Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93116 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Very slow Desktop PC - infected vs cluttered?

Started by BobDylan , Aug 14 2022 10:13 PM

  • This topic is locked This topic is locked
8 replies to this topic

#1 BobDylan

BobDylan

    Authentic Member

  • Authentic Member
  • PipPip
  • 90 posts

Posted 14 August 2022 - 10:13 PM

Hi - I've had good luck with this forum over the years for various issues.

Now trying to speed up another PC (Windows 10, 64-bit) - but not sure if it's infected or just cluttered.

Tried clearing the history and Malware Malbytes only found 4 things, and neither of those helped.

Any help would be much appreciated!

Thanks!

 

Here are the FRST.TXT and ADDITION.TXt from the FRST64 scan:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-08-2022
Ran by whend (administrator) on DESKTOP-LU3H5RD (eMachines ET1831) (14-08-2022 23:52:44)
Running from C:\Users\whend\Downloads
Loaded Profiles: whend
Platform: Microsoft Windows 10 Home Version 21H1 19043.1415 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(C:\Program Files (x86)\Citrix\ICA Client\concentr.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\104.0.1293.54\identity_helper.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <14>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\5.1.104.0\McCSPServiceHost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC.) C:\Program Files (x86)\McAfee\McAfee Safe Connect\SafeConnect.ServiceHost.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(svchost.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files (x86)\McAfee Security Scan\4.1.213\SSScheduler.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [638352 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [407440 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1872640924-3164439144-4185476810-1001\...\Run: [MicrosoftEdgeAutoLaunch_E81C6A45C6139B6CA95B2AC68DA1BFDC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827128 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\104.0.5112.81\Installer\chrmstp.exe [2022-08-13] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2022-05-10]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\4.1.213\SSScheduler.exe (McAfee, LLC -> McAfee, LLC)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {09A478B3-40DA-49BB-9636-9D67779E82C3} - System32\Tasks\SecurityScannerScheduler => C:\Program Files (x86)\McAfee Security Scan\4.1.213\SSScheduler.exe [786328 2022-03-25] (McAfee, LLC -> McAfee, LLC)
Task: {35C0F81F-74B7-4021-97DE-A6280FFAE44F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-20] (Google LLC -> Google LLC)
Task: {4914315E-1DD3-4786-BDC6-D0C6DBE0A8D0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {516FCF04-B373-4C0F-9A53-AA0F96C04493} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-20] (Google LLC -> Google LLC)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{29e36046-a11a-42f7-8c40-663822dfd81a}: [DhcpNameServer] 192.168.1.1
 
Edge: 
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\whend\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-08-14]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\whend\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\bojobppfploabceghnmlahpoonbcbacn [2022-08-14]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
 
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\whend\AppData\Local\Google\Chrome\User Data\Default [2022-07-12]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\whend\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-07-12]
CHR Extension: (Google Docs Offline) - C:\Users\whend\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\whend\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8680192 2022-08-14] (Malwarebytes Inc. -> Malwarebytes)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\4.1.213\McCHSvc.exe [317904 2022-03-25] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\5.1.104.0\\McCSPServiceHost.exe [3378048 2022-02-17] (McAfee, LLC -> McAfee, LLC)
R2 SafeConnectService; C:\Program Files (x86)\McAfee\McAfee Safe Connect\SafeConnect.ServiceHost.exe [29312 2022-04-26] (McAfee, LLC -> McAfee, LLC.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.5-0\NisSrv.exe [3125128 2022-08-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.5-0\MsMpEng.exe [133560 2022-08-13] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (All) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 1394ohci; C:\WINDOWS\System32\drivers\1394ohci.sys [266240 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 3ware; C:\WINDOWS\System32\drivers\3ware.sys [107320 2019-12-07] (Microsoft Windows -> LSI)
R0 ACPI; C:\WINDOWS\System32\drivers\ACPI.sys [809288 2021-05-20] (Microsoft Windows -> Microsoft Corporation)
S3 AcpiDev; C:\WINDOWS\System32\drivers\AcpiDev.sys [23040 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 acpiex; C:\WINDOWS\System32\Drivers\acpiex.sys [139792 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 acpipagr; C:\WINDOWS\System32\drivers\acpipagr.sys [14336 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 AcpiPmi; C:\WINDOWS\System32\drivers\acpipmi.sys [18432 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 acpitime; C:\WINDOWS\System32\drivers\acpitime.sys [16384 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Acx01000; C:\WINDOWS\System32\drivers\Acx01000.sys [415232 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 ADP80XX; C:\WINDOWS\System32\drivers\ADP80XX.SYS [1135416 2019-12-07] (Microsoft Windows -> PMC-Sierra)
R1 AFD; C:\WINDOWS\system32\drivers\afd.sys [650064 2021-11-29] (Microsoft Windows -> Microsoft Corporation)
R1 afunix; C:\WINDOWS\system32\drivers\afunix.sys [41984 2021-08-03] (Microsoft Windows -> Microsoft Corporation)
R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2021-08-03] (Microsoft Windows -> Microsoft Corporation)
R1 ahcache; C:\WINDOWS\System32\DRIVERS\ahcache.sys [292352 2021-04-15] (Microsoft Windows -> Microsoft Corporation)
S3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [18432 2019-12-07] (Microsoft Windows -> Advanced Micro Devices, Inc)
S3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [45568 2019-12-07] (Microsoft Windows -> Advanced Micro Devices, Inc)
S3 AmdK8; C:\WINDOWS\System32\drivers\amdk8.sys [207160 2020-10-23] (Microsoft Windows -> Microsoft Corporation)
S3 AmdPPM; C:\WINDOWS\System32\drivers\amdppm.sys [211256 2020-10-23] (Microsoft Windows -> Microsoft Corporation)
S0 amdsata; C:\WINDOWS\System32\drivers\amdsata.sys [83256 2019-12-07] (Microsoft Windows -> Advanced Micro Devices)
S0 amdsbs; C:\WINDOWS\System32\drivers\amdsbs.sys [259384 2019-12-07] (Microsoft Windows -> AMD Technologies Inc.)
S0 amdxata; C:\WINDOWS\System32\drivers\amdxata.sys [26936 2019-12-07] (Microsoft Windows -> Advanced Micro Devices)
S3 AppID; C:\WINDOWS\System32\drivers\appid.sys [214840 2021-12-25] (Microsoft Windows -> Microsoft Windows)
S3 applockerfltr; C:\WINDOWS\System32\drivers\applockerfltr.sys [18432 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
S0 arcsas; C:\WINDOWS\System32\drivers\arcsas.sys [131896 2019-12-07] (Microsoft Windows -> PMC-Sierra, Inc.)
S3 AsyncMac; C:\WINDOWS\System32\drivers\asyncmac.sys [31232 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 atapi; C:\WINDOWS\System32\drivers\atapi.sys [30032 2021-10-20] (Microsoft Windows -> Microsoft Corporation)
S0 b06bdrv; C:\WINDOWS\System32\drivers\bxvbda.sys [533816 2019-12-07] (Microsoft Windows -> QLogic Corporation)
R1 bam; C:\WINDOWS\System32\drivers\bam.sys [78136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_65ab9a260dbf7467\BasicDisplay.sys [68608 2021-04-15] (Microsoft Windows -> Microsoft Corporation)
R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_df49c4daa6251397\BasicRender.sys [38912 2021-04-15] (Microsoft Windows -> Microsoft Corporation)
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [41272 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 bcmfn2; C:\WINDOWS\System32\drivers\bcmfn2.sys [9728 2019-12-07] (Microsoft Windows -> Windows ® Win 7 DDK provider)
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [10240 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 bindflt; C:\WINDOWS\system32\drivers\bindflt.sys [148816 2021-10-20] (Microsoft Windows -> Microsoft Corporation)
R3 bowser; C:\WINDOWS\System32\DRIVERS\bowser.sys [117760 2021-08-03] (Microsoft Windows -> Microsoft Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthEnum; C:\WINDOWS\System32\drivers\BthEnum.sys [113664 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthLEEnum; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [106496 2020-09-09] (Microsoft Windows -> Microsoft Corporation)
S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [45568 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [76800 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 BTHPORT; C:\WINDOWS\System32\drivers\BTHport.sys [1559552 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
S3 BTHUSB; C:\WINDOWS\System32\drivers\BTHUSB.sys [110592 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
S0 bttflt; C:\WINDOWS\System32\drivers\bttflt.sys [43832 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 buttonconverter; C:\WINDOWS\System32\drivers\buttonconverter.sys [44032 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 CAD; C:\WINDOWS\System32\drivers\CAD.sys [66576 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 cdfs; C:\WINDOWS\System32\DRIVERS\cdfs.sys [100864 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 cdrom; C:\WINDOWS\System32\drivers\cdrom.sys [175616 2021-10-20] (Microsoft Windows -> Microsoft Corporation)
S0 cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [319800 2019-12-07] (Microsoft Windows -> Chelsio Communications)
S3 cht4vbd; C:\WINDOWS\System32\drivers\cht4vx64.sys [1853752 2019-12-07] (Microsoft Windows -> Chelsio Communications)
R1 CimFS; C:\Windows\System32\Drivers\CimFS.sys [98304 2021-10-20] (Microsoft Windows -> )
S3 circlass; C:\WINDOWS\System32\drivers\circlass.sys [52224 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 CldFlt; C:\WINDOWS\System32\drivers\cldflt.sys [496640 2021-11-29] (Microsoft Windows -> Microsoft Corporation)
R0 CLFS; C:\WINDOWS\System32\drivers\CLFS.sys [409456 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
S3 CmBatt; C:\WINDOWS\System32\drivers\CmBatt.sys [36864 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 CNG; C:\WINDOWS\System32\Drivers\cng.sys [746416 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
S4 cnghwassist; C:\WINDOWS\System32\DRIVERS\cnghwassist.sys [40968 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 CompositeBus; C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys [41984 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 condrv; C:\WINDOWS\System32\drivers\condrv.sys [57144 2021-08-03] (Microsoft Windows -> Microsoft Corporation)
R1 ctxusbm; C:\WINDOWS\system32\DRIVERS\ctxusbm.sys [139888 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S1 dam; C:\WINDOWS\System32\drivers\dam.sys [97096 2021-06-15] (Microsoft Windows -> Microsoft Corporation)
R1 Dfsc; C:\WINDOWS\System32\Drivers\dfsc.sys [152064 2021-03-09] (Microsoft Windows -> Microsoft Corporation)
R0 disk; C:\WINDOWS\System32\drivers\disk.sys [98624 2021-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 dmvsc; C:\WINDOWS\System32\drivers\dmvsc.sys [59192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 drmkaud; C:\WINDOWS\System32\drivers\drmkaud.sys [16128 2021-01-13] (Microsoft Windows -> Microsoft Corporation)
R1 DXGKrnl; C:\WINDOWS\System32\drivers\dxgkrnl.sys [3813688 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
S0 ebdrv; C:\WINDOWS\System32\drivers\evbda.sys [3418936 2019-12-07] (Microsoft Windows -> QLogic Corporation)
S0 EhStorClass; C:\WINDOWS\System32\drivers\EhStorClass.sys [95032 2021-05-20] (Microsoft Windows -> Microsoft Corporation)
S0 EhStorTcgDrv; C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys [124728 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 ErrDev; C:\WINDOWS\System32\drivers\errdev.sys [15872 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-08-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [417608 2021-11-29] (Microsoft Windows -> Microsoft Corporation)
S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [425288 2021-11-29] (Microsoft Windows -> Microsoft Corporation)
S3 fdc; C:\WINDOWS\System32\drivers\fdc.sys [34816 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 FileCrypt; C:\WINDOWS\System32\drivers\filecrypt.sys [59392 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 FileInfo; C:\WINDOWS\System32\drivers\fileinfo.sys [94736 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Filetrace; C:\WINDOWS\System32\drivers\filetrace.sys [40448 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 flpydisk; C:\WINDOWS\System32\drivers\flpydisk.sys [28672 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 FltMgr; C:\WINDOWS\System32\drivers\fltmgr.sys [435000 2021-08-24] (Microsoft Windows -> Microsoft Corporation)
S3 FsDepends; C:\WINDOWS\System32\drivers\FsDepends.sys [69968 2021-04-15] (Microsoft Windows -> Microsoft Corporation)
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [33592 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 fvevol; C:\WINDOWS\System32\DRIVERS\fvevol.sys [801608 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
S3 gencounter; C:\WINDOWS\System32\drivers\vmgencounter.sys [23864 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 genericusbfn; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [23040 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 GPIOClx0101; C:\WINDOWS\System32\Drivers\msgpioclx.sys [183112 2020-09-09] (Microsoft Windows -> Microsoft Corporation)
R1 GpuEnergyDrv; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [8704 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 HdAudAddService; C:\WINDOWS\System32\drivers\HdAudio.sys [430080 2020-09-02] (Microsoft Windows -> Microsoft Corporation)
R3 HDAudBus; C:\WINDOWS\System32\drivers\HDAudBus.sys [139776 2021-07-10] (Microsoft Windows -> Microsoft Corporation)
S3 HidBatt; C:\WINDOWS\System32\drivers\HidBatt.sys [39440 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 HidBth; C:\WINDOWS\System32\drivers\hidbth.sys [120320 2020-09-02] (Microsoft Windows -> Microsoft Corporation)
S3 hidi2c; C:\WINDOWS\System32\drivers\hidi2c.sys [57344 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 hidinterrupt; C:\WINDOWS\System32\drivers\hidinterrupt.sys [55824 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 HidIr; C:\WINDOWS\System32\drivers\hidir.sys [48640 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [66560 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 HidUsb; C:\WINDOWS\System32\drivers\hidusb.sys [44032 2021-04-15] (Microsoft Windows -> Microsoft Corporation)
S0 HpSAMD; C:\WINDOWS\System32\drivers\HpSAMD.sys [64312 2019-12-07] (Microsoft Windows -> Hewlett-Packard Company)
R3 HTTP; C:\WINDOWS\System32\drivers\HTTP.sys [1577784 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
S4 hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [35128 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 hvservice; C:\WINDOWS\System32\drivers\hvservice.sys [95056 2021-09-25] (Microsoft Windows -> Microsoft Corporation)
S3 HwNClx0101; C:\WINDOWS\System32\Drivers\mshwnclx.sys [30208 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 hwpolicy; C:\WINDOWS\System32\drivers\hwpolicy.sys [33096 2020-09-02] (Microsoft Windows -> Microsoft Corporation)
S3 hyperkbd; C:\WINDOWS\System32\drivers\hyperkbd.sys [27448 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 HyperVideo; C:\WINDOWS\System32\drivers\HyperVideo.sys [41784 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 i8042prt; C:\WINDOWS\System32\drivers\i8042prt.sys [118272 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 iagpio; C:\WINDOWS\System32\drivers\iagpio.sys [36352 2019-12-07] (Microsoft Windows -> Intel® Corporation)
S3 iai2c; C:\WINDOWS\System32\drivers\iai2c.sys [91136 2019-12-07] (Microsoft Windows -> Intel® Corporation)
S3 iaLPSS2i_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSS2i_GPIO2_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [93184 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSS2i_I2C; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [171520 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [175104 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [177152 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSSi_GPIO; C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128 2019-12-07] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 iaLPSSi_I2C; C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152 2019-12-07] (Microsoft Windows -> Intel Corporation)
S0 iaStorAVC; C:\WINDOWS\System32\drivers\iaStorAVC.sys [884752 2019-12-07] (Microsoft Windows -> Intel Corporation)
S0 iaStorV; C:\WINDOWS\System32\drivers\iaStorV.sys [412176 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 ibbus; C:\WINDOWS\System32\drivers\ibbus.sys [558904 2019-12-07] (Microsoft Windows -> Mellanox)
S3 IndirectKmd; C:\WINDOWS\System32\drivers\IndirectKmd.sys [47104 2020-10-23] (Microsoft Windows -> Microsoft Corporation)
S0 intelide; C:\WINDOWS\System32\drivers\intelide.sys [19792 2021-10-20] (Microsoft Windows -> Microsoft Corporation)
R0 intelpep; C:\WINDOWS\System32\drivers\intelpep.sys [418800 2021-10-20] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S3 intelpmax; C:\WINDOWS\System32\drivers\intelpmax.sys [30720 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 intelppm; C:\WINDOWS\System32\drivers\intelppm.sys [230728 2020-10-23] (Microsoft Windows -> Microsoft Corporation)
R0 iorate; C:\WINDOWS\System32\drivers\iorate.sys [57168 2021-06-15] (Microsoft Windows -> Microsoft Corporation)
S3 IpFilterDriver; C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [90112 2021-05-20] (Microsoft Windows -> Microsoft Corporation)
S3 IPMIDRV; C:\WINDOWS\System32\drivers\IPMIDrv.sys [117584 2021-06-15] (Microsoft Windows -> Microsoft Corporation)
S3 IPNAT; C:\WINDOWS\System32\drivers\ipnat.sys [225280 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 IPT; C:\WINDOWS\System32\drivers\ipt.sys [59704 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 isapnp; C:\WINDOWS\System32\drivers\isapnp.sys [22864 2021-09-25] (Microsoft Windows -> Microsoft Corporation)
S3 iScsiPrt; C:\WINDOWS\System32\drivers\msiscsi.sys [293176 2021-08-24] (Microsoft Windows -> Microsoft Corporation)
S0 ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [172344 2019-12-07] (Microsoft Windows -> Avago Technologies)
R3 kbdclass; C:\WINDOWS\System32\drivers\kbdclass.sys [71480 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 kbdhid; C:\WINDOWS\System32\drivers\kbdhid.sys [46592 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 kdnic; C:\WINDOWS\System32\drivers\kdnic.sys [33296 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 KSecDD; C:\WINDOWS\System32\Drivers\ksecdd.sys [147256 2021-10-20] (Microsoft Windows -> Microsoft Corporation)
R0 KSecPkg; C:\WINDOWS\System32\Drivers\ksecpkg.sys [181104 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
R3 ksthunk; C:\WINDOWS\system32\drivers\ksthunk.sys [29696 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 lltdio; C:\WINDOWS\System32\drivers\lltdio.sys [72704 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 LSI_SAS; C:\WINDOWS\System32\drivers\lsi_sas.sys [108856 2019-12-07] (Microsoft Windows -> LSI Corporation)
S0 LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [124216 2019-12-07] (Microsoft Windows -> LSI Corporation)
S0 LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [135992 2019-12-07] (Microsoft Windows -> Avago Technologies)
S0 LSI_SSS; C:\WINDOWS\System32\drivers\lsi_sss.sys [82744 2019-12-07] (Microsoft Windows -> LSI Corporation)
R2 luafv; C:\WINDOWS\system32\drivers\luafv.sys [140800 2021-03-09] (Microsoft Windows -> Microsoft Corporation)
S3 mausbhost; C:\WINDOWS\System32\drivers\mausbhost.sys [537608 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 mausbip; C:\WINDOWS\System32\drivers\mausbip.sys [64016 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-08-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-08-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [192960 2022-08-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [74704 2022-08-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-08-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181992 2022-08-14] (Malwarebytes Inc. -> Malwarebytes)
S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [391168 2021-07-10] (Microsoft Windows -> Microsoft Corporation)
S0 megasas; C:\WINDOWS\System32\drivers\megasas.sys [59704 2019-12-07] (Microsoft Windows -> Avago Technologies)
S0 megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [81720 2019-12-07] (Microsoft Windows -> Avago Technologies)
S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [105480 2019-12-07] (Microsoft Windows -> Avago Technologies)
S0 megasr; C:\WINDOWS\System32\drivers\megasr.sys [575800 2019-12-07] (Microsoft Windows -> LSI Corporation, Inc.)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [65024 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 mlx4_bus; C:\WINDOWS\System32\drivers\mlx4_bus.sys [1131320 2019-12-07] (Microsoft Windows -> Mellanox)
R2 MMCSS; C:\WINDOWS\system32\drivers\mmcss.sys [53248 2020-10-23] (Microsoft Windows -> Microsoft Corporation)
S3 Modem; C:\WINDOWS\System32\drivers\modem.sys [47104 2021-01-13] (Microsoft Windows -> Microsoft Corporation)
R3 monitor; C:\WINDOWS\System32\drivers\monitor.sys [83968 2021-08-24] (Microsoft Windows -> Microsoft Corporation)
R3 mouclass; C:\WINDOWS\System32\drivers\mouclass.sys [67600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 mouhid; C:\WINDOWS\System32\drivers\mouhid.sys [35328 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 mountmgr; C:\WINDOWS\System32\drivers\mountmgr.sys [110392 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 mpsdrv; C:\WINDOWS\System32\drivers\mpsdrv.sys [80896 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MRxDAV; C:\WINDOWS\system32\drivers\mrxdav.sys [157696 2021-10-20] (Microsoft Windows -> Microsoft Corporation)
R3 mrxsmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [574800 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
R3 mrxsmb20; C:\WINDOWS\System32\DRIVERS\mrxsmb20.sys [264528 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
S3 MsBridge; C:\WINDOWS\System32\drivers\bridge.sys [127488 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [44048 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 msgpiowin32; C:\WINDOWS\System32\drivers\msgpiowin32.sys [56120 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 mshidkmdf; C:\WINDOWS\System32\drivers\mshidkmdf.sys [8192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 mshidumdf; C:\WINDOWS\System32\drivers\mshidumdf.sys [12288 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 msisadrv; C:\WINDOWS\System32\drivers\msisadrv.sys [20280 2021-09-25] (Microsoft Windows -> Microsoft Corporation)
S3 MSKSSRV; C:\WINDOWS\System32\drivers\MSKSSRV.sys [34816 2020-11-12] (Microsoft Windows -> Microsoft Corporation)
R2 MsLldp; C:\WINDOWS\System32\drivers\mslldp.sys [78848 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MSPCLOCK; C:\WINDOWS\System32\drivers\MSPCLOCK.sys [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MSPQM; C:\WINDOWS\System32\drivers\MSPQM.sys [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 MsQuic; C:\WINDOWS\System32\drivers\msquic.sys [322376 2020-09-09] (Microsoft Windows -> Microsoft Corporation)
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [382800 2021-10-20] (Microsoft Windows -> Microsoft Corporation)
R1 mssmbios; C:\WINDOWS\System32\drivers\mssmbios.sys [47928 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MSTEE; C:\WINDOWS\System32\drivers\MSTEE.sys [12288 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MTConfig; C:\WINDOWS\System32\drivers\MTConfig.sys [17920 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 Mup; C:\WINDOWS\System32\Drivers\mup.sys [132920 2021-03-09] (Microsoft Windows -> Microsoft Corporation)
S0 mvumis; C:\WINDOWS\System32\drivers\mvumis.sys [63800 2019-12-07] (Microsoft Windows -> Marvell Semiconductor, Inc.)
S3 NativeWifiP; C:\WINDOWS\System32\DRIVERS\nwifi.sys [757760 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
S3 ndfltr; C:\WINDOWS\System32\drivers\ndfltr.sys [146232 2019-12-07] (Microsoft Windows -> Mellanox)
R0 NDIS; C:\WINDOWS\System32\drivers\ndis.sys [1476944 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
R1 NdisCap; C:\WINDOWS\System32\drivers\ndiscap.sys [54272 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 NdisImPlatform; C:\WINDOWS\System32\drivers\NdisImPlatform.sys [135168 2020-10-23] (Microsoft Windows -> Microsoft Corporation)
R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [28672 2020-10-23] (Microsoft Windows -> Microsoft Corporation)
S3 Ndisuio; C:\WINDOWS\System32\drivers\ndisuio.sys [70656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 NdisVirtualBus; C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [23040 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 NdisWan; C:\WINDOWS\System32\drivers\ndiswan.sys [212992 2021-11-29] (Microsoft Windows -> Microsoft Corporation)
S3 ndiswanlegacy; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [212992 2021-11-29] (Microsoft Windows -> Microsoft Corporation)
S3 NDKPing; C:\WINDOWS\System32\drivers\NDKPing.sys [72720 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 ndproxy; C:\WINDOWS\System32\DRIVERS\NDProxy.sys [93696 2020-10-23] (Microsoft Windows -> Microsoft Corporation)
R2 Ndu; C:\WINDOWS\System32\drivers\Ndu.sys [131584 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [214528 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
R1 NetBIOS; C:\WINDOWS\System32\drivers\netbios.sys [64312 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [341504 2020-10-23] (Microsoft Windows -> Microsoft Corporation)
S3 netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [250696 2021-11-29] (Microsoft Windows -> Microsoft Corporation)
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [87568 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 npsvctrig; C:\WINDOWS\System32\drivers\npsvctrig.sys [27648 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 nsiproxy; C:\WINDOWS\System32\drivers\nsiproxy.sys [48640 2020-10-23] (Microsoft Windows -> Microsoft Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [2850160 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
R1 Null; C:\Windows\System32\Drivers\Null.sys [7680 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 nvdimm; C:\WINDOWS\System32\drivers\nvdimm.sys [168464 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [11530144 2019-11-24] (NVIDIA Corporation -> NVIDIA Corporation)
S0 nvraid; C:\WINDOWS\System32\drivers\nvraid.sys [150328 2019-12-07] (Microsoft Windows -> NVIDIA Corporation)
S0 nvstor; C:\WINDOWS\System32\drivers\nvstor.sys [166200 2019-12-07] (Microsoft Windows -> NVIDIA Corporation)
R0 nvstor64; C:\WINDOWS\System32\drivers\nvstor64.sys [239136 2019-11-24] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Parport; C:\WINDOWS\System32\drivers\parport.sys [109056 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 partmgr; C:\WINDOWS\System32\drivers\partmgr.sys [182608 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
R0 pci; C:\WINDOWS\System32\drivers\pci.sys [469840 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
R0 pciide; C:\WINDOWS\System32\drivers\pciide.sys [16712 2021-10-20] (Microsoft Windows -> Microsoft Corporation)
S0 pcmcia; C:\WINDOWS\System32\drivers\pcmcia.sys [127800 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 pcw; C:\WINDOWS\System32\drivers\pcw.sys [57656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 pdc; C:\WINDOWS\System32\drivers\pdc.sys [159056 2021-06-15] (Microsoft Windows -> Microsoft Corporation)
R2 PEAUTH; C:\WINDOWS\System32\drivers\peauth.sys [823808 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
S0 percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [58680 2019-12-07] (Microsoft Windows -> Avago Technologies)
S0 percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [68408 2019-12-07] (Microsoft Windows -> Avago Technologies)
S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [129848 2021-11-29] (Microsoft Windows -> Microsoft Corporation)
S0 pmem; C:\WINDOWS\System32\drivers\pmem.sys [138040 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 PNPMEM; C:\WINDOWS\System32\drivers\pnpmem.sys [17408 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [27136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 PptpMiniport; C:\WINDOWS\System32\drivers\raspptp.sys [101888 2020-09-09] (Microsoft Windows -> Microsoft Corporation)
S3 Processor; C:\WINDOWS\System32\drivers\processr.sys [216376 2020-10-23] (Microsoft Windows -> Microsoft Corporation)
R1 Psched; C:\WINDOWS\System32\drivers\pacer.sys [161608 2020-10-23] (Microsoft Windows -> Microsoft Corporation)
S3 QWAVEdrv; C:\WINDOWS\system32\drivers\qwavedrv.sys [53248 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 Ramdisk; C:\WINDOWS\System32\DRIVERS\ramdisk.sys [42296 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 RasAcd; C:\WINDOWS\System32\DRIVERS\rasacd.sys [20480 2020-10-23] (Microsoft Windows -> Microsoft Corporation)
R3 RasAgileVpn; C:\WINDOWS\System32\drivers\AgileVpn.sys [118784 2021-11-29] (Microsoft Windows -> Microsoft Corporation)
R3 Rasl2tp; C:\WINDOWS\System32\drivers\rasl2tp.sys [110080 2020-09-09] (Microsoft Windows -> Microsoft Corporation)
R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [87552 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 RasSstp; C:\WINDOWS\System32\drivers\rassstp.sys [86016 2020-09-09] (Microsoft Windows -> Microsoft Corporation)
R1 rdbss; C:\WINDOWS\System32\DRIVERS\rdbss.sys [456008 2021-09-25] (Microsoft Windows -> Microsoft Corporation)
R3 rdpbus; C:\WINDOWS\System32\drivers\rdpbus.sys [28672 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 RDPDR; C:\WINDOWS\System32\drivers\rdpdr.sys [169984 2021-04-15] (Microsoft Windows -> Microsoft Corporation)
S3 RdpVideoMiniport; C:\WINDOWS\System32\drivers\rdpvideominiport.sys [31544 2021-04-15] (Microsoft Windows -> Microsoft Corporation)
R0 rdyboost; C:\WINDOWS\System32\drivers\rdyboost.sys [297784 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [2004808 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [990008 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 RFCOMM; C:\WINDOWS\System32\drivers\rfcomm.sys [213504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 rhproxy; C:\WINDOWS\System32\drivers\rhproxy.sys [115712 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 rspndr; C:\WINDOWS\System32\drivers\rspndr.sys [89088 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [694272 2019-12-07] (Microsoft Windows -> Realtek)
S3 s3cap; C:\WINDOWS\System32\drivers\vms3cap.sys [18960 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 sbp2port; C:\WINDOWS\System32\drivers\sbp2port.sys [118088 2021-10-20] (Microsoft Windows -> Microsoft Corporation)
S3 scfilter; C:\WINDOWS\System32\DRIVERS\scfilter.sys [44032 2021-03-09] (Microsoft Windows -> Microsoft Corporation)
S0 scmbus; C:\WINDOWS\System32\drivers\scmbus.sys [158736 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 sdbus; C:\WINDOWS\System32\drivers\sdbus.sys [305472 2021-04-15] (Microsoft Windows -> Microsoft Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [35128 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 sdstor; C:\WINDOWS\System32\drivers\sdstor.sys [104264 2021-10-20] (Microsoft Windows -> Microsoft Corporation)
S3 SerCx; C:\WINDOWS\System32\drivers\SerCx.sys [86328 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 SerCx2; C:\WINDOWS\System32\drivers\SerCx2.sys [173072 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Serenum; C:\WINDOWS\System32\drivers\serenum.sys [27648 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Serial; C:\WINDOWS\System32\drivers\serial.sys [90624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 sermouse; C:\WINDOWS\System32\drivers\sermouse.sys [29184 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 sfloppy; C:\WINDOWS\System32\drivers\sfloppy.sys [19456 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 SgrmAgent; C:\WINDOWS\System32\drivers\SgrmAgent.sys [88080 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 SiSRaid2; C:\WINDOWS\System32\drivers\SiSRaid2.sys [44856 2019-12-07] (Microsoft Windows -> Silicon Integrated Systems Corp.)
S0 SiSRaid4; C:\WINDOWS\System32\drivers\sisraid4.sys [81720 2019-12-07] (Microsoft Windows -> Silicon Integrated Systems)
S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [209720 2019-12-07] (Microsoft Windows -> Microsemi Corportation)
S3 spaceparser; C:\WINDOWS\System32\drivers\spaceparser.sys [26624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 spaceport; C:\WINDOWS\System32\drivers\spaceport.sys [679240 2021-10-20] (Microsoft Windows -> Microsoft Corporation)
S3 SpatialGraphFilter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [90936 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 SpbCx; C:\WINDOWS\System32\drivers\SpbCx.sys [87352 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 srv2; C:\WINDOWS\System32\DRIVERS\srv2.sys [787968 2021-09-25] (Microsoft Windows -> Microsoft Corporation)
R3 srvnet; C:\WINDOWS\System32\DRIVERS\srvnet.sys [315392 2021-06-15] (Microsoft Windows -> Microsoft Corporation)
S0 stexstor; C:\WINDOWS\System32\drivers\stexstor.sys [31032 2019-12-07] (Microsoft Windows -> Promise Technology, Inc.)
S0 storahci; C:\WINDOWS\System32\drivers\storahci.sys [186168 2021-10-20] (Microsoft Windows -> Microsoft Corporation)
S0 storflt; C:\WINDOWS\System32\drivers\vmstorfl.sys [54080 2021-05-20] (Microsoft Windows -> Microsoft Corporation)
S0 stornvme; C:\WINDOWS\System32\drivers\stornvme.sys [158008 2021-10-20] (Microsoft Windows -> Microsoft Corporation)
R2 storqosflt; C:\WINDOWS\System32\drivers\storqosflt.sys [92984 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 storufs; C:\WINDOWS\System32\drivers\storufs.sys [61264 2021-11-29] (Microsoft Windows -> Microsoft Corporation)
S0 storvsc; C:\WINDOWS\System32\drivers\storvsc.sys [44048 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 swenum; C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys [18952 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Synth3dVsc; C:\WINDOWS\System32\drivers\Synth3dVsc.sys [6656 2021-04-15] (Microsoft Windows -> Microsoft Corporation)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2022-04-26] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R0 Tcpip; C:\WINDOWS\System32\drivers\tcpip.sys [2989880 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
S3 Tcpip6; C:\WINDOWS\System32\drivers\tcpip.sys [2989880 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
R2 tcpipreg; C:\WINDOWS\System32\drivers\tcpipreg.sys [54784 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 tdx; C:\WINDOWS\system32\DRIVERS\tdx.sys [117584 2021-09-25] (Microsoft Windows -> Microsoft Corporation)
R0 Telemetry; C:\WINDOWS\System32\drivers\IntelTA.sys [26608 2020-10-23] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S3 terminpt; C:\WINDOWS\System32\drivers\terminpt.sys [41272 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 TPM; C:\WINDOWS\System32\drivers\tpm.sys [255288 2021-01-13] (Microsoft Windows -> Microsoft Corporation)
S3 TsUsbFlt; C:\WINDOWS\System32\drivers\tsusbflt.sys [66560 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 TsUsbGD; C:\WINDOWS\System32\drivers\TsUsbGD.sys [37888 2021-08-24] (Microsoft Windows -> Microsoft Corporation)
S3 tunnel; C:\WINDOWS\System32\drivers\tunnel.sys [129024 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UASPStor; C:\WINDOWS\System32\drivers\uaspstor.sys [79160 2021-06-15] (Microsoft Windows -> Microsoft Corporation)
S3 UcmCx0101; C:\WINDOWS\System32\Drivers\UcmCx.sys [160256 2021-10-20] (Microsoft Windows -> Microsoft Corporation)
S3 UcmTcpciCx0101; C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys [188416 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [36864 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [113152 2020-09-09] (Microsoft Windows -> Microsoft Corporation)
S3 Ucx01000; C:\WINDOWS\System32\drivers\ucx01000.sys [259896 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [52736 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 udfs; C:\WINDOWS\System32\DRIVERS\udfs.sys [344064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UEFI; C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\UEFI.sys [34104 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Ufx01000; C:\WINDOWS\System32\drivers\ufx01000.sys [324432 2021-11-29] (Microsoft Windows -> Microsoft Corporation)
S3 UfxChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys [110608 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 ufxsynopsys; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [168264 2020-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 umbus; C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys [58368 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UmPass; C:\WINDOWS\System32\drivers\umpass.sys [15360 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UrsChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys [32056 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UrsCx01000; C:\WINDOWS\System32\drivers\urscx01000.sys [76304 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UrsSynopsys; C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys [29496 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 usbaudio; C:\WINDOWS\system32\drivers\usbaudio.sys [209920 2021-09-25] (Microsoft Windows -> Microsoft Corporation)
S3 usbaudio2; C:\WINDOWS\System32\drivers\usbaudio2.sys [260608 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 usbccgp; C:\WINDOWS\System32\drivers\usbccgp.sys [185664 2020-09-09] (Microsoft Windows -> Microsoft Corporation)
S3 usbcir; C:\WINDOWS\System32\drivers\usbcir.sys [107520 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 usbehci; C:\WINDOWS\System32\drivers\usbehci.sys [86544 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 usbhub; C:\WINDOWS\System32\drivers\usbhub.sys [528184 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 USBHUB3; C:\WINDOWS\System32\drivers\UsbHub3.sys [648016 2021-09-25] (Microsoft Windows -> Microsoft Corporation)
R3 usbohci; C:\WINDOWS\System32\drivers\usbohci.sys [30208 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 usbprint; C:\WINDOWS\System32\drivers\usbprint.sys [37376 2021-08-24] (Microsoft Windows -> Microsoft Corporation)
S3 usbser; C:\WINDOWS\System32\drivers\usbser.sys [81408 2021-09-25] (Microsoft Windows -> Microsoft Corporation)
R3 USBSTOR; C:\WINDOWS\System32\drivers\USBSTOR.SYS [136528 2021-10-20] (Microsoft Windows -> Microsoft Corporation)
S3 usbuhci; C:\WINDOWS\System32\drivers\usbuhci.sys [39424 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 usbvideo; C:\WINDOWS\System32\Drivers\usbvideo.sys [330576 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
S3 USBXHCI; C:\WINDOWS\System32\drivers\USBXHCI.SYS [629072 2021-11-29] (Microsoft Windows -> Microsoft Corporation)
R0 vdrvroot; C:\WINDOWS\System32\drivers\vdrvroot.sys [67384 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 VerifierExt; C:\WINDOWS\System32\drivers\VerifierExt.sys [347448 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 vhdmp; C:\WINDOWS\System32\drivers\vhdmp.sys [820536 2021-10-20] (Microsoft Windows -> Microsoft Corporation)
S3 vhf; C:\WINDOWS\System32\drivers\vhf.sys [47616 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 Vid; C:\WINDOWS\System32\drivers\Vid.sys [641336 2021-10-20] (Microsoft Windows -> Microsoft Corporation)
S3 VirtualRender; C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 vmbus; C:\WINDOWS\System32\drivers\vmbus.sys [160080 2021-08-03] (Microsoft Windows -> Microsoft Corporation)
S3 VMBusHID; C:\WINDOWS\System32\drivers\VMBusHID.sys [36664 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 vmgid; C:\WINDOWS\System32\drivers\vmgid.sys [19768 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 volmgr; C:\WINDOWS\System32\drivers\volmgr.sys [90960 2021-04-15] (Microsoft Windows -> Microsoft Corporation)
R0 volmgrx; C:\WINDOWS\System32\drivers\volmgrx.sys [389432 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 volsnap; C:\WINDOWS\System32\drivers\volsnap.sys [429880 2020-09-09] (Microsoft Windows -> Microsoft Corporation)
R0 volume; C:\WINDOWS\System32\drivers\volume.sys [16696 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 vpci; C:\WINDOWS\System32\drivers\vpci.sys [89400 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 vsmraid; C:\WINDOWS\System32\drivers\vsmraid.sys [166712 2019-12-07] (Microsoft Windows -> VIA Technologies Inc.,Ltd)
S0 VSTXRAID; C:\WINDOWS\System32\drivers\vstxraid.sys [305464 2019-12-07] (Microsoft Windows -> VIA Corporation)
S3 vwifibus; C:\WINDOWS\System32\drivers\vwifibus.sys [29184 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 vwififlt; C:\WINDOWS\System32\drivers\vwififlt.sys [77824 2021-09-25] (Microsoft Windows -> Microsoft Corporation)
S3 WacomPen; C:\WINDOWS\System32\drivers\wacompen.sys [31232 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 wanarp; C:\WINDOWS\System32\DRIVERS\wanarp.sys [93184 2020-10-23] (Microsoft Windows -> Microsoft Corporation)
S3 wanarpv6; C:\WINDOWS\System32\DRIVERS\wanarp.sys [93184 2020-10-23] (Microsoft Windows -> Microsoft Corporation)
R2 wcifs; C:\WINDOWS\system32\drivers\wcifs.sys [202568 2021-11-29] (Microsoft Windows -> Microsoft Corporation)
S3 wcnfs; C:\WINDOWS\system32\drivers\wcnfs.sys [93184 2021-03-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2022-08-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 Wdf01000; C:\WINDOWS\System32\drivers\Wdf01000.sys [827696 2021-08-24] (Microsoft Windows -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [453904 2022-08-13] (Microsoft Windows -> Microsoft Corporation)
S3 wdiwifi; C:\WINDOWS\System32\DRIVERS\wdiwifi.sys [967168 2021-11-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdmCompanionFilter; C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [23560 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94456 2022-08-13] (Microsoft Windows -> Microsoft Corporation)
R0 WFPLWFS; C:\WINDOWS\System32\drivers\wfplwfs.sys [180024 2021-11-29] (Microsoft Windows -> Microsoft Corporation)
S3 WIMMount; C:\WINDOWS\System32\drivers\wimmount.sys [39760 2021-09-25] (Microsoft Windows -> Microsoft Corporation)
R0 WindowsTrustedRT; C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [76984 2019-12-07] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [18920 2019-12-07] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S3 WinMad; C:\WINDOWS\System32\drivers\winmad.sys [36152 2019-12-07] (Microsoft Windows -> Mellanox)
S3 WinNat; C:\WINDOWS\System32\drivers\winnat.sys [266752 2021-11-29] (Microsoft Windows -> Microsoft Corporation)
S3 WINUSB; C:\WINDOWS\System32\drivers\WinUSB.SYS [107008 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WinVerbs; C:\WINDOWS\System32\drivers\winverbs.sys [73016 2019-12-07] (Microsoft Windows -> Mellanox)
R3 WmiAcpi; C:\WINDOWS\System32\drivers\wmiacpi.sys [19456 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [234296 2021-04-15] (Microsoft Windows -> Microsoft Corporation)
R3 WpdUpFltr; C:\WINDOWS\System32\drivers\WpdUpFltr.sys [32568 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 ws2ifsl; C:\WINDOWS\system32\drivers\ws2ifsl.sys [25088 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WSDPrintDevice; C:\WINDOWS\System32\drivers\WSDPrint.sys [23552 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WudfPf; C:\WINDOWS\System32\drivers\WudfPf.sys [136192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WUDFRd; C:\WINDOWS\System32\drivers\WUDFRd.sys [315392 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WUDFWpdFs; C:\WINDOWS\System32\drivers\WUDFRd.sys [315392 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 xboxgip; C:\WINDOWS\System32\drivers\xboxgip.sys [330752 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
S3 xinputhid; C:\WINDOWS\System32\drivers\xinputhid.sys [51712 2021-12-25] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-08-14 23:52 - 2022-08-14 23:53 - 000055624 _____ C:\Users\whend\Downloads\FRST.txt
2022-08-14 23:49 - 2022-08-14 23:53 - 000000000 ____D C:\FRST
2022-08-14 23:46 - 2022-08-14 23:47 - 002370048 _____ (Farbar) C:\Users\whend\Downloads\FRST64 (3).exe
2022-08-14 21:36 - 2022-08-14 21:36 - 000001522 _____ C:\Users\whend\Downloads\QlNNSC1Qcm9kdWN0aW9uLkNhcmVMaW5rIC0gUFJPRA-- (9).ica
2022-08-14 21:12 - 2022-08-14 21:12 - 000000000 ___HD C:\$WinREAgent
2022-08-14 03:49 - 2022-08-14 03:49 - 000000000 ____D C:\Users\whend\AppData\Local\mbam
2022-08-14 03:48 - 2022-08-14 03:48 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-08-14 03:48 - 2022-08-14 03:48 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-08-14 03:48 - 2022-08-14 03:48 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-08-14 03:48 - 2022-08-14 03:48 - 000181992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-08-14 03:48 - 2022-08-14 03:48 - 000074704 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-08-14 03:48 - 2022-08-14 03:48 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-08-14 03:48 - 2022-08-14 03:48 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-08-14 03:48 - 2022-08-14 03:47 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-08-14 03:48 - 2022-08-14 03:47 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-08-14 03:47 - 2022-08-14 03:47 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-08-14 03:47 - 2022-08-14 03:47 - 000000000 ____D C:\Program Files\Malwarebytes
2022-08-14 03:46 - 2022-08-14 03:46 - 002556344 _____ (Malwarebytes) C:\Users\whend\Downloads\MBSetup-AAF4C12B-37335.37335.exe
2022-08-13 21:30 - 2022-08-13 21:30 - 000001522 _____ C:\Users\whend\Downloads\QlNNSC1Qcm9kdWN0aW9uLkNhcmVMaW5rIC0gUFJPRA-- (8).ica
2022-08-13 21:29 - 2022-08-13 21:29 - 000001522 _____ C:\Users\whend\Downloads\QlNNSC1Qcm9kdWN0aW9uLkNhcmVMaW5rIC0gUFJPRA-- (7).ica
2022-08-13 20:17 - 2022-08-13 20:17 - 000000000 ____D C:\Users\whend\.ms-ad
2022-08-13 20:09 - 2022-08-13 20:09 - 000001522 _____ C:\Users\whend\Downloads\QlNNSC1Qcm9kdWN0aW9uLkNhcmVMaW5rIC0gUFJPRA-- (6).ica
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-08-14 23:41 - 2020-09-02 17:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-08-14 23:01 - 2020-01-20 15:30 - 000000000 ____D C:\Program Files (x86)\Google
2022-08-14 23:00 - 2021-09-24 01:41 - 000000000 ____D C:\Users\whend\AppData\Local\Citrix
2022-08-14 22:59 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-14 22:32 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-14 22:32 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-08-14 21:32 - 2020-09-02 17:17 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-08-14 21:32 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2022-08-14 21:25 - 2020-09-02 17:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-08-14 21:25 - 2020-09-02 17:07 - 000008192 ___SH C:\DumpStack.log.tmp
2022-08-14 21:25 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-08-14 03:48 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-08-13 21:36 - 2019-09-04 22:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-08-13 21:25 - 2020-09-02 17:08 - 000000000 ____D C:\Users\whend
2022-08-13 20:19 - 2022-05-10 22:44 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-08-13 20:19 - 2022-05-10 22:44 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-08-13 20:19 - 2022-05-10 22:44 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-08-13 20:08 - 2021-12-17 17:21 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1872640924-3164439144-4185476810-1001
2022-08-13 20:08 - 2020-09-02 17:16 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1872640924-3164439144-4185476810-1001
2022-08-13 20:08 - 2020-09-02 17:08 - 000002383 _____ C:\Users\whend\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-13 19:56 - 2020-01-20 15:31 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-08-13 19:55 - 2020-03-18 19:10 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-13 19:55 - 2020-03-18 19:10 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-07-27 19:20 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-07-27 19:12 - 2019-11-24 19:10 - 000000000 ___RD C:\Users\whend\OneDrive
2022-07-27 19:09 - 2020-09-02 17:16 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-27 19:09 - 2020-09-02 17:16 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-07-27 19:02 - 2019-11-24 19:29 - 146546848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-07-27 19:02 - 2019-11-24 19:29 - 000000000 ____D C:\WINDOWS\system32\MRT
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-08-2022
Ran by whend (14-08-2022 23:54:15)
Running from C:\Users\whend\Downloads
Microsoft Windows 10 Home Version 21H1 19043.1415 (X64) (2020-09-02 21:16:43)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-1872640924-3164439144-4185476810-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1872640924-3164439144-4185476810-503 - Limited - Disabled)
Guest (S-1-5-21-1872640924-3164439144-4185476810-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1872640924-3164439144-4185476810-504 - Limited - Disabled)
whend (S-1-5-21-1872640924-3164439144-4185476810-1001 - Administrator - Enabled) => C:\Users\whend
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 22.002.20191 - Adobe)
Citrix Authentication Manager (HKLM-x32\...\{29A5E354-8D70-43E7-B733-83580AC0637D}) (Version: 12.2.0.18007 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HDX Flash Redirection) (HKLM-x32\...\{C037407D-2676-4D4A-9956-23A923031D5F}) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Hidden
Citrix Receiver 4.12 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.12.0.18020 - Citrix Systems, Inc.)
Citrix Receiver Inside (HKLM-x32\...\{30DF307D-A9BB-40CB-9AB5-A02E86BCC39B}) (Version: 4.12.0.65534 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (HKLM-x32\...\{D61D76C5-44A4-407A-A5B2-2F36FE5AC0CA}) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Hidden
Citrix Receiver(DV) (HKLM-x32\...\{947A69AD-49DE-498D-8B37-67EBC46FFAC2}) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Hidden
Citrix Receiver(USB) (HKLM-x32\...\{77E2AABB-1B59-4A83-9C18-11546C135105}) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Hidden
Citrix Web Helper (HKLM-x32\...\{0378AD83-048F-4C7F-AFD6-3CEDA4212ACD}) (Version: 4.12.0.18013 - Citrix Systems, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 104.0.5112.81 - Google LLC)
Malwarebytes version 4.5.12.204 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.12.204 - Malwarebytes)
McAfee Safe Connect (HKLM-x32\...\{153C7194-14B0-412D-A12D-0DF263197D62}) (Version: 2.15.0 - McAfee, LLC.) Hidden
McAfee Safe Connect (HKLM-x32\...\{9ce9ccba-86f5-4114-bf39-0c18cd8f24f9}) (Version: 2.15.0 - McAfee, LLC.)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 4.1.213.1 - McAfee, LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 104.0.1293.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 104.0.1293.54 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1872640924-3164439144-4185476810-1001\...\OneDriveSetup.exe) (Version: 22.151.0717.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24212 (HKLM\...\{F20396E5-D84E-3505-A7A8-7358F0155F6C}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24212 (HKLM\...\{FAAD7243-0141-3987-AA2F-E56B20F80E41}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.4 - NVIDIA Corporation)
Online Plug-in (HKLM-x32\...\{2E9881CA-E41C-45E5-8055-61A4CC1BF93F}) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Hidden
Self-service Plug-in (HKLM-x32\...\{7A029AB7-8CC4-4FE8-904F-A090248C1BC7}) (Version: 4.12.0.18013 - Citrix Systems, Inc.) Hidden
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
 
Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.85.1.0_x64__kgqvnymyfvs32 [2022-08-13] (king.com)
Farm Heroes Saga -> C:\Program Files\WindowsApps\king.com.FarmHeroesSaga_5.86.2.0_x64__kgqvnymyfvs32 [2022-08-14] (king.com)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_137.1.291.0_x64__v10z8vjag6ke6 [2022-07-13] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-11-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-11-24] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7180.0_x64__8wekyb3d8bbwe [2022-08-13] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-19] (Netflix, Inc.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-07-10] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-08-14] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2009-05-01] (NVIDIA Corporation) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-08-14] (Malwarebytes Inc. -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\whend\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"
 
==================== Loaded Modules (Whitelisted) =============
 
2009-07-14 10:51 - 2009-07-14 10:51 - 001087488 _____ (NVIDIA Corporation) [File not signed] C:\WINDOWS\system32\NVSVCR.DLL
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-03-19 00:49 - 2022-05-10 23:16 - 000000891 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.1  scinstallcheck.mcafee.com
0.0.0.1 mssplus.mcafee.com
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1872640924-3164439144-4185476810-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{1333EFF8-B3C0-4B04-BB24-0581BDBE6B1C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{148E23AA-6FDD-411C-AC6A-CE24C9429794}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6C91B6D2-0C80-4D23-92D0-6FF9A0573E84}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{655FE543-53EC-4079-91A0-C9456E507ABA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AADCCF37-48DE-4C5C-B247-A0073F7B5019}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{023CD37A-ACFC-4016-9801-1EA22A53A7E8}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
 
==================== Restore Points =========================
 
27-07-2022 19:39:59 Scheduled Checkpoint
05-08-2022 12:21:39 Windows Modules Installer
13-08-2022 21:41:17 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (08/14/2022 03:44:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dwm.exe, version: 10.0.19041.746, time stamp: 0x6be51595
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1387, time stamp: 0x0b9a844a
Exception code: 0xe0464645
Fault offset: 0x000000000010b302
Faulting process id: 0x116c
Faulting application start time: 0x01d8afaf29f4b229
Faulting application path: C:\WINDOWS\system32\dwm.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 0cf1ce9f-a804-4ea3-8ac3-985b3a379f96
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/14/2022 03:26:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dwm.exe, version: 10.0.19041.746, time stamp: 0x6be51595
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1387, time stamp: 0x0b9a844a
Exception code: 0xe0464645
Fault offset: 0x000000000010b302
Faulting process id: 0x2b10
Faulting application start time: 0x01d8afaf251d38dc
Faulting application path: C:\WINDOWS\system32\dwm.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 13570893-6c3f-4e91-a778-f008508bbdc0
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/14/2022 03:26:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dwm.exe, version: 10.0.19041.746, time stamp: 0x6be51595
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1387, time stamp: 0x0b9a844a
Exception code: 0xe0464645
Fault offset: 0x000000000010b302
Faulting process id: 0x28f4
Faulting application start time: 0x01d8afae5c6054de
Faulting application path: C:\WINDOWS\system32\dwm.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: a8f896dd-a3c6-41e7-8631-abcc4005e1b3
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/14/2022 03:20:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dwm.exe, version: 10.0.19041.746, time stamp: 0x6be51595
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1387, time stamp: 0x0b9a844a
Exception code: 0xe0464645
Fault offset: 0x000000000010b302
Faulting process id: 0x610
Faulting application start time: 0x01d8afac7054d470
Faulting application path: C:\WINDOWS\system32\dwm.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 8c88b733-9cfd-4693-8fe5-428874dcad31
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/14/2022 03:06:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dwm.exe, version: 10.0.19041.746, time stamp: 0x6be51595
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1387, time stamp: 0x0b9a844a
Exception code: 0xe0464645
Fault offset: 0x000000000010b302
Faulting process id: 0x2200
Faulting application start time: 0x01d8afac65e66576
Faulting application path: C:\WINDOWS\system32\dwm.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 33154237-692c-4444-ae36-deaa963a43bc
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/14/2022 03:06:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dwm.exe, version: 10.0.19041.746, time stamp: 0x6be51595
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1387, time stamp: 0x0b9a844a
Exception code: 0xe0464645
Fault offset: 0x000000000010b302
Faulting process id: 0x24e8
Faulting application start time: 0x01d8afab7d06d363
Faulting application path: C:\WINDOWS\system32\dwm.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 40f8c457-91c7-4ae0-83a0-f4639b173b48
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/14/2022 03:00:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dwm.exe, version: 10.0.19041.746, time stamp: 0x6be51595
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1387, time stamp: 0x0b9a844a
Exception code: 0xe0464645
Fault offset: 0x000000000010b302
Faulting process id: 0x2628
Faulting application start time: 0x01d8afa85152db67
Faulting application path: C:\WINDOWS\system32\dwm.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 6e132c19-0840-49c3-a301-0dd889d4382d
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/14/2022 02:37:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dwm.exe, version: 10.0.19041.746, time stamp: 0x6be51595
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1387, time stamp: 0x0b9a844a
Exception code: 0xe0464645
Fault offset: 0x000000000010b302
Faulting process id: 0x26c0
Faulting application start time: 0x01d8afa7f9356fec
Faulting application path: C:\WINDOWS\system32\dwm.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 226661cd-d727-4502-9db9-1678e84fc914
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (08/14/2022 09:25:11 PM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT AUTHORITY)
Description: The system watchdog timer was triggered.
 
Error: (08/14/2022 09:25:16 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:16:42 PM on ‎8/‎14/‎2022 was unexpected.
 
Error: (08/13/2022 09:25:21 PM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT AUTHORITY)
Description: The system watchdog timer was triggered.
 
Error: (08/13/2022 09:25:29 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:42:33 PM on ‎8/‎13/‎2022 was unexpected.
 
Error: (08/05/2022 12:30:37 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0831: 2022-07 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5015807).
 
Error: (07/27/2022 07:19:54 PM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT AUTHORITY)
Description: The system watchdog timer was triggered.
 
Error: (07/27/2022 07:20:03 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:38:56 PM on ‎7/‎13/‎2022 was unexpected.
 
Error: (07/27/2022 07:02:07 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
 
 
Windows Defender:
================
Date: 2022-08-13 20:25:54
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-07-13 16:50:40
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-07-11 21:51:15
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-07-10 21:42:55
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-06-17 16:42:39
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
 
Date: 2022-05-27 14:21:07
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.363.1825.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.19200.5
Error code: 0x80240022
Error description: The program can't check for definition updates. 
 
Date: 2022-05-27 14:21:07
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.363.1825.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.19200.5
Error code: 0x80240022
Error description: The program can't check for definition updates. 
 
Date: 2022-03-17 19:45:43
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.361.187.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.19000.8
Error code: 0x8050a003
Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support. 
 
Date: 2022-03-17 19:45:43
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.361.187.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.19000.8
Error code: 0x8050a003
Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support. 
 
Date: 2022-03-17 19:45:43
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.361.187.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.19000.8
Error code: 0x8050a003
Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support. 
 
==================== Memory info =========================== 
 
BIOS: AMI P01-A0 08/21/2009
Motherboard: eMachines EMCP73VT-PM
Processor: Pentium® Dual-Core CPU E5300 @ 2.60GHz
Percentage of memory in use: 65%
Total physical RAM: 3839.22 MB
Available physical RAM: 1313.57 MB
Total Virtual: 4607.22 MB
Available Virtual: 1051.39 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:455.66 GB) (Free:413.49 GB) (Model: Samsung SSD 860 EVO SCSI Disk Device) NTFS
Drive e: () (Fixed) (Total:0 GB) (Free:0 GB) (Model: Samsung SSD 860 EVO SCSI Disk Device) 
 
\\?\Volume{b2a7cab2-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.57 GB) (Free:0.13 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: B2A7CAB2)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=9.5 GB) - (Type=06)
Partition 3: (Not Active) - (Size=455.7 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt =======================
 

    Advertisements

Register to Remove

#2 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,686 posts
  • Interests:Boo!....
  • MVP

Posted 15 August 2022 - 08:04 AM

As far as seeing anything malicious, I didn't but we can dig deeper.

Got a couple of questions first:
Are the below files you downloaded?
Just want to make you aware they are there.

2022-08-14 21:36 - 2022-08-14 21:36 - 000001522 _____ C:\Users\whend\Downloads\QlNNSC1Qcm9kdWN0aW9uLkNhcmVMaW5rIC0gUFJPRA-- (9).ica
2022-08-13 21:30 - 2022-08-13 21:30 - 000001522 _____ C:\Users\whend\Downloads\QlNNSC1Qcm9kdWN0aW9uLkNhcmVMaW5rIC0gUFJPRA-- (8).ica
2022-08-13 21:29 - 2022-08-13 21:29 - 000001522 _____ C:\Users\whend\Downloads\QlNNSC1Qcm9kdWN0aW9uLkNhcmVMaW5rIC0gUFJPRA-- (7).ica
2022-08-13 20:09 - 2022-08-13 20:09 - 000001522 _____ C:\Users\whend\Downloads\QlNNSC1Qcm9kdWN0aW9uLkNhcmVMaW5rIC0gUFJPRA-- (6).ica

The scan shows
Percentage of memory in use: 65%
Total physical RAM: 3839.22 MB
Available physical RAM: 1313.57 MB

Drive c: () (Fixed) (Total:455.66 GB) (Free:413.49 GB)

I wish I knew more in this department but, you might be running low on space?

Error: (08/05/2022 12:30:37 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0831: 2022-07 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5015807).
KB5015807 is part of Windows 10's July 2022 Patch Tuesday cycle and it includes fixes for several individual files involved in making the operating system and other Microsoft apps or drivers work.
 
Also, McAfee can be a resources hog,  just saying.


Start Farbar Recovery Scan Tool with Administrator privileges
(Right click on the FRST icon and select Run as administrator, just open it and let it wait)

highlight on the text below and select Copy.
beginning with Start:: and finishing with End::

Start::
CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
ShortcutWithArgument: C:\Users\whend\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"
C:\Windows\Temp\*.*
End::

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Press the Fix button. FRST will process the lines copied above from the clipboard.
When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.

Please copy and paste its contents in your next reply.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`

Malwarebytes AdwCleaner

-------------------

  • Please download AdwCleaner and save it to your Desktop
  • Close all open programs and browsers
  • Right click on the icon and select Run as administrator
  • Click Scan now
  • Allow the program to Quarantine what it finds except for Pre-installed applications if you would like to keep those or other entries you would like to keep
  • When completed click View Scan Log File
  • Copy and paste the contents in your reply
  • Click Skip Basic Repair if it appears then close the program

===================================================

Please post these logs when finished.


Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#3 BobDylan

BobDylan

    Authentic Member

  • Authentic Member
  • PipPip
  • 90 posts

Posted 15 August 2022 - 02:35 PM

Hi - and thanks for helping out.

 

And just an FYI - this is a family member's PC and I'm not too familiar with his on-line habits, but he doesn't use the internet much, so I'm not too concerned about malware, but thought I should rule-it out.

 

As for your questions:

1 - I am aware of those QINNSC1Q files for the recent downloads.

    For some reason, when I want to download something, those pop-ups come up to allow the download, then it makes those files.

2 - And I agree, I wonder if it might need a more thorough cleaning of temporary files, etc to get some more free space.

3 - And I was also wondering about the McAfee program, as I don't think it's doing much.

     It looks like he has Windows Defender for his main protection, so I was thinking of deleting the McAfee program if you think that might be okay.

 

I've run the FRST with the text as you recommended, and the Fixlog is below.

 

I also ran the AdwClear with that log below as well.

 

So far, everything is still running slow as before.

 

Thanks again!

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-08-2022 02
Ran by whend (15-08-2022 16:08:27) Run:1
Running from C:\Users\whend\Downloads
Loaded Profiles: whend
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start::
CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
ShortcutWithArgument: C:\Users\whend\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"
C:\Windows\Temp\*.*
End::
*****************
 
Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
C:\Users\whend\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk => Shortcut argument removed successfully
 
=========== "C:\Windows\Temp\*.*" ==========
 
C:\Windows\Temp\AdobeARM.log => moved successfully
C:\Windows\Temp\AdobeARM_Helper.log => moved successfully
C:\Windows\Temp\APPX.0hdjkyvs6c21epxohnptb1l1d.tmp => moved successfully
C:\Windows\Temp\APPX.eyz9amzz0avo5d9qnxiffc1xg.tmp => moved successfully
C:\Windows\Temp\APPX.ii5u472vb_anlm5fdsfgh7f2f.tmp => moved successfully
C:\Windows\Temp\APPX._devs5_kidiu9jkcw9summslf.tmp => moved successfully
C:\Windows\Temp\ArmUI.ini => moved successfully
C:\Windows\Temp\chrome_installer.log => moved successfully
C:\Windows\Temp\FXSAPIDebugLogFile.txt => moved successfully
C:\Windows\Temp\FXSTIFFDebugLogFile.txt => moved successfully
C:\Windows\Temp\mbamiservice.log => moved successfully
C:\Windows\Temp\mb_errors999.log => moved successfully
C:\Windows\Temp\MpCmdRun.log => moved successfully
C:\Windows\Temp\MpSigStub.log => moved successfully
C:\Windows\Temp\msedge_installer.log => moved successfully
C:\Windows\Temp\SecurityScan_Release.exe => moved successfully
C:\Windows\Temp\WFV2BA3.tmp => moved successfully
 
========= End -> "C:\Windows\Temp\*.*" ========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 16:08:51 ====
 
 

 

# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build:    03-23-2022
# Database: 2022-06-24.1 (Cloud)
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    08-15-2022
# Duration: 00:00:01
# OS:       Windows 10 Home
# Cleaned:  6
# Failed:   0
 
 
***** [ Services ] *****
 
No malicious services cleaned.
 
***** [ Folders ] *****
 
No malicious folders cleaned.
 
***** [ Files ] *****
 
No malicious files cleaned.
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
No malicious tasks cleaned.
 
***** [ Registry ] *****
 
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\searchnow.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.searchnow.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\searchnow.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.searchnow.com
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries cleaned.
 
***** [ Chromium URLs ] *****
 
No malicious Chromium URLs cleaned.
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries cleaned.
 
***** [ Firefox URLs ] *****
 
No malicious Firefox URLs cleaned.
 
***** [ Hosts File Entries ] *****
 
No malicious hosts file entries cleaned.
 
***** [ Preinstalled Software ] *****
 
No Preinstalled Software cleaned.
 
 
*************************
 
[+] Delete Tracing Keys
[+] Reset Winsock
 
*************************
 
AdwCleaner[S00].txt - [2741 octets] - [15/08/2022 16:20:46]
 
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#4 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,686 posts
  • Interests:Boo!....
  • MVP

Posted 15 August 2022 - 03:33 PM

I was thinking of deleting the McAfee program if you think that might be okay

Use the uninstall tool for removal
https://www.mcafee.c...ll=article-view
 

For some reason, when I want to download something, those pop-ups come up to allow the download, then it makes those files.

Citrix application is doing this.
 
If you remove all McAfee products be sure to go into the security control panel to see that Windows Defender is enabled.
It can take a while for it to update and probably do a scan then it should be good to go.
 
I had also noted in my last reply that a Windows Update had failed.
It's possible windows seeks attempts periodically.


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`

ESET Online Scanner

--------------------

Note: You can expect this process to take a long time, up to several hours or more.[list]

  • Download ESET Free Online Scanner and save it to your Desktop
  • Right click on esetonlinescanner_enu.exe and select Run as administrator
  • Click Computer Scan
  • Click Full scan
  • Select Enable ESET to detect and quarantine potentially unwanted applications
  • Click Start scan
  • Once completed click Save scan log and save it to your Desktop as ESETScan.txt
  • Click Continue then finally click Close
  • Copy and paste the ESETScan.txt file contents in your reply

Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#5 BobDylan

BobDylan

    Authentic Member

  • Authentic Member
  • PipPip
  • 90 posts

Posted 15 August 2022 - 07:39 PM

Hi;

 

   I've cleaned up the history from the beginning of time, and deleted the McAfee programs.

   Did the ESET scan (took about 45 min) with nothing found - the log is pasted below.

           

8/15/2022 21:31:24 PM
Files scanned: 274633
Detected files: 0
Cleaned files: 0
Total scan time: 00:45:08
Scan status: Finished
 

 

   The PC is still loading quite slowly.


#6 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,686 posts
  • Interests:Boo!....
  • MVP

Posted 16 August 2022 - 08:14 AM

If you would, please take a new Farbar Recovery Scan

  • Right-Click FRST.exe / FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.

Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#7 BobDylan

BobDylan

    Authentic Member

  • Authentic Member
  • PipPip
  • 90 posts

Posted 17 August 2022 - 05:04 PM

Hi:

 

    Sorry, but I'm away from the computer in question (was just visiting) and won't be returning for a while, so I won't be able to try any more fixes for a bit.

    It doesn't seem to be a malware issue now - but not sure what else to check, may be more of a hardware issue?

    You could close this thread for now I guess, but I might revisit it again when I return, as I'd really like to get it running smoothly, and quickly.

    Thanks for your help Juliet!


#8 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,686 posts
  • Interests:Boo!....
  • MVP

Posted 17 August 2022 - 05:43 PM

I might be wrong but I think theres to much on the computer and anything truly not needed should be removed.

The below was from a scan that shows this computer might be running out of space.

The scan shows
Percentage of memory in use: 65%
Total physical RAM: 3839.22 MB
Available physical RAM: 1313.57 MB

Drive c: () (Fixed) (Total:455.66 GB) (Free:413.49 GB)

~~~
When you return we can start a new topic.
Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#9 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,686 posts
  • Interests:Boo!....
  • MVP

Posted 26 August 2022 - 05:55 AM

Glad we could help. SakDYGv.gif
Since this issue appears resolved ... this Topic is closed.


Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

9 user(s) are reading this topic

0 members, 9 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·