Results 1 to 4 of 4

Thread: malware not been able to remove POST 2 with all reports

  1. #1
    Junior Member
    Join Date
    Dec 2020
    Posts
    13

    Default malware not been able to remove POST 2 with all reports

    Please help me again, this is the same notebook I asked before for help, but now I was able to run all tests and now that i had it proved that I have 2 viruses:
    C:\Windows\SysWOW64\GamePanel.exe **INFECTED** Win32:MalOb-CA [Cryp]
    C:\Windows\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.19041.746_none_2703bed0ba809808\GamePanel.exe **INFECTED** Win32:MalOb-CA [Cryp]
    ... anda bunch of decompression bombs (see last report from preboot Avast) ...
    Here are full reports:===***===
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-07-2021
    Ran by Lewy (administrator) on LEWY-T61 (LENOVO 6460D6G) (19-07-2021 12:18:34)
    Running from C:\Users\Lewy\Desktop
    Loaded Profiles: Lewy
    Platform: Windows 10 Education Version 21H1 19043.1110 (X64) Language: English (United States)
    Default browser: Edge
    Boot Mode: Normal

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    () [File not signed] C:\Program Files (x86)\SugarSync\SugarSyncSvc.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
    (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <9>
    (Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
    (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <12>
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio64.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
    (Opera Software AS -> Opera Software) C:\Program Files\Opera\assistant\browser_assistant.exe <2>
    (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
    (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe

    ==================== Registry (Whitelisted) ===================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3952096 2020-03-11] (Logitech -> Logitech, Inc.)
    HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2109064 2019-11-27] (Logitech Inc -> Logitech, Inc.)
    HKLM\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [4080336 2021-07-14] (Opera Software AS -> Opera Software)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [340440 2021-04-16] (Apple Inc. -> Apple Inc.)
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [123672 2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6787856 2019-03-19] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\Run: [SuuntolinkLauncher] => C:\Users\Lewy\AppData\Local\Suuntolink\app-3.6.1\resources\app\LaunchAgents\SuuntolinkLauncher.exe [831832 2021-07-11] (Suunto Oy -> )
    HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [7388304 2019-03-19] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    HKLM\...\Print\Monitors\CutePDF Writer Monitor v4.0: C:\Windows\system32\cpwmon64_v40.dll [89584 2019-10-20] (Acro Software Inc -> )
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-07-02] (Google LLC -> Google LLC)
    BootExecute: autocheck autochk * bddel.exe
    GroupPolicy: Restriction ? <==== ATTENTION
    Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
    HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
    HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
    HKU\S-1-5-21-2620606096-767457063-359015763-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

    ==================== Scheduled Tasks (Whitelisted) ============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {05AE8C68-50B2-481B-A3F1-2CC62541FFDF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5723640 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    Task: {1B518B8D-F289-4E88-88F6-A11F9B632AFA} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-07-14] (Avast Software s.r.o. -> Avast Software)
    Task: {20AD4D2D-1D00-4C97-8BCB-8798C0BBC32A} - System32\Tasks\Opera scheduled assistant Autoupdate 1621107088 => C:\Program Files\Opera\launcher.exe [2264784 2021-07-14] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
    Task: {231D852E-314A-4EEA-A961-96B1102879E2} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated -> Synaptics Incorporated)
    Task: {26594A8F-743F-461E-91CE-90CEFD1BB327} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [7177168 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    Task: {3156AAFE-51A7-4951-B2F9-FBD6CE19FE21} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-06-07] (Mozilla Corporation -> Mozilla Foundation)
    Task: {76B19E68-4D13-4530-A475-5F00A01E4D7E} - System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Refresh Spybot Anti-Beacon immunization => C:\Program Files (x86)\Safer-Networking Ltd\Spybot Anti-Beacon\Spybot3AntiBeacon.exe [9469648 2021-04-29] (Safer-Networking Ltd. -> )
    Task: {955FABE3-EBBA-47FB-A42C-6AFBD07E4709} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [6189624 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    Task: {AA75CE81-A3F3-4CB8-9D89-5285525B035F} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4903192 2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    Task: {CF083C10-3C84-4272-9590-E04603D43858} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-15] (Google LLC -> Google LLC)
    Task: {E2C9F71B-4582-44F9-8FDC-6C8DB56D549E} - System32\Tasks\Opera scheduled Autoupdate 1621107074 => C:\Program Files\Opera\launcher.exe [2264784 2021-07-14] (Opera Software AS -> Opera Software)
    Task: {F9D6FB9F-4367-4DF9-BF54-D8AAFCB91755} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-15] (Google LLC -> Google LLC)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
    Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
    Tcpip\..\Interfaces\{246b3cd0-4f87-4e0d-8144-c134806beac4}: [DhcpNameServer] 192.168.2.1
    Tcpip\..\Interfaces\{9998636a-9278-4fe9-a9dc-651fd662a520}: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{e8abb69c-6cda-47ab-83b7-c960956b95f0}: [DhcpNameServer] 192.168.42.129
    Tcpip\..\Interfaces\{fd739b55-5b00-4063-8e03-0db564833618}: [DhcpNameServer] 192.168.2.1

    Edge:
    =======
    Edge DefaultProfile: Default
    Edge Profile: C:\Users\Lewy\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-19]
    Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Lewy\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-07-14]
    Edge Extension: (uBlock Origin) - C:\Users\Lewy\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2021-07-19]
    Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

    FireFox:
    ========
    FF DefaultProfile: sxjcljno.default
    FF ProfilePath: C:\Users\Lewy\AppData\Roaming\Mozilla\Firefox\Profiles\sxjcljno.default [2021-06-24]
    FF ProfilePath: C:\Users\Lewy\AppData\Roaming\Mozilla\Firefox\Profiles\kingwiiv.default-release [2021-07-18]
    FF Extension: (Malwarebytes Browser Guard) - C:\Users\Lewy\AppData\Roaming\Mozilla\Firefox\Profiles\kingwiiv.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-07-02]
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
    FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\antibeacon.js [2021-07-19] <==== ATTENTION (Points to *.cfg file)
    FF ExtraCheck: C:\Program Files\mozilla firefox\mozilla.cfg [2021-07-19] <==== ATTENTION

    Chrome:
    =======
    CHR Profile: C:\Users\Lewy\AppData\Local\Google\Chrome\User Data\Default [2021-07-19]
    CHR Notifications: Default -> hxxps://www.nkbm.si; hxxps://www.youtube.com
    CHR Extension: (Slides) - C:\Users\Lewy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-05-16]
    CHR Extension: (Docs) - C:\Users\Lewy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-05-16]
    CHR Extension: (Google Drive) - C:\Users\Lewy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-05-16]
    CHR Extension: (YouTube) - C:\Users\Lewy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-05-16]
    CHR Extension: (uBlock Origin) - C:\Users\Lewy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-07-13]
    CHR Extension: (Sheets) - C:\Users\Lewy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-05-16]
    CHR Extension: (Google Docs Offline) - C:\Users\Lewy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-26]
    CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Lewy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-07-13]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Lewy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-16]
    CHR Extension: (Gmail) - C:\Users\Lewy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-05-16]
    CHR Extension: (Chrome Media Router) - C:\Users\Lewy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-26]
    CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

    Opera:
    =======
    OPR Profile: C:\Users\Lewy\AppData\Roaming\Opera Software\Opera Stable [2021-07-19]

    ==================== Services (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8249936 2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [625432 2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [373528 2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [14280 2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
    S2 LPlatSvc; C:\Windows\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [7477704 2021-07-18] (Malwarebytes Inc -> Malwarebytes)
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2747312 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4583240 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [940976 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5395384 2021-07-13] (Microsoft Windows Publisher -> Microsoft Corporation)
    R2 SugarSync Service; C:\Program Files (x86)\SugarSync\SugarSyncSvc.exe [173056 2020-11-30] () [File not signed]
    R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13261608 2021-05-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
    S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
    R2 XAudioService; C:\Windows\system32\DRIVERS\xaudio64.exe [410624 2006-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
    S3 CredentialEnrollmentManagerUserSvc; %SystemRoot%\system32\CredentialEnrollmentManager.exe [X]
    S3 CredentialEnrollmentManagerUserSvc_4a307; C:\Windows\system32\CredentialEnrollmentManager.exe [X]
    R2 ZoomCptService; "C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\Lewy\AppData\Roaming\Zoom"

    ===================== Drivers (All) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 1394ohci; C:\Windows\System32\drivers\1394ohci.sys [266240 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S0 3ware; C:\Windows\System32\drivers\3ware.sys [107320 2019-12-07] (Microsoft Windows -> LSI)
    R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [809288 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [23040 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R0 acpiex; C:\Windows\System32\Drivers\acpiex.sys [139792 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 acpipagr; C:\Windows\System32\drivers\acpipagr.sys [14336 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 AcpiPmi; C:\Windows\System32\drivers\acpipmi.sys [18432 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 acpitime; C:\Windows\System32\drivers\acpitime.sys [16384 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 Acx01000; C:\Windows\System32\drivers\Acx01000.sys [415232 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [1135416 2019-12-07] (Microsoft Windows -> PMC-Sierra)
    R1 AFD; C:\Windows\system32\drivers\afd.sys [655688 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    R1 afunix; C:\Windows\system32\drivers\afunix.sys [41984 2021-07-13] (Microsoft Windows -> Microsoft Corporation)
    R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2021-07-13] (Microsoft Windows -> Microsoft Corporation)
    R1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [292352 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    S3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [18432 2019-12-07] (Microsoft Windows -> Advanced Micro Devices, Inc)
    S3 amdi2c; C:\Windows\System32\drivers\amdi2c.sys [45568 2019-12-07] (Microsoft Windows -> Advanced Micro Devices, Inc)
    S3 AmdK8; C:\Windows\System32\drivers\amdk8.sys [207160 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    S3 AmdPPM; C:\Windows\System32\drivers\amdppm.sys [211256 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    S0 amdsata; C:\Windows\System32\drivers\amdsata.sys [83256 2019-12-07] (Microsoft Windows -> Advanced Micro Devices)
    S0 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [259384 2019-12-07] (Microsoft Windows -> AMD Technologies Inc.)
    S0 amdxata; C:\Windows\System32\drivers\amdxata.sys [26936 2019-12-07] (Microsoft Windows -> Advanced Micro Devices)
    S3 AppID; C:\Windows\System32\drivers\appid.sys [208712 2021-06-23] (Microsoft Windows -> Microsoft Windows)
    S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    S3 AppvStrm; C:\Windows\system32\drivers\AppvStrm.sys [138040 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    S3 AppvVemgr; C:\Windows\system32\drivers\AppvVemgr.sys [174392 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    S3 AppvVfs; C:\Windows\system32\drivers\AppvVfs.sys [154936 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    S0 arcsas; C:\Windows\System32\drivers\arcsas.sys [131896 2019-12-07] (Microsoft Windows -> PMC-Sierra, Inc.)
    R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35720 2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [216928 2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [366616 2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [250392 2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99352 2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [17328 2021-07-14] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
    R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41352 2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [182600 2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [524400 2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [107848 2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [82912 2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    S1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851192 2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [471920 2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215384 2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    R3 AsyncMac; C:\Windows\System32\drivers\asyncmac.sys [31232 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R0 atapi; C:\Windows\System32\drivers\atapi.sys [30024 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533816 2019-12-07] (Microsoft Windows -> QLogic Corporation)
    R1 bam; C:\Windows\System32\drivers\bam.sys [78136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R1 BasicDisplay; C:\Windows\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_65ab9a260dbf7467\BasicDisplay.sys [68608 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    R1 BasicRender; C:\Windows\System32\DriverStore\FileRepository\basicrender.inf_amd64_df49c4daa6251397\BasicRender.sys [38912 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    U5 BattC; C:\Windows\System32\Drivers\BattC.sys [41272 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 BCM43XX; C:\Windows\System32\drivers\bcmwl63al.sys [5170176 2019-12-07] (Microsoft Windows -> Broadcom Corporation)
    S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [9728 2019-12-07] (Microsoft Windows -> Windows (R) Win 7 DDK provider)
    R1 Beep; C:\Windows\System32\Drivers\Beep.sys [10240 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R2 bindflt; C:\Windows\system32\drivers\bindflt.sys [148816 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [117760 2021-07-13] (Microsoft Windows -> Microsoft Corporation)
    R3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [284672 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    R3 BthEnum; C:\Windows\System32\drivers\BthEnum.sys [113664 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    R3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [65536 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 BthLEEnum; C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [106496 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    S3 BthMini; C:\Windows\System32\drivers\BTHMINI.sys [45568 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [76800 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 BthPan; C:\Windows\System32\drivers\bthpan.sys [133632 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 BTHPORT; C:\Windows\System32\drivers\BTHport.sys [1563136 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    R3 BTHUSB; C:\Windows\System32\drivers\BTHUSB.sys [110592 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    S0 bttflt; C:\Windows\System32\drivers\bttflt.sys [43832 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [44032 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 CAD; C:\Windows\System32\drivers\CAD.sys [66576 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 CAXHWAZL; C:\Windows\system32\DRIVERS\CAXHWAZL.sys [300032 2006-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
    S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [100864 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R1 cdrom; C:\Windows\System32\drivers\cdrom.sys [181248 2021-06-21] (Microsoft Windows -> Microsoft Corporation)
    S0 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [319800 2019-12-07] (Microsoft Windows -> Chelsio Communications)
    S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [1853752 2019-12-07] (Microsoft Windows -> Chelsio Communications)
    R1 CimFS; C:\Windows\System32\Drivers\CimFS.sys [97792 2021-06-23] (Microsoft Windows -> )
    S3 circlass; C:\Windows\System32\drivers\circlass.sys [52224 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [496128 2021-07-13] (Microsoft Windows -> Microsoft Corporation)
    R0 CLFS; C:\Windows\System32\drivers\CLFS.sys [411464 2021-06-21] (Microsoft Windows -> Microsoft Corporation)
    R3 CmBatt; C:\Windows\System32\drivers\CmBatt.sys [36864 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R0 CNG; C:\Windows\System32\Drivers\cng.sys [746400 2021-06-21] (Microsoft Windows -> Microsoft Corporation)
    S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [40968 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys [41984 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 condrv; C:\Windows\System32\drivers\condrv.sys [57144 2021-07-13] (Microsoft Windows -> Microsoft Corporation)
    R1 CSC; C:\Windows\System32\drivers\csc.sys [580608 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    S1 dam; C:\Windows\System32\drivers\dam.sys [97096 2021-06-21] (Microsoft Windows -> Microsoft Corporation)
    R1 Dfsc; C:\Windows\System32\Drivers\dfsc.sys [152064 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    R0 disk; C:\Windows\System32\drivers\disk.sys [98624 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    S3 dmvsc; C:\Windows\System32\drivers\dmvsc.sys [59192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [16128 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    R1 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [3784504 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    R3 e1express; C:\Windows\System32\drivers\e1e6032e.sys [300544 2019-12-07] (Microsoft Windows -> Intel Corporation)
    S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3418936 2019-12-07] (Microsoft Windows -> QLogic Corporation)
    S0 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [95032 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    S0 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [124728 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R1 epp; C:\EEK\bin64\epp.sys [155112 2021-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)
    S3 ErrDev; C:\Windows\System32\drivers\errdev.sys [15872 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 exfat; C:\Windows\System32\Drivers\exfat.sys [421696 2021-06-21] (Microsoft Windows -> Microsoft Corporation)
    R3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [425272 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    S3 fdc; C:\Windows\System32\drivers\fdc.sys [34816 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [59392 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [94736 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [40448 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 flpydisk; C:\Windows\System32\drivers\flpydisk.sys [28672 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [430392 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [69968 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [33592 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [800056 2021-06-21] (Microsoft Windows -> Microsoft Corporation)
    S3 gencounter; C:\Windows\System32\drivers\vmgencounter.sys [23864 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 genericusbfn; C:\Windows\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [23040 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 GPIOClx0101; C:\Windows\System32\Drivers\msgpioclx.sys [183112 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8704 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [430080 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    R3 HDAudBus; C:\Windows\System32\drivers\HDAudBus.sys [139776 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    S3 HidBatt; C:\Windows\System32\drivers\HidBatt.sys [39440 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 HidBth; C:\Windows\System32\drivers\hidbth.sys [120320 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    S3 hidi2c; C:\Windows\System32\drivers\hidi2c.sys [57344 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [55824 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 HidIr; C:\Windows\System32\drivers\hidir.sys [48640 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 hidspi; C:\Windows\System32\drivers\hidspi.sys [66560 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 HidUsb; C:\Windows\System32\drivers\hidusb.sys [44032 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    S0 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64312 2019-12-07] (Microsoft Windows -> Hewlett-Packard Company)
    R3 HSF_DPV; C:\Windows\system32\DRIVERS\CAX_DPV.sys [1511936 2006-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
    R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [1576272 2021-07-13] (Microsoft Windows -> Microsoft Corporation)
    S4 hvcrash; C:\Windows\System32\drivers\hvcrash.sys [35128 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [95056 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [30208 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [33096 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    S3 hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [27448 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 HyperVideo; C:\Windows\System32\drivers\HyperVideo.sys [41784 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 i8042prt; C:\Windows\System32\drivers\i8042prt.sys [118272 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [36352 2019-12-07] (Microsoft Windows -> Intel(R) Corporation)
    S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [91136 2019-12-07] (Microsoft Windows -> Intel(R) Corporation)
    S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2019-12-07] (Microsoft Windows -> Intel Corporation)
    S3 iaLPSS2i_GPIO2_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [93184 2019-12-07] (Microsoft Windows -> Intel Corporation)
    S3 iaLPSS2i_GPIO2_CNL; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2019-12-07] (Microsoft Windows -> Intel Corporation)
    S3 iaLPSS2i_GPIO2_GLK; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2019-12-07] (Microsoft Windows -> Intel Corporation)
    S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [171520 2019-12-07] (Microsoft Windows -> Intel Corporation)
    S3 iaLPSS2i_I2C_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [175104 2019-12-07] (Microsoft Windows -> Intel Corporation)
    S3 iaLPSS2i_I2C_CNL; C:\Windows\System32\drivers\iaLPSS2i_I2C_CNL.sys [177152 2019-12-07] (Microsoft Windows -> Intel Corporation)
    S3 iaLPSS2i_I2C_GLK; C:\Windows\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2019-12-07] (Microsoft Windows -> Intel Corporation)
    S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [38128 2019-12-07] (Intel Corporation - Client Components Group -> Intel Corporation)
    S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [113152 2019-12-07] (Microsoft Windows -> Intel Corporation)
    S0 iaStorAVC; C:\Windows\System32\drivers\iaStorAVC.sys [884752 2019-12-07] (Microsoft Windows -> Intel Corporation)
    S0 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [412176 2019-12-07] (Microsoft Windows -> Intel Corporation)
    S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [558904 2019-12-07] (Microsoft Windows -> Mellanox)
    R3 IBMPMDRV; C:\Windows\System32\drivers\ibmpmdrv.sys [80144 2019-12-11] (Lenovo -> Lenovo.)
    S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [47104 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    R0 intelide; C:\Windows\System32\drivers\intelide.sys [19784 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [418800 2021-05-13] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
    S3 intelpmax; C:\Windows\System32\drivers\intelpmax.sys [30720 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 intelppm; C:\Windows\System32\drivers\intelppm.sys [230728 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    R0 iorate; C:\Windows\System32\drivers\iorate.sys [57168 2021-06-21] (Microsoft Windows -> Microsoft Corporation)
    S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [90112 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    S3 IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [117584 2021-06-21] (Microsoft Windows -> Microsoft Corporation)
    S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [225280 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 IPT; C:\Windows\System32\drivers\ipt.sys [59704 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S0 isapnp; C:\Windows\System32\drivers\isapnp.sys [22856 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    S3 iScsiPrt; C:\Windows\System32\drivers\msiscsi.sys [292672 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    S0 ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [172344 2019-12-07] (Microsoft Windows -> Avago Technologies)
    R3 kbdclass; C:\Windows\System32\drivers\kbdclass.sys [71480 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 kbdhid; C:\Windows\System32\drivers\kbdhid.sys [46592 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [29000 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    R3 kdnic; C:\Windows\System32\drivers\kdnic.sys [33296 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [147280 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [180024 2021-07-13] (Microsoft Windows -> Microsoft Corporation)
    R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [29696 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R2 lltdio; C:\Windows\System32\drivers\lltdio.sys [72704 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S0 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [108856 2019-12-07] (Microsoft Windows -> LSI Corporation)
    S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [124216 2019-12-07] (Microsoft Windows -> LSI Corporation)
    S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [135992 2019-12-07] (Microsoft Windows -> Avago Technologies)
    S0 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [82744 2019-12-07] (Microsoft Windows -> LSI Corporation)
    R2 luafv; C:\Windows\system32\drivers\luafv.sys [140800 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    S3 mausbhost; C:\Windows\System32\drivers\mausbhost.sys [537608 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 mausbip; C:\Windows\System32\drivers\mausbip.sys [64016 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220752 2021-07-18] (Malwarebytes Inc -> Malwarebytes)
    S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-06-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
    R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-06-26] (Malwarebytes Inc -> Malwarebytes)
    S3 MbbCx; C:\Windows\System32\drivers\MbbCx.sys [391168 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    R2 mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [17024 2006-06-18] (Microsoft Windows Hardware Compatibility Publisher -> Conexant)
    S0 megasas; C:\Windows\System32\drivers\megasas.sys [59704 2019-12-07] (Microsoft Windows -> Avago Technologies)
    S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [81720 2019-12-07] (Microsoft Windows -> Avago Technologies)
    S0 megasas35i; C:\Windows\System32\drivers\megasas35i.sys [105480 2019-12-07] (Microsoft Windows -> Avago Technologies)
    S0 megasr; C:\Windows\System32\drivers\megasr.sys [575800 2019-12-07] (Microsoft Windows -> LSI Corporation, Inc.)
    R3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [65024 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [1131320 2019-12-07] (Microsoft Windows -> Mellanox)
    R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [53248 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    R3 Modem; C:\Windows\System32\drivers\modem.sys [47104 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    R3 monitor; C:\Windows\System32\drivers\monitor.sys [80896 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    R3 mouclass; C:\Windows\System32\drivers\mouclass.sys [67600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 mouhid; C:\Windows\System32\drivers\mouhid.sys [35328 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [110392 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [80896 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [157696 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [577864 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [264008 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    S3 MsBridge; C:\Windows\System32\drivers\bridge.sys [127488 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [44048 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 msgpiowin32; C:\Windows\System32\drivers\msgpiowin32.sys [56120 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 mshidumdf; C:\Windows\System32\drivers\mshidumdf.sys [12288 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [20296 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [34816 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    R2 MsLldp; C:\Windows\System32\drivers\mslldp.sys [78848 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 MsQuic; C:\Windows\System32\drivers\msquic.sys [322376 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [382792 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    R0 MsSecFlt; C:\Windows\System32\drivers\mssecflt.sys [296264 2021-06-21] (Microsoft Windows -> Microsoft Corporation)
    R1 mssmbios; C:\Windows\System32\drivers\mssmbios.sys [47928 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [12288 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 MTConfig; C:\Windows\System32\drivers\MTConfig.sys [17920 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R0 Mup; C:\Windows\System32\Drivers\mup.sys [132920 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    S0 mvumis; C:\Windows\System32\drivers\mvumis.sys [63800 2019-12-07] (Microsoft Windows -> Marvell Semiconductor, Inc.)
    R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [742400 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [146232 2019-12-07] (Microsoft Windows -> Mellanox)
    R0 NDIS; C:\Windows\System32\drivers\ndis.sys [1478984 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    R1 NdisCap; C:\Windows\System32\drivers\ndiscap.sys [54272 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 NdisImPlatform; C:\Windows\System32\drivers\NdisImPlatform.sys [135168 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [28672 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    R3 Ndisuio; C:\Windows\System32\drivers\ndisuio.sys [70656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [23040 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 NdisWan; C:\Windows\System32\drivers\ndiswan.sys [206848 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    S3 ndiswanlegacy; C:\Windows\System32\DRIVERS\ndiswan.sys [206848 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    S3 NDKPing; C:\Windows\System32\drivers\NDKPing.sys [72720 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 ndproxy; C:\Windows\System32\DRIVERS\NDProxy.sys [93696 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    R2 Ndu; C:\Windows\System32\drivers\Ndu.sys [131584 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [207360 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    R1 NetBIOS; C:\Windows\System32\drivers\netbios.sys [64312 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [341504 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    S3 netvsc; C:\Windows\System32\drivers\netvsc.sys [250192 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    R3 netwlv64; C:\Windows\System32\drivers\netwlv64.sys [7530496 2019-12-07] (Microsoft Windows -> Intel Corporation)
    R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [87568 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R1 npsvctrig; C:\Windows\System32\drivers\npsvctrig.sys [27648 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [48640 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [2851656 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    R1 Null; C:\Windows\System32\Drivers\Null.sys [7680 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S0 nvdimm; C:\Windows\System32\drivers\nvdimm.sys [168464 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [12914360 2016-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
    S0 nvraid; C:\Windows\System32\drivers\nvraid.sys [150328 2019-12-07] (Microsoft Windows -> NVIDIA Corporation)
    S0 nvstor; C:\Windows\System32\drivers\nvstor.sys [166200 2019-12-07] (Microsoft Windows -> NVIDIA Corporation)
    R3 Parport; C:\Windows\System32\drivers\parport.sys [109056 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [182584 2021-07-13] (Microsoft Windows -> Microsoft Corporation)
    R0 pci; C:\Windows\System32\drivers\pci.sys [469304 2021-07-13] (Microsoft Windows -> Microsoft Corporation)
    R0 pciide; C:\Windows\System32\drivers\pciide.sys [16696 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    R0 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [127800 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R0 pcw; C:\Windows\System32\drivers\pcw.sys [57656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R0 pdc; C:\Windows\System32\drivers\pdc.sys [159056 2021-06-21] (Microsoft Windows -> Microsoft Corporation)
    R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [823296 2021-06-21] (Microsoft Windows -> Microsoft Corporation)
    S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58680 2019-12-07] (Microsoft Windows -> Avago Technologies)
    S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [68408 2019-12-07] (Microsoft Windows -> Avago Technologies)
    S3 PktMon; C:\Windows\System32\drivers\PktMon.sys [129872 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    R0 PMDRVS; C:\Windows\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
    S0 pmem; C:\Windows\System32\drivers\pmem.sys [138040 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 PNPMEM; C:\Windows\System32\drivers\pnpmem.sys [17408 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 portcfg; C:\Windows\System32\drivers\portcfg.sys [27136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 PptpMiniport; C:\Windows\System32\drivers\raspptp.sys [101888 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    S3 Processor; C:\Windows\System32\drivers\processr.sys [216376 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    R1 Psched; C:\Windows\System32\drivers\pacer.sys [161608 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [53248 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S0 Ramdisk; C:\Windows\System32\DRIVERS\ramdisk.sys [42296 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [20480 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    R3 RasAgileVpn; C:\Windows\System32\drivers\AgileVpn.sys [113152 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    R3 Rasl2tp; C:\Windows\System32\drivers\rasl2tp.sys [110080 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    R3 RasPppoe; C:\Windows\System32\drivers\raspppoe.sys [87552 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 RasSstp; C:\Windows\System32\drivers\rassstp.sys [86016 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [455480 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    R3 rdpbus; C:\Windows\System32\drivers\rdpbus.sys [28672 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [169984 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [31544 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [297784 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [2003792 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [990008 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 RFCOMM; C:\Windows\System32\drivers\rfcomm.sys [213504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [115712 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R2 rspndr; C:\Windows\System32\drivers\rspndr.sys [89088 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 s3cap; C:\Windows\System32\drivers\vms3cap.sys [18960 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S0 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [118096 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [44032 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [158736 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 sdbus; C:\Windows\System32\drivers\sdbus.sys [305472 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [35128 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [82848 2019-07-31] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    S3 sdstor; C:\Windows\System32\drivers\sdstor.sys [104248 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    S3 SerCx; C:\Windows\System32\drivers\SerCx.sys [86328 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [173072 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 Serenum; C:\Windows\System32\drivers\serenum.sys [27648 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 Serial; C:\Windows\System32\drivers\serial.sys [90624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 sermouse; C:\Windows\System32\drivers\sermouse.sys [29184 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 sfloppy; C:\Windows\System32\drivers\sfloppy.sys [19456 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R0 SgrmAgent; C:\Windows\System32\drivers\SgrmAgent.sys [88080 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S0 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44856 2019-12-07] (Microsoft Windows -> Silicon Integrated Systems Corp.)
    S0 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81720 2019-12-07] (Microsoft Windows -> Silicon Integrated Systems)
    S0 SmartSAMD; C:\Windows\System32\drivers\SmartSAMD.sys [209720 2019-12-07] (Microsoft Windows -> Microsemi Corportation)
    S3 smbdirect; C:\Windows\System32\DRIVERS\smbdirect.sys [172544 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 spaceparser; C:\Windows\System32\drivers\spaceparser.sys [26624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R0 spaceport; C:\Windows\System32\drivers\spaceport.sys [678736 2021-07-13] (Microsoft Windows -> Microsoft Corporation)
    S3 SpatialGraphFilter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [90936 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 SpbCx; C:\Windows\System32\drivers\SpbCx.sys [87352 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S0 Spybot3ELAM; C:\Windows\System32\drivers\Spybot3ELAM.sys [19904 2019-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Windows (R) Win 7 DDK provider)
    R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [787968 2021-07-13] (Microsoft Windows -> Microsoft Corporation)
    S3 SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [292864 2019-12-07] (Microsoft Windows -> Conexant Systems, Inc.)
    S3 SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [1485312 2019-12-07] (Microsoft Windows -> Conexant Systems, Inc.)
    S3 SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [740864 2019-12-07] (Microsoft Windows -> Conexant Systems, Inc.)
    R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [315392 2021-06-21] (Microsoft Windows -> Microsoft Corporation)
    S0 stexstor; C:\Windows\System32\drivers\stexstor.sys [31032 2019-12-07] (Microsoft Windows -> Promise Technology, Inc.)
    S0 storahci; C:\Windows\System32\drivers\storahci.sys [186184 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    S0 storflt; C:\Windows\System32\drivers\vmstorfl.sys [54080 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [155960 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [92984 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S0 storufs; C:\Windows\System32\drivers\storufs.sys [61256 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    S0 storvsc; C:\Windows\System32\drivers\storvsc.sys [44048 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys [18952 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 Synth3dVsc; C:\Windows\System32\drivers\Synth3dVsc.sys [6656 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    R3 SynTP; C:\Windows\system32\DRIVERS\SynTP.sys [460528 2013-04-24] (Synaptics Incorporated -> Synaptics Incorporated)
    R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2992440 2021-07-13] (Microsoft Windows -> Microsoft Corporation)
    S3 Tcpip6; C:\Windows\System32\drivers\tcpip.sys [2992440 2021-07-13] (Microsoft Windows -> Microsoft Corporation)
    R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [54784 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R1 tdx; C:\Windows\system32\DRIVERS\tdx.sys [117560 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R0 Telemetry; C:\Windows\System32\drivers\IntelTA.sys [26608 2020-11-19] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
    S3 terminpt; C:\Windows\System32\drivers\terminpt.sys [41272 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 TPM; C:\Windows\System32\drivers\tpm.sys [255288 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [66560 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 TsUsbGD; C:\Windows\System32\drivers\TsUsbGD.sys [37888 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [141824 2021-06-21] (Microsoft Windows -> Microsoft Corporation)
    S3 tunnel; C:\Windows\System32\drivers\tunnel.sys [129024 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 UASPStor; C:\Windows\System32\drivers\uaspstor.sys [79160 2021-06-21] (Microsoft Windows -> Microsoft Corporation)
    S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [166400 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [188416 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 UcmUcsiAcpiClient; C:\Windows\System32\drivers\UcmUcsiAcpiClient.sys [36864 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 UcmUcsiCx0101; C:\Windows\System32\Drivers\UcmUcsiCx.sys [113152 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    S3 Ucx01000; C:\Windows\System32\drivers\ucx01000.sys [259896 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [52736 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [344064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 UEFI; C:\Windows\System32\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\UEFI.sys [34104 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S4 UevAgentDriver; C:\Windows\system32\drivers\UevAgentDriver.sys [41272 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [330056 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    S3 UfxChipidea; C:\Windows\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys [110608 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [168264 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    R3 umbus; C:\Windows\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys [58368 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 UmPass; C:\Windows\System32\drivers\umpass.sys [15360 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 UrsChipidea; C:\Windows\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys [32056 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [76304 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 UrsSynopsys; C:\Windows\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys [29496 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 usbaudio; C:\Windows\system32\drivers\usbaudio.sys [201728 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    S3 usbaudio2; C:\Windows\System32\drivers\usbaudio2.sys [260608 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 usbccgp; C:\Windows\System32\drivers\usbccgp.sys [185664 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    S3 usbcir; C:\Windows\System32\drivers\usbcir.sys [107520 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 usbehci; C:\Windows\System32\drivers\usbehci.sys [86544 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 usbhub; C:\Windows\System32\drivers\usbhub.sys [528184 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 USBHUB3; C:\Windows\System32\drivers\UsbHub3.sys [653136 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    S3 usbohci; C:\Windows\System32\drivers\usbohci.sys [30208 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 usbprint; C:\Windows\System32\drivers\usbprint.sys [35328 2021-07-13] (Microsoft Windows -> Microsoft Corporation)
    S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [24064 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    S3 usbser; C:\Windows\System32\drivers\usbser.sys [88064 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    R3 USBSTOR; C:\Windows\System32\drivers\USBSTOR.SYS [136504 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    R3 usbuhci; C:\Windows\System32\drivers\usbuhci.sys [39424 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [329040 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    S3 USBXHCI; C:\Windows\System32\drivers\USBXHCI.SYS [608568 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [67384 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S4 VerifierExt; C:\Windows\System32\drivers\VerifierExt.sys [347448 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 vhdmp; C:\Windows\System32\drivers\vhdmp.sys [820560 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    S3 vhf; C:\Windows\System32\drivers\vhf.sys [47616 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R1 Vid; C:\Windows\System32\drivers\Vid.sys [644424 2021-06-21] (Microsoft Windows -> Microsoft Corporation)
    S3 VirtualRender; C:\Windows\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S0 vmbus; C:\Windows\System32\drivers\vmbus.sys [160080 2021-07-13] (Microsoft Windows -> Microsoft Corporation)
    S3 VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [36664 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [19768 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [90960 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [389432 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [429880 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    R0 volume; C:\Windows\System32\drivers\volume.sys [16696 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S0 vpci; C:\Windows\System32\drivers\vpci.sys [89400 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S0 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [166712 2019-12-07] (Microsoft Windows -> VIA Technologies Inc.,Ltd)
    S0 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [305464 2019-12-07] (Microsoft Windows -> VIA Corporation)
    R3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [29184 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R1 vwififlt; C:\Windows\System32\drivers\vwififlt.sys [77824 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 vwifimp; C:\Windows\System32\drivers\vwifimp.sys [50688 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 WacomPen; C:\Windows\System32\drivers\wacompen.sys [31232 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R2 wanarp; C:\Windows\System32\DRIVERS\wanarp.sys [93184 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    S3 wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [93184 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
    R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [202568 2021-07-13] (Microsoft Windows -> Microsoft Corporation)
    S3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [93184 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49560 2021-05-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [832832 2021-06-21] (Microsoft Windows -> Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [421112 2021-05-29] (Microsoft Windows -> Microsoft Corporation)
    S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [958976 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    S3 WdmCompanionFilter; C:\Windows\System32\drivers\WdmCompanionFilter.sys [23560 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-29] (Microsoft Windows -> Microsoft Corporation)
    R0 WFPLWFS; C:\Windows\System32\drivers\wfplwfs.sys [180024 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
    S3 WIMMount; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys [39736 2019-12-06] (Microsoft Windows -> Microsoft Corporation)
    R3 winachsf; C:\Windows\system32\DRIVERS\CAX_CNXT.sys [731648 2006-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
    R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [76984 2019-12-07] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
    R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [18920 2019-12-07] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
    S3 WinMad; C:\Windows\System32\drivers\winmad.sys [36152 2019-12-07] (Microsoft Windows -> Mellanox)
    S3 WinNat; C:\Windows\System32\drivers\winnat.sys [259584 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    R3 WINUSB; C:\Windows\System32\drivers\WinUSB.SYS [107008 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [73016 2019-12-07] (Microsoft Windows -> Mellanox)
    R3 WmiAcpi; C:\Windows\System32\drivers\wmiacpi.sys [19456 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R0 Wof; C:\Windows\System32\Drivers\Wof.sys [234296 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    R3 WpdUpFltr; C:\Windows\System32\drivers\WpdUpFltr.sys [32568 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [25088 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [136192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 WUDFRd; C:\Windows\System32\drivers\WUDFRd.sys [315392 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 WUDFWpdFs; C:\Windows\System32\drivers\WUDFRd.sys [315392 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [315392 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    R2 XAudio; C:\Windows\system32\DRIVERS\xaudio64.sys [9728 2006-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
    S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [329216 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [51712 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
    U1 aswbdisk; no ImagePath
    U0 aswVmm; no ImagePath

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) (Whitelisted) =========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2021-07-19 12:18 - 2021-07-19 12:19 - 000065933 _____ C:\Users\Lewy\Desktop\FRST.txt
    2021-07-19 12:16 - 2021-07-19 12:17 - 002300416 _____ (Farbar) C:\Users\Lewy\Desktop\FRST64.exe
    2021-07-19 12:01 - 2021-07-19 12:04 - 000048046 _____ C:\Users\Lewy\Desktop\Addition.txt
    2021-07-19 11:51 - 2021-07-19 11:51 - 000002308 _____ C:\Users\Lewy\Desktop\Tweaking.com - Registry Backup.lnk
    2021-07-19 11:41 - 2021-07-19 11:41 - 008553680 _____ (Malwarebytes) C:\Users\Lewy\Desktop\adwcleaner_8.3.0.exe
    2021-07-19 11:36 - 2021-07-19 11:37 - 000668148 _____ C:\Windows\Minidump\071921-14828-01.dmp
    2021-07-19 11:32 - 2021-07-19 11:32 - 000001962 _____ C:\Users\Lewy\Desktop\aswMBR.txt
    2021-07-19 11:32 - 2021-07-19 11:32 - 000000512 _____ C:\Users\Lewy\Desktop\MBR.dat
    2021-07-19 10:46 - 2021-07-19 10:47 - 000615260 _____ C:\Windows\Minidump\071921-12921-01.dmp
    2021-07-19 09:09 - 2021-07-19 09:10 - 000464380 _____ C:\Windows\Minidump\071921-13578-01.dmp
    2021-07-19 09:07 - 2021-07-19 09:07 - 000000000 _____ C:\Windows\Minidump\071921-12750-01.dmp
    2021-07-18 23:36 - 2021-07-18 23:36 - 000220752 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
    2021-07-18 23:34 - 2021-07-18 23:26 - 000001314 _____ C:\Users\Lewy\Desktop\aswBoot.txt
    2021-07-18 22:37 - 2021-07-18 22:37 - 000000000 ___HD C:\$AV_ASW
    2021-07-18 22:29 - 2021-07-18 22:30 - 000764124 _____ C:\Windows\Minidump\071821-14562-01.dmp
    2021-07-18 19:53 - 2021-07-18 19:44 - 000480643 _____ C:\Windows\system32\Drivers\etc\hosts.20210718-195342.backup
    2021-07-18 19:33 - 2021-07-18 19:33 - 005198336 _____ (AVAST Software) C:\Users\Lewy\Desktop\aswMBR.exe
    2021-07-18 19:31 - 2021-07-18 19:31 - 000000000 ____D C:\TDSSKiller_Quarantine
    2021-07-18 19:30 - 2021-07-18 19:31 - 000216250 _____ C:\TDSSKiller.2.8.16.0_18.07.2021_19.30.53_log.txt
    2021-07-18 19:30 - 2021-07-18 19:30 - 002237968 _____ (Kaspersky Lab ZAO) C:\Users\Lewy\Downloads\tdsskiller.exe
    2021-07-18 19:30 - 2021-07-18 19:30 - 000208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\06341792.sys
    2021-07-18 19:14 - 2021-07-18 19:14 - 005659583 _____ (Swearware) C:\Users\Lewy\Downloads\ComboFix.exe
    2021-07-15 16:37 - 2021-07-15 16:37 - 000106719 _____ C:\Users\Lewy\Downloads\21-1305.pdf
    2021-07-15 16:09 - 2021-07-15 16:09 - 000000000 ____D C:\Users\Lewy\Documents\SPANISH
    2021-07-15 16:08 - 2021-07-15 16:08 - 000000000 ____D C:\ProgramData\Canneverbe Limited
    2021-07-15 16:07 - 2021-07-15 16:07 - 000425304 _____ (Secure By Design Inc.) C:\Users\Lewy\Downloads\Ninite CDBurnerXP Installer.exe
    2021-07-15 16:07 - 2021-07-15 16:07 - 000001775 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
    2021-07-15 16:07 - 2021-07-15 16:07 - 000001733 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
    2021-07-15 16:07 - 2021-07-15 16:07 - 000000000 ____D C:\Users\Lewy\AppData\Roaming\Canneverbe Limited
    2021-07-15 16:07 - 2021-07-15 16:07 - 000000000 ____D C:\Program Files\CDBurnerXP
    2021-07-15 15:25 - 2021-07-15 15:25 - 000000000 ____D C:\Users\Lewy\AppData\Roaming\Macromedia
    2021-07-14 18:14 - 2021-07-14 18:22 - 000000000 ____D C:\Users\Lewy\Documents\Leadership
    2021-07-14 18:10 - 2021-07-14 18:16 - 000000000 ____D C:\Users\Lewy\Documents\Scientology and Effective Knowledge
    2021-07-14 18:04 - 2021-07-14 18:09 - 000000000 ____D C:\Users\Lewy\Documents\Increasing Efficiency
    2021-07-14 18:02 - 2021-07-14 18:02 - 000000000 ____D C:\Users\Lewy\AppData\Local\Avast Software
    2021-07-14 17:42 - 2021-07-14 17:42 - 000000000 ____D C:\Users\Lewy\AppData\Roaming\Avast Software
    2021-07-14 17:35 - 2021-07-14 17:58 - 000000000 ____D C:\Users\Lewy\Documents\The Five Conditions
    2021-07-14 17:33 - 2021-07-14 18:24 - 000001528 _____ C:\Windows\cdplayer.ini
    2021-07-14 17:31 - 2021-07-14 17:31 - 000002160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
    2021-07-14 17:31 - 2021-07-14 17:31 - 000002148 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2021-07-14 17:29 - 2021-07-19 11:38 - 000004264 _____ C:\Windows\system32\Tasks\Avast Emergency Update
    2021-07-14 17:29 - 2021-07-14 17:29 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
    2021-07-14 17:29 - 2021-07-14 17:29 - 000000000 ____D C:\Program Files\Common Files\Avast Software
    2021-07-14 17:29 - 2021-07-14 17:28 - 000851192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
    2021-07-14 17:29 - 2021-07-14 17:28 - 000524400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
    2021-07-14 17:29 - 2021-07-14 17:28 - 000471920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2021-07-14 17:29 - 2021-07-14 17:28 - 000366616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
    2021-07-14 17:29 - 2021-07-14 17:28 - 000339736 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2021-07-14 17:29 - 2021-07-14 17:28 - 000327536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
    2021-07-14 17:29 - 2021-07-14 17:28 - 000250392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
    2021-07-14 17:29 - 2021-07-14 17:28 - 000216928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
    2021-07-14 17:29 - 2021-07-14 17:28 - 000215384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
    2021-07-14 17:29 - 2021-07-14 17:28 - 000182600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2021-07-14 17:29 - 2021-07-14 17:28 - 000107848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2021-07-14 17:29 - 2021-07-14 17:28 - 000099352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
    2021-07-14 17:29 - 2021-07-14 17:28 - 000082912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
    2021-07-14 17:29 - 2021-07-14 17:28 - 000041352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
    2021-07-14 17:29 - 2021-07-14 17:28 - 000035720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
    2021-07-14 17:29 - 2021-07-14 17:28 - 000017328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswElam.sys
    2021-07-14 17:28 - 2021-07-18 23:36 - 000000000 ____D C:\ProgramData\Avast Software
    2021-07-14 17:28 - 2021-07-14 17:28 - 000000000 ____D C:\Program Files\Avast Software
    2021-07-14 17:27 - 2021-07-14 17:34 - 000001067 _____ C:\Users\Lewy\Desktop\FreeRIP MP3 Converter.lnk
    2021-07-14 17:27 - 2021-07-14 17:27 - 002248468 _____ (GreenTree Applications SRL) C:\Users\Lewy\Downloads\FreeRipPlus.exe
    2021-07-14 17:27 - 2021-07-14 17:27 - 000001534 _____ C:\ProgramData\ss.ini
    2021-07-14 17:27 - 2021-07-14 17:27 - 000000000 ____D C:\Users\Lewy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRIP MP3 Converter
    2021-07-14 17:27 - 2021-07-14 17:27 - 000000000 ____D C:\ProgramData\FreeRIP MP3 Converter
    2021-07-14 17:27 - 2021-07-14 17:27 - 000000000 ____D C:\Program Files (x86)\FreeRIP
    2021-07-13 21:00 - 2021-07-13 21:00 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb
    2021-07-13 21:00 - 2021-07-13 21:00 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
    2021-07-13 21:00 - 2021-07-13 21:00 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rendezvousSession.tlb
    2021-07-13 21:00 - 2021-07-13 21:00 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\rendezvousSession.tlb
    2021-07-13 20:59 - 2021-07-13 20:59 - 001823280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2021-07-13 20:59 - 2021-07-13 20:59 - 000011357 _____ C:\Windows\system32\DrtmAuthTxt.wim
    2021-07-13 20:29 - 2021-07-13 20:29 - 000082850 _____ C:\Users\Lewy\Downloads\Cenik nadomestil za posle s potrošniki_veljavnost 1. julij 2021.pdf
    2021-07-02 13:48 - 2021-07-02 13:48 - 016203121 _____ C:\Users\Lewy\Downloads\drive-download-20210702T114821Z-001.zip
    2021-07-02 13:10 - 2021-07-02 13:10 - 019646156 _____ C:\Users\Lewy\Downloads\drive-download-20210702T111035Z-001.zip
    2021-07-02 02:15 - 2021-07-14 21:27 - 000004156 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1621107088
    2021-06-29 15:02 - 2021-06-29 15:02 - 003977315 _____ C:\Users\Lewy\Downloads\Leskovsek28221-1322.pdf
    2021-06-26 20:01 - 2021-06-26 20:02 - 000000400 __RSH C:\ProgramData\ntuser.pol
    2021-06-26 19:34 - 2021-06-26 19:34 - 000000000 ____D C:\Users\Lewy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Windows AIK
    2021-06-26 19:34 - 2021-06-26 19:34 - 000000000 ____D C:\Program Files\Windows Imaging
    2021-06-26 19:08 - 2021-06-26 19:08 - 000000000 ____D C:\Program Files\Reference Assemblies
    2021-06-26 19:08 - 2021-06-26 19:08 - 000000000 ____D C:\Program Files\MSBuild
    2021-06-26 19:08 - 2021-06-26 19:08 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
    2021-06-26 19:08 - 2021-06-26 19:08 - 000000000 ____D C:\Program Files (x86)\MSBuild
    2021-06-26 18:50 - 2021-06-26 19:34 - 000000000 ____D C:\Program Files\Windows AIK
    2021-06-26 17:53 - 2021-06-26 18:46 - 1789542400 _____ C:\Users\Lewy\Downloads\KB3AIK_EN (2).iso
    2021-06-26 17:12 - 2021-06-26 17:20 - 293035326 _____ C:\Users\Lewy\Downloads\Unconfirmed 355883.crdownload
    2021-06-25 17:46 - 2021-06-25 17:46 - 000001525 _____ C:\Users\Lewy\Desktop\emsisoftreport.txt
    2021-06-25 10:28 - 2021-06-25 10:28 - 000000000 ____D C:\ProgramData\Emsisoft
    2021-06-25 10:27 - 2021-06-25 10:27 - 000001100 _____ C:\Users\Lewy\Desktop\Start Emergency Kit Scanner.exe - Shortcut.lnk
    2021-06-25 10:26 - 2021-07-19 10:48 - 000000000 ____D C:\EEK
    2021-06-25 10:26 - 2021-06-25 10:24 - 295204800 _____ C:\Users\Lewy\Desktop\EmsisoftEmergencyKit.exe
    2021-06-25 10:22 - 2021-06-25 10:24 - 295204800 _____ C:\Users\Lewy\Downloads\EmsisoftEmergencyKit.exe
    2021-06-24 23:18 - 2021-06-24 23:16 - 000467379 _____ C:\Windows\system32\Drivers\etc\hosts.20210624-231815.backup
    2021-06-24 22:56 - 2021-06-24 22:56 - 000001530 _____ C:\Users\Lewy\Desktop\0MalwareBytesscanreport.txt
    2021-06-24 22:40 - 2021-07-18 22:46 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
    2021-06-24 22:39 - 2021-06-26 17:10 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
    2021-06-24 22:39 - 2021-06-24 21:08 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
    2021-06-24 20:54 - 2021-07-18 22:46 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2021-06-24 20:54 - 2021-06-24 21:08 - 000199128 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
    2021-06-24 20:54 - 2021-06-24 20:54 - 000000000 ____D C:\Users\Lewy\AppData\Local\mbamtray
    2021-06-24 20:54 - 2021-06-24 20:54 - 000000000 ____D C:\Users\Lewy\AppData\Local\mbam
    2021-06-24 20:54 - 2021-06-24 20:54 - 000000000 ____D C:\ProgramData\Malwarebytes
    2021-06-24 20:54 - 2021-06-24 20:54 - 000000000 ____D C:\Program Files\Malwarebytes
    2021-06-24 20:51 - 2021-06-24 20:52 - 064333800 _____ (Malwarebytes ) C:\Users\Lewy\Downloads\mb3-setup-1878.1878-3.8.3.2965.exe
    2021-06-24 20:49 - 2021-06-24 20:49 - 000002247 _____ C:\Users\Lewy\Desktop\0AdwCleaner[C00].txt
    2021-06-24 20:47 - 2021-06-24 20:49 - 000000000 ____D C:\AdwCleaner
    2021-06-24 20:18 - 2021-06-24 20:35 - 000002656 _____ C:\Users\Lewy\Desktop\0Fixlog.txt
    2021-06-24 13:44 - 2021-07-13 22:33 - 000000000 ____D C:\Users\Lewy\AppData\Local\ElevatedDiagnostics
    2021-06-24 13:39 - 2021-06-26 17:07 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
    2021-06-24 13:24 - 2021-06-24 13:27 - 000045880 _____ C:\Users\Lewy\Desktop\0Addition.txt
    2021-06-24 13:22 - 2021-07-19 12:01 - 000158119 _____ C:\Users\Lewy\Desktop\0FRST.txt
    2021-06-24 13:18 - 2021-06-24 13:20 - 005198336 _____ (AVAST Software) C:\Users\Lewy\Downloads\aswMBR.exe
    2021-06-23 21:38 - 2021-06-23 21:38 - 002371072 _____ C:\Windows\system32\rdpnano.dll
    2021-06-23 21:38 - 2021-06-23 21:38 - 001314128 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
    2021-06-23 21:38 - 2021-06-23 21:38 - 000570880 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2021-06-23 21:38 - 2021-06-23 21:38 - 000452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2021-06-23 21:38 - 2021-06-23 21:38 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
    2021-06-23 21:38 - 2021-06-23 21:38 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
    2021-06-23 21:38 - 2021-06-23 21:38 - 000060928 _____ C:\Windows\system32\runexehelper.exe
    2021-06-23 21:37 - 2021-06-23 21:37 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
    2021-06-23 21:37 - 2021-06-23 21:37 - 001393504 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2021-06-23 21:37 - 2021-06-23 21:37 - 000097792 _____ C:\Windows\system32\Drivers\cimfs.sys
    2021-06-23 21:32 - 2021-06-23 21:32 - 000000000 ___HD C:\$Windows.~WS
    2021-06-23 21:30 - 2021-06-23 20:20 - 000230743 _____ C:\Windows\system32\Drivers\etc\hosts.20210623-213007.backup
    2021-06-23 20:29 - 2021-06-23 20:31 - 001173560 _____ (Akeo Consulting) C:\Users\Lewy\Downloads\rufus-3.14.exe
    2021-06-23 20:27 - 2021-06-23 20:27 - 000000000 _____ C:\Users\Lewy\Downloads\Unconfirmed 369227.crdownload
    2021-06-23 20:25 - 2021-06-23 20:25 - 000000000 _____ C:\Users\Lewy\Downloads\Unconfirmed 608991.crdownload
    2021-06-22 18:05 - 2021-06-23 22:13 - 000000000 ____D C:\ESD
    2021-06-22 18:01 - 2021-06-22 18:01 - 000000000 ____D C:\$WINDOWS.~BT
    2021-06-22 18:00 - 2021-06-22 18:00 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
    2021-06-22 18:00 - 2021-06-22 18:00 - 000000719 _____ C:\Users\Lewy\Desktop\Windows 10 Update Assistant.lnk
    2021-06-22 18:00 - 2021-06-22 18:00 - 000000000 ____D C:\Windows10Upgrade
    2021-06-21 21:02 - 2021-06-21 21:02 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
    2021-06-21 20:56 - 2021-06-21 20:56 - 000000000 ____D C:\Users\Lewy\AppData\Local\D3DSCache
    2021-06-21 20:02 - 2021-07-18 21:47 - 000013870 _____ C:\Windows\SysWOW64\bddel.dat
    2021-06-21 12:51 - 2021-06-21 12:51 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2021-06-21 12:51 - 2021-06-21 12:51 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2021-06-21 12:51 - 2021-06-21 12:51 - 001864192 _____ (The ICU Project) C:\Windows\SysWOW64\icu.dll
    2021-06-21 12:51 - 2021-06-21 12:51 - 000468440 _____ C:\Windows\SysWOW64\WindowManagementAPI.dll
    2021-06-21 12:51 - 2021-06-21 12:51 - 000423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
    2021-06-21 12:51 - 2021-06-21 12:51 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
    2021-06-21 12:50 - 2021-06-21 12:50 - 002260480 _____ (The ICU Project) C:\Windows\system32\icu.dll
    2021-06-21 12:50 - 2021-06-21 12:50 - 000657464 _____ C:\Windows\system32\WindowManagementAPI.dll
    2021-06-21 12:50 - 2021-06-21 12:50 - 000563712 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
    2021-06-21 12:50 - 2021-06-21 12:50 - 000287232 _____ C:\Windows\system32\CoreMas.dll
    2021-06-21 12:50 - 2021-06-21 12:50 - 000272384 _____ C:\Windows\system32\TpmTool.exe
    2021-06-21 12:39 - 2021-06-21 12:38 - 000468175 ____R C:\Windows\system32\Drivers\etc\hosts.20210621-123946.backup
    2021-06-21 12:38 - 2021-06-21 12:35 - 000468175 _____ C:\Windows\system32\Drivers\etc\hosts.20210621-123851.backup

    ==================== One month (modified) ==================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2021-07-19 12:18 - 2021-06-15 22:07 - 000000000 ____D C:\FRST
    2021-07-19 11:56 - 2021-05-15 21:31 - 000000000 ____D C:\Program Files (x86)\Google
    2021-07-19 11:53 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2021-07-19 11:51 - 2021-06-15 22:04 - 000074021 _____ C:\Windows\Tweaking.com - Registry Backup Setup Log.txt
    2021-07-19 11:44 - 2021-05-15 21:31 - 000003944 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1621107074
    2021-07-19 11:44 - 2021-05-15 21:31 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
    2021-07-19 11:44 - 2021-05-15 21:30 - 000000000 ____D C:\Program Files\Opera
    2021-07-19 11:44 - 2020-11-19 09:54 - 000841126 _____ C:\Windows\system32\PerfStringBackup.INI
    2021-07-19 11:44 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
    2021-07-19 11:43 - 2021-06-15 22:03 - 007333288 _____ (Tweaking.com) C:\Users\Lewy\Desktop\tweaking.com_registry_backup_setup.exe
    2021-07-19 11:37 - 2021-05-15 22:44 - 000000000 ____D C:\Program Files (x86)\TeamViewer
    2021-07-19 11:37 - 2021-05-13 08:05 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
    2021-07-19 11:36 - 2021-06-17 20:47 - 1757392203 _____ C:\Windows\MEMORY.DMP
    2021-07-19 11:36 - 2021-06-17 20:47 - 000000000 ____D C:\Windows\Minidump
    2021-07-19 11:36 - 2021-05-12 19:07 - 000008192 ___SH C:\DumpStack.log.tmp
    2021-07-19 11:36 - 2020-11-19 09:43 - 000000006 ____H C:\Windows\Tasks\SA.DAT
    2021-07-19 11:36 - 2020-11-19 09:43 - 000000000 ____D C:\Windows\system32\SleepStudy
    2021-07-19 10:46 - 2021-05-12 19:37 - 000000000 ____D C:\Users\Lewy
    2021-07-19 09:11 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
    2021-07-19 00:12 - 2021-05-13 08:06 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
    2021-07-18 22:46 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
    2021-07-18 20:30 - 2021-05-13 15:02 - 000000000 ____D C:\SpybotBootCD
    2021-07-17 15:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
    2021-07-17 15:08 - 2020-11-19 09:46 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
    2021-07-17 15:08 - 2020-11-19 09:46 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
    2021-07-17 15:08 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
    2021-07-16 03:50 - 2021-05-15 21:31 - 000003418 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
    2021-07-16 03:50 - 2021-05-15 21:31 - 000003294 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
    2021-07-14 17:29 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
    2021-07-13 21:49 - 2021-05-25 14:50 - 000000000 ____D C:\Users\Lewy\AppData\Local\CrashDumps
    2021-07-13 21:27 - 2020-11-19 09:43 - 000458272 _____ C:\Windows\system32\FNTCACHE.DAT
    2021-07-13 21:26 - 2019-12-07 11:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
    2021-07-13 21:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
    2021-07-13 21:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
    2021-07-13 21:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
    2021-07-13 21:26 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
    2021-07-13 21:03 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
    2021-07-13 20:46 - 2021-05-13 08:23 - 000000000 ____D C:\Windows\system32\MRT
    2021-07-13 20:41 - 2021-05-13 08:23 - 133422552 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2021-07-11 15:26 - 2021-05-12 19:43 - 000003360 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2620606096-767457063-359015763-1001
    2021-07-11 15:26 - 2021-05-12 19:43 - 000000000 ___RD C:\Users\Lewy\OneDrive
    2021-07-11 15:26 - 2021-05-12 19:37 - 000002376 _____ C:\Users\Lewy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2021-07-11 14:23 - 2021-05-13 07:59 - 000000000 ____D C:\Users\Lewy\AppData\Roaming\Suuntolink
    2021-07-11 11:49 - 2021-05-13 07:57 - 000000000 ____D C:\Users\Lewy\AppData\Local\Suuntolink
    2021-07-08 23:52 - 2021-05-15 21:46 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
    2021-07-08 23:52 - 2021-05-15 21:46 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
    2021-07-08 23:52 - 2021-05-15 21:46 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
    2021-07-08 23:52 - 2021-05-15 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
    2021-07-02 22:12 - 2021-06-07 10:47 - 000000000 ____D C:\Users\Lewy\AppData\LocalLow\Mozilla
    2021-07-02 22:11 - 2021-06-07 10:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
    2021-07-02 18:52 - 2021-05-15 21:32 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2021-07-02 18:52 - 2021-05-15 21:32 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2021-07-02 12:03 - 2020-11-19 09:46 - 000003480 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
    2021-07-02 12:03 - 2020-11-19 09:46 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
    2021-06-26 20:01 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\system32\GroupPolicy
    2021-06-26 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
    2021-06-26 18:38 - 2021-05-15 21:32 - 000000000 ____D C:\Program Files\Google
    2021-06-26 18:30 - 2021-06-04 16:30 - 000000000 ____D C:\Program Files (x86)\SoundSpectrum
    2021-06-24 00:12 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
    2021-06-24 00:12 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
    2021-06-24 00:12 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
    2021-06-24 00:12 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
    2021-06-24 00:12 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
    2021-06-24 00:12 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
    2021-06-24 00:12 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
    2021-06-24 00:12 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
    2021-06-24 00:12 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
    2021-06-23 22:13 - 2021-05-13 05:06 - 000000000 ____D C:\Windows\Panther
    2021-06-23 20:25 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
    2021-06-21 21:08 - 2021-05-15 21:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2021-06-21 21:02 - 2021-05-15 21:29 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
    2021-06-21 21:02 - 2021-05-15 21:29 - 000000000 ____D C:\ProgramData\Mozilla
    2021-06-21 20:55 - 2021-06-16 01:28 - 000061345 _____ C:\Users\Lewy\Downloads\FRST.txt
    2021-06-21 15:19 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
    2021-06-21 15:19 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
    2021-06-21 15:19 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
    2021-06-21 15:19 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
    2021-06-21 15:19 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV
    2021-06-21 15:19 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE

    ==================== Files in the root of some directories ========

    2021-05-25 14:50 - 2021-05-25 14:50 - 000001495 _____ () C:\Users\Lewy\AppData\Local\recently-used.xbel

    ==================== SigCheck ============================

    (There is no automatic fix for files that do not pass verification.)

    ==================== End of FRST.txt ========================

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2021
    Ran by Lewy (19-07-2021 12:21:23)
    Running from C:\Users\Lewy\Desktop
    Windows 10 Education Version 21H1 19043.1110 (X64) (2021-05-12 17:12:08)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================


    (If an entry is included in the fixlist, it will be removed.)

    Administrator (S-1-5-21-2620606096-767457063-359015763-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-2620606096-767457063-359015763-503 - Limited - Disabled)
    Guest (S-1-5-21-2620606096-767457063-359015763-501 - Limited - Disabled)
    Lewy (S-1-5-21-2620606096-767457063-359015763-1001 - Administrator - Enabled) => C:\Users\Lewy
    WDAGUtilityAccount (S-1-5-21-2620606096-767457063-359015763-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Spybot - Search and Destroy (Enabled - Up to date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
    Application Compatibility Toolkit (HKLM\...\{3BD6A529-0C2A-1EE9-A123-3EF4D804A1D1}) (Version: 10.1.19041.1 - Microsoft) Hidden
    Appman Auto Sequencer (HKLM-x32\...\{2942F2D5-2A6D-2061-A152-A736B3277068}) (Version: 10.1.19041.1 - Microsoft) Hidden
    Appman Sequencer on amd64 (HKLM\...\{7A394A81-957E-FA00-5F3F-46CF5DDEAA4A}) (Version: 10.1.19041.1 - Microsoft) Hidden
    Assessments on Client (HKLM-x32\...\{2C100366-FCBF-7B21-5E61-015CDFBBEF25}) (Version: 10.1.19041.1 - Microsoft) Hidden
    Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.5.2470 - Avast Software)
    Backup and Sync from Google (HKLM\...\{A0397FA8-34ED-4A41-A8C9-30EE0B89C464}) (Version: 3.56.3802.7766 - Google, Inc.)
    Blender (HKLM\...\{D6E38255-FB12-4724-A6FF-075B43272C66}) (Version: 2.92.0 - Blender Foundation)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
    CutePDF Writer (HKLM\...\CutePDF Writer Installation) (Version: 4.0 - Acro Software Inc.)
    FreeRIP MP3 Converter 5.7.1.5 (HKLM-x32\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 5.7.1.5 - GreenTree Applications SRL)
    GIMP 2.10.24 (HKLM\...\GIMP-2_is1) (Version: 2.10.24 - The GIMP Team)
    Google Chrome (HKLM\...\{C208811C-385C-3C16-BE72-20618CB11F29}) (Version: 91.0.4472.124 - Google LLC)
    GPL Ghostscript (HKLM\...\GPL Ghostscript 9.54.0) (Version: 9.54.0 - Artifex Software Inc.)
    Imaging And Configuration Designer (HKLM-x32\...\{8072F2F3-C269-A639-4626-9209FFF6DEDB}) (Version: 10.1.19041.1 - Microsoft) Hidden
    Imaging Designer (HKLM-x32\...\{2852AE0C-1EEB-72F9-1C5D-FACF6C9304DE}) (Version: 10.1.19041.1 - Microsoft) Hidden
    Imaging Tools Support (HKLM-x32\...\{30C24881-949F-D09C-5376-9F0DC6B412CD}) (Version: 10.1.19041.1 - Microsoft) Hidden
    Inkscape (HKLM\...\{8E094247-4FB9-47F4-AF01-BF66AD9781C8}) (Version: 1.0.2 - Inkscape)
    iTunes (HKLM\...\{653C59E1-B78D-4D82-9259-C14DFD9F6EFC}) (Version: 12.11.3.17 - Apple Inc.)
    Kits Configuration Installer (HKLM-x32\...\{8867E8B9-1539-18F3-54AB-B1F1E641AC14}) (Version: 10.1.19041.1 - Microsoft) Hidden
    Krita (x64) 4.4.3 (HKLM\...\Krita_x64) (Version: 4.4.3.0 - Krita Foundation)
    LibreOffice 7.1.3.2 (HKLM\...\{76B2DBF3-5773-4463-9EEB-D4A099EB6265}) (Version: 7.1.3.2 - The Document Foundation)
    Logitech Options (HKLM\...\LogiOptions) (Version: 8.10.84 - Logitech)
    Malwarebytes version 4.4.3.125 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.3.125 - Malwarebytes)
    Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.70 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\OneDriveSetup.exe) (Version: 21.119.0613.0001 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
    Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
    Microsoft Visual Studio Code (HKLM\...\{EA457B21-F73E-494C-ACAB-524FDE069978}_is1) (Version: 1.56.2 - Microsoft Corporation)
    Mozilla Firefox 89.0 (x64 en-US) (HKLM\...\Mozilla Firefox 89.0 (x64 en-US)) (Version: 89.0 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 88.0.1 - Mozilla)
    MXAx64 (HKLM-x32\...\{53B28ABA-8EFB-7BFB-603D-9B1334BBD881}) (Version: 10.1.19041.1 - Microsoft) Hidden
    Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.9.5 - Notepad++ Team)
    NVIDIA Graphics Driver 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
    NVIDIA nView 141.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.36 - NVIDIA Corporation)
    OEM Test Certificates (HKLM-x32\...\{DAF67B85-47AE-B13B-5C22-3A7149E46EB8}) (Version: 10.1.19041.1 - Microsoft) Hidden
    Opera Stable 77.0.4054.254 (HKLM-x32\...\Opera 77.0.4054.254) (Version: 77.0.4054.254 - Opera Software)
    paint.net (HKLM\...\{1A59F8A6-6AB4-4522-9340-F420B9155A31}) (Version: 4.2.16 - dotPDN LLC)
    PuTTY release 0.75 (64-bit) (HKLM\...\{06DB09EC-52D5-47FA-A0F3-D70ED6407481}) (Version: 0.75.0.0 - Simon Tatham)
    Python 3.9.5 (64-bit) (HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\{f3d4ed4c-f434-41ef-8469-ffadd80c4ccf}) (Version: 3.9.5150.0 - Python Software Foundation)
    Python 3.9.5 Core Interpreter (64-bit) (HKLM\...\{FBB6299D-CB58-4177-B6A0-63BFB1C8C3AE}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
    Python 3.9.5 Development Libraries (64-bit) (HKLM\...\{AEE58901-97A1-422A-B964-4FD9BF3327B8}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
    Python 3.9.5 Documentation (64-bit) (HKLM\...\{4EFE695B-F377-4CB0-90E3-6AEEE22DEFEB}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
    Python 3.9.5 Executables (64-bit) (HKLM\...\{843C07B6-040E-4E83-B244-5383247D70AB}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
    Python 3.9.5 pip Bootstrap (64-bit) (HKLM\...\{7559EB6B-36F9-4AE8-8970-532E4DC0ECA3}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
    Python 3.9.5 Standard Library (64-bit) (HKLM\...\{F4DC18F4-6323-4BE8-A322-38268831BC24}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
    Python 3.9.5 Tcl/Tk Support (64-bit) (HKLM\...\{351016A7-AED4-4824-8D2E-2F9ED497CF77}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
    Python 3.9.5 Test Suite (64-bit) (HKLM\...\{605117B9-EE12-4498-A089-A63219191799}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
    Python 3.9.5 Utility Scripts (64-bit) (HKLM\...\{420E50F6-A8E8-4098-A321-7DF6B3C3BA82}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
    Python Launcher (HKLM-x32\...\{B6EF11B6-0882-43B1-AA75-4D3BD32A144A}) (Version: 3.9.7427.0 - Python Software Foundation)
    Skype version 8.71 (HKLM-x32\...\Skype_is1) (Version: 8.71 - Skype Technologies S.A.)
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.8.68.0 - Safer-Networking Ltd.)
    Spybot Anti-Beacon (HKLM-x32\...\{419A7FCF-93E1-474D-BFE9-987CF3F90C88}_is1) (Version: 3.7 - Safer-Networking Ltd.)
    SugarSync (HKLM-x32\...\SugarSync) (Version: 4.0.3.3 - KeepItSafe, Inc.)
    Suuntolink (HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\Suuntolink) (Version: 3.6.1 - Suunto)
    TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.18.5 - TeamViewer)
    ThinkPad Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588) (Version: 7.62.00 - )
    ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )
    Toolkit Documentation (HKLM-x32\...\{1978CD82-5D9C-F9BD-4FA3-17AFA5AE12B2}) (Version: 10.1.19041.1 - Microsoft) Hidden
    Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 4.0.0 - Tweaking.com)
    UEV Tools on amd64 (HKLM\...\{91339917-AF30-9EC7-D5AA-05919BB21DB9}) (Version: 10.1.19041.1 - Microsoft) Hidden
    User State Migration Tool (HKLM-x32\...\{2AD80B8E-9213-FEA7-BA85-0EFED76D6F11}) (Version: 10.1.19041.1 - Microsoft) Hidden
    VLC media player (HKLM\...\VLC media player) (Version: 3.0.14 - VideoLAN)
    Volume Activation Management Tool (HKLM-x32\...\{4B43C47D-8870-ACFA-C414-6C0884876EB0}) (Version: 10.1.19041.1 - Microsoft) Hidden
    Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
    Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23367 - Microsoft Corporation)
    Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{9346016b-6620-4841-8ea4-ad91d3ea02b5}) (Version: 10.1.19041.1 - Microsoft Corporation)
    Windows Assessment and Deployment Kit Windows Preinstallation Environment Add-ons - Windows 10 (HKLM-x32\...\{353df250-4ecc-4656-a950-4df93078a5fd}) (Version: 10.1.19041.1 - Microsoft Corporation)
    Windows Automated Installation Kit (HKLM\...\{31E8F586-4EF7-4500-844D-BA8756474FF1}) (Version: 2.0.0.0 - Microsoft Corporation)
    WinSCP 5.17.10 (HKLM-x32\...\winscp3_is1) (Version: 5.17.10 - Martin Prikryl)
    WPT Redistributables (HKLM-x32\...\{AE00264D-F001-A1D3-F3B8-74A9D2193E7F}) (Version: 10.1.19041.1 - Microsoft) Hidden
    WPTx64 (HKLM-x32\...\{FD439F85-AD64-B3E5-9FC5-444AE8C8AF7B}) (Version: 10.1.19041.1 - Microsoft) Hidden
    Zoom (HKLM-x32\...\{325D3FAA-C519-40F3-9423-DE74994B7B80}) (Version: 5.6.823 - Zoom)

    Packages:
    =========
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-05-13] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-05-13] (Microsoft Corporation) [MS Ad]
    Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-21] (Microsoft Studios) [MS Ad]

    ==================== Custom CLSID (Whitelisted): ==============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-06-18] (Google LLC -> Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-06-18] (Google LLC -> Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-06-18] (Google LLC -> Google)
    ShellIconOverlayIdentifiers: [ !SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2020-11-30] (SugarSync, Inc.) [File not signed]
    ShellIconOverlayIdentifiers: [ !SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2020-11-30] (SugarSync, Inc.) [File not signed]
    ShellIconOverlayIdentifiers: [ !SugarSyncSharedSyncing] -> {F7395C2E-A5D8-4a32-9536-5C6A9F1DC450} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2020-11-30] (SugarSync, Inc.) [File not signed]
    ShellIconOverlayIdentifiers: [ !SugarSyncSynced] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2020-11-30] (SugarSync, Inc.) [File not signed]
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
    ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll -> No File
    ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2021-03-22] (Notepad++ -> )
    ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-06-18] (Google LLC -> Google)
    ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2020-11-30] (SugarSync, Inc.) [File not signed]
    ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
    ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll -> No File
    ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-06-18] (Google LLC -> Google)
    ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2015-06-29] (NVIDIA Corporation -> )
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
    ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
    ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-07-14] (Avast Software s.r.o. -> AVAST Software)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2020-11-30] (SugarSync, Inc.) [File not signed]

    ==================== Codecs (Whitelisted) ====================

    ==================== Shortcuts & WMI ========================

    ==================== Loaded Modules (Whitelisted) =============

    2021-05-15 21:36 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
    2019-12-06 19:37 - 2019-12-06 19:37 - 000262144 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
    2020-11-30 22:46 - 2020-11-30 22:46 - 003060224 _____ (SugarSync, Inc.) [File not signed] C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll

    ==================== Alternate Data Streams (Whitelisted) ========

    ==================== Safe Mode (Whitelisted) ==================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\25845787.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\25845787.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Association (Whitelisted) =================

    ==================== Internet Explorer (Whitelisted) ==========

    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-2620606096-767457063-359015763-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
    IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
    IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
    IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

    There are 7942 more sites.

    IE restricted site: HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\123simsen.com -> www.123simsen.com

    There are 7942 more sites.


    ==================== Hosts content: =========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2019-12-07 11:14 - 2021-07-19 11:39 - 000467116 ____N C:\Windows\system32\drivers\etc\hosts
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 www.100sexlinks.com
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 www.10sek.com
    127.0.0.1 www.1-2005-search.com
    127.0.0.1 1-2005-search.com
    127.0.0.1 123fporn.info
    127.0.0.1 www.123fporn.info
    127.0.0.1 www.123haustiereundmehr.com
    127.0.0.1 123haustiereundmehr.com
    127.0.0.1 123moviedownload.com
    127.0.0.1 www.123moviedownload.com

    There are 15980 more lines.


    ==================== Other Areas ===========================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2620606096-767457063-359015763-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img3.jpg
    DNS Servers: 192.168.2.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (If an entry is included in the fixlist, it will be removed.)

    HKLM\...\StartupApproved\Run: => "LogiOptions"
    HKLM\...\StartupApproved\Run: => "iTunesHelper"
    HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
    HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\StartupApproved\Run: => "Spybot-S&D Cleaning"
    HKU\S-1-5-21-2620606096-767457063-359015763-1001\...\StartupApproved\Run: => "SuuntolinkLauncher"

    ==================== FirewallRules (Whitelisted) ================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [Microsoft-Windows-Unified-Telemetry-Client] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
    FirewallRules: [{6C9BAD30-E75B-4B02-8205-702CD4289285}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
    FirewallRules: [{93E726A5-8872-4EAD-AD18-C85ADBB7D106}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{A2A4DBAA-CD61-4720-8B62-335F2466FCC7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{5B62211A-3155-4EF8-837A-55E47F561C05}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
    FirewallRules: [{2B8A53BF-0B23-4E41-982C-D4CC01257694}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
    FirewallRules: [{DB906621-3B3D-4EEF-8747-BF85EB682C4D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
    FirewallRules: [{E164E1F8-2309-42DF-957D-35D4D74DF947}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
    FirewallRules: [{15177D09-89A2-4CBC-8E8D-5A74E06941E3}] => (Allow) C:\Program Files (x86)\SugarSync\SugarSync.exe (KeepItSafe, Inc.) [File not signed]
    FirewallRules: [{6760AB53-900C-4ECA-AFAD-C3446D3AB6F3}] => (Allow) C:\Program Files (x86)\SugarSync\SugarSync.exe (KeepItSafe, Inc.) [File not signed]
    FirewallRules: [{79A5CBFB-333C-4D5A-8D77-2618F7E2B8B7}] => (Allow) C:\Program Files (x86)\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
    FirewallRules: [{25F65549-883E-4388-9DFA-01656737201A}] => (Allow) C:\Program Files (x86)\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
    FirewallRules: [{853C167E-1E7E-4C77-8534-3711FBCE56D4}] => (Allow) C:\Program Files (x86)\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
    FirewallRules: [{7108E88C-00D9-4813-887B-54DCC319C16D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{E31A36D9-2C41-4A45-AFD3-269D033EB0BD}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{2CBC8CF9-39FC-4574-9AD4-62711346EB75}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{9689789E-14C7-47DE-A1B8-ABE0AAA271E9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{E44A3438-1202-4603-8D26-253ECC0799DA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{2C7532C0-0E40-4DD3-B721-BD1222F27000}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{3FABD95B-5A7E-405E-870F-C350472FBAFA}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{D5B97CA4-CDE7-457C-A0A1-D1153C64F0AA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [{B1B4EF68-FB1E-4DB1-B322-1D085ABB6A40}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [{30EA4684-9A4A-4BBF-B5D6-1514F7AFF6B6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [{116D42E5-26D4-496D-8916-5DFC626ACD53}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [{366912F1-31C6-41FE-BC10-4DC031C7EFC7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
    FirewallRules: [{5F411457-CF74-4679-8682-873A42299FA4}] => (Allow) C:\Program Files\Opera\77.0.4054.203\opera.exe (Opera Software AS -> Opera Software)
    FirewallRules: [{A74F231B-10F3-47EE-A7C3-45A39DFD7E96}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{70506BDB-5FE9-4F08-9371-4FF344862947}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{B84407EE-E4A8-42B7-85B5-57DE5C4A66CC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{84314276-9589-4EBB-BCC3-23F31C570061}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{6279D287-FC72-4ADE-949F-DFC5F68ED12A}] => (Allow) C:\Program Files\Opera\77.0.4054.254\opera.exe (Opera Software AS -> Opera Software)
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service

    ==================== Restore Points =========================

    26-06-2021 19:33:31 Installed Windows Automated Installation Kit
    05-07-2021 10:09:15 Scheduled Checkpoint
    07-07-2021 18:07:09 Windows Modules Installer
    07-07-2021 21:26:55 Windows Modules Installer
    13-07-2021 20:53:40 Windows Modules Installer

    ==================== Faulty Device Manager Devices ============

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: PCI Serial Port
    Description: PCI Serial Port
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: PCI Simple Communications Controller
    Description: PCI Simple Communications Controller
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


    ==================== Event log errors: ========================

    Application errors:
    ==================
    Error: (07/19/2021 12:21:08 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
    Faulting module name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
    Exception code: 0xc0000005
    Fault offset: 0x00005c92
    Faulting process id: 0x26e0
    Faulting application start time: 0x01d77c87c81b9040
    Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
    Faulting module path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
    Report Id: 2c3dd927-16f3-4fc8-81e9-fa20060e375e
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (07/19/2021 12:18:59 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
    Faulting module name: hhctrl.ocx_unloaded, version: 10.0.19041.746, time stamp: 0x2667553c
    Exception code: 0xc0000005
    Fault offset: 0x000260b6
    Faulting process id: 0x2694
    Faulting application start time: 0x01d77c84fce88c7c
    Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
    Faulting module path: hhctrl.ocx
    Report Id: df45c06a-ab46-475b-8c26-643d2d6d7b91
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (07/19/2021 12:01:08 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
    Faulting module name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
    Exception code: 0xc0000005
    Fault offset: 0x00005c92
    Faulting process id: 0x2694
    Faulting application start time: 0x01d77c84fce88c7c
    Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
    Faulting module path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
    Report Id: 3028e6a3-d2dd-4a12-9f4d-fe24a4d54605
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (07/19/2021 11:58:46 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
    Faulting module name: hhctrl.ocx_unloaded, version: 10.0.19041.746, time stamp: 0x2667553c
    Exception code: 0xc0000005
    Fault offset: 0x000260b6
    Faulting process id: 0x57c
    Faulting application start time: 0x01d77c83971f55b2
    Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
    Faulting module path: hhctrl.ocx
    Report Id: 363de8eb-db59-4297-b2e6-0ff1d430ba01
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (07/19/2021 11:51:08 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
    Faulting module name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
    Exception code: 0xc0000005
    Fault offset: 0x00005c92
    Faulting process id: 0x57c
    Faulting application start time: 0x01d77c83971f55b2
    Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
    Faulting module path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
    Report Id: 159d9f5e-0cd4-43eb-b6de-63f51f9bba8d
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (07/19/2021 11:44:38 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
    Faulting module name: hhctrl.ocx_unloaded, version: 10.0.19041.746, time stamp: 0x2667553c
    Exception code: 0xc0000005
    Fault offset: 0x000260b6
    Faulting process id: 0x480
    Faulting application start time: 0x01d77c823184c385
    Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
    Faulting module path: hhctrl.ocx
    Report Id: 37c4b66f-a5c7-4ef6-8d48-96b4bebf2f3e
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (07/19/2021 11:41:07 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
    Faulting module name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
    Exception code: 0xc0000005
    Fault offset: 0x00005c92
    Faulting process id: 0x480
    Faulting application start time: 0x01d77c823184c385
    Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
    Faulting module path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
    Report Id: 687a0c03-64a9-4911-99e1-382a5cb6fa38
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (07/19/2021 10:50:06 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
    Faulting module name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
    Exception code: 0xc0000005
    Fault offset: 0x00005c92
    Faulting process id: 0x924
    Faulting application start time: 0x01d77c7b0aa0ca3e
    Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
    Faulting module path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
    Report Id: 827e5df4-c832-4768-b0f8-2fe3181e3be3
    Faulting package full name:
    Faulting package-relative application ID:


    System errors:
    =============
    Error: (07/19/2021 11:44:14 AM) (Source: disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk1\DR1.

    Error: (07/19/2021 11:38:36 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
    Description: There was an error while attempting to read the local hosts file.

    Error: (07/19/2021 11:38:27 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
    Description: There was an error while attempting to read the local hosts file.

    Error: (07/19/2021 11:37:43 AM) (Source: BugCheck) (EventID: 1001) (User: )
    Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0xffff82012cfcd010, 0x00000000000000ff, 0x0000000000000000, 0xfffff804054095ae). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: db320ab5-46e1-4434-b2ba-dfbb31426502.

    Error: (07/19/2021 11:36:44 AM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 10:46:22 on ‎19/‎07/‎2021 was unexpected.

    Error: (07/19/2021 11:32:07 AM) (Source: disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk2\DR2.

    Error: (07/19/2021 11:32:07 AM) (Source: disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk1\DR1.

    Error: (07/19/2021 10:48:30 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
    Description: There was an error while attempting to read the local hosts file.


    Windows Defender:
    ================
    Date: 2021-07-17 15:02:44
    Description:
    Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
    For more information please see the following:
    https://go.microsoft.com/fwlink/?lin...4&enterprise=0
    Name: SettingsModifier:Win32/PossibleHostsFileHijack
    Severity: Medium
    Category: Settings Modifier
    Path: file:_C:\Windows\System32\drivers\etc\hosts
    Detection Origin: Local machine
    Detection Type: Concrete
    Detection Source: Real-Time Protection
    Process Name: C:\Program Files\Avast Software\Avast\setup\instup.exe
    Security intelligence Version: AV: 1.339.1708.0, AS: 1.339.1708.0, NIS: 1.339.1708.0
    Engine Version: AM: 1.1.18100.6, NIS: 1.1.18100.6

    Date: 2021-07-13 22:33:55
    Description:
    Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
    For more information please see the following:
    https://go.microsoft.com/fwlink/?lin...4&enterprise=0
    Name: SettingsModifier:Win32/PossibleHostsFileHijack
    Severity: Medium
    Category: Settings Modifier
    Path: file:_C:\Windows\System32\drivers\etc\hosts
    Detection Origin: Local machine
    Detection Type: Concrete
    Detection Source: Real-Time Protection
    Process Name: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSpybotLab.exe
    Security intelligence Version: AV: 1.339.1708.0, AS: 1.339.1708.0, NIS: 1.339.1708.0
    Engine Version: AM: 1.1.18100.6, NIS: 1.1.18100.6

    Date: 2021-07-13 22:29:32
    Description:
    Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
    For more information please see the following:
    https://go.microsoft.com/fwlink/?lin...4&enterprise=0
    Name: SettingsModifier:Win32/PossibleHostsFileHijack
    Severity: Medium
    Category: Settings Modifier
    Path: file:_C:\Windows\System32\drivers\etc\hosts
    Detection Origin: Local machine
    Detection Type: Concrete
    Detection Source: Real-Time Protection
    Process Name: C:\Program Files (x86)\Safer-Networking Ltd\Spybot Anti-Beacon\Spybot3AntiBeacon.exe
    Security intelligence Version: AV: 1.339.1708.0, AS: 1.339.1708.0, NIS: 1.339.1708.0
    Engine Version: AM: 1.1.18100.6, NIS: 1.1.18100.6

    Date: 2021-07-13 22:25:57
    Description:
    Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
    For more information please see the following:
    https://go.microsoft.com/fwlink/?lin...4&enterprise=0
    Name: SettingsModifier:Win32/PossibleHostsFileHijack
    Severity: Medium
    Category: Settings Modifier
    Path: file:_C:\Windows\System32\drivers\etc\hosts
    Detection Origin: Local machine
    Detection Type: Concrete
    Detection Source: Real-Time Protection
    Process Name: C:\Program Files (x86)\Safer-Networking Ltd\Spybot Anti-Beacon\Spybot3AntiBeacon.exe
    Security intelligence Version: AV: 1.339.1708.0, AS: 1.339.1708.0, NIS: 1.339.1708.0
    Engine Version: AM: 1.1.18100.6, NIS: 1.1.18100.6

    Date: 2021-07-13 22:19:03
    Description:
    Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
    For more information please see the following:
    https://go.microsoft.com/fwlink/?lin...4&enterprise=0
    Name: SettingsModifier:Win32/PossibleHostsFileHijack
    Severity: Medium
    Category: Settings Modifier
    Path: file:_C:\Windows\System32\drivers\etc\hosts
    Detection Origin: Local machine
    Detection Type: Concrete
    Detection Source: Real-Time Protection
    Process Name: C:\Program Files (x86)\Safer-Networking Ltd\Spybot Anti-Beacon\Spybot3AntiBeacon.exe
    Security intelligence Version: AV: 1.339.1708.0, AS: 1.339.1708.0, NIS: 1.339.1708.0
    Engine Version: AM: 1.1.18100.6, NIS: 1.1.18100.6

    Date: 2021-07-13 22:21:09
    Description:
    Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
    New security intelligence Version:
    Previous security intelligence Version: 1.339.1708.0
    Update Source: Microsoft Update Server
    Security intelligence Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.18100.6
    Error code: 0x80240022
    Error description: The program can't check for definition updates.

    Date: 2021-07-13 22:21:09
    Description:
    Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
    New security intelligence Version:
    Previous security intelligence Version: 1.339.1708.0
    Update Source: Microsoft Update Server
    Security intelligence Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.18100.6
    Error code: 0x80240022
    Error description: The program can't check for definition updates.

    Date: 2021-05-12 21:41:35
    Description:
    Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
    New security intelligence Version:
    Previous security intelligence Version: 1.303.25.0
    Update Source: Microsoft Malware Protection Center
    Security intelligence Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.16400.2
    Error code: 0x80072ee7
    Error description: The server name or address could not be resolved

    Date: 2021-05-12 21:41:35
    Description:
    Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
    New security intelligence Version:
    Previous security intelligence Version: 1.303.25.0
    Update Source: Microsoft Malware Protection Center
    Security intelligence Type: AntiSpyware
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.16400.2
    Error code: 0x80072ee7
    Error description: The server name or address could not be resolved

    Date: 2021-05-12 21:41:35
    Description:
    Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
    New security intelligence Version:
    Previous security intelligence Version: 1.303.25.0
    Update Source: Microsoft Malware Protection Center
    Security intelligence Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.16400.2
    Error code: 0x80072ee7
    Error description: The server name or address could not be resolved

    CodeIntegrity:
    ===============
    Date: 2021-07-19 12:23:10
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2021-07-19 12:23:06
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements.

    Date: 2021-07-19 12:23:03
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

    Date: 2021-07-19 12:18:06
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


    ==================== Memory info ===========================

    BIOS: LENOVO 7LETC9WW (2.29 ) 03/18/2011
    Motherboard: LENOVO 6460D6G
    Processor: Intel(R) Core(TM)2 Duo CPU T8300 @ 2.40GHz
    Percentage of memory in use: 91%
    Total physical RAM: 4030.29 MB
    Available physical RAM: 345.45 MB
    Total Virtual: 18474.29 MB
    Available Virtual: 14764.52 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:140.52 GB) (Free:43.46 GB) NTFS
    Drive f: () (Removable) (Total:233.19 GB) (Free:119.78 GB) FAT32

    \\?\Volume{6dd9e22f-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
    \\?\Volume{6dd9e22f-0000-0000-0000-902423000000}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS

    ==================== MBR & Partition Table ====================

    ==========================================================
    Disk: 0 (Size: 238.5 GB) (Disk ID: 6DD9E22F)
    Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=140.5 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=499 MB) - (Type=27)
    Partition 4: (Not Active) - (Size=97.4 GB) - (Type=05)

    ==========================================================
    Disk: 1 (Size: 233.3 GB) (Disk ID: 6F7A4A05)
    Partition 1: (Not Active) - (Size=233.2 GB) - (Type=0C)

    ==================== End of Addition.txt =======================

    ===================================START OF ASWMBR report:
    aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
    Run date: 2021-07-19 10:49:46
    -----------------------------
    10:49:46.698 OS Version: Windows x64 6.2.9200
    10:49:46.698 Number of processors: 2 586 0x1706
    10:49:46.714 ComputerName: LEWY-T61 UserName: Lewy
    10:49:47.776 Initialize success
    10:50:36.992 AVAST engine defs: 17030301
    10:50:43.492 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
    10:50:43.492 Disk 0 Vendor: Vi550_S3_SSD SBFMJ1.3 Size: 244198MB BusType: 3
    10:50:43.523 Disk 0 MBR read successfully
    10:50:43.523 Disk 0 MBR scan
    10:50:43.523 Disk 0 unknown MBR code
    10:50:43.539 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 50 MB offset 2048
    10:50:43.539 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 143893 MB offset 104448
    10:50:43.554 Disk 0 Partition 3 00 27 Hidden NTFS WinRE NTFS 499 MB offset 294799360
    10:50:43.554 Disk 0 Partition - 00 05 Extended 99754 MB offset 295821312
    10:50:43.570 Disk 0 Partition 4 00 83 Linux B 555 MB offset 295823360
    10:50:43.570 Disk 0 Partition - 00 05 Extended 14444 MB offset 296961525
    10:50:43.601 Disk 0 scanning C:\Windows\system32\drivers
    10:51:01.227 Service scanning
    10:51:35.570 Modules scanning
    10:51:36.039 AVAST engine scan C:\
    11:18:23.613 File: C:\Windows\SysWOW64\GamePanel.exe **INFECTED** Win32:MalOb-CA [Cryp]
    11:29:42.582 File: C:\Windows\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.19041.746_none_2703bed0ba809808\GamePanel.exe **INFECTED** Win32:MalOb-CA [Cryp]
    11:30:46.082 Disk 0 statistics 28847298/0/0 @ 27,90 MB/s
    11:30:46.097 Scan finished successfully
    11:32:28.318 Disk 0 MBR has been saved successfully to "C:\Users\Lewy\Desktop\MBR.dat"
    11:32:28.334 The log file has been saved successfully to "C:\Users\Lewy\Desktop\aswMBR0.txt"
    ===================================END OF ASWMBR report.

    ==========EXTRA Avast free preboot report:

    07/18/2021 22:47
    Scan of all local drives

    File C:\Program Files\GIMP 2\lib\python2.7\test\test_zipfile.pyc|>afile Error 42125 {ZIP archive is corrupted.}
    File C:\Program Files\GIMP 2\lib\python2.7\test\test_zipfile.pyo|>afile Error 42125 {ZIP archive is corrupted.}
    File C:\Program Files\Krita (x64)\share\krita\templates\design\.source\Designcinema16_10_2484x1200_96dpiRGB_8bit_.kra|>mergedimage.png Error 42110 {The file is a decompression bomb.}
    File C:\Program Files\Krita (x64)\share\krita\templates\design\.source\Designcinema2.39_1_2484x1040_96dpiRGB_8bit_.kra|>mergedimage.png Error 42110 {The file is a decompression bomb.}
    File C:\Program Files\Krita (x64)\share\krita\templates\design\.source\DesignpresentationA3Landscape_4960x3508_300dpiRGB_8bit_.kra|>mergedimage.png Error 42110 {The file is a decompression bomb.}
    File C:\Program Files\Krita (x64)\share\krita\templates\design\.source\DesignpresentationA4portrait_2480x3508_300dpiRGB_8bit_.kra|>mergedimage.png Error 42110 {The file is a decompression bomb.}
    File C:\Program Files\Krita (x64)\share\krita\templates\design\.source\Designscreen4_3_2250x1680_96dpiRGB_8bit_.kra|>mergedimage.png Error 42110 {The file is a decompression bomb.}
    Number of searched folders: 131314
    Number of tested files: 2066121
    Number of infected files: 0

    ==========EXTRA Avast free preboot report END ***





    Do I need to keep my notebook running in Windows environment in order that You help me?
    Please help me again, I know I took a lot of Your precious time, but kindly bear with me.
    Thanks in advance, sincerely, Grega Leskovšek from Slovenia, EU

    -----------------------------------------------------------------
    Previous topic: https://forums.spybot.info/showthrea...o-remove/page2
    Last edited by tashi; 2021-07-19 at 20:11. Reason: Added link to previous topic in this forum

  2. #2
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Chances are the files alerted to by that scan are not infected

    Test the file, at one or two of the below sites so that we're not looking at a false positive.

    Please go to one of the below sites to scan the following files:
    Virus Total (Recommended)
    jotti.org
    VirScan
    click on Browse, and upload the following file for analysis:

    C:\Windows\SysWOW64\GamePanel.exe


    Then click Submit. Allow the file to be scanned, and then please copy and paste the results link (for Virus Total) here for me to see.
    If it says already scanned -- click "reanalyze now"
    Please post the results in your next reply.

    Also, see if you can find the below file and have it scanned too

    C:\Windows\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.19041.746_none_2703bed0ba809808\GamePanel.exe

    ~~~~~~~~~~~~

    https://forum.avast.com/index.php?topic=186816.0
    Decompression bomb is a file that may be rather small, but decompresses to an enormous amount of data (when processed as a packed archive)
    This is a frequently asked question - no action is required.
    Decompression Bomb, a file that is highly compressed, which could be very large when decompressed.
    mergedimage.png Error==> 42110 {The file is a decompression bomb.}




    Now I see 2 tools downloaded and used?
    ComboFix.exe <== do not use this tool without supervision
    TDSSKiller <== do not use this tool without supervision

    See if you can locate this file, I want to see whats in it.
    C:\TDSSKiller.2.8.16.0_18.07.2021_19.30.53_log.txt
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    All I actually saw were items we could tidy up on and some restrictions set by your onboard Antivirus security.

    Please reply back the information I requested on the files to have scanned out.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  3. #3
    Junior Member
    Join Date
    Dec 2020
    Posts
    13

    Default

    It was malware ... Avast, Avg and another antivirus have reported it as such. I deleted all related files as well and uninstalled xbox (I do not play computer games - it was in that directory).
    Thanks for Your help, I hope this will suffice.
    It is great to have such a helper as You, Juliet.
    Good luck on whatever You do in Your Life and may all Your relationships be happy, compassionate, loving as well. Thanks again!
    Sincerely, Grega from Slovenia

    Quote Originally Posted by Juliet View Post
    Chances are the files alerted to by that scan are not infected

    Test the file, at one or two of the below sites so that we're not looking at a false positive.

    Please go to one of the below sites to scan the following files:
    Virus Total (Recommended)
    jotti.org
    VirScan
    click on Browse, and upload the following file for analysis:

    C:\Windows\SysWOW64\GamePanel.exe


    Then click Submit. Allow the file to be scanned, and then please copy and paste the results link (for Virus Total) here for me to see.
    If it says already scanned -- click "reanalyze now"
    Please post the results in your next reply.

    Also, see if you can find the below file and have it scanned too

    C:\Windows\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.19041.746_none_2703bed0ba809808\GamePanel.exe

    ~~~~~~~~~~~~

    https://forum.avast.com/index.php?topic=186816.0
    Decompression bomb is a file that may be rather small, but decompresses to an enormous amount of data (when processed as a packed archive)
    This is a frequently asked question - no action is required.
    Decompression Bomb, a file that is highly compressed, which could be very large when decompressed.
    mergedimage.png Error==> 42110 {The file is a decompression bomb.}




    Now I see 2 tools downloaded and used?
    ComboFix.exe <== do not use this tool without supervision
    TDSSKiller <== do not use this tool without supervision

    See if you can locate this file, I want to see whats in it.
    C:\TDSSKiller.2.8.16.0_18.07.2021_19.30.53_log.txt
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    All I actually saw were items we could tidy up on and some restrictions set by your onboard Antivirus security.

    Please reply back the information I requested on the files to have scanned out.

  4. #4
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Thank you Grega from Slovenia

    Glad we could help.
    Since this issue appears resolved ... this Topic is closed.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •