Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-01-2023
Ran by Rich (administrator) on RICH (Gigabyte Technology Co., Ltd. Z390 AORUS ULTRA) (27-01-2023 23:43:52)
Running from C:\Users\Rich\Documents\Tools
Loaded Profiles: Rich & lkClassAds
Platform: Microsoft Windows 10 Education Version 22H2 19045.2486 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.CpuIdRemote64.exe
(C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.DisplayAdapter.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\prismSyncV2\SteelSeriesPrismSync.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\sonar\SteelSeriesSonar.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE.exe
(explorer.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
(explorer.exe ->) (Parsec Cloud, Inc. -> Parsec) C:\Program Files\Parsec\parsecd.exe
(explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> Gigabyte Technology CO.) C:\Program Files\GIGABYTE\Smart Backup\RPMDaemon.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Users\Rich\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(services.exe ->) (ADLICE -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\12.0.0.6529\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (CloudBees, Inc.) [File not signed] C:\Program Files\GIGABYTE\Control Center\Lib\GBT_VGA\Service\MonitorService-exec.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUEDevicePluginHost.exe <8>
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(services.exe ->) (National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.22.11.12\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.22.11.12\nsWscSvc.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f840d03a202f8a32\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe <2>
(svchost.exe ->) () [File not signed] C:\Program Files\MATLAB\R2022a\bin\win64\MATLABStartupAccelerator.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
(svchost.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files\GIGABYTE\Control Center\GCC.exe
(svchost.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\SIV\sensord.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22112.142.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe [3450728 2022-02-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321112 2019-12-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [12918648 2023-01-09] (SteelSeries ApS -> SteelSeries ApS)
HKLM\...\Run: [CORSAIR iCUE 4 Software] => C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE Launcher.exe [185424 2022-06-14] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [114273560 2020-10-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [668376 2021-05-10] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [3390024 2021-11-03] (Autodesk, Inc. -> Autodesk)
HKLM\...\RunOnce: [RPMKickstart] => C:\Program Files\GIGABYTE\Smart Backup\RPMKickstartEx.exe [2320384 2014-04-01] (TODO: <Company name>) [File not signed]
HKLM-x32\...\RunOnce: [DualBiosRescue] => C:\Program Files (x86)\GIGABYTE\GigabyteFirmwareUpdateUtility\dbrro.exe [12096 2015-08-19] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\GIGABYTE\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM-x32\...\RunOnce: [SelLed] => C:\Program Files (x86)\GIGABYTE\RGBFusion\RunLed.exe [50096 2019-04-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-128556331-799817740-448323406-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Rich\AppData\Local\Microsoft\Teams\Update.exe [2508480 2022-05-06] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-128556331-799817740-448323406-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1090168 2022-12-09] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-128556331-799817740-448323406-1001\...\Run: [Steam] => G:\Program Files\Steam\steam.exe [4246376 2022-12-15] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-128556331-799817740-448323406-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [253816 2022-08-03] (nordvpn s.a. -> TEFINCOM S.A.)
HKU\S-1-5-21-128556331-799817740-448323406-1001\...\Run: [Parsec.App.0] => C:\Program Files\Parsec\parsecd.exe [462472 2022-12-16] (Parsec Cloud, Inc. -> Parsec)
HKU\S-1-5-21-128556331-799817740-448323406-1001\...\Policies\Explorer: []
HKLM\Software\Microsoft\Active Setup\Installed Components: [{43F137B0-8F4D-463B-AB83-ADEAD4F15096}] -> C:\Program Files (x86)\Microsoft\Edge Beta\Application\110.0.1587.22\Installer\setup.exe [2023-01-24] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-26] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SetupRST_ModeSwitch.lnk [2020-12-19]
ShortcutTarget: SetupRST_ModeSwitch.lnk -> C:\Windows\SysWOW64\pack\SetupRST.exe (Intel(R) Rapid Storage Technology -> Intel Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0025CCF9-A30D-456E-B677-F69C4AF64069} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d6dccb2f1a3ccd => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2020-12-27] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {02E02FA7-452B-4D39-9B8F-DE9330DC4096} - System32\Tasks\NIUpdateServiceStartupTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe -startupTask (No File)
Task: {057AED33-8491-496C-8836-30281A3E602C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26326520 2023-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {06FF9FEB-CADE-42FB-A7AF-F8F6B022F395} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144288 2023-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {091D9E2E-407A-4B8F-8B85-D3C0D2472B8E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144288 2023-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {094D01B2-B26E-42F6-84BB-6062B14726FE} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [59376 2023-01-24] (HP Inc. -> HP Inc.)
Task: {0F36191E-E5C6-4F35-AF7D-885109899311} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {1AADB7C5-E9B6-42BB-BFD8-8BE03AF8A444} - System32\Tasks\systemreset => C:\Program [Argument = Files\WindowsMalwareProtection\config\systemresets.exe]
Task: {230C847E-A930-43F6-A805-EB9719965CB0} - System32\Tasks\MATLAB R2022a Startup Accelerator => C:\Program Files\MATLAB\R2022a\bin\win64\MATLABStartupAccelerator.exe [50688 2022-01-02] () [File not signed]
Task: {24299E36-2330-4B3A-BE6C-C4EFF180F364} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-31] (Google LLC -> Google LLC)
Task: {25891772-A2AC-4AEF-A77E-8DD1556548A9} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\thermald.exe [389504 2021-04-08] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {25EBFCD3-0CCF-4D07-99F8-4F9C44D857FC} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [160696 2023-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {2A597280-EE92-4DD5-B967-28ED70EDD30C} - System32\Tasks\NIUpdateServiceRetryCheckTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe -c -task (No File)
Task: {2B623FD4-69B5-4541-8CB6-115EF5F11483} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {326B9D9E-C8E4-4C99-AB37-38970A6C722A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26326520 2023-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {3304BE02-5178-4DEF-A751-51A81943382F} - System32\Tasks\MicrosoftMalwareProtection => C:\Program Files\WindowsMalwareProtection\config\MicrosoftMalwareProtection.exe [1511913120 2022-11-05] () [File not signed] <==== ATTENTION
Task: {370251DF-8183-48E2-A579-76DA3044C321} - System32\Tasks\cFos\Registration Tasks\Open Browser => "c:\program files\mozilla firefox\firefox.exe" -osint -url "hxxps://www.cfos.de/en/cfosspeed/documentation/status.htm?reg-12.00.2512-gigabyte"
Task: {3EC88C90-A677-48FD-A528-4D980DD1B024} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3F2D5EE2-7CE9-4EFD-BE72-41C970FD7D18} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [65432 2021-08-07] (Microsoft Corporation -> Microsoft)
Task: {47ACF60A-1773-48CB-8A69-BC26D44B3089} - System32\Tasks\NIUpdateServiceCheckTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe -c -task (No File)
Task: {4AF8B800-FFE7-4F89-8224-28F68E146D26} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {528C744C-0C9F-4580-942C-20ED201CED9B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-17] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {52DD7A8B-3F0A-4BE2-9551-3317A68FCE7B} - System32\Tasks\Microsoft\Office\IMESharePointDictionary => c:\Program Files\Common Files\Microsoft Shared\IME16\IMESharePointDictionary.exe [247216 2002-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {663E758D-0F54-4698-8A9E-47B365F77519} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {721829C2-E287-40BB-AF96-2A5229F772A5} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.22.11.12\SymErr.exe [379024 2022-11-27] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {77C5C306-CD4E-44DA-9B7B-62C156FF81B6} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [59376 2023-01-24] (HP Inc. -> HP Inc.)
Task: {7A7E88C9-6A9D-4FCC-9EEE-94D8C942FB21} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2353000 2022-11-27] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {7BD2575B-9FE1-4367-9533-3C9889C90944} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.22.11.12\WSCStub.exe [646520 2022-11-27] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {7EB59597-EE10-401E-A862-94D0CFA3768B} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {87679E25-4AA4-43CA-A071-E3C3A374A703} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1899656 2020-11-25] (ASUSTeK Computer Inc. -> ASUS)
Task: {8C9D294A-AF66-4F54-924D-57655B3518F3} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-128556331-799817740-448323406-500 => C:\Users\Rich\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {8FE989BB-4C25-4895-850B-B23BD09FEB0B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {911D604B-CE91-4AB3-8787-E8AB3167492E} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {93E5A17F-20A4-44BC-91B5-0E1F548E1490} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe [56784 2020-08-27] (ASUSTeK Computer Inc. -> )
Task: {96FC48A9-95C3-4C16-AE56-DCCC7BF9EC22} - System32\Tasks\SIV-VGA => C:\Program Files (x86)\GIGABYTE\SIV\sensord.exe [257408 2021-04-08] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {A07116CE-0AD4-4D42-911F-56EBAC2B0A67} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A295C821-8083-4EF7-A59D-AB59606AA2B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-31] (Google LLC -> Google LLC)
Task: {A6B41F49-7EA2-4569-8E22-F0446208E69D} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2020-12-27] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {A8C9A74C-287B-44D4-8F78-D0452AA131CB} - System32\Tasks\GCC => C:\Program Files\GIGABYTE\Control Center\GCC.exe [21912680 2022-11-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
Task: {AC16C5FA-D906-4CB6-96C7-1E1E2A89A8F6} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [3824768 2023-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {ADA99BCA-DF16-4398-877F-B90D854EA204} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {D02C39EF-B322-441C-B572-3CD25C376381} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D05EC4F9-617D-4A3B-AABD-307865FE0F55} - System32\Tasks\TUDsDownloader => C:\Program Files\Norton Utilities Premium\activesync.exe -appexecutable nup.exe -tuds (No File)
Task: {D8FDD839-8E4E-464E-AFC4-63B0C61406EF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E7441ED1-8F6E-4872-949C-3D2566084088} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.22.11.12\SymErr.exe [379024 2022-11-27] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {E8247A4D-FDB5-47A7-8FCE-DA02FE5B8EA1} - System32\Tasks\Norton Utility\ActiveSync-NortonUtility => C:\Program Files\Norton Utilities Premium\ActiveBridge.exe -appexecutable NUP.exe -ammode (No File)
Task: {EFFE5EBD-C9DD-422D-A1ED-0B9F2036E58D} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.22.11.12\SymErr.exe [379024 2022-11-27] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\Intel PTT EK Recertification.job => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe
Task: C:\Windows\Tasks\MATLAB R2022a Startup Accelerator.job => C:\Program Files\MATLAB\R2022a\bin\win64\MATLABStartupAccelerator.exe C:\Program Files\MATLAB\R2022aRICH\Rich.Sta
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [35448 2017-03-07] (National Instruments Corporation -> National Instruments Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [38520 2017-03-07] (National Instruments Corporation -> National Instruments Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{a33603c5-1cc8-4ffa-9ed6-317f100add76}: [DhcpNameServer] 192.168.50.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Rich\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-12]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
StartMenuInternet: Microsoft Edge Beta - C:\Program Files (x86)\Microsoft\Edge Beta\Application\msedge.exe
FireFox:
========
FF DefaultProfile: rmj97yd0.default
FF ProfilePath: C:\Users\Rich\AppData\Roaming\Mozilla\Firefox\Profiles\rmj97yd0.default [2021-07-12]
FF Homepage: Mozilla\Firefox\Profiles\rmj97yd0.default -> hxxps://segoonow.com/homepage?hp=1&bitmask=9996&pId=FF200401&iDate=2021-07-12 07:08:11&bName=
FF NewTab: Mozilla\Firefox\Profiles\rmj97yd0.default -> hxxps://segoonow.com/homepage?hp=1&bitmask=9996&pId=FF200401&iDate=2021-07-12 07:08:11&bName=
FF ProfilePath: C:\Users\Rich\AppData\Roaming\Mozilla\Firefox\Profiles\pv6rb7rq.default-release [2023-01-27]
FF NewTab: Mozilla\Firefox\Profiles\pv6rb7rq.default-release -> hxxps://segoonow.com/homepage?hp=1&bitmask=9996&pId=FF200401&iDate=2021-07-12 07:08:11&bName=
FF Extension: (Disable WebRTC) - C:\Users\Rich\AppData\Roaming\Mozilla\Firefox\Profiles\pv6rb7rq.default-release\Extensions\
jid1-5Fs7iTLscUaZBgwr@jetpack.xpi [2021-05-25]
FF Extension: (Norton Safe Web) - C:\Users\Rich\AppData\Roaming\Mozilla\Firefox\Profiles\pv6rb7rq.default-release\Extensions\
nortonsafeweb@symantec.com.xpi [2023-01-16]
FF Extension: (uBlock Origin) - C:\Users\Rich\AppData\Roaming\Mozilla\Firefox\Profiles\pv6rb7rq.default-release\Extensions\
uBlock0@raymondhill.net.xpi [2022-12-24]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Rich\AppData\Roaming\Mozilla\Firefox\Profiles\pv6rb7rq.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2023-01-26]
FF Extension: (Rakuten: Get Cash Back For Shopping) - C:\Users\Rich\AppData\Roaming\Mozilla\Firefox\Profiles\pv6rb7rq.default-release\Extensions\{35d6291e-1d4b-f9b4-c52f-77e6410d1326}.xpi [2023-01-26]
FF Extension: (Japanese Tattoo) - C:\Users\Rich\AppData\Roaming\Mozilla\Firefox\Profiles\pv6rb7rq.default-release\Extensions\{4d7820bd-9fec-45f5-82db-92fd03cf7fc2}.xpi [2021-05-25]
FF Extension: (Japanese Sea Scape) - C:\Users\Rich\AppData\Roaming\Mozilla\Firefox\Profiles\pv6rb7rq.default-release\Extensions\{f39384aa-40fb-4765-a10d-b879ec11ddde}.xpi [2021-05-25]
FF SearchPlugin: C:\Users\Rich\AppData\Roaming\Mozilla\Firefox\Profiles\pv6rb7rq.default-release\searchplugins\Search Now.xml [2021-07-12]
FF Plugin: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-11-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-11-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-01-20] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default [2022-11-23]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-06-13]
CHR Extension: (Google Docs Offline) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-24]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1050920 2021-05-10] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [14124208 2021-11-16] (Autodesk, Inc. -> Autodesk)
R2 AORUS LCD Panel Service; C:\Program Files\GIGABYTE\Control Center\Lib\GBT_VGA\Service\MonitorService-exec.exe [360960 2022-09-18] (CloudBees, Inc.) [File not signed]
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> )
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.06\atkexComSvc.exe [456008 2021-07-03] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2020-12-27] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [313008 2021-09-15] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2020-12-27] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [590872 2020-12-27] (ASUSTeK Computer Inc. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12548520 2023-01-09] (Microsoft Corporation -> Microsoft Corporation)
S2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [610352 2022-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe [233040 2022-06-14] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe [84048 2022-06-14] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S2 CorsairUniwillService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueUniwillService.exe [107088 2022-06-14] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [805488 2021-07-10] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [229360 2023-01-24] (HP Inc. -> HP Inc.)
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [130432 2021-04-08] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 iCUEDevicePluginHost; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUEDevicePluginHost.exe [452176 2022-06-14] (Corsair Memory, Inc. -> Corsair)
S3 JTAGServer; C:\intelFPGA_lite\20.1\quartus\bin64\jtagserver.exe [452608 2020-11-11] () [File not signed]
R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [69096 2019-03-12] (National Instruments Corporation -> National Instruments Corporation)
S2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [80880 2019-03-12] (National Instruments Corporation -> National Instruments Corporation)
S3 LxssManagerUser; C:\Windows\system32\lxss\wslclient.dll [393216 2022-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8891160 2023-01-26] (Malwarebytes Inc. -> Malwarebytes)
S3 MicrosoftEdgeBetaElevationService; C:\Program Files (x86)\Microsoft\Edge Beta\Application\110.0.1587.22\elevation_service.exe [2366880 2023-01-24] (Microsoft Corporation -> Microsoft Corporation)
S2 MyService1; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [18944 2021-04-08] () [File not signed]
S2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [432088 2019-03-12] (National Instruments Corporation -> National Instruments Corporation)
S2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [343080 2017-03-07] (National Instruments Corporation -> National Instruments Corporation)
S2 NINetworkDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [189512 2019-03-14] (National Instruments Corporation -> National Instruments Corporation)
S2 NiSvcLoc; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [110040 2019-03-20] (National Instruments Corporation -> National Instruments Corporation)
S2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2022-11-21] (nordvpn s.a. -> nordvpn S.A.)
S2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [254328 2022-08-03] (nordvpn s.a. -> TEFINCOM S.A.)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.22.11.12\NortonSecurity.exe [344888 2022-11-27] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.22.11.12\nsWscSvc.exe [1059176 2022-11-27] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2020-11-18] (Microsoft Windows -> Microsoft Corporation)
S2 Parsec; C:\Program Files\Parsec\pservice.exe [424584 2022-12-16] (Parsec Cloud, Inc. -> Parsec)
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [15358896 2023-01-26] (ADLICE -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [35200 2023-01-09] (SteelSeries ApS -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\Windows\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f840d03a202f8a32\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f840d03a202f8a32\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 Rockstar Service; "G:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmdTools64; C:\Windows\System32\drivers\AmdTools64.sys [63392 2020-06-15] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [43160 2021-09-15] (ASUSTeK Computer Inc. -> )
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.20.5.39\Definitions\BASHDefs\20230126.001\BHDrvx64.sys [1705040 2022-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 ccSet_NGC; C:\Windows\System32\drivers\NGCx64\16160B0.00C\ccSetx64.sys [198280 2022-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [63024 2022-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccessC2D033F14715AA7325305EA42FBFC65BF867CC1D; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairLLAccess64.sys [21752 2022-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [46600 2022-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [22536 2022-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz153; C:\Windows\temp\cpuz153\cpuz153_x64.sys [36864 2023-01-26] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 CTIIO; C:\Windows\system32\drivers\CtiIo64.sys [32296 2022-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527864 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2022-10-14] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-01-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 gdrv2; C:\Windows\gdrv2.sys [32600 2022-09-15] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 gdrv3; C:\Windows\System32\drivers\gdrv3.sys [45248 2022-11-23] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.20.5.39\Definitions\IPSDefs\20230127.061\IDSvia64.sys [1526776 2022-09-20] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-01-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-01-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [197088 2023-01-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [76216 2023-01-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-01-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181816 2023-01-26] (Malwarebytes Inc. -> Malwarebytes)
S1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2022-12-03] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R0 mtinvme; C:\Windows\System32\drivers\mtinvme.sys [184744 2021-03-12] (Micron Technology, Inc. -> Micron Technology, Inc.)
R2 NDivert; C:\Program Files\NordVPN\7.3.9.0\Drivers\NDivert.sys [131472 2022-06-28] (nordvpn s.a. -> Nordvpn S.A.)
R1 nordlwf; C:\Windows\system32\DRIVERS\nordlwf.sys [44928 2022-02-22] (nordvpn s.a. -> TEFINCOM S.A.)
S3 nsvst_NGC; C:\Windows\System32\drivers\NGCx64\16160B0.00C\nsvst.sys [57120 2022-11-27] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-13] (Nvidia Corporation -> NVIDIA Corporation)
R3 parsecvusba; C:\Windows\System32\drivers\parsecvusba.sys [256560 2022-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Parsec)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R1 SRTSP; C:\Windows\System32\drivers\NGCx64\16160B0.00C\SRTSP64.SYS [956048 2022-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\Windows\System32\drivers\NGCx64\16160B0.00C\SRTSPX64.SYS [52872 2022-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [48848 2020-09-25] (SteelSeries ApS -> SteelSeries ApS)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 SteelSeries_Sonar_VAD; C:\Windows\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_178ca29ac943515a\SteelSeries-Sonar-VAD.sys [93368 2022-12-04] (SteelSeries ApS -> Windows (R) Win 7 DDK provider)
R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\16160B0.00C\SYMEFASI64.SYS [2180248 2022-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\Windows\System32\drivers\NGCx64\16160B0.00C\SymELAM.sys [36016 2022-11-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100320 2022-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.20.5.39\SymPlatform\SymEvnt.sys [722400 2022-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymIRON; C:\Windows\System32\drivers\NGCx64\16160B0.00C\Ironx64.SYS [306824 2022-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\Windows\System32\drivers\NGCx64\16160B0.00C\symnets.sys [490656 2022-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [41920 2023-01-27] (ADLICE (Julien ASCOET) -> )
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
R1 ViGEmBus; C:\Windows\System32\drivers\ViGEmBus.sys [165744 2021-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2020-12-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [429296 2020-12-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-18] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\Windows\System32\drivers\wintun.sys [29592 2022-12-23] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R1 wpCtrlDrv_NGC; C:\Windows\System32\drivers\NGCx64\16160B0.00C\wpCtrlDrv.sys [1016792 2022-11-27] (NortonLifeLock Inc. -> NortonLifeLock Inc.)