Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs

Reply
 
Topic Tools
  #1  
Old January 24th, 2022, 11:35 PM
Jaytee's Avatar
Jaytee Jaytee is offline
Senior Member
 
Join Date: May 2002
O/S: Linux
Location: Hamilton New Zealand
Age: 76
Posts: 3,620
Windows10 very slow boot and hogging memory

Hi all,
I have a Window 10 that is taking six to eight minutes to boot and is using up to 70% memory at idle. There sems to be nothing majon in startup and Malware bytes scanned clean. What next??
Reply With Quote
  #2  
Old January 25th, 2022, 04:14 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,284
Hey John,

Let's take a look. May not be malware.


Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Reply With Quote
  #3  
Old January 25th, 2022, 09:16 PM
Jaytee's Avatar
Jaytee Jaytee is offline
Senior Member
 
Join Date: May 2002
O/S: Linux
Location: Hamilton New Zealand
Age: 76
Posts: 3,620
Thanks Tom,
I deleted steam and couple of other heavy use programs which sped up the boot procces
a tiny bit, however memory use is still too high.

Scan txt to follow:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2022
Ran by Jill (administrator) on JILLSTOY (Acer E1-510) (25-01-2022 11:49:18)
Running from C:\Users\Jill\Downloads
Loaded Profiles: Jill
Platform: Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(GameHouse Europe B.V. -> RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Technology Access -> Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Intel(R) Technology Access -> Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinServ ice.exe
(Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\Pres entationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2 103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.72 1.12013.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.72 1.12013.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.ex e
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\Jill\AppData\Local\Kingsoft\WPS Office\11.2.0.10443\office6\wpscenter.exe <2>
(Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\Jill\AppData\Local\Kingsoft\WPS Office\11.2.0.10443\office6\wpscloudsvr.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-04] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [52992 2014-08-06] (Acer Incorporated -> Acer Incorporated)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\...\Policies\Explorer\Run: [BtvStack] => "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\Run: [AcerCloud] => "C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe" startup (No File)
HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [96160 2011-02-17] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-05-12] (Dean Herbert -> )
HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [9250224 2021-11-19] (Lavasoft Software Canada Inc. -> Lavasoft)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.71\Insta ller\chrmstp.exe [2022-01-13] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2013-09-07] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2013-09-07] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03AEDE6F-7E53-4CBE-B695-27CA6C265E2E} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [5306408 2013-07-05] (Acer Incorporated -> Acer Incorporated)
Task: {06C749F5-F390-47ED-A9F4-567A2D5A32D1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {0E1B169C-24AD-417D-B80F-F4DBFB402DC7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {14F85C21-B3B6-474F-A329-70427BE38BB0} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1738504 2015-09-04] (Intel(R) Software -> Intel Corporation)
Task: {15DCB1AD-667F-4A13-BD9A-F0D90C4E581B} - System32\Tasks\{7DBD5D9D-B46E-487A-8C4B-5AC1F26EC433} => C:\Windows\system32\pcalua.exe -a D:\Setup.exe -d D:\
Task: {1EBD3074-9F59-4AA3-813B-EE9E525CB6F8} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0) (No File)
Task: {29619E57-65F3-47AC-91F4-28E2573EDEF9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {2D22B159-7CC4-4092-8424-A3D9F03AC835} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {412901A3-E641-4DFF-B845-96ACF8904E85} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {4320606C-2C23-4526-924B-C6CBD245905C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {48BB0DD4-40EE-42F7-B60A-DDA9C3DA0260} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {49C5A980-0155-4DF7-88EC-5D7608B68BF0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {4DF0BA89-391C-4EF7-B3D2-D6D8DB0AD2F6} - System32\Tasks\Microsoft\Windows\Shell\FamilySafet yUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {54941C50-84C7-4AA2-B585-D55B0F299961} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxcon fig-B -> No File <==== ATTENTION
Task: {551DEED5-DE2E-43D4-BB83-45B3E365A17E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {57F2F003-5E04-47C4-89A2-13706E877BA2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5CD193FA-43CC-42ED-A43C-55F52B7A8DE0} - \WPD\SqmUpload_S-1-5-21-1674777451-104060087-3308858430-1001 -> No File <==== ATTENTION
Task: {6C405BED-4247-405E-A205-E905EB3ECAFC} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-08-12] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {6C5388D1-B336-482A-AD42-D2E6A4EF2CDC} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {77E346EC-8040-4E39-8CDD-97FF5F0E8ED9} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {7A9AB7DB-4895-49D8-8D95-4897602F2E9C} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-08-12] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {8076261B-47A3-4D23-A264-91779DF02A57} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-04] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {865A272F-BF65-4F0D-AE2C-EB30BE839396} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump :5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\E7CF176E110C211B\ba ckgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {91E1DA78-2E37-4A12-96C8-B68A9592505B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {96D24BE4-CF73-4849-9CAD-19742140D2F3} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [4150312 2013-07-09] (Acer Incorporated -> )
Task: {9CA690DA-0BC8-4C76-B35A-29FAEC0032E4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BF2AA252-A570-47D2-9565-92BB5ACA9C89} - System32\Tasks\WpsExternal_Jill_20220109122258 => C:\Users\Jill\AppData\Local\Kingsoft\WPS Office\11.2.0.10443\office6\wpscloudsvr.exe [1055432 2022-01-09] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {C25DD8C7-C3EE-4893-A58A-F7689535C990} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\Backgro undConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CEAD830B-B3DD-4611-B7A9-367DF41603EF} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {D09E295C-A59B-4D10-92AE-1F16F5F4B944} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D194CF0A-1921-44E6-88A0-DC71672B4864} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {D1C4FF04-0B7C-4BC6-96E1-1F7ED96435A2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandco ntent -> No File <==== ATTENTION
Task: {D6D8F18F-2502-4035-8C4F-E9C1E53D746E} - System32\Tasks\WpsUpdateTask_Jill => C:\Users\Jill\AppData\Local\Kingsoft\WPS Office\11.2.0.10443\office6\wpsupdate.exe [168648 2022-01-09] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {DD2C952B-6BD3-43AA-B136-B5BC50724FC3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F32DEAF2-A66F-4FBD-AD22-DC9B5691ADE3} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [40008 2013-01-23] (Acer Incorporated -> )
Task: {F861364F-FE2E-439C-BD55-CE9B2747E22C} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [437288 2013-08-02] (Acer Incorporated -> Acer Incorporate)
Task: {FE743BA9-6233-459D-A62F-BF3B67949D88} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask .job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3fe48445-0898-421c-a97c-6f41d0267531}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4101d45e-0b8f-4eaa-8052-b75be5f143bc}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jill\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-25]
Edge HomePage: Default -> hxxps://?
Edge StartupUrls: Default -> "hxxps://?"
Edge DefaultSearchURL: Default -> hxxps://af.xdock.co?keyword={searchTerms}&pid=490&subid=49 02
Edge DefaultSearchKeyword: Default -> yahoo search
Edge DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}

FireFox:
========
FF DefaultProfile: c5z23n9s.default
FF ProfilePath: C:\Users\Jill\AppData\Roaming\Mozilla\Firefox\Prof iles\c5z23n9s.default [2022-01-25]
FF Homepage: Mozilla\Firefox\Profiles\c5z23n9s.default -> hxxps://mynewtab.co?pId=BT170603&searchEngine=bing&iDate=2 021-11-15 11:29:19
FF NewTab: Mozilla\Firefox\Profiles\c5z23n9s.default -> hxxps://mynewtab.co?pId=BT170603&searchEngine=bing&iDate=2 021-11-15 11:29:19
FF Notifications: Mozilla\Firefox\Profiles\c5z23n9s.default -> hxxps://www.cruisecritic.com.au; hxxps://www.slotomania.com
FF HomepageOverride: Mozilla\Firefox\Profiles\c5z23n9s.default -> Disabled: _b7Members_@free.mytransitguide.com
FF HomepageOverride: Mozilla\Firefox\Profiles\c5z23n9s.default -> Disabled: avg@safeguard
FF NewTabOverride: Mozilla\Firefox\Profiles\c5z23n9s.default -> Disabled: _b7Members_@free.mytransitguide.com
FF NewTabOverride: Mozilla\Firefox\Profiles\c5z23n9s.default -> Disabled: avg@safeguard
FF NewTabOverride: Mozilla\Firefox\Profiles\c5z23n9s.default -> Enabled: @contain-facebook
FF NewTabOverride: Mozilla\Firefox\Profiles\c5z23n9s.default -> Enabled: ddg@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\c5z23n9s.default -> Enabled: wikipedia@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\c5z23n9s.default -> Enabled: google@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\c5z23n9s.default -> Enabled: bing@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\c5z23n9s.default -> Enabled: amazondotcom@search.mozilla.org
FF Extension: (Facebook Container) - C:\Users\Jill\AppData\Roaming\Mozilla\Firefox\Prof iles\c5z23n9s.default\Extensions\@contain-facebook.xpi [2021-08-05]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Jill\AppData\Roaming\Mozilla\Firefox\Prof iles\c5z23n9s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-11-25]
FF SearchPlugin: C:\Users\Jill\AppData\Roaming\Mozilla\Firefox\Prof iles\c5z23n9s.default\searchplugins\Yahoo Search.xml [2022-01-25]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-05] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-05] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-05] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-05] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-05] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-05] (VideoLAN -> VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp .dll [2015-04-03] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-25] (Adobe Inc. -> Adobe Systems Inc.)
Reply With Quote
  #4  
Old January 25th, 2022, 09:20 PM
Jaytee's Avatar
Jaytee Jaytee is offline
Senior Member
 
Join Date: May 2002
O/S: Linux
Location: Hamilton New Zealand
Age: 76
Posts: 3,620
Part two:


Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default [2022-01-25]
CHR Notifications: Default -> hxxps://hov-prd-apps.productmadness.com; hxxps://www.facebook.com
CHR HomePage: Default -> hxxps://?
CHR StartupUrls: Default -> "hxxps://?"
CHR DefaultSearchURL: Default -> hxxps://find.fnavigate-now.com/results.aspx?q={searchTerms}&gd=SY1004294&searchso urce=58&d=2021-11-15 11:29:19&n=9998
CHR DefaultSearchKeyword: Default -> yahoo search
CHR DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (Safe Torrent Scanner) - C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnal hlkkjb [2022-01-25]
CHR Extension: (Docs) - C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2017-10-15]
CHR Extension: (Google Drive) - C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2020-12-27]
CHR Extension: (YouTube) - C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2015-09-29]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddi lifddb [2022-01-25]
CHR Extension: (Google Search) - C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf [2015-10-30]
CHR Extension: (Tampermonkey) - C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmp obfkfo [2021-10-03]
CHR Extension: (Google Docs Offline) - C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2022-01-25]
CHR Extension: (True Key™ by McAfee) - C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbeldjopgciegccabfohnefghf pinncn [2020-12-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2021-02-05]
CHR Extension: (Gmail) - C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2020-12-27]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3058944 2014-08-06] (Acer Incorporated -> Acer Incorporated)
R2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [3413424 2021-11-19] (Lavasoft Software Canada Inc. -> )
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated -> Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373824 2015-05-28] (WildTangent Inc -> WildTangent)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) TA SAM; C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-08-12] (Intel(R) Software Asset Manager -> Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [153296 2016-04-26] (Intel(R) Technology Access -> Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [478416 2016-04-26] (Intel(R) Technology Access -> Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-02] (Acer Incorporated -> Acer Incorporate)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc. -> McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-03] (McAfee, Inc. -> McAfee, Inc.)
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [582544 2016-07-14] (GameHouse Europe B.V. -> RealNetworks, Inc.)
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporated -> Acer Incorporate)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinServ ice.exe [22960 2021-11-19] (Lavasoft Software Canada Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\office6\wpscloudsvr.exe [1057480 2021-12-06] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2021-11-16] (Bitdefender SRL -> Bitdefender)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc. -> McAfee, Inc.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc. -> McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [69352 2014-04-03] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc. -> McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc. -> McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc. -> McAfee, Inc.)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [50448 2015-07-28] (Intel(R) Technology Access -> Intel Corporation)
S3 NetTap630; C:\WINDOWS\system32\DRIVERS\nettap630.sys [76560 2015-07-29] (Intel(R) Technology Access -> Intel Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2020-09-24] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 dg_ssudbus; \SystemRoot\system32\DRIVERS\ssudbus2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-25 11:49 - 2022-01-25 11:52 - 000028719 _____ C:\Users\Jill\Downloads\FRST.txt
2022-01-25 11:42 - 2022-01-25 11:42 - 002311680 _____ (Farbar) C:\Users\Jill\Downloads\FRST64.exe
2022-01-25 10:13 - 2022-01-25 10:13 - 002911928 _____ (Malwarebytes) C:\Users\Jill\Downloads\MBSetup.exe
2022-01-21 07:56 - 2022-01-25 11:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-01-13 11:20 - 2022-01-13 11:20 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-13 11:19 - 2022-01-13 11:19 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-13 11:19 - 2022-01-13 11:19 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-13 10:37 - 2022-01-13 10:37 - 000000000 ___HD C:\$WinREAgent
2022-01-09 12:23 - 2022-01-09 12:23 - 000003736 _____ C:\WINDOWS\system32\Tasks\WpsUpdateTask_Jill
2022-01-09 12:22 - 2022-01-09 12:22 - 000004054 _____ C:\WINDOWS\system32\Tasks\WpsExternal_Jill_2022010 9122258

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-25 11:54 - 2019-12-07 22:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-25 11:54 - 2019-12-07 22:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-25 11:51 - 2021-04-26 14:45 - 000000000 ____D C:\FRST
2022-01-25 11:30 - 2019-12-07 22:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-25 11:24 - 2014-05-08 19:10 - 000000000 ____D C:\Users\Jill\AppData\Local\CrashDumps
2022-01-25 11:19 - 2014-05-06 19:00 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-25 11:15 - 2019-12-07 22:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-25 11:09 - 2015-08-12 13:53 - 000000000 __SHD C:\Users\Jill\IntelGraphicsProfiles
2022-01-25 11:07 - 2020-09-18 08:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-25 11:07 - 2020-09-18 07:22 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-25 11:07 - 2015-06-02 09:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-25 11:06 - 2019-12-07 22:03 - 001835008 _____ C:\WINDOWS\system32\config\BBI
2022-01-25 11:03 - 2019-12-07 22:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-01-25 11:03 - 2017-10-02 10:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-01-25 11:02 - 2016-11-26 10:00 - 000000000 ____D C:\Users\Jill\AppData\LocalLow\Mozilla
2022-01-25 10:38 - 2020-09-18 07:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-25 10:01 - 2019-09-23 15:49 - 000000000 ____D C:\Users\Jill\AppData\Local\D3DSCache
2022-01-25 08:30 - 2020-06-08 15:11 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-25 08:14 - 2021-11-16 12:28 - 000000000 ____D C:\Users\Jill\AppData\Roaming\Lavasoft
2022-01-25 08:14 - 2020-09-18 08:26 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineU A
2022-01-25 08:14 - 2020-09-18 08:26 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineC ore
2022-01-25 08:13 - 2021-11-16 12:28 - 000000000 ____D C:\Users\Jill\AppData\Local\Lavasoft
2022-01-25 08:13 - 2021-11-16 12:25 - 000000000 ____D C:\ProgramData\Lavasoft
2022-01-21 10:01 - 2021-10-10 07:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-01-21 10:00 - 2015-06-02 09:37 - 000001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-21 07:54 - 2015-06-02 09:37 - 000000000 ____D C:\ProgramData\Mozilla
2022-01-18 21:44 - 2020-09-18 07:56 - 000840602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-18 20:49 - 2020-09-18 08:26 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskM achineUA
2022-01-18 20:49 - 2020-09-18 08:26 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskM achineCore
2022-01-15 20:17 - 2021-12-13 17:55 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1674777451-104060087-3308858430-1001
2022-01-15 20:17 - 2020-09-18 08:26 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1674777451-104060087-3308858430-1001
2022-01-15 20:17 - 2020-09-18 02:55 - 000002418 _____ C:\Users\Jill\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\OneDrive.lnk
2022-01-13 21:12 - 2020-09-18 08:26 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-13 21:10 - 2015-10-23 16:28 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-01-13 20:54 - 2020-09-18 07:23 - 000271800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-13 20:50 - 2019-12-07 22:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-13 20:50 - 2019-12-07 22:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-13 20:50 - 2019-12-07 22:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-13 20:50 - 2019-12-07 22:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-13 20:50 - 2019-12-07 22:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-13 20:50 - 2019-12-07 22:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-13 20:49 - 2019-12-07 22:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-13 11:34 - 2019-12-07 22:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-13 10:32 - 2014-05-07 18:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-13 10:21 - 2014-10-20 10:00 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-13 09:36 - 2014-05-06 19:01 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-13 09:36 - 2014-05-06 19:01 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-10 20:26 - 2020-09-18 02:55 - 000000000 ____D C:\Users\Jill
2022-01-09 12:22 - 2021-12-06 14:04 - 000002543 _____ C:\Users\Jill\Desktop\WPS PDF.lnk
2021-12-31 10:47 - 2018-02-23 21:18 - 000000000 ____D C:\Users\Jill\AppData\Local\Packages

==================== Files in the root of some directories ========

2015-04-05 10:47 - 2015-04-05 10:47 - 000003584 _____ () C:\Users\Jill\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-07-05 19:43 - 2018-07-05 19:43 - 000000837 _____ () C:\Users\Jill\AppData\Local\recently-used.xbel
2021-02-06 08:09 - 2021-04-26 15:29 - 000007597 _____ () C:\Users\Jill\AppData\Local\Resmon.ResmonCfg
2021-06-29 19:36 - 2021-06-29 19:36 - 000000000 _____ () C:\Users\Jill\AppData\Local\{D7A949CC-E4A0-4BDC-B9A5-B26CA7D2DB65}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Reply With Quote
  #5  
Old January 25th, 2022, 09:34 PM
Jaytee's Avatar
Jaytee Jaytee is offline
Senior Member
 
Join Date: May 2002
O/S: Linux
Location: Hamilton New Zealand
Age: 76
Posts: 3,620
Duplicate sorry...

Last edited by Jaytee; January 25th, 2022 at 09:44 PM. Reason: duplicate
Reply With Quote
  #6  
Old January 25th, 2022, 09:35 PM
Jaytee's Avatar
Jaytee Jaytee is offline
Senior Member
 
Join Date: May 2002
O/S: Linux
Location: Hamilton New Zealand
Age: 76
Posts: 3,620
Ran by Jill (25-01-2022 11:58:23)
Running from C:\Users\Jill\Downloads
Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) (2020-09-17 19:29:24)
Boot Mode: Normal
================================================== ========


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1674777451-104060087-3308858430-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1674777451-104060087-3308858430-503 - Limited - Disabled)
defaultuser1 (S-1-5-21-1674777451-104060087-3308858430-1012 - Limited - Enabled) => C:\Users\defaultuser1.JillsToy
Guest (S-1-5-21-1674777451-104060087-3308858430-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1674777451-104060087-3308858430-1003 - Limited - Enabled)
Jill (S-1-5-21-1674777451-104060087-3308858430-1001 - Administrator - Enabled) => C:\Users\Jill
WDAGUtilityAccount (S-1-5-21-1674777451-104060087-3308858430-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.05.2004.3 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.00.2007.1 - Acer Incorporated)
Acer Docs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2001 - Acer)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.00.3000 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8101 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.3001 - Acer Incorporated)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{0F347A49-E36C-4639-8D2E-003AD408B8B2}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Age of Mythology (HKLM-x32\...\Age of Mythology 1.0) (Version: - )
Aloha TriPeaks (HKLM-x32\...\WTA-2b955e2a-c099-47a6-8e00-baa9e5b298ab) (Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.01.2012.1 - Acer Incorporated)
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 19.7.0.632 - AVG Technologies)
BitTorrent (HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\BitTorrent) (Version: 7.10.5.46011 - BitTorrent Inc.)
Cradle Of Egypt Collector's Edition (HKLM-x32\...\WTA-42f0ef2b-e9d8-4e0a-b6eb-992ee03a5fc6) (Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3323.57 - CyberLink Corp.)
Game Channels (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 9.2.0.11 - WildTangent, Inc.)
Game Channels (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 9.2.0.11 - WildTangent, Inc.)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.71 - Google LLC)
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-1aab06ca-355b-4e90-ab68-bf6ed0622257) (Version: 2.2.0.110 - WildTangent) Hidden
Harry Potter II (HKLM-x32\...\{7BF68B83-5057-4D4B-0093-28285EEB9EE3}) (Version: - )
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Intel(R) Technology Access (HKLM-x32\...\{810dff4d-564d-47da-b8bc-a3729815aab7}) (Version: 1.9.1.1008 - Intel Corporation)
Intel(R) Technology Access Software Asset Manager (HKLM-x32\...\{C1C74874-4E6F-49B8-BBCD-D43E277D8D28}) (Version: 3.4.1942 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (HKLM-x32\...\WTA-b504bdb7-1b9e-447f-88d9-de27c90c543d) (Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (HKLM-x32\...\WTA-655fc16c-d379-44e5-86ec-a3bf0d97301a) (Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.69 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\OneDriveSetup.exe) (Version: 21.245.1128.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 96.0.2 (x64 en-US)) (Version: 96.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 96.0.2.8054 - Mozilla)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Online Games Manager v1.50 (HKLM-x32\...\Online Games Manager) (Version: 1.50.4 - Real Networks, Inc.)
PDF Reader 3 (HKLM-x32\...\PDF Reader 3) (Version: - )
Peggle Nights (HKLM-x32\...\WTA-664083be-1734-4392-a913-24fc7bac530a) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-362ad798-bad9-4753-80b9-86b49760856f) (Version: 2.2.0.98 - WildTangent) Hidden
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.27041 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Samsung New PC Studio (HKLM-x32\...\{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Sheet Music Plus Digital Print (HKLM-x32\...\{71EF76CE-A8A2-D5DA-CF58-F2381FA5CEC4}) (Version: 255.02.10 - Sheet Music Plus, LLC) Hidden
Sheet Music Plus Digital Print (HKLM-x32\...\com.sheetmusicplus.DigitalAirPrint2) (Version: v2015.02.10 - Sheet Music Plus, LLC)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.4 - Synaptics Incorporated)
The Chronicles of Emerland Solitaire (HKLM-x32\...\WTA-b21e6697-03d3-42a5-9de7-487988f1ec68) (Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (HKLM-x32\...\WTA-6f5a59f9-883d-4607-af1d-f476c6c52e6b) (Version: 2.2.0.98 - WildTangent) Hidden
UmmyVideoDownloader 1.2.0.7 (HKLM-x32\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: - ) <==== ATTENTION
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Web Companion (HKLM-x32\...\{fea2eb63-91f6-4efa-ac55-60834da5d713}) (Version: 8.9.0.371 - Lavasoft)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.11.9 - WildTangent) Hidden
Windows Movie Maker 6.1 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2557A92C7}}_is1) (Version: - windows-movie-maker.org)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WPS Office (11.2.0.10443) (HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\Kingsoft Office) (Version: 11.2.0.10443 - Kingsoft Corp.)
Zuma Deluxe (HKLM-x32\...\a2536d5c4e543e25afae00e74051c452) (Version: - GameHouse)

Packages:
=========
7digital Music Store -> C:\Program Files\WindowsApps\7digitalLtd.7digitalMusicStore_2 .1.10.3_x86__qv1vc61z2t2b4 [2017-07-21] (7digital Ltd)
AccuWeather - Weather for Life -> C:\Program Files\WindowsApps\AccuWeather.AccuWeatherforWindow s8_10.0.348.1000_x64__8zz2pj9h1h1d8 [2018-04-08] (AccuWeather) [MS Ad]
Acer Explorer -> C:\Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2. 0.3007.0_x86__48frkmn4z8aw4 [2016-07-07] (Acer Incorporated)
Another Case Solved -> C:\Program Files\WindowsApps\0BCF39DC.AnotherCaseSolved_1.3.1 .3_x86__7r58kgx22y7jj [2015-11-26] (SYZYGY Deutschland GmbH)
Bubble Breaker 10 -> C:\Program Files\WindowsApps\3983JEFBCreating.BubbleBreaker_3 .6.2.0_x64__vy786dcgg6jz4 [2021-11-13] (JEFBCreating)
Bubble Pop Star -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.BubbleP opStar_2.0.0.10_x64__kx24dqmazqk8j [2021-09-25] (Random Salad Games LLC) [MS Ad]
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2180.3 .0_x86__kgqvnymyfvs32 [2022-01-13] (king.com)
Candy Fun -> C:\Program Files\WindowsApps\33047StormtekGames.CandyFun_1.1. 0.9_neutral__2f2q84ddd4hgc [2014-05-09] (Stormtek Games)
Clockmaker: Match Three in Row -> C:\Program Files\WindowsApps\SamfinacoLimited.ClockmakerMatch ThreeinRow_61.0.2.0_x64__aj0b1qrpyg0w6 [2021-12-24] (Samfinaco Limited)
Club Vegas -> C:\Program Files\WindowsApps\BagelcodeInc.47921C88A920C_120.0 .16.0_x64__5dvc9f3b38e20 [2022-01-17] (Bagelcode)
Cut The Rope -> C:\Program Files\WindowsApps\ZeptoLabUKLimited.CutTheRope_1.2 .0.43_x86__sq9zxnwrk84pj [2014-05-09] (ZeptoLab UK Limited)
Doodle God Free Plus -> C:\Program Files\WindowsApps\JoyBits-Ltd.DoodleGodFreePlus_2.4.0.2_x64__km6tbgagk2b4w [2014-05-07] (JoyBits-Ltd)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.28.3.0_x86_ _q4d96b2w5wcc2 [2022-01-13] (Evernote)
Frozen Free Fall -> C:\Program Files\WindowsApps\Disney.FrozenFreeFall_4.6.1.1_x8 6__6rarf9sa4v8jt [2017-01-06] (Disney)
Gambino Slots: Free Vegas Casino Slot Machines -> C:\Program Files\WindowsApps\SpiralInteractive.TechnicalGambi noSlots_5.31.3.0_x86__1mh88v1m6sn8j [2022-01-15] (Spiral Interactive)
Hawaii Match-3 Mania: Home Design & Matching Puzzle -> C:\Program Files\WindowsApps\828B5831.HawaiiMatch-3Mania_1.24.2400.0_x64__ytsefhwckbdv6 [2022-01-19] (G5 Entertainment AB)
Hearts Deluxe -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HeartsD eluxe_6.11.62.0_x64__kx24dqmazqk8j [2021-12-17] (Random Salad Games LLC)
Invaders from Space Win8 -> C:\Program Files\WindowsApps\52167UnityMakesSoftware.SpaceInv adersWin8_1.0.0.13_neutral__r56gw62h6e50j [2014-05-09] (Unity Makes Software) [MS Ad]
Jewel Fever -> C:\Program Files\WindowsApps\SprakelsoftUG.JewelFever_1.1.20. 0_x64__ge3twpst8dtre [2020-10-14] (Sprakelsoft GmbH) [MS Ad]
Jewels of Rome: Match gems to restore the city -> C:\Program Files\WindowsApps\828B5831.JewelsofRomeMatchgemsto restorethecity_1.31.3100.0_x64__ytsefhwckbdv6 [2022-01-04] (G5 Entertainment AB)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_ 2.1.0.2_neutral__stfe6vwa9jnbp [2015-06-21] (AMZN Mobile LLC)
Magic Jigsaw Puzzles -> C:\Program Files\WindowsApps\XIMADINC.MagicPuzzles_4.10.3.0_x 64__np8fj6akx2czy [2022-01-13] (ZiMAD)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireColl ection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-13] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_51.10913.57 96.0_x64__8wekyb3d8bbwe [2021-12-01] (Microsoft Corporation)
Monsters Love Candy -> C:\Program Files\WindowsApps\Microsoft.MonstersLoveCandy_5.2. 0.0_x86__8wekyb3d8bbwe [2021-12-16] (Microsoft Studios)
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3 .0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x 64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64_ _a2t3txkz9j1jw [2020-01-18] (MAGIX)
Nemo's Reef -> C:\Program Files\WindowsApps\Disney.NemosReef_1.6.0.10_x86__6 rarf9sa4v8jt [2020-12-12] (Disney)
newsXpresso -> C:\Program Files\WindowsApps\esobiIncorporated.newsXpressoMet ro_3.1.3.395_x86__sngswjb5h6fyg [2015-03-18] (Yisoubi Co. Ltd.)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Mai n_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-04-15] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_ 1.0.0.0_x64__8wekyb3d8bbwe [2019-11-05] (Microsoft Corporation)
PopStar! -> C:\Program Files\WindowsApps\RuiLueSoftware.5333EC7C5889_1.3. 81.0_neutral__kxcx7nefnns9a [2021-08-28] (杭州睿略软件科技有限公司)
Scatter Slots -> C:\Program Files\WindowsApps\Fishsticksserviceslimited.Scatte rSlots_4.15.0.0_x64__bcx82fedc2d04 [2022-01-21] (Murka Games Limited)
Seekers Notes®: Hidden Mystery -> C:\Program Files\WindowsApps\5CB722CC.SeekersNotesMysteriesof Darkwood_2.19.2.0_x86__ypk0bew5psyra [2022-01-15] (MYTONA Pte. Ltd.)
Sherlock: Hidden Match-3 Cases -> C:\Program Files\WindowsApps\828B5831.SherlockHiddenMatch-3Cases_1.15.1501.0_x86__ytsefhwckbdv6 [2022-01-09] (G5 Entertainment AB)
Slotomania – Free Casino Slots -> C:\Program Files\WindowsApps\Playtika.Slotomania_6.46.3.0_x86 __7vjeg68vnncd2 [2022-01-25] (Playtika Holdings Corp)
Slots Era -> C:\Program Files\WindowsApps\Fishsticksserviceslimited.SlotsE ra_1.81.0.0_x64__bcx82fedc2d04 [2022-01-15] (Murka Games Limited)
Solitaire 30-Pack -> C:\Program Files\WindowsApps\8786PokerSolitaireCardPuz.Solita ireGamePack_1.2.12.0_x64__k01jvj6q54pxy [2016-12-21] (Solitaire Puzzle Game by XSS) [MS Ad]
Taptiles -> C:\Program Files\WindowsApps\Microsoft.Taptiles_2.6.288.0_x86 __8wekyb3d8bbwe [2018-10-27] (Microsoft Studios) [MS Ad]
Tetris 8 -> C:\Program Files\WindowsApps\34908JigsawPuzzlephotosud.Tetris 8_1.0.1.7_neutral__2ty3rvq1c6b9m [2014-09-06] (Angry Tom &amp; Zombie Race Free Run by flappy XYY)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral __wgeqdkkx372wm [2021-06-12] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1674777451-104060087-3308858430-1001_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> C:\Users\Jill\AppData\Local\Kingsoft\WPS Office\11.2.0.10443\office6\kwpsmenushellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-1674777451-104060087-3308858430-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers1_S-1-5-21-1674777451-104060087-3308858430-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\Jill\AppData\Local\Kingsoft\WPS Office\11.2.0.10443\office6\kwpsmenushellext64.dll [2022-01-09] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers4_S-1-5-21-1674777451-104060087-3308858430-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\Jill\AppData\Local\Kingsoft\WPS Office\11.2.0.10443\office6\kwpsmenushellext64.dll [2022-01-09] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2015-07-07 12:44 - 2015-07-07 12:44 - 000088064 _____ () [File not signed] C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2015-07-07 12:33 - 2015-07-07 12:33 - 000501248 _____ (iMatix Corporation) [File not signed] C:\Program Files\Intel Corporation\Intel(R) Technology Access\libzmq-v120-mt-3_2_4.dll
2015-07-07 14:41 - 2015-07-07 14:41 - 000132352 _____ (Intel(R) Technology Access -> NT Kernel Resources) [File not signed] C:\Program Files\Intel Corporation\Intel(R) Technology Access\ndisapi.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1674777451-104060087-3308858430-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-1674777451-104060087-3308858430-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.co.nz/
SearchScopes: HKU\S-1-5-21-1674777451-104060087-3308858430-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1674777451-104060087-3308858430-1001 -> {14D3F9F0-C056-4855-90B9-D665E708415B} URL =
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\19.7.0.632\AVG SafeGuard toolbar_toolbar.dll No File
Reply With Quote
  #7  
Old January 25th, 2022, 09:38 PM
Jaytee's Avatar
Jaytee Jaytee is offline
Senior Member
 
Join Date: May 2002
O/S: Linux
Location: Hamilton New Zealand
Age: 76
Posts: 3,620
Addition part two:

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-23 02:25 - 2019-01-04 21:54 - 000000846 _____ C:\WINDOWS\system32\drivers\etc\hosts

2019-06-27 18:05 - 2019-06-27 18:06 - 000000436 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Windows\system32;C:\Windows;C:\ Windows\System32\Wbem;C:\Windows\System32\WindowsP owerShell\v1.0\;C:\Program Files\Acer\Remote Files\;%SystemRoot%\system32;%SystemRoot%;%SystemR oot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPo werShell\v1.0\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1674777451-104060087-3308858430-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jill\SkyDrive\Pictures\Camera imports\2021-01-26\20200831_133206.jpg
HKU\S-1-5-21-1674777451-104060087-3308858430-1012\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled)
Wi-Fi: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run32: => "BacKGround Agent"
HKLM\...\StartupApproved\Run32: => "vProt"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "ControlCenter3"
HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\StartupApproved\Run: => "AutoStartNPSAgent"
HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\StartupApproved\Run: => "AcerCloud"
HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\StartupApproved\Run: => "puush"
HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_B021E550A6083A30C3AC970E88 72392C"
HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\StartupApproved\Run: => "Web Companion"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FAFC0D75-ABF1-441D-91A4-789BB68B7F55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FLUID\PCE2.exe => No File
FirewallRules: [{14E3C2F8-89EE-4D8E-8B6A-46EBBE7B6665}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FLUID\PCE2.exe => No File
FirewallRules: [{9587A906-8425-4DDB-9526-37391B140FFF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{9B1CB820-9490-4067-B0D6-2B5964FEA458}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{22EB877A-7AA9-427A-9327-C7890F3403AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Luxor 2 HD\luxor_2_x86.exe => No File
FirewallRules: [{BE910AF1-2981-4DAA-A27A-FD5176F36EE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Luxor 2 HD\luxor_2_x86.exe => No File
FirewallRules: [{2F1D3743-7D34-4432-8BA2-EF360FCA4480}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{156F880C-7AFF-44E9-B4DC-BCE3563CC479}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{25593153-B6A2-4858-8EB0-AA19A92E17CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CookServeDelicious\CS DSteamBuild.exe => No File
FirewallRules: [{D0E76716-9BAA-4DC6-9D0A-2B4C9D75D999}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CookServeDelicious\CS DSteamBuild.exe => No File
FirewallRules: [{B784265A-9060-4E68-89C8-A5019043B60D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Adorables\Adorables.e xe => No File
FirewallRules: [{DCE9CDC6-F222-4E68-9A2D-997515E95928}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Adorables\Adorables.e xe => No File
FirewallRules: [{5AD70698-14E2-41AA-B290-4818FE2C450D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8534C924-8DD5-46FD-A1DB-6D0E166A2563}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{63FDC204-1743-452E-AB44-440A1AA4159E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe => No File
FirewallRules: [{D8533302-1064-4A78-8DB9-89CBEE0E70F8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe => No File
FirewallRules: [{13FF0701-C323-41B6-8E9D-E8837C57317A}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe (Nero AG -> Nero AG)
FirewallRules: [{60DFAEF1-8CF3-4E6F-8CEB-E2AA99442DE9}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe (Nero AG -> Nero AG)
FirewallRules: [{72C415DC-8729-4A02-B8B0-3E25C595B782}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C2A62038-2F0A-413B-9933-E1EE52E48B33}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8D6508AB-9974-41AA-A7A6-361C6F9B4A42}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BA876794-19EA-4748-B9F2-6F9BA9F66C94}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DCCFA627-2F14-4732-B14F-B03D5F4AF086}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{207440DC-5EA1-4F80-836B-27FE56D11D72}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{5ECD6C4C-D48F-43AE-A55D-4B924D3BB0E9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{173FC566-953C-463C-B637-6674B0048EB2}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe => No File
FirewallRules: [{21457418-00B7-439F-9019-4784580A446A}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe => No File
FirewallRules: [{AD13C534-2857-4CBD-B272-778D263FC790}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe => No File
FirewallRules: [{DB386325-4478-445B-B249-CB97211F6872}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe => No File
FirewallRules: [{0AB2497A-6180-450E-8A67-DE58279372F7}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe => No File
FirewallRules: [{94F6E8C3-D00C-42E8-93CF-6D79398B5132}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe => No File
FirewallRules: [{A51BBF4F-1466-4148-983E-5A9100EEF797}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe => No File
FirewallRules: [{C28DB4BE-026D-4EDD-8E18-D3FA196E1342}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe => No File
FirewallRules: [{758C23A8-B3A3-4396-813F-CEE9102216D3}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe => No File
FirewallRules: [{96F7EBE8-317A-44D3-89A6-8E1F13138671}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe => No File
FirewallRules: [{20722013-6F4C-43E4-A7C8-156B0C45099B}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe => No File
FirewallRules: [{B1DB5908-C319-4F55-A45E-A2C9E757EC86}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe => No File
FirewallRules: [{F2773DDB-068D-418E-ACB0-7BCC6D16EA92}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{2A4A1869-D5CD-4D24-B934-43B6A309E1FF}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{E30B004E-18F8-4E64-B101-299DAF92CBCC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{62B8871D-BEFE-41D7-9A4C-93E3E660653D}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{94C4FD38-B7A9-4643-B090-12C9191F6595}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{A6DC9EA6-C6FB-41A9-8795-3A082F45A719}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{93C96326-EEDA-47FF-A9EB-655122A63ED1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{A69609B1-5D5C-4C81-9A28-BEC5A17C587E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{5773176F-8240-40E2-8880-D7642F16C1E6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{E26BC2BB-A2CB-4FAB-B932-A6C39087B5E4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [TCP Query User{DB94446C-4EC9-48F3-A053-83D529BA62D5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{A7B8763E-3D0B-48A4-AF80-03D1657B15D8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{0742FE41-44C7-4886-8DB4-08DDF48A53C5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{FE7949C2-06B2-46C7-9536-9126EE7A4FE2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0C44850B-10BF-457B-BBE7-9A376F33EE6F}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe (Samsung Electronics CO., LTD. -> PeeringPortal)
FirewallRules: [{E862CA25-9069-486C-B0F2-C9E42B654E3E}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe (Samsung Electronics CO., LTD. -> PeeringPortal)
FirewallRules: [{E5232B0F-FCD0-442C-B2B5-2CC86D6C7C05}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe (Samsung Electronics CO., LTD. -> PeeringPortal)
FirewallRules: [{845BD073-6414-4701-968B-67B6922F6EDC}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe (Samsung Electronics CO., LTD. -> PeeringPortal)
FirewallRules: [{AB7799F1-39E4-45B2-830B-84EDBA22FF23}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0F39BEB0-AF57-440C-8433-013BE64568B6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CF9B7AA6-9B1E-4E21-BB96-10997ED511C0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{31F68C6A-D97F-48B7-9277-49A17F95B6F3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{9FBF4691-6B9A-4AAB-84FD-53036C2A6A59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Luxor 3\Luxor3.exe => No File
FirewallRules: [{979D4E85-AD37-4E28-B47C-9095BEB25082}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Luxor 3\Luxor3.exe => No File
FirewallRules: [{E5F85799-7EFD-4B11-A885-D4B7D3122E59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LUXOR 5th Passage\Luxor - 5th Passage.exe => No File
FirewallRules: [{2304C9A3-CEEE-4897-9D3C-A97758450B80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LUXOR 5th Passage\Luxor - 5th Passage.exe => No File
FirewallRules: [{FA1E7C62-CDA1-4787-91EF-881FFA9D977D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Luxor HD\luxor_hd_x86.exe => No File
FirewallRules: [{4C40F100-3633-4429-82A8-DF22F13FD37A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Luxor HD\luxor_hd_x86.exe => No File
FirewallRules: [TCP Query User{4AFDB59C-A378-4080-B3C0-A3035A21ECB9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{5C2BD328-6CBF-4407-ACCD-C93516C2B16D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F0AF1151-4A49-4901-9305-E2492E8A0475}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\2 Planets Fire and Ice\2planets.exe => No File
FirewallRules: [{F4141A97-64EE-41C8-BD20-BACC9154B2AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\2 Planets Fire and Ice\2planets.exe => No File
FirewallRules: [{0EFD5C6A-14BD-42DA-95BA-1FA1BEECD159}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aztec Venture\AztecVenture.exe => No File
FirewallRules: [{5FEA5DE8-FF8A-4C83-876B-1A35D753DFBD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aztec Venture\AztecVenture.exe => No File
FirewallRules: [{C90C6D39-B0C0-4FBD-9E89-17E2D0F1C66F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Chateau Garden\Game.exe => No File
FirewallRules: [{630C2590-35F8-4CB3-8A4B-2C839FE5D224}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Chateau Garden\Game.exe => No File
FirewallRules: [{0E79A52C-496B-45AC-A871-F4E43000F3FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Galact Quest\GalactQuest.exe => No File
FirewallRules: [{9547B107-3933-41B1-8341-DB42944A654F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Galact Quest\GalactQuest.exe => No File
FirewallRules: [{A213557F-E49F-425A-A951-5B5FD64FE746}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hot Dish\hotdish.exe => No File
FirewallRules: [{DD390CDF-A32D-4370-8B36-921DE5403EB3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hot Dish\hotdish.exe => No File
FirewallRules: [{6BC5FE28-A0CD-4FD2-93C2-0C9CC3A6622F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HiddenObject6-in-1bundle\HiddenObject6in1.exe => No File
FirewallRules: [{A01E3530-EFC2-4A72-8467-B347A8D11976}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HiddenObject6-in-1bundle\HiddenObject6in1.exe => No File
FirewallRules: [{90638778-F390-481C-AF2C-6616089D6AC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\India Garden\Game.exe => No File
FirewallRules: [{B44C2686-9269-499B-AC22-8F5240F46305}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\India Garden\Game.exe => No File
FirewallRules: [{9AD6C4A7-D5C2-414F-96A4-6A6A3EEF3671}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jewel Venture\Jewel Venture.exe => No File
FirewallRules: [{C8A289B6-BC14-414A-BF0F-76B3B927438F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jewel Venture\Jewel Venture.exe => No File
FirewallRules: [{C36903CF-0741-4314-860A-DF89E04191B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lily´s Epic Quest\Lily's Epic Quest.exe => No File
FirewallRules: [{DDBE2B57-5679-44C8-8917-3BCA55E57D63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lily´s Epic Quest\Lily's Epic Quest.exe => No File
FirewallRules: [{57A6BF57-AA87-4E09-8D4E-CEE55511D1BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Murder Mystery Adventure\MurderMysteryAdventure.exe => No File
FirewallRules: [{991B4393-EEDE-487E-9DBA-B700032DB2B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Murder Mystery Adventure\MurderMysteryAdventure.exe => No File
FirewallRules: [{6EB857D6-8E5B-4D3F-AED1-51C46E44EA84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ricky Raccoon\Game.exe => No File
FirewallRules: [{AA05E054-5378-4B7E-A1F6-A238106FA884}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ricky Raccoon\Game.exe => No File
FirewallRules: [{6277415F-CC29-42B8-BEE8-C39AFC361A9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ricky Raccoon 2\Game.exe => No File
FirewallRules: [{C0143009-3434-4F0C-8A94-F9CADA87E980}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ricky Raccoon 2\Game.exe => No File
FirewallRules: [{0054B8BB-D61D-4CC5-A76A-B827E3F2C39A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Safari Venture\SafariVenture.exe => No File
FirewallRules: [{7D314014-54CF-4C7D-9033-45DDAED8235C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Safari Venture\SafariVenture.exe => No File
FirewallRules: [{F6ADBE99-A27A-470B-AD6C-7B954EB8EF9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bubble Blowout\BubbleBlowout.exe => No File
FirewallRules: [{12789E6E-5B02-4811-8B1C-422996A0FB08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bubble Blowout\BubbleBlowout.exe => No File
FirewallRules: [TCP Query User{A1FB09D8-F98C-4765-9F7E-4CECCB33EA4C}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{C338E67D-1E7B-485D-841D-0C9F44F8E44F}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{A64F1A7E-07DE-45DB-9BEB-06A62DEC9D4A}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8D16A0BC-5FB1-40B1-9BFF-F7499D5E5AA9}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F5BF6490-BCD4-47CE-8DB8-4BDFE6EAA180}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{08FBEBF9-60D0-401F-AF89-5EBC406FE6CF}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7EDE7BA1-37A7-4553-8F2F-149AF2A78F48}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B576732A-12BC-402B-9324-0F94C61DECAA}] => (Allow) C:\Users\Jill\AppData\Roaming\BitTorrent\BitTorren t.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{ABD57438-E4F2-46C0-BE65-B3B3979F84B0}] => (Allow) C:\Users\Jill\AppData\Roaming\BitTorrent\BitTorren t.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{A6311B02-FF34-4EB3-BCA4-3053C606E3DB}] => (Allow) C:\Users\Jill\AppData\Local\Kingsoft\WPS Office\11.2.0.10382\office6\wps.exe => No File
FirewallRules: [{E9567B89-5154-4461-B34F-583803C70F79}] => (Allow) C:\Users\Jill\AppData\Local\Kingsoft\WPS Office\11.2.0.10382\office6\wpscloudsvr.exe => No File
FirewallRules: [{A4313777-EA9D-43A3-B790-4F533C191B76}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{12DFE19F-88CB-40A3-9E0A-CEE39327194D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1936105A-8E05-4693-A747-EE3088BA2D35}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7BF85667-E21D-4E4F-ABCF-16E9BA5802DB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F09A200C-DFDB-45F9-AA58-7203D1A5E14C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

18-01-2022 21:45:04 Scheduled Checkpoint
Reply With Quote
  #8  
Old January 25th, 2022, 09:42 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,284
Run frst again, and uncheck everything, but make sure the Addition.txt box is checked. Post the log that creates.
Reply With Quote
  #9  
Old January 26th, 2022, 12:30 AM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,284
FYI - that log will show, as part of it, a list of installed software.
Reply With Quote
  #10  
Old January 26th, 2022, 12:56 AM
Jaytee's Avatar
Jaytee Jaytee is offline
Senior Member
 
Join Date: May 2002
O/S: Linux
Location: Hamilton New Zealand
Age: 76
Posts: 3,620
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2022
Ran by Jill (26-01-2022 12:49:20)
Running from C:\Users\Jill\Downloads
Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) (2020-09-17 19:29:24)
Boot Mode: Normal
================================================== ========


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1674777451-104060087-3308858430-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1674777451-104060087-3308858430-503 - Limited - Disabled)
defaultuser1 (S-1-5-21-1674777451-104060087-3308858430-1012 - Limited - Enabled) => C:\Users\defaultuser1.JillsToy
Guest (S-1-5-21-1674777451-104060087-3308858430-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1674777451-104060087-3308858430-1003 - Limited - Enabled)
Jill (S-1-5-21-1674777451-104060087-3308858430-1001 - Administrator - Enabled) => C:\Users\Jill
WDAGUtilityAccount (S-1-5-21-1674777451-104060087-3308858430-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.05.2004.3 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.00.2007.1 - Acer Incorporated)
Acer Docs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2001 - Acer)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.00.3000 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8101 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.3001 - Acer Incorporated)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{0F347A49-E36C-4639-8D2E-003AD408B8B2}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Age of Mythology (HKLM-x32\...\Age of Mythology 1.0) (Version: - )
Aloha TriPeaks (HKLM-x32\...\WTA-2b955e2a-c099-47a6-8e00-baa9e5b298ab) (Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.01.2012.1 - Acer Incorporated)
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 19.7.0.632 - AVG Technologies)
BitTorrent (HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\BitTorrent) (Version: 7.10.5.46011 - BitTorrent Inc.)
Cradle Of Egypt Collector's Edition (HKLM-x32\...\WTA-42f0ef2b-e9d8-4e0a-b6eb-992ee03a5fc6) (Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3323.57 - CyberLink Corp.)
Game Channels (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 9.2.0.11 - WildTangent, Inc.)
Game Channels (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 9.2.0.11 - WildTangent, Inc.)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-1aab06ca-355b-4e90-ab68-bf6ed0622257) (Version: 2.2.0.110 - WildTangent) Hidden
Harry Potter II (HKLM-x32\...\{7BF68B83-5057-4D4B-0093-28285EEB9EE3}) (Version: - )
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Intel(R) Technology Access (HKLM-x32\...\{810dff4d-564d-47da-b8bc-a3729815aab7}) (Version: 1.9.1.1008 - Intel Corporation)
Intel(R) Technology Access Software Asset Manager (HKLM-x32\...\{C1C74874-4E6F-49B8-BBCD-D43E277D8D28}) (Version: 3.4.1942 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (HKLM-x32\...\WTA-b504bdb7-1b9e-447f-88d9-de27c90c543d) (Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (HKLM-x32\...\WTA-655fc16c-d379-44e5-86ec-a3bf0d97301a) (Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.69 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\OneDriveSetup.exe) (Version: 21.245.1128.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 96.0.2 (x64 en-US)) (Version: 96.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 96.0.2.8054 - Mozilla)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Online Games Manager v1.50 (HKLM-x32\...\Online Games Manager) (Version: 1.50.4 - Real Networks, Inc.)
PDF Reader 3 (HKLM-x32\...\PDF Reader 3) (Version: - )
Peggle Nights (HKLM-x32\...\WTA-664083be-1734-4392-a913-24fc7bac530a) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-362ad798-bad9-4753-80b9-86b49760856f) (Version: 2.2.0.98 - WildTangent) Hidden
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.27041 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Samsung New PC Studio (HKLM-x32\...\{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Sheet Music Plus Digital Print (HKLM-x32\...\{71EF76CE-A8A2-D5DA-CF58-F2381FA5CEC4}) (Version: 255.02.10 - Sheet Music Plus, LLC) Hidden
Sheet Music Plus Digital Print (HKLM-x32\...\com.sheetmusicplus.DigitalAirPrint2) (Version: v2015.02.10 - Sheet Music Plus, LLC)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.4 - Synaptics Incorporated)
The Chronicles of Emerland Solitaire (HKLM-x32\...\WTA-b21e6697-03d3-42a5-9de7-487988f1ec68) (Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (HKLM-x32\...\WTA-6f5a59f9-883d-4607-af1d-f476c6c52e6b) (Version: 2.2.0.98 - WildTangent) Hidden
UmmyVideoDownloader 1.2.0.7 (HKLM-x32\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: - ) <==== ATTENTION
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Web Companion (HKLM-x32\...\{fea2eb63-91f6-4efa-ac55-60834da5d713}) (Version: 8.9.0.371 - Lavasoft)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.11.9 - WildTangent) Hidden
Windows Movie Maker 6.1 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2557A92C7}}_is1) (Version: - windows-movie-maker.org)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WPS Office (11.2.0.10463) (HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\Kingsoft Office) (Version: 11.2.0.10463 - Kingsoft Corp.)
Zuma Deluxe (HKLM-x32\...\a2536d5c4e543e25afae00e74051c452) (Version: - GameHouse)

Packages:
=========
7digital Music Store -> C:\Program Files\WindowsApps\7digitalLtd.7digitalMusicStore_2 .1.10.3_x86__qv1vc61z2t2b4 [2017-07-21] (7digital Ltd)
AccuWeather - Weather for Life -> C:\Program Files\WindowsApps\AccuWeather.AccuWeatherforWindow s8_10.0.348.1000_x64__8zz2pj9h1h1d8 [2018-04-08] (AccuWeather) [MS Ad]
Acer Explorer -> C:\Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2. 0.3007.0_x86__48frkmn4z8aw4 [2016-07-07] (Acer Incorporated)
Another Case Solved -> C:\Program Files\WindowsApps\0BCF39DC.AnotherCaseSolved_1.3.1 .3_x86__7r58kgx22y7jj [2015-11-26] (SYZYGY Deutschland GmbH)
Bubble Breaker 10 -> C:\Program Files\WindowsApps\3983JEFBCreating.BubbleBreaker_3 .6.2.0_x64__vy786dcgg6jz4 [2021-11-13] (JEFBCreating)
Bubble Pop Star -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.BubbleP opStar_2.0.0.10_x64__kx24dqmazqk8j [2021-09-25] (Random Salad Games LLC) [MS Ad]
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2180.3 .0_x86__kgqvnymyfvs32 [2022-01-13] (king.com)
Candy Fun -> C:\Program Files\WindowsApps\33047StormtekGames.CandyFun_1.1. 0.9_neutral__2f2q84ddd4hgc [2014-05-09] (Stormtek Games)
Clockmaker: Match Three in Row -> C:\Program Files\WindowsApps\SamfinacoLimited.ClockmakerMatch ThreeinRow_61.0.2.0_x64__aj0b1qrpyg0w6 [2021-12-24] (Samfinaco Limited)
Club Vegas -> C:\Program Files\WindowsApps\BagelcodeInc.47921C88A920C_120.0 .16.0_x64__5dvc9f3b38e20 [2022-01-17] (Bagelcode)
Cut The Rope -> C:\Program Files\WindowsApps\ZeptoLabUKLimited.CutTheRope_1.2 .0.43_x86__sq9zxnwrk84pj [2014-05-09] (ZeptoLab UK Limited)
Doodle God Free Plus -> C:\Program Files\WindowsApps\JoyBits-Ltd.DoodleGodFreePlus_2.4.0.2_x64__km6tbgagk2b4w [2014-05-07] (JoyBits-Ltd)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.28.3.0_x86_ _q4d96b2w5wcc2 [2022-01-13] (Evernote)
Frozen Free Fall -> C:\Program Files\WindowsApps\Disney.FrozenFreeFall_4.6.1.1_x8 6__6rarf9sa4v8jt [2017-01-06] (Disney)
Gambino Slots: Free Vegas Casino Slot Machines -> C:\Program Files\WindowsApps\SpiralInteractive.TechnicalGambi noSlots_5.31.3.0_x86__1mh88v1m6sn8j [2022-01-15] (Spiral Interactive)
Hawaii Match-3 Mania: Home Design & Matching Puzzle -> C:\Program Files\WindowsApps\828B5831.HawaiiMatch-3Mania_1.24.2400.0_x64__ytsefhwckbdv6 [2022-01-19] (G5 Entertainment AB)
Hearts Deluxe -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HeartsD eluxe_6.11.62.0_x64__kx24dqmazqk8j [2021-12-17] (Random Salad Games LLC)
Invaders from Space Win8 -> C:\Program Files\WindowsApps\52167UnityMakesSoftware.SpaceInv adersWin8_1.0.0.13_neutral__r56gw62h6e50j [2014-05-09] (Unity Makes Software) [MS Ad]
Jewel Fever -> C:\Program Files\WindowsApps\SprakelsoftUG.JewelFever_1.1.20. 0_x64__ge3twpst8dtre [2020-10-14] (Sprakelsoft GmbH) [MS Ad]
Jewels of Rome: Match gems to restore the city -> C:\Program Files\WindowsApps\828B5831.JewelsofRomeMatchgemsto restorethecity_1.31.3101.0_x64__ytsefhwckbdv6 [2022-01-25] (G5 Entertainment AB)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_ 2.1.0.2_neutral__stfe6vwa9jnbp [2015-06-21] (AMZN Mobile LLC)
Magic Jigsaw Puzzles -> C:\Program Files\WindowsApps\XIMADINC.MagicPuzzles_4.10.3.0_x 64__np8fj6akx2czy [2022-01-13] (ZiMAD)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireColl ection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-13] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_51.10913.57 96.0_x64__8wekyb3d8bbwe [2021-12-01] (Microsoft Corporation)
Monsters Love Candy -> C:\Program Files\WindowsApps\Microsoft.MonstersLoveCandy_5.2. 0.0_x86__8wekyb3d8bbwe [2021-12-16] (Microsoft Studios)
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3 .0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x 64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64_ _a2t3txkz9j1jw [2020-01-18] (MAGIX)
Nemo's Reef -> C:\Program Files\WindowsApps\Disney.NemosReef_1.6.0.10_x86__6 rarf9sa4v8jt [2020-12-12] (Disney)
newsXpresso -> C:\Program Files\WindowsApps\esobiIncorporated.newsXpressoMet ro_3.1.3.395_x86__sngswjb5h6fyg [2015-03-18] (Yisoubi Co. Ltd.)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Mai n_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-04-15] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_ 1.0.0.0_x64__8wekyb3d8bbwe [2019-11-05] (Microsoft Corporation)
PopStar! -> C:\Program Files\WindowsApps\RuiLueSoftware.5333EC7C5889_1.3. 81.0_neutral__kxcx7nefnns9a [2021-08-28] (杭州睿略软件科技有限公司)
Scatter Slots -> C:\Program Files\WindowsApps\Fishsticksserviceslimited.Scatte rSlots_4.15.0.0_x64__bcx82fedc2d04 [2022-01-21] (Murka Games Limited)
Seekers Notes®: Hidden Mystery -> C:\Program Files\WindowsApps\5CB722CC.SeekersNotesMysteriesof Darkwood_2.19.2.0_x86__ypk0bew5psyra [2022-01-15] (MYTONA Pte. Ltd.)
Sherlock: Hidden Match-3 Cases -> C:\Program Files\WindowsApps\828B5831.SherlockHiddenMatch-3Cases_1.15.1501.0_x86__ytsefhwckbdv6 [2022-01-09] (G5 Entertainment AB)
Slotomania – Free Casino Slots -> C:\Program Files\WindowsApps\Playtika.Slotomania_6.46.3.0_x86 __7vjeg68vnncd2 [2022-01-25] (Playtika Holdings Corp)
Slots Era -> C:\Program Files\WindowsApps\Fishsticksserviceslimited.SlotsE ra_1.81.0.0_x64__bcx82fedc2d04 [2022-01-15] (Murka Games Limited)
Solitaire 30-Pack -> C:\Program Files\WindowsApps\8786PokerSolitaireCardPuz.Solita ireGamePack_1.2.12.0_x64__k01jvj6q54pxy [2016-12-21] (Solitaire Puzzle Game by XSS) [MS Ad]
Taptiles -> C:\Program Files\WindowsApps\Microsoft.Taptiles_2.6.288.0_x86 __8wekyb3d8bbwe [2018-10-27] (Microsoft Studios) [MS Ad]
Tetris 8 -> C:\Program Files\WindowsApps\34908JigsawPuzzlephotosud.Tetris 8_1.0.1.7_neutral__2ty3rvq1c6b9m [2014-09-06] (Angry Tom &amp; Zombie Race Free Run by flappy XYY)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral __wgeqdkkx372wm [2021-06-12] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1674777451-104060087-3308858430-1001_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> C:\Users\Jill\AppData\Local\Kingsoft\WPS Office\11.2.0.10463\office6\kwpsmenushellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-1674777451-104060087-3308858430-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers1_S-1-5-21-1674777451-104060087-3308858430-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\Jill\AppData\Local\Kingsoft\WPS Office\11.2.0.10463\office6\kwpsmenushellext64.dll [2022-01-26] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers4_S-1-5-21-1674777451-104060087-3308858430-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\Jill\AppData\Local\Kingsoft\WPS Office\11.2.0.10463\office6\kwpsmenushellext64.dll [2022-01-26] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================
Reply With Quote
  #11  
Old January 26th, 2022, 01:21 AM
Jaytee's Avatar
Jaytee Jaytee is offline
Senior Member
 
Join Date: May 2002
O/S: Linux
Location: Hamilton New Zealand
Age: 76
Posts: 3,620
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2022
Ran by Jill (administrator) on JILLSTOY (Acer E1-510) (26-01-2022 12:41:42)
Running from C:\Users\Jill\Downloads
Loaded Profiles: Jill
Platform: Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (All) =================
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(GameHouse Europe B.V. -> RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Technology Access -> Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Intel(R) Technology Access -> Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinServ ice.exe
(Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\Pres entationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.1 2605.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2 103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21113.36.0 _x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Windows -> ) C:\Windows\SystemApps\Microsoft.Windows.StartMenuE xperienceHost_cw5n1h2txyewy\StartMenuExperienceHos t.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\explorer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.ex e
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\ApplicationFrameHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\ctfmon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dwm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe <7>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthSystray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\sihost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\spoolsv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WmiPrvSE.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\winlogon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txy ewy\LockApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Search_cw5 n1h2txyewy\SearchApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_ cw5n1h2txyewy\InputApp\TextInputHost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\csrss.exe <2>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\lsass.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\services.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\smss.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\svchost.exe <82>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\wininit.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <7>
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\Jill\AppData\Local\Kingsoft\WPS Office\11.2.0.10463\office6\wpscenter.exe <2>
(Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\Jill\AppData\Local\Kingsoft\WPS Office\11.2.0.10463\office6\wpscloudsvr.exe
Failed to access process -> backgroundTaskHost.exe

==================== Registry (All) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [86016 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-04] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [52992 2014-08-06] (Acer Incorporated -> Acer Incorporated)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [34816 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [28160 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Winlogon: [Shell] C:\Windows\explorer.exe [4971808 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] C:\Windows\SysWOW64\explorer.exe [4357664 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKLM\...\Policies\Explorer: [NoRecentDocsHistory] 0
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [30870320 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [30870320 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\Run: [AcerCloud] => "C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe" startup (No File)
HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [96160 2011-02-17] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-05-12] (Dean Herbert -> )
HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\Run: [OneDrive] => C:\Users\Jill\AppData\Local\Microsoft\OneDrive\One Drive.exe [2586472 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [9250224 2021-11-19] (Lavasoft Software Canada Inc. -> Lavasoft)
HKU\S-1-5-21-1674777451-104060087-3308858430-1012\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [30870320 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1674777451-104060087-3308858430-1012\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Providers\Internet Print Provider: C:\Windows\system32\inetpp.dll [184320 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Providers\LanMan Print Services: C:\Windows\system32\win32spl.dll [923136 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\winprint: C:\Windows\System32\spool\prtprocs\x64\winprint.dl l [46080 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Appmon: C:\Windows\system32\AppMon.dll [114688 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Local Port: C:\Windows\system32\localspl.dll [1273856 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Microsoft Shared Fax Monitor: C:\Windows\system32\FXSMON.DLL [49152 2021-02-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Standard TCP/IP Port: C:\Windows\system32\tcpmon.dll [225280 2020-09-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\USB Monitor: C:\Windows\system32\usbmon.dll [931328 2021-06-09] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\WSD Port: C:\Windows\system32\APMon.dll [1487360 2021-06-09] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\AppCompatFlags\Custom\setuphost. exe: [{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb] -> Windows Setup Remediations (x64) (KB4023057)
HKLM\Software\...\AppCompatFlags\Custom\setupprep. exe: [{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb] -> Windows Setup Remediations (x64) (KB4023057)
HKLM\Software\...\AppCompatFlags\InstalledSDB\{553 4e02f-0f5d-40dd-ba92-bea38d22384d}: [DatabasePath] -> C:\WINDOWS\AppPatch\Custom\Custom64\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\WINDOWS\system32\unregmp2.exe [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -> C:\Windows\system32\themeui.dll [2021-01-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> C:\WINDOWS\system32\unregmp2.exe [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> C:\Windows\system32\shell32.dll [2022-01-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4383}] -> C:\Windows\System32\ie4uinit.exe [2021-11-10] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\mscories.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\Insta ller\chrmstp.exe [2022-01-26] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.69\Inst aller\setup.exe [2022-01-25] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\WINDOWS\SysWOW64\unregmp2.exe [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> C:\WINDOWS\SysWOW64\unregmp2.exe [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\mscories.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{01A30791-40AE-4653-AB2E-FD210019AE88}] -> C:\WINDOWS\system32\mgmtrefreshcredprov.dll [2021-01-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{1b283861-754f-4022-ad47-a5eaaa618894}] -> C:\WINDOWS\system32\SmartcardCredentialProvider.dl l [2021-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{1ee7337f-85ac-45e2-a23c-37c753209769}] -> C:\WINDOWS\system32\SmartcardCredentialProvider.dl l [2021-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{2135f72a-90b5-4ed3-a7f1-8bb705ac276a}] -> C:\WINDOWS\system32\credprovslegacy.dll [2021-01-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{25CBB996-92ED-457e-B28C-4774084BD562}] -> C:\WINDOWS\system32\credprovs.dll [2021-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{27FBDB57-B613-4AF2-9D7E-4FA7A66C21AD}] -> C:\WINDOWS\system32\TrustedSignalCredProv.dll [2021-01-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{2D8B3101-E025-480D-917C-835522C7F628}] ->
HKLM\Software\...\Authentication\Credential Providers: [{3dd6bec0-8193-4ffe-ae25-e08e39ea4063}] -> C:\WINDOWS\system32\credprovs.dll [2021-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{48B4E58D-2791-456C-9091-D524C6C706F2}] -> C:\Windows\System32\devicengccredprov.dll [2021-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{600e7adb-da3e-41a4-9225-3c0399e88c0c}] -> C:\WINDOWS\system32\cngcredui.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{60b78e88-ead8-445c-9cfd-0b87f74ea6cd}] -> C:\WINDOWS\system32\credprovs.dll [2021-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{8AF662BF-65A0-4D0A-A540-A338A999D36F}] -> C:\Windows\System32\FaceCredentialProvider.dll [2021-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{8FD7E19C-3BF7-489B-A72C-846AB3678C96}] -> C:\WINDOWS\system32\SmartcardCredentialProvider.dl l [2021-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{94596c7e-3744-41ce-893e-bbf09122f76a}] -> C:\WINDOWS\system32\SmartcardCredentialProvider.dl l [2021-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{A910D941-9DA9-4656-8933-AA1EAE01F76E}] ->
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2013-09-07] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{BEC09223-B018-416D-A0AC-523971B639F5}] -> C:\WINDOWS\System32\BioCredProv.dll [2021-12-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{C5D7540A-CD51-453B-B22B-05305BA03F07}] -> C:\Windows\System32\cxcredprov.dll [2021-04-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> C:\Windows\System32\FaceCredentialProvider.dll [2021-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{cb82ea12-9f71-446d-89e1-8d0924e1256e}] -> C:\WINDOWS\system32\credprovslegacy.dll [2021-01-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{D6886603-9D2F-4EB2-B667-1971041FA96B}] -> C:\Windows\System32\ngccredprov.dll [2021-12-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{e74e57b0-6c6d-44d5-9cda-fb2df5ed7435}] -> C:\WINDOWS\system32\certCredProvider.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\WINDOWS\system32\wlidcredprov.dll [2021-01-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{F8A1793B-7873-4046-B2A7-1F318747F427}] -> C:\WINDOWS\system32\fidocredprov.dll [2021-03-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2013-09-07] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{DDC0EED2-ADBE-40b6-A217-EDE16A79A0DE}] -> C:\WINDOWS\system32\credprovs.dll [2021-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\PLAP Providers: [{5537E283-B1E7-4EF8-9C6E-7AB0AFE5056D}] -> C:\WINDOWS\system32\rasplap.dll [2021-03-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> C:\Windows\system32\wlgpclnt.dll [2020-09-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{16be69fa-4209-4250-88cb-716cf41954e0}] -> C:\Windows\system32\auditcse.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> C:\Windows\system32\fdeploy.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}] ->
HKLM\Software\...\Winlogon\GPExtensions: [{3610eda5-77ef-11d2-8dc5-00c04fa31a66}] -> C:\WINDOWS\System32\dskquota.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> C:\Windows\system32\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4bcd6cde-777b-48b6-9804-43568e23545d}] -> C:\WINDOWS\System32\TsUsbRedirectionGroupPolicyExt ension.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}] -> C:\Windows\System32\iedkcs32.dll [2021-11-10] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4D2F9B6F-1E52-4711-A382-6A8B1A003DE6}] -> C:\Windows\System32\tsworkspace.dll [2021-01-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4d968b55-cac2-4ff5-983f-0a54603781a3}] -> C:\Windows\system32\WorkFoldersGPExt.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{7909AD9E-09EE-4247-BAB9-7029D5F0A278}] -> C:\Windows\system32\dmenrollengine.dll [2021-12-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{7933F41E-56F8-41d6-A31C-4148A711EE93}] -> C:\WINDOWS\System32\srchadmin.dll [2021-01-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{7B849a69-220F-451E-B3FE-2CB811AF94AE}] -> C:\Windows\System32\iedkcs32.dll [2021-11-10] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\Windows\system32\scecli.dll [2021-12-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{8A28E2C5-8D06-49A4-A08C-632DAA493E17}] -> C:\WINDOWS\system32\gpprnext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> C:\Windows\system32\dot3gpclnt.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{BA649533-0AAC-4E04-B9BC-4DBAE0325B12}] -> C:\Windows\system32\pwlauncher.dll [2021-01-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{C34B2751-1CF4-44F5-9262-C3FC39666591}] -> C:\Windows\system32\pwlauncher.dll [2021-01-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}] -> C:\Windows\system32\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}] -> C:\Windows\System32\iedkcs32.dll [2021-11-10] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{CFF649BD-601D-4361-AD3D-0FC365DB4DB7}] -> C:\WINDOWS\system32\domgmt.dll [2021-10-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{e437bc1c-aa7d-11d2-a382-00c04f991e27}] -> C:\WINDOWS\System32\polstore.dll [2021-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{f3ccc681-b74c-4060-9f26-cd84525dca2a}] -> C:\Windows\system32\auditcse.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{FB2CA36D-0B40-4307-821B-A13B252DE56C}] -> C:\Windows\system32\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}] -> C:\Windows\system32\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: credssp.dll
BootExecute: autocheck autochk *
AlternateShell: cmd.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03AEDE6F-7E53-4CBE-B695-27CA6C265E2E} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [5306408 2013-07-05] (Acer Incorporated -> Acer Incorporated)
Task: {06C749F5-F390-47ED-A9F4-567A2D5A32D1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {0E1B169C-24AD-417D-B80F-F4DBFB402DC7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {14F85C21-B3B6-474F-A329-70427BE38BB0} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1738504 2015-09-04] (Intel(R) Software -> Intel Corporation)
Task: {15DCB1AD-667F-4A13-BD9A-F0D90C4E581B} - System32\Tasks\{7DBD5D9D-B46E-487A-8C4B-5AC1F26EC433} => C:\Windows\system32\pcalua.exe -a D:\Setup.exe -d D:\
Task: {1EBD3074-9F59-4AA3-813B-EE9E525CB6F8} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0) (No File)
Task: {1F43FCC2-FE3D-42FD-BE12-BAE5F30C43BC} - System32\Tasks\WpsExternal_Jill_20220126092554 => C:\Users\Jill\AppData\Local\Kingsoft\WPS Office\11.2.0.10463\office6\wpscloudsvr.exe [1060552 2022-01-26] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {29619E57-65F3-47AC-91F4-28E2573EDEF9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {2D22B159-7CC4-4092-8424-A3D9F03AC835} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {412901A3-E641-4DFF-B845-96ACF8904E85} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {4320606C-2C23-4526-924B-C6CBD245905C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {48BB0DD4-40EE-42F7-B60A-DDA9C3DA0260} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {4904698F-B774-49C9-A0B5-27689618B190} - System32\Tasks\WpsUpdateTask_Jill => C:\Users\Jill\AppData\Local\Kingsoft\WPS Office\11.2.0.10463\office6\wpsupdate.exe [168648 2022-01-26] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {49C5A980-0155-4DF7-88EC-5D7608B68BF0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {4DF0BA89-391C-4EF7-B3D2-D6D8DB0AD2F6} - System32\Tasks\Microsoft\Windows\Shell\FamilySafet yUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {54941C50-84C7-4AA2-B585-D55B0F299961} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxcon fig-B -> No File <==== ATTENTION
Task: {551DEED5-DE2E-43D4-BB83-45B3E365A17E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {57F2F003-5E04-47C4-89A2-13706E877BA2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5CD193FA-43CC-42ED-A43C-55F52B7A8DE0} - \WPD\SqmUpload_S-1-5-21-1674777451-104060087-3308858430-1001 -> No File <==== ATTENTION
Task: {6C405BED-4247-405E-A205-E905EB3ECAFC} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-08-12] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {6C5388D1-B336-482A-AD42-D2E6A4EF2CDC} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {77E346EC-8040-4E39-8CDD-97FF5F0E8ED9} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {7A9AB7DB-4895-49D8-8D95-4897602F2E9C} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-08-12] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {8076261B-47A3-4D23-A264-91779DF02A57} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-04] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {865A272F-BF65-4F0D-AE2C-EB30BE839396} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump :5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\E7CF176E110C211B\ba ckgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {91E1DA78-2E37-4A12-96C8-B68A9592505B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {96D24BE4-CF73-4849-9CAD-19742140D2F3} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [4150312 2013-07-09] (Acer Incorporated -> )
Task: {9CA690DA-0BC8-4C76-B35A-29FAEC0032E4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C25DD8C7-C3EE-4893-A58A-F7689535C990} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\Backgro undConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CEAD830B-B3DD-4611-B7A9-367DF41603EF} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {D09E295C-A59B-4D10-92AE-1F16F5F4B944} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D194CF0A-1921-44E6-88A0-DC71672B4864} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {D1C4FF04-0B7C-4BC6-96E1-1F7ED96435A2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandco ntent -> No File <==== ATTENTION
Task: {DD2C952B-6BD3-43AA-B136-B5BC50724FC3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F32DEAF2-A66F-4FBD-AD22-DC9B5691ADE3} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [40008 2013-01-23] (Acer Incorporated -> )
Task: {F861364F-FE2E-439C-BD55-CE9B2747E22C} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [437288 2013-08-02] (Acer Incorporated -> Acer Incorporate)
Task: {FE743BA9-6233-459D-A62F-BF3B67949D88} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask .job => C:\WINDOWS\explorer.exe

==================== Internet (All) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5 04 C:\WINDOWS\SysWOW64\wshbth.dll [50688 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5 05 C:\WINDOWS\SysWOW64\NLAapi.dll [71168 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5 06 C:\WINDOWS\SysWOW64\mswsock.dll [324416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5 07 C:\WINDOWS\SysWOW64\winrnr.dll [34304 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [324416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [324416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [324416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [324416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [324416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [324416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [324416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [324416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [324416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [324416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [324416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [324416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9 13 C:\WINDOWS\SysWOW64\mswsock.dll [324416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9 14 C:\WINDOWS\SysWOW64\mswsock.dll [324416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5-x64 01 C:\Windows\system32\napinsp.dll [70144 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5-x64 02 C:\Windows\system32\pnrpnsp.dll [89088 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5-x64 03 C:\Windows\system32\pnrpnsp.dll [89088 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5-x64 04 C:\Windows\system32\wshbth.dll [64000 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5-x64 05 C:\Windows\system32\NLAapi.dll [97280 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5-x64 06 C:\Windows\System32\mswsock.dll [418416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\Windows\System32\winrnr.dll [49152 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9-x64 01 C:\Windows\system32\mswsock.dll [418416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9-x64 02 C:\Windows\system32\mswsock.dll [418416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9-x64 03 C:\Windows\system32\mswsock.dll [418416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9-x64 04 C:\Windows\system32\mswsock.dll [418416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9-x64 05 C:\Windows\system32\mswsock.dll [418416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9-x64 06 C:\Windows\system32\mswsock.dll [418416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9-x64 07 C:\Windows\system32\mswsock.dll [418416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9-x64 08 C:\Windows\system32\mswsock.dll [418416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9-x64 09 C:\Windows\system32\mswsock.dll [418416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9-x64 10 C:\Windows\system32\mswsock.dll [418416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9-x64 11 C:\Windows\system32\mswsock.dll [418416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9-x64 12 C:\Windows\system32\mswsock.dll [418416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9-x64 13 C:\Windows\system32\mswsock.dll [418416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog9-x64 14 C:\Windows\system32\mswsock.dll [418416 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3fe48445-0898-421c-a97c-6f41d0267531}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4101d45e-0b8f-4eaa-8052-b75be5f143bc}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jill\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-25]
Edge HomePage: Default -> hxxps://?
Edge StartupUrls: Default -> "hxxps://?"
Edge DefaultSearchURL: Default -> hxxps://af.xdock.co?keyword={searchTerms}&pid=490&subid=49 02
Edge DefaultSearchKeyword: Default -> yahoo search
Edge DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
StartMenuInternet: Microsoft Edge - "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

FireFox:
========
FF DefaultProfile: c5z23n9s.default
FF ProfilePath: C:\Users\Jill\AppData\Roaming\Mozilla\Firefox\Prof iles\c5z23n9s.default [2022-01-26]
FF Homepage: Mozilla\Firefox\Profiles\c5z23n9s.default -> hxxps://mynewtab.co?pId=BT170603&searchEngine=bing&iDate=2 021-11-15 11:29:19
FF NewTab: Mozilla\Firefox\Profiles\c5z23n9s.default -> hxxps://mynewtab.co?pId=BT170603&searchEngine=bing&iDate=2 021-11-15 11:29:19
FF Notifications: Mozilla\Firefox\Profiles\c5z23n9s.default -> hxxps://www.cruisecritic.com.au; hxxps://www.slotomania.com
FF HomepageOverride: Mozilla\Firefox\Profiles\c5z23n9s.default -> Disabled: _b7Members_@free.mytransitguide.com
FF HomepageOverride: Mozilla\Firefox\Profiles\c5z23n9s.default -> Disabled: avg@safeguard
FF NewTabOverride: Mozilla\Firefox\Profiles\c5z23n9s.default -> Disabled: _b7Members_@free.mytransitguide.com
FF NewTabOverride: Mozilla\Firefox\Profiles\c5z23n9s.default -> Disabled: avg@safeguard
FF NewTabOverride: Mozilla\Firefox\Profiles\c5z23n9s.default -> Enabled: @contain-facebook
FF NewTabOverride: Mozilla\Firefox\Profiles\c5z23n9s.default -> Enabled: ddg@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\c5z23n9s.default -> Enabled: wikipedia@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\c5z23n9s.default -> Enabled: google@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\c5z23n9s.default -> Enabled: bing@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\c5z23n9s.default -> Enabled: amazondotcom@search.mozilla.org
FF Extension: (Facebook Container) - C:\Users\Jill\AppData\Roaming\Mozilla\Firefox\Prof iles\c5z23n9s.default\Extensions\@contain-facebook.xpi [2021-08-05]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Jill\AppData\Roaming\Mozilla\Firefox\Prof iles\c5z23n9s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-11-25]
FF Extension: (Add-ons Search Detection) - C:\Users\Jill\AppData\Roaming\Mozilla\Firefox\Prof iles\c5z23n9s.default\features\{122c1021-55b2-487b-a76a-b90c987bd5be}\addons-search-detection@mozilla.com.xpi [2021-11-06]
FF Extension: (Reset Search Defaults) - C:\Users\Jill\AppData\Roaming\Mozilla\Firefox\Prof iles\c5z23n9s.default\features\{122c1021-55b2-487b-a76a-b90c987bd5be}\reset-search-defaults@mozilla.com.xpi [2021-11-06]
FF SearchPlugin: C:\Users\Jill\AppData\Roaming\Mozilla\Firefox\Prof iles\c5z23n9s.default\searchplugins\Yahoo Search.xml [2022-01-25]
FF Extension: (DoH Roll-Out) - C:\Program Files (x86)\Mozilla Firefox\browser\features\doh-rollout@mozilla.org.xpi [2020-08-28] [not signed]
FF Extension: (Form Autofill) - C:\Program Files (x86)\Mozilla Firefox\browser\features\formautofill@mozilla.org. xpi [2021-11-03] [not signed]
FF Extension: (Picture-In-Picture) - C:\Program Files (x86)\Mozilla Firefox\browser\features\pictureinpicture@mozilla. org.xpi [2021-06-05] [not signed]
FF Extension: (Proxy Failover) - C:\Program Files (x86)\Mozilla Firefox\browser\features\proxy-failover@mozilla.com.xpi [2021-11-03] [not signed]
FF Extension: (Firefox Screenshots) - C:\Program Files (x86)\Mozilla Firefox\browser\features\screenshots@mozilla.org.x pi [2022-01-13] [not signed]
FF Extension: (WebCompat Reporter) - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi [2021-06-05] [not signed]
FF Extension: (Web Compatibility Interventions) - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi [2022-01-13] [not signed]
FF HKLM\...\Mozilla Firefox 96.0.2\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components => not found
FF HKLM\...\Mozilla Firefox 96.0.2\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Firefox\plugins => not found
FF HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\Mozilla Firefox 96.0.2\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components => not found
FF HKU\S-1-5-21-1674777451-104060087-3308858430-1001\...\Mozilla Firefox 96.0.2\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Firefox\plugins => not found
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-05] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-05] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-05] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-05] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-05] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-05] (VideoLAN -> VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp .dll [2015-04-03] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-25] (Adobe Inc. -> Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\channel-prefs.js [2015-05-14]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default [2022-01-26]
CHR Notifications: Default -> hxxps://hov-prd-apps.productmadness.com; hxxps://www.facebook.com
CHR HomePage: Default -> hxxps://?
CHR StartupUrls: Default -> "hxxps://?"
CHR DefaultSearchURL: Default -> hxxps://find.fnavigate-now.com/results.aspx?q={searchTerms}&gd=SY1004294&searchso urce=58&d=2021-11-15 11:29:19&n=9998
CHR DefaultSearchKeyword: Default -> yahoo search
CHR DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (Safe Torrent Scanner) - C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnal hlkkjb [2022-01-25]
CHR Extension: (Docs) - C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2017-10-15]
CHR Extension: (Google Drive) - C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2020-12-27]
CHR Extension: (YouTube) - C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2015-09-29]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddi lifddb [2022-01-25]
CHR Extension: (Google Search) - C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf [2015-10-30]
CHR Extension: (Tampermonkey) - C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmp obfkfo [2021-10-03]
CHR Extension: (Google Docs Offline) - C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2022-01-25]
CHR Extension: (True Key™ by McAfee) - C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbeldjopgciegccabfohnefghf pinncn [2020-12-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2021-02-05]
CHR Extension: (Gmail) - C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2020-12-27]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
StartMenuInternet: Google Chrome - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"

==================== Services (All) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Reply With Quote
  #12  
Old January 26th, 2022, 01:35 AM
Jaytee's Avatar
Jaytee Jaytee is offline
Senior Member
 
Join Date: May 2002
O/S: Linux
Location: Hamilton New Zealand
Age: 76
Posts: 3,620
S3 AarSvc; C:\WINDOWS\System32\AarSvc.dll [465408 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 AarSvc; C:\WINDOWS\SysWOW64\AarSvc.dll [354816 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
R3 AarSvc_fbbbf9; C:\WINDOWS\system32\svchost.exe [57360 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 AarSvc_fbbbf9; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S3 AJRouter; C:\WINDOWS\System32\AJRouter.dll [26112 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 ALG; C:\WINDOWS\System32\alg.exe [95744 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 AppIDSvc; C:\WINDOWS\System32\appidsvc.dll [85504 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
R3 Appinfo; C:\WINDOWS\System32\appinfo.dll [220160 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 AppReadiness; C:\WINDOWS\system32\AppReadiness.dll [651776 2021-02-15] (Microsoft Windows -> Microsoft Corporation)
R3 AppXSvc; C:\WINDOWS\system32\appxdeploymentserver.dll [3917824 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [416072 2018-06-26] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
R2 AudioEndpointBuilder; C:\WINDOWS\System32\AudioEndpointBuilder.dll [744448 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R2 Audiosrv; C:\WINDOWS\System32\Audiosrv.dll [1841664 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 autotimesvc; C:\WINDOWS\System32\autotimesvc.dll [114176 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 AxInstSV; C:\WINDOWS\System32\AxInstSV.dll [116736 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
S3 BcastDVRUserService; C:\WINDOWS\System32\BcastDVRUserService.dll [1389056 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 BcastDVRUserService_fbbbf9; C:\WINDOWS\system32\svchost.exe [57360 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 BcastDVRUserService_fbbbf9; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 BDESVC; C:\WINDOWS\System32\bdesvc.dll [555008 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
R2 BFE; C:\WINDOWS\System32\bfe.dll [887296 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
R2 BITS; C:\WINDOWS\System32\qmgr.dll [1481216 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 BluetoothUserService; C:\WINDOWS\System32\Microsoft.Bluetooth.UserServic e.dll [500736 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 BluetoothUserService_fbbbf9; C:\WINDOWS\system32\svchost.exe [57360 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 BluetoothUserService_fbbbf9; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 BrokerInfrastructure; C:\WINDOWS\System32\psmsrv.dll [247296 2020-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 BTAGService; C:\WINDOWS\System32\BTAGService.dll [1023488 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
R3 BTAGService; C:\WINDOWS\SysWOW64\BTAGService.dll [733696 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
R3 BthAvctpSvc; C:\WINDOWS\System32\BthAvctpSvc.dll [399872 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
R3 bthserv; C:\WINDOWS\system32\bthserv.dll [213504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 camsvc; C:\WINDOWS\system32\CapabilityAccessManager.dll [391168 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 CaptureService; C:\WINDOWS\System32\CaptureService.dll [130560 2021-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 CaptureService_fbbbf9; C:\WINDOWS\system32\svchost.exe [57360 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 CaptureService_fbbbf9; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 cbdhsvc; C:\WINDOWS\System32\cbdhsvc.dll [1025024 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
R3 cbdhsvc_fbbbf9; C:\WINDOWS\system32\svchost.exe [57360 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 cbdhsvc_fbbbf9; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3058944 2014-08-06] (Acer Incorporated -> Acer Incorporated)
R2 CDPSvc; C:\WINDOWS\System32\CDPSvc.dll [611840 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S2 CDPUserSvc; C:\WINDOWS\System32\CDPUserSvc.dll [490496 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
R2 CDPUserSvc_fbbbf9; C:\WINDOWS\system32\svchost.exe [57360 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 CDPUserSvc_fbbbf9; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 CertPropSvc; C:\WINDOWS\System32\certprop.dll [196608 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
R3 ClipSVC; C:\WINDOWS\System32\ClipSVC.dll [1118240 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
S3 COMSysApp; C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [21312 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
S3 COMSysApp; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [19256 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
S3 ConsentUxUserSvc; C:\WINDOWS\System32\ConsentUxClient.dll [170496 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 ConsentUxUserSvc_fbbbf9; C:\WINDOWS\system32\svchost.exe [57360 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ConsentUxUserSvc_fbbbf9; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\WINDOWS\system32\coremessaging.dll [986464 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\WINDOWS\SysWOW64\coremessaging.dll [630592 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
S3 cphs; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [299488 2016-05-04] (Intel(R) pGFX -> Intel Corporation)
S3 CredentialEnrollmentManagerUserSvc; C:\WINDOWS\system32\CredentialEnrollmentManager.ex e [382696 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 CredentialEnrollmentManagerUserSvc_fbbbf9; C:\WINDOWS\system32\CredentialEnrollmentManager.ex e [382696 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
R2 CryptSvc; C:\WINDOWS\system32\cryptsvc.dll [104960 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [3413424 2021-11-19] (Lavasoft Software Canada Inc. -> )
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [1338880 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 defragsvc; C:\WINDOWS\System32\defragsvc.dll [550400 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\System32\deviceaccess.dll [240688 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\SysWOW64\deviceaccess.dll [188536 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 DeviceAssociationBrokerSvc_fbbbf9; C:\WINDOWS\system32\svchost.exe [57360 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 DeviceAssociationBrokerSvc_fbbbf9; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 DeviceAssociationService; C:\WINDOWS\system32\das.dll [489472 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 DeviceInstall; C:\WINDOWS\system32\umpnpmgr.dll [133120 2020-12-09] (Microsoft Windows -> Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\System32\Windows.Devices.Picker.dll [482816 2021-04-14] (Microsoft Windows -> Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [342016 2021-04-14] (Microsoft Windows -> Microsoft Corporation)
S3 DevicePickerUserSvc_fbbbf9; C:\WINDOWS\system32\svchost.exe [57360 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 DevicePickerUserSvc_fbbbf9; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 DevicesFlowUserSvc; C:\WINDOWS\System32\DevicesFlowBroker.dll [598016 2021-05-12] (Microsoft Windows -> Microsoft Corporation)
S3 DevicesFlowUserSvc_fbbbf9; C:\WINDOWS\system32\svchost.exe [57360 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 DevicesFlowUserSvc_fbbbf9; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 DevQueryBroker; C:\WINDOWS\system32\DevQueryBroker.dll [65024 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 Dhcp; C:\WINDOWS\system32\dhcpcore.dll [400384 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
R2 Dhcp; C:\WINDOWS\SysWOW64\dhcpcore.dll [329728 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.Standa rdCollector.Service.exe [94208 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S3 diagsvc; C:\WINDOWS\system32\DiagSvc.dll [205824 2021-07-07] (Microsoft Windows -> Microsoft Corporation)
R2 DiagTrack; C:\WINDOWS\system32\diagtrack.dll [3826688 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
R2 DispBrokerDesktopSvc; C:\WINDOWS\System32\DispBroker.Desktop.dll [382464 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
R3 DisplayEnhancementService; C:\WINDOWS\system32\Microsoft.Graphics.Display.Dis playEnhancementService.dll [1192448 2021-04-14] (Microsoft Windows -> Microsoft Corporation)
S3 DmEnrollmentSvc; C:\WINDOWS\system32\Windows.Internal.Management.dl l [1019904 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
S3 DmEnrollmentSvc; C:\WINDOWS\SysWOW64\Windows.Internal.Management.dl l [715264 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
S3 dmwappushservice; C:\WINDOWS\system32\dmwappushsvc.dll [58880 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [356352 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
R3 DoSvc; C:\WINDOWS\system32\dosvc.dll [1494528 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 dot3svc; C:\WINDOWS\System32\dot3svc.dll [275968 2021-07-07] (Microsoft Windows -> Microsoft Corporation)
R2 DPS; C:\WINDOWS\system32\dps.dll [175616 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 DsmSvc; C:\WINDOWS\System32\DeviceSetupManager.dll [288256 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
R3 DsSvc; C:\WINDOWS\System32\DsSvc.dll [162816 2020-09-18] (Microsoft Windows -> Microsoft Corporation)
R2 DusmSvc; C:\WINDOWS\System32\dusmsvc.dll [341504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Eaphost; C:\WINDOWS\System32\eapsvc.dll [112640 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-08] (Microsoft Corporation -> Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-08] (Microsoft Corporation -> Microsoft Corporation)
S3 EFS; C:\WINDOWS\system32\efssvc.dll [85504 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 embeddedmode; C:\WINDOWS\System32\embeddedmodesvc.dll [159744 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 EntAppSvc; C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll [601600 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated -> Acer Incorporated)
R2 EventLog; C:\WINDOWS\System32\wevtsvc.dll [1886208 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
R2 EventSystem; C:\WINDOWS\system32\es.dll [414720 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
R2 EventSystem; C:\WINDOWS\SysWOW64\es.dll [335360 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S3 Fax; C:\WINDOWS\system32\fxssvc.exe [661504 2021-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 fdPHost; C:\WINDOWS\system32\fdPHost.dll [21504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 FDResPub; C:\WINDOWS\system32\fdrespub.dll [35840 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 fhsvc; C:\WINDOWS\system32\fhsvc.dll [124416 2021-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 FontCache; C:\WINDOWS\system32\FntCache.dll [1440256 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R3 FontCache3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\Pres entationFontCache.exe [46184 2019-11-08] (Microsoft Corporation -> Microsoft Corporation)
S3 FrameServer; C:\WINDOWS\system32\FrameServer.dll [996352 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373824 2015-05-28] (WildTangent Inc -> WildTangent)
S3 GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [265808 2015-04-03] (WildTangent Inc -> WildTangent, Inc.)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\eleva tion_service.exe [1470296 2022-01-19] (Google LLC -> Google LLC)
S2 gpsvc; C:\WINDOWS\System32\gpsvc.dll [1342976 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 GraphicsPerfSvc; C:\WINDOWS\System32\GraphicsPerfSvc.dll [106496 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
R3 hidserv; C:\WINDOWS\system32\hidserv.dll [36352 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 hidserv; C:\WINDOWS\SysWOW64\hidserv.dll [29696 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 HvHost; C:\WINDOWS\System32\hvhostsvc.dll [66360 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation -> Intel Corporation)
S3 icssvc; C:\WINDOWS\System32\tetheringservice.dll [238080 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-04] (Intel(R) pGFX -> Intel Corporation)
S3 IKEEXT; C:\WINDOWS\System32\ikeext.dll [1054208 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
R3 InstallService; C:\WINDOWS\system32\InstallService.dll [2437632 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R3 InstallService; C:\WINDOWS\SysWOW64\InstallService.dll [1843712 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 Intel(R) TA SAM; C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-08-12] (Intel(R) Software Asset Manager -> Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [153296 2016-04-26] (Intel(R) Technology Access -> Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [478416 2016-04-26] (Intel(R) Technology Access -> Intel(R) Corporation)
R2 iphlpsvc; C:\WINDOWS\System32\iphlpsvc.dll [836096 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 IpxlatCfgSvc; C:\WINDOWS\System32\IpxlatCfg.dll [66048 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
R3 KeyIso; C:\WINDOWS\system32\keyiso.dll [94208 2020-09-18] (Microsoft Windows -> Microsoft Corporation)
R3 KeyIso; C:\WINDOWS\SysWOW64\keyiso.dll [66560 2020-09-18] (Microsoft Windows -> Microsoft Corporation)
S3 KtmRm; C:\WINDOWS\system32\msdtckrm.dll [375296 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 LanmanServer; C:\WINDOWS\system32\srvsvc.dll [301568 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R2 LanmanWorkstation; C:\WINDOWS\System32\wkssvc.dll [302080 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
R3 lfsvc; C:\WINDOWS\System32\lfsvc.dll [48640 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 LicenseManager; C:\WINDOWS\system32\LicenseManagerSvc.dll [51200 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 lltdsvc; C:\WINDOWS\System32\lltdsvc.dll [284672 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
R3 lmhosts; C:\WINDOWS\System32\lmhsvc.dll [26112 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-02] (Acer Incorporated -> Acer Incorporate)
R2 LSM; C:\WINDOWS\System32\lsm.dll [848384 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 LxpSvc; C:\WINDOWS\System32\LanguageOverlayServer.dll [302080 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S2 MapsBroker; C:\WINDOWS\System32\moshost.dll [94720 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MessagingService; C:\WINDOWS\System32\MessagingService.dll [91648 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 MessagingService_fbbbf9; C:\WINDOWS\system32\svchost.exe [57360 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MessagingService_fbbbf9; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc. -> McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-03] (McAfee, Inc. -> McAfee, Inc.)
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.69\elev ation_service.exe [1610128 2022-01-21] (Microsoft Corporation -> Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\System32\MixedRealityRuntime.dll [134768 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll [104824 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [243128 2022-01-21] (Mozilla Corporation -> Mozilla Foundation)
R2 mpssvc; C:\WINDOWS\system32\mpssvc.dll [1101824 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 MSDTC; C:\WINDOWS\System32\msdtc.exe [148480 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MSiSCSI; C:\WINDOWS\system32\iscsiexe.dll [160256 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 msiserver; C:\WINDOWS\system32\msiexec.exe /V [69632 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 msiserver; C:\WINDOWS\SysWOW64\msiexec.exe /V [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 NaturalAuthentication; C:\WINDOWS\System32\NaturalAuth.dll [454656 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
R2 NAUpdate; C:\Program Files (x86)\Nero\Update\NASvc.exe [769432 2012-07-14] (Nero AG -> Nero AG)
S3 NcaSvc; C:\WINDOWS\System32\ncasvc.dll [171520 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 NcbService; C:\WINDOWS\System32\ncbservice.dll [382464 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 NcdAutoSetup; C:\WINDOWS\System32\NcdAutoSetup.dll [92672 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Netlogon; C:\WINDOWS\system32\netlogon.dll [881152 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S3 Netlogon; C:\WINDOWS\SysWOW64\netlogon.dll [684032 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S3 Netman; C:\WINDOWS\System32\netman.dll [288768 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
R3 netprofm; C:\WINDOWS\System32\netprofmsvc.dll [881664 2021-04-14] (Microsoft Windows -> Microsoft Corporation)
S3 NetSetupSvc; C:\WINDOWS\System32\NetSetupSvc.dll [309760 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
S4 NetTcpPortSharing; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe [139256 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
R3 NgcCtnrSvc; C:\WINDOWS\System32\NgcCtnrSvc.dll [774656 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R3 NgcSvc; C:\WINDOWS\system32\ngcsvc.dll [931328 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R2 NlaSvc; C:\WINDOWS\System32\nlasvc.dll [388608 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
R2 nsi; C:\WINDOWS\system32\nsisvc.dll [34304 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [582544 2016-07-14] (GameHouse Europe B.V. -> RealNetworks, Inc.)
S2 OneSyncSvc; C:\WINDOWS\System32\APHostService.dll [351744 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
R2 OneSyncSvc_fbbbf9; C:\WINDOWS\system32\svchost.exe [57360 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 OneSyncSvc_fbbbf9; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 p2pimsvc; C:\WINDOWS\system32\pnrpsvc.dll [352768 2020-09-18] (Microsoft Windows -> Microsoft Corporation)
S3 p2psvc; C:\WINDOWS\system32\p2psvc.dll [439808 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 PcaSvc; C:\WINDOWS\System32\pcasvc.dll [876344 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\Perceptio nSimulationService.exe [106496 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 PerfHost; C:\WINDOWS\SysWow64\perfhost.exe [21504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 PhoneSvc; C:\WINDOWS\System32\PhoneService.dll [957440 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 PimIndexMaintenanceSvc; C:\WINDOWS\System32\PimIndexMaintenance.dll [196096 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
R3 PimIndexMaintenanceSvc_fbbbf9; C:\WINDOWS\system32\svchost.exe [57360 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 PimIndexMaintenanceSvc_fbbbf9; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 pla; C:\WINDOWS\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 pla; C:\WINDOWS\SysWOW64\pla.dll [1532928 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 PlugPlay; C:\WINDOWS\system32\umpnpmgr.dll [133120 2020-12-09] (Microsoft Windows -> Microsoft Corporation)
S3 PNRPAutoReg; C:\WINDOWS\system32\pnrpauto.dll [28160 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 PNRPsvc; C:\WINDOWS\system32\pnrpsvc.dll [352768 2020-09-18] (Microsoft Windows -> Microsoft Corporation)
S3 PolicyAgent; C:\WINDOWS\System32\ipsecsvc.dll [463360 2021-05-12] (Microsoft Windows -> Microsoft Corporation)
R2 Power; C:\WINDOWS\system32\umpo.dll [178176 2021-06-09] (Microsoft Windows -> Microsoft Corporation)
S3 PrintNotify; C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfi g.dll [3595776 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\System32\PrintWorkflowService.dll [182272 2021-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\PrintWorkflowService.dll [138752 2021-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 PrintWorkflowUserSvc_fbbbf9; C:\WINDOWS\system32\svchost.exe [57360 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 PrintWorkflowUserSvc_fbbbf9; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ProfSvc; C:\WINDOWS\system32\profsvc.dll [492032 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S3 PushToInstall; C:\WINDOWS\system32\PushToInstall.dll [281088 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporated -> Acer Incorporate)
S3 QWAVE; C:\WINDOWS\system32\qwave.dll [287232 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 QWAVE; C:\WINDOWS\SysWOW64\qwave.dll [228864 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 RasAuto; C:\WINDOWS\System32\rasauto.dll [111616 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
R2 RasMan; C:\WINDOWS\System32\rasmans.dll [967680 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S4 RemoteAccess; C:\WINDOWS\System32\mprdim.dll [559616 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
S4 RemoteAccess; C:\WINDOWS\SysWOW64\mprdim.dll [431104 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
S4 RemoteRegistry; C:\WINDOWS\system32\regsvc.dll [166912 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 RetailDemo; C:\WINDOWS\system32\RDXService.dll [734720 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
R3 RmSvc; C:\WINDOWS\System32\RMapi.dll [152576 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
R2 RpcEptMapper; C:\WINDOWS\System32\RpcEpMap.dll [84480 2020-12-09] (Microsoft Windows -> Microsoft Corporation)
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 RpcSs; C:\WINDOWS\system32\rpcss.dll [1338880 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R2 SamSs; C:\WINDOWS\system32\lsass.exe [59448 2021-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SCardSvr; C:\WINDOWS\System32\SCardSvr.dll [265216 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [205312 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
R2 Schedule; C:\WINDOWS\system32\schedsvc.dll [814592 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 SCPolicySvc; C:\WINDOWS\System32\certprop.dll [196608 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
S3 SDRSVC; C:\WINDOWS\System32\SDRSVC.dll [154112 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 seclogon; C:\WINDOWS\system32\seclogon.dll [32768 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 SecurityHealthService; C:\WINDOWS\system32\SecurityHealthService.exe [986032 2021-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 SEMgrSvc; C:\WINDOWS\system32\SEMgrSvc.dll [1223680 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
R2 SENS; C:\WINDOWS\System32\sens.dll [77824 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 SensorDataService; C:\WINDOWS\System32\SensorDataService.exe [1265152 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 SensorService; C:\WINDOWS\system32\SensorService.dll [466432 2020-09-18] (Microsoft Windows -> Microsoft Corporation)
S3 SensrSvc; C:\WINDOWS\system32\sensrsvc.dll [181760 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 SessionEnv; C:\WINDOWS\system32\sessenv.dll [515072 2021-05-12] (Microsoft Windows -> Microsoft Corporation)
S3 SessionEnv; C:\WINDOWS\SysWOW64\sessenv.dll [425472 2021-05-12] (Microsoft Windows -> Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\SgrmBroker.exe [329504 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [619008 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 SharedRealitySvc; C:\WINDOWS\System32\SharedRealitySvc.dll [307200 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [259584 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 ShellHWDetection; C:\WINDOWS\SysWOW64\shsvcs.dll [193536 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 shpamsvc; C:\WINDOWS\system32\Windows.SharedPC.AccountManage r.dll [223232 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S2 SkypeUpdate; C:\Program Files (x86)\Skype\Updater\Updater.exe [317408 2017-07-18] (Skype Software Sarl -> Skype Technologies)
S3 smphost; C:\WINDOWS\System32\smphost.dll [36176 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 smphost; C:\WINDOWS\SysWOW64\smphost.dll [33104 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 SmsRouter; C:\WINDOWS\system32\SmsRouterSvc.dll [656384 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
S3 SNMPTRAP; C:\WINDOWS\System32\snmptrap.exe [16896 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 spectrum; C:\WINDOWS\system32\spectrum.exe [877568 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
R2 Spooler; C:\WINDOWS\System32\spoolsv.exe [836096 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
S2 sppsvc; C:\WINDOWS\system32\sppsvc.exe [4630392 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
R3 SSDPSRV; C:\WINDOWS\System32\ssdpsrv.dll [284672 2021-07-07] (Microsoft Windows -> Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [382976 2021-05-12] (Microsoft Windows -> )
R3 SstpSvc; C:\WINDOWS\system32\sstpsvc.dll [211968 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 StateRepository; C:\WINDOWS\system32\windows.staterepository.dll [5858656 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
R3 StateRepository; C:\WINDOWS\SysWOW64\windows.staterepository.dll [5420640 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S2 stisvc; C:\WINDOWS\System32\wiaservc.dll [687616 2020-09-18] (Microsoft Windows -> Microsoft Corporation)
R2 StorSvc; C:\WINDOWS\system32\storsvc.dll [1097216 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 svsvc; C:\WINDOWS\system32\svsvc.dll [14336 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 swprv; C:\WINDOWS\System32\swprv.dll [514560 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-04] (Synaptics Incorporated -> Synaptics Incorporated)
R2 SysMain; C:\WINDOWS\system32\sysmain.dll [1005568 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
R2 SystemEventsBroker; C:\WINDOWS\System32\SystemEventsBrokerServer.dll [251904 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
R3 TabletInputService; C:\WINDOWS\System32\TabSvc.dll [235008 2021-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 TapiSrv; C:\WINDOWS\System32\tapisrv.dll [316928 2020-09-18] (Microsoft Windows -> Microsoft Corporation)
R3 TapiSrv; C:\WINDOWS\SysWOW64\tapisrv.dll [251904 2020-09-18] (Microsoft Windows -> Microsoft Corporation)
S3 TermService; C:\WINDOWS\System32\termsrv.dll [1134080 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R2 Themes; C:\WINDOWS\system32\themeservice.dll [70656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 TieringEngineService; C:\WINDOWS\system32\TieringEngineService.exe [326144 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
R3 TimeBrokerSvc; C:\WINDOWS\System32\TimeBrokerServer.dll [179712 2020-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 TokenBroker; C:\WINDOWS\System32\TokenBroker.dll [1526784 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
R3 TokenBroker; C:\WINDOWS\SysWOW64\TokenBroker.dll [1239040 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
R2 TrkWks; C:\WINDOWS\System32\trkwks.dll [115200 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S3 TroubleshootingSvc; C:\WINDOWS\system32\MitigationClient.dll [487936 2021-07-07] (Microsoft Windows -> Microsoft Corporation)
S3 TrustedInstaller; C:\WINDOWS\servicing\TrustedInstaller.exe [205648 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
S4 tzautoupdate; C:\WINDOWS\system32\tzautoupdate.dll [97792 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [73728 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 UdkUserSvc; C:\WINDOWS\System32\windowsudk.shellcommon.dll [2111488 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
S3 UdkUserSvc_fbbbf9; C:\WINDOWS\system32\svchost.exe [57360 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 UdkUserSvc_fbbbf9; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 uhssvc; C:\Program Files\Microsoft Update Health Tools\uhssvc.exe [353104 2021-09-08] (Microsoft Windows -> Microsoft Corporation)
S3 UmRdpService; C:\WINDOWS\System32\umrdp.dll [396800 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 UnistoreSvc; C:\WINDOWS\System32\unistore.dll [1191936 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 UnistoreSvc; C:\WINDOWS\SysWOW64\unistore.dll [962048 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
R3 UnistoreSvc_fbbbf9; C:\WINDOWS\System32\svchost.exe [57360 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 UnistoreSvc_fbbbf9; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 upnphost; C:\WINDOWS\System32\upnphost.dll [471552 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
S3 upnphost; C:\WINDOWS\SysWOW64\upnphost.dll [327680 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
S3 UserDataSvc; C:\WINDOWS\System32\userdataservice.dll [1554944 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
R3 UserDataSvc_fbbbf9; C:\WINDOWS\system32\svchost.exe [57360 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 UserDataSvc_fbbbf9; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 UserManager; C:\WINDOWS\System32\usermgr.dll [1487360 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
R2 UsoSvc; C:\WINDOWS\system32\usosvc.dll [569856 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 VacSvc; C:\WINDOWS\System32\vac.dll [382720 2021-02-15] (Microsoft Windows -> Microsoft Corporation)
R3 VaultSvc; C:\Windows\System32\vaultsvc.dll [371200 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 vds; C:\WINDOWS\System32\vds.exe [739840 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 vmicguestinterface; C:\WINDOWS\System32\icsvc.dll [293176 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 vmicheartbeat; C:\WINDOWS\System32\icsvc.dll [293176 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 vmickvpexchange; C:\WINDOWS\System32\icsvc.dll [293176 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 vmicrdv; C:\WINDOWS\System32\icsvcext.dll [304640 2021-04-14] (Microsoft Windows -> Microsoft Corporation)
S3 vmicshutdown; C:\WINDOWS\System32\icsvc.dll [293176 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 vmictimesync; C:\WINDOWS\System32\icsvc.dll [293176 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 vmicvmsession; C:\WINDOWS\System32\icsvc.dll [293176 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 vmicvss; C:\WINDOWS\System32\icsvcext.dll [304640 2021-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 VSS; C:\WINDOWS\system32\vssvc.exe [1504768 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
S3 W32Time; C:\WINDOWS\system32\w32time.dll [479744 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
R3 WaaSMedicSvc; C:\WINDOWS\System32\WaaSMedicSvc.dll [430080 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
S3 WalletService; C:\WINDOWS\system32\WalletService.dll [442368 2021-05-12] (Microsoft Windows -> Microsoft Corporation)
S3 WarpJITSvc; C:\WINDOWS\System32\Windows.WARP.JITService.dll [65536 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wbengine; C:\WINDOWS\system32\wbengine.exe [1585152 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
R3 WbioSrvc; C:\WINDOWS\System32\wbiosrvc.dll [886784 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinServ ice.exe [22960 2021-11-19] (Lavasoft Software Canada Inc. -> )
R2 Wcmsvc; C:\WINDOWS\System32\wcmsvc.dll [995840 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 wcncsvc; C:\WINDOWS\System32\wcncsvc.dll [483840 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
R3 WdiServiceHost; C:\WINDOWS\system32\wdi.dll [105472 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdiServiceHost; C:\WINDOWS\SysWOW64\wdi.dll [88064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdiSystemHost; C:\WINDOWS\system32\wdi.dll [105472 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdiSystemHost; C:\WINDOWS\SysWOW64\wdi.dll [88064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WebClient; C:\WINDOWS\System32\webclnt.dll [231936 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S3 WebClient; C:\WINDOWS\SysWOW64\webclnt.dll [190976 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S3 Wecsvc; C:\WINDOWS\system32\wecsvc.dll [205312 2020-12-09] (Microsoft Windows -> Microsoft Corporation)
S3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [28672 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wercplsupport; C:\WINDOWS\System32\wercplsupport.dll [141312 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 WerSvc; C:\WINDOWS\System32\WerSvc.dll [259584 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 WFDSConMgrSvc; C:\WINDOWS\System32\wfdsconmgrsvc.dll [677888 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WiaRpc; C:\WINDOWS\System32\wiarpc.dll [87040 2020-09-18] (Microsoft Windows -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\WINDOWS\system32\winhttp.dll [1092416 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\WINDOWS\SysWOW64\winhttp.dll [829960 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
R2 Winmgmt; C:\WINDOWS\system32\wbem\WMIsvc.dll [243712 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
S3 WinRM; C:\WINDOWS\system32\WsmSvc.dll [2826240 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 WinRM; C:\WINDOWS\SysWOW64\WsmSvc.dll [2348544 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 wisvc; C:\WINDOWS\system32\flightsettings.dll [939984 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [752536 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
R2 WlanSvc; C:\WINDOWS\System32\wlansvc.dll [2653184 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 wlidsvc; C:\WINDOWS\system32\wlidsvc.dll [2249728 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
S3 wlpasvc; C:\WINDOWS\System32\lpasvc.dll [1253888 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 WManSvc; C:\WINDOWS\system32\Windows.Management.Service.dll [815104 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 wmiApSrv; C:\WINDOWS\system32\wbem\WmiApSrv.exe [209920 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [955904 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 workfolderssvc; C:\WINDOWS\system32\workfolderssvc.dll [2237752 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WpcMonSvc; C:\WINDOWS\System32\WpcDesktopMonSvc.dll [1871360 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
S3 WPDBusEnum; C:\WINDOWS\system32\wpdbusenum.dll [92672 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R2 WpnService; C:\WINDOWS\system32\WpnService.dll [245248 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S2 WpnUserService; C:\WINDOWS\System32\WpnUserService.dll [85504 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
R2 WpnUserService_fbbbf9; C:\WINDOWS\system32\svchost.exe [57360 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WpnUserService_fbbbf9; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\office6\wpscloudsvr.exe [1057480 2021-12-06] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 wscsvc; C:\WINDOWS\System32\wscsvc.dll [332176 2022-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [940544 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R2 WSearch; C:\WINDOWS\SysWOW64\SearchIndexer.exe [716288 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R3 wuauserv; C:\WINDOWS\system32\wuaueng.dll [3407872 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
S3 WwanSvc; C:\WINDOWS\System32\wwansvc.dll [1521152 2021-07-07] (Microsoft Windows -> Microsoft Corporation)
S3 XblAuthManager; C:\WINDOWS\System32\XblAuthManager.dll [1049088 2021-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 XblGameSave; C:\WINDOWS\System32\XblGameSave.dll [1270272 2021-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 XboxGipSvc; C:\WINDOWS\System32\XboxGipSvc.dll [72704 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
S3 XboxNetApiSvc; C:\WINDOWS\system32\XboxNetApiSvc.dll [1295360 2021-01-18] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (All) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394ohci; C:\WINDOWS\System32\drivers\1394ohci.sys [266240 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 3ware; C:\WINDOWS\System32\drivers\3ware.sys [107320 2019-12-07] (Microsoft Windows -> LSI)
R0 ACPI; C:\WINDOWS\System32\drivers\ACPI.sys [809288 2021-05-12] (Microsoft Windows -> Microsoft Corporation)
S3 AcpiDev; C:\WINDOWS\System32\drivers\AcpiDev.sys [23040 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 acpiex; C:\WINDOWS\System32\Drivers\acpiex.sys [139792 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 acpipagr; C:\WINDOWS\System32\drivers\acpipagr.sys [14336 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 AcpiPmi; C:\WINDOWS\System32\drivers\acpipmi.sys [18432 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 acpitime; C:\WINDOWS\System32\drivers\acpitime.sys [16384 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Acx01000; C:\WINDOWS\System32\drivers\Acx01000.sys [415232 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 ADP80XX; C:\WINDOWS\System32\drivers\ADP80XX.SYS [1135416 2019-12-07] (Microsoft Windows -> PMC-Sierra)
R1 AFD; C:\WINDOWS\system32\drivers\afd.sys [650064 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
R1 afunix; C:\WINDOWS\system32\drivers\afunix.sys [41984 2021-07-14] (Microsoft Windows -> Microsoft Corporation)
R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2021-07-14] (Microsoft Windows -> Microsoft Corporation)
R1 ahcache; C:\WINDOWS\System32\DRIVERS\ahcache.sys [292352 2021-04-14] (Microsoft Windows -> Microsoft Corporation)
S3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [18432 2019-12-07] (Microsoft Windows -> Advanced Micro Devices, Inc)
S3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [45568 2019-12-07] (Microsoft Windows -> Advanced Micro Devices, Inc)
S3 AmdK8; C:\WINDOWS\System32\drivers\amdk8.sys [207160 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
S3 AmdPPM; C:\WINDOWS\System32\drivers\amdppm.sys [211256 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
S0 amdsata; C:\WINDOWS\System32\drivers\amdsata.sys [83256 2019-12-07] (Microsoft Windows -> Advanced Micro Devices)
S0 amdsbs; C:\WINDOWS\System32\drivers\amdsbs.sys [259384 2019-12-07] (Microsoft Windows -> AMD Technologies Inc.)
S0 amdxata; C:\WINDOWS\System32\drivers\amdxata.sys [26936 2019-12-07] (Microsoft Windows -> Advanced Micro Devices)
S3 AppID; C:\WINDOWS\System32\drivers\appid.sys [214840 2021-12-15] (Microsoft Windows -> Microsoft Windows)
S3 applockerfltr; C:\WINDOWS\System32\drivers\applockerfltr.sys [18432 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
S0 arcsas; C:\WINDOWS\System32\drivers\arcsas.sys [131896 2019-12-07] (Microsoft Windows -> PMC-Sierra, Inc.)
S3 AsyncMac; C:\WINDOWS\System32\drivers\asyncmac.sys [31232 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 atapi; C:\WINDOWS\System32\drivers\atapi.sys [30032 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2019-12-07] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
S0 b06bdrv; C:\WINDOWS\System32\drivers\bxvbda.sys [533816 2019-12-07] (Microsoft Windows -> QLogic Corporation)
R1 bam; C:\WINDOWS\System32\drivers\bam.sys [78136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\bas icdisplay.inf_amd64_65ab9a260dbf7467\BasicDisplay. sys [68608 2021-04-14] (Microsoft Windows -> Microsoft Corporation)
R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\bas icrender.inf_amd64_df49c4daa6251397\BasicRender.sy s [38912 2021-04-14] (Microsoft Windows -> Microsoft Corporation)
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [41272 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 bcmfn2; C:\WINDOWS\System32\drivers\bcmfn2.sys [9728 2019-12-07] (Microsoft Windows -> Windows (R) Win 7 DDK provider)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2021-11-16] (Bitdefender SRL -> Bitdefender)
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [10240 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 bindflt; C:\WINDOWS\system32\drivers\bindflt.sys [149320 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
R3 bowser; C:\WINDOWS\System32\DRIVERS\bowser.sys [117760 2021-07-14] (Microsoft Windows -> Microsoft Corporation)
R3 BTATH_BUS; C:\WINDOWS\System32\drivers\btath_bus.sys [34384 2013-09-07] (Atheros Communications Inc. -> Qualcomm Atheros)
R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [69440 2018-06-26] (Qualcomm Atheros -> Qualcomm)
R3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
R3 BthEnum; C:\WINDOWS\System32\drivers\BthEnum.sys [113664 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R3 BthHFAud; C:\WINDOWS\System32\drivers\BthHfAud.sys [65536 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
R3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [154112 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
R3 BthLEEnum; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Le gacy.LEEnumerator.sys [106496 2020-09-18] (Microsoft Windows -> Microsoft Corporation)
S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [45568 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [76800 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 BthPan; C:\WINDOWS\System32\drivers\bthpan.sys [133632 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 BTHPORT; C:\WINDOWS\System32\drivers\BTHport.sys [1559552 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R3 BTHUSB; C:\WINDOWS\System32\drivers\BTHUSB.sys [110592 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
Reply With Quote
  #13  
Old January 26th, 2022, 01:50 AM
Jaytee's Avatar
Jaytee Jaytee is offline
Senior Member
 
Join Date: May 2002
O/S: Linux
Location: Hamilton New Zealand
Age: 76
Posts: 3,620
S0 bttflt; C:\WINDOWS\System32\drivers\bttflt.sys [43832 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 buttonconverter; C:\WINDOWS\System32\drivers\buttonconverter.sys [44032 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 CAD; C:\WINDOWS\System32\drivers\CAD.sys [66576 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 cdfs; C:\WINDOWS\System32\DRIVERS\cdfs.sys [100864 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 cdrom; C:\WINDOWS\System32\drivers\cdrom.sys [175616 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc. -> McAfee, Inc.)
S0 cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [319800 2019-12-07] (Microsoft Windows -> Chelsio Communications)
S3 cht4vbd; C:\WINDOWS\System32\drivers\cht4vx64.sys [1853752 2019-12-07] (Microsoft Windows -> Chelsio Communications)
R1 CimFS; C:\Windows\System32\Drivers\CimFS.sys [98304 2021-10-13] (Microsoft Windows -> )
S3 circlass; C:\WINDOWS\System32\drivers\circlass.sys [52224 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 CldFlt; C:\WINDOWS\System32\drivers\cldflt.sys [496640 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
R0 CLFS; C:\WINDOWS\System32\drivers\CLFS.sys [414576 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
R3 CmBatt; C:\WINDOWS\System32\drivers\CmBatt.sys [36864 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 CNG; C:\WINDOWS\System32\Drivers\cng.sys [746416 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
S4 cnghwassist; C:\WINDOWS\System32\DRIVERS\cnghwassist.sys [40968 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 CompositeBus; C:\WINDOWS\System32\DriverStore\FileRepository\com positebus.inf_amd64_7500cffa210c6946\CompositeBus. sys [41984 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 condrv; C:\WINDOWS\System32\drivers\condrv.sys [57144 2021-07-14] (Microsoft Windows -> Microsoft Corporation)
S1 dam; C:\WINDOWS\System32\drivers\dam.sys [97096 2021-06-09] (Microsoft Windows -> Microsoft Corporation)
R1 Dfsc; C:\WINDOWS\System32\Drivers\dfsc.sys [152064 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
R0 disk; C:\WINDOWS\System32\drivers\disk.sys [98624 2021-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 dmvsc; C:\WINDOWS\System32\drivers\dmvsc.sys [59192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 drmkaud; C:\WINDOWS\System32\drivers\drmkaud.sys [16128 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
R1 DXGKrnl; C:\WINDOWS\System32\drivers\dxgkrnl.sys [3814216 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S0 ebdrv; C:\WINDOWS\System32\drivers\evbda.sys [3418936 2019-12-07] (Microsoft Windows -> QLogic Corporation)
R0 EhStorClass; C:\WINDOWS\System32\drivers\EhStorClass.sys [95032 2021-05-12] (Microsoft Windows -> Microsoft Corporation)
S0 EhStorTcgDrv; C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys [124728 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 ErrDev; C:\WINDOWS\System32\drivers\errdev.sys [15872 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [417608 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
R3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [425288 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
S3 fdc; C:\WINDOWS\System32\drivers\fdc.sys [34816 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 FileCrypt; C:\WINDOWS\System32\drivers\filecrypt.sys [59392 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 FileInfo; C:\WINDOWS\System32\drivers\fileinfo.sys [94736 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Filetrace; C:\WINDOWS\System32\drivers\filetrace.sys [40448 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 flpydisk; C:\WINDOWS\System32\drivers\flpydisk.sys [28672 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 FltMgr; C:\WINDOWS\System32\drivers\fltmgr.sys [435000 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
S3 FsDepends; C:\WINDOWS\System32\drivers\FsDepends.sys [69968 2021-04-14] (Microsoft Windows -> Microsoft Corporation)
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [33592 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 fvevol; C:\WINDOWS\System32\DRIVERS\fvevol.sys [801608 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 gencounter; C:\WINDOWS\System32\drivers\vmgencounter.sys [23864 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 genericusbfn; C:\WINDOWS\System32\DriverStore\FileRepository\gen ericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn. sys [23040 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 GPIOClx0101; C:\WINDOWS\System32\Drivers\msgpioclx.sys [183112 2020-09-18] (Microsoft Windows -> Microsoft Corporation)
R1 GpuEnergyDrv; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [8704 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 HdAudAddService; C:\WINDOWS\System32\drivers\HdAudio.sys [430080 2020-09-18] (Microsoft Windows -> Microsoft Corporation)
R3 HDAudBus; C:\WINDOWS\System32\drivers\HDAudBus.sys [139776 2021-07-07] (Microsoft Windows -> Microsoft Corporation)
S3 HidBatt; C:\WINDOWS\System32\drivers\HidBatt.sys [39440 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 HidBth; C:\WINDOWS\System32\drivers\hidbth.sys [120320 2020-09-18] (Microsoft Windows -> Microsoft Corporation)
S3 hidi2c; C:\WINDOWS\System32\drivers\hidi2c.sys [57344 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 hidinterrupt; C:\WINDOWS\System32\drivers\hidinterrupt.sys [55824 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 HidIr; C:\WINDOWS\System32\drivers\hidir.sys [48640 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [66560 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 HidUsb; C:\WINDOWS\System32\drivers\hidusb.sys [44032 2021-04-14] (Microsoft Windows -> Microsoft Corporation)
S0 HpSAMD; C:\WINDOWS\System32\drivers\HpSAMD.sys [64312 2019-12-07] (Microsoft Windows -> Hewlett-Packard Company)
R3 HTTP; C:\WINDOWS\System32\drivers\HTTP.sys [1576760 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S4 hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [35128 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 hvservice; C:\WINDOWS\System32\drivers\hvservice.sys [95056 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 HwNClx0101; C:\WINDOWS\System32\Drivers\mshwnclx.sys [30208 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 hwpolicy; C:\WINDOWS\System32\drivers\hwpolicy.sys [33096 2020-09-18] (Microsoft Windows -> Microsoft Corporation)
S3 hyperkbd; C:\WINDOWS\System32\drivers\hyperkbd.sys [27448 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 HyperVideo; C:\WINDOWS\System32\drivers\HyperVideo.sys [41784 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 i8042prt; C:\WINDOWS\System32\drivers\i8042prt.sys [118272 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 iagpio; C:\WINDOWS\System32\drivers\iagpio.sys [36352 2019-12-07] (Microsoft Windows -> Intel(R) Corporation)
S3 iai2c; C:\WINDOWS\System32\drivers\iai2c.sys [91136 2019-12-07] (Microsoft Windows -> Intel(R) Corporation)
S3 iaLPSS2i_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSS2i_GPIO2_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.s ys [93184 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSS2i_I2C; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [171520 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [175104 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [177152 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSSi_GPIO; C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128 2019-12-07] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 iaLPSSi_I2C; C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152 2019-12-07] (Microsoft Windows -> Intel Corporation)
S0 iaStorAVC; C:\WINDOWS\System32\drivers\iaStorAVC.sys [884752 2019-12-07] (Microsoft Windows -> Intel Corporation)
S0 iaStorV; C:\WINDOWS\System32\drivers\iaStorV.sys [412176 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 ibbus; C:\WINDOWS\System32\drivers\ibbus.sys [558904 2019-12-07] (Microsoft Windows -> Mellanox)
R3 igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [3811288 2016-05-04] (Intel(R) pGFX -> Intel Corporation)
S3 IndirectKmd; C:\WINDOWS\System32\drivers\IndirectKmd.sys [47104 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
R3 IntcAzAudAddService; C:\WINDOWS\system32\drivers\RTKVHD64.sys [4504320 2015-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 IntcDAud; C:\WINDOWS\System32\drivers\IntcDAud.sys [463112 2015-08-21] (Intel Corporation - Client Components Group -> Intel(R) Corporation)
S0 intelide; C:\WINDOWS\System32\drivers\intelide.sys [19792 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
R0 intelpep; C:\WINDOWS\System32\drivers\intelpep.sys [418800 2021-10-13] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S3 intelpmax; C:\WINDOWS\System32\drivers\intelpmax.sys [30720 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 intelppm; C:\WINDOWS\System32\drivers\intelppm.sys [230728 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
R0 iorate; C:\WINDOWS\System32\drivers\iorate.sys [57168 2021-06-09] (Microsoft Windows -> Microsoft Corporation)
S3 IpFilterDriver; C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [90112 2021-05-12] (Microsoft Windows -> Microsoft Corporation)
S3 IPMIDRV; C:\WINDOWS\System32\drivers\IPMIDrv.sys [117584 2021-06-09] (Microsoft Windows -> Microsoft Corporation)
S3 IPNAT; C:\WINDOWS\System32\drivers\ipnat.sys [225280 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 IPT; C:\WINDOWS\System32\drivers\ipt.sys [59704 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 isapnp; C:\WINDOWS\System32\drivers\isapnp.sys [22864 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 iScsiPrt; C:\WINDOWS\System32\drivers\msiscsi.sys [293176 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
S0 ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [172344 2019-12-07] (Microsoft Windows -> Avago Technologies)
R3 iwdbus; C:\WINDOWS\System32\drivers\iwdbus.sys [38896 2015-12-02] (Intel(R) Wireless Display -> Intel Corporation)
R3 kbdclass; C:\WINDOWS\System32\drivers\kbdclass.sys [71480 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 kbdhid; C:\WINDOWS\System32\drivers\kbdhid.sys [46592 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 kdnic; C:\WINDOWS\System32\drivers\kdnic.sys [33296 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 KSecDD; C:\WINDOWS\System32\Drivers\ksecdd.sys [147256 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
R0 KSecPkg; C:\WINDOWS\System32\Drivers\ksecpkg.sys [181104 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
R3 ksthunk; C:\WINDOWS\system32\drivers\ksthunk.sys [29696 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 lltdio; C:\WINDOWS\System32\drivers\lltdio.sys [72704 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S0 LSI_SAS; C:\WINDOWS\System32\drivers\lsi_sas.sys [108856 2019-12-07] (Microsoft Windows -> LSI Corporation)
S0 LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [124216 2019-12-07] (Microsoft Windows -> LSI Corporation)
S0 LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [135992 2019-12-07] (Microsoft Windows -> Avago Technologies)
S0 LSI_SSS; C:\WINDOWS\System32\drivers\lsi_sss.sys [82744 2019-12-07] (Microsoft Windows -> LSI Corporation)
R2 luafv; C:\WINDOWS\system32\drivers\luafv.sys [140800 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
S3 mausbhost; C:\WINDOWS\System32\drivers\mausbhost.sys [537608 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 mausbip; C:\WINDOWS\System32\drivers\mausbip.sys [64016 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [391168 2021-07-07] (Microsoft Windows -> Microsoft Corporation)
S0 megasas; C:\WINDOWS\System32\drivers\megasas.sys [59704 2019-12-07] (Microsoft Windows -> Avago Technologies)
S0 megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [81720 2019-12-07] (Microsoft Windows -> Avago Technologies)
S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [105480 2019-12-07] (Microsoft Windows -> Avago Technologies)
S0 megasr; C:\WINDOWS\System32\drivers\megasr.sys [575800 2019-12-07] (Microsoft Windows -> LSI Corporation, Inc.)
S3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc. -> McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [69352 2014-04-03] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc. -> McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc. -> McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc. -> McAfee, Inc.)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Av rcpTransport.sys [65024 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 mlx4_bus; C:\WINDOWS\System32\drivers\mlx4_bus.sys [1131320 2019-12-07] (Microsoft Windows -> Mellanox)
R2 MMCSS; C:\WINDOWS\system32\drivers\mmcss.sys [53248 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
S3 Modem; C:\WINDOWS\System32\drivers\modem.sys [47104 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
R3 monitor; C:\WINDOWS\System32\drivers\monitor.sys [83968 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
R3 mouclass; C:\WINDOWS\System32\drivers\mouclass.sys [67600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 mouhid; C:\WINDOWS\System32\drivers\mouhid.sys [35328 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 mountmgr; C:\WINDOWS\System32\drivers\mountmgr.sys [110392 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 mpsdrv; C:\WINDOWS\System32\drivers\mpsdrv.sys [80896 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MRxDAV; C:\WINDOWS\system32\drivers\mrxdav.sys [157696 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
R3 mrxsmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [574800 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R3 mrxsmb20; C:\WINDOWS\System32\DRIVERS\mrxsmb20.sys [264528 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 MsBridge; C:\WINDOWS\System32\drivers\bridge.sys [127488 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [44048 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 msgpiowin32; C:\WINDOWS\System32\drivers\msgpiowin32.sys [56120 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 mshidkmdf; C:\WINDOWS\System32\drivers\mshidkmdf.sys [8192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 mshidumdf; C:\WINDOWS\System32\drivers\mshidumdf.sys [12288 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 msisadrv; C:\WINDOWS\System32\drivers\msisadrv.sys [20280 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 MSKSSRV; C:\WINDOWS\System32\drivers\MSKSSRV.sys [34816 2020-11-13] (Microsoft Windows -> Microsoft Corporation)
R2 MsLldp; C:\WINDOWS\System32\drivers\mslldp.sys [78848 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MSPCLOCK; C:\WINDOWS\System32\drivers\MSPCLOCK.sys [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MSPQM; C:\WINDOWS\System32\drivers\MSPQM.sys [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 MsQuic; C:\WINDOWS\System32\drivers\msquic.sys [322376 2020-09-18] (Microsoft Windows -> Microsoft Corporation)
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [375608 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
R1 mssmbios; C:\WINDOWS\System32\drivers\mssmbios.sys [47928 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MSTEE; C:\WINDOWS\System32\drivers\MSTEE.sys [12288 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MTConfig; C:\WINDOWS\System32\drivers\MTConfig.sys [17920 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 Mup; C:\WINDOWS\System32\Drivers\mup.sys [132920 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
S0 mvumis; C:\WINDOWS\System32\drivers\mvumis.sys [63800 2019-12-07] (Microsoft Windows -> Marvell Semiconductor, Inc.)
R3 NativeWifiP; C:\WINDOWS\System32\DRIVERS\nwifi.sys [757760 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 ndfltr; C:\WINDOWS\System32\drivers\ndfltr.sys [146232 2019-12-07] (Microsoft Windows -> Mellanox)
R0 NDIS; C:\WINDOWS\System32\drivers\ndis.sys [1476944 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R1 NdisCap; C:\WINDOWS\System32\drivers\ndiscap.sys [54272 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 NdisImPlatform; C:\WINDOWS\System32\drivers\NdisImPlatform.sys [135168 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [50448 2015-07-28] (Intel(R) Technology Access -> Intel Corporation)
R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [28672 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
R3 Ndisuio; C:\WINDOWS\System32\drivers\ndisuio.sys [70656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 NdisVirtualBus; C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [23040 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 NdisWan; C:\WINDOWS\System32\drivers\ndiswan.sys [212992 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
S3 ndiswanlegacy; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [212992 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
S3 NDKPing; C:\WINDOWS\System32\drivers\NDKPing.sys [72720 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 ndproxy; C:\WINDOWS\System32\DRIVERS\NDProxy.sys [93696 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
R2 Ndu; C:\WINDOWS\System32\drivers\Ndu.sys [131584 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [214528 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R1 NetBIOS; C:\WINDOWS\System32\drivers\netbios.sys [64312 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [341504 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
S3 NetTap630; C:\WINDOWS\system32\DRIVERS\nettap630.sys [76560 2015-07-29] (Intel(R) Technology Access -> Intel Corporation)
S3 netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [252264 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [87568 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 npsvctrig; C:\WINDOWS\System32\drivers\npsvctrig.sys [27648 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 nsiproxy; C:\WINDOWS\System32\drivers\nsiproxy.sys [48640 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [2850160 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R1 Null; C:\Windows\System32\Drivers\Null.sys [7680 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 nvdimm; C:\WINDOWS\System32\drivers\nvdimm.sys [168464 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 nvraid; C:\WINDOWS\System32\drivers\nvraid.sys [150328 2019-12-07] (Microsoft Windows -> NVIDIA Corporation)
S0 nvstor; C:\WINDOWS\System32\drivers\nvstor.sys [166200 2019-12-07] (Microsoft Windows -> NVIDIA Corporation)
S3 Parport; C:\WINDOWS\System32\drivers\parport.sys [109056 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 partmgr; C:\WINDOWS\System32\drivers\partmgr.sys [182608 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R0 pci; C:\WINDOWS\System32\drivers\pci.sys [469840 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
S0 pciide; C:\WINDOWS\System32\drivers\pciide.sys [16712 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
S0 pcmcia; C:\WINDOWS\System32\drivers\pcmcia.sys [127800 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 pcw; C:\WINDOWS\System32\drivers\pcw.sys [57656 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
R0 pdc; C:\WINDOWS\System32\drivers\pdc.sys [159056 2021-06-09] (Microsoft Windows -> Microsoft Corporation)
R2 PEAUTH; C:\WINDOWS\System32\drivers\peauth.sys [823808 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
S0 percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [58680 2019-12-07] (Microsoft Windows -> Avago Technologies)
S0 percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [68408 2019-12-07] (Microsoft Windows -> Avago Technologies)
S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [130360 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S0 pmem; C:\WINDOWS\System32\drivers\pmem.sys [138040 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 PNPMEM; C:\WINDOWS\System32\drivers\pnpmem.sys [17408 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [27136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 PptpMiniport; C:\WINDOWS\System32\drivers\raspptp.sys [101888 2020-09-18] (Microsoft Windows -> Microsoft Corporation)
S3 Processor; C:\WINDOWS\System32\drivers\processr.sys [216376 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
R1 Psched; C:\WINDOWS\System32\drivers\pacer.sys [161608 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
S3 QWAVEdrv; C:\WINDOWS\system32\drivers\qwavedrv.sys [53248 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S0 Ramdisk; C:\WINDOWS\System32\DRIVERS\ramdisk.sys [42296 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 RasAcd; C:\WINDOWS\System32\DRIVERS\rasacd.sys [20480 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
R3 RasAgileVpn; C:\WINDOWS\System32\drivers\AgileVpn.sys [118784 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
R3 Rasl2tp; C:\WINDOWS\System32\drivers\rasl2tp.sys [110080 2020-09-18] (Microsoft Windows -> Microsoft Corporation)
R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [87552 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 RasSstp; C:\WINDOWS\System32\drivers\rassstp.sys [86016 2020-09-18] (Microsoft Windows -> Microsoft Corporation)
R1 rdbss; C:\WINDOWS\System32\DRIVERS\rdbss.sys [456008 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
R3 rdpbus; C:\WINDOWS\System32\drivers\rdpbus.sys [28672 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 RDPDR; C:\WINDOWS\System32\drivers\rdpdr.sys [169984 2021-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 RdpVideoMiniport; C:\WINDOWS\System32\drivers\rdpvideominiport.sys [32624 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
R0 rdyboost; C:\WINDOWS\System32\drivers\rdyboost.sys [297784 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [2004296 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [990536 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
R3 RFCOMM; C:\WINDOWS\System32\drivers\rfcomm.sys [213504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 rhproxy; C:\WINDOWS\System32\drivers\rhproxy.sys [115712 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 RSBASTOR; C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys [309976 2013-09-04] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R2 rspndr; C:\WINDOWS\System32\drivers\rspndr.sys [89088 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 RTL8168; C:\WINDOWS\System32\drivers\Rt630x64.sys [830680 2013-08-15] (Realtek Semiconductor Corp -> Realtek)
S3 s3cap; C:\WINDOWS\System32\drivers\vms3cap.sys [18960 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 sbp2port; C:\WINDOWS\System32\drivers\sbp2port.sys [118088 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 scfilter; C:\WINDOWS\System32\DRIVERS\scfilter.sys [44032 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
S0 scmbus; C:\WINDOWS\System32\drivers\scmbus.sys [158736 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 sdbus; C:\WINDOWS\System32\drivers\sdbus.sys [305472 2021-04-14] (Microsoft Windows -> Microsoft Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [35128 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 sdstor; C:\WINDOWS\System32\drivers\sdstor.sys [104264 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 SerCx; C:\WINDOWS\System32\drivers\SerCx.sys [86328 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 SerCx2; C:\WINDOWS\System32\drivers\SerCx2.sys [173072 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Serenum; C:\WINDOWS\System32\drivers\serenum.sys [27648 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Serial; C:\WINDOWS\System32\drivers\serial.sys [90624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 sermouse; C:\WINDOWS\System32\drivers\sermouse.sys [29184 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 sfloppy; C:\WINDOWS\System32\drivers\sfloppy.sys [19456 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 SgrmAgent; C:\WINDOWS\System32\drivers\SgrmAgent.sys [88080 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 SiSRaid2; C:\WINDOWS\System32\drivers\SiSRaid2.sys [44856 2019-12-07] (Microsoft Windows -> Silicon Integrated Systems Corp.)
S0 SiSRaid4; C:\WINDOWS\System32\drivers\sisraid4.sys [81720 2019-12-07] (Microsoft Windows -> Silicon Integrated Systems)
S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [209720 2019-12-07] (Microsoft Windows -> Microsemi Corportation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-04] (Synaptics Incorporated -> Synaptics Incorporated)
S3 spaceparser; C:\WINDOWS\System32\drivers\spaceparser.sys [26624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 spaceport; C:\WINDOWS\System32\drivers\spaceport.sys [680296 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S3 SpatialGraphFilter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [90936 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 SpbCx; C:\WINDOWS\System32\drivers\SpbCx.sys [87352 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 srv2; C:\WINDOWS\System32\DRIVERS\srv2.sys [787968 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
R3 srvnet; C:\WINDOWS\System32\DRIVERS\srvnet.sys [315392 2021-06-09] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 stexstor; C:\WINDOWS\System32\drivers\stexstor.sys [31032 2019-12-07] (Microsoft Windows -> Promise Technology, Inc.)
R0 storahci; C:\WINDOWS\System32\drivers\storahci.sys [186168 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
S0 storflt; C:\WINDOWS\System32\drivers\vmstorfl.sys [54080 2021-05-12] (Microsoft Windows -> Microsoft Corporation)
S0 stornvme; C:\WINDOWS\System32\drivers\stornvme.sys [158008 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
R2 storqosflt; C:\WINDOWS\System32\drivers\storqosflt.sys [92984 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 storufs; C:\WINDOWS\System32\drivers\storufs.sys [61264 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
S0 storvsc; C:\WINDOWS\System32\drivers\storvsc.sys [44048 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2020-09-24] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
R3 swenum; C:\WINDOWS\System32\DriverStore\FileRepository\swe num.inf_amd64_16a14542b63c02af\swenum.sys [18952 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Synth3dVsc; C:\WINDOWS\System32\drivers\Synth3dVsc.sys [6656 2021-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 SynTP; C:\WINDOWS\system32\DRIVERS\SynTP.sys [613576 2015-06-04] (Synaptics Incorporated -> Synaptics Incorporated)
R0 Tcpip; C:\WINDOWS\System32\drivers\tcpip.sys [2989880 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 Tcpip6; C:\WINDOWS\System32\drivers\tcpip.sys [2989880 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R2 tcpipreg; C:\WINDOWS\System32\drivers\tcpipreg.sys [54784 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 tdx; C:\WINDOWS\system32\DRIVERS\tdx.sys [117584 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
R0 Telemetry; C:\WINDOWS\System32\drivers\IntelTA.sys [26608 2020-10-14] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S3 terminpt; C:\WINDOWS\System32\drivers\terminpt.sys [41272 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 TPM; C:\WINDOWS\System32\drivers\tpm.sys [255288 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 TsUsbFlt; C:\WINDOWS\System32\drivers\tsusbflt.sys [66560 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 TsUsbGD; C:\WINDOWS\System32\drivers\TsUsbGD.sys [37888 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
S3 tunnel; C:\WINDOWS\System32\drivers\tunnel.sys [129024 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 UASPStor; C:\WINDOWS\System32\drivers\uaspstor.sys [79160 2021-06-09] (Microsoft Windows -> Microsoft Corporation)
S3 UcmCx0101; C:\WINDOWS\System32\Drivers\UcmCx.sys [160256 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 UcmTcpciCx0101; C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys [188416 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [36864 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [113152 2020-09-18] (Microsoft Windows -> Microsoft Corporation)
R3 Ucx01000; C:\WINDOWS\System32\drivers\ucx01000.sys [259896 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [52736 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 udfs; C:\WINDOWS\System32\DRIVERS\udfs.sys [344064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 UEFI; C:\WINDOWS\System32\DriverStore\FileRepository\uef i.inf_amd64_c1628ffa62c8e54c\UEFI.sys [34104 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Ufx01000; C:\WINDOWS\System32\drivers\ufx01000.sys [324432 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
S3 UfxChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\ufx chipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sy s [110608 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 ufxsynopsys; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [168264 2020-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 umbus; C:\WINDOWS\System32\DriverStore\FileRepository\umb us.inf_amd64_b78a9c5b6fd62c27\umbus.sys [58368 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UmPass; C:\WINDOWS\System32\drivers\umpass.sys [15360 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UrsChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\urs chipidea.inf_amd64_78ad1c14e33df968\urschipidea.sy s [32056 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UrsCx01000; C:\WINDOWS\System32\drivers\urscx01000.sys [76304 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UrsSynopsys; C:\WINDOWS\System32\DriverStore\FileRepository\urs synopsys.inf_amd64_057fa37902020500\urssynopsys.sy s [29496 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 usbaudio; C:\WINDOWS\system32\drivers\usbaudio.sys [209920 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 usbaudio2; C:\WINDOWS\System32\drivers\usbaudio2.sys [260608 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 usbccgp; C:\WINDOWS\System32\drivers\usbccgp.sys [185664 2020-09-18] (Microsoft Windows -> Microsoft Corporation)
S3 usbcir; C:\WINDOWS\System32\drivers\usbcir.sys [107520 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 usbehci; C:\WINDOWS\System32\drivers\usbehci.sys [86544 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 usbhub; C:\WINDOWS\System32\drivers\usbhub.sys [528184 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 USBHUB3; C:\WINDOWS\System32\drivers\UsbHub3.sys [648016 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 usbohci; C:\WINDOWS\System32\drivers\usbohci.sys [30208 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 usbprint; C:\WINDOWS\System32\drivers\usbprint.sys [37376 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
S3 usbser; C:\WINDOWS\System32\drivers\usbser.sys [81408 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 USBSTOR; C:\WINDOWS\System32\drivers\USBSTOR.SYS [136528 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 usbuhci; C:\WINDOWS\System32\drivers\usbuhci.sys [39424 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 usbvideo; C:\WINDOWS\System32\Drivers\usbvideo.sys [330576 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R3 USBXHCI; C:\WINDOWS\System32\drivers\USBXHCI.SYS [629072 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
R0 vdrvroot; C:\WINDOWS\System32\drivers\vdrvroot.sys [67384 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 VerifierExt; C:\WINDOWS\System32\drivers\VerifierExt.sys [347448 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 vhdmp; C:\WINDOWS\System32\drivers\vhdmp.sys [820536 2021-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 vhf; C:\WINDOWS\System32\drivers\vhf.sys [47616 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 Vid; C:\WINDOWS\System32\drivers\Vid.sys [641352 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S3 VirtualRender; C:\WINDOWS\System32\DriverStore\FileRepository\vrd .inf_amd64_81fbd405ff2470fc\vrd.sys [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 vmbus; C:\WINDOWS\System32\drivers\vmbus.sys [160072 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S3 VMBusHID; C:\WINDOWS\System32\drivers\VMBusHID.sys [36664 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 vmgid; C:\WINDOWS\System32\drivers\vmgid.sys [19768 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 volmgr; C:\WINDOWS\System32\drivers\volmgr.sys [90960 2021-04-14] (Microsoft Windows -> Microsoft Corporation)
R0 volmgrx; C:\WINDOWS\System32\drivers\volmgrx.sys [389432 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 volsnap; C:\WINDOWS\System32\drivers\volsnap.sys [429880 2020-09-18] (Microsoft Windows -> Microsoft Corporation)
Reply With Quote
  #14  
Old January 26th, 2022, 01:52 AM
Jaytee's Avatar
Jaytee Jaytee is offline
Senior Member
 
Join Date: May 2002
O/S: Linux
Location: Hamilton New Zealand
Age: 76
Posts: 3,620
R0 volume; C:\WINDOWS\System32\drivers\volume.sys [16696 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 vpci; C:\WINDOWS\System32\drivers\vpci.sys [89400 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 vsmraid; C:\WINDOWS\System32\drivers\vsmraid.sys [166712 2019-12-07] (Microsoft Windows -> VIA Technologies Inc.,Ltd)
S0 VSTXRAID; C:\WINDOWS\System32\drivers\vstxraid.sys [305464 2019-12-07] (Microsoft Windows -> VIA Corporation)
R3 vwifibus; C:\WINDOWS\System32\drivers\vwifibus.sys [29184 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 vwififlt; C:\WINDOWS\System32\drivers\vwififlt.sys [77824 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
R3 vwifimp; C:\WINDOWS\System32\drivers\vwifimp.sys [50688 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WacomPen; C:\WINDOWS\System32\drivers\wacompen.sys [31232 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 wanarp; C:\WINDOWS\System32\DRIVERS\wanarp.sys [93184 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
S3 wanarpv6; C:\WINDOWS\System32\DRIVERS\wanarp.sys [93184 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
R2 wcifs; C:\WINDOWS\system32\drivers\wcifs.sys [202568 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
S3 wcnfs; C:\WINDOWS\system32\drivers\wcnfs.sys [93184 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 Wdf01000; C:\WINDOWS\System32\drivers\Wdf01000.sys [827696 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 wdiwifi; C:\WINDOWS\System32\DRIVERS\wdiwifi.sys [967168 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdmCompanionFilter; C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [23560 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
R0 WFPLWFS; C:\WINDOWS\System32\drivers\wfplwfs.sys [181104 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S3 WIMMount; C:\WINDOWS\System32\drivers\wimmount.sys [39760 2021-09-15] (Microsoft Windows -> Microsoft Corporation)
R0 WindowsTrustedRT; C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [76984 2019-12-07] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy. sys [18920 2019-12-07] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S3 WinMad; C:\WINDOWS\System32\drivers\winmad.sys [36152 2019-12-07] (Microsoft Windows -> Mellanox)
S3 WinNat; C:\WINDOWS\System32\drivers\winnat.sys [266752 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
S3 WINUSB; C:\WINDOWS\System32\drivers\WinUSB.SYS [107008 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WinVerbs; C:\WINDOWS\System32\drivers\winverbs.sys [73016 2019-12-07] (Microsoft Windows -> Mellanox)
R3 WmiAcpi; C:\WINDOWS\System32\drivers\wmiacpi.sys [19456 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [234296 2021-04-14] (Microsoft Windows -> Microsoft Corporation)
S3 WpdUpFltr; C:\WINDOWS\System32\drivers\WpdUpFltr.sys [32568 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 ws2ifsl; C:\WINDOWS\system32\drivers\ws2ifsl.sys [25088 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WudfPf; C:\WINDOWS\System32\drivers\WudfPf.sys [136192 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFRd; C:\WINDOWS\System32\drivers\WUDFRd.sys [315392 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdFs; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [315392 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [315392 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S3 xboxgip; C:\WINDOWS\System32\drivers\xboxgip.sys [330752 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 xinputhid; C:\WINDOWS\System32\drivers\xinputhid.sys [51712 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 dg_ssudbus; \SystemRoot\system32\DRIVERS\ssudbus2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (All) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-26 12:41 - 2022-01-26 12:45 - 000138223 _____ C:\Users\Jill\Downloads\FRST.txt
2022-01-26 09:26 - 2022-01-26 09:26 - 000003736 _____ C:\WINDOWS\system32\Tasks\WpsUpdateTask_Jill
2022-01-26 09:25 - 2022-01-26 09:25 - 000004054 _____ C:\WINDOWS\system32\Tasks\WpsExternal_Jill_2022012 6092554
2022-01-25 11:42 - 2022-01-25 11:42 - 002311680 _____ (Farbar) C:\Users\Jill\Downloads\FRST64.exe
2022-01-25 10:13 - 2022-01-25 10:13 - 002911928 _____ (Malwarebytes) C:\Users\Jill\Downloads\MBSetup.exe
2022-01-21 07:56 - 2022-01-25 11:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-01-13 11:20 - 2022-01-13 11:20 - 024272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2022-01-13 11:20 - 2022-01-13 11:20 - 019866112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2022-01-13 11:20 - 2022-01-13 11:20 - 018084352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2022-01-13 11:20 - 2022-01-13 11:20 - 007127040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2022-01-13 11:20 - 2022-01-13 11:20 - 004809232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2022-01-13 11:20 - 2022-01-13 11:20 - 003568960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2022-01-13 11:20 - 2022-01-13 11:20 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2022-01-13 11:20 - 2022-01-13 11:20 - 002521120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2022-01-13 11:20 - 2022-01-13 11:20 - 001277440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2022-01-13 11:20 - 2022-01-13 11:20 - 001162320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2022-01-13 11:20 - 2022-01-13 11:20 - 000979312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2022-01-13 11:20 - 2022-01-13 11:20 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2022-01-13 11:20 - 2022-01-13 11:20 - 000612352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2022-01-13 11:20 - 2022-01-13 11:20 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\archiveint.dll
2022-01-13 11:20 - 2022-01-13 11:20 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-13 11:20 - 2022-01-13 11:20 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certreq.exe
2022-01-13 11:20 - 2022-01-13 11:20 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provsvc.dll
2022-01-13 11:20 - 2022-01-13 11:20 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2022-01-13 11:20 - 2022-01-13 11:20 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2022-01-13 11:20 - 2022-01-13 11:20 - 000190976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2022-01-13 11:20 - 2022-01-13 11:20 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpsapi.dll
2022-01-13 11:20 - 2022-01-13 11:20 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasads.dll
2022-01-13 11:20 - 2022-01-13 11:20 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2022-01-13 11:20 - 2022-01-13 11:20 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2022-01-13 11:20 - 2022-01-13 11:20 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2022-01-13 11:20 - 2022-01-13 11:20 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tar.exe
2022-01-13 11:20 - 2022-01-13 11:20 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2022-01-13 11:20 - 2022-01-13 11:20 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\runas.exe
2022-01-13 11:19 - 2022-01-13 11:19 - 023452160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 008891040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayR eady.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 008257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 007776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 006376688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 006013096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 005420640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 002869248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 002752512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2022-01-13 11:19 - 2022-01-13 11:19 - 001695112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 001651712 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2022-01-13 11:19 - 2022-01-13 11:19 - 001618432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 001614336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 001570632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2022-01-13 11:19 - 2022-01-13 11:19 - 001459712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 001352192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2022-01-13 11:19 - 2022-01-13 11:19 - 001269104 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2022-01-13 11:19 - 2022-01-13 11:19 - 001042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 001025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000952320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000901784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000885248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000835072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000807264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2022-01-13 11:19 - 2022-01-13 11:19 - 000785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000683880 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\system32\archiveint.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000602184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000583608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certreq.exe
2022-01-13 11:19 - 2022-01-13 11:19 - 000539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2022-01-13 11:19 - 2022-01-13 11:19 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-13 11:19 - 2022-01-13 11:19 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\provsvc.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000442680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxclu.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000418816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2022-01-13 11:19 - 2022-01-13 11:19 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000305384 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000289176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade .dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpsapi.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000222024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000194176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterface Device.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\net1.exe
2022-01-13 11:19 - 2022-01-13 11:19 - 000176952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient. dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000173152 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000152368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netjoin.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\net1.exe
2022-01-13 11:19 - 2022-01-13 11:19 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\joinutil.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPolEng.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000130360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PktMon.sys
2022-01-13 11:19 - 2022-01-13 11:19 - 000128064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000115000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000099656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker. dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000098152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000094024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasads.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000076944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samcli.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacctprofile.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tar.exe
2022-01-13 11:19 - 2022-01-13 11:19 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprovfw.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2022-01-13 11:19 - 2022-01-13 11:19 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsauth.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000042320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dl l
2022-01-13 11:19 - 2022-01-13 11:19 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksetup.exe
2022-01-13 11:19 - 2022-01-13 11:19 - 000038232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netutils.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gmsaclient.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000032624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2022-01-13 11:19 - 2022-01-13 11:19 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\runas.exe
2022-01-13 11:19 - 2022-01-13 11:19 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schedcli.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-13 11:19 - 2022-01-13 11:19 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2022-01-13 11:19 - 2022-01-13 11:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netmsg.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 014760448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 010845552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2022-01-13 11:18 - 2022-01-13 11:18 - 010344184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayR eady.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 007647816 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 004746752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 004630392 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2022-01-13 11:18 - 2022-01-13 11:18 - 003945984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 003579392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 002921320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 002181144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 002036224 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 002026296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 001825376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2022-01-13 11:18 - 2022-01-13 11:18 - 001752504 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 001721856 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 001697264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 001696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 001576760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2022-01-13 11:18 - 2022-01-13 11:18 - 001558248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2022-01-13 11:18 - 2022-01-13 11:18 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2022-01-13 11:18 - 2022-01-13 11:18 - 001261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 001198816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2022-01-13 11:18 - 2022-01-13 11:18 - 001195768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 001184616 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 001130616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 001126400 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 001084128 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 001034240 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2022-01-13 11:18 - 2022-01-13 11:18 - 000967680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000920032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000860968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000776328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000773216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000723456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000641880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000630712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000591360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000587264 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000538984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000495312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000477824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000414576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2022-01-13 11:18 - 2022-01-13 11:18 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000375608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2022-01-13 11:18 - 2022-01-13 11:18 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2022-01-13 11:18 - 2022-01-13 11:18 - 000304712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2022-01-13 11:18 - 2022-01-13 11:18 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000290672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000272232 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2022-01-13 11:18 - 2022-01-13 11:18 - 000266520 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000252040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000196824 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000181104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2022-01-13 11:18 - 2022-01-13 11:18 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\netjoin.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPolEng.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000161744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFCompanionHost.exe
2022-01-13 11:18 - 2022-01-13 11:18 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core. dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\joinutil.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2022-01-13 11:18 - 2022-01-13 11:18 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000118864 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\trkwks.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000091984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dl l
2022-01-13 11:18 - 2022-01-13 11:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\samcli.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\djoin.exe
2022-01-13 11:18 - 2022-01-13 11:18 - 000072808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000070808 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprovfw.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msobjs.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msobjs.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000061752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInput.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\keymgr.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000057656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pcw.sys
2022-01-13 11:18 - 2022-01-13 11:18 - 000041320 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkPS.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\gmsaclient.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2022-01-13 11:18 - 2022-01-13 11:18 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedcli.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscisvif.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscadminui.exe
2022-01-13 11:18 - 2022-01-13 11:18 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2022-01-13 11:18 - 2022-01-13 11:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netmsg.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 017544192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 007988696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 006190080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 005858656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 004009472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFl owUI.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 003917824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 003814216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2022-01-13 11:17 - 2022-01-13 11:17 - 003813888 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2022-01-13 11:17 - 2022-01-13 11:17 - 003358208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2022-01-13 11:17 - 2022-01-13 11:17 - 002250240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 002004296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2022-01-13 11:17 - 2022-01-13 11:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 001580544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 001543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 001337680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 001223592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2022-01-13 11:17 - 2022-01-13 11:17 - 001162752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 001098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 001074688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 001054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2022-01-13 11:17 - 2022-01-13 11:17 - 000990536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2022-01-13 11:17 - 2022-01-13 11:17 - 000913688 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000903016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2022-01-13 11:17 - 2022-01-13 11:17 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2022-01-13 11:17 - 2022-01-13 11:17 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows. dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000819200 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000815104 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000771192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000726672 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000723304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2022-01-13 11:17 - 2022-01-13 11:17 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000680296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2022-01-13 11:17 - 2022-01-13 11:17 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000641352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2022-01-13 11:17 - 2022-01-13 11:17 - 000611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2022-01-13 11:17 - 2022-01-13 11:17 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2022-01-13 11:17 - 2022-01-13 11:17 - 000494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer .dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000456040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2022-01-13 11:17 - 2022-01-13 11:17 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000383224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000332176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000299064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterface Device.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\PasswordEnrollmentManager.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade .dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000252264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2022-01-13 11:17 - 2022-01-13 11:17 - 000249656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient. dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core. dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManage r.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000215864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2022-01-13 11:17 - 2022-01-13 11:17 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ManageCI.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000206632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PinEnrollmentHelper.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpprov.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000181104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2022-01-13 11:17 - 2022-01-13 11:17 - 000160072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2022-01-13 11:17 - 2022-01-13 11:17 - 000159072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000149320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2022-01-13 11:17 - 2022-01-13 11:17 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000133808 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000117560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker. dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindfltapi.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000087840 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogonext.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000070984 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInput.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000059440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dl l
2022-01-13 11:17 - 2022-01-13 11:17 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2022-01-13 11:17 - 2022-01-13 11:17 - 000029448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscisvif.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdcpw.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2022-01-13 11:17 - 2022-01-13 11:17 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscadminui.exe
2022-01-13 10:37 - 2022-01-13 10:37 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-26 12:46 - 2019-12-07 22:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-26 12:43 - 2021-04-26 14:45 - 000000000 ____D C:\FRST
2022-01-26 12:34 - 2016-11-26 10:00 - 000000000 ____D C:\Users\Jill\AppData\LocalLow\Mozilla
2022-01-26 12:33 - 2014-05-06 19:00 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-26 12:32 - 2015-08-12 13:53 - 000000000 __SHD C:\Users\Jill\IntelGraphicsProfiles
2022-01-26 12:31 - 2020-09-18 02:55 - 000000000 ____D C:\Users\Jill
2022-01-26 09:47 - 2019-12-07 22:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-26 09:25 - 2021-12-06 14:04 - 000002543 _____ C:\Users\Jill\Desktop\WPS PDF.lnk
2022-01-26 09:20 - 2014-05-06 19:01 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-26 09:20 - 2014-05-06 19:01 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-26 09:10 - 2014-05-08 19:10 - 000000000 ____D C:\Users\Jill\AppData\Local\CrashDumps
2022-01-26 08:58 - 2020-09-18 08:26 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskM achineUA
2022-01-26 08:58 - 2020-09-18 08:26 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskM achineCore
2022-01-25 12:20 - 2020-09-18 07:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-25 12:08 - 2019-12-07 22:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-25 12:04 - 2019-12-07 22:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-25 11:07 - 2020-09-18 08:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-25 11:07 - 2020-09-18 07:22 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-25 11:07 - 2015-06-02 09:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-25 11:06 - 2019-12-07 22:03 - 001835008 _____ C:\WINDOWS\system32\config\BBI
2022-01-25 11:03 - 2019-12-07 22:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-01-25 11:03 - 2017-10-02 10:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-01-25 10:01 - 2019-09-23 15:49 - 000000000 ____D C:\Users\Jill\AppData\Local\D3DSCache
2022-01-25 08:30 - 2020-06-08 15:11 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-25 08:14 - 2021-11-16 12:28 - 000000000 ____D C:\Users\Jill\AppData\Roaming\Lavasoft
2022-01-25 08:14 - 2020-09-18 08:26 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineU A
2022-01-25 08:14 - 2020-09-18 08:26 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineC ore
2022-01-25 08:13 - 2021-11-16 12:28 - 000000000 ____D C:\Users\Jill\AppData\Local\Lavasoft
2022-01-25 08:13 - 2021-11-16 12:25 - 000000000 ____D C:\ProgramData\Lavasoft
2022-01-21 10:01 - 2021-10-10 07:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-01-21 10:00 - 2015-06-02 09:37 - 000001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-21 07:54 - 2015-06-02 09:37 - 000000000 ____D C:\ProgramData\Mozilla
2022-01-18 21:44 - 2020-09-18 07:56 - 000840602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-15 20:17 - 2021-12-13 17:55 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1674777451-104060087-3308858430-1001
2022-01-15 20:17 - 2020-09-18 08:26 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1674777451-104060087-3308858430-1001
2022-01-15 20:17 - 2020-09-18 02:55 - 000002418 _____ C:\Users\Jill\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\OneDrive.lnk
2022-01-13 21:12 - 2020-09-18 08:26 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-13 21:10 - 2015-10-23 16:28 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-01-13 20:54 - 2020-09-18 07:23 - 000271800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-13 20:50 - 2019-12-07 22:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-13 20:50 - 2019-12-07 22:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-13 20:50 - 2019-12-07 22:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-13 20:50 - 2019-12-07 22:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-13 20:50 - 2019-12-07 22:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-13 20:50 - 2019-12-07 22:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-13 20:49 - 2019-12-07 22:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-13 11:34 - 2019-12-07 22:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-13 10:32 - 2014-05-07 18:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-13 10:21 - 2014-10-20 10:00 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-31 10:47 - 2018-02-23 21:18 - 000000000 ____D C:\Users\Jill\AppData\Local\Packages

==================== Files in the root of some directories ========

2015-04-05 10:47 - 2015-04-05 10:47 - 000003584 _____ () C:\Users\Jill\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-07-05 19:43 - 2018-07-05 19:43 - 000000837 _____ () C:\Users\Jill\AppData\Local\recently-used.xbel
2021-02-06 08:09 - 2021-04-26 15:29 - 000007597 _____ () C:\Users\Jill\AppData\Local\Resmon.ResmonCfg
2021-06-29 19:36 - 2021-06-29 19:36 - 000000000 _____ () C:\Users\Jill\AppData\Local\{D7A949CC-E4A0-4BDC-B9A5-B26CA7D2DB65}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Reply With Quote
  #15  
Old January 26th, 2022, 01:53 AM
Jaytee's Avatar
Jaytee Jaytee is offline
Senior Member
 
Join Date: May 2002
O/S: Linux
Location: Hamilton New Zealand
Age: 76
Posts: 3,620
Phew!!!
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Topics
Topic Topic Starter Forum Replies Last Post
How to get past windows10 password deltatango Windows 10 3 July 21st, 2021 12:36 AM
nvtmd.exe hogging CPU Apathwhy Windows Vista 1 September 10th, 2010 05:50 AM
Obscenely slow startup of XP and hogging of system resources Omnislash124 Malware Removal 13 October 9th, 2006 03:23 AM
scvhost.exe hogging cpu... Makaveli86 Malware Removal 1 July 25th, 2005 02:56 PM
Something is hogging my memory and CPU usage tigerw0man Malware Removal 2 March 24th, 2005 06:26 PM


All times are GMT +1. The time now is 09:55 AM.