Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: help is greratly appriciated with whatever is going on.

  1. #1
    Junior Member
    Join Date
    Sep 2022
    Posts
    6

    Default

    logs are

    frst


    i cant run the aswMBR thing it starts but then blue screen and error anfd must restart

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022
    Ran by 14153 (administrator) on CRAPTOP (HP HP ENVY x360 Convertible 15m-ds0xxx) (25-09-2022 15:11:27)
    Running from C:\Users\14153\Dropbox (Professional DJ team)\PC\Downloads
    Loaded Profiles: 14153
    Platform: Microsoft Windows 11 Home Version 21H2 22000.978 (X64) Language: English (United States)
    Default browser: Chrome
    Boot Mode: Normal

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
    (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
    (C:\Program Files (x86)\FastVPN\FastVPN.exe ->) (The OpenVPN Project) [File not signed] C:\Program Files (x86)\FastVPN\OpenVPN\openvpn.exe
    (C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe ->) (Safer-Networking Limited -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDRootAlyzer.exe <2>
    (C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
    (C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
    (C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.665.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\105.0.1343.50\msedgewebview2.exe <6>
    (C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\laclient.exe
    (DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_ca8cb2046afa6b22\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_ca8cb2046afa6b22\x64\BridgeCommunication.exe
    (DriverStore\FileRepository\u0359349.inf_amd64_14a932a498cb67e4\B359612\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0359349.inf_amd64_14a932a498cb67e4\B359612\atieclxx.exe
    (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
    (explorer.exe ->) (AlphaTheta Corporation -> AlphaTheta Corporation) C:\Program Files\Pioneer\rekordbox 6.6.4\rekordboxAgent-win32-x64\rekordboxAgent.exe <3>
    (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <16>
    (explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
    (explorer.exe ->) (NameCheap, Inc. -> ) C:\Program Files (x86)\FastVPN\FastVPN.exe
    (explorer.exe ->) (Razer USA Ltd. -> ) C:\Windows\System32\RZTHXHelper.exe
    (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
    (Safer-Networking Limited -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
    (Safer-Networking Limited -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
    (services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0359349.inf_amd64_14a932a498cb67e4\B359612\atiesrxx.exe
    (services.exe ->) (AlphaTheta Corporation -> AlphaTheta Corporation) C:\Program Files (x86)\Pioneer\XDJ-XZ\XDJ-XZ_AutoSetup.exe
    (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
    (services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ) C:\Windows\SysWOW64\ElanTouchXiSvc.exe
    (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
    (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_ca8cb2046afa6b22\x64\AppHelperCap.exe
    (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_ca8cb2046afa6b22\x64\DiagsCap.exe
    (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_ca8cb2046afa6b22\x64\NetworkCap.exe
    (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_ca8cb2046afa6b22\x64\SysInfoCap.exe
    (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
    (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
    (services.exe ->) (Razer USA Ltd. -> Razer) C:\Program Files (x86)\Razer\RzUpdateEngineService\RzUpdateEngineService.exe
    (services.exe ->) (Razer USA Ltd. -> Razer) C:\Windows\System32\RZTHXService.exe
    (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
    (services.exe ->) (Safer-Networking Limited -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (services.exe ->) (Safer-Networking Limited -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (services.exe ->) (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
    (services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
    (svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    (svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
    (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
    (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
    (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.665.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
    (svchost.exe ->) (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Safer-Networking Ltd\Spybot Identity Monitor\Spybot3IdentityMonitor.exe
    (SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe

    ==================== Registry (Whitelisted) ===================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1093872 2020-04-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-04-17] (Realtek Semiconductor Corp. -> Realtek)
    HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1687616 2022-02-21] (Logitech Inc -> Logitech, Inc.)
    HKLM\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339000 2021-10-26] (Apple Inc. -> Apple Inc.)
    HKLM\...\Run: [RZTHXHelper] => C:\WINDOWS\system32\RZTHXHelper.exe [385264 2020-04-26] (Razer USA Ltd. -> )
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5204968 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.)
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11186400 2022-09-15] (Dropbox, Inc -> Dropbox, Inc.)
    HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
    HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
    HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [536152 2022-08-12] (HP Inc. -> HP Inc.)
    HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\Run: [OXDrive] => C:\Users\14153\AppData\Local\Open-Xchange\OXDrive\OXDrive.exe [3478856 2020-10-16] (Open-Xchange GmbH -> OX Software GmbH)
    HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
    HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\14153\AppData\Local\Microsoft\Teams\Update.exe [2576128 2022-09-05] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
    HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [7340184 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.)
    HKU\S-1-5-18\...\Run: [RzAppEngine] => C:\Program Files\Razer\RzAppEngine\rzappengine.exe [1641840 2021-10-06] (Razer USA Ltd. -> Razer Inc.)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{7D2B3E1D-D096-4594-9D8F-A6667F12E0AC}] -> C:\Program Files\Razer\RzAppEngine\1.49.0.0\Installer\chrmstp.exe [2022-04-17] (Razer USA Ltd. -> Razer Inc.)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\105.0.5195.127\Installer\chrmstp.exe [2022-09-15] (Google LLC -> Google LLC)
    HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
    Startup: C:\Users\14153\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastVPN.lnk [2022-09-23]
    ShortcutTarget: FastVPN.lnk -> C:\Windows\Installer\{AFC87201-F3D3-4950-A3C0-FCA47F3F7731}\AppIcon.exe () [File not signed]
    Startup: C:\Users\14153\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rekordboxAgent.lnk [2022-09-22]
    ShortcutTarget: rekordboxAgent.lnk -> C:\Program Files\Pioneer\rekordbox 6.6.4\rekordboxAgent-win32-x64\rekordboxAgent.exe (AlphaTheta Corporation -> AlphaTheta Corporation)
    BootExecute: autocheck autochk * sdnclean64.exe
    HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
    HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
    HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

    ==================== Scheduled Tasks (Whitelisted) ============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0F53C292-CADE-473B-8A67-D31BDC55A490} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149512 2022-08-17] (HP Inc. -> HP Inc.)
    Task: {105D676A-D551-4274-81E7-97AC52E4FD87} - \Microsoft\Windows\Speech\HeadsetButtonPress -> No File <==== ATTENTION
    Task: {1406DAFF-7BBE-4F4F-9DD6-F24BCABD904C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
    Task: {16DCD318-8971-4948-8E94-4C18638E5A88} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
    Task: {1949073A-8FDA-4EA4-8E59-407CDB02440F} - \Microsoft\Windows\WindowsUpdate\sihpostreboot -> No File <==== ATTENTION
    Task: {1CB25051-6298-43B2-9F24-FABF529F2619} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149512 2022-08-17] (HP Inc. -> HP Inc.)
    Task: {2394DE17-854D-48AA-B491-50C4BB3799BA} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142208 2022-09-17] (Microsoft Corporation -> Microsoft Corporation)
    Task: {2D273D8E-BDD3-4052-A531-B4AC6DC26587} - System32\Tasks\GoogleUpdateTaskMachineUA{3E929FE5-D33C-4A12-8A95-72FE3988A65C} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-27] (Google LLC -> Google LLC)
    Task: {3A80FB12-34C4-4FA3-A682-A88CA668234C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [64408 2022-09-09] (Microsoft Corporation -> Microsoft Corporation)
    Task: {4210A2BE-BDDC-4823-8E0B-261AE97D75B7} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
    Task: {437BE3D7-CC65-4283-A95E-CEE2031F4088} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-08-17] (HP Inc. -> HP Inc.)
    Task: {45CF73C8-9A94-47C5-8E45-347738A58FC5} - \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser -> No File <==== ATTENTION
    Task: {46DFCD61-8738-4696-9631-3EFC3FC5B568} - System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Refresh Spybot Anti-Beacon immunization => C:\Program Files (x86)\Safer-Networking Ltd\Spybot Anti-Beacon\Spybot3AntiBeacon.exe [9456760 2021-12-06] (Safer-Networking Limited -> )
    Task: {5100A477-348F-48CA-A0F9-BA0C7018AC24} - \OneDrive Standalone Update Task-S-1-5-21-333564948-1973926124-3851408449-500 -> No File <==== ATTENTION
    Task: {7032A854-F3CB-4BA6-8CC4-7CD79C4A703B} - System32\Tasks\Safer-Networking\Spybot Identity Monitor\Run Identity Monitor Breach Tests => C:\Program Files (x86)\Safer-Networking Ltd\Spybot Identity Monitor\Spybot3IdentityMonitor.exe [7626584 2019-10-30] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    Task: {76AAA6BB-8EDA-48D0-93DE-0F765841EC54} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23709120 2022-09-17] (Microsoft Corporation -> Microsoft Corporation)
    Task: {7744695E-ED73-4051-BA75-7727698F2576} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-05-08] (Dropbox, Inc -> Dropbox, Inc.)
    Task: {7957D552-7840-4F3F-BBA0-ECD128670807} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-05-08] (Dropbox, Inc -> Dropbox, Inc.)
    Task: {8C1A570F-EE0F-4F8E-9CD6-1D341885064E} - \StartCN -> No File <==== ATTENTION
    Task: {939C5E15-4897-4745-9BB6-5D603C46F8E5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [847392 2022-08-17] (HP Inc. -> HP Inc.)
    Task: {95F004CE-5104-49D9-BC58-CDB180BCF888} - System32\Tasks\GoogleUpdateTaskMachineCore{3263F353-0308-4FC8-88C5-AAE6E25975F7} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-27] (Google LLC -> Google LLC)
    Task: {9785B9ED-9E1F-4CA5-A78F-A31A793FFB49} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
    Task: {9CCD40E9-EF4C-4674-BD16-CFE7DF712824} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23709120 2022-09-17] (Microsoft Corporation -> Microsoft Corporation)
    Task: {AB427C48-8BD7-432E-BDF3-2A895CBBA402} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142208 2022-09-17] (Microsoft Corporation -> Microsoft Corporation)
    Task: {B8F0DEC7-8392-4F57-9990-74FCB934033F} - \Microsoft\Windows\HelloFace\FODCleanupTask -> No File <==== ATTENTION
    Task: {BDB2048E-90A5-4EB9-AD20-9D3D2FE32DC7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan most recently used file in the background => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDOnAccess.exe [5886744 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.)
    Task: {CBFB6BE6-9828-4121-A91C-8ADE8B6B1C36} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
    Task: {D8202B1B-5220-49CA-B77F-640E3CC2AFF6} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-05-06] (Advanced Micro Devices, Inc.) [File not signed]
    Task: {DE1EB3C2-0AD7-4C5B-9137-93ED45FE1255} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [5363552 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.)
    Task: {DE2A43F0-28C2-4555-A528-BA5BC6826D0C} - \StartDVR -> No File <==== ATTENTION
    Task: {E75AB006-CF39-4FE1-B36E-30537CC62141} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-05-06] (Advanced Micro Devices, Inc.) [File not signed]
    Task: {F4A84F86-1766-4197-958B-3547CD706E98} - \HPAudioSwitch -> No File <==== ATTENTION

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
    Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 198.18.0.1 198.18.0.2
    Tcpip\..\Interfaces\{1e78dd49-2aa7-4b91-a31f-70ff4b63fb78}: [DhcpNameServer] 198.18.0.1 198.18.0.2
    Tcpip\..\Interfaces\{a4d9f3d1-7e43-4f5a-afe0-a303bd814046}: [DhcpNameServer] 192.168.1.254
    Tcpip\..\Interfaces\{ccac6823-99c2-44ce-9263-8d3eb684449b}: [DhcpNameServer] 172.168.0.7

    Edge:
    =======
    Edge Profile: C:\Users\14153\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-25]
    Edge Extension: (Universal Bypass) - C:\Users\14153\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ckiidekccfgninkobmmofopbbdgdclgg [2022-09-25]

    FireFox:
    ========
    FF DefaultProfile: 2bcgfpir.default
    FF ProfilePath: C:\Users\14153\AppData\Roaming\Mozilla\Firefox\Profiles\2bcgfpir.default [2022-02-27]
    FF ProfilePath: C:\Users\14153\AppData\Roaming\Mozilla\Firefox\Profiles\e6z0pp9f.default-release [2022-09-25]
    FF Notifications: Mozilla\Firefox\Profiles\e6z0pp9f.default-release -> hxxps://www.kiiroo.com
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-08-13] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-08-13] (Microsoft Corporation -> Microsoft Corporation)
    FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\antibeacon.js [2022-09-25] <==== ATTENTION (Points to *.cfg file)
    FF ExtraCheck: C:\Program Files\mozilla firefox\mozilla.cfg [2022-09-25] <==== ATTENTION

    Chrome:
    =======
    CHR DefaultProfile: Default
    CHR Profile: C:\Users\14153\AppData\Local\Google\Chrome\User Data\Default [2022-09-25]
    CHR Notifications: Default -> hxxps://fyngood.com; hxxps://xhamsterlive.com
    CHR HomePage: Default -> hxxps://onlygaytrade.com/admincp/video
    CHR Session Restore: Default -> is enabled.
    CHR Extension: (Just Black) - C:\Users\14153\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2022-02-27]
    CHR Extension: (PayPal Honey: Automatic Coupons & Cash Back) - C:\Users\14153\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2022-09-22]
    CHR Extension: (Eno® from Capital One®) - C:\Users\14153\AppData\Local\Google\Chrome\User Data\Default\Extensions\clmkdohmabikagpnhjmgacbclihgmdje [2022-08-12]
    CHR Extension: (Coinbase Wallet extension) - C:\Users\14153\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnfanknocfeofbddgcijnmhnfnkdnaad [2022-09-25]
    CHR Extension: (Capital One Shopping: Add to Chrome for Free) - C:\Users\14153\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2022-09-25]
    CHR Extension: (MetaMask) - C:\Users\14153\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2022-09-25]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\14153\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-27]
    CHR Profile: C:\Users\14153\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-09-25]
    CHR Profile: C:\Users\14153\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-09-22]
    CHR Extension: (Google Docs Offline) - C:\Users\14153\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-22]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\14153\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-07]
    CHR Profile: C:\Users\14153\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-09-22]
    CHR Extension: (Google Docs Offline) - C:\Users\14153\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-22]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\14153\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-08]
    CHR Profile: C:\Users\14153\AppData\Local\Google\Chrome\User Data\Profile 3 [2022-09-25]
    CHR Extension: (Google Docs Offline) - C:\Users\14153\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-05]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\14153\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-09-05]
    CHR Profile: C:\Users\14153\AppData\Local\Google\Chrome\User Data\System Profile [2022-09-25]

    ==================== Services (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.)
    R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12131256 2022-09-17] (Microsoft Corporation -> Microsoft Corporation)
    S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-05-08] (Dropbox, Inc -> Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-05-08] (Dropbox, Inc -> Dropbox, Inc.)
    R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2022-09-15] (Dropbox, Inc -> Dropbox, Inc.)
    S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [831488 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    R2 ElanTouchXiSvc; C:\WINDOWS\SysWOW64\ElanTouchXiSvc.exe [560760 2021-09-30] (ELAN MICROELECTRONICS CORPORATION -> )
    R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.)
    R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_ca8cb2046afa6b22\x64\AppHelperCap.exe [771072 2022-07-31] (HP Inc. -> HP Inc.)
    R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_ca8cb2046afa6b22\x64\DiagsCap.exe [769536 2022-07-31] (HP Inc. -> HP Inc.)
    R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_ca8cb2046afa6b22\x64\NetworkCap.exe [766464 2022-07-31] (HP Inc. -> HP Inc.)
    R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_ca8cb2046afa6b22\x64\SysInfoCap.exe [770048 2022-07-31] (HP Inc. -> HP Inc.)
    S4 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_29c6c876bdaf5af9\x64\TouchpointAnalyticsClientService.exe [489696 2022-05-26] (HP Inc. -> HP Inc.)
    R2 Razer Update Service; C:\Program Files (x86)\Razer\RzUpdateEngineService\RzUpdateEngineService.exe [408912 2020-04-01] (Razer USA Ltd. -> Razer)
    R2 RzThxSrv; C:\WINDOWS\system32\RZTHXService.exe [357104 2020-04-26] (Razer USA Ltd. -> Razer)
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2782080 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4605312 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [940976 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
    S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
    R2 XDJ-XZ_AutoSetup; C:\Program Files (x86)\Pioneer\XDJ-XZ\XDJ-XZ_AutoSetup.exe [638352 2021-11-11] (AlphaTheta Corporation -> AlphaTheta Corporation)

    ===================== Drivers (All) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 1394ohci; C:\WINDOWS\System32\drivers\1394ohci.sys [294912 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S0 3ware; C:\WINDOWS\System32\drivers\3ware.sys [107344 2021-06-05] (Microsoft Windows -> LSI)
    R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [57392 2022-03-24] (HP Inc. -> HP)
    R0 ACPI; C:\WINDOWS\System32\drivers\ACPI.sys [836976 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 AcpiDev; C:\WINDOWS\System32\drivers\AcpiDev.sys [53248 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R0 acpiex; C:\WINDOWS\System32\Drivers\acpiex.sys [164168 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 acpipagr; C:\WINDOWS\System32\drivers\acpipagr.sys [45056 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 AcpiPmi; C:\WINDOWS\System32\drivers\acpipmi.sys [49152 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 acpitime; C:\WINDOWS\System32\drivers\acpitime.sys [49152 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 Acx01000; C:\WINDOWS\System32\drivers\Acx01000.sys [700416 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S0 ADP80XX; C:\WINDOWS\System32\drivers\ADP80XX.SYS [1135432 2021-06-05] (Microsoft Windows -> PMC-Sierra)
    R1 AFD; C:\WINDOWS\system32\drivers\afd.sys [681320 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R1 afunix; C:\WINDOWS\system32\drivers\afunix.sys [81920 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [31744 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R1 ahcache; C:\WINDOWS\System32\DRIVERS\ahcache.sys [339968 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R3 amdacpbus; C:\WINDOWS\System32\DriverStore\FileRepository\amdacpbus.inf_amd64_067e33b7b4bf9e0d\amdacpbus.sys [5846504 2022-02-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
    R3 amdacpksl; C:\WINDOWS\system32\drivers\amdacpksl.sys [352880 2020-11-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
    S3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [35848 2021-10-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, INC.)
    R3 amdfendr; C:\WINDOWS\System32\drivers\amdfendr.sys [161216 2021-12-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
    R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [33216 2021-12-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
    R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [63288 2021-06-21] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
    R3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [78992 2021-06-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
    S3 AmdK8; C:\WINDOWS\System32\drivers\amdk8.sys [243032 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\u0359349.inf_amd64_14a932a498cb67e4\B359612\amdkmdag.sys [71147816 2020-10-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    R0 AmdMicroPEP; C:\WINDOWS\System32\drivers\AmdMicroPEP.sys [262632 2021-12-07] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
    R3 AmdPPM; C:\WINDOWS\System32\drivers\amdppm.sys [255312 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [137424 2021-03-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    S0 amdsata; C:\WINDOWS\System32\drivers\amdsata.sys [83280 2021-06-05] (Microsoft Windows -> Advanced Micro Devices)
    S0 amdsbs; C:\WINDOWS\System32\drivers\amdsbs.sys [259384 2021-06-05] (Microsoft Windows -> AMD Technologies Inc.)
    R1 amdsfhkmdf; C:\WINDOWS\System32\drivers\amdsfhkmdf.sys [161432 2021-11-15] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
    S0 amdxata; C:\WINDOWS\System32\drivers\amdxata.sys [26960 2021-06-05] (Microsoft Windows -> Advanced Micro Devices)
    R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    S3 AppID; C:\WINDOWS\System32\drivers\appid.sys [234848 2022-09-07] (Microsoft Windows -> Microsoft Windows)
    S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
    S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
    S0 AppleSSD; C:\WINDOWS\System32\drivers\AppleSSD.sys [112440 2021-06-05] (Microsoft Windows -> Apple Inc.)
    S3 applockerfltr; C:\WINDOWS\System32\drivers\applockerfltr.sys [45056 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    S0 arcsas; C:\WINDOWS\System32\drivers\arcsas.sys [131912 2021-06-05] (Microsoft Windows -> PMC-Sierra, Inc.)
    S3 AsyncMac; C:\WINDOWS\System32\drivers\asyncmac.sys [57344 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S0 atapi; C:\WINDOWS\System32\drivers\atapi.sys [62832 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [246176 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
    S0 b06bdrv; C:\WINDOWS\System32\drivers\bxvbda.sys [533816 2021-06-05] (Microsoft Windows -> QLogic Corporation)
    R1 bam; C:\WINDOWS\System32\drivers\bam.sys [106808 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_a3f9d7c24b3377b3\BasicDisplay.sys [86016 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_125ef86610247b72\BasicRender.sys [69632 2022-09-15] (Microsoft Windows -> Microsoft Corporation)
    U5 BattC; C:\Windows\System32\Drivers\BattC.sys [107864 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 bcmfn2; C:\WINDOWS\System32\drivers\bcmfn2.sys [9728 2021-06-05] (Microsoft Windows -> Windows (R) Win 7 DDK provider)
    R1 Beep; C:\Windows\System32\Drivers\Beep.sys [40960 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R2 bindflt; C:\WINDOWS\system32\drivers\bindflt.sys [177496 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 bowser; C:\WINDOWS\System32\DRIVERS\bowser.sys [155648 2022-04-25] (Microsoft Windows -> Microsoft Corporation)
    S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [507904 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    S3 BthEnum; C:\WINDOWS\System32\drivers\BthEnum.sys [139264 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 BthHFAud; C:\WINDOWS\System32\drivers\BthHfAud.sys [106496 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [180224 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 BthLEEnum; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [135168 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [81920 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [File not signed]
    S3 BthPan; C:\WINDOWS\System32\drivers\bthpan.sys [155648 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 BTHPORT; C:\WINDOWS\System32\drivers\BTHport.sys [1921024 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 BTHUSB; C:\WINDOWS\System32\drivers\BTHUSB.sys [118784 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S0 bttflt; C:\WINDOWS\System32\drivers\bttflt.sys [75096 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 buttonconverter; C:\WINDOWS\System32\drivers\buttonconverter.sys [81920 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 CAD; C:\WINDOWS\System32\drivers\CAD.sys [95568 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S4 cdfs; C:\WINDOWS\System32\DRIVERS\cdfs.sys [126976 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R1 cdrom; C:\WINDOWS\System32\drivers\cdrom.sys [196608 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S0 cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [319800 2021-06-05] (Microsoft Windows -> Chelsio Communications)
    S3 cht4vbd; C:\WINDOWS\System32\drivers\cht4vx64.sys [1853752 2021-06-05] (Microsoft Windows -> Chelsio Communications)
    R1 CimFS; C:\Windows\System32\Drivers\CimFS.sys [161120 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    S3 circlass; C:\WINDOWS\System32\drivers\circlass.sys [81920 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R2 CldFlt; C:\WINDOWS\System32\drivers\cldflt.sys [540672 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R0 CLFS; C:\WINDOWS\System32\drivers\CLFS.sys [447840 2022-09-15] (Microsoft Windows -> Microsoft Corporation)
    R3 CmBatt; C:\WINDOWS\System32\drivers\CmBatt.sys [69632 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R0 CNG; C:\WINDOWS\System32\Drivers\cng.sys [782336 2022-09-15] (Microsoft Windows -> Microsoft Corporation)
    S4 cnghwassist; C:\WINDOWS\System32\DRIVERS\cnghwassist.sys [71008 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 CompositeBus; C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_6657edf28697c405\CompositeBus.sys [77824 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 condrv; C:\WINDOWS\System32\drivers\condrv.sys [86352 2022-02-27] (Microsoft Windows -> Microsoft Corporation)
    R1 dam; C:\WINDOWS\System32\drivers\dam.sys [132432 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 dbx; C:\WINDOWS\System32\DRIVERS\dbx.sys [47600 2022-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.)
    R1 Dfsc; C:\WINDOWS\System32\Drivers\dfsc.sys [180224 2022-09-15] (Microsoft Windows -> Microsoft Corporation)
    S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [136040 2019-09-25] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
    R0 disk; C:\WINDOWS\System32\drivers\disk.sys [136544 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 dmvsc; C:\WINDOWS\System32\drivers\dmvsc.sys [95600 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 drmkaud; C:\WINDOWS\System32\drivers\drmkaud.sys [50976 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R1 DXGKrnl; C:\WINDOWS\System32\drivers\dxgkrnl.sys [4646248 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    S0 ebdrv; C:\WINDOWS\System32\drivers\evbda.sys [3440440 2021-06-05] (Microsoft Windows -> Marvell Semiconductor Inc.)
    S0 ebdrv0; C:\WINDOWS\System32\drivers\evbd0a.sys [3423032 2021-06-05] (Microsoft Windows -> QLogic Corporation)
    R0 EhStorClass; C:\WINDOWS\System32\drivers\EhStorClass.sys [143672 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S0 EhStorTcgDrv; C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys [157016 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 ErrDev; C:\WINDOWS\System32\drivers\errdev.sys [49152 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 ExecutionContext; C:\WINDOWS\System32\Drivers\ExecutionContext.sys [61440 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 exfat; C:\Windows\System32\Drivers\exfat.sys [439648 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 EzTouchFilter; C:\WINDOWS\System32\drivers\EzTouchFilter.sys [60112 2020-06-23] (ELAN Microelectronics Corporation -> ELAN)
    R3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [451936 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 fdc; C:\WINDOWS\System32\drivers\fdc.sys [61440 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R1 FileCrypt; C:\WINDOWS\System32\drivers\filecrypt.sys [86016 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R0 FileInfo; C:\WINDOWS\System32\drivers\fileinfo.sys [119112 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 Filetrace; C:\WINDOWS\System32\drivers\filetrace.sys [69632 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 flpydisk; C:\WINDOWS\System32\drivers\flpydisk.sys [61440 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R0 FltMgr; C:\WINDOWS\System32\drivers\fltmgr.sys [476520 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 FsDepends; C:\WINDOWS\System32\drivers\FsDepends.sys [99688 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [61768 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 FTDIBUS; C:\WINDOWS\system32\drivers\ftdibus.sys [129448 2019-02-25] (Future Technology Devices International Ltd -> Future Technology Devices International Ltd.)
    S3 FTSER2K; C:\WINDOWS\system32\drivers\ftser2k.sys [89792 2019-02-25] (Future Technology Devices International Ltd -> Future Technology Devices International Ltd.)
    R0 fvevol; C:\WINDOWS\System32\DRIVERS\fvevol.sys [865624 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    S3 gencounter; C:\WINDOWS\System32\drivers\vmgencounter.sys [53576 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 genericusbfn; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_dc3260bbd08046c4\genericusbfn.sys [57344 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R3 GPIOClx0101; C:\WINDOWS\System32\Drivers\msgpioclx.sys [210264 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R1 GpuEnergyDrv; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [40960 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 HdAudAddService; C:\WINDOWS\System32\drivers\HdAudio.sys [520192 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R3 HDAudBus; C:\WINDOWS\System32\drivers\HDAudBus.sys [180224 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 HidBatt; C:\WINDOWS\System32\drivers\HidBatt.sys [66912 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 HidBth; C:\WINDOWS\System32\drivers\hidbth.sys [143360 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 hidi2c; C:\WINDOWS\System32\drivers\hidi2c.sys [86016 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 hidinterrupt; C:\WINDOWS\System32\drivers\hidinterrupt.sys [87400 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 HidIr; C:\WINDOWS\System32\drivers\hidir.sys [77824 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [131072 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 HidSpiCx; C:\WINDOWS\System32\drivers\HidSpiCx.sys [118784 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 HidUsb; C:\WINDOWS\System32\drivers\hidusb.sys [73728 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
    R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [67120 2022-03-24] (HP Inc. -> HP)
    R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr64.sys [37112 2015-06-18] (Hewlett-Packard Company -> Hewlett-Packard Company)
    S0 HpSAMD; C:\WINDOWS\System32\drivers\HpSAMD.sys [64328 2021-06-05] (Microsoft Windows -> Hewlett-Packard Company)
    S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [111968 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    R3 HTTP; C:\WINDOWS\System32\drivers\HTTP.sys [1697104 2022-09-15] (Microsoft Windows -> Microsoft Corporation)
    S4 hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [69960 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 hvservice; C:\WINDOWS\System32\drivers\hvservice.sys [131392 2022-02-27] (Microsoft Windows -> Microsoft Corporation)
    S3 HwNClx0101; C:\WINDOWS\System32\Drivers\mshwnclx.sys [57344 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S0 hwpolicy; C:\WINDOWS\System32\drivers\hwpolicy.sys [78144 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 hyperkbd; C:\WINDOWS\System32\drivers\hyperkbd.sys [57672 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 HyperVideo; C:\WINDOWS\System32\drivers\HyperVideo.sys [74040 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R3 i8042prt; C:\WINDOWS\System32\drivers\i8042prt.sys [155648 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 iagpio; C:\WINDOWS\System32\drivers\iagpio.sys [36352 2021-06-05] (Microsoft Windows -> Intel(R) Corporation)
    S3 iai2c; C:\WINDOWS\System32\drivers\iai2c.sys [91136 2021-06-05] (Microsoft Windows -> Intel(R) Corporation)
    S3 iaLPSS2i_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2021-06-05] (Microsoft Windows -> Intel Corporation)
    S3 iaLPSS2i_GPIO2_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [93184 2021-06-05] (Microsoft Windows -> Intel Corporation)
    S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2021-06-05] (Microsoft Windows -> Intel Corporation)
    S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2021-06-05] (Microsoft Windows -> Intel Corporation)
    S3 iaLPSS2i_I2C; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [171520 2021-06-05] (Microsoft Windows -> Intel Corporation)
    S3 iaLPSS2i_I2C_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [175104 2021-06-05] (Microsoft Windows -> Intel Corporation)
    S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [177152 2021-06-05] (Microsoft Windows -> Intel Corporation)
    S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2021-06-05] (Microsoft Windows -> Intel Corporation)
    S3 iaLPSSi_GPIO; C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128 2021-06-05] (Intel Corporation - Client Components Group -> Intel Corporation)
    S3 iaLPSSi_I2C; C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152 2021-06-05] (Microsoft Windows -> Intel Corporation)
    S0 iaStorAVC; C:\WINDOWS\System32\drivers\iaStorAVC.sys [884552 2021-06-05] (Microsoft Windows -> Intel Corporation)
    S0 iaStorV; C:\WINDOWS\System32\drivers\iaStorV.sys [411976 2021-06-05] (Microsoft Windows -> Intel Corporation)
    S3 ibbus; C:\WINDOWS\System32\drivers\ibbus.sys [558928 2021-06-05] (Microsoft Windows -> Mellanox)
    S3 IndirectKmd; C:\WINDOWS\System32\drivers\IndirectKmd.sys [69632 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 IntcAzAudAddService; C:\WINDOWS\system32\drivers\RTKVHD64.sys [5951584 2020-11-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
    S0 intelide; C:\WINDOWS\System32\drivers\intelide.sys [54632 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R0 intelpep; C:\WINDOWS\System32\drivers\intelpep.sys [476680 2022-08-12] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
    S3 intelpmax; C:\WINDOWS\System32\drivers\intelpmax.sys [61440 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R0 IntelPMT; C:\WINDOWS\System32\drivers\IntelPMT.sys [75272 2022-08-12] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
    S3 intelppm; C:\WINDOWS\System32\drivers\intelppm.sys [284008 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R0 iorate; C:\WINDOWS\System32\drivers\iorate.sys [83280 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 IpFilterDriver; C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [114688 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 IPMIDRV; C:\WINDOWS\System32\drivers\IPMIDrv.sys [144728 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 IPNAT; C:\WINDOWS\System32\drivers\ipnat.sys [253952 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 IPT; C:\WINDOWS\System32\drivers\ipt.sys [94520 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S0 isapnp; C:\WINDOWS\System32\drivers\isapnp.sys [53560 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 iScsiPrt; C:\WINDOWS\System32\drivers\msiscsi.sys [324952 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S0 ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [176952 2021-06-05] (Microsoft Windows -> Avago Technologies)
    R3 kbdclass; C:\WINDOWS\System32\drivers\kbdclass.sys [91488 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 kbdhid; C:\WINDOWS\System32\drivers\kbdhid.sys [69632 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 kdnic; C:\WINDOWS\System32\drivers\kdnic.sys [65864 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R0 KSecDD; C:\WINDOWS\System32\Drivers\ksecdd.sys [177520 2022-03-28] (Microsoft Windows -> Microsoft Corporation)
    R0 KSecPkg; C:\WINDOWS\System32\Drivers\ksecpkg.sys [210256 2022-09-15] (Microsoft Windows -> Microsoft Corporation)
    R3 ksthunk; C:\WINDOWS\system32\drivers\ksthunk.sys [69632 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R2 lltdio; C:\WINDOWS\System32\drivers\lltdio.sys [98304 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S0 LSI_SAS; C:\WINDOWS\System32\drivers\lsi_sas.sys [108880 2021-06-05] (Microsoft Windows -> LSI Corporation)
    S0 LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [124240 2021-06-05] (Microsoft Windows -> LSI Corporation)
    S0 LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [137552 2021-06-05] (Microsoft Windows -> Avago Technologies)
    R2 luafv; C:\WINDOWS\system32\drivers\luafv.sys [172032 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 mausbhost; C:\WINDOWS\System32\drivers\mausbhost.sys [561480 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 mausbip; C:\WINDOWS\System32\drivers\mausbip.sys [90440 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [425984 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S0 megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [80696 2021-06-05] (Microsoft Windows -> Avago Technologies)
    S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [100176 2021-06-05] (Microsoft Windows -> Broadcom Inc)
    S0 megasr; C:\WINDOWS\System32\drivers\megasr.sys [575824 2021-06-05] (Microsoft Windows -> LSI Corporation, Inc.)
    S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [94208 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 mlx4_bus; C:\WINDOWS\System32\drivers\mlx4_bus.sys [1131344 2021-06-05] (Microsoft Windows -> Mellanox)
    R2 MMCSS; C:\WINDOWS\system32\drivers\mmcss.sys [81920 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 Modem; C:\WINDOWS\System32\drivers\modem.sys [73728 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 monitor; C:\WINDOWS\System32\drivers\monitor.sys [118784 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 mouclass; C:\WINDOWS\System32\drivers\mouclass.sys [91488 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 mouhid; C:\WINDOWS\System32\drivers\mouhid.sys [65536 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R0 mountmgr; C:\WINDOWS\System32\drivers\mountmgr.sys [131400 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S0 mpi3drvi; C:\WINDOWS\System32\drivers\mpi3drvi.sys [87352 2021-06-05] (Microsoft Windows -> Broadcom Limited)
    S3 MpKsl477fcf1c; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [137464 2022-03-27] (Microsoft Windows -> Microsoft Corporation)
    R3 mpsdrv; C:\WINDOWS\System32\drivers\mpsdrv.sys [110592 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 MRxDAV; C:\WINDOWS\system32\drivers\mrxdav.sys [196608 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 mrxsmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [636248 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    R3 mrxsmb20; C:\WINDOWS\System32\DRIVERS\mrxsmb20.sys [312680 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    S3 MsBridge; C:\WINDOWS\System32\drivers\bridge.sys [155648 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [74056 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R3 msgpiowin32; C:\WINDOWS\System32\drivers\msgpiowin32.sys [91480 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 mshidkmdf; C:\WINDOWS\System32\drivers\mshidkmdf.sys [45056 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 mshidumdf; C:\WINDOWS\System32\drivers\mshidumdf.sys [45056 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R0 msisadrv; C:\WINDOWS\System32\drivers\msisadrv.sys [53576 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 MSKSSRV; C:\WINDOWS\System32\drivers\MSKSSRV.sys [65536 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R2 MsLldp; C:\WINDOWS\System32\drivers\mslldp.sys [98304 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 MSPCLOCK; C:\WINDOWS\System32\drivers\MSPCLOCK.sys [49152 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 MSPQM; C:\WINDOWS\System32\drivers\MSPQM.sys [49152 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 MsQuic; C:\WINDOWS\System32\drivers\msquic.sys [377712 2022-04-25] (Microsoft Windows -> Microsoft Corporation)
    S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [415072 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R1 mssmbios; C:\WINDOWS\System32\drivers\mssmbios.sys [74040 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 MSTEE; C:\WINDOWS\System32\drivers\MSTEE.sys [53248 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R3 MTConfig; C:\WINDOWS\System32\drivers\MTConfig.sys [49152 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R0 Mup; C:\WINDOWS\System32\Drivers\mup.sys [164168 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S0 mvumis; C:\WINDOWS\System32\drivers\mvumis.sys [63816 2021-06-05] (Microsoft Windows -> Marvell Semiconductor, Inc.)
    R3 NativeWifiP; C:\WINDOWS\System32\DRIVERS\nwifi.sys [749568 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 ndfltr; C:\WINDOWS\System32\drivers\ndfltr.sys [146256 2021-06-05] (Microsoft Windows -> Mellanox)
    R0 NDIS; C:\WINDOWS\System32\drivers\ndis.sys [1577280 2022-03-10] (Microsoft Windows -> Microsoft Corporation)
    R1 NdisCap; C:\WINDOWS\System32\drivers\ndiscap.sys [77824 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 NdisImPlatform; C:\WINDOWS\System32\drivers\NdisImPlatform.sys [159744 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [61440 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 Ndisuio; C:\WINDOWS\System32\drivers\ndisuio.sys [98304 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 NdisVirtualBus; C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [53248 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R3 NdisWan; C:\WINDOWS\System32\drivers\ndiswan.sys [233472 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 ndiswanlegacy; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [233472 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 NDKPerf; C:\WINDOWS\System32\drivers\NDKPerf.sys [79192 2022-08-12] (Microsoft Windows -> )
    S3 NDKPing; C:\WINDOWS\System32\drivers\NDKPing.sys [103776 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 ndproxy; C:\WINDOWS\System32\DRIVERS\NDProxy.sys [118784 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R2 Ndu; C:\WINDOWS\System32\drivers\Ndu.sys [163840 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [352256 2022-04-25] (Microsoft Windows -> Microsoft Corporation)
    R1 NetBIOS; C:\WINDOWS\System32\drivers\netbios.sys [90440 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [364544 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [329064 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [119104 2022-03-10] (Microsoft Windows -> Microsoft Corporation)
    R1 npsvctrig; C:\WINDOWS\System32\drivers\npsvctrig.sys [61440 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R1 nsiproxy; C:\WINDOWS\System32\drivers\nsiproxy.sys [73728 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [3192160 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R1 Null; C:\Windows\System32\Drivers\Null.sys [40960 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S0 nvdimm; C:\WINDOWS\System32\drivers\nvdimm.sys [202088 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S0 nvmedisk; C:\WINDOWS\System32\drivers\nvmedisk.sys [83296 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S0 nvraid; C:\WINDOWS\System32\drivers\nvraid.sys [150344 2021-06-05] (Microsoft Windows -> NVIDIA Corporation)
    S0 nvstor; C:\WINDOWS\System32\drivers\nvstor.sys [166216 2021-06-05] (Microsoft Windows -> NVIDIA Corporation)
    S3 P9Rdr; C:\WINDOWS\System32\drivers\p9rdr.sys [136560 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 Parport; C:\WINDOWS\System32\drivers\parport.sys [126976 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R0 partmgr; C:\WINDOWS\System32\drivers\partmgr.sys [214368 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R0 pci; C:\WINDOWS\System32\drivers\pci.sys [537960 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    S0 pciide; C:\WINDOWS\System32\drivers\pciide.sys [50536 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S0 pcmcia; C:\WINDOWS\System32\drivers\pcmcia.sys [152912 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R0 pcw; C:\WINDOWS\System32\drivers\pcw.sys [95592 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R0 pdc; C:\WINDOWS\System32\drivers\pdc.sys [193880 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R2 PEAUTH; C:\WINDOWS\System32\drivers\peauth.sys [843776 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S0 percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [58704 2021-06-05] (Microsoft Windows -> Avago Technologies)
    S0 percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [68432 2021-06-05] (Microsoft Windows -> Avago Technologies)
    S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [169320 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S0 pmem; C:\WINDOWS\System32\drivers\pmem.sys [181584 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    S3 PNPMEM; C:\WINDOWS\System32\drivers\pnpmem.sys [49152 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [57344 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 PptpMiniport; C:\WINDOWS\System32\drivers\raspptp.sys [135168 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R0 PRM; C:\WINDOWS\System32\DriverStore\FileRepository\prm.inf_amd64_7fc9bb8ba2b73803\PRM.sys [61752 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 Processor; C:\WINDOWS\System32\drivers\processr.sys [255344 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R1 Psched; C:\WINDOWS\System32\drivers\pacer.sys [184640 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 QWAVEdrv; C:\WINDOWS\system32\drivers\qwavedrv.sys [81920 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S0 Ramdisk; C:\WINDOWS\System32\DRIVERS\ramdisk.sys [71016 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 RasAcd; C:\WINDOWS\System32\DRIVERS\rasacd.sys [53248 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 RasAgileVpn; C:\WINDOWS\System32\drivers\AgileVpn.sys [139264 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 Rasl2tp; C:\WINDOWS\System32\drivers\rasl2tp.sys [131072 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [114688 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 RasSstp; C:\WINDOWS\System32\drivers\rassstp.sys [118784 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R0 rcbottom; C:\WINDOWS\System32\drivers\rcbottom.sys [85976 2019-07-22] (Advanced Micro Devices INC. -> AMD, Inc.)
    R3 rccfg; C:\WINDOWS\System32\drivers\rccfg.sys [30936 2021-08-31] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc.)
    R0 rcraid; C:\WINDOWS\System32\drivers\rcraid.sys [548056 2021-08-31] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc.)
    R1 rdbss; C:\WINDOWS\System32\DRIVERS\rdbss.sys [488792 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    R3 rdpbus; C:\WINDOWS\System32\drivers\rdpbus.sys [61440 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 RDPDR; C:\WINDOWS\System32\drivers\rdpdr.sys [192512 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 RdpVideoMiniport; C:\WINDOWS\System32\drivers\rdpvideominiport.sys [62808 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R0 rdyboost; C:\WINDOWS\System32\drivers\rdyboost.sys [319816 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [2295136 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [1013088 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 RFCOMM; C:\WINDOWS\System32\drivers\rfcomm.sys [245760 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 rhproxy; C:\WINDOWS\System32\drivers\rhproxy.sys [143360 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R2 rspndr; C:\WINDOWS\System32\drivers\rspndr.sys [110592 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [834280 2021-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
    R3 RTSPER; C:\WINDOWS\System32\drivers\RtsPer.sys [1325152 2021-11-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
    S3 rtux64w10; C:\WINDOWS\System32\drivers\rtux64w10.sys [714848 2020-09-14] (Realtek Semiconductor Corp. -> Realtek Corporation)
    R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [11621944 2021-12-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
    S3 s3cap; C:\WINDOWS\System32\drivers\vms3cap.sys [53576 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S0 sbp2port; C:\WINDOWS\System32\drivers\sbp2port.sys [144728 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 scfilter; C:\WINDOWS\System32\DRIVERS\scfilter.sys [73728 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S0 scmbus; C:\WINDOWS\System32\drivers\scmbus.sys [210280 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 sdbus; C:\WINDOWS\System32\drivers\sdbus.sys [337240 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [65856 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [92032 2018-03-19] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    S3 sdstor; C:\WINDOWS\System32\drivers\sdstor.sys [132456 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 SerCx; C:\WINDOWS\System32\drivers\SerCx.sys [115016 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 SerCx2; C:\WINDOWS\System32\drivers\SerCx2.sys [196944 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 Serenum; C:\WINDOWS\System32\drivers\serenum.sys [61440 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 Serial; C:\WINDOWS\System32\drivers\serial.sys [118784 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 sermouse; C:\WINDOWS\System32\drivers\sermouse.sys [61440 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 sfloppy; C:\WINDOWS\System32\drivers\sfloppy.sys [53248 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R0 SgrmAgent; C:\WINDOWS\System32\drivers\SgrmAgent.sys [119112 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S0 SiSRaid2; C:\WINDOWS\System32\drivers\SiSRaid2.sys [44872 2021-06-05] (Microsoft Windows -> Silicon Integrated Systems Corp.)
    S0 SiSRaid4; C:\WINDOWS\System32\drivers\sisraid4.sys [81736 2021-06-05] (Microsoft Windows -> Silicon Integrated Systems)
    S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [209736 2021-06-05] (Microsoft Windows -> Microsemi Corportation)
    S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [48912 2020-07-27] (Synaptics Incorporated -> Synaptics Incorporated)
    S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [49432 2020-07-27] (Synaptics Incorporated -> Synaptics Incorporated)
    S3 spaceparser; C:\WINDOWS\System32\drivers\spaceparser.sys [77824 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R0 spaceport; C:\WINDOWS\System32\drivers\spaceport.sys [857448 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    S3 SpatialGraphFilter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [127304 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R3 SpbCx; C:\WINDOWS\System32\drivers\SpbCx.sys [119096 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S0 Spybot3ELAM; C:\WINDOWS\System32\drivers\Spybot3ELAM.sys [19904 2019-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Windows (R) Win 7 DDK provider)
    R3 srv2; C:\WINDOWS\System32\DRIVERS\srv2.sys [851968 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    R3 srvnet; C:\WINDOWS\System32\DRIVERS\srvnet.sys [364544 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 sRZTHXSpatial; C:\WINDOWS\System32\drivers\RZTHXSpatial.sys [172024 2020-04-26] (Razer USA Ltd. -> Windows (R) Win 7 DDK provider)
    S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64872 2019-09-25] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
    S0 stexstor; C:\WINDOWS\System32\drivers\stexstor.sys [31032 2021-06-05] (Microsoft Windows -> Promise Technology, Inc.)
    S0 storahci; C:\WINDOWS\System32\drivers\storahci.sys [210272 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S0 storflt; C:\WINDOWS\System32\drivers\vmstorfl.sys [83304 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S0 stornvme; C:\WINDOWS\System32\drivers\stornvme.sys [226672 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    R2 storqosflt; C:\WINDOWS\System32\drivers\storqosflt.sys [115024 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S0 storufs; C:\WINDOWS\System32\drivers\storufs.sys [99680 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    S0 storvsc; C:\WINDOWS\System32\drivers\storvsc.sys [82248 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 STTub30; C:\WINDOWS\System32\Drivers\STTub30.sys [44184 2012-07-20] (STMicroelectronics -> STMicroelectronics)
    R3 swenum; C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_3bf6c0d173eb26c6\swenum.sys [57672 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 SynRMIHID; C:\WINDOWS\System32\drivers\SynRMIHID.sys [64280 2020-07-27] (Synaptics Incorporated -> Synaptics Incorporated)
    R3 SynTP; C:\WINDOWS\System32\drivers\SynTP.sys [769816 2020-07-27] (Synaptics Incorporated -> Synaptics Incorporated)
    S3 SynTPFilterHID; C:\WINDOWS\System32\drivers\SynTP.sys [769816 2020-07-27] (Synaptics Incorporated -> Synaptics Incorporated)
    R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2018-09-12] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
    R0 Tcpip; C:\WINDOWS\System32\drivers\tcpip.sys [3208528 2022-09-15] (Microsoft Windows -> Microsoft Corporation)
    S3 Tcpip6; C:\WINDOWS\System32\drivers\tcpip.sys [3208528 2022-09-15] (Microsoft Windows -> Microsoft Corporation)
    R2 tcpipreg; C:\WINDOWS\System32\drivers\tcpipreg.sys [77824 2022-09-15] (Microsoft Windows -> Microsoft Corporation)
    R1 tdx; C:\WINDOWS\system32\DRIVERS\tdx.sys [151888 2022-02-27] (Microsoft Windows -> Microsoft Corporation)
    S3 terminpt; C:\WINDOWS\System32\drivers\terminpt.sys [71000 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 TPM; C:\WINDOWS\System32\drivers\tpm.sys [345448 2022-09-15] (Microsoft Windows -> Microsoft Corporation)
    S3 TsUsbFlt; C:\WINDOWS\System32\drivers\tsusbflt.sys [90112 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 TsUsbGD; C:\WINDOWS\System32\drivers\TsUsbGD.sys [65536 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 tunnel; C:\WINDOWS\System32\drivers\tunnel.sys [155648 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 UASPStor; C:\WINDOWS\System32\drivers\uaspstor.sys [111960 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    R3 UcmCx0101; C:\WINDOWS\System32\Drivers\UcmCx.sys [200704 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 UcmTcpciCx0101; C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys [212992 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [65536 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [139264 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R3 Ucx01000; C:\WINDOWS\System32\drivers\ucx01000.sys [291144 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [81920 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S4 udfs; C:\WINDOWS\System32\DRIVERS\udfs.sys [376832 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 UEFI; C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_6693f32a658a859a\UEFI.sys [75104 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 Ufx01000; C:\WINDOWS\System32\drivers\ufx01000.sys [356688 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 UfxChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_a517b810ee0e44a2\UfxChipidea.sys [135496 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 ufxsynopsys; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [188744 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R3 umbus; C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_0a89aff902a5c3a9\umbus.sys [90112 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 UmPass; C:\WINDOWS\System32\drivers\umpass.sys [45056 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 UrsChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_4bd4df2779fd9e16\urschipidea.sys [61752 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 UrsCx01000; C:\WINDOWS\System32\drivers\urscx01000.sys [106808 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 UrsSynopsys; C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_28522251903b4825\urssynopsys.sys [61752 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 Usb4DeviceRouter; C:\WINDOWS\System32\DriverStore\FileRepository\usb4devicerouter.inf_amd64_3bffb5f5105936e5\Usb4DeviceRouter.sys [877912 2022-04-25] (Microsoft Windows -> Microsoft Corporation)
    S3 Usb4HostRouter; C:\WINDOWS\System32\DriverStore\FileRepository\usb4hostrouter.inf_amd64_dd61aa4ab70fa4fb\Usb4HostRouter.sys [599408 2022-04-25] (Microsoft Windows -> Microsoft Corporation)
    S3 usbaudio; C:\WINDOWS\system32\drivers\usbaudio.sys [266240 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 usbaudio2; C:\WINDOWS\System32\drivers\usbaudio2.sys [380928 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 usbccgp; C:\WINDOWS\System32\drivers\usbccgp.sys [222552 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    S3 usbcir; C:\WINDOWS\System32\drivers\usbcir.sys [135168 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 usbehci; C:\WINDOWS\System32\drivers\usbehci.sys [116056 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 usbhub; C:\WINDOWS\System32\drivers\usbhub.sys [550232 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 USBHUB3; C:\WINDOWS\System32\drivers\UsbHub3.sys [696656 2022-02-27] (Microsoft Windows -> Microsoft Corporation)
    S3 usbohci; C:\WINDOWS\System32\drivers\usbohci.sys [61440 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 usbprint; C:\WINDOWS\System32\drivers\usbprint.sys [69632 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    S3 usbscan; C:\WINDOWS\System32\drivers\usbscan.sys [77824 2021-06-05] (Microsoft Corporation) [File not signed]
    S3 usbser; C:\WINDOWS\System32\drivers\usbser.sys [118784 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 USBSTOR; C:\WINDOWS\System32\drivers\USBSTOR.SYS [169280 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    S3 usbuhci; C:\WINDOWS\System32\drivers\usbuhci.sys [69632 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 usbvideo; C:\WINDOWS\System32\Drivers\usbvideo.sys [365904 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 USBXHCI; C:\WINDOWS\System32\drivers\USBXHCI.SYS [656736 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R0 vdrvroot; C:\WINDOWS\System32\drivers\vdrvroot.sys [102728 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 VerifierExt; C:\WINDOWS\System32\drivers\VerifierExt.sys [308584 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 vhdmp; C:\WINDOWS\System32\drivers\vhdmp.sys [849232 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 vhf; C:\WINDOWS\System32\drivers\vhf.sys [81920 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R1 Vid; C:\WINDOWS\System32\drivers\Vid.sys [750960 2022-03-10] (Microsoft Windows -> Microsoft Corporation)
    S3 VirtualRender; C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_346f3764318c1681\vrd.sys [45056 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S0 vmbus; C:\WINDOWS\System32\drivers\vmbus.sys [202096 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    S3 VMBusHID; C:\WINDOWS\System32\drivers\VMBusHID.sys [65856 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 vmgid; C:\WINDOWS\System32\drivers\vmgid.sys [53568 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R0 volmgr; C:\WINDOWS\System32\drivers\volmgr.sys [120168 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R0 volmgrx; C:\WINDOWS\System32\drivers\volmgrx.sys [418120 2022-03-10] (Microsoft Windows -> Microsoft Corporation)
    R0 volsnap; C:\WINDOWS\System32\drivers\volsnap.sys [479568 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R0 volume; C:\WINDOWS\System32\drivers\volume.sys [53576 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S0 vpci; C:\WINDOWS\System32\drivers\vpci.sys [120136 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
    S0 vsmraid; C:\WINDOWS\System32\drivers\vsmraid.sys [166712 2021-06-05] (Microsoft Windows -> VIA Technologies Inc.,Ltd)
    S0 VSTXRAID; C:\WINDOWS\System32\drivers\vstxraid.sys [305488 2021-06-05] (Microsoft Windows -> VIA Corporation)
    R3 vwifibus; C:\WINDOWS\System32\drivers\vwifibus.sys [57344 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R1 vwififlt; C:\WINDOWS\System32\drivers\vwififlt.sys [106496 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R3 vwifimp; C:\WINDOWS\System32\drivers\vwifimp.sys [77824 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 WacomPen; C:\WINDOWS\System32\drivers\wacompen.sys [61440 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R2 wanarp; C:\WINDOWS\System32\DRIVERS\wanarp.sys [118784 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 wanarpv6; C:\WINDOWS\System32\DRIVERS\wanarp.sys [118784 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R2 wcifs; C:\WINDOWS\system32\drivers\wcifs.sys [238952 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2022-08-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
    R0 Wdf01000; C:\WINDOWS\System32\drivers\Wdf01000.sys [869736 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [453904 2022-08-31] (Microsoft Windows -> Microsoft Corporation)
    R3 wdiwifi; C:\WINDOWS\System32\DRIVERS\wdiwifi.sys [1007616 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 WdmCompanionFilter; C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [54624 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-08-31] (Microsoft Windows -> Microsoft Corporation)
    S3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
    R0 WFPLWFS; C:\WINDOWS\System32\drivers\wfplwfs.sys [206176 2022-09-15] (Microsoft Windows -> Microsoft Corporation)
    S3 WifiCx; C:\WINDOWS\System32\drivers\WifiCx.sys [806912 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 WIMMount; C:\WINDOWS\System32\drivers\wimmount.sys [65872 2022-02-27] (Microsoft Windows -> Microsoft Corporation)
    R0 WindowsTrustedRT; C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [103960 2022-08-12] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
    R0 WindowsTrustedRTProxy; C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [53744 2021-06-05] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
    S3 WinMad; C:\WINDOWS\System32\drivers\winmad.sys [36152 2021-06-05] (Microsoft Windows -> Mellanox)
    S3 WinNat; C:\WINDOWS\System32\drivers\winnat.sys [307176 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 WINUSB; C:\WINDOWS\System32\drivers\WinUsb.sys [135168 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 WinVerbs; C:\WINDOWS\System32\drivers\winverbs.sys [73016 2021-06-05] (Microsoft Windows -> Mellanox)
    R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
    R3 WmiAcpi; C:\WINDOWS\System32\drivers\wmiacpi.sys [49152 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    R0 Wof; C:\Windows\System32\Drivers\Wof.sys [274744 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
    S3 WpdUpFltr; C:\WINDOWS\System32\drivers\WpdUpFltr.sys [66896 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S4 ws2ifsl; C:\WINDOWS\system32\drivers\ws2ifsl.sys [57344 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 WudfPf; C:\WINDOWS\System32\drivers\WudfPf.sys [159744 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 WUDFRd; C:\WINDOWS\System32\drivers\WUDFRd.sys [348160 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 WUDFWpdFs; C:\WINDOWS\System32\drivers\WUDFRd.sys [348160 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    R3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [348160 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 xboxgip; C:\WINDOWS\System32\drivers\xboxgip.sys [385024 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    S3 XDJ-XZAudio; C:\WINDOWS\system32\drivers\XDJ-XZAudio64.sys [49600 2021-10-20] (AlphaTheta Corporation -> AlphaTheta Corporation.)
    S3 xinputhid; C:\WINDOWS\System32\drivers\xinputhid.sys [77824 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
    U3 aspnet_state; no ImagePath

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)

    ==================== Three months (created) (Whitelisted) =========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2022-09-25 15:07 - 2022-09-25 09:19 - 000455966 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20220925-150709.backup
    2022-09-25 09:19 - 2022-09-25 07:36 - 000455966 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20220925-091943.backup
    2022-09-25 07:34 - 2022-09-25 07:35 - 000000000 ____D C:\WINDOWS\Minidump
    2022-09-25 07:34 - 2022-09-25 07:34 - 1000883220 _____ C:\WINDOWS\MEMORY.DMP
    2022-09-25 07:34 - 2022-09-25 07:34 - 001579244 _____ C:\WINDOWS\Minidump\092522-10937-01.dmp
    2022-09-25 07:33 - 2022-09-25 07:33 - 005198336 _____ (AVAST Software) C:\Users\14153\Downloads\aswMBR (1).exe
    2022-09-25 07:29 - 2022-09-25 07:29 - 005198336 _____ (AVAST Software) C:\Users\14153\Downloads\aswMBR.exe
    2022-09-25 07:25 - 2022-09-25 07:25 - 002371072 _____ (Farbar) C:\Users\14153\Downloads\FRST64 (2).exe
    2022-09-25 04:40 - 2022-09-25 04:42 - 000071162 _____ C:\Users\14153\Downloads\Addition.txt
    2022-09-25 04:38 - 2022-09-25 15:12 - 000079635 _____ C:\Users\14153\Downloads\FRST.txt
    2022-09-25 04:36 - 2022-09-25 15:11 - 000000000 ____D C:\FRST
    2022-09-25 04:36 - 2022-09-25 04:36 - 002371072 _____ (Farbar) C:\Users\14153\Downloads\FRST64 (1).exe
    2022-09-25 04:35 - 2022-09-25 04:35 - 002371072 _____ (Farbar) C:\Users\14153\Downloads\FRST64.exe
    2022-09-25 04:26 - 2022-09-25 04:26 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-CRAPTOP-Windows-10-Home-(64-bit).dat
    2022-09-25 04:26 - 2022-09-25 04:26 - 000000000 ____D C:\RegBackup
    2022-09-25 04:25 - 2022-09-25 04:26 - 000019867 _____ C:\WINDOWS\Tweaking.com - Registry Backup Setup Log.txt
    2022-09-25 04:25 - 2022-09-25 04:25 - 007333288 _____ (Tweaking.com) C:\Users\14153\Downloads\tweaking.com_registry_backup_setup.exe
    2022-09-25 04:25 - 2022-09-25 04:25 - 000002319 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
    2022-09-25 04:25 - 2022-09-25 04:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
    2022-09-25 04:25 - 2022-09-25 04:25 - 000000000 ____D C:\Program Files (x86)\Tweaking.com
    2022-09-25 01:51 - 2022-09-23 09:12 - 000515414 _____ C:\Users\14153\Desktop\Autostart.220923-0512.txt
    2022-09-24 04:54 - 2022-09-24 02:44 - 000463436 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20220924-045415.backup
    2022-09-24 04:52 - 2022-09-24 04:52 - 000003184 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
    2022-09-24 04:45 - 2022-09-24 04:45 - 049239368 ____H (Facebook, Inc.) C:\Users\14153\Downloads\Messenger.159.0.0.23.221.exe
    2022-09-24 04:20 - 2022-09-24 04:20 - 009494496 ____H C:\Users\14153\Downloads\woocommerce.6.9.3 (1).zip
    2022-09-24 03:18 - 2022-09-24 03:19 - 004347209 ____H C:\Users\14153\Downloads\wp-mail-smtp-pro (1).zip
    2022-09-24 02:44 - 2022-09-24 02:04 - 000463436 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20220924-024409.backup
    2022-09-24 02:11 - 2022-09-24 02:11 - 013180900 ____H C:\Users\14153\Downloads\zero-bs-crm (2).zip
    2022-09-23 06:22 - 2022-09-23 05:59 - 000463436 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20220923-062209.backup
    2022-09-23 05:59 - 2022-09-23 05:49 - 000463436 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20220923-055917.backup
    2022-09-23 05:49 - 2022-09-23 04:45 - 000463436 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20220923-054930.backup
    2022-09-23 05:23 - 2022-09-23 05:23 - 000632809 _____ C:\Users\14153\Desktop\TeamSpybot-20220923-052357.cab
    2022-09-23 05:23 - 2022-09-23 05:23 - 000332890 _____ C:\Users\14153\Desktop\TeamSpybot-20220923-052324.cab
    2022-09-23 05:19 - 2022-09-23 05:19 - 000000000 ____D C:\QA
    2022-09-23 05:16 - 2022-09-25 15:06 - 000000000 ____D C:\Users\14153\AppData\Local\FastVPN
    2022-09-23 05:12 - 2022-09-25 01:54 - 000000000 ____D C:\Users\14153\Documents\ProcAlyzer Dumps
    2022-09-23 05:09 - 2022-09-23 05:09 - 000002555 _____ C:\Users\Public\Desktop\FastVPN.lnk
    2022-09-23 05:09 - 2022-09-23 05:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastVPN
    2022-09-23 04:45 - 2022-09-23 04:45 - 000463436 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20220923-044550.backup
    2022-09-23 04:45 - 2022-09-22 15:13 - 000463436 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20220923-044523.backup
    2022-09-23 04:22 - 2022-09-23 04:22 - 013180900 ____H C:\Users\14153\Downloads\zero-bs-crm (1).zip
    2022-09-23 03:24 - 2022-09-23 03:24 - 000003251 ____H C:\Users\14153\Downloads\seedlist (1).csv
    2022-09-23 03:19 - 2022-09-23 03:19 - 000000023 ____H C:\Users\14153\Downloads\sandboxbde789e83d7f43b08b79c3c6a92c734f.mailgun.org
    2022-09-23 01:14 - 2022-09-23 01:14 - 000003251 ____H C:\Users\14153\Downloads\seedlist.csv
    2022-09-23 01:05 - 2022-09-23 01:05 - 004347209 ____H C:\Users\14153\Downloads\wp-mail-smtp-pro.zip
    2022-09-23 00:24 - 2022-09-23 00:24 - 013180900 ____H C:\Users\14153\Downloads\zero-bs-crm.zip
    2022-09-22 23:43 - 2022-09-22 23:43 - 007708251 ____H C:\Users\14153\Downloads\wpforms.zip
    2022-09-22 23:06 - 2022-09-22 23:06 - 009494496 ____H C:\Users\14153\Downloads\woocommerce.6.9.3.zip
    2022-09-22 17:43 - 2022-09-22 17:43 - 087009933 ____H C:\Users\14153\Downloads\bpmsupreme_0bf618ba61793.zip
    2022-09-22 17:14 - 2022-09-22 17:14 - 000059085 _____ C:\WINDOWS\system32\duplicate.txt
    2022-09-22 01:54 - 2022-09-22 01:54 - 000000000 ____D C:\Users\14153\Desktop\dj music
    2022-09-22 01:25 - 2022-09-21 17:42 - 000463327 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20220922-012514.backup
    2022-09-22 01:23 - 2022-09-21 17:42 - 000463327 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20220922-012303.backup
    2022-09-20 20:14 - 2022-09-20 20:14 - 000002577 _____ C:\Users\Public\Desktop\Serato DJ Pro .lnk
    2022-09-20 20:14 - 2022-09-20 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serato
    2022-09-20 20:04 - 2022-09-20 20:05 - 797136900 ____H C:\Users\14153\Downloads\Serato DJ Pro 2.6.0.zip
    2022-09-17 18:10 - 2022-09-17 18:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2022-09-16 02:27 - 2022-09-16 02:27 - 000000000 ___SD C:\Users\14153\Documents\My Data Sources
    2022-09-16 02:19 - 2022-09-16 02:19 - 000000000 ____D C:\Users\14153\Documents\Custom Office Templates
    2022-09-16 02:00 - 2022-09-16 02:00 - 000021080 ____H C:\Users\14153\Downloads\Checking1.csv
    2022-09-16 01:57 - 2022-09-16 02:20 - 000018840 ____H C:\Users\14153\Downloads\Checking1 (1).csv
    2022-09-15 12:55 - 2022-09-15 12:55 - 000015030 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
    2022-09-15 12:53 - 2022-09-15 12:53 - 000000000 ___HD C:\$WinREAgent
    2022-09-15 07:35 - 2022-09-15 07:35 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
    2022-09-15 07:35 - 2022-09-15 07:35 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
    2022-09-15 07:35 - 2022-09-15 07:35 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
    2022-09-15 07:35 - 2022-09-15 07:35 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx.sys
    2022-09-15 07:35 - 2022-09-15 07:35 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
    2022-09-15 03:48 - 2022-09-15 03:44 - 000463327 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20220915-034843.backup
    2022-09-10 02:12 - 2022-09-10 02:10 - 000463327 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20220910-021259.backup
    2022-09-08 03:42 - 2022-09-20 20:22 - 000000000 ____D C:\Users\14153\AppData\Roaming\WordPress.com
    2022-09-08 03:42 - 2022-09-08 03:42 - 000000000 ____D C:\Users\14153\AppData\Roaming\WordPressDesktop
    2022-09-08 03:35 - 2022-09-08 03:35 - 000002434 _____ C:\Users\14153\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WordPress.com.lnk
    2022-09-08 03:35 - 2022-09-08 03:35 - 000002426 _____ C:\Users\14153\Desktop\WordPress.com.lnk
    2022-09-08 03:35 - 2022-09-08 03:35 - 000000000 ____D C:\Users\14153\AppData\Local\wordpressdesktop-updater
    2022-09-07 09:00 - 2022-09-07 09:00 - 000335872 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
    2022-09-05 17:45 - 2022-09-25 15:06 - 000000000 ____D C:\Program Files (x86)\FastVPN
    2022-08-31 01:20 - 2022-09-05 16:17 - 000000000 ____D C:\Users\14153\AppData\Local\APManager
    2022-08-31 01:20 - 2022-08-31 01:36 - 000000000 ____D C:\Users\14153\Documents\APMaps
    2022-08-31 01:19 - 2022-08-31 01:19 - 000001311 _____ C:\Users\Public\Desktop\Accessport Manager.lnk
    2022-08-31 01:18 - 2022-08-31 01:19 - 000000000 ____D C:\Program Files (x86)\Accessport
    2022-08-31 01:18 - 2022-08-31 01:18 - 000000000 ____D C:\Users\14153\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessport
    2022-08-31 01:15 - 2022-08-31 01:15 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUsb_01005.Wdf
    2022-08-26 17:47 - 2022-08-26 17:47 - 000061659 ____H C:\Users\14153\Downloads\XMissionDomains_ConfidentialInformation.csv
    2022-08-24 18:02 - 2022-08-24 18:02 - 000001938 _____ C:\Users\14153\Desktop\Zoom.lnk
    2022-08-24 17:56 - 2022-08-24 17:56 - 000000000 ____D C:\Users\14153\Documents\Zoom
    2022-08-24 17:56 - 2022-08-24 17:56 - 000000000 ____D C:\Users\14153\AppData\Local\Zoom
    2022-08-24 17:55 - 2022-08-24 17:56 - 000000000 ____D C:\Users\14153\AppData\Roaming\Zoom
    2022-08-24 17:55 - 2022-08-24 17:56 - 000000000 ____D C:\Users\14153\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
    2022-08-24 16:05 - 2022-08-24 16:04 - 000463436 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20220824-160521.backup
    2022-08-24 16:04 - 2022-08-24 06:39 - 000463327 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20220824-160457.backup
    2022-08-23 00:55 - 2018-06-07 10:57 - 000198656 _____ (Pioneer DJ Corporation.) C:\WINDOWS\system32\XDJ-RR_ASIO64.dll
    2022-08-23 00:55 - 2018-06-07 10:56 - 000175616 _____ (Pioneer DJ Corporation.) C:\WINDOWS\SysWOW64\XDJ-RR_ASIO.dll
    2022-08-23 00:55 - 2018-06-07 00:53 - 000048120 _____ (Pioneer DJ Corporation.) C:\WINDOWS\system32\Drivers\XDJ-RRAudio64.sys
    2022-08-20 20:20 - 2022-08-23 00:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pioneer
    2022-08-20 20:20 - 2022-08-23 00:56 - 000000000 ____D C:\Program Files (x86)\Pioneer
    2022-08-20 20:20 - 2021-10-29 14:16 - 000245648 _____ (AlphaTheta Corporation.) C:\WINDOWS\system32\XDJ-XZ_ASIO64.dll
    2022-08-20 20:20 - 2021-10-29 14:16 - 000222608 _____ (AlphaTheta Corporation.) C:\WINDOWS\SysWOW64\XDJ-XZ_ASIO.dll
    2022-08-20 20:20 - 2021-10-20 01:02 - 000049600 _____ (AlphaTheta Corporation.) C:\WINDOWS\system32\Drivers\XDJ-XZAudio64.sys
    2022-08-14 21:08 - 2022-09-20 19:56 - 000000000 ____D C:\Users\14153\AppData\Local\Serato
    2022-08-14 16:11 - 2022-08-14 16:12 - 027417808 ____H C:\Users\14153\Downloads\wcjnw_rosyt-trim-560b9d20-688c-4086-8c5a-f9058d5d5730.mp4
    2022-08-12 17:47 - 2022-08-12 17:27 - 000463436 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20220812-174707.backup
    2022-08-12 17:27 - 2022-08-12 16:09 - 000463436 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20220812-172751.backup
    2022-08-12 16:38 - 2022-09-05 16:11 - 000002409 _____ C:\Users\14153\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams (work or school).lnk
    2022-08-12 16:38 - 2022-08-12 16:38 - 000000000 ____D C:\Users\14153\AppData\Roaming\Teams
    2022-08-12 16:38 - 2022-08-12 16:38 - 000000000 ____D C:\Users\14153\AppData\Local\SquirrelTemp
    2022-08-12 16:09 - 2022-08-12 16:08 - 000463327 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20220812-160923.backup
    2022-08-12 14:02 - 2022-08-12 14:02 - 000208896 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\system32\l3codecp.acm
    2022-08-12 14:02 - 2022-08-12 14:02 - 000196096 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\SysWOW64\l3codecp.acm
    2022-08-12 14:01 - 2022-08-12 14:01 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Bubbles.scr
    2022-08-12 14:01 - 2022-08-12 14:01 - 000774144 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
    2022-08-12 14:01 - 2022-08-12 14:01 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
    2022-08-12 14:01 - 2022-08-12 14:01 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
    2022-08-12 14:01 - 2022-08-12 14:01 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
    2022-08-12 14:01 - 2022-08-12 14:01 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
    2022-08-12 14:01 - 2022-08-12 14:01 - 000442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
    2022-08-12 14:01 - 2022-08-12 14:01 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
    2022-08-12 14:01 - 2022-08-12 14:01 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
    2022-08-12 14:01 - 2022-08-12 14:01 - 000299008 _____ C:\WINDOWS\system32\EsclScan.dll
    2022-08-12 14:01 - 2022-08-12 14:01 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
    2022-08-12 14:01 - 2022-08-12 14:01 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssText3d.scr
    2022-08-12 14:01 - 2022-08-12 14:01 - 000180224 _____ C:\WINDOWS\system32\EsclProtocol.dll
    2022-08-12 14:01 - 2022-08-12 14:01 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Ribbons.scr
    2022-08-12 14:01 - 2022-08-12 14:01 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Mystify.scr
    2022-08-12 14:01 - 2022-08-12 14:01 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\remotesp.tsp
    2022-08-12 14:01 - 2022-08-12 14:01 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remotesp.tsp
    2022-08-12 14:01 - 2022-08-12 14:01 - 000079192 _____ C:\WINDOWS\system32\Drivers\NDKPerf.sys
    2022-08-12 14:01 - 2022-08-12 14:01 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidphone.tsp
    2022-08-12 14:01 - 2022-08-12 14:01 - 000051712 _____ C:\WINDOWS\SysWOW64\CredProvCommonCore.dll
    2022-08-12 14:01 - 2022-08-12 14:01 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\more.com
    2022-08-12 14:01 - 2022-08-12 14:01 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
    2022-08-12 14:01 - 2022-08-12 14:01 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\format.com
    2022-08-12 14:01 - 2022-08-12 14:01 - 000041472 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
    2022-08-12 14:01 - 2022-08-12 14:01 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
    2022-08-12 14:01 - 2022-08-12 14:01 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
    2022-08-12 14:01 - 2022-08-12 14:01 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hidphone.tsp
    2022-08-12 14:01 - 2022-08-12 14:01 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
    2022-08-12 14:01 - 2022-08-12 14:01 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\more.com
    2022-08-12 14:01 - 2022-08-12 14:01 - 000019456 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
    2022-08-12 14:01 - 2022-08-12 14:01 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
    2022-08-12 14:00 - 2022-08-12 14:00 - 002125824 _____ C:\WINDOWS\system32\dwmscene.dll
    2022-08-12 14:00 - 2022-08-12 14:00 - 000614400 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
    2022-08-12 14:00 - 2022-08-12 14:00 - 000460800 _____ C:\WINDOWS\SysWOW64\SettingSyncDownloadHelper.dll
    2022-08-12 14:00 - 2022-08-12 14:00 - 000356352 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
    2022-08-12 14:00 - 2022-08-12 14:00 - 000335872 _____ C:\WINDOWS\system32\Windows.Internal.UI.Dialogs.dll
    2022-08-12 14:00 - 2022-08-12 14:00 - 000327680 _____ C:\WINDOWS\system32\pnpdiag.dll
    2022-08-12 14:00 - 2022-08-12 14:00 - 000208896 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
    2022-08-12 14:00 - 2022-08-12 14:00 - 000180224 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll
    2022-08-12 14:00 - 2022-08-12 14:00 - 000098304 _____ C:\WINDOWS\system32\sstpcfg.dll
    2022-08-12 14:00 - 2022-08-12 14:00 - 000086016 _____ C:\WINDOWS\system32\printticketvalidation.dll
    2022-08-12 14:00 - 2022-08-12 14:00 - 000086016 _____ C:\WINDOWS\system32\CredProvCommonCore.dll
    2022-08-12 14:00 - 2022-08-12 14:00 - 000077824 _____ C:\WINDOWS\system32\APMonUI.dll
    2022-08-12 14:00 - 2022-08-12 14:00 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
    2022-08-12 14:00 - 2022-08-12 14:00 - 000069632 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2022-08-12 14:00 - 2022-08-12 14:00 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\format.com
    2022-08-12 14:00 - 2022-08-12 14:00 - 000042752 _____ C:\WINDOWS\system32\wow64base.dll
    2022-08-12 14:00 - 2022-08-12 14:00 - 000040960 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
    2022-08-12 14:00 - 2022-08-12 14:00 - 000038760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msgsm32.acm
    2022-08-12 14:00 - 2022-08-12 14:00 - 000034112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imaadp32.acm
    2022-08-12 14:00 - 2022-08-12 14:00 - 000033568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msadp32.acm
    2022-08-12 14:00 - 2022-08-12 14:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrnsave.scr
    2022-08-12 13:59 - 2022-08-12 13:59 - 000643072 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
    2022-08-12 13:59 - 2022-08-12 13:59 - 000286720 _____ C:\WINDOWS\system32\Microsoft.Bluetooth.Audio.dll
    2022-08-12 13:59 - 2022-08-12 13:59 - 000067528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msgsm32.acm
    2022-08-12 13:59 - 2022-08-12 13:59 - 000063392 _____ (Microsoft Corporation) C:\WINDOWS\system32\imaadp32.acm
    2022-08-12 13:59 - 2022-08-12 13:59 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrnsave.scr
    2022-08-12 13:59 - 2022-08-12 13:59 - 000059264 _____ (Microsoft Corporation) C:\WINDOWS\system32\msadp32.acm
    2022-08-12 13:54 - 2022-08-12 13:54 - 000000000 ____D C:\Users\14153\AppData\LocalLow\webviewdata
    2022-08-12 13:39 - 2022-08-12 13:39 - 000061674 ____H C:\Users\14153\Downloads\~WRL2820.tmp
    2022-08-12 13:21 - 2022-09-25 07:36 - 000000000 ____D C:\Users\14153\AppData\Roaming\DropboxElectron

    ==================== Three months (modified) ==================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2022-09-25 15:13 - 2022-02-26 09:39 - 000000512 _____ C:\Users\Public\amdsfhdcd.bin
    2022-09-25 15:01 - 2021-06-05 08:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2022-09-25 14:14 - 2022-02-27 01:01 - 000000000 ____D C:\Program Files (x86)\Google
    2022-09-25 13:32 - 2022-02-26 09:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2022-09-25 09:42 - 2022-02-26 09:59 - 000000000 ____D C:\Users\14153\AppData\Local\D3DSCache
    2022-09-25 08:08 - 2022-02-26 10:58 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
    2022-09-25 07:42 - 2022-02-26 10:01 - 000006024 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2022-09-25 07:36 - 2022-05-08 17:43 - 000000000 ____D C:\Users\14153\AppData\Local\Dropbox
    2022-09-25 07:35 - 2022-02-26 10:00 - 000003096 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
    2022-09-25 07:35 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\SystemTemp
    2022-09-25 07:35 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\ServiceState
    2022-09-25 07:35 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
    2022-09-25 07:34 - 2022-02-26 09:39 - 000012288 ___SH C:\DumpStack.log.tmp
    2022-09-25 07:34 - 2022-02-26 09:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2022-09-25 04:42 - 2021-06-05 08:09 - 000000000 ____D C:\WINDOWS\INF
    2022-09-25 01:51 - 2021-06-05 09:16 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
    2022-09-25 00:24 - 2022-05-08 17:58 - 000000000 __RHD C:\Users\14153\Dropbox (Professional DJ team)
    2022-09-25 00:22 - 2022-02-27 01:26 - 000000000 ____D C:\Users\14153\AppData\Roaming\PioneerLog
    2022-09-25 00:20 - 2022-02-26 09:56 - 000000000 ____D C:\Users\14153
    2022-09-24 05:23 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\system32\NDF
    2022-09-24 04:52 - 2022-02-26 09:39 - 000004408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
    2022-09-24 02:34 - 2021-06-05 08:10 - 000000000 ___HD C:\Program Files\WindowsApps
    2022-09-24 02:34 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\AppReadiness
    2022-09-24 02:01 - 2022-02-26 09:39 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
    2022-09-23 06:01 - 2022-02-27 01:01 - 000000000 ____D C:\Program Files\Google
    2022-09-23 04:19 - 2022-04-17 00:03 - 000000000 ____D C:\Users\14153\AppData\Roaming\obs-studio
    2022-09-22 17:21 - 2019-05-11 07:18 - 000000000 ____D C:\Program Files\HPCommRecovery
    2022-09-20 20:23 - 2021-06-05 08:01 - 000524288 _____ C:\WINDOWS\system32\config\BBI
    2022-09-20 20:15 - 2019-06-29 05:31 - 000000000 ____D C:\ProgramData\Package Cache
    2022-09-17 18:13 - 2019-05-11 07:19 - 000000000 ____D C:\Program Files\Microsoft Office
    2022-09-17 18:10 - 2022-05-08 17:43 - 000000000 ____D C:\Program Files (x86)\Dropbox
    2022-09-16 01:59 - 2019-05-11 07:21 - 000002380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
    2022-09-15 18:14 - 2022-02-27 01:01 - 000002214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2022-09-15 18:14 - 2022-02-27 01:01 - 000002173 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2022-09-15 13:02 - 2022-02-27 06:26 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2022-09-15 13:02 - 2022-02-27 06:26 - 000000000 ____D C:\WINDOWS\system32\MRT
    2022-09-15 12:57 - 2022-02-26 09:39 - 000323720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2022-09-15 12:56 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\system32\setup
    2022-09-15 12:56 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\bcastdvr
    2022-09-15 12:56 - 2021-06-05 08:01 - 000000000 ____D C:\WINDOWS\CbsTemp
    2022-09-15 12:55 - 2022-02-26 09:41 - 003103744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
    2022-09-10 07:41 - 2022-02-26 09:59 - 000000000 ____D C:\Users\14153\AppData\Local\Packages
    2022-09-08 11:43 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
    2022-09-08 11:43 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\SystemResources
    2022-09-08 11:43 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\system32\oobe
    2022-09-08 11:43 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\system32\Dism
    2022-09-08 11:43 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\system32\DDFs
    2022-09-08 11:43 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
    2022-09-08 11:43 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\Provisioning
    2022-09-08 03:38 - 2022-02-26 10:03 - 000000000 ____D C:\Users\14153\AppData\Local\Comms
    2022-09-08 02:29 - 2022-02-26 10:01 - 000000000 ____D C:\Users\14153\AppData\Local\VirtualStore
    2022-09-07 09:03 - 2021-06-05 08:08 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
    2022-09-07 09:03 - 2021-06-05 08:08 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
    2022-09-05 22:26 - 2022-04-08 02:36 - 000001019 _____ C:\Users\Public\Desktop\OBS Studio.lnk
    2022-08-31 01:15 - 2022-02-26 09:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
    2022-08-31 01:09 - 2022-02-27 01:01 - 000003496 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{3E929FE5-D33C-4A12-8A95-72FE3988A65C}
    2022-08-31 01:09 - 2022-02-27 01:01 - 000003372 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{3263F353-0308-4FC8-88C5-AAE6E25975F7}
    2022-08-31 01:06 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth

    ==================== Files in the root of some directories ========

    2022-04-25 15:53 - 2022-08-23 23:43 - 000000015 _____ () C:\Users\14153\AppData\Roaming\obs-virtualcam.txt
    2022-02-27 01:05 - 2022-08-24 16:37 - 000117537 _____ () C:\Users\14153\AppData\Roaming\Safer-Networking.log

    ==================== SigCheck ============================

    (There is no automatic fix for files that do not pass verification.)

    ==================== End of FRST.txt ========================



    here is the addition

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-08-2022
    Ran by 14153 (25-09-2022 15:13:24)
    Running from C:\Users\14153\Dropbox (Professional DJ team)\PC\Downloads
    Microsoft Windows 11 Home Version 21H2 22000.978 (X64) (2022-02-26 13:48:13)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================


    (If an entry is included in the fixlist, it will be removed.)

    14153 (S-1-5-21-2005052208-2991255159-2390639066-1001 - Administrator - Enabled) => C:\Users\14153
    Administrator (S-1-5-21-2005052208-2991255159-2390639066-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-2005052208-2991255159-2390639066-503 - Limited - Disabled)
    Guest (S-1-5-21-2005052208-2991255159-2390639066-501 - Limited - Disabled)
    WDAGUtilityAccount (S-1-5-21-2005052208-2991255159-2390639066-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Spybot - Search and Destroy (Enabled - Up to date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    AccessPORT Driver 1.3.1 (HKLM-x32\...\AccessPORT Driver) (Version: - Cobb Tuning Products, LLC.)
    Accessport Manager 3.1.6 (HKLM-x32\...\Accessport Manager) (Version: 3.1.6 - COBB Tuning Products, LLC)
    AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.02.03 - Advanced Micro Devices, Inc.)
    Apple Mobile Device Support (HKLM\...\{527DD209-8A66-482F-8779-C7B3BACCA8F1}) (Version: 15.0.0.16 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    Branding64 (HKLM\...\{7659552A-136F-4615-A9FA-3E3EF2CCA77C}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
    Dropbox (HKLM-x32\...\Dropbox) (Version: 157.4.4808 - Dropbox, Inc.)
    Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.639.1 - Dropbox, Inc.) Hidden
    FastVPN (HKLM-x32\...\{AFC87201-F3D3-4950-A3C0-FCA47F3F7731}) (Version: 3.3.2.0 - Namecheap Inc.)
    FileAlyzer 1.2 (HKLM-x32\...\FileAlyzer_is1) (Version: 1.2 - PepiMK Software)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 105.0.5195.127 - Google LLC)
    HP Audio Switch (HKLM-x32\...\{20A40E7C-E470-4E9F-9B5C-DDB2C205E856}) (Version: 1.0.154.0 - HP Inc.)
    HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.15.0 - HP Inc.)
    HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
    iTunes (HKLM\...\{0B3CC856-3A62-443A-B6CE-DED2D4495D56}) (Version: 12.12.2.2 - Apple Inc.)
    Logi Bolt (HKLM\...\LogiBolt) (Version: 1.2.6024.0 - Logi)
    Logitech Options (HKLM\...\LogiOptions) (Version: 9.60.87 - Logitech)
    Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.15601.20148 - Microsoft Corporation)
    Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 105.0.1343.50 - Microsoft Corporation)
    Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 105.0.1343.50 - Microsoft Corporation)
    Microsoft Teams (HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\Teams) (Version: 1.5.00.21668 - Microsoft Corporation)
    Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{730ca3c6-815d-4b47-abc9-5082acd0267f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
    Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation)
    Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508 (HKLM\...\{7D0B74C2-C3F8-4AF1-940F-CD79AB4B2DCE}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508 (HKLM\...\{EEA66967-97E2-4561-A999-5C22E3CDE428}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29914 (HKLM-x32\...\{BD8C6100-7C7D-48DD-93BA-69F6828213FE}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29914 (HKLM-x32\...\{42365A3A-622A-4EED-A727-FE192A794AFD}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 97.0.1 - Mozilla)
    OBS Studio (HKLM-x32\...\OBS Studio) (Version: 28.0.1 - OBS Project)
    OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
    Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15601.20064 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15601.20148 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11425.20202 - Microsoft Corporation) Hidden
    OX Drive (HKLM-x32\...\{4FF37900-AA0C-4AEB-8CC3-5CF1E1ECE7FF}) (Version: 2.9.0 - OX Software GmbH)
    Pioneer CDJXDJ Driver (HKLM-x32\...\Pioneer CDJXDJ) (Version: 1.600.003.000 - AlphaTheta Corporation)
    Razer Virtual Ring Light (HKLM-x32\...\Razer Virtual Ring Light) (Version: 2.0.0.23 - Razer Inc.)
    rekordbox 6.6.4 64bit (HKLM\...\Pioneer rekordbox 6.6.4) (Version: 6.6.4.0033 - AlphaTheta)
    Serato DJ Pro (HKLM\...\{4F37D556-104A-4C99-A7CD-9DDDECA7602F}) (Version: 2.6.0.1250 - Serato Limited) Hidden
    Serato DJ Pro (HKLM-x32\...\{e64009be-1603-44b4-b46f-a498c8634e93}) (Version: 2.6.0.1250 - Serato Limited)
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.9.82.0 - Safer-Networking Ltd.)
    Spybot Anti-Beacon (HKLM-x32\...\{419A7FCF-93E1-474D-BFE9-987CF3F90C88}_is1) (Version: 3.8 - Safer-Networking Ltd.)
    Spybot Identity Monitor (HKLM-x32\...\{DEE2C8BC-083E-48D8-A934-7B547D87E85C}_is1) (Version: 3.4 - Safer-Networking Ltd.)
    Streamer Companion App (HKLM-x32\...\Streamer Companion App) (Version: 2.0.1.3 - Razer Inc.)
    THX Spatial Audio (HKLM-x32\...\THX Spatial Audio) (Version: 2.0.1.11 - Razer Inc.)
    Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 4.0.0 - Tweaking.com)
    VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
    Windows Driver Package - Apple, Inc. (USBAAPL) USB (05/19/2017 6.0.9999.69) (HKLM\...\7771A0176A543725D7BBF70A546C096A4EE2DD40) (Version: 05/19/2017 6.0.9999.69 - Apple, Inc.)
    Windows Driver Package - Apple, Inc. (USBAAPL64) USB (05/19/2017 6.0.9999.69) (HKLM\...\C2C6A29F3ABC80FD992777A92DF30699124D37C5) (Version: 05/19/2017 6.0.9999.69 - Apple, Inc.)
    Windows Driver Package - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (12/02/2015 2.12.1.0) (HKLM\...\85A33267F12961AF9ED9AE799DEDA5E62BEA236F) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
    Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssudmdm) Modem (12/02/2015 2.12.1.0) (HKLM\...\88ED314360B98E6E82E7CC3201FAEB4A9FD291B4) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
    Windows Driver Package - SAMSUNG Electronics Co., Ltd. (WinUSB) AndroidUsbDeviceClass (12/02/2015 2.12.1.0) (HKLM\...\701281E8283E9E3681220099A9DA5013A5A437AF) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
    WordPress.com 7.2.0 (HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\ed4e3354-70d4-58f5-8f6d-7420253356e2) (Version: 7.2.0 - Automattic Inc.)
    XDJ-RR Driver (HKLM-x32\...\XDJ-RR) (Version: 1.000.001 - Pioneer DJ Corporation.)
    XDJ-XZ Driver (HKLM-x32\...\XDJ-XZ) (Version: 1.010.001 - AlphaTheta Corporation.)

    Packages:
    =========
    AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.59462344778c5_10.19.40016.0_x64__0a9344xs7nr4m [2022-02-26] (Advanced Micro Devices Inc.)
    Bang & Olufsen Audio Control -> C:\Program Files\WindowsApps\AD2F1837.BangOlufsenAudioControl_1.15.226.0_x64__v10z8vjag6ke6 [2022-02-26] (HP Inc.)
    Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.0.0_neutral__yxz26nhyzhsrt [2022-09-19] (Microsoft Corp.)
    Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2022-09-22] (0)
    Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2022-02-26] (HP Inc.)
    HP Command Center -> C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.4.0_x64__v10z8vjag6ke6 [2022-09-02] (HP Inc.)
    HP JumpStarts -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6 [2022-08-25] (HP Inc.)
    HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.8.2.0_x64__v10z8vjag6ke6 [2022-08-12] (HP Inc.)
    HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.42.0_x64__v10z8vjag6ke6 [2022-02-26] (HP Inc.)
    HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_139.2.289.0_x64__v10z8vjag6ke6 [2022-09-22] (HP Inc.)
    HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.20.22.0_x64__v10z8vjag6ke6 [2022-08-24] (HP Inc.)
    HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.3.2.0_x64__v10z8vjag6ke6 [2022-08-12] (HP Inc.)
    Mozilla Firefox -> C:\Program Files\WindowsApps\Mozilla.Firefox_105.0.1.0_x64__n80bbvh6b1yt2 [2022-09-24] (Mozilla)
    Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-27] (Netflix, Inc.)
    Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0 [2022-09-24] (Spotify AB) [Startup Task]
    Telegram Desktop -> C:\Program Files\WindowsApps\TelegramMessengerLLP.TelegramDesktop_4.1.0.0_x64__t4vj0pshhgkwm [2022-08-22] (Telegram Messenger LLP) [Startup Task]

    ==================== Custom CLSID (Whitelisted): ==============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-2005052208-2991255159-2390639066-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\14153\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22209.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-2005052208-2991255159-2390639066-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B} -> [Dropbox (Professional DJ team)] => C:\Users\14153\Dropbox (Professional DJ team) [2022-05-08 17:58]
    ShellIconOverlayIdentifiers: [ 1OXShellIconError] -> {42C0113A-BC69-4D4B-A14E-54BA41CEAE57} => C:\Users\14153\AppData\Local\Open-Xchange\OXDrive\OXDriveShellExtension_x64.dll [2020-10-16] () [File not signed]
    ShellIconOverlayIdentifiers: [ 1OXShellIconInProgress] -> {8D407DD6-3BE7-4710-B9D7-5D4BB4180C9D} => C:\Users\14153\AppData\Local\Open-Xchange\OXDrive\OXDriveShellExtension_x64.dll [2020-10-16] () [File not signed]
    ShellIconOverlayIdentifiers: [ 1OXShellIconSynchronized] -> {34249083-9061-4B99-BF99-DB2E50F2EF43} => C:\Users\14153\AppData\Local\Open-Xchange\OXDrive\OXDriveShellExtension_x64.dll [2020-10-16] () [File not signed]
    ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll [2022-09-14] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll [2022-09-14] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll [2022-09-14] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll [2022-09-14] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll [2022-09-14] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll [2022-09-14] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll [2022-09-14] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll [2022-09-14] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll [2022-09-14] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll [2022-09-14] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
    ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll [2022-09-14] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll [2022-09-14] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll [2022-09-14] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll [2022-09-14] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll [2022-09-14] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll [2022-09-14] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll [2022-09-14] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll [2022-09-14] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll [2022-09-14] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll [2022-09-14] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
    ContextMenuHandlers1: [ 1OXShellExtensionMenu] -> {1A7BBCAB-D752-43B9-A552-40DAA67492BB} => C:\Users\14153\AppData\Local\Open-Xchange\OXDrive\OXDriveShellExtension_x64.dll [2020-10-16] () [File not signed]
    ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll [2022-09-14] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-22] (Safer-Networking Limited -> Safer-Networking Ltd.)
    ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-22] (Safer-Networking Limited -> Safer-Networking Ltd.)
    ContextMenuHandlers2: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-22] (Safer-Networking Limited -> Safer-Networking Ltd.)
    ContextMenuHandlers2: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-22] (Safer-Networking Limited -> Safer-Networking Ltd.)
    ContextMenuHandlers3: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-22] (Safer-Networking Limited -> Safer-Networking Ltd.)
    ContextMenuHandlers3: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-22] (Safer-Networking Limited -> Safer-Networking Ltd.)
    ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll [2022-09-14] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll [2022-09-14] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers6: [ 1OXShellExtensionMenu] -> {1A7BBCAB-D752-43B9-A552-40DAA67492BB} => C:\Users\14153\AppData\Local\Open-Xchange\OXDrive\OXDriveShellExtension_x64.dll [2020-10-16] () [File not signed]
    ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-22] (Safer-Networking Limited -> Safer-Networking Ltd.)
    ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-22] (Safer-Networking Limited -> Safer-Networking Ltd.)

    ==================== Codecs (Whitelisted) ====================

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)

    ShortcutWithArgument: C:\Users\14153\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d0a67409181f9d30\Razer AppEngine.lnk -> C:\Program Files\Razer\RzAppEngine\rzappengine.exe (Razer Inc.) -> --application-host=apps.razer.com --profile-directory=Default hxxps://apps.razer.com/app-launcher/RzUiQiNlDnNMZ1NZ-HFhVAUiRz/
    ShortcutWithArgument: C:\Users\14153\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\GoT - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

    ==================== Loaded Modules (Whitelisted) =============

    2022-03-10 06:46 - 2022-03-10 06:46 - 001430016 _____ () [File not signed] \\?\C:\Program Files\Pioneer\rekordbox 6.6.4\rekordboxAgent-win32-x64\resources\app.asar.unpacked\node_modules\@journeyapps\sqlcipher\lib\binding\electron-v7.3-win32-x64\node_sqlite3.node
    2020-07-15 15:07 - 2020-07-15 15:07 - 000168089 _____ () [File not signed] C:\Program Files (x86)\FastVPN\OpenVPN\liblzo2-2.dll
    2020-07-15 15:08 - 2020-07-15 15:08 - 000106309 _____ () [File not signed] C:\Program Files (x86)\FastVPN\OpenVPN\libpkcs11-helper-1.dll
    2019-01-08 15:40 - 2019-01-08 15:40 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
    2019-01-08 15:40 - 2019-01-08 15:40 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
    2020-08-24 22:26 - 2020-08-24 22:26 - 002128896 _____ () [File not signed] C:\Program Files\Pioneer\rekordbox 6.6.4\rekordboxAgent-win32-x64\ffmpeg.dll
    2020-08-24 22:22 - 2020-08-24 22:22 - 000341504 _____ () [File not signed] C:\Program Files\Pioneer\rekordbox 6.6.4\rekordboxAgent-win32-x64\swiftshader\libegl.dll
    2020-08-24 22:26 - 2020-08-24 22:26 - 003841536 _____ () [File not signed] C:\Program Files\Pioneer\rekordbox 6.6.4\rekordboxAgent-win32-x64\swiftshader\libglesv2.dll
    2022-02-21 12:25 - 2022-02-21 12:25 - 000144896 _____ () [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\libssh2.dll
    2022-02-21 12:25 - 2022-02-21 12:25 - 000077824 _____ () [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\zlib.dll
    2020-10-16 14:40 - 2020-10-16 14:40 - 001166336 _____ () [File not signed] C:\Users\14153\AppData\Local\Open-Xchange\OXDrive\OXDriveShellExtension_x64.dll
    2022-08-13 18:40 - 2022-08-13 18:40 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\47b435b56ddce8189f498cba55522baf\Interop.IWshRuntimeLibrary.ni.dll
    2022-08-13 18:40 - 2022-08-13 18:40 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\0db855e5a488ef7d7e4092b3abc67b53\Hardcodet.Wpf.TaskbarNotification.ni.dll
    2022-09-15 13:10 - 2022-09-15 13:10 - 001591808 _____ (Mark Heath) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\551b3f972429e155cc89303a38026c18\NAudio.ni.dll
    2019-05-11 07:19 - 2022-08-13 18:34 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
    2019-05-11 07:19 - 2019-05-11 07:19 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
    2022-08-13 18:40 - 2022-08-13 18:40 - 003127808 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\e234905d07d86f14dbfdb940d863901b\Newtonsoft.Json.ni.dll
    2020-05-30 22:58 - 2020-05-30 22:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\FastVPN\x86\SQLite.Interop.dll
    2022-02-26 10:59 - 2021-06-19 05:55 - 001079909 _____ (SQLite Development Team) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
    2022-08-13 18:40 - 2022-08-13 18:40 - 000793088 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\ae8d1f05434ed3c098465708095e72c5\log4net.ni.dll
    2022-02-21 12:25 - 2022-02-21 12:25 - 000355840 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBCURL.dll
    2022-03-10 06:46 - 2022-03-10 06:46 - 002093056 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] \\?\C:\Program Files\Pioneer\rekordbox 6.6.4\rekordboxAgent-win32-x64\resources\app.asar.unpacked\node_modules\@journeyapps\sqlcipher\lib\binding\electron-v7.3-win32-x64\LIBEAY32.dll
    2022-02-26 10:37 - 2018-11-22 20:48 - 001374208 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Safer-Networking Ltd\Spybot Identity Monitor\x86\libeay32.dll
    2022-02-26 10:37 - 2018-11-22 20:48 - 000337920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Safer-Networking Ltd\Spybot Identity Monitor\x86\ssleay32.dll
    2022-02-26 10:59 - 2018-11-22 20:48 - 001374208 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\libeay32.dll
    2022-02-26 10:59 - 2018-11-22 20:48 - 000337920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\ssleay32.dll
    2022-02-21 12:25 - 2022-02-21 12:25 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBEAY32.dll
    2022-02-21 12:25 - 2022-02-21 12:25 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\SSLEAY32.dll
    2020-07-15 15:04 - 2020-07-15 15:04 - 003131285 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\FastVPN\OpenVPN\libcrypto-1_1.dll
    2020-07-15 15:04 - 2020-07-15 15:04 - 000956277 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\FastVPN\OpenVPN\libssl-1_1.dll
    2019-01-08 15:40 - 2019-01-08 15:40 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
    2019-01-08 15:40 - 2019-01-08 15:40 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
    2019-01-08 15:40 - 2019-01-08 15:40 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
    2019-01-08 15:40 - 2019-01-08 15:40 - 000414208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
    2019-01-08 15:40 - 2019-01-08 15:40 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
    2019-01-08 15:40 - 2019-01-08 15:40 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
    2019-01-08 15:40 - 2019-01-08 15:40 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
    2019-01-08 15:40 - 2019-01-08 15:40 - 000516608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
    2019-01-08 15:40 - 2019-01-08 15:40 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
    2019-04-29 06:14 - 2019-04-29 06:14 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
    2019-01-08 15:40 - 2019-01-08 15:40 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
    2019-01-08 15:40 - 2019-01-08 15:40 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
    2019-01-08 15:40 - 2019-01-08 15:40 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
    2019-01-08 15:40 - 2019-01-08 15:40 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
    2019-01-08 15:40 - 2019-01-08 15:40 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
    2019-01-08 15:40 - 2019-01-08 15:40 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
    2019-01-08 15:40 - 2019-01-08 15:40 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
    2019-01-08 15:40 - 2019-01-08 15:40 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
    2019-01-08 15:40 - 2019-01-08 15:40 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
    2019-01-08 15:40 - 2019-01-08 15:40 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
    2019-01-08 15:40 - 2019-01-08 15:40 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
    2019-01-08 15:40 - 2019-01-08 15:40 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
    2019-01-08 15:40 - 2019-01-08 15:40 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
    2019-01-08 15:41 - 2019-01-08 15:41 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll

    ==================== Alternate Data Streams (Whitelisted) ========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\Users\14153\Downloads:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Music:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\20200625053936-onyx_mainstr_300x300_buybutton.gif:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\20210817095526-lumen-btn-300x250.jpg:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\A3 jpeg.jpg:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\A3 pdf(1).pdf:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\A3 pdf.pdf:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\A3.png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\abcdefggggg(1).png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\abcdefggggg(2).png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\abcdefggggg(3).png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\abcdefggggg(4).png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\abcdefggggg(5).jpeg:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\abcdefggggg.png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Addition.txt:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Afrojack & Steve Aoki ft Miss Palmer - No Beef (Gabry Ponte Remix) (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Akon - Bananza (Belly Dancer) (DJ Shaan Remix) (Clean Extended)(1).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Akon - Bananza (Belly Dancer) (DJ Shaan Remix) (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Alok - Squid Game (Let's Play) (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\aswMBR (1).exe:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\aswMBR.exe:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Belters Only & Jazzy - Make Me Feel Good (VIP Mix) (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Big Sean ft E-40 - IDFWU (Muzik Junkies Acapella Starter) (Dirty).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\bpmsupreme_0bf618ba61793.zip:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Business-Certificate(1).pdf:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Business-Certificate(2).pdf:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Business-Certificate(3).pdf:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Business-Certificate(4).pdf:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Business-Certificate(5).pdf:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Business-Certificate(6).pdf:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Business-Certificate(7).pdf:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Business-Certificate(8).pdf:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Business-Certificate.pdf:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Carl Cox - PURE (El Rancho Mix) (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\CCBILL MERCHANT INTAKE FORM (1).docx:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Charles D (USA) - You (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Checking1 (1).csv:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Checking1.csv:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\CHESSER - Jack Your Body (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Club Report vs Edison Lighthouse - Love Grows (In Rosemary's Disco) (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\config.php:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Copy of Online Privacy Policy.txt:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\David Christopher ft Martin Sola - Shout (Magdalena Remix) (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Deadmau5 & The Neptunes - Pomegranate (Carl Cox Remix) (Dirty Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\DES3ETT & Serena Ryder - Killing The Pain (VIP Mix) (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\desktop (New).ini:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\DJs From Mars - Sexy (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Drunken Kong & Teenage Mutants - Mainz (Heerhorst Remix) (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Dua Lipa - Love Again (Sam Collins & Rokston Remix) (Dirty Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Eli Brown - Fading To Black (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Fedde Le Grand & American Authors - One Way Up (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Fictitious Business Name Statement (01.22).pdf:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\fina; header logo video.jpeg:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\fina; header logo.jpeg:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\fina; header logo.png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\frame(1).png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\frame.jpg:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\frame.png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\frame.svg:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\FRST.txt:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\FRST64 (1).exe:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\FRST64 (2).exe:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\FRST64.exe:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Green Velvet & CamelPhat - Critical (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Grimes - So Heavy I Fell Through The Earth (ANNA Remix) (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\IAmChino & Pitbull - Discoteca (Muzik Junkies Party Starter) (Dirty Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\iamnotnice & Ghetto Birds - Spiritual Thing (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\index.php:com.dropbox.attrs [52]
    AlternateDataStreams: C:\Users\14153\Downloads\Jack Rush - Body, Mind & Soul (Clean Extended).mp3:com.dropbox.attrs [52]
    AlternateDataStreams: C:\Users\14153\Downloads\Kricked - Emotions (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Layton Giordani - New Generation (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\m3taUYXWzS9.sql:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Maceo Plex - Cinemax (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Mat Zo - Petrushka (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Messenger.159.0.0.23.221.exe:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\OneRepublic - West Coast (Clean).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Online Privacy Policy.pdf:com.dropbox.attrs [50]
    AlternateDataStreams: C:\Users\14153\Downloads\Online Privacy Policy.txt:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Only Gay Trade(1).jpg:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Only Gay Trade(1).png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Only Gay Trade(2).png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Only Gay Trade-logos:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Only Gay Trade.jpg:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Only Gay Trade.pdf:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Only Gay Trade.png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\onlygaytrade.com-1664010747661.log:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\onyxrealm_728x90.png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\package.zip:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\pornhub.com-db.zip:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\pornhub.GLbPRkhw.com-db.zip.part:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Punctual ft Jordan Shaw - Do It All Again (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Purple Disco Machine ft Francesca Lombardo - Loneliness (Art Of Tones Remix) (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Push - Strange World (Joyhauser Remix) (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\qr-code.png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Quench - Dreams (UMEK Version) (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\QUIX ft Jaden Michaels - Make Up Your Mind (VIP Mix) (D3FAI Remix) (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\R-You - Head & Body (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Rameses B ft Laura Brehm - Don't Need You (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Rock The Party - Daddy Dub (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\sandboxbde789e83d7f43b08b79c3c6a92c734f.mailgun.org:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\seedlist (1).csv:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\seedlist.csv:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Serato DJ Pro 2.6.0.zip:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\site header logo copy square 2(1).png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\site header logo copy square 2(2).png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\site header logo copy square 2.png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\site header logo copy square.png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\site header logo(1).png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\site header logo.jpg:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\site header logo.png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\small l44ogo.jpg:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\small l44ogo.pdf:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\small logo(1).jpg:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\small logo(1).png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\small logo.jpg:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\small logo.png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Space 92 - Phobos (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Steve Aoki & DJ Diesel aka Shaquille O'Neal - Welcome To The Playhouse (Muzik Junkies Break Intro) (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Steve Aoki & MT11 - Da Homies (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Steve Aoki - Aurora (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\styles.css:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\styles.css.map:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Swedish House Mafia & The Weeknd - Moth To A Flame (Chris Lake Remix) (Clean Extended).mp3:com.dropbox.attrs [52]
    AlternateDataStreams: C:\Users\14153\Downloads\Swedish House Mafia - It Gets Better (NORII & VEATZ Remix) (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Swingers & Maximo ft Cash Hays - Afraid (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Telegram Desktop:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\TELYKast & Sam Gray - Unbreakable (Benny Benassi Remix) (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\tweaking.com_registry_backup_setup.exe:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\upperheader logo(1).jpg:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\upperheader logo(1).png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\upperheader logo(2).png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\upperheader logo.jpg:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\upperheader logo.png:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\validate.php:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Vito V - Miss U (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Vito V - Miss U (Instrumental).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\wcjnw_rosyt-trim-560b9d20-688c-4086-8c5a-f9058d5d5730.mp4:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\WildVibes & Luxe Agoris - Back To '95 (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Will Clarke & MK - My Church (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\woocommerce.6.9.3 (1).zip:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\woocommerce.6.9.3.zip:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\wp-mail-smtp-pro (1).zip:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\wp-mail-smtp-pro.zip:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\wpforms.zip:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\XMissionDomains_ConfidentialInformation.csv:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\zero-bs-crm (1).zip:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\zero-bs-crm (2).zip:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\zero-bs-crm.zip:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Downloads\Zhu - Risky Business (Mathame Remix) (Clean Extended).mp3:com.dropbox.attrs [54]
    AlternateDataStreams: C:\Users\14153\Documents\My Music:com.dropbox.attrs [54]

    ==================== Safe Mode (Whitelisted) ==================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

    ==================== Association (Whitelisted) =================

    ==================== Internet Explorer (Whitelisted) ==========

    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
    BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-08-17] (HP Inc. -> HP Inc.)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-13] (Microsoft Corporation -> Microsoft Corporation)
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-08-17] (HP Inc. -> HP Inc.)
    Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-09] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-09] (Microsoft Corporation -> Microsoft Corporation)
    Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-09] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-09] (Microsoft Corporation -> Microsoft Corporation)
    Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-09] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-09] (Microsoft Corporation -> Microsoft Corporation)
    Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-09] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-09] (Microsoft Corporation -> Microsoft Corporation)

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
    IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
    IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
    IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

    There are 7942 more sites.

    IE restricted site: HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\123simsen.com -> www.123simsen.com

    There are 7942 more sites.


    ==================== Hosts content: =========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2019-03-19 00:49 - 2022-09-25 15:07 - 000455966 ____R C:\WINDOWS\system32\drivers\etc\hosts
    0.0.0.0 app.adjust.com
    0.0.0.0 app.adjust.io
    0.0.0.0 app-sj01.marketo.com*
    0.0.0.0 t.appsflyer.com
    0.0.0.0 analytics.ff.avast.com
    0.0.0.0 analytics.ns1.ff.avast.com
    0.0.0.0 v7event.stats.avcdn.net
    0.0.0.0 v7.stats.avcdn.net
    0.0.0.0 ads.avocet.io
    0.0.0.0 telemetry.battle.net
    0.0.0.0 analytics.rollout.io
    0.0.0.0 metrics.ol.epicgames.com
    0.0.0.0 a.fiksu.com
    0.0.0.0 sdk.fiksu.com
    0.0.0.0 settings.crashlytics.com
    0.0.0.0 e.crashlytics.com
    0.0.0.0 firebase-settings.crashlytics.com
    0.0.0.0 flow.lavasoft.com
    0.0.0.0 telemetry.servers.getgo.com
    0.0.0.0 telemetry.malwarebytes.com
    0.0.0.0 ws.mcafee.com
    0.0.0.0 analytics.ccs.mcafee.com
    0.0.0.0 analyticsdcs.ccs.mcafee.com
    0.0.0.0 gate.hockeyapp.net
    0.0.0.0 h.online-metrix.net
    0.0.0.0 analytics.paddle.com
    0.0.0.0 treasuredata.com
    0.0.0.0 in.treasuredata.com
    0.0.0.0 redshell.io
    0.0.0.0 api.redshell.io

    There are 15644 more lines.


    ==================== Other Areas ===========================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\HP Backgrounds\backgroundDefault.jpg
    DNS Servers: 198.18.0.1 - 198.18.0.2
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (If an entry is included in the fixlist, it will be removed.)

    HKLM\...\StartupApproved\Run: => "SecurityHealth"
    HKLM\...\StartupApproved\Run: => "iTunesHelper"
    HKLM\...\StartupApproved\Run: => "LogiBolt"
    HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
    HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\StartupApproved\Run: => "HPSEU_Host_Launcher"
    HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\StartupApproved\Run: => "LogiBolt"
    HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\StartupApproved\Run: => "OXDrive"
    HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

    ==================== FirewallRules (Whitelisted) ================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [Microsoft-Windows-Unified-Telemetry-Client] => (Block) C:\WINDOWS\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
    FirewallRules: [{7C715A12-05FD-4F25-9044-231646E5AF88}] => (Allow) C:\Program Files\WindowsApps\microsoftteams_22006.600.1133.7409_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{44680985-0717-4AC4-BD4F-EF7620CC4C23}] => (Allow) C:\Program Files\WindowsApps\microsoftteams_22006.600.1133.7409_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{6B32CD23-7A9C-495D-A4F7-00459374C6A9}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.6.1\rekordboxAgent-win32-x64\rekordboxAgent.exe => No File
    FirewallRules: [{691AF930-4DB2-4D05-8F81-6A3A1A181B7B}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
    FirewallRules: [{E199B233-1B06-4F43-9032-A9ACCE813197}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{73A9AA7C-9DDC-4141-9F62-04C4E8A5E144}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{5737BFC7-20CD-4855-9818-91390706BD47}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{FC225627-32B2-4812-8631-C1F963959C56}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{B74D3EFC-FA45-4B0C-99F4-28E36CAC0683}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{611B404B-7556-4CAF-85CF-2CA3C87C12F5}] => (Allow) C:\Program Files\Razer\RzAppEngine\rzappengine.exe (Razer USA Ltd. -> Razer Inc.)
    FirewallRules: [{2F7F41D8-A41C-454F-B9DA-1DBF0EF944D4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{6B66EBEA-5D7D-44DD-8AEA-E713CF9D3FF5}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.6.3\rekordboxAgent-win32-x64\rekordboxAgent.exe => No File
    FirewallRules: [{44CB7E5B-F529-466B-8083-2F40032E7B0F}] => (Allow) C:\Program Files (x86)\iMobie\DroidKit\xldownload\download\MiniThunderPlatform.exe => No File
    FirewallRules: [{04B89027-B448-4005-9B90-84E092D979A2}] => (Allow) C:\Program Files (x86)\iMobie\DroidKit\xldownload\download\MiniThunderPlatform.exe => No File
    FirewallRules: [{958F8383-18C9-4F19-84C6-5EB0BB03EABA}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.6.4\rekordbox.exe (AlphaTheta Corporation -> AlphaTheta Corporation)
    FirewallRules: [{47522B05-78E4-40C4-8AA7-12AB62C9C7A9}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.6.4\psvnfsd.exe (AlphaTheta Corporation -> AlphaTheta Corporation)
    FirewallRules: [{B1FF13AC-61CD-4807-8B2E-D7D46A774DD7}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.6.4\psvlinksysmgr.exe (AlphaTheta Corporation -> AlphaTheta Corporation)
    FirewallRules: [{B786510A-4848-484A-A163-DE034865601E}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.6.4\edb_streamd.exe (AlphaTheta Corporation -> )
    FirewallRules: [{3C110FA3-93CF-40BC-84F3-36E608C5A0FE}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.6.4\ls-unity-rekordbox-win-64bit.exe (AlphaTheta Corporation -> )
    FirewallRules: [{9FCD0ACC-D1DA-4352-961F-0DE6DCFF0D79}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.6.4\rbHttpServer.exe (AlphaTheta Corporation -> )
    FirewallRules: [{30046464-C6D2-4D63-BF04-F2C7D792209F}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.6.4\rekordboxAgent-win32-x64\rekordboxAgent.exe (AlphaTheta Corporation -> AlphaTheta Corporation)
    FirewallRules: [{370A3385-A10E-4C64-B523-CB0ABB5ACB2F}] => (Allow) C:\Users\14153\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
    FirewallRules: [{3DC4302A-8099-4D81-957D-CBC4951A194E}] => (Allow) C:\Users\14153\AppData\Roaming\Zoom\bin\airhost.exe => No File
    FirewallRules: [{4E80B54C-2A18-499F-BF57-FB6F2A48513B}] => (Allow) C:\Users\14153\AppData\Roaming\Zoom\bin\airhost.exe => No File
    FirewallRules: [{BE521953-380A-45B2-93C5-27B2E9F1298D}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22227.300.1508.3394_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{F1A63BED-7674-44F9-989D-6AA03A4CD6BF}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22227.300.1508.3394_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{4C0967E8-69EB-4A1C-A218-D53D30834495}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{375BCA5F-FC8B-4F61-8BDA-3D32293AE3EF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{90F57D74-6B29-471E-AFE1-ADD23193B017}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{1625FF14-ECF6-4AB5-A37B-D2A7E7566984}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{6902B308-F744-4E54-AABC-188C9044A3E4}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
    FirewallRules: [{5BBC2C8B-E55E-4B99-89C1-AD3C3F6737C9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
    FirewallRules: [{8E260C97-BA5B-42F4-8EC4-53F7DB1A3BDA}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\105.0.1343.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{998B81DD-C559-4444-8BF2-C3F4BA0CA0EF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{2F1CA085-8410-452D-AE27-61BDCC6AC906}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{261D73F3-6D7D-4792-9C73-54666AEC05FF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{C30B73E7-479E-43F9-82BC-97730EF37F08}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{51A0AEA1-DE9C-49F3-9193-1217F3281CC5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{791CDB6E-EA06-41D1-B9CF-14776E1132EF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{AB640607-1179-45F7-ADD0-77A363C51110}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{07FBDBC0-B61B-4B93-9C77-984D32F031D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service

    ==================== Restore Points =========================

    23-09-2022 05:08:37 Installed FastVPN

    ==================== Faulty Device Manager Devices ============


    ==================== Event log errors: ========================

    Application errors:
    ==================
    Error: (09/25/2022 09:16:11 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: SDScan.exe, version: 2.9.82.195, time stamp: 0x61c0ac6b
    Faulting module name: hhctrl.ocx, version: 10.0.22000.653, time stamp: 0xbca60ce3
    Exception code: 0xc000041d
    Fault offset: 0x00012940
    Faulting process id: 0xa44
    Faulting application start time: 0x01d8d0d3bf95e4cf
    Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
    Faulting module path: C:\WINDOWS\SYSTEM32\hhctrl.ocx
    Report Id: ae18b507-5103-4a26-8072-3ae7c5eebaa3
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (09/25/2022 09:16:10 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: SDScan.exe, version: 2.9.82.195, time stamp: 0x61c0ac6b
    Faulting module name: hhctrl.ocx, version: 10.0.22000.653, time stamp: 0xbca60ce3
    Exception code: 0xc0000005
    Fault offset: 0x00012940
    Faulting process id: 0xa44
    Faulting application start time: 0x01d8d0d3bf95e4cf
    Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
    Faulting module path: C:\WINDOWS\SYSTEM32\hhctrl.ocx
    Report Id: ff156642-5e5c-4e31-9740-5bd587ff7261
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (09/25/2022 07:36:22 AM) (Source: DbxSvc) (EventID: 281) (User: )
    Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

    Error: (09/25/2022 07:36:22 AM) (Source: DbxSvc) (EventID: 281) (User: )
    Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

    Error: (09/25/2022 07:36:22 AM) (Source: DbxSvc) (EventID: 281) (User: )
    Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

    Error: (09/25/2022 07:36:22 AM) (Source: DbxSvc) (EventID: 281) (User: )
    Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

    Error: (09/25/2022 07:36:20 AM) (Source: DbxSvc) (EventID: 310) (User: )
    Description: Failed to get ANSI path for file: C:\WINDOWS\Minidump\8e3eae30-2b6d-47b2-8055-782ecee678a4.dmp

    Error: (09/25/2022 07:36:20 AM) (Source: DbxSvc) (EventID: 305) (User: )
    Description: Failed to open file: C:\WINDOWS\Minidump\8e3eae30-2b6d-47b2-8055-782ecee678a4.dmp, error: (2) The system cannot find the file specified.


    System errors:
    =============
    Error: (09/25/2022 03:06:33 PM) (Source: Server) (EventID: 2505) (User: )
    Description: The server could not bind to the transport \Device\NetBT_Tcpip_{1E78DD49-2AA7-4B91-A31F-70FF4B63FB78} because another computer on the network has the same name. The server could not start.

    Error: (09/25/2022 03:06:17 PM) (Source: Server) (EventID: 2505) (User: )
    Description: The server could not bind to the transport \Device\NetBT_Tcpip_{A4D9F3D1-7E43-4F5A-AFE0-A303BD814046} because another computer on the network has the same name. The server could not start.

    Error: (09/25/2022 07:38:13 AM) (Source: DCOM) (EventID: 10010) (User: CRAPTOP)
    Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.

    Error: (09/25/2022 07:37:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Microsoft Update Health Service service failed to start due to the following error:
    The service did not respond to the start or control request in a timely fashion.

    Error: (09/25/2022 07:37:00 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Update Health Service service to connect.

    Error: (09/25/2022 07:36:37 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
    Description: 322122548500

    Error: (09/25/2022 07:36:31 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
    Description: 322122548500

    Error: (09/25/2022 07:35:40 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
    Description: 322122548500


    Windows Defender:
    ================
    Date: 2022-09-05 17:39:57
    Description:
    Microsoft Defender Antivirus scan has been stopped before completion.
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2022-08-31 01:15:21
    Description:
    Microsoft Defender Antivirus scan has been stopped before completion.
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2022-08-12 13:53:32
    Description:
    Microsoft Defender Antivirus scan has been stopped before completion.
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2022-05-09 01:18:28
    Description:
    Microsoft Defender Antivirus scan has been stopped before completion.
    Scan Type: Antimalware
    Scan Parameters: Quick Scan
    Event[0]

    Date: 2022-09-07 07:07:09
    Description:
    Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
    Security intelligence Attempted: Current
    Error Code: 0x80070003
    Error description: The system cannot find the path specified.
    Security intelligence version: 0.0.0.0;0.0.0.0
    Engine version: 0.0.0.0

    Date: 2022-08-14 05:40:29
    Description:
    Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
    Security intelligence Attempted: Current
    Error Code: 0x80070003
    Error description: The system cannot find the path specified.
    Security intelligence version: 0.0.0.0;0.0.0.0
    Engine version: 0.0.0.0

    Date: 2022-08-13 18:22:05
    Description:
    Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
    Security intelligence Attempted: Current
    Error Code: 0x80070003
    Error description: The system cannot find the path specified.
    Security intelligence version: 0.0.0.0;0.0.0.0
    Engine version: 0.0.0.0

    Date: 2022-05-09 15:06:26
    Description:
    Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
    Security intelligence Attempted: Current
    Error Code: 0x80070003
    Error description: The system cannot find the path specified.
    Security intelligence version: 0.0.0.0;0.0.0.0
    Engine version: 0.0.0.0

    CodeIntegrity:
    ===============
    Date: 2022-09-25 15:14:04
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements.

    Date: 2022-09-25 15:10:46
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Microsoft signing level requirements.

    Date: 2022-09-25 15:06:49
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2022-09-25 15:06:27
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    BIOS: AMI F.22 01/05/2021
    Motherboard: HP 85DD
    Processor: AMD Ryzen 5 3500U with Radeon Vega Mobile Gfx
    Percentage of memory in use: 96%
    Total physical RAM: 6017.99 MB
    Available physical RAM: 217.74 MB
    Total Virtual: 11393.99 MB
    Available Virtual: 3524.92 MB

    ==================== Drives ================================

    Drive c: (Windows) (Fixed) (Total:237.66 GB) (Free:53.43 GB) (Model: SAMSUNG MZVLB256 SCSI Disk Device) NTFS

    \\?\Volume{5fb6b8af-d58d-472b-bdaa-a8c382b8e9cd}\ () (Fixed) (Total:0.54 GB) (Free:0.04 GB) NTFS
    \\?\Volume{4c01e353-904f-4085-a5ab-f92f409c5106}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32

    ==================== MBR & Partition Table ====================

    ==========================================================
    Disk: 0 (Size: 238.5 GB) (Disk ID: A50E1C7D)

    Partition: GPT.

    ==================== End of Addition.txt =======================

    Admin Edit
    Please do not add posts such as this:


    "Sooooo????"

    Helpers are volunteers in different time zones, not on call. This topic was posted at
    02:53 AM, a US time zone.
    Last edited by tashi; 2022-09-26 at 17:17. Reason: Merged two posts, as per forum FAQ

  2. #2
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Start Farbar Recovery Scan Tool with Administrator privileges
    (Right click on the FRST icon and select Run as administrator, just open it and let it wait)

    highlight on the text below and select Copy.
    beginning with Start:: and finishing with End::
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Start::
    CloseProcesses:
    CreateRestorePoint:
    HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
    HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
    HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
    HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
    HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
    Task: {105D676A-D551-4274-81E7-97AC52E4FD87} - \Microsoft\Windows\Speech\HeadsetButtonPress -> No File <==== ATTENTION
    Task: {1949073A-8FDA-4EA4-8E59-407CDB02440F} - \Microsoft\Windows\WindowsUpdate\sihpostreboot -> No File <==== ATTENTION
    Task: {45CF73C8-9A94-47C5-8E45-347738A58FC5} - \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser -> No File <==== ATTENTION
    Task: {5100A477-348F-48CA-A0F9-BA0C7018AC24} - \OneDrive Standalone Update Task-S-1-5-21-333564948-1973926124-3851408449-500 -> No File <==== ATTENTION
    Task: {8C1A570F-EE0F-4F8E-9CD6-1D341885064E} - \StartCN -> No File <==== ATTENTION
    Task: {B8F0DEC7-8392-4F57-9990-74FCB934033F} - \Microsoft\Windows\HelloFace\FODCleanupTask -> No File <==== ATTENTION
    Task: {CBFB6BE6-9828-4121-A91C-8ADE8B6B1C36} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
    Task: {DE2A43F0-28C2-4555-A528-BA5BC6826D0C} - \StartDVR -> No File <==== ATTENTION
    Task: {F4A84F86-1766-4197-958B-3547CD706E98} - \HPAudioSwitch -> No File <==== ATTENTION
    FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\antibeacon.js [2022-09-25] <==== ATTENTION (Points to *.cfg file)
    FF ExtraCheck: C:\Program Files\mozilla firefox\mozilla.cfg [2022-09-25] <==== ATTENTION
    ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
    ShortcutWithArgument: C:\Users\14153\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d0a67409181f9d30\Razer AppEngine.lnk -> C:\Program Files\Razer\RzAppEngine\rzappengine.exe (Razer Inc.) -> --application-host=apps.razer.com --profile-directory=Default hxxps://apps.razer.com/app-launcher/RzUiQiNlDnNMZ1NZ-HFhVAUiRz/
    ShortcutWithArgument: C:\Users\14153\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\GoT - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
    FirewallRules: [{6B32CD23-7A9C-495D-A4F7-00459374C6A9}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.6.1\rekordboxAgent-win32-x64\rekordboxAgent.exe => No File
    FirewallRules: [{6B66EBEA-5D7D-44DD-8AEA-E713CF9D3FF5}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.6.3\rekordboxAgent-win32-x64\rekordboxAgent.exe => No File
    FirewallRules: [{44CB7E5B-F529-466B-8083-2F40032E7B0F}] => (Allow) C:\Program Files (x86)\iMobie\DroidKit\xldownload\download\MiniThunderPlatform.exe => No File
    FirewallRules: [{04B89027-B448-4005-9B90-84E092D979A2}] => (Allow) C:\Program Files (x86)\iMobie\DroidKit\xldownload\download\MiniThunderPlatform.exe => No File
    FirewallRules: [{3DC4302A-8099-4D81-957D-CBC4951A194E}] => (Allow) C:\Users\14153\AppData\Roaming\Zoom\bin\airhost.exe => No File
    FirewallRules: [{4E80B54C-2A18-499F-BF57-FB6F2A48513B}] => (Allow) C:\Users\14153\AppData\Roaming\Zoom\bin\airhost.exe => No File
    EmptyTemp:
    C:\Windows\Temp\*.*
    End::
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    Press the Fix button. FRST will process the lines copied above from the clipboard.
    When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.

    Please copy and paste its contents in your next reply.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~``

    Malwarebytes AdwCleaner

    -------------------
    • Please download AdwCleaner and save it to your Desktop
    • Close all open programs and browsers

      Double click AdwCleaner.exe to run it.
      Click Scan Now ...
      When the scan has finished a Scan Results window will open.
      Click Cancel (at this point do not attempt to Quarantine anything that is found)
      Now click the Log Files tab ...
      Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number, the latest scan will have the largest number)
      A Notepad file will open containing the results of the scan.

      Please post the contents of the file in your next reply.

    ===================================================

    Run Malwarebytes Anti-Malware

    When MalwareBytes is downloaded it will come as Premium version, you can allow this for now then after the trial version is over it will become on demand scanner if you wish to keep it.
    You may have Malwarebytes Anti-Malware installed but if not, you can download it from here:
    • run the program
    • click on the ‘Dashboard’ to make sure everything is up to date, (it is not necessary to upgrade to the premium version of MBAM)
    • click on the ‘Scan’ tab, (directly below the Dashboard tab)
    • select the Threat Scan option
    • slick the Scan Now button
    • Threat Scan will begin
    • when the scan has completed and if malware was found, click the Quarantine Selected button to allow MBAM to quarantine what was found
    • if prompted to restart the computer, close all other programs and click Yes to restart your computer
    • once you are back at your desktop, open MBAM once more
    • click on the ‘Reports’ tab
    • double-click on the most recent Scan Report
    • click on Export, then Copy to Clipboard

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`

    Please post these logs when finished.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  3. #3
    Junior Member
    Join Date
    Sep 2022
    Posts
    6

    Default

    Fix result of Farbar Recovery Scan Tool (x64) Version: 30-08-2022
    Ran by 14153 (27-09-2022 08:35:17) Run:1
    Running from C:\Users\14153\Desktop
    Loaded Profiles: 14153
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    Start::
    CloseProcesses:
    CreateRestorePoint:
    HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
    HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
    HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
    HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
    HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
    Task: {105D676A-D551-4274-81E7-97AC52E4FD87} - \Microsoft\Windows\Speech\HeadsetButtonPress -> No File <==== ATTENTION
    Task: {1949073A-8FDA-4EA4-8E59-407CDB02440F} - \Microsoft\Windows\WindowsUpdate\sihpostreboot -> No File <==== ATTENTION
    Task: {45CF73C8-9A94-47C5-8E45-347738A58FC5} - \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser -> No File <==== ATTENTION
    Task: {5100A477-348F-48CA-A0F9-BA0C7018AC24} - \OneDrive Standalone Update Task-S-1-5-21-333564948-1973926124-3851408449-500 -> No File <==== ATTENTION
    Task: {8C1A570F-EE0F-4F8E-9CD6-1D341885064E} - \StartCN -> No File <==== ATTENTION
    Task: {B8F0DEC7-8392-4F57-9990-74FCB934033F} - \Microsoft\Windows\HelloFace\FODCleanupTask -> No File <==== ATTENTION
    Task: {CBFB6BE6-9828-4121-A91C-8ADE8B6B1C36} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
    Task: {DE2A43F0-28C2-4555-A528-BA5BC6826D0C} - \StartDVR -> No File <==== ATTENTION
    Task: {F4A84F86-1766-4197-958B-3547CD706E98} - \HPAudioSwitch -> No File <==== ATTENTION
    FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\antibeacon.js [2022-09-25] <==== ATTENTION (Points to *.cfg file)
    FF ExtraCheck: C:\Program Files\mozilla firefox\mozilla.cfg [2022-09-25] <==== ATTENTION
    ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
    ShortcutWithArgument: C:\Users\14153\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d0a67409181f9d30\Razer AppEngine.lnk -> C:\Program Files\Razer\RzAppEngine\rzappengine.exe (Razer Inc.) -> --application-host=apps.razer.com --profile-directory=Default hxxps://apps.razer.com/app-launcher/RzUiQiNlDnNMZ1NZ-HFhVAUiRz/
    ShortcutWithArgument: C:\Users\14153\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\GoT - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
    FirewallRules: [{6B32CD23-7A9C-495D-A4F7-00459374C6A9}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.6.1\rekordboxAgent-win32-x64\rekordboxAgent.exe => No File
    FirewallRules: [{6B66EBEA-5D7D-44DD-8AEA-E713CF9D3FF5}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.6.3\rekordboxAgent-win32-x64\rekordboxAgent.exe => No File
    FirewallRules: [{44CB7E5B-F529-466B-8083-2F40032E7B0F}] => (Allow) C:\Program Files (x86)\iMobie\DroidKit\xldownload\download\MiniThunderPlatform.exe => No File
    FirewallRules: [{04B89027-B448-4005-9B90-84E092D979A2}] => (Allow) C:\Program Files (x86)\iMobie\DroidKit\xldownload\download\MiniThunderPlatform.exe => No File
    FirewallRules: [{3DC4302A-8099-4D81-957D-CBC4951A194E}] => (Allow) C:\Users\14153\AppData\Roaming\Zoom\bin\airhost.exe => No File
    FirewallRules: [{4E80B54C-2A18-499F-BF57-FB6F2A48513B}] => (Allow) C:\Users\14153\AppData\Roaming\Zoom\bin\airhost.exe => No File
    EmptyTemp:
    C:\Windows\Temp\*.*
    End::
    *****************

    Processes closed successfully.
    Restore point was successfully created.
    HKLM\SOFTWARE\Microsoft\Windows Defender\"DisableAntiSpyware"="0" => value restored successfully
    HKLM\SOFTWARE\Microsoft\Windows Defender\"DisableAntiVirus"="0" => value restored successfully
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
    HKLM\SOFTWARE\Policies\Mozilla => removed successfully
    HKLM\SOFTWARE\Policies\Google => removed successfully
    HKU\S-1-5-21-2005052208-2991255159-2390639066-1001\SOFTWARE\Policies\Google => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{105D676A-D551-4274-81E7-97AC52E4FD87}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{105D676A-D551-4274-81E7-97AC52E4FD87}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Speech\HeadsetButtonPress" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1949073A-8FDA-4EA4-8E59-407CDB02440F}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1949073A-8FDA-4EA4-8E59-407CDB02440F}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsUpdate\sihpostreboot" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45CF73C8-9A94-47C5-8E45-347738A58FC5}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45CF73C8-9A94-47C5-8E45-347738A58FC5}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5100A477-348F-48CA-A0F9-BA0C7018AC24}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5100A477-348F-48CA-A0F9-BA0C7018AC24}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-333564948-1973926124-3851408449-500" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C1A570F-EE0F-4F8E-9CD6-1D341885064E}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C1A570F-EE0F-4F8E-9CD6-1D341885064E}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\StartCN" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B8F0DEC7-8392-4F57-9990-74FCB934033F}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8F0DEC7-8392-4F57-9990-74FCB934033F}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\HelloFace\FODCleanupTask" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{CBFB6BE6-9828-4121-A91C-8ADE8B6B1C36}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBFB6BE6-9828-4121-A91C-8ADE8B6B1C36}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Management\Provisioning\PostResetBoot" => not found
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DE2A43F0-28C2-4555-A528-BA5BC6826D0C}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE2A43F0-28C2-4555-A528-BA5BC6826D0C}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\StartDVR" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F4A84F86-1766-4197-958B-3547CD706E98}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4A84F86-1766-4197-958B-3547CD706E98}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPAudioSwitch" => removed successfully
    C:\Program Files\mozilla firefox\defaults\pref\antibeacon.js => moved successfully
    C:\Program Files\mozilla firefox\mozilla.cfg => moved successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
    C:\Users\14153\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d0a67409181f9d30\Razer AppEngine.lnk => Shortcut argument removed successfully
    C:\Users\14153\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\GoT - Chrome.lnk => Shortcut argument removed successfully
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6B32CD23-7A9C-495D-A4F7-00459374C6A9}" => removed successfully
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6B66EBEA-5D7D-44DD-8AEA-E713CF9D3FF5}" => removed successfully
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{44CB7E5B-F529-466B-8083-2F40032E7B0F}" => removed successfully
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{04B89027-B448-4005-9B90-84E092D979A2}" => removed successfully
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3DC4302A-8099-4D81-957D-CBC4951A194E}" => removed successfully
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4E80B54C-2A18-499F-BF57-FB6F2A48513B}" => removed successfully

    =========== "C:\Windows\Temp\*.*" ==========

    C:\Windows\Temp\CRAPTOP-20220925-0734.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220925-0808.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220925-0941.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220925-1332.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220925-1346.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220925-1519.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220925-1542.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220925-1623.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220925-1633.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220925-1841.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220925-1907.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220925-1914.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220925-1930.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220925-2014.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220925-2148.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220925-2218.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220925-2228.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220925-2253.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220925-2301.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-0022.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-0400.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-0523.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-0536.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-0559.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-0800.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-0806.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-0827.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-0837.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-1224.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-1225.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-1332.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-1344.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-1355.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-1828.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-1830.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-1836.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-1932.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-1932a.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-1933.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-2321.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-2325.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-2337.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-2338.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-2338a.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-2342.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-2348.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220926-2352.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220927-0156.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220927-0157.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220927-0158.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220927-0214.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220927-0331.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220927-0348.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220927-0400.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220927-0402.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220927-0412.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220927-0417.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220927-0418.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220927-0456.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220927-0527.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220927-0536.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220927-0542.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220927-0615.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220927-0643.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220927-0711.log => moved successfully
    C:\Windows\Temp\CRAPTOP-20220927-0821.log => moved successfully
    Could not move "C:\Windows\Temp\CRAPTOP-20220927-0835.log" => Scheduled to move on reboot.
    C:\Windows\Temp\FXSAPIDebugLogFile.txt => moved successfully
    C:\Windows\Temp\FXSTIFFDebugLogFile.txt => moved successfully
    C:\Windows\Temp\MpSigStub.log => moved successfully
    C:\Windows\Temp\msedge_installer.log => moved successfully
    C:\Windows\Temp\officeclicktorun.exe_streamserver(2022092507345414B0).log => moved successfully
    C:\Windows\Temp\officeclicktorun.exe_streamserver(20220926082740127C).log => moved successfully
    Could not move "C:\Windows\Temp\officeclicktorun.exe_streamserver(2022092708351950C4).log" => Scheduled to move on reboot.
    C:\Windows\Temp\TBitDefenderUpdaterThread.log => moved successfully
    C:\Windows\Temp\TSpybotUpdaterThread.log => moved successfully
    C:\Windows\Temp\u1rg.0 => moved successfully
    C:\Windows\Temp\u1rg.1 => moved successfully
    C:\Windows\Temp\u1rg.2 => moved successfully
    C:\Windows\Temp\u1rg.3 => moved successfully
    C:\Windows\Temp\u258.0 => moved successfully
    C:\Windows\Temp\u258.1 => moved successfully
    C:\Windows\Temp\u258.2 => moved successfully
    C:\Windows\Temp\u258.3 => moved successfully

    ========= End -> "C:\Windows\Temp\*.*" ========


    =========== EmptyTemp: ==========

    FlushDNS => completed
    BITS transfer queue => 1835008 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11625935 B
    Java, Discord, Steam htmlcache => 0 B
    Windows/system/drivers => 0 B
    Edge => 0 B
    Chrome => 500844874 B
    Firefox => 46754488 B
    Opera => 0 B

    Temp, IE cache, history, cookies, recent:
    Default => 0 B
    ProgramData => 0 B
    Public => 0 B
    systemprofile => 0 B
    systemprofile32 => 0 B
    LocalService => 66352 B
    NetworkService => 74140 B
    14153 => 423554787 B

    RecycleBin => 17482082 B
    EmptyTemp: => 955.8 MB temporary data Removed.

    ================================

    Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 27-09-2022 08:38:41)

    C:\Windows\Temp\CRAPTOP-20220927-0835.log => Is moved successfully
    C:\Windows\Temp\officeclicktorun.exe_streamserver(2022092708351950C4).log => Is moved successfully

    ==== End of Fixlog 08:38:41 ====

  4. #4
    Junior Member
    Join Date
    Sep 2022
    Posts
    6

    Default

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Scan Date: 9/27/22
    Scan Time: 9:01 AM
    Log File: 85b3743e-3e64-11ed-af2e-ec5c68df0066.json

    -Software Information-
    Version: 4.5.14.210
    Components Version: 1.0.1767
    Update Package Version: 1.0.60430
    License: Trial

    -System Information-
    OS: Windows 11 (Build 22000.1042)
    CPU: x64
    File System: NTFS
    User: CRAPTOP\14153

    -Scan Summary-
    Scan Type: Threat Scan
    Scan Initiated By: Manual
    Result: Completed
    Objects Scanned: 296069
    Threats Detected: 0
    Threats Quarantined: 0
    Time Elapsed: 0 min, 46 sec

    -Scan Options-
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Detect
    PUM: Detect

    -Scan Details-
    Process: 0
    (No malicious items detected)

    Module: 0
    (No malicious items detected)

    Registry Key: 0
    (No malicious items detected)

    Registry Value: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Data Stream: 0
    (No malicious items detected)

    Folder: 0
    (No malicious items detected)

    File: 0
    (No malicious items detected)

    Physical Sector: 0
    (No malicious items detected)

    WMI: 0
    (No malicious items detected)


    (end)

  5. #5
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Good morning
    Have you run the AdwCleaner scan?

    How is the computer at the moment?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  6. #6
    Junior Member
    Join Date
    Sep 2022
    Posts
    6

    Default

    Quote Originally Posted by Juliet View Post
    Good morning
    Have you run the AdwCleaner scan?

    How is the computer at the moment?

    aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
    Run date: 2022-09-27 17:12:46
    -----------------------------
    17:12:46.941 OS Version: Windows x64 6.2.9200
    17:12:46.942 Number of processors: 8 586 0x1801
    17:12:46.944 ComputerName: CRAPTOP UserName: 14153
    17:12:48.080 Initialize success
    17:12:48.154 VM: initialized successfully
    17:12:48.156 VM: Amd CPU supported
    17:14:14.120 The log file has been saved successfully to "C:\Users\14153\Desktop\aswMBR.txt"



    ITS WORKING pretty6 good but ther keyboard keeps **** up every once in a while b but that could just be the hardware and not that.
    Last edited by tashi; 2022-09-28 at 01:11. Reason: ****

  7. #7
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Quote Originally Posted by DVSMIND View Post

    ITS WORKING pretty6 good but ther keyboard keeps **** up every once in a while b but that could just be the hardware and not that.
    Good, typically hardware or batteries for a wireless mouse.

    Malwarebytes AdwCleaner

    -------------------
    The below is the Adwcleaner scan
    • Please download AdwCleaner and save it to your Desktop
    • Close all open programs and browsers

      Double click AdwCleaner.exe to run it.
      Click Scan Now ...
      When the scan has finished a Scan Results window will open.
      Click Cancel (at this point do not attempt to Quarantine anything that is found)
      Now click the Log Files tab ...
      Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number, the latest scan will have the largest number)
      A Notepad file will open containing the results of the scan.

    Please post the contents of the file in your next reply.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  8. #8
    Junior Member
    Join Date
    Sep 2022
    Posts
    6

    Default

    Quote Originally Posted by Juliet View Post
    Good, typically hardware or batteries for a wireless mouse.

    Malwarebytes AdwCleaner

    -------------------
    The below is the Adwcleaner scan
    • Please download AdwCleaner and save it to your Desktop
    • Close all open programs and browsers

      Double click AdwCleaner.exe to run it.
      Click Scan Now ...
      When the scan has finished a Scan Results window will open.
      Click Cancel (at this point do not attempt to Quarantine anything that is found)
      Now click the Log Files tab ...
      Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number, the latest scan will have the largest number)
      A Notepad file will open containing the results of the scan.

    Please post the contents of the file in your next reply.


    # -------------------------------
    # Malwarebytes AdwCleaner 8.4.0.0
    # -------------------------------
    # Build: 08-30-2022
    # Database: 2022-08-22.1 (Cloud)
    # Support: https://www.malwarebytes.com/support
    #
    # -------------------------------
    # Mode: Scan
    # -------------------------------
    # Start: 09-27-2022
    # Duration: 00:00:15
    # OS: Windows 11 (Build 22000.1042)
    # Scanned: 32098
    # Detected: 23


    ***** [ Services ] *****

    No malicious services found.

    ***** [ Folders ] *****

    PUP.Optional.SysTweak C:\Users\14153\AppData\Roaming\Systweak

    ***** [ Files ] *****

    No malicious files found.

    ***** [ DLL ] *****

    No malicious DLLs found.

    ***** [ WMI ] *****

    No malicious WMI found.

    ***** [ Shortcuts ] *****

    No malicious shortcuts found.

    ***** [ Tasks ] *****

    No malicious tasks found.

    ***** [ Registry ] *****

    PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
    PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
    PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7D2B3E1D-D096-4594-9D8F-A6667F12E0AC}
    PUP.Optional.Legacy HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
    PUP.Optional.Legacy HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
    PUP.Optional.Legacy HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
    PUP.Optional.Legacy HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com

    ***** [ Chromium (and derivatives) ] *****

    No malicious Chromium entries found.

    ***** [ Chromium URLs ] *****

    No malicious Chromium URLs found.

    ***** [ Firefox (and derivatives) ] *****

    No malicious Firefox entries found.

    ***** [ Firefox URLs ] *****

    No malicious Firefox URLs found.

    ***** [ Hosts File Entries ] *****

    No malicious hosts file entries found.

    ***** [ Preinstalled Software ] *****

    Preinstalled.HPAudioSwitch Folder C:\Program Files (x86)\HP\HPAUDIOSWITCH
    Preinstalled.HPCleanFLC Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|HPSEU_Host_Launcher
    Preinstalled.HPCleanFLC Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Run|HPSEU_Host_Launcher
    Preinstalled.HPRegistrationService Folder C:\ProgramData\HP\HP REGISTRATION SERVICE
    Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
    Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
    Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
    Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
    Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
    Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
    Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
    Preinstalled.HPSureConnect Folder C:\Program Files\HPCOMMRECOVERY
    Preinstalled.HPSureConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6}
    Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
    Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}


    AdwCleaner[S00].txt - [4181 octets] - [27/09/2022 19:07:22]
    AdwCleaner[S01].txt - [4242 octets] - [27/09/2022 19:12:25]

    ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########
    [b
    [/B]

  9. #9
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    The scan found quite a bit of preinstalled items. If you don't use these things, many people don't, you can open the tool and run the tool again and remove those off your machine.

    From here I usually have people run an online scan to look for remnants but if your computer is doing good at this point I'll leave it up to you if you want to or not or we can remove tools and quarantine folders.

    ESET Online Scanner

    --------------------

    Note: You can expect this process to take a long time, up to several hours or more.
    • Download ESET Free Online Scanner and save it to your Desktop
    • Right click on esetonlinescanner_enu.exe and select Run as administrator
    • Click Computer Scan
    • Click Full scan
    • Select Enable ESET to detect and quarantine potentially unwanted applications
    • Click Start scan
    • Once completed click Save scan log and save it to your Desktop as ESETScan.txt
    • Click Continue then finally click Close
    • Copy and paste the ESETScan.txt file contents in your reply
    ===================================================
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  10. #10
    Junior Member
    Join Date
    Sep 2022
    Posts
    6

    Default

    Quote Originally Posted by Juliet View Post
    The scan found quite a bit of preinstalled items. If you don't use these things, many people don't, you can open the tool and run the tool again and remove those off your machine.

    From here I usually have people run an online scan to look for remnants but if your computer is doing good at this point I'll leave it up to you if you want to or not or we can remove tools and quarantine folders.

    ESET Online Scanner

    --------------------

    Note: You can expect this process to take a long time, up to several hours or more.
    • Download ESET Free Online Scanner and save it to your Desktop
    • Right click on esetonlinescanner_enu.exe and select Run as administrator
    • Click Computer Scan
    • Click Full scan
    • Select Enable ESET to detect and quarantine potentially unwanted applications
    • Click Start scan
    • Once completed click Save scan log and save it to your Desktop as ESETScan.txt
    • Click Continue then finally click Close
    • Copy and paste the ESETScan.txt file contents in your reply
    ===================================================
    thanks you for your help Juliet!!!!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •