MusNotification.exe - (.Microsoft Corporation - MusNotificationBroker.) [Debugger\/] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\MusNotificationUx.exe - (.Microsoft Corporation - MusNotificationUx.exe.) [Debugger\/] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation Host.) [MitigationOptions\1118481] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\2097152] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\4294967296] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\SihClient.exe - (.Microsoft Corporation - SIH Client.) [Debugger\/] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [MitigationOptions\2097152] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Host Process for Windows Services.) [MinimumStackCommitInBytes\32768] =>.Microsoft®
O50 - IFEO:C:\WINDOWS\System32\upfc.exe - (.Microsoft Corporation - Updateability From SCM.) [Debugger\/] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\UsoClient.exe - (.Microsoft Corporation - UsoClient.) [Debugger\/] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\WaasMedicAgent.exe - (.Microsoft Corporation - WaasMedic Agent Exe.) [Debugger\/] [Unsigned] =>.Microsoft Corporation

—\ System Drivers List (436) - 23s
O58 - SDL:2019/12/07 18:07:53 A . (.Microsoft Corporation - 1394 OpenHCI Driver.) – C:\WINDOWS\System32\drivers\1394ohci.sys [266240] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:53 A . (.LSI - LSI 3ware SCSI Storport Driver.) – C:\WINDOWS\System32\drivers\3ware.sys [107320] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:13 A . (.Microsoft Corporation - ACPI Driver for NT.) – C:\WINDOWS\System32\drivers\acpi.sys [809288] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:53 A . (.Microsoft Corporation - ACPI Devices Driver.) – C:\WINDOWS\System32\drivers\AcpiDev.sys [23040] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:09 A . (.Microsoft Corporation - ACPIEx Driver.) – C:\WINDOWS\System32\drivers\acpiex.sys [139792] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:54 A . (.Microsoft Corporation - ACPI Processor Aggregator Device Driver.) – C:\WINDOWS\System32\drivers\acpipagr.sys [14336] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:50 A . (.Microsoft Corporation - ACPI Power Metering Driver.) – C:\WINDOWS\System32\drivers\acpipmi.sys [18432] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:54 A . (.Microsoft Corporation - ACPI Wake Alarm.) – C:\WINDOWS\System32\drivers\acpitime.sys [16384] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:35:20 A . (.Microsoft Corporation - Audio KMDF Class Extension.) – C:\WINDOWS\System32\drivers\Acx01000.sys [694272] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:53 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) – C:\WINDOWS\System32\drivers\adp80xx.sys [1135416] =>.Microsoft®
O58 - SDL:2022/04/10 03:39:34 A . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) – C:\WINDOWS\System32\drivers\afd.sys [651096] =>.Microsoft®
O58 - SDL:2022/04/10 03:40:35 A . (.Microsoft Corporation - AF_UNIX socket provider.) – C:\WINDOWS\System32\drivers\afunix.sys [48128] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:40:52 A . (.Microsoft Corporation - RAS Agile Vpn Miniport Call Manager.) – C:\WINDOWS\System32\drivers\agilevpn.sys [118784] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:40:08 A . (.Microsoft Corporation - Application Compatibility Cache.) – C:\WINDOWS\System32\drivers\ahcache.sys [292352] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:47 A . (.Advanced Micro Devices, Inc - AMD GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\amdgpio2.sys [18432] [Unsigned] =>.Advanced Micro Devices, Inc
O58 - SDL:2019/12/07 18:07:47 A . (.Advanced Micro Devices, Inc - AMD I2C Controller Driver.) – C:\WINDOWS\System32\drivers\amdi2c.sys [45568] [Unsigned] =>.Advanced Micro Devices, Inc
O58 - SDL:2022/04/10 03:34:14 A . (.Microsoft Corporation - Processor Device Driver.) – C:\WINDOWS\System32\drivers\amdk8.sys [207160] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:14 A . (.Microsoft Corporation - Processor Device Driver.) – C:\WINDOWS\System32\drivers\amdppm.sys [211256] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:53 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) – C:\WINDOWS\System32\drivers\amdsata.sys [83256] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:53 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) – C:\WINDOWS\System32\drivers\amdsbs.sys [259384] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:53 A . (.Advanced Micro Devices - Storage Filter Driver.) – C:\WINDOWS\System32\drivers\amdxata.sys [26936] =>.Microsoft®
O58 - SDL:2022/04/10 03:38:53 A . (.Microsoft Corporation - AppID Driver.) – C:\WINDOWS\System32\drivers\appid.sys [215400] =>.Microsoft®
O58 - SDL:2022/04/10 03:38:53 A . (.Microsoft Corporation - Applocker Filter.) – C:\WINDOWS\System32\drivers\applockerfltr.sys [18432] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:46:40 A . (.Microsoft Corporation - Microsoft Application Virtualization Stream.) – C:\WINDOWS\System32\drivers\AppVStrm.sys [138056] =>.Microsoft®
O58 - SDL:2022/04/10 03:46:40 A . (.Microsoft Corporation - Microsoft Application Virtualization VE Man.) – C:\WINDOWS\System32\drivers\AppvVemgr.sys [174408] =>.Microsoft®
O58 - SDL:2022/04/10 03:46:40 A . (.Microsoft Corporation - Microsoft Application Virtualization VFS Fi.) – C:\WINDOWS\System32\drivers\AppvVfs.sys [154952] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:53 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) – C:\WINDOWS\System32\drivers\arcsas.sys [131896] =>.Microsoft®
O58 - SDL:2020/11/19 01:02:54 A . (.ASUS - ASUS Wireless Radio Control.) – C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696] =>.ASUSTek Computer Inc.®
O58 - SDL:2019/04/24 15:01:46 A . (.ASUSTek COMPUTER INC. - Asus PTP Filter Driver (x64).) – C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504] =>.ASUSTek Computer Inc.®
O58 - SDL:2019/12/07 18:09:07 A . (.Microsoft Corporation - MS Remote Access serial network driver.) – C:\WINDOWS\System32\drivers\asyncmac.sys [31232] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:15 A . (.Microsoft Corporation - ATAPI IDE Miniport Driver.) – C:\WINDOWS\System32\drivers\atapi.sys [30032] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:15 A . (.Microsoft Corporation - ATAPI Driver Extension.) – C:\WINDOWS\System32\drivers\ataport.sys [224080] =>.Microsoft®
O58 - SDL:2019/05/21 12:00:00 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) – C:\WINDOWS\System32\drivers\athw10x.sys [4322552] =>.Qualcomm Atheros®
O58 - SDL:2019/12/07 18:08:41 A . (.Microsoft Corporation - BAM Kernel Driver.) – C:\WINDOWS\System32\drivers\bam.sys [78136] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:54 A . (.Microsoft Corporation - Battery Class Driver.) – C:\WINDOWS\System32\drivers\battc.sys [41272] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:47 A . (. - BCM Function 2 Device Driver.) – C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] [Unsigned] =>.Broadcom Corporation
O58 - SDL:2019/12/07 18:09:00 A . (.Microsoft Corporation - BEEP Driver.) – C:\WINDOWS\System32\drivers\beep.sys [10240] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:38:00 A . (.Microsoft Corporation - Windows Bind Filter Driver.) – C:\WINDOWS\System32\drivers\bindflt.sys [149320] =>.Microsoft®
O58 - SDL:2022/04/10 03:35:32 A . (.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) – C:\WINDOWS\System32\drivers\bowser.sys [117760] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:09:39 A . (.Microsoft Corporation - MAC Bridge Driver.) – C:\WINDOWS\System32\drivers\bridge.sys [127488] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:47 A . (.Microsoft Corporation - Microsoft Bluetooth Audio Multiprofile Mana.) – C:\WINDOWS\System32\drivers\BtaMPM.sys [36352] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/01/31 08:44:54 A . (.Qualcomm - BT Filter.) – C:\WINDOWS\System32\drivers\btfilter.sys [69368] =>.Qualcomm Atheros®
O58 - SDL:2019/12/07 18:07:47 A . (.Microsoft Corporation - Bluetooth A2DP Driver.) – C:\WINDOWS\System32\drivers\BthA2dp.sys [279040] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:21 A . (.Microsoft Corporation - Bluetooth Bus Extender.) – C:\WINDOWS\System32\drivers\bthenum.sys [113664] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:47 A . (.Microsoft Corporation - Bluetooth Hands-Free Audio and Call Control.) – C:\WINDOWS\System32\drivers\BthHfEnum.sys [144896] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:22 A . (.Microsoft Corporation - Bluetooth Transport Extensibility Miniport.) – C:\WINDOWS\System32\drivers\BthMini.SYS [45568] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:50 A . (.Microsoft Corporation - Bluetooth Communications Driver.) – C:\WINDOWS\System32\drivers\bthmodem.sys [76800] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:22 A . (.Microsoft Corporation - Bluetooth Bus Driver.) – C:\WINDOWS\System32\drivers\bthport.sys [1559552] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:22 A . (.Microsoft Corporation - Bluetooth Miniport Driver.) – C:\WINDOWS\System32\drivers\BTHUSB.SYS [110592] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:54 A . (.Microsoft Corporation - VHD BTT Filter Driver.) – C:\WINDOWS\System32\drivers\bttflt.sys [43832] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - Button Converter Driver.) – C:\WINDOWS\System32\drivers\buttonconverter.sys [44032] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:50 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) – C:\WINDOWS\System32\drivers\bxvbda.sys [533816] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:47 A . (.Microsoft Corporation - Charge Arbiration Driver.) – C:\WINDOWS\System32\drivers\CAD.sys [66576] =>.Microsoft®
O58 - SDL:2019/12/07 18:09:37 A . (.Microsoft Corporation - CD-ROM File System Driver.) – C:\WINDOWS\System32\drivers\cdfs.sys [100864] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:13 A . (.Microsoft Corporation - SCSI CD-ROM Driver.) – C:\WINDOWS\System32\drivers\cdrom.sys [175616] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:37:47 A . (.Microsoft Corporation - Event Aggregation Kernel Mode Library.) – C:\WINDOWS\System32\drivers\CEA.sys [82256] =>.Microsoft®
O58 - SDL:2021/01/05 01:52:46 A . (.Conexant Systems Inc. - 64-bit High Definition Audio Function Drive.) – C:\WINDOWS\System32\drivers\CHDRT64.sys [3463992] =>.Synaptics Incorporated®
O58 - SDL:2019/12/07 18:07:54 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) – C:\WINDOWS\System32\drivers\cht4dx64.sys [144184] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:54 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) – C:\WINDOWS\System32\drivers\cht4sx64.sys [319800] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:54 A . (.Chelsio Communications - VF library for Chelsio ® T5/T6 Chipset.) – C:\WINDOWS\System32\drivers\cht4vfx.sys [28672] [Unsigned] =>.Chelsio Communications
O58 - SDL:2019/12/07 18:07:54 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T5/T6 Chip.) – C:\WINDOWS\System32\drivers\cht4vx64.sys [1853752] =>.Microsoft®
O58 - SDL:2022/04/10 03:38:00 A . (…) – C:\WINDOWS\System32\drivers\cimfs.sys [98304] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:50 A . (.Microsoft Corporation - Consumer IR Class Driver for eHome.) – C:\WINDOWS\System32\drivers\circlass.sys [52224] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:39:21 A . (.Microsoft Corporation - SCSI Class System Dll.) – C:\WINDOWS\System32\drivers\Classpnp.sys [417080] =>.Microsoft®
O58 - SDL:2022/04/10 03:38:58 A . (.Microsoft Corporation - Cloud Files Mini Filter Driver.) – C:\WINDOWS\System32\drivers\cldflt.sys [499712] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:39:39 A . (.Microsoft Corporation - Common Log File System Driver.) – C:\WINDOWS\System32\drivers\clfs.sys [414024] =>.Microsoft®
O58 - SDL:2022/04/10 03:36:34 A . (.Microsoft Corporation - CLIP Service.) – C:\WINDOWS\System32\drivers\ClipSp.sys [1094456] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:54 A . (.Microsoft Corporation - Control Method Battery Driver.) – C:\WINDOWS\System32\drivers\CmBatt.sys [36864] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:35:20 A . (.Microsoft Corporation - Kernel Configuration Manager Initial Config.) – C:\WINDOWS\System32\drivers\cmimcext.sys [29000] =>.Microsoft®
O58 - SDL:2022/04/10 03:39:17 A . (.Microsoft Corporation - Kernel Cryptography, Next Generation.) – C:\WINDOWS\System32\drivers\cng.sys [746416] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:37 A . (.Microsoft Corporation - CNG Hardware Assist algorithm provider.) – C:\WINDOWS\System32\drivers\cnghwassist.sys [40968] =>.Microsoft®
O58 - SDL:2022/04/10 03:38:00 A . (.Microsoft Corporation - Console Driver.) – C:\WINDOWS\System32\drivers\condrv.sys [57144] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:49 A . (.Microsoft Corporation - Crash Dump Driver.) – C:\WINDOWS\System32\drivers\crashdmp.sys [99368] =>.Microsoft®
O58 - SDL:2022/04/10 03:46:57 A . (.Microsoft Corporation - Windows Client Side Caching Driver.) – C:\WINDOWS\System32\drivers\csc.sys [586752] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:38:25 A . (.Microsoft Corporation - DAM Kernel Driver.) – C:\WINDOWS\System32\drivers\dam.sys [97096] =>.Microsoft®
O58 - SDL:2022/04/12 08:52:22 A . (.Dropbox, Inc. - Dropbox Filter Driver.) – C:\WINDOWS\System32\drivers\dbx-canary.sys [47600] =>.Microsoft®
O58 - SDL:2022/04/12 08:52:22 A . (.Dropbox, Inc. - Dropbox Filter Driver.) – C:\WINDOWS\System32\drivers\dbx-dev.sys [47600] =>.Microsoft®
O58 - SDL:2022/04/12 08:52:22 A . (.Dropbox, Inc. - Dropbox Filter Driver.) – C:\WINDOWS\System32\drivers\dbx-stable.sys [47600] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:07 A . (.Microsoft Corporation - Xbox Device Authentication Driver.) – C:\WINDOWS\System32\drivers\devauthe.sys [47104] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:39:39 A . (.Microsoft Corporation - DFS Namespace Client Driver.) – C:\WINDOWS\System32\drivers\dfsc.sys [152064] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:14 A . (.Microsoft Corporation - PnP Disk Driver.) – C:\WINDOWS\System32\drivers\disk.sys [98624] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:52 A . (.Microsoft Corporation - Crash Dump Disk Driver.) – C:\WINDOWS\System32\drivers\Diskdump.sys [38200] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:52 A . (.Microsoft Corporation - Boot Over USB Dump Driver.) – C:\WINDOWS\System32\drivers\Dmpusbstor.sys [15360] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:57 A . (.Microsoft Corporation - Dynamic Memory.) – C:\WINDOWS\System32\drivers\dmvsc.sys [59192] =>.Microsoft®
O58 - SDL:2016/05/18 18:50:44 A . (.Intel Corporation - DPTF CPU Device (64-Bit).) – C:\WINDOWS\System32\drivers\dptf_cpu.sys [65088] =>.Intel Corporation®
O58 - SDL:2022/04/10 03:34:09 A . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) – C:\WINDOWS\System32\drivers\drmk.sys [97792] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:09 A . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) – C:\WINDOWS\System32\drivers\drmkaud.sys [16128] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:46 A . (.Microsoft Corporation - ATAPI Dump Driver.) – C:\WINDOWS\System32\drivers\Dumpata.sys [37392] =>.Microsoft®
O58 - SDL:2022/04/10 03:49:32 A . (.Microsoft Corporation - Bitlocker Drive Encryption Crashdump Filter.) – C:\WINDOWS\System32\drivers\dumpfve.sys [94176] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:23 A . (.Microsoft Corporation - SD Crashdump Port Driver.) – C:\WINDOWS\System32\drivers\dumpsd.sys [196432] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:37 A . (.Microsoft Corporation - SD Host Controller Crashdump Port Driver.) – C:\WINDOWS\System32\drivers\dumpsdport.sys [32768] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:52 A . (.Microsoft Corporation - Storport Dump Driver.) – C:\WINDOWS\System32\drivers\Dumpstorport.sys [35128] =>.Microsoft®
O58 - SDL:2022/04/10 03:36:36 A . (.Microsoft Corporation - DirectX Graphics Kernel.) – C:\WINDOWS\System32\drivers\dxgkrnl.sys [3814768] =>.Microsoft®
O58 - SDL:2022/04/10 03:36:36 A . (.Microsoft Corporation - DirectX Graphics MMS.) – C:\WINDOWS\System32\drivers\dxgmms1.sys [456016] =>.Microsoft®
O58 - SDL:2022/04/10 03:36:36 A . (.Microsoft Corporation - DirectX Graphics MMS.) – C:\WINDOWS\System32\drivers\dxgmms2.sys [901960] =>.Microsoft®
O58 - SDL:2022/04/10 03:44:19 A . (.Microsoft Corporation - Enhanced Storage Class driver for IEEE 1667.) – C:\WINDOWS\System32\drivers\EhStorClass.sys [95032] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:50 A . (.Microsoft Corporation - Microsoft driver for storage devices suppor.) – C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys [124728] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:54 A . (.Microsoft Corporation - Error Device Driver.) – C:\WINDOWS\System32\drivers\errdev.sys [15872] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2016/05/19 01:51:24 A . (.Intel Corporation - DPTF Zone (64-Bit).) – C:\WINDOWS\System32\drivers\esif_lf.sys [343608] =>.Intel Corporation®
O58 - SDL:2019/12/07 18:07:50 A . (.QLogic Corporation - QLogic 10 GigE VBD.) – C:\WINDOWS\System32\drivers\evbda.sys [3418936] =>.Microsoft®
O58 - SDL:2022/04/10 03:35:05 A . (.Microsoft Corporation - Microsoft Extended FAT File System.) – C:\WINDOWS\System32\drivers\exfat.sys [418648] =>.Microsoft®
O58 - SDL:2022/04/10 03:35:05 A . (.Microsoft Corporation - Fast FAT File System Driver.) – C:\WINDOWS\System32\drivers\fastfat.sys [426352] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:54 A . (.Microsoft Corporation - Floppy Disk Controller Driver.) – C:\WINDOWS\System32\drivers\fdc.sys [34816] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:09 A . (.Microsoft Corporation - Windows sandboxing and encryption filter.) – C:\WINDOWS\System32\drivers\filecrypt.sys [59392] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:46 A . (.Microsoft Corporation - FileInfo Filter Driver.) – C:\WINDOWS\System32\drivers\fileinfo.sys [94736] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:46 A . (.Microsoft Corporation - File Trace Filter Driver.) – C:\WINDOWS\System32\drivers\filetrace.sys [40448] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:54 A . (.Microsoft Corporation - Floppy Driver.) – C:\WINDOWS\System32\drivers\flpydisk.sys [28672] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:39:21 A . (.Microsoft Corporation - Microsoft Filesystem Filter Manager.) – C:\WINDOWS\System32\drivers\fltMgr.sys [435568] =>.Microsoft®
O58 - SDL:2022/04/10 03:35:20 A . (.Microsoft Corporation - File System Dependency Manager Mini Filter.) – C:\WINDOWS\System32\drivers\fsdepends.sys [69968] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:49 A . (.Microsoft Corporation - File System Recognizer Driver.) – C:\WINDOWS\System32\drivers\fs_rec.sys [33592] =>.Microsoft®
O58 - SDL:2022/04/10 03:49:32 A . (.Microsoft Corporation - BitLocker Drive Encryption Driver.) – C:\WINDOWS\System32\drivers\fvevol.sys [801608] =>.Microsoft®
O58 - SDL:2022/04/10 03:39:35 A . (.Microsoft Corporation - FWP/IPsec Kernel-Mode API.) – C:\WINDOWS\System32\drivers\FWPKCLNT.SYS [502584] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:05 A . (.Microsoft Corporation - GPU Energy Kernel Driver.) – C:\WINDOWS\System32\drivers\gpuenergydrv.sys [8704] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:08 A . (.Microsoft Corporation - High Definition Audio Bus Driver.) – C:\WINDOWS\System32\drivers\hdaudbus.sys [134656] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:08 A . (.Microsoft Corporation - High Definition Audio Function Driver.) – C:\WINDOWS\System32\drivers\HdAudio.sys [430080] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:54 A . (.Microsoft Corporation - Hid Battery Driver.) – C:\WINDOWS\System32\drivers\hidbatt.sys [39440] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:22 A . (.Microsoft Corporation - Bluetooth Miniport Driver for HID Devices.) – C:\WINDOWS\System32\drivers\hidbth.sys [120320] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:22 A . (.Microsoft Corporation - Hid Class Library.) – C:\WINDOWS\System32\drivers\hidclass.sys [225792] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - I2C HID Miniport Driver.) – C:\WINDOWS\System32\drivers\hidi2c.sys [57344] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - HID Button over Interrupt Driver.) – C:\WINDOWS\System32\drivers\hidinterrupt.sys [55824] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:50 A . (.Microsoft Corporation - Infrared Miniport Driver for Input Devices.) – C:\WINDOWS\System32\drivers\hidir.sys [48640] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:22 A . (.Microsoft Corporation - Hid Parsing Library.) – C:\WINDOWS\System32\drivers\hidparse.sys [46080] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - SPI HID Miniport Driver.) – C:\WINDOWS\System32\drivers\hidspi.sys [66560] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:22 A . (.Microsoft Corporation - USB Miniport Driver for Input Devices.) – C:\WINDOWS\System32\drivers\hidusb.sys [44032] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:53 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) – C:\WINDOWS\System32\drivers\HpSAMD.sys [64312] =>.Microsoft®
O58 - SDL:2022/04/10 03:39:17 A . (.Microsoft Corporation - HTTP Protocol Stack.) – C:\WINDOWS\System32\drivers\http.sys [1576760] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:57 A . (.Microsoft Corporation - Hyper-V Crashdump.) – C:\WINDOWS\System32\drivers\hvcrash.sys [35128] =>.Microsoft®
O58 - SDL:2022/04/10 03:43:57 A . (.Microsoft Corporation - Hypervisor Boot Driver.) – C:\WINDOWS\System32\drivers\hvservice.sys [95048] =>.Microsoft®
O58 - SDL:2022/04/10 03:45:30 A . (.Microsoft Corporation - Microsoft Hyper-V Socket Provider.) – C:\WINDOWS\System32\drivers\hvsocket.sys [148280] =>.Microsoft®
O58 - SDL:2022/04/10 03:39:21 A . (.Microsoft Corporation - Hardware Policy Driver.) – C:\WINDOWS\System32\drivers\hwpolicy.sys [33096] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:57 A . (.Microsoft Corporation - Microsoft VMBus Synthetic Keyboard Driver.) – C:\WINDOWS\System32\drivers\hyperkbd.sys [27448] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:57 A . (.Microsoft Corporation - Microsoft VMBus Video Device Miniport Drive.) – C:\WINDOWS\System32\drivers\HyperVideo.sys [41784] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - i8042 Port Driver.) – C:\WINDOWS\System32\drivers\i8042prt.sys [118272] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:47 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\iagpio.sys [36352] [Unsigned] =>.Intel(R) Corporation
O58 - SDL:2019/12/07 18:07:47 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) – C:\WINDOWS\System32\drivers\iai2c.sys [91136] [Unsigned] =>.Intel(R) Corporation
O58 - SDL:2019/12/07 18:07:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [79360] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 18:07:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.s ys [93184] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 18:07:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 18:07:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 18:07:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [171520] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 18:07:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [175104] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 18:07:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [177152] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 18:07:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 18:07:50 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group®
O58 - SDL:2019/12/07 18:07:50 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) – C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 18:07:54 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) – C:\WINDOWS\System32\drivers\iaStorAVC.sys [884752] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:54 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) – C:\WINDOWS\System32\drivers\iaStorV.sys [412176] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:54 A . (.Mellanox - InfiniBand Fabric Bus Driver.) – C:\WINDOWS\System32\drivers\ibbus.sys [558904] =>.Microsoft®
O58 - SDL:2022/04/10 03:38:01 A . (.Microsoft Corporation - Indirect displays kernel-mode filter driver.) – C:\WINDOWS\System32\drivers\IndirectKmd.sys [47104] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:15 A . (.Microsoft Corporation - Intel PCI IDE Driver.) – C:\WINDOWS\System32\drivers\intelide.sys [19792] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:13 A . (.Microsoft Corporation - Intel Power Engine Plugin.) – C:\WINDOWS\System32\drivers\intelpep.sys [418800] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:47 A . (.Microsoft Corporation - Intel Power Limit Driver.) – C:\WINDOWS\System32\drivers\intelpmax.sys [30720] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:14 A . (.Microsoft Corporation - Processor Device Driver.) – C:\WINDOWS\System32\drivers\intelppm.sys [230728] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:13 A . (.Microsoft Corporation - Intel Telemetry Driver.) – C:\WINDOWS\System32\drivers\IntelTA.sys [26608] =>.Microsoft®
O58 - SDL:2022/04/10 03:35:02 A . (.Microsoft Corporation - I/O rate control Filter.) – C:\WINDOWS\System32\drivers\iorate.sys [57168] =>.Microsoft®
O58 - SDL:2022/04/10 03:40:50 A . (.Microsoft Corporation - IP FILTER DRIVER.) – C:\WINDOWS\System32\drivers\ipfltdrv.sys [90112] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:15 A . (.Microsoft Corporation - WMI IPMI DRIVER.) – C:\WINDOWS\System32\drivers\IPMIDrv.sys [117584] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:34 A . (.Microsoft Corporation - IP Network Address Translator.) – C:\WINDOWS\System32\drivers\ipnat.sys [225280] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:09 A . (.Microsoft Corporation - IPT Driver.) – C:\WINDOWS\System32\drivers\ipt.sys [59704] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:15 A . (.Microsoft Corporation - PNP ISA Bus Driver.) – C:\WINDOWS\System32\drivers\isapnp.sys [22864] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:53 A . (.Avago Technologies - Avago SAS Gen3.5 Driver (StorPort).) – C:\WINDOWS\System32\drivers\ItSas35i.sys [172344] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - Keyboard Class Driver.) – C:\WINDOWS\System32\drivers\kbdclass.sys [71480] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - HID Keyboard Filter Driver.) – C:\WINDOWS\System32\drivers\kbdhid.sys [46592] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:46:48 A . (.Microsoft Corporation - Keyboard Lockdown Subsystem.) – C:\WINDOWS\System32\drivers\kbldfltr.sys [29000] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - Microsoft Kernel Debugger Network Miniport.) – C:\WINDOWS\System32\drivers\kdnic.sys [33296] =>.Microsoft®
O58 - SDL:2022/04/10 03:35:04 A . (.Microsoft Corporation - Network Power Dependency Broker.) – C:\WINDOWS\System32\drivers\KNetPwrDepBroker.sys [32256] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:39:58 A . (.Microsoft Corporation - Kernel CSA Library.) – C:\WINDOWS\System32\drivers\ks.sys [449024] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:39:33 A . (.Microsoft Corporation - Kernel Security Support Provider Interface.) – C:\WINDOWS\System32\drivers\ksecdd.sys [148312] =>.Microsoft®
O58 - SDL:2022/04/10 03:39:18 A . (.Microsoft Corporation - Kernel Security Support Provider Interface.) – C:\WINDOWS\System32\drivers\ksecpkg.sys [180040] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:58 A . (.Microsoft Corporation - Kernel Streaming WOW Thunk Service.) – C:\WINDOWS\System32\drivers\ksthunk.sys [29696] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:55 A . (.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) – C:\WINDOWS\System32\drivers\lltdio.sys [72704] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:53 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas.sys [108856] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:53 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas2i.sys [124216] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:53 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas3i.sys [135992] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:53 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sss.sys [82744] =>.Microsoft®
O58 - SDL:2022/04/10 03:40:08 A . (.Microsoft Corporation - LUA File Virtualization Filter Driver.) – C:\WINDOWS\System32\drivers\luafv.sys [140800] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:54 A . (.Microsoft Corporation - MA-USB Host Controller Driver.) – C:\WINDOWS\System32\drivers\mausbhost.sys [537608] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:54 A . (.Microsoft Corporation - MA-USB IP Driver.) – C:\WINDOWS\System32\drivers\mausbip.sys [64016] =>.Microsoft®
O58 - SDL:2022/04/10 03:35:03 A . (.Microsoft Corporation - Windows Mobile Broadband Class Extension.) – C:\WINDOWS\System32\drivers\MbbCx.sys [391168] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:09:00 A . (.Microsoft Corporation - Medium changer class driver.) – C:\WINDOWS\System32\drivers\mcd.sys [25088] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\megasas.sys [59704] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\MegaSas2i.sys [81720] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\megasas35i.sys [105480] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:53 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) – C:\WINDOWS\System32\drivers\megasr.sys [575800] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:47 A . (.Microsoft Corporation - Microsoft Bluetooth Avrcp Transport Driver.) – C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Av rcpTransport.sys [65024] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:22 A . (.Microsoft Corporation - Legacy Bluetooth LE Bus Enumerator.) – C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Le gacy.LEEnumerator.sys [106496] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:54 A . (.Mellanox - MLX4 Bus Driver.) – C:\WINDOWS\System32\drivers\mlx4_bus.sys [1131320] =>.Microsoft®
O58 - SDL:2022/04/10 03:35:17 A . (.Microsoft Corporation - MMCSS Driver.) – C:\WINDOWS\System32\drivers\mmcss.sys [53248] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:45:19 A . (.Microsoft Corporation - Modem Device Driver.) – C:\WINDOWS\System32\drivers\modem.sys [47104] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:12 A . (.Microsoft Corporation - Monitor Driver.) – C:\WINDOWS\System32\drivers\monitor.sys [83968] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - Mouse Class Driver.) – C:\WINDOWS\System32\drivers\mouclass.sys [67600] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - HID Mouse Filter Driver.) – C:\WINDOWS\System32\drivers\mouhid.sys [35328] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:49 A . (.Microsoft Corporation - Mount Point Manager.) – C:\WINDOWS\System32\drivers\mountmgr.sys [110392] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:33 A . (.Microsoft Corporation - Microsoft Protection Service Driver.) – C:\WINDOWS\System32\drivers\mpsdrv.sys [80896] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:45:33 A . (.Microsoft Corporation - Windows NT WebDav Minirdr.) – C:\WINDOWS\System32\drivers\mrxdav.sys [165888] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:39:39 A . (.Microsoft Corporation - Windows NT SMB Minirdr.) – C:\WINDOWS\System32\drivers\mrxsmb.sys [579432] =>.Microsoft®
O58 - SDL:2022/04/10 03:39:39 A . (.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) – C:\WINDOWS\System32\drivers\mrxsmb20.sys [261448] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:49 A . (.Microsoft Corporation - Mailslot driver.) – C:\WINDOWS\System32\drivers\msfs.sys [44048] =>.Microsoft®
O58 - SDL:2022/04/10 03:36:41 A . (.Microsoft Corporation - GPIO Class Extension Driver.) – C:\WINDOWS\System32\drivers\msgpioclx.sys [183112] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - GPIO Button Driver.) – C:\WINDOWS\System32\drivers\msgpiowin32.sys [56120] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:36 A . (.Microsoft Corporation - Pass-through HID to KMDF Filter Driver.) – C:\WINDOWS\System32\drivers\mshidkmdf.sys [8192] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:16 A . (.Microsoft Corporation - Pass-through Driver for HID-UMDF Interface.) – C:\WINDOWS\System32\drivers\mshidumdf.sys [12288] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:36 A . (.Microsoft Corporation - Hardware Notification Class Extension Drive.) – C:\WINDOWS\System32\drivers\mshwnclx.sys [30208] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:15 A . (.Microsoft Corporation - ISA Driver.) – C:\WINDOWS\System32\drivers\msisadrv.sys [20280] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:14 A . (.Microsoft Corporation - Microsoft iSCSI Initiator Driver.) – C:\WINDOWS\System32\drivers\msiscsi.sys [293176] =>.Microsoft®
O58 - SDL:2022/04/10 03:39:58 A . (.Microsoft Corporation - MS KS Server.) – C:\WINDOWS\System32\drivers\mskssrv.sys [34816] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:09:05 A . (.Microsoft Corporation - Microsoft Link-Layer Discovery Protocol Dri.) – C:\WINDOWS\System32\drivers\mslldp.sys [78848] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:58 A . (.Microsoft Corporation - MS Proxy Clock.) – C:\WINDOWS\System32\drivers\mspclock.sys [11264] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:58 A . (.Microsoft Corporation - MS Proxy Quality Manager.) – C:\WINDOWS\System32\drivers\mspqm.sys [11264] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:39:13 A . (.Microsoft Corporation - Windows QUIC Driver.) – C:\WINDOWS\System32\drivers\msquic.sys [322376] =>.Microsoft®
O58 - SDL:2022/04/10 03:39:34 A . (.Microsoft Corporation - Kernel Remote Procedure Call Provider.) – C:\WINDOWS\System32\drivers\msrpc.sys [375608] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:58 A . (.Microsoft Corporation - Microsoft Security Events Component file sy.) – C:\WINDOWS\System32\drivers\mssecflt.sys [331064] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:54 A . (.Microsoft Corporation - System Management BIOS Driver.) – C:\WINDOWS\System32\drivers\mssmbios.sys [47928] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:58 A . (.Microsoft Corporation - WDM Tee/Communication Transform Filter.) – C:\WINDOWS\System32\drivers\mstee.sys [12288] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:53 A . (.Microsoft Corporation - Microsoft Multi-Touch HID Driver.) – C:\WINDOWS\System32\drivers\MTConfig.sys [17920] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:39:39 A . (.Microsoft Corporation - Multiple UNC Provider Driver.) – C:\WINDOWS\System32\drivers\mup.sys [132920] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:53 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) – C:\WINDOWS\System32\drivers\mvumis.sys [63800] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:54 A . (.Mellanox - NetworkDirect Support Filter Driver.) – C:\WINDOWS\System32\drivers\ndfltr.sys [146232] =>.Microsoft®
O58 - SDL:2022/04/10 03:39:34 A . (.Microsoft Corporation - Network Driver Interface Specification (NDI.) – C:\WINDOWS\System32\drivers\ndis.sys [1476944] =>.Microsoft®
O58 - SDL:2019/12/07 18:09:48 A . (.Microsoft Corporation - Microsoft NDIS Packet Capture Filter Driver.) – C:\WINDOWS\System32\drivers\ndiscap.sys [54272] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:40:34 A . (.Microsoft Corporation - Microsoft Network Adapter Multiplexor.) – C:\WINDOWS\System32\drivers\NdisImPlatform.sys [135168] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:40:52 A . (.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) – C:\WINDOWS\System32\drivers\ndistapi.sys [28672] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:49 A . (.Microsoft Corporation - NDIS User mode I/O driver.) – C:\WINDOWS\System32\drivers\ndisuio.sys [70656] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:09:05 A . (.Microsoft Corporation - Microsoft Virtual Network Adapter Enumerato.) – C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [23040] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:40:52 A . (.Microsoft Corporation - MS PPP Framing Driver (Strong Encryption).) – C:\WINDOWS\System32\drivers\ndiswan.sys [212992] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:09:48 A . (.Microsoft Corporation - RDMA Sample Driver.) – C:\WINDOWS\System32\drivers\NDKPing.sys [72720] =>.Microsoft®
O58 - SDL:2022/04/10 03:40:52 A . (.Microsoft Corporation - NDIS Proxy.) – C:\WINDOWS\System32\drivers\ndproxy.sys [93696] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:09:33 A . (.Microsoft Corporation - Windows Network Data Usage Monitoring Drive.) – C:\WINDOWS\System32\drivers\Ndu.sys [131584] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2020/04/18 23:48:37 A . (.SoftEther Corporation - SoftEther VPN.) – C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824] =>.SoftEther Corporation®
O58 - SDL:2020/01/10 19:43:42 A . (.Apple Inc. - Apple Mobile Device Ethernet.) – C:\WINDOWS\System32\drivers\netaapl64.sys [23040] [Unsigned] =>.Apple Inc.
O58 - SDL:2022/04/10 03:39:35 A . (.Microsoft Corporation - Network Adapter Class Extension for WDF.) – C:\WINDOWS\System32\drivers\NetAdapterCx.sys [214528] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:09:04 A . (.Microsoft Corporation - NetBIOS interface driver.) – C:\WINDOWS\System32\drivers\netbios.sys [64312] =>.Microsoft®
O58 - SDL:2022/04/10 03:40:34 A . (.Microsoft Corporation - MBT Transport driver.) – C:\WINDOWS\System32\drivers\netbt.sys [341504] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:39:34 A . (.Microsoft Corporation - Network I/O Subsystem.) – C:\WINDOWS\System32\drivers\netio.sys [601944] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:27 A . (.Microsoft Corporation - Virtual NDIS Miniport.) – C:\WINDOWS\System32\drivers\netvsc.sys [252264] =>.Microsoft®
O58 - SDL:2022/04/10 03:39:22 A . (.Microsoft Corporation - NPFS Driver.) – C:\WINDOWS\System32\drivers\npfs.sys [87368] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - Named pipe service triggers.) – C:\WINDOWS\System32\drivers\npsvctrig.sys [27648] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:39:34 A . (.Microsoft Corporation - NSI Proxy.) – C:\WINDOWS\System32\drivers\nsiproxy.sys [48640] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:39:32 A . (.Microsoft Corporation - NT File System Driver.) – C:\WINDOWS\System32\drivers\ntfs.sys [2851664] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:58 A . (.Microsoft Corporation - NTOS extension host driver.) – C:\WINDOWS\System32\drivers\ntosext.sys [20792] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:49 A . (.Microsoft Corporation - NULL Driver.) – C:\WINDOWS\System32\drivers\null.sys [7680] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:54 A . (.Microsoft Corporation - NVDIMM device driver.) – C:\WINDOWS\System32\drivers\nvdimm.sys [168464] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:53 A . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) – C:\WINDOWS\System32\drivers\nvraid.sys [150328] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:53 A . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) – C:\WINDOWS\System32\drivers\nvstor.sys [166200] =>.Microsoft®
O58 - SDL:2022/04/10 03:35:43 A . (.Microsoft Corporation - NativeWiFi Miniport Driver.) – C:\WINDOWS\System32\drivers\nwifi.sys [757760] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:37:48 A . (.Microsoft Corporation - QoS Packet Scheduler.) – C:\WINDOWS\System32\drivers\pacer.sys [161608] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:54 A . (.Microsoft Corporation - Parallel Port Driver.) – C:\WINDOWS\System32\drivers\parport.sys [109056] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:39:33 A . (.Microsoft Corporation - Partition driver.) – C:\WINDOWS\System32\drivers\partmgr.sys [182608] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:15 A . (.Microsoft Corporation - NT Plug and Play PCI Enumerator.) – C:\WINDOWS\System32\drivers\pci.sys [469840] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:15 A . (.Microsoft Corporation - Generic PCI IDE Bus Driver.) – C:\WINDOWS\System32\drivers\pciide.sys [16712] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:15 A . (.Microsoft Corporation - PCI IDE Bus Driver Extension.) – C:\WINDOWS\System32\drivers\pciidex.sys [56656] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:50 A . (.Microsoft Corporation - PCMCIA Bus Driver.) – C:\WINDOWS\System32\drivers\pcmcia.sys [127800] =>.Microsoft®
O58 - SDL:2022/04/10 03:39:12 A . (.Microsoft Corporation - Performance Counters for Windows Driver.) – C:\WINDOWS\System32\drivers\pcw.sys [57656] =>.Microsoft®
O58 - SDL:2022/04/10 03:35:20 A . (.Microsoft Corporation - Power Dependency Coordinator Driver.) – C:\WINDOWS\System32\drivers\pdc.sys [159056] =>.Microsoft®
O58 - SDL:2022/04/10 03:35:29 A . (.Microsoft Corporation - Protected Environment Authentication and Au.) – C:\WINDOWS\System32\drivers\PEAuth.sys [823808] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\percsas2i.sys [58680] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\percsas3i.sys [68408] =>.Microsoft®
O58 - SDL:2022/04/10 03:45:15 A . (.Microsoft Corporation - Packet Monitor Driver.) – C:\WINDOWS\System32\drivers\PktMon.sys [130360] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:54 A . (.Microsoft Corporation - Persistent memory driver.) – C:\WINDOWS\System32\drivers\pmem.sys [138040] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:50 A . (.Microsoft Corporation - Plug and Play Memory Driver.) – C:\WINDOWS\System32\drivers\pnpmem.sys [17408] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:36 A . (.Microsoft Corporation - Port Device Class Configuration Filter Driv.) – C:\WINDOWS\System32\drivers\portcfg.sys [27136] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:09 A . (.Microsoft Corporation - Port Class (Class Driver for Port/Miniport.) – C:\WINDOWS\System32\drivers\portcls.sys [388608] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:14 A . (.Microsoft Corporation - Processor Device Driver.) – C:\WINDOWS\System32\drivers\processr.sys [216376] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:33 A . (.Microsoft Corporation - Time Travel Debugging Process Launch Monito.) – C:\WINDOWS\System32\drivers\ProcLaunchMon.sys [43448] =>.Microsoft®
O58 - SDL:2019/12/07 18:09:05 A . (.Microsoft Corporation - Microsoft Quality Windows Audio Video Exper.) – C:\WINDOWS\System32\drivers\qwavedrv.sys [53248] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:09 A . (.Microsoft Corporation - RAM Disk Driver.) – C:\WINDOWS\System32\drivers\ramdisk.sys [42296] =>.Microsoft®
O58 - SDL:2022/04/10 03:40:50 A . (.Microsoft Corporation - RAS Automatic Connection Driver.) – C:\WINDOWS\System32\drivers\rasacd.sys [20480] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:40:52 A . (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) – C:\WINDOWS\System32\drivers\rasl2tp.sys [110080] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:09:07 A . (.Microsoft Corporation - RAS PPPoE mini-port/call-manager driver.) – C:\WINDOWS\System32\drivers\raspppoe.sys [87552] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:40:52 A . (.Microsoft Corporation - Peer-to-Peer Tunneling Protocol.) – C:\WINDOWS\System32\drivers\raspptp.sys [101376] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:40:52 A . (.Microsoft Corporation - RAS SSTP Miniport Call Manager.) – C:\WINDOWS\System32\drivers\rassstp.sys [86016] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:39:39 A . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) – C:\WINDOWS\System32\drivers\rdbss.sys [462696] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - Microsoft RDP Bus Device driver.) – C:\WINDOWS\System32\drivers\rdpbus.sys [28672] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:45:14 A . (.Microsoft Corporation - Microsoft RDP Device redirector.) – C:\WINDOWS\System32\drivers\rdpdr.sys [169984] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:44:58 A . (.Microsoft Corporation - Microsoft RDP Video Miniport driver.) – C:\WINDOWS\System32\drivers\rdpvideominiport.sys [32624] =>.Microsoft®
O58 - SDL:2019/12/07 18:09:54 A . (.Microsoft Corporation - ReadyBoost Driver.) – C:\WINDOWS\System32\drivers\rdyboost.sys [297784] =>.Microsoft®
O58 - SDL:2022/04/10 03:38:55 A . (.Microsoft Corporation - NT ReFS FS Driver.) – C:\WINDOWS\System32\drivers\refs.sys [2004792] =>.Microsoft®
O58 - SDL:2022/04/10 03:38:55 A . (.Microsoft Corporation - NT ReFS FS Driver.) – C:\WINDOWS\System32\drivers\refsv1.sys [990536] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - Bluetooth RFCOMM Driver.) – C:\WINDOWS\System32\drivers\rfcomm.sys [213504] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:27 A . (.Microsoft Corporation - Microsoft RemoteFX VM Transport.) – C:\WINDOWS\System32\drivers\RfxVmt.sys [8192] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:50 A . (.Microsoft Corporation - ResourceHub Proxy Driver.) – C:\WINDOWS\System32\drivers\rhproxy.sys [115712] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:09:41 A . (.Microsoft Corporation - Reliable Multicast Transport.) – C:\WINDOWS\System32\drivers\rmcast.sys [158208] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:09:07 A . (.Microsoft Corporation - Remote NDIS Miniport.) – C:\WINDOWS\System32\drivers\RNDISMP.sys [37376] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:09:51 A . (.Microsoft Corporation - Legacy Non-Pnp Modem Device Driver.) – C:\WINDOWS\System32\drivers\rootmdm.sys [13824] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:55 A . (.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) – C:\WINDOWS\System32\drivers\rspndr.sys [89088] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2020/03/19 03:50:08 A . (.Realtek - Realtek 8125/8136/8168/8169 NDIS 6.40 64-bi.) – C:\WINDOWS\System32\drivers\rt640x64.sys [1162832] =>.Realtek Semiconductor Corp.®
O58 - SDL:2019/12/07 18:08:09 RA . (.Realtek - Realtek PCIe GBE Family Controller Flight.) – C:\WINDOWS\System32\drivers\rteth.sys [48640] [Unsigned] =>.Realtek
O58 - SDL:2022/04/10 03:34:14 A . (.Microsoft Corporation - SBP-2 Protocol Driver.) – C:\WINDOWS\System32\drivers\sbp2port.sys [118088] =>.Microsoft®
O58 - SDL:2022/04/10 03:41:08 A . (.Microsoft Corporation - Microsoft Smart Card Reader Filter Driver.) – C:\WINDOWS\System32\drivers\scfilter.sys [44032] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:15 A . (.Microsoft Corporation - Storage Class Memory Bus Driver.) – C:\WINDOWS\System32\drivers\scmbus.sys [158520] =>.Microsoft®
O58 - SDL:2022/04/10 03:40:13 A . (.Microsoft Corporation - SCSI Port Driver.) – C:\WINDOWS\System32\drivers\scsiport.sys [188232] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:23 A . (.Microsoft Corporation - SecureDigital Bus Driver.) – C:\WINDOWS\System32\drivers\sdbus.sys [306544] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:50 A . (.Microsoft Corporation - SDF Reflector.) – C:\WINDOWS\System32\drivers\SDFRd.sys [35128] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:09 A . (.Microsoft Corporation - SD Host Controller Port Driver.) – C:\WINDOWS\System32\drivers\sdport.sys [105488] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:23 A . (.Microsoft Corporation - SD Storage Class Driver.) – C:\WINDOWS\System32\drivers\sdstor.sys [104264] =>.Microsoft®
O58 - SDL:2020/04/18 23:45:05 A . (.SoftEther Corporation - SoftEther VPN.) – C:\WINDOWS\System32\drivers\SeLow_x64.sys [50624] =>.SoftEther Corporation®
O58 - SDL:2019/12/07 18:08:36 A . (.Microsoft Corporation - Serial Class Extension.) – C:\WINDOWS\System32\drivers\SerCx.sys [86328] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:36 A . (.Microsoft Corporation - Serial Class Extension V2.) – C:\WINDOWS\System32\drivers\SerCx2.sys [173072] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:54 A . (.Microsoft Corporation - Serial Port Enumerator.) – C:\WINDOWS\System32\drivers\serenum.sys [27648] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:54 A . (.Microsoft Corporation - Serial Device Driver.) – C:\WINDOWS\System32\drivers\serial.sys [90624] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - Serial Mouse Filter Driver.) – C:\WINDOWS\System32\drivers\sermouse.sys [29184] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:54 A . (.Microsoft Corporation - SCSI Floppy Driver.) – C:\WINDOWS\System32\drivers\sfloppy.sys [19456] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:09:33 A . (.Microsoft Corporation - System Guard Runtime Monitor Agent Driver.) – C:\WINDOWS\System32\drivers\SgrmAgent.sys [88080] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:53 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) – C:\WINDOWS\System32\drivers\sisraid2.sys [44856] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:53 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) – C:\WINDOWS\System32\drivers\sisraid4.sys [81720] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:49 A . (.Microsoft Corporation - Sleep Study Helper.) – C:\WINDOWS\System32\drivers\SleepStudyHelper.sys [38200] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:53 A . (.Microsemi Corportation - Storport Miniport Driver for SmartRAID/Smar.) – C:\WINDOWS\System32\drivers\SmartSAMD.sys [209720] =>.Microsoft®
O58 - SDL:2019/12/07 23:48:54 A . (.Microsoft Corporation - SMB Network Direct Driver.) – C:\WINDOWS\System32\drivers\smbdirect.sys [172544] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:09:09 A . (.Microsoft Corporation - Smart Card Driver Library.) – C:\WINDOWS\System32\drivers\smclib.sys [21504] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:14 A . (.Microsoft Corporation - Storage Spaces Dump Driver.) – C:\WINDOWS\System32\drivers\spacedump.sys [215864] =>.Microsoft®
O58 - SDL:2019/12/07 18:09:34 A . (.Microsoft Corporation - Storage Spaces Parser.) – C:\WINDOWS\System32\drivers\spaceparser.sys [26624] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:14 A . (.Microsoft Corporation - Storage Spaces Driver.) – C:\WINDOWS\System32\drivers\spaceport.sys [679736] =>.Microsoft®
O58 - SDL:2019/12/07 23:48:51 A . (.Microsoft Corporation - Holographic Spatial Graph Filter.) – C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [90936] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:37 A . (.Microsoft Corporation - SPB Class Extension.) – C:\WINDOWS\System32\drivers\SpbCx.sys [87352] =>.Microsoft®
O58 - SDL:2022/04/10 03:39:39 A . (.Microsoft Corporation - Smb 2.0 Server driver.) – C:\WINDOWS\System32\drivers\srv2.sys [784896] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:39:39 A . (.Microsoft Corporation - Server Network driver.) – C:\WINDOWS\System32\drivers\srvnet.sys [315904] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:53 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) – C:\WINDOWS\System32\drivers\stexstor.sys [31032] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:15 A . (.Microsoft Corporation - MS AHCI Storport Miniport Driver.) – C:\WINDOWS\System32\drivers\storahci.sys [186168] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:15 A . (.Microsoft Corporation - Microsoft NVM Express Storport Miniport Dri.) – C:\WINDOWS\System32\drivers\stornvme.sys [162128] =>.Microsoft®
O58 - SDL:2022/04/10 03:35:20 A . (.Microsoft Corporation - Microsoft Storage Port Driver.) – C:\WINDOWS\System32\drivers\storport.sys [723280] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:37 A . (.Microsoft Corporation - Storage QoS Filter.) – C:\WINDOWS\System32\drivers\storqosflt.sys [92984] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:16 A . (.Microsoft Corporation - MS UFS Storport Miniport Driver.) – C:\WINDOWS\System32\drivers\storufs.sys [61264] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:57 A . (.Microsoft Corporation - Storage VSC Driver.) – C:\WINDOWS\System32\drivers\storvsc.sys [44048] =>.Microsoft®
O58 - SDL:2019/12/07 18:09:00 A . (.Microsoft Corporation - WDM CODEC Class Device Driver 2.0.) – C:\WINDOWS\System32\drivers\stream.sys [82432] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:27 A . (.Microsoft Corporation - Microsoft RemoteFX Synth3D Video VSC.) – C:\WINDOWS\System32\drivers\Synth3dVsc.sys [6656] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/02 17:49:00 A . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) – C:\WINDOWS\System32\drivers\tap0901.sys [31232] [Unsigned] =>.The OpenVPN Project
O58 - SDL:2019/12/07 18:09:00 A . (.Microsoft Corporation - SCSI Tape Class Driver.) – C:\WINDOWS\System32\drivers\tape.sys [33280] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:35:35 A . (.Microsoft Corporation - Export driver for kernel mode TPM API.) – C:\WINDOWS\System32\drivers\tbs.sys [31568] =>.Microsoft®
O58 - SDL:2022/04/10 03:39:35 A . (.Microsoft Corporation - TCP/IP Driver.) – C:\WINDOWS\System32\drivers\tcpip.sys [2991416] =>.Microsoft®
O58 - SDL:2019/12/07 18:09:04 A . (.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) – C:\WINDOWS\System32\drivers\tcpipreg.sys [54784] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:49 A . (.Microsoft Corporation - TDI Wrapper.) – C:\WINDOWS\System32\drivers\tdi.sys [39736] =>.Microsoft®
O58 - SDL:2022/04/10 03:43:55 A . (.Microsoft Corporation - TDI Translation Driver.) – C:\WINDOWS\System32\drivers\tdx.sys [117584] =>.Microsoft®
O58 - SDL:2016/04/14 18:37:54 A . (.Intel Corporation - Intel(R) Management Engine Interface.) – C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [202848] =>.Intel(R) Embedded Subsystems and IP Blocks Group®
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - Terminal Server Input Driver.) – C:\WINDOWS\System32\drivers\terminpt.sys [41272] =>.Microsoft®
O58 - SDL:2020/06/29 20:28:57 A . (.TENCENT - tesrsdt64 NT Driver.) – C:\WINDOWS\System32\drivers\tesrsdt.sys [812208] =>.Tencent Technology(Shenzhen) Company Limited®
O58 - SDL:2022/04/10 03:39:39 A . (.Microsoft Corporation - Kernel Transaction Manager Driver.) – C:\WINDOWS\System32\drivers\tm.sys [142136] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:24 A . (.Microsoft Corporation - TPM Device Driver.) – C:\WINDOWS\System32\drivers\tpm.sys [255288] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:09 A . (.Microsoft Corporation - Remote Desktop USB Hub Filter Driver.) – C:\WINDOWS\System32\drivers\TsUsbFlt.sys [66560] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:13 A . (.Microsoft Corporation - Remote Desktop Generic USB Driver.) – C:\WINDOWS\System32\drivers\TsUsbGD.sys [37888] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:28 A . (.Microsoft Corporation - Remote Desktop USB Hub.) – C:\WINDOWS\System32\drivers\tsusbhub.sys [137728] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:09:04 A . (.Microsoft Corporation - Microsoft Tunnel Interface Driver.) – C:\WINDOWS\System32\drivers\tunnel.sys [129024] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:16 A . (.Microsoft Corporation - Microsoft Uasp Driver.) – C:\WINDOWS\System32\drivers\uaspstor.sys [79160] =>.Microsoft®
O58 - SDL:2022/04/10 03:38:02 A . (.Microsoft Corporation - USB Connector Manager KMDF Class Extension.) – C:\WINDOWS\System32\drivers\UcmCx.sys [160256] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:37 A . (.Microsoft Corporation - UCM-TCPCI KMDF Class Extension.) – C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [188416] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - UCM-UCSI ACPI Client Driver.) – C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [36864] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:38:02 A . (.Microsoft Corporation - UCM-UCSI KMDF Class Extension.) – C:\WINDOWS\System32\drivers\UcmUcsiCx.sys [113152] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:09 A . (.Microsoft Corporation - USB Controller Extension.) – C:\WINDOWS\System32\drivers\Ucx01000.sys [259896] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:09 A . (.Microsoft Corporation - “udecx.DRIVER”.) – C:\WINDOWS\System32\drivers\Udecx.sys [52736] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:09:51 A . (.Microsoft Corporation - UDF File System Driver.) – C:\WINDOWS\System32\drivers\udfs.sys [344064] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:46:41 A . (.Microsoft Corporation - Microsoft User Experience Virtualization Ag.) – C:\WINDOWS\System32\drivers\UevAgentDriver.sys [41288] =>.Microsoft®
O58 - SDL:2022/04/10 03:38:02 A . (.Microsoft Corporation - USB Function Driver Class Extension.) – C:\WINDOWS\System32\drivers\ufx01000.sys [324432] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:23 A . (.Microsoft Corporation - UFX Synopsys Client Driver.) – C:\WINDOWS\System32\drivers\ufxsynopsys.sys [168264] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - Generic pass-through driver.) – C:\WINDOWS\System32\drivers\umpass.sys [15360] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2020/06/29 23:00:07 A . (.TENCENT - Loader64 NT Driver.) – C:\WINDOWS\System32\drivers\UniSafe.sys [581912] =>.Tencent Technology(Shenzhen) Company Limited®
O58 - SDL:2019/12/07 18:08:37 A . (.Microsoft Corporation - USB Role-Switch Class Extension.) – C:\WINDOWS\System32\drivers\urscx01000.sys [76304] =>.Microsoft®
O58 - SDL:2019/12/07 18:09:07 A . (.Microsoft Corporation - Remote NDIS USB Driver.) – C:\WINDOWS\System32\drivers\usb8023.sys [24064] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:08 A . (.Microsoft Corporation - USB Audio Class Driver.) – C:\WINDOWS\System32\drivers\USBAUDIO.sys [209920] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:50 A . (.Microsoft Corporation - Microsoft USB Audio Class 2.0 Driver.) – C:\WINDOWS\System32\drivers\usbaudio2.sys [260608] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:41 A . (.Microsoft Corporation - Universal Serial Bus Camera Driver.) – C:\WINDOWS\System32\drivers\USBCAMD2.sys [40448] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:23 A . (.Microsoft Corporation - USB Common Class Generic Parent Driver.) – C:\WINDOWS\System32\drivers\usbccgp.sys [185664] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:50 A . (.Microsoft Corporation - USB Consumer IR Driver for eHome.) – C:\WINDOWS\System32\drivers\usbcir.sys [107520] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - Universal Serial Bus Driver.) – C:\WINDOWS\System32\drivers\usbd.sys [33080] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - EHCI eUSB Miniport Driver.) – C:\WINDOWS\System32\drivers\usbehci.sys [86544] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - Default Hub Driver for USB.) – C:\WINDOWS\System32\drivers\usbhub.sys [528184] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:23 A . (.Microsoft Corporation - USB3 HUB Driver.) – C:\WINDOWS\System32\drivers\USBHUB3.SYS [648016] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - OHCI USB Miniport Driver.) – C:\WINDOWS\System32\drivers\usbohci.sys [30208] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:37 A . (…) – C:\WINDOWS\System32\drivers\UsbPmApi.sys [53248] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - USB 1.1 & 2.0 Port Driver.) – C:\WINDOWS\System32\drivers\usbport.sys [473400] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:12 A . (.Microsoft Corporation - USB Printer driver.) – C:\WINDOWS\System32\drivers\usbprint.sys [40448] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:18 A . (.Microsoft Corporation - USB Serial Driver.) – C:\WINDOWS\System32\drivers\usbser.sys [81408] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:23 A . (.Microsoft Corporation - USB Mass Storage Class Driver.) – C:\WINDOWS\System32\drivers\USBSTOR.SYS [136528] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - UHCI USB Miniport Driver.) – C:\WINDOWS\System32\drivers\usbuhci.sys [39424] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:13 A . (.Microsoft Corporation - USB Video Class Driver.) – C:\WINDOWS\System32\drivers\usbvideo.sys [330576] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:23 A . (.Microsoft Corporation - USB XHCI Driver.) – C:\WINDOWS\System32\drivers\USBXHCI.SYS [624976] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:54 A . (.Microsoft Corporation - Virtual Drive Root Enumerator.) – C:\WINDOWS\System32\drivers\vdrvroot.sys [67384] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:49 A . (.Microsoft Corporation - Driver Verifier Extension.) – C:\WINDOWS\System32\drivers\VerifierExt.sys [347448] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:19 A . (.Microsoft Corporation - VHD Miniport Driver.) – C:\WINDOWS\System32\drivers\vhdmp.sys [821584] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:54 A . (.Microsoft Corporation - Virtual HID Framework (VHF) Driver.) – C:\WINDOWS\System32\drivers\vhf.sys [47616] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:25 A . (.Microsoft Corporation - Microsoft Hyper-V Virtualization Infrastruc.) – C:\WINDOWS\System32\drivers\Vid.sys [641352] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:49 A . (.Microsoft Corporation - Video Port Driver.) – C:\WINDOWS\System32\drivers\videoprt.sys [47104] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:45:23 A . (.Microsoft Corporation - Hyper-V VMBus KMCL.) – C:\WINDOWS\System32\drivers\vmbkmcl.sys [114504] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:26 A . (.Microsoft Corporation - Microsoft Hyper-V Virtual Machine Bus Child.) – C:\WINDOWS\System32\drivers\vmbus.sys [160072] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:57 A . (.Microsoft Corporation - Microsoft VMBus HID Miniport.) – C:\WINDOWS\System32\drivers\VMBusHID.sys [36664] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:57 A . (.Microsoft Corporation - Virtual Machine Generation Counter.) – C:\WINDOWS\System32\drivers\vmgencounter.sys [23864] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:57 A . (.Microsoft Corporation - Virtual Machine Guest Infrastructure Driver.) – C:\WINDOWS\System32\drivers\vmgid.sys [19768] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:57 A . (.Microsoft Corporation - Microsoft S3 Emulated Device Cap Driver.) – C:\WINDOWS\System32\drivers\vms3cap.sys [18960] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:26 A . (.Microsoft Corporation - Virtual Storage Filter Driver.) – C:\WINDOWS\System32\drivers\vmstorfl.sys [54080] =>.Microsoft®
O58 - SDL:2022/04/10 03:34:14 A . (.Microsoft Corporation - Volume Manager Driver.) – C:\WINDOWS\System32\drivers\volmgr.sys [90960] =>.Microsoft®
O58 - SDL:2019/12/07 18:09:37 A . (.Microsoft Corporation - Volume Manager Extension Driver.) – C:\WINDOWS\System32\drivers\volmgrx.sys [389432] =>.Microsoft®
O58 - SDL:2022/04/10 03:36:00 A . (.Microsoft Corporation - Volume Shadow Copy driver.) – C:\WINDOWS\System32\drivers\volsnap.sys [429880] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:53 A . (.Microsoft Corporation - Volume driver.) – C:\WINDOWS\System32\drivers\volume.sys [16696] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:57 A . (.Microsoft Corporation - Virtual PCI Bus.) – C:\WINDOWS\System32\drivers\vpci.sys [89400] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:54 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) – C:\WINDOWS\System32\drivers\vsmraid.sys [166712] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:54 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) – C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305464] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:13 A . (.Microsoft Corporation - Virtual Wireless Bus Driver.) – C:\WINDOWS\System32\drivers\vwifibus.sys [29184] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:35:44 A . (.Microsoft Corporation - Virtual WiFi Filter Driver.) – C:\WINDOWS\System32\drivers\vwififlt.sys [77824] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:13 A . (.Microsoft Corporation - Virtual WiFi Miniport Driver.) – C:\WINDOWS\System32\drivers\vwifimp.sys [50688] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:53 A . (.Microsoft Corporation - Wacom Serial Pen Tablet HID Driver.) – C:\WINDOWS\System32\drivers\wacompen.sys [31232] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:40:52 A . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) – C:\WINDOWS\System32\drivers\wanarp.sys [93184] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:36:36 A . (.Microsoft Corporation - Watchdog Driver.) – C:\WINDOWS\System32\drivers\watchdog.sys [74752] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:38:00 A . (.Microsoft Corporation - Windows Container Isolation FS Filter Drive.) – C:\WINDOWS\System32\drivers\wcifs.sys [202568] =>.Microsoft®
O58 - SDL:2022/04/10 03:38:00 A . (.Microsoft Corporation - Windows Container Name Virtualization FS Fi.) – C:\WINDOWS\System32\drivers\wcnfs.sys [93184] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:15 A . (.Microsoft Corporation - Microsoft antimalware boot driver.) – C:\WINDOWS\System32\drivers\WdBoot.sys [46688] =>.Microsoft®
O58 - SDL:2022/04/10 03:39:33 A . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) – C:\WINDOWS\System32\drivers\Wdf01000.sys [828240] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:15 A . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) – C:\WINDOWS\System32\drivers\WdFilter.sys [350136] =>.Microsoft®
O58 - SDL:2022/04/10 03:39:33 A . (.Microsoft Corporation - Kernel Mode Driver Framework Loader.) – C:\WINDOWS\System32\drivers\WdfLdr.sys [59192] =>.Microsoft®
O58 - SDL:2022/04/10 03:35:43 A . (.Microsoft Corporation - WDI Driver Framework Driver.) – C:\WINDOWS\System32\drivers\WdiWiFi.sys [967168] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:39 A . (.Microsoft Corporation - WDM Companion Filter.) – C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [23560] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:16 A . (.Microsoft Corporation - Windows Defender Network Stream Filter.) – C:\WINDOWS\System32\drivers\WdNisDrv.sys [54200] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:49 A . (.Microsoft Corporation - Windows Error Reporting Kernel Driver.) – C:\WINDOWS\System32\drivers\werkernel.sys [52024] =>.Microsoft®
O58 - SDL:2022/04/10 03:37:48 A . (.Microsoft Corporation - WFP NDIS 6.30 Lightweight Filter Driver.) – C:\WINDOWS\System32\drivers\wfplwfs.sys [180040] =>.Microsoft®
O58 - SDL:2022/04/10 03:38:59 A . (.Microsoft Corporation - Wim file system Driver.) – C:\WINDOWS\System32\drivers\wimmount.sys [39760] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:37 A . (.Microsoft Corporation - Windows Trusted Runtime Interface Driver.) – C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [76984] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - Windows Trusted Runtime Service Proxy Drive.) – C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy. sys [18920] =>.Microsoft®
O58 - SDL:2019/12/07 18:09:51 A . (.Microsoft Corporation - Windows Hypervisor Interface Driver.) – C:\WINDOWS\System32\drivers\winhv.sys [32784] =>.Microsoft®
O58 - SDL:2019/12/07 18:09:33 A . (.Microsoft Corporation - Windows Hypervisor Root Interface Driver.) – C:\WINDOWS\System32\drivers\winhvr.sys [96056] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:54 A . (.Mellanox - Kernel WinMad.) – C:\WINDOWS\System32\drivers\winmad.sys [36152] =>.Microsoft®
O58 - SDL:2022/04/10 03:35:10 A . (.Microsoft Corporation - Windows NAT Driver.) – C:\WINDOWS\System32\drivers\winnat.sys [261120] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:56 A . (.Microsoft Corporation - Windows WinUSB Class Driver.) – C:\WINDOWS\System32\drivers\winusb.sys [107008] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:07:54 A . (.Mellanox - Kernel WinVerbs.) – C:\WINDOWS\System32\drivers\winverbs.sys [73016] =>.Microsoft®
O58 - SDL:2019/12/07 18:07:54 A . (.Microsoft Corporation - Windows Management Interface for ACPI.) – C:\WINDOWS\System32\drivers\wmiacpi.sys [19456] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:49 A . (.Microsoft Corporation - WMILIB WMI support library Dll.) – C:\WINDOWS\System32\drivers\wmilib.sys [19472] =>.Microsoft®
O58 - SDL:2022/04/10 03:38:58 A . (.Microsoft Corporation - Windows Overlay Filter.) – C:\WINDOWS\System32\drivers\wof.sys [234296] =>.Microsoft®
O58 - SDL:2019/12/07 23:48:53 A . (.Microsoft Corporation - Windows Portable Device Upper Class Filter.) – C:\WINDOWS\System32\drivers\WpdUpFltr.sys [32568] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:49 A . (.Microsoft Corporation - WPP Trace Recorder.) – C:\WINDOWS\System32\drivers\WppRecorder.sys [43832] =>.Microsoft®
O58 - SDL:2019/12/07 18:08:41 A . (.Microsoft Corporation - Winsock2 IFS Layer.) – C:\WINDOWS\System32\drivers\ws2ifsl.sys [25088] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:40:08 A . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) – C:\WINDOWS\System32\drivers\WUDFPf.sys [136192] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:40:08 A . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) – C:\WINDOWS\System32\drivers\WUDFRd.sys [315392] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:07 A . (.Microsoft Corporation - Game Input Protocol Driver.) – C:\WINDOWS\System32\drivers\xboxgip.sys [332288] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:34:07 A . (.Microsoft Corporation - XINPUT filter driver for HID.) – C:\WINDOWS\System32\drivers\xinputhid.sys [51712] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:37:51 A . (.Microsoft Corporation - Multi-User Win32 Driver.) – C:\WINDOWS\System32\win32k.sys [596992] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:37:02 A . (.Microsoft Corporation - Base Win32k Kernel Driver.) – C:\WINDOWS\System32\win32kbase.sys [2892800] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:37:51 A . (.Microsoft Corporation - Full/Desktop Win32k Kernel Driver.) – C:\WINDOWS\System32\win32kfull.sys [3813888] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 18:08:34 A . (.Microsoft Corporation - Win32k non session driver.) – C:\WINDOWS\System32\win32kns.sys [30208] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:42:40 A . (.Microsoft Corporation - Multi-User Win32 Driver.) – C:\WINDOWS\SysWOW64\win32k.sys [329728] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/04/10 03:42:40 A . (.Microsoft Corporation - Full/Desktop Win32k Kernel Driver.) – C:\WINDOWS\SysWOW64\win32kfull.sys [2753536] [Unsigned] =>.Microsoft Corporation

—\ Last modified or created user files (2) - 42s
O61 - LFC: 2022/04/13 17:21:55 A . (..) – C:\Users\Ganja\Desktop\adware-removal-tool-by-tsa.exe [752296] {317DD1C55F51AC2756D9C93C060C6FA5}.
O61 - LFC: 2022/04/09 01:49:38 A . (.NetEase, Inc..) – C:\Users\Ganja\Downloads\MuMuInstaller_1.4.0.0_gw-overseas_all_1644473805.exe [9731600] {036AF95E02CE45D35F44511E61C6CED6}.

—\ File Associations Shell Spawning (10) - 1s
O67 - Shell Spawning: <.bat> [HKLM..\open\Command] (…) – “%1” %* =>.Default.Value
O67 - Shell Spawning: <.cpl> [HKLM..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) – C:\Windows\System32\control.exe [Unsigned] =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM..\open\Command] (…) – “%1” %* =>.Default.Value
O67 - Shell Spawning: <.com> [HKLM..\open\Command] (…) – “%1” %* =>.Default.Value
O67 - Shell Spawning: <.evt> [HKLM..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) – C:\Windows\System32\eventvwr.exe [Unsigned] =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> [HKLM..\open\Command] (…) – “%1” %* =>.Default.Value
O67 - Shell Spawning: <.html> [HKLM..\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft®
O67 - Shell Spawning: <.js> [HKLM..\open\Command] (…) – C:\Windows\System32\WScript.exe “%1” %* =>.Default.Value
O67 - Shell Spawning: <.reg> [HKLM..\open\Command] (.Microsoft Corporation - Registry Editor.) – C:\Windows\regedit.exe [Unsigned] =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> [HKLM..\open\Command] (…) – “%1” /S =>.Default.Value

—\ Start Menu Internet (8) - 0s
O68 - StartMenuInternet: [64Bits][HKLM..\Shell\open\Command] (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft®
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC
O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Show IE Icon Utility.) – C:\WINDOWS\System32\ie4ushowIE.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC
O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialisation Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC
O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Show IE Icon Utility.) – C:\WINDOWS\System32\ie4ushowIE.exe =>.Microsoft Corporation

—\ Search Browser Infection (3) - 0s
O69 - SBI: SearchScopes [HKCU] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] [64Bits]{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - (Google) - http://www.google.com/ =>.Google Inc.
O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com

—\ Search Svchost Services (51) - 3s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smart card Certificate Propagatio.) – C:\WINDOWS\System32\certprop.dll [196608] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smart card Certificate Propagatio.) – C:\Windows\System32\certprop.dll [196608] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) – C:\Windows\System32\srvsvc.dll [301568] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) – C:\Windows\System32\gpsvc.dll [1335808] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) – C:\Windows\System32\IKEEXT.DLL [1054208] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) – C:\Windows\System32\iphlpsvc.dll [836096] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Log-on Service DLL.) – C:\Windows\System32\seclogon.dll [32768] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) – C:\Windows\System32\iscsiexe.dll [160256] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) – C:\Windows\System32\eapsvc.dll [112640] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) – C:\Windows\System32\schedsvc.dll [814592] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) – C:\Windows\System32\wbem\WMIsvc.dll [243712] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) – C:\Windows\System32\profsvc.dll [488960] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) – C:\Windows\System32\SessEnv.dll [515072] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports.) – C:\Windows\System32\wercplsupport.dll [134656] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: InstallService (InstallService) . (.Microsoft Corporation - InstallService.) – C:\Windows\System32\InstallService.dll [2430976] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: PushToInstall (PushToInstall) . (.Microsoft Corporation - PushToInstall.) – C:\Windows\System32\PushToInstall.dll [340480] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: TroubleshootingSvc (TroubleshootingSvc) . (.Microsoft Corporation - MitigationClient.) – C:\Windows\System32\MitigationClient.dll [487936] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: LxpSvc (LxpSvc) . (.Microsoft Corporation - Provides infrastructure support for deployi.) – C:\Windows\System32\LanguageOverlayServer.dll [302080] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) – C:\Windows\System32\Windows.SharedPC.AccountManage r.dll [223232] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) – C:\Windows\System32\XblGameSave.dll [1270272] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) – C:\Windows\System32\Windows.Internal.Management.dl l [1016320] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: WManSvc (WManSvc) . (.Microsoft Corporation - Windows Management Service DLL.) – C:\Windows\System32\Windows.Management.Service.dll [809984] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) – C:\Windows\System32\themeservice.dll [70656] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) – C:\Windows\System32\usermgr.dll [1484288] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) – C:\Windows\System32\NetSetupSvc.dll [335360] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) – C:\Windows\System32\wlidsvc.dll [2246144] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Token Broker.) – C:\Windows\System32\TokenBroker.dll [1522176] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) – C:\Windows\System32\lfsvc.dll [48640] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - Natural Authentication Service.) – C:\Windows\System32\NaturalAuth.dll [454656] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) – C:\Windows\System32\rasauto.dll [111616] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) – C:\Windows\System32\rasmans.dll [967680] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) – C:\Windows\System32\mprdim.dll [551936] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) – C:\Windows\System32\Sens.dll [77824] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) – C:\Windows\System32\ipnathlp.dll [619008] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows™ Telephony Server.) – C:\Windows\System32\tapisrv.dll [316928] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) – C:\Windows\System32\wuaueng.dll [3403776] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) – C:\Windows\System32\qmgr.dll [1481216] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) – C:\Windows\System32\shsvcs.dll [259584] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) – C:\Windows\System32\dmwappushsvc.dll [58880] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Flight Settings.) – C:\Windows\System32\flightsettings.dll [939984] =>.Microsoft®
O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) – C:\Windows\System32\WpnService.dll [245248] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) – C:\Windows\System32\appinfo.dll [223232] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) – C:\Windows\System32\XboxNetApiSvc.dll [1295360] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Service.) – C:\Windows\System32\usosvc.dll [569856] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) – C:\Windows\System32\XboxGipSvc.dll [72704] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) – C:\Windows\System32\NcaSvc.dll [171520] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) – C:\Windows\System32\XblAuthManager.dll [1049088] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) – C:\Windows\System32\DeviceSetupManager.dll [288256] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) – C:\Windows\System32\appmgmts.dll [207360] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) – C:\Windows\System32\bdesvc.dll [555008] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filt.) – C:\Windows\System32\KeyboardFilterSvc.dll [161096] =>.Microsoft®

—\ Firewall Active Exception List (2) - 2s
O87 - FAEL: “TCP Query User{00DD2D5B-35AC-4505-8572-AA4C92765065}C:\program files (x86)\google\chrome\application\chrome.exe” [In-None-P6-TRUE] .(.Google LLC - Google Chrome.) – C:\program files (x86)\google\chrome\application\chrome.exe =>.Google LLC®
O87 - FAEL: “UDP Query User{CCA87CB5-4478-4120-A651-06E6B64D3D65}C:\program files (x86)\google\chrome\application\chrome.exe” [In-None-P17-TRUE] .(.Google LLC - Google Chrome.) – C:\program files (x86)\google\chrome\application\chrome.exe =>.Google LLC®

—\ Product Upgrade Codes (64) - 2s
O90 - PUC: “00004109340000000100000000F01FEC” [HKLM] . (.Microsoft Office Office 32-bit Components 2010.) =>.Microsoft Corporation
O90 - PUC: “00004109340090400100000000F01FEC” [HKLM] . (.Microsoft Office Shared 32-bit MUI (English) 2010.) =>.Microsoft Corporation
O90 - PUC: “00004109511090400100000000F01FEC” [HKLM] . (.Microsoft Office Shared Setup Metadata MUI (English) 2010.) =>.Microsoft Corporation
O90 - PUC: “00004109610000000100000000F01FEC” [HKLM] . (.Microsoft Office Excel 2010.) =>.Microsoft Corporation
O90 - PUC: “00004109610090400100000000F01FEC” [HKLM] . (.Microsoft Office Excel MUI (English) 2010.) =>.Microsoft Corporation
O90 - PUC: “00004109C20090400100000000F01FEC” [HKLM] . (.Microsoft Office Proofing (English) 2010.) =>.Microsoft Corporation
O90 - PUC: “00004109E60090400100000000F01FEC” [HKLM] . (.Microsoft Office Shared MUI (English) 2010.) =>.Microsoft Corporation
O90 - PUC: “00004109F10090400100000000F01FEC” [HKLM] . (.Microsoft Office Proof (English) 2010.) =>.Microsoft Corporation
O90 - PUC: “00004109F100A0C00100000000F01FEC” [HKLM] . (.Microsoft Office Proof (Spanish) 2010.) =>.Microsoft Corporation
O90 - PUC: “00004109F100C0400100000000F01FEC” [HKLM] . (.Microsoft Office Proof (French) 2010.) =>.Microsoft Corporation
O90 - PUC: “0A4FDE1875CF3C842BA69EC0D22C66EC” [HKLM] . (.Microsoft .NET Core Runtime - 3.1.23 (x64).) =>.Microsoft Corporation
O90 - PUC: “123A7E3C641C7B74E9B307A612302127” [HKLM] . (.Microsoft .NET Core Host FX Resolver - 3.1.23 (x86).) =>.Microsoft Corporation
O90 - PUC: “13666DF8469B21E4291E8A4AAC5D1DC4” [HKLM] . (.Microsoft .NET Core Host - 2.1.30 (x64).) =>.Microsoft Corporation
O90 - PUC: “1926E8D15D0BCE53481466615F760A7F” [HKLM] . (.Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219.) =>.bl.org
O90 - PUC: “1A778F6E56F20FB4786B4A70B167363D” [HKLM] . (.Windows SDK AddOn.) =>.Microsoft Corporation
O90 - PUC: “1af2a8da7e60d0b429d7e6453b3d0182” [HKLM] . (.Microsoft Visual C++ 2005 Redistributable (x64).) =>.bl.org
O90 - PUC: “1AF6D38EC72B9E110BBD5A4196758F33” [HKLM] . (.MSVCRT Redists.) =>.Advanced Micro Devices Inc
O90 - PUC: “1D5E3C0FEDA1E123187686FED06E995A” [HKLM] . (.Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219.) =>.bl.org
O90 - PUC: “21EE4A31AE32173319EEFE3BD6FDFFE3” [HKLM] . (.Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005.) =>.Microsoft Corporation
O90 - PUC: “22BEFC8F7E2A1793E9ADB411DEFE1C58” [HKLM] . (.Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005.) =>.Microsoft Corporation
O90 - PUC: “25DCF1B7B6F821F41A3463E13AF9E5C7” [HKLM] . (.Microsoft Update Health Tools.) =>.Microsoft Corporation
O90 - PUC: “26F25D0BD2A1320478998E55E4E719E3” [HKLM] . (.Microsoft .NET Core AppHost Pack - 3.1.23 (x64_arm64).) =>.Microsoft Corporation
O90 - PUC: “2C47B0D78F3C1FA449F0DC97BAB4D2EC” [HKLM] . (.Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508.) =>.Microsoft Corporation
O90 - PUC: “3e43b73803c7c394f8a6b2f0402e19c2” [HKLM] . (.Microsoft Visual C++ 2005 Redistributable.) =>.bl.org
O90 - PUC: “3F787C0517DAF89469EA4728393C7240” [HKLM] . (.Microsoft .NET Core Host - 3.1.23 (x86).) =>.Microsoft Corporation
O90 - PUC: “47586AF0B09600B498AA2B9864324194” [HKLM] . (.Microsoft Visual C++ 2019 X86 Additional Runtime - 14.25.28508.) =>.Microsoft Corporation
O90 - PUC: “4BEA594979BAED93C82408E6FE57CE7A” [HKLM] . (.Microsoft Visual Studio 2010 Tools for Office Runtime (x64).) =>.Microsoft Corporation
O90 - PUC: “5350C949C171F084C94F2DC5E906EF88” [HKLM] . (.Microsoft .NET Framework 4.8 SDK.) =>.Microsoft Corporation
O90 - PUC: “5A812990327ACD34D85B163756A6E149” [HKLM] . (.Dropbox Update Helper.) =>.WINSE
O90 - PUC: “5EDF65449EAA30E4B943D0A974C6FEA5” [HKLM] . (.Microsoft Windows Desktop Runtime - 3.1.23 (x64).) =>.Microsoft Corporation
O90 - PUC: “62DBF9290209B993A9A757D1160F9B24” [HKLM] . (.Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005.) =>.Microsoft Corporation
O90 - PUC: “67D6ECF5CD5FBA732B8B22BAC8DE1B4D” [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161.) =>.bl.org
O90 - PUC: “6E815EB96CCE9A53884E7857C57002F0” [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161.) =>.bl.org
O90 - PUC: “6E8D947A316B3EB3F8F540C548BE2AB9” [HKLM] . (.Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005.) =>.Microsoft Corporation
O90 - PUC: “7064674235373A544BD10B2ED7DF3942” [HKLM] . (.Microsoft .NET Core 3.1 Templates 3.1.417 (x64).) =>.Microsoft Corporation
O90 - PUC: “75384AEFF2EC0DE32B0A5884EB6C1F11” [HKLM] . (.Microsoft ASP.NET Core 3.1.10 Targeting Pack (x64).) =>.Microsoft Corporation
O90 - PUC: “75EB9FF751132824CBA9F7BA772C2753” [HKLM] . (.Microsoft .NET Core Host FX Resolver - 3.1.23 (x64).) =>.Microsoft Corporation
O90 - PUC: “76966AEE2E7916549A99C5223EDC4E82” [HKLM] . (.Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508.) =>.Microsoft Corporation
O90 - PUC: “7C9F8B73BF303523781852719CD9C700” [HKLM] . (.Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: “7E1EDE13558C3364D937655F66315676” [HKLM] . (.Microsoft .NET Core Targeting Pack - 3.1.0 (x64).) =>.Microsoft Corporation
O90 - PUC: “82D4A7C91E2C7AC41A3F060394DE9273” [HKLM] . (.Microsoft .NET Core Host - 3.1.23 (x64).) =>.Microsoft Corporation
O90 - PUC: “84b9c17023c712640acaf308593282f8” [HKLM] . (.Microsoft Visual C++ 2005 Redistributable (x64).) =>.bl.org
O90 - PUC: “8C4969FBAB32206399A1018002A67B35” [HKLM] . (.Microsoft ASP.NET Core 3.1.23 Shared Framework (x86).) =>.Microsoft Corporation
O90 - PUC: “8E504D230B1ED1E4CBFF9BEFA51BF5E7” [HKLM] . (.Microsoft Windows Desktop Runtime - 3.1.23 (x86).) =>.Microsoft Corporation
O90 - PUC: “8F525E046254F654B8F87DA4042D0D91” [HKLM] . (.Microsoft .NET Core Toolset 3.1.417 (x64).) =>.Microsoft Corporation
O90 - PUC: “932CF23845EA7594FA3C767A322C88C3” [HKLM] . (.Microsoft .NET Core AppHost Pack - 3.1.23 (x64).) =>.Microsoft Corporation
O90 - PUC: “A17D3765A3C7E2C3FB77AE840968E44E” [HKLM] . (.Microsoft ASP.NET Core 3.1.23 Shared Framework (x64).) =>.Microsoft Corporation
O90 - PUC: “AFD192BEEDED5534899D719FE5194C73” [HKLM] . (.Microsoft .NET Core Host FX Resolver - 2.1.30 (x64).) =>.Microsoft Corporation
O90 - PUC: “BA6CB04E028575442A9BC226F8C8B7AF” [HKLM] . (.Microsoft .NET Core Runtime - 3.1.23 (x86).) =>.Microsoft Corporation
O90 - PUC: “BE6152115D32A3F4DAB7A36BD83CE027” [HKLM] . (.Microsoft .NET Core AppHost Pack - 3.1.23 (x64_x86).) =>.Microsoft Corporation
O90 - PUC: “BFC6307A304B895458FF3D79BA8B1837” [HKLM] . (.Microsoft .NET Standard Targeting Pack - 2.1.0 (x64).) =>.Microsoft Corporation
O90 - PUC: “C025571B2A687A53689168CD7369889B” [HKLM] . (.Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: “C1A0DB28F518F784A97EEC37AD14C3FF” [HKLM] . (.Update for Windows 10 for x64-based Systems (KB5001716).) =>.Microsoft Corporation
O90 - PUC: “c1c4f01781cc94c4c8fb1542c0981a2a” [HKLM] . (.Microsoft Visual C++ 2005 Redistributable.) =>.bl.org
O90 - PUC: “C3249157779A0614382A843663002A61” [HKLM] . (.Microsoft Windows Desktop Targeting Pack - 3.1.0 (x64).) =>.Microsoft Corporation
O90 - PUC: “C3AEB2FCAE628F23AAB933F1E743AB79” [HKLM] . (.Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: “CD77934658D289147BB32D789038698F” [HKLM] . (.Microsoft .NET Core AppHost Pack - 3.1.23 (x64_arm).) =>.Microsoft Corporation
O90 - PUC: “D20352A90C039D93DBF6126ECE614057” [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17.) =>.bl.org
O90 - PUC: “D4DB3CB2ABAF4934397CA98CA262F32E” [HKLM] . (.Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.25.28508.) =>.Microsoft Corporation
O90 - PUC: “D7150A299F5DF8D4789F38BA0C24042C” [HKLM] . (.Microsoft .NET Core Runtime - 2.1.30 (x64).) =>.Microsoft Corporation
O90 - PUC: “DC8A59DBF9D1DA5389A1E3975220E6BB” [HKLM] . (.Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: “DF0D7E1BEFC7C0E45AADF0764699BD19” [HKLM] . (.Windows PC Health Check.) – C:\WINDOWS\Installer{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}\ArpIcon.ico
O90 - PUC: “EF3AF0F3AF5984B3BA1D64BFD44A20E1” [HKLM] . (.Microsoft ASP.NET Core 2.1.30 Shared Framework (x64).) =>.Microsoft Corporation
O90 - PUC: “EFEE0228DC83E77358593193D847A0EC” [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17.) =>.bl.org

—\ Windows Installer Scan (2) - 36s
[MD5.65A283FB9F881E295B3A652970D3E9E9] [WIS][2019/07/30 13:18:24] (.MAGIX Computer Products Intl. Co. - MSVCRT Redists.) – C:\WINDOWS\Installer\1aaf5f.msi [52375552] =>.MAGIX Computer Products Intl. Co.
[MD5.C8930105EF370D14C12EAEF50D25599F] [WIS][2022/03/12 16:08:57] (.Dropbox, Inc. - Dropbox Update Helper.) – C:\WINDOWS\Installer\557b2.msi [24576] =>.Dropbox, Inc.

—\ FEATURE CONTROL. (129) - 1s
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPUR POSEDETECTION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEM ENT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEM ENT]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEM ENT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:infopath.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_P ROMPTS]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_P ROMPTS]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJ ECT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJ ECT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCR IPT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCR IPT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULA TION]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULA TION]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULA TION]:Apowersoft iPhone Recorder.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGAC Y_COMPRESSION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:SAPfewgsrv.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:SAPGUI.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:SAPGuiIT.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:SAPLgPad.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:SAPLOGON.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:Scale_for_R3.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_U PLOAD_FOR_APP]:ieuser.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_U PLOAD_FOR_APP]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNE T_PROTOCOL]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNE T_PROTOCOL]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICO DE_HANDLE_CLOSING_CALLBACK]:YahooMusicEngine.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMP ATIBLE_MODE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT _PASTE_URLACTION_IF_PROMPT]:dexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT _PASTE_URLACTION_IF_PROMPT]:helppane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT _PASTE_URLACTION_IF_PROMPT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS]:msfeedssync.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AN D_STATUS]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AN D_STATUS]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME _PASSWORD_DISABLE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME _PASSWORD_DISABLE]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PR OLOG]:msiexec.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_A RT]:cs.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_A RT]:waol.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_A RT]:wm.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHEL L_FOLDERS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPA RAMS]:helppane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONT ROL_BEHAVIORS]:wlmail.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_ LOCKDOWN]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_ LOCKDOWN]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_ LOCKDOWN]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_ LOCKDOWN]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_ LOCKDOWN]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_ LOCKDOWN]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTION SPER1_0SERVER]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTION SPER1_0SERVER]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTION SPERSERVER]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTION SPERSERVER]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLO AD_IEFRAME]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLO AD_IEFRAME]utlook.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLO AD_IEFRAME]:sidebar.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHIN G]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHIN G]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHIN G]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCK DOWN]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCK DOWN]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCK DOWN]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLB ACK_ON_STOP_BINDING]:communicator.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOU T_PROTOCOL_IE7]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOU T_PROTOCOL_IE7]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOU T_PROTOCOL_IE7]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTI VEXINSTALL]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTI VEXINSTALL]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTI VEXINSTALL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILE DOWNLOAD]:msimn.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILE DOWNLOAD]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILE DOWNLOAD]:winmail.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILE DOWNLOAD]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJE CT_DATA_ATTRIBUTE]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_ TO_LMZ]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_ TO_LMZ]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_ TO_LMZ]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOB JECT]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOB JECT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOB JECT]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOB JECT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_C OMBINE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_C OMBINE]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROT OCOL_WARN_DIALOG]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_L OCKDOWN]:msimn.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_L OCKDOWN]utlook.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_L OCKDOWN]:winmail.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILE CHECK]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILE CHECK]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDS ELECTCONTROL]:infopath.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDS ELECTCONTROL]:excel.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDS ELECTCONTROL]owerpnt.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDS ELECTCONTROL]:winword.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVI GATE_URL]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVI GATE_URL]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVI GATE_URL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEB OC_IS_UNSAFE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZ ECHILD]:msn.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMA NAGEMENT]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMA NAGEMENT]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMA NAGEMENT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRI CTIONS]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRI CTIONS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRI CTIONS]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATIO N]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATIO N]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATIO N]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATIO N]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATIO N]:wmplayer.exe =>.Legitimate

—\ Observer Of Events (137) - 22s

Application.Error: VSS (57)
~Numéro: 2944
~Date: 04/15/2022 10:40:59 PM
~ID: 8193
~Description: Volume Shadow Copy Service error: Unexpected error calling routine %1. hr = %2.
~Suggestion: Utiliser la procédure de reconstruction du VSS

Application.Warning: ESENT (25)
~Numéro: 2917
~Date: 04/15/2022 09:39:29 PM
~ID: 636
~Description: %1 (%2) %3Flush map file “%4” will be deleted. Reason: %5.
~Suggestion: Aucune

Application.Error: Application Error (2)
~Numéro: 2146
~Date: 04/14/2022 07:02:29 PM
~ID: 1000
~Description: Faulting application name: %1, version: %2, time stamp: 0xfd932244 Faulting module name: %4, version: %5, time stamp: 0xcc5f0e77 Exception code: 0xc0000005 Fault offset: 0x0000000000047583 Faulting process ID: 0xbbc Faulting application start time: 0
~Suggestion: Réparer ou réinstaller l’application.

Application.Warning: Microsoft-Windows-System-Restore (3)
~Numéro: 1242
~Date: 04/14/2022 06:23:53 PM
~ID: 8303
~Description: Scoping unsuccessful for shadowcopy %1 with error %2.
~Suggestion: Exécuter la commande chkdsk / f

Application.Warning: MsiInstaller (1)
~Numéro: 1196
~Date: 04/14/2022 05:32:10 PM
~ID: 1032
~Description: An error occurred while refreshing environment variables updated during the installation of ‘%1’. Some users logged on to the machine may not see these changes until they log off and then log back on again.

Application.Error: Microsoft-Windows-CAPI2 (11)
~Numéro: 933
~Date: 04/12/2022 09:30:08 PM
~ID: 513
~Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.%1.

Application.Error: SecurityCenter (6)
~Numéro: 909
~Date: 04/12/2022 09:18:23 PM
~ID: 17
~Description: Security Center failed to validate caller with error %1.

Application.Warning: Wlclntfy (3)
~Numéro: 837
~Date: 04/09/2022 09:35:26 PM
~ID: 6001
~Description: The winlogon notification subscriber <%1> failed a notification event.

Application.Error: Software Protection Platform Service (1)
~Numéro: 750
~Date: 04/09/2022 08:52:20 PM
~ID: 16385
~Description: Failed to schedule Software Protection service for re-start at %2. Error Code: %1.

Application.Warning: Windows Search Service (2)
~Numéro: 688
~Date: 04/09/2022 08:26:28 PM
~ID: 10024
~Description: The filter host process %2 did not respond and is being forcibly terminated.

Application.Warning: Microsoft-Windows-User Profiles Service (1)
~Numéro: 483
~Date: 04/09/2022 07:47:05 PM
~ID: 1534
~Description: Profile notification of event %1 for component %2 failed, error code is %3.
~Suggestion: https://www.ghacks.net/2018/12/29/wi...1534-warnings/

Application.Error: Application Hang (1)
~Numéro: 97
~Date: 04/09/2022 07:42:07 PM
~ID: 1002
~Description: The program %1 version %2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: f9c Start Time: 01d84bfddcf81
~Suggestion: Essayer les commandes suivantes ipconfig /release et ipconfig / renew.

Application.Warning: Microsoft-Windows-WMI (84)
~Numéro: 86
~Date: 04/09/2022 07:36:32 PM
~ID: 63
~Description: A provider, %1, has been registered in the Windows Management Instrumentation namespace %2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
~Suggestion: Généralement LocalSystem n’est pas nécessaire et le contexte de sécurité NetworkServiceHost est plus approprié.

System.Warning: DCOM (75)
~Numéro: 2303
~Date: 04/15/2022 11:11:47 PM
~ID: 10016
~Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-V4BFEG5GanjaS-1-5-21-3947486154-1424391867-2577238500-1001LocalHost (Using LRPC)Microsoft.Windows.ShellExperienceHost_10.0.19 041.1320_ne
~Suggestion: Vérifier les autorisations pour l’accès DCOM

System.Error: Service Control Manager (148)
~Numéro: 2294
~Date: 04/15/2022 10:45:28 PM
~ID: 7000
~Description: The %1 service failed to start due to the following error: %%1053

System.Warning: Microsoft-Windows-Kernel-Processor-Power (21)
~Numéro: 2285
~Date: 04/15/2022 10:43:17 PM
~ID: 37
~Description: The speed of Hyper-V logical processor %2 is being limited by system firmware. The processor has been in this reduced performance state for %3 seconds since the last report.

System.Warning: Microsoft-Windows-Kernel-PnP (20)
~Numéro: 2254
~Date: 04/15/2022 10:42:05 PM
~ID: 219
~Description: The driver %5 failed to load for the device %2.
~Suggestion: Vérifier que le pilote a bien été chargé dans les informations système

System.Error: Microsoft-Windows-Kernel-General (4)
~Numéro: 2126
~Date: 04/15/2022 09:13:23 PM
~ID: 5
~Description: 0x8000002a171??\Volume{5e2ce3be-94ff-4f37-8958-d5019686b841}\System Volume Information\SPP\SppCbsHiveStore{cd42efe1-f6f1-427c-b004-033192c625a4}{8CF88437-4736-447F-8639-BAC44A804E9B}

System.Error: EventLog (1)
~Numéro: 1993
~Date: 04/15/2022 07:14:24 PM
~ID: 6008
~Description: The previous system shutdown at %1 on %2 was unexpected.

System.Warning: BTHUSB (10)
~Numéro: 1976
~Date: 04/15/2022 06:20:57 PM
~ID: 34
~Description: The local adapter does not support an important Low Energy controller state to support peripheral mode. The minimum required supported state mask is %2; got %3. Low Energy peripheral role functionality will not be available.

System.Error: Application Popup (15)
~Numéro: 800
~Date: 04/12/2022 09:59:41 PM
~ID: 1060
~Description: ??\C:\Users\Ganja\AppData\Local\Temp\ehdrv.sys

System.Warning: Microsoft-Windows-DNS-Client (1)
~Numéro: 624
~Date: 04/11/2022 09:22:31 PM
~ID: 1014
~Description: Name resolution for the name %1 timed out after none of the configured DNS servers responded.
~Suggestion: Event ID 1014: Microsoft Windows DNS Client | Microsoft Learn

System.Warning: Microsoft-Windows-NDIS (3)
~Numéro: 623
~Date: 04/11/2022 09:22:26 PM
~ID: 10400
~Description: The network interface “%4” has begun resetting. There will be a momentary disruption in network connectivity while the hardware resets. Reason: %5. This network interface has reset %6 time(s) since it was last initialized.
~Suggestion: Vérifier la connexion à l’interface réseau

System.Error: Microsoft-Windows-WindowsUpdateClient (1)
~Numéro: 372
~Date: 04/09/2022 08:54:36 PM
~ID: 20
~Description: Installation Failure: Windows failed to install the following update with error %1: %2.
~Suggestion: EventTracker KB --Event Id: 20 Source: Microsoft-Windows-WindowsUpdateClient

System.Warning: Microsoft-Windows-Kernel-Tm (2)
~Numéro: 123
~Date: 04/09/2022 07:49:27 PM
~ID: 4
~Description: The TransactionManager (TmId=%1, LogPath=%3) has failed to advance its log tail, due to the transaction (UOW=%4, Description=‘%6’) being unresolved for some time. The transaction must be forced to resolve in order for the TransactionManager to conti

—\ Additional Scan (O88) (30) - 7s
HKLM\Software\Classes\lnkfile\shellex\ContextMenuH andlers\WinRAR32 =>.SUP.Orphan
HKLM\Software\Classes\CLSID{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>.SUP.Orphan
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files\mumu\emulator\nemu\emulatorshell\nemuplayer. exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files\mumu\emulator\nemu\emulatorshell\nemuplayer. exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\MuMu\emulator\nemu\EmulatorShell\NemuMultiPl ayer.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\MuMu\emulator\nemu\EmulatorShell\NemuMultiPl ayer.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Ganja\Desktop\adware-removal-tool-by-tsa.exe.FriendlyAppName =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Ganja\Desktop\trjsetup.exe.FriendlyAppNa me =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Ganja\Desktop\trjsetup.exe.ApplicationCo mpany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Ganja\AppData\Local\Temp{575B4C18-69B5-42B1-86F6-DE1D5E995F52}\Set-up.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Ganja\AppData\Local\Temp{575B4C18-69B5-42B1-86F6-DE1D5E995F52}\Set-up.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Ganja\AppData\Local\Temp\geek64.exe.Frie ndlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Ganja\AppData\Local\Temp\geek64.exe.Appl icationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files\ldplayerbox\ldvboxheadless.exe.FriendlyAppNa me =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files\ldplayerbox\ldvboxheadless.exe.ApplicationCo mpany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\RedFingerPlayerGlobal\RedFingerPlayerGlobal. exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files\mumu\emulator\nemu\emulatorshell\nemuplayer. exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files\mumu\emulator\nemu\emulatorshell\nemuplayer. exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\MuMu\emulator\nemu\EmulatorShell\NemuMultiPl ayer.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\MuMu\emulator\nemu\EmulatorShell\NemuMultiPl ayer.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Ganja\Desktop\adware-removal-tool-by-tsa.exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Ganja\Desktop\trjsetup.exe.FriendlyAppNa me =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Ganja\Desktop\trjsetup.exe.ApplicationCo mpany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Ganja\AppData\Local\Temp{575B4C18-69B5-42B1-86F6-DE1D5E995F52}\Set-up.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Ganja\AppData\Local\Temp{575B4C18-69B5-42B1-86F6-DE1D5E995F52}\Set-up.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Ganja\AppData\Local\Temp\geek64.exe.Frie ndlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Ganja\AppData\Local\Temp\geek64.exe.Appl icationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files\ldplayerbox\ldvboxheadless.exe.FriendlyAppNa me =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files\ldplayerbox\ldvboxheadless.exe.ApplicationCo mpany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\RedFingerPlayerGlobal\RedFingerPlayerGlobal. exe.FriendlyAppName =>.Unsigned

—\ Summary of the elements found (5) - 0s
Zone Anti-Malware - ZAM =>.SUP.Discord
Zone Anti-Malware - ZAM =>.SUP.Orphan
Zone Anti-Malware - ZAM =>Warning.EventLogApp
Zone Anti-Malware - ZAM =>Warning.EventLogSys
Zone Anti-Malware - ZAM =>.SUP.Orphan.MUICache

—\ Serial Number
[00C82FAC5D4F7288471464A39982A0D37F] [23/03/2022] (.CrystalBit Solutions.) - C:\Users\Ganja\Desktop\geek.exe =>.CrystalBit Solutions
[01EA62E443CB2250C870FF6BB13BA98E] [29/06/2020] (.Tencent Technology(Shenzhen) Company Limited.) - C:\Windows\system32\drivers\UniSafe.sys =>.Tencent Technology(Shenzhen) Company Limited
[024FD22ED89C8823D79C2A09A4E6423F] [19/11/2020] (.ASUSTek Computer Inc..) - C:\WINDOWS\System32\drivers\AsRadioControl.sys =>.ASUSTek Computer Inc.
[02DC76C15066F447336766D85A04AF37] [20/01/2022] (.Bluestack Systems, Inc.) - C:\Program Files\BlueStacks_nxt\7zr.exe =>.Not verified
[02FA994D660DE659EE9037ECB437D766] [07/04/2022] (.Piriform Software Ltd.) - C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Software Ltd
[02FA994D660DE659EE9037ECB437D766] [07/04/2022] (.Piriform Software Ltd.) - C:\Program Files\CCleaner\uninst.exe =>.Piriform Software Ltd
[036AF95E02CE45D35F44511E61C6CED6] [09/04/2022] (.NetEase (Hangzhou) Network Co., Ltd.) - C:\Users\Ganja\Downloads\MuMuInstaller_1.4.0.0_gw-overseas_all_1644473805.exe =>.Not verified
[04DF4D56733AE38D598EA004DD2D9C51] [19/03/2020] (.Realtek Semiconductor Corp..) - C:\WINDOWS\System32\drivers\rt640x64.sys =>.Realtek Semiconductor Corp.
[04E705BCC353AEEDB59DC141D48C972B] [18/04/2020] (.SoftEther Corporation.) - C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys =>.SoftEther Corporation
[04E705BCC353AEEDB59DC141D48C972B] [18/04/2020] (.SoftEther Corporation.) - C:\WINDOWS\System32\DRIVERS\SeLow_x64.sys =>.SoftEther Corporation
[04F86C94518495194426A7CDAC0DBA3C] [14/04/2022] (.ASUSTeK COMPUTER INC..) - C:\Users\Ganja\Downloads\Audio_Conexant_Z_V8.66.95 .70Sub3_21875.exe =>.Not verified
[05A4B4E2F89B34D179FB48C3642251C8] [15/04/2022] (.O&O Software GmbH.) - C:\Users\Ganja\Desktop\OOSU10.exe =>.Not verified
[0678BE9B85D65AC22E0BE99D3FBB4DA3] [05/01/2021] (.Synaptics Incorporated.) - C:\WINDOWS\System32\drivers\CHDRT64.sys =>.Synaptics Incorporated
[06AEA76BAC46A9E8CFE6D29E45AAF033] [29/02/2020] (.Google LLC.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google LLC
[06B922A8397E632FE5348DA267275B4F] [11/04/2018] (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe =>.Adobe Systems Incorporated
[06F24D9F4DB07BD7ECAD067F5EE26C29] [09/10/2019] (.Adobe Inc..) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe =>.Adobe Inc.
[06F24D9F4DB07BD7ECAD067F5EE26C29] [09/10/2019] (.Adobe Inc..) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe =>.Adobe Inc.
[06F24D9F4DB07BD7ECAD067F5EE26C29] [09/10/2019] (.Adobe Inc..) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Inc.
[07F3E5C0807B417CAFDBD7D4AB23CF8B] [30/03/2022] (.Bluestack Systems, Inc.) - C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys =>.Bluestack Systems, Inc
[0B0497702C3210F09ED59602E6F2EA27] [24/04/2019] (.ASUSTek Computer Inc..) - C:\WINDOWS\System32\drivers\AsusPTPFilter.sys =>.ASUSTek Computer Inc.
[0B9DE2343AC13F9FDF2BC2D7F3A6C200] [05/01/2021] (.ICEpower a/s.) - C:\Windows\System32\DriverStore\FileRepository\x40 plmwa.inf_amd64_0fe274d0aafd5420\ICEsoundService64 .exe =>.Not verified
[0BB14E1AFFF5879B9717256081844B4E] [14/04/2022] (.Bluestack Systems, Inc.) - C:\Users\Ganja\AppData\Local\BlueStacksSetup\BlueS tacksInstaller_5.6.110.1002_native_4c661996e1ba1c2 021d19369110b3d98_0.exe =>.Not verified
[0BB14E1AFFF5879B9717256081844B4E] [30/03/2022] (.Bluestack Systems, Inc.) - C:\Program Files\BlueStacks_nxt\BlueStacksUninstaller.exe =>.Not verified
[0D07705FA0E0C4827CC287CFCDEC20C4] [11/03/2021] (.Binance Holdings Limited.) - C:\Program Files\Binance\Binance.exe =>.Binance Holdings Limited
[0D36AB0805BA9450220F865C58918F52] [12/04/2022] (.Malwarebytes Inc.) - C:\Users\Ganja\Desktop\adwcleaner_8.3.1.exe =>.Malwarebytes Inc
[0E4418E2DEDE36DD2974C3443AFB5CE5] [09/04/2022] (.Google LLC.) - C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.88\elev ation_service.exe =>.Google LLC
[0E4418E2DEDE36DD2974C3443AFB5CE5] [09/04/2022] (.Google LLC.) - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC
[0E4418E2DEDE36DD2974C3443AFB5CE5] [14/04/2022] (.Google LLC.) - C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.88\Inst aller\chrmstp.exe =>.Google LLC
[0E4418E2DEDE36DD2974C3443AFB5CE5] [14/04/2022] (.Google LLC.) - C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.88\Inst aller\setup.exe =>.Google LLC
[0E4418E2DEDE36DD2974C3443AFB5CE5] [29/03/2022] (.Google LLC.) - C:\Users\Ganja\AppData\Local\Google\Chrome\User Data\SwReporter\100.281.200\software_reporter_tool .exe =>.Google LLC
[0F7A165550163D5ED7D1CAA3FC13DA06] [12/04/2022] (.Dropbox, Inc.) - C:\Program Files (x86)\Dropbox\Client\Dropbox.exe =>.Dropbox, Inc
[0F7A165550163D5ED7D1CAA3FC13DA06] [12/04/2022] (.Dropbox, Inc.) - C:\Program Files (x86)\Dropbox\Client\DropboxUninstaller.exe =>.Dropbox, Inc
[0F7A165550163D5ED7D1CAA3FC13DA06] [12/04/2022] (.Dropbox, Inc.) - C:\WINDOWS\System32\DbxSvc.exe =>.Dropbox, Inc
[0F7A165550163D5ED7D1CAA3FC13DA06] [27/02/2022] (.Dropbox, Inc.) - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll =>.Dropbox, Inc
[0F7A165550163D5ED7D1CAA3FC13DA06] [29/11/2021] (.Dropbox, Inc.) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe =>.Dropbox, Inc
[13222A5DCCF716DF5AF9C87084412DD9] [09/07/2015] (.Realtek Semiconductor Corp.) - C:\Program Files (x86)\InstallShield Installation Information{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe =>.Realtek Semiconductor Corp
[167DB6F0182412A5F7E507AD73FD4A04] [05/01/2021] (.Conexant Systems LLC.) - C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU64a.exe =>.Conexant Systems LLC
[167DB6F0182412A5F7E507AD73FD4A04] [20/06/2018] (.Conexant Systems LLC.) - C:\Program Files\CONEXANT\SAII\SmartAudio.exe =>.Conexant Systems LLC
[167DB6F0182412A5F7E507AD73FD4A04] [24/11/2017] (.Conexant Systems LLC.) - C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent 64.exe =>.Conexant Systems LLC
[19D2BBA6922F3C7A0242B54C040F8B11] [27/10/2016] (.Conexant Systems, Inc..) - C:\Windows\System32\SASrv.exe =>.Conexant Systems, Inc.
[234175E3D1A23EF8ACB50245] [16/10/2019] (.EasyAntiCheat Oy.) - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe =>.EasyAntiCheat Oy
[317DD1C55F51AC2756D9C93C060C6FA5] [13/04/2022] (.Pawan Kumar.) - C:\Users\Ganja\Desktop\adware-removal-tool-by-tsa.exe =>.Not verified
[3DD79449EA86A17D1AED3D553A987DDF] [21/05/2019] (.Qualcomm Atheros.) - C:\WINDOWS\System32\drivers\athw10x.sys =>.Qualcomm Atheros
[3DD79449EA86A17D1AED3D553A987DDF] [31/01/2019] (.Qualcomm Atheros.) - C:\WINDOWS\System32\drivers\AdminService.exe =>.Qualcomm Atheros
[3DD79449EA86A17D1AED3D553A987DDF] [31/01/2019] (.Qualcomm Atheros.) - C:\WINDOWS\System32\drivers\btfilter.sys =>.Qualcomm Atheros
[411239DA46A29C98B8A15077] [04/03/2020] (.Cheat Engine.) - C:\Program Files\Cheat Engine 7.0\unins000.exe =>.Cheat Engine
[4CE26AB7B08A86A56200DE244E294BA5] [20/10/2014] (.Conexant Systems, Inc..) - C:\WINDOWS\system32\CxAudMsg64.exe =>.Conexant Systems, Inc.
[4E0B86EECF78E905EF7CA498D841EA16] [01/03/2020] (.Open Source Developer, Duncan Ogilvie.) - C:\debugger\release\x96dbg.exe =>.Not verified
[5600000027396847078B466FFF000000000027] [14/04/2016] (.Intel(R) Embedded Subsystems and IP Blocks Group.) - C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys =>.Intel(R) Embedded Subsystems and IP Blocks Group
[5600000C148C3F94CD2631870A000000000C14] [29/02/2020] (.IntelGfxReleaseExternal2020.) - C:\ProgramData\Package Cache{7d2bdb54-268a-4ce6-8063-a6cad97dba41}\win64.exe =>.IntelGfxReleaseExternal2020
[5600000C3BF9A3682289A06F40000000000C3B] [11/09/2020] (.Intel(R) pGFX 2020.) - C:\Windows\System32\DriverStore\FileRepository\cui _dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe =>.Intel(R) pGFX 2020
[5600000C3BF9A3682289A06F40000000000C3B] [11/09/2020] (.Intel(R) pGFX 2020.) - C:\Windows\System32\DriverStore\FileRepository\cui _dch.inf_amd64_b8e01d9e8716d2a7\igfxEM.exe =>.Intel(R) pGFX 2020
[5600000C3BF9A3682289A06F40000000000C3B] [11/09/2020] (.Intel(R) pGFX 2020.) - C:\Windows\System32\DriverStore\FileRepository\igc c_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinSe rvice.exe =>.Intel(R) pGFX 2020
[5600000C3BF9A3682289A06F40000000000C3B] [11/09/2020] (.Intel(R) pGFX 2020.) - C:\Windows\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_a086f01cc7be643a\igdkmd64.sys =>.Intel(R) pGFX 2020
[5600000C3BF9A3682289A06F40000000000C3B] [11/09/2020] (.Intel(R) pGFX 2020.) - C:\Windows\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_a086f01cc7be643a\IntelCpHDCPSvc.ex e =>.Intel(R) pGFX 2020
[5600000C3BF9A3682289A06F40000000000C3B] [11/09/2020] (.Intel(R) pGFX 2020.) - C:\Windows\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_a086f01cc7be643a\IntelCpHeciSvc.ex e =>.Intel(R) pGFX 2020
[5600000C3BF9A3682289A06F40000000000C3B] [11/09/2020] (.Intel(R) pGFX 2020.) - C:\Windows\System32\DriverStore\FileRepository\int cdaud.inf_amd64_1b570d7b9a790b1a\IntcDAud.sys =>.Intel(R) pGFX 2020
[62E745E92165213C971F5C490AEA12A5] [12/04/2020] (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nva mi.inf_amd64_036f20146ac187ce\Display.NvContainer\ NVDisplay.Container.exe =>.NVIDIA Corporation
[62E745E92165213C971F5C490AEA12A5] [12/04/2020] (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nva mi.inf_amd64_036f20146ac187ce\nv3dappshext.dll =>.NVIDIA Corporation
[62E745E92165213C971F5C490AEA12A5] [12/04/2020] (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nva mi.inf_amd64_036f20146ac187ce\nvlddmkm.sys =>.NVIDIA Corporation
[62E745E92165213C971F5C490AEA12A5] [12/04/2020] (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nva mi.inf_amd64_036f20146ac187ce\nvshext.dll =>.NVIDIA Corporation
[65628C146ACE93037FC58659F14BD35F] [12/04/2022] (.ESET, spol. s r.o..) - C:\Users\Ganja\AppData\Local\ESET\ESETOnlineScanne r\sciter-x.dll =>.ESET, spol. s r.o.
[65628C146ACE93037FC58659F14BD35F] [12/04/2022] (.ESET, spol. s r.o..) - C:\Users\Ganja\Desktop\esetonlinescanner.exe =>.ESET, spol. s r.o.
[731D40AE3F3A1FB2BC3D8395] [03/03/2022] (.win.rar GmbH.) - C:\Program Files\WinRAR\Rar.exe =>.win.rar GmbH
[731D40AE3F3A1FB2BC3D8395] [03/03/2022] (.win.rar GmbH.) - C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH
[731D40AE3F3A1FB2BC3D8395] [03/03/2022] (.win.rar GmbH.) - C:\Program Files\WinRAR\uninstall.exe =>.win.rar GmbH
[7C443D7DBB054E459C513D665DFA8DB7] [29/06/2020] (.Tencent Technology(Shenzhen) Company Limited.) - C:\Windows\system32\drivers\tesrsdt.sys =>.Tencent Technology(Shenzhen) Company Limited

~ Unselected Options:
~ End of the scan, 8330 items in 04mn51s (2178)(0)

Sorry just saw your post. I have pasted new logs.

Download attached fixlist.txt file and save it to the Desktop. NOTE. It’s important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system. Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

[ICODE] Start:: CloseProcesses: SystemRestore: On CreateRestorePoint: RemoveProxy: Task: {35C3CE0C-6E9C-4368-8970-5A1EC2984974} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Ganja\AppData\Local\ESET\ESETOnlineScanne r\ESETOnlineScanner.exe SCHED (No File) Task: {A9461498-6A3F-4F98-B10D-680CD902F8BB} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Ganja\AppData\Local\ESET\ESETOnlineScanne r\ESETOnlineScanner.exe LOGON (No File) C:\Users\Ganja\AppData\Local\ESET\ESETOnlineScanne r R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824 2020-04-18] (SoftEther Corporation -> SoftEther Corporation) R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [50624 2020-04-18] (SoftEther Corporation -> SoftEther Corporation) S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [31232 2019-12-02] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 tesrsdt; C:\Windows\system32\drivers\tesrsdt.sys [812208 2020-06-29] (Tencent Technology(Shenzhen) Company Limited -> TENCENT) S3 UniSafe; C:\Windows\system32\drivers\UniSafe.sys [581912 2020-06-29] (Tencent Technology(Shenzhen) Company Limited -> TENCENT) C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys C:\WINDOWS\System32\drivers\tap0901.sys C:\Windows\system32\drivers\tesrsdt.sys C:\Windows\system32\drivers\UniSafe.sys C:\Users\Ganja\AppData\Roaming\Tencent C:\ProgramData\Tencent C:\Users\Ganja\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\ESET Online Scanner.lnk C:\Users\Ganja\Desktop\ESET Online Scanner.lnk C:\Users\Ganja\AppData\Local\ESET C:\Users\Ganja\Desktop\esetonlinescanner.exe C:\Users\Ganja\AppData\Roaming\XuanZhi64 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software C:\Program Files (x86)\TurboVPN C:\Users\Ganja\AppData\Roaming\changzhi_leidian.da ta C:\Users\Ganja\AppData\Roaming\changzhi_leidianmac .data ShortcutWithArgument: C:\Users\Ganja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Magic - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1" MSCONFIG\Services: QHActiveDefense => MSCONFIG\Services: QMEmulatorService => 2 HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk" HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper" C:\Windows\system32\drivers\tesrsdt.sys C:\Windows\system32\drivers\UniSafe.sys C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent C:\ProgramData\Tencent C:\Users\Ganja\AppData\Roaming\Tencent C:\Program Files\SoftEther DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\StartupFolder|SoftEther VPN Client Manager Startup.lnk DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run|SoftEther VPN Client UI Helper DeleteKey: HKLM\SOFTWARE\WOW6432Node\Tencent DeleteKey: HKCU\SOFTWARE\Tencent DeleteKey: HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Tencent DeleteKey: HKCU\SOFTWARE\AvastAdSDK DeleteKey: HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\AvastAdSDK File: C:\Users\Ganja\d4ac4633ebd6440fa397b84f1bc94a3c.7z File: C:\WINDOWS\system32\noise.jpn VirusTotal: C:\WINDOWS\system32\noise.jpn VirusTotal: C:\Users\Ganja\d4ac4633ebd6440fa397b84f1bc94a3c.7z MSCONFIG\Services: Bonjour Service => 2 CMD: netsh int ip reset CMD: netsh advfirewall reset CMD: netsh advfirewall set allprofiles state On CMD: "%WINDIR%\SYSTEM32\lodctr.exe /R" CMD: "%WINDIR%\SysWOW64\lodctr.exe /R" CMD: "C:\Windows\SYSTEM32\lodctr.exe /R" CMD: "C:\Windows\SysWOW64\lodctr.exe /R" StartBatch: del /s /q C:\Windows\SoftwareDistribution\download\*.* del /s /q "%userprofile%\AppData\Local\Google\Chrome\Use r Data\Default\Cache\*.*" del /s /q "%userprofile%\AppData\Local\temp\*.*" ipconfig /flushdns endbatch: CMD: netsh winsock reset catalog CMD: netsh int ip reset c:\resetlog.txt CMD: ipconfig /release CMD: ipconfig /renew CMD: netsh int ipv4 reset CMD: netsh int ipv6 reset C:\Windows\Temp\*.* C:\WINDOWS\system32\*.tmp C:\WINDOWS\syswow64\*.tmp emptytemp: Reboot: End:: [/ICODE]

[HEADING=1]Fix result of Farbar Recovery Scan Tool (x64) Version: 15-04-2022
Ran by Ganja (16-04-2022 15:38:27) Run:5
Running from C:\Users\Ganja\Desktop
Loaded Profiles: Ganja
Boot Mode: Normal[/HEADING]
fixlist content:

---

CloseProcesses:
SystemRestore: On
CreateRestorePoint:
RemoveProxy:
Task: {35C3CE0C-6E9C-4368-8970-5A1EC2984974} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Ganja\AppData\Local\ESET\ESETOnlineScanne r\ESETOnlineScanner.exe SCHED (No File)
Task: {A9461498-6A3F-4F98-B10D-680CD902F8BB} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Ganja\AppData\Local\ESET\ESETOnlineScanne r\ESETOnlineScanner.exe LOGON (No File)
C:\Users\Ganja\AppData\Local\ESET\ESETOnlineScanne r
R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824 2020-04-18] (SoftEther Corporation → SoftEther Corporation)
R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [50624 2020-04-18] (SoftEther Corporation → SoftEther Corporation)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [31232 2019-12-02] (OpenVPN Technologies, Inc. → The OpenVPN Project)
S3 tesrsdt; C:\Windows\system32\drivers\tesrsdt.sys [812208 2020-06-29] (Tencent Technology(Shenzhen) Company Limited → TENCENT)
S3 UniSafe; C:\Windows\system32\drivers\UniSafe.sys [581912 2020-06-29] (Tencent Technology(Shenzhen) Company Limited → TENCENT)
C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys
C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys
C:\WINDOWS\System32\drivers\tap0901.sys
C:\Windows\system32\drivers\tesrsdt.sys
C:\Windows\system32\drivers\UniSafe.sys
C:\Users\Ganja\AppData\Roaming\Tencent
C:\ProgramData\Tencent
C:\Users\Ganja\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\ESET Online Scanner.lnk
C:\Users\Ganja\Desktop\ESET Online Scanner.lnk
C:\Users\Ganja\AppData\Local\ESET
C:\Users\Ganja\Desktop\esetonlinescanner.exe
C:\Users\Ganja\AppData\Roaming\XuanZhi64
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
C:\Program Files (x86)\TurboVPN
C:\Users\Ganja\AppData\Roaming\changzhi_leidian.da ta
C:\Users\Ganja\AppData\Roaming\changzhi_leidianmac .data
ShortcutWithArgument: C:\Users\Ganja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Magic - Chrome.lnk → C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) → --profile-directory=“Profile 1”
MSCONFIG\Services: QHActiveDefense =>
MSCONFIG\Services: QMEmulatorService => 2
HKLM...\StartupApproved\StartupFolder: => “SoftEther VPN Client Manager Startup.lnk”
HKLM...\StartupApproved\Run: => “SoftEther VPN Client UI Helper”
C:\Windows\system32\drivers\tesrsdt.sys
C:\Windows\system32\drivers\UniSafe.sys
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent
C:\ProgramData\Tencent
C:\Users\Ganja\AppData\Roaming\Tencent
C:\Program Files\SoftEther
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\StartupFolder|SoftEther VPN Client Manager Startup.lnk
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run|SoftEther VPN Client UI Helper
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Tencent
DeleteKey: HKCU\SOFTWARE\Tencent
DeleteKey: HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Tencent
DeleteKey: HKCU\SOFTWARE\AvastAdSDK
DeleteKey: HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\AvastAdSDK
File: C:\Users\Ganja\d4ac4633ebd6440fa397b84f1bc94a3c.7z
File: C:\WINDOWS\system32\noise.jpn
VirusTotal: C:\WINDOWS\system32\noise.jpn
VirusTotal: C:\Users\Ganja\d4ac4633ebd6440fa397b84f1bc94a3c.7z
MSCONFIG\Services: Bonjour Service => 2
CMD: netsh int ip reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state On
CMD: “%WINDIR%\SYSTEM32\lodctr.exe /R”
CMD: “%WINDIR%\SysWOW64\lodctr.exe /R”
CMD: “C:\Windows\SYSTEM32\lodctr.exe /R”
CMD: “C:\Windows\SysWOW64\lodctr.exe /R”
StartBatch:
del /s /q C:\Windows\SoftwareDistribution\download*.*
del /s /q “%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache*."
del /s /q "%userprofile%\AppData\Local\temp*.”
ipconfig /flushdns
endbatch:
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
C:\Windows\Temp*.*
C:\WINDOWS\system32*.tmp
C:\WINDOWS\syswow64*.tmp
emptytemp:
Reboot:

---

Processes closed successfully.
SystemRestore: On => completed
Restore point was successfully created.

========= RemoveProxy: =========

“HKU.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVer sion\Internet Settings\Connections\DefaultConnectionSettings” => removed successfully
“HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings\Connections\DefaultConnectionSettings” => removed successfully
“HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings\Connections\SavedLegacySettings” => removed successfully

========= End of RemoveProxy: =========

“HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{35C3CE0 C-6E9C-4368-8970-5A1EC2984974}” => removed successfully
“HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{35C3CE0 C-6E9C-4368-8970-5A1EC2984974}” => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime => moved successfully
“HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime” => removed successfully
“HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon{A946149 8-6A3F-4F98-B10D-680CD902F8BB}” => removed successfully
“HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{A946149 8-6A3F-4F98-B10D-680CD902F8BB}” => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn => moved successfully
“HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn” => removed successfully
C:\Users\Ganja\AppData\Local\ESET\ESETOnlineScanne r => moved successfully
Neo_VPN => Unable to stop service.
HKLM\System\CurrentControlSet\Services\Neo_VPN => removed successfully
Neo_VPN => service removed successfully
SeLow => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\SeLow => removed successfully
SeLow => service removed successfully
HKLM\System\CurrentControlSet\Services\tap0901 => removed successfully
tap0901 => service removed successfully
HKLM\System\CurrentControlSet\Services\tesrsdt => removed successfully
tesrsdt => service removed successfully
HKLM\System\CurrentControlSet\Services\UniSafe => removed successfully
UniSafe => service removed successfully
C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys => moved successfully
C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys => moved successfully
C:\WINDOWS\System32\drivers\tap0901.sys => moved successfully
C:\Windows\system32\drivers\tesrsdt.sys => moved successfully
C:\Windows\system32\drivers\UniSafe.sys => moved successfully
C:\Users\Ganja\AppData\Roaming\Tencent => moved successfully
C:\ProgramData\Tencent => moved successfully
C:\Users\Ganja\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\ESET Online Scanner.lnk => moved successfully
C:\Users\Ganja\Desktop\ESET Online Scanner.lnk => moved successfully
C:\Users\Ganja\AppData\Local\ESET => moved successfully
C:\Users\Ganja\Desktop\esetonlinescanner.exe => moved successfully
C:\Users\Ganja\AppData\Roaming\XuanZhi64 => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software => moved successfully
C:\Program Files (x86)\TurboVPN => moved successfully
C:\Users\Ganja\AppData\Roaming\changzhi_leidian.da ta => moved successfully
C:\Users\Ganja\AppData\Roaming\changzhi_leidianmac .data => moved successfully
C:\Users\Ganja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Magic - Chrome.lnk => Shortcut argument removed successfully
“HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MSCONFIG\Services: QHActiveDefense =>” => not found
“HKLM\System\CurrentControlSet\Services\MSCONFIG\S ervices: QHActiveDefense =>” => not found
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\QMEmulatorService => removed successfully
HKLM\System\CurrentControlSet\Services\QMEmulatorS ervice => not found
“C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk” => not found
“HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ex plorer\StartupApproved\StartupFolder\SoftEther VPN Client Manager Startup.lnk” => removed successfully
“HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ex plorer\StartupApproved\Run\SoftEther VPN Client UI Helper” => removed successfully
“HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ru n\SoftEther VPN Client UI Helper” => not found
“C:\Windows\system32\drivers\tesrsdt.sys” => not found
“C:\Windows\system32\drivers\UniSafe.sys” => not found
“C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent” => not found
“C:\ProgramData\Tencent” => not found
“C:\Users\Ganja\AppData\Roaming\Tencent” => not found
“C:\Program Files\SoftEther” => not found
“HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ex plorer\StartupApproved\StartupFolder\SoftEther VPN Client Manager Startup.lnk” => not found
“HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ex plorer\StartupApproved\Run\SoftEther VPN Client UI Helper” => not found
HKLM\SOFTWARE\WOW6432Node\Tencent => not found
HKCU\SOFTWARE\Tencent => removed successfully
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\Tencent => not found
HKCU\SOFTWARE\AvastAdSDK => removed successfully
HKU\S-1-5-21-3947486154-1424391867-2577238500-1001\SOFTWARE\AvastAdSDK => not found

========================= File: C:\Users\Ganja\d4ac4633ebd6440fa397b84f1bc94a3c.7z ========================

C:\Users\Ganja\d4ac4633ebd6440fa397b84f1bc94a3c.7z
File not signed
MD5: CFB7BA0C2E245AE234A07F148D0B57C6
Creation and modification date: 2022-04-09 01:15 - 2022-04-09 01:15
Size: 000000299
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======

========================= File: C:\WINDOWS\system32\noise.jpn ========================

C:\WINDOWS\system32\noise.jpn
Catalog: C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\LanguageFeatures-WordBreaking-ja-Package~31bf3856ad364e35~amd64~~10.0.19041.1052.ca t
File is digitally signed
MD5: C04D36BBEF5B9BAA8D8DA0B57F22BE20
Creation and modification date: 2022-04-10 03:01 - 2022-04-10 03:01
Size: 000002060
Attributes: ----A
Company Name: Microsoft Windows →
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: VirusTotal

====== End of File: ======

VirusTotal: C:\WINDOWS\system32\noise.jpn => VirusTotal
VirusTotal: C:\Users\Ganja\d4ac4633ebd6440fa397b84f1bc94a3c.7z => VirusTotal
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bonjour Service => not found
HKLM\System\CurrentControlSet\Services\Bonjour Service => not found

========= netsh int ip reset =========

Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.

========= End of CMD: =========

========= netsh advfirewall reset =========

Ok.

========= End of CMD: =========

========= netsh advfirewall set allprofiles state On =========

Ok.

========= End of CMD: =========

========= “%WINDIR%\SYSTEM32\lodctr.exe /R” =========

Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========

========= “%WINDIR%\SysWOW64\lodctr.exe /R” =========

Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========

========= “C:\Windows\SYSTEM32\lodctr.exe /R” =========

Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========

========= “C:\Windows\SysWOW64\lodctr.exe /R” =========

Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========

========= Batch: =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of Batch: =========

========= netsh winsock reset catalog =========

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

========= End of CMD: =========

========= netsh int ip reset c:\resetlog.txt =========

Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.

========= End of CMD: =========

========= ipconfig /release =========

Windows IP Configuration

No operation can be performed on Ethernet while it has its media disconnected.
No operation can be performed on Local Area Connection* 1 while it has its media disconnected.
No operation can be performed on Local Area Connection* 2 while it has its media disconnected.
No operation can be performed on VPN - VPN Client while it has its media disconnected.

Ethernet adapter Ethernet:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 1:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Unknown adapter VPN - VPN Client:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter WiFi:

Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::181:e873:7f18:2a9e%16
Default Gateway . . . . . . . . . :

========= End of CMD: =========

========= ipconfig /renew =========

Windows IP Configuration

No operation can be performed on Ethernet while it has its media disconnected.
No operation can be performed on Local Area Connection* 1 while it has its media disconnected.
No operation can be performed on Local Area Connection* 2 while it has its media disconnected.
No operation can be performed on VPN - VPN Client while it has its media disconnected.

Ethernet adapter Ethernet:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 1:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Unknown adapter VPN - VPN Client:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter WiFi:

Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::181:e873:7f18:2a9e%16
IPv4 Address. . . . . . . . . . . : 192.168.43.88
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.43.193

========= End of CMD: =========

========= netsh int ipv4 reset =========

Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.

========= End of CMD: =========

========= netsh int ipv6 reset =========

Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.

========= End of CMD: =========

=========== “C:\Windows\Temp*.*” ==========

C:\Windows\Temp\MpCmdRun.log => moved successfully
C:\Windows\Temp\MpCopyAccelerator.log => moved successfully

========= End → “C:\Windows\Temp*.*” ========

=========== “C:\WINDOWS\system32*.tmp” ==========

not found

========= End → “C:\WINDOWS\system32*.tmp” ========

=========== “C:\WINDOWS\syswow64*.tmp” ==========

not found

========= End → “C:\WINDOWS\syswow64*.tmp” ========

=========== EmptyTemp: ==========

BITS transfer queue => 786432 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7528054 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 254184 B
Edge => 0 B
Chrome => 171108840 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 18240 B
Ganja => 48427 B

RecycleBin => 0 B
EmptyTemp: => 171.4 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 15:40:38 ====

The laptop is really smooth now.
Although after the frst fix, the laptop restarted and I checked task manager, this still happened
[ATTACH type=“full”]9570[/ATTACH]

It doesnt slow me down like it used to be though.

Thank you!

[COLOR=rgb(184, 49, 47)] Speccy Scan.
[ul]
[li]Please go here and download Speccy.[/li][li]Install and run the program.[/li][li]Upon Completion:[/li][li]Hit File[/li][li]Publish Snap Shot[/li][li]A link will appear, post that link.[/li][/ul]

---

[COLOR=rgb(184, 49, 47)]Step 2 Autoruns Scan.

Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe
After the scan is finished then click on File>>>>>>>>>>>Save
The default name will be autoruns.arn make sure to save it as Autoruns.arn under the file type option.
Attach the text in your next reply. If the file is too large, then use catbox.moe or filedropper.com and send the link in your next reply.

---

[COLOR=rgb(184, 49, 47)]Step 3 Hd Tune scan.

Download HD Tune and save the file.
Install HD Tune and restart it after installation.
Then go to the tab Error Scan , select the hard drive you want to check and press Start .
The check can be quite time consuming take depends on the size of the hard drive check.
Take a screen shot of the result and save it.
Upload the image here.

Do Not tick the quick scan!!

---

[COLOR=rgb(184, 49, 47)]Step 4 Crystal Disk

Download and run CrystalDisk info standard edition from here

Run the program, grab any screenshots and attach to your next reply for us.[/COLOR][/COLOR][/COLOR][/COLOR]

Couldnt attach the file extension of .arn so i made it into a .rar

Perform the HDD checks , I will reply when I get home from work.

[ATTACH type=“full”]9575[/ATTACH]

Good, please screen shot Crystal disk info. I’m looking at your autoruns now…

[ATTACH type=“full”]9579[/ATTACH]
looks good?

Right Click on Autoruns and run as admin, uncheck the items I have highlighted then reboot the machine.



Next issue you want to address is purchasing some more Ram for this machine.
4 gigs of ram isn’t going to let you play many games, I’d suggest a Crucial scan to see if how much more your machine can take.



Hard drive is in good shape and temps are good. so that’s a plus, but for any laptop I highly suggest a cooling fan. Especially if you are going to game.

If you want to see if your machine can handle a certain game, then there is this.

---

Download easy service optmizer, save it to your desktop and unzip it there. Right click it and run as admin, then select Tweaked at the bottom. Then click on the rocket, this will turn off a lot of useless items.


[IMG alt=“tnkjYlk.png”]https://i.imgur.com/tnkjYlk.png

You will however need to change one setting. Right Click on Wlansvc — WLAN AutoConfig, then select start service, the edit service. Make sure it is automatic across the board, as per the picture.

Code:

    [IMG alt="PO7tPc7.png"]https://i.imgur.com/PO7tPc7.png

[/IMG][/B][/B]