Jump to content

I got infected and I need help please


Recommended Posts

Before i had an old laptop from 2015 and i was young and it was my first laptop so I wasn’t aware of viruses online then one day I noticed the laptop started to slow down a lot and I saw on the task manage many processes That was using a lot of my resources on the laptop Then I left the laptop and I recently bought a new one and now I think the new one has been convicted as well cause it is acting the same as the old one please help

Link to post
Share on other sites

  • Replies 59
  • Created
  • Last Reply

Top Posters In This Topic

Hello Aboode and welcome to malwarebytes....

Continue with the following:

If you do not have Malwarebytes installed do the following:

Download Malwarebytes from the following link:

https://www.malwarebytes.com/mwb-download/thankyou/

or,

https://downloads.malwarebytes.com/file/mb4_offline

Double click on the installer and follow the prompts. If necessary select the Blue Help tab for video instructions....

When the install completes or Malwarebytes is already installed do the following:

Open Malwarebytes, select > "settings" > "security tab"

Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on....

Go back to "DashBoard" select the Blue "Scan Now" tab......

When the scan completes quarantine any found entries...

To get the log from Malwarebytes do the following:
 
  • Single click on the target sight above scanner window.
  • In the new window select Report
  • Double click on the Scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have two options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Export toTxt - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply

     
  • Please use "Export to Txt" then attach the log to your reply...


Next,

Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror
 
  • Right-click on AdwCleaner.exe and select user posted imageRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Quarantine button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply


Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status...
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
    user posted image
     
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.


Let me see those logs in your reply...

Thank you,

Kevin....
Link to post
Share on other sites

Ok I’ll do so like you said but now I’m in safe mode scanning a full scan from kaspersky internet security btw is it good i have a subscription that came in with the laptop also the old laptop do I do the same steps there or is the laptop wasted
 

Link to post
Share on other sites

heres adwcleaner

 

 

 

# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build:    07-22-2020
# Database: 2020-07-20.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    08-18-2020
# Duration: 00:00:04
# OS:       Windows 10 Home
# Cleaned:  38
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted       C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted       C:\Program Files (x86)\Outbyte
Deleted       C:\ProgramData\IObit\Advanced SystemCare
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outbyte
Deleted       C:\ProgramData\Outbyte
Deleted       C:\ProgramData\Tencent
Deleted       C:\Users\abood\AppData\Local\Tencent
Deleted       C:\Users\abood\AppData\Roaming\IObit\Advanced SystemCare
Deleted       C:\Users\abood\AppData\Roaming\Tencent
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
Deleted       C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER

***** [ Registry ] *****

Deleted       HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted       HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted       HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted       HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted       HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB2D5BE3-65B7-48D8-9948-E101456372E7} 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{1FEF4A75-3DCC-4C4E-8F14-91F8322E963E}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{20752182-2FCE-42FD-AA85-68F2BF5C2B0C}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{26A41A81-BEB1-44E4-A415-D176AD051F18}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{387FAC21-16A7-441A-9A24-97E7399C53D6}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{BD7CA565-EE76-4EA8-8678-FCB3B01C4FA7}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{BF6CC6B9-2E25-4D75-9AC3-F73A69A1F048}
Deleted       HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}
Deleted       HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted       HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted       HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted       HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted       HKLM\Software\Wow6432Node\Outbyte
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted       HKLM\Software\Wow6432Node\\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5469 octets] - [18/08/2020 21:04:26]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 

Link to post
Share on other sites

FRST.txt this is the second

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-08-2020
Ran by abood (administrator) on ASUS-ROG-STRIX- (ASUSTeK COMPUTER INC. ROG Strix G531GT_G531GT) (18-08-2020 21:10:25)
Running from C:\Users\abood\Downloads
Loaded Profiles: abood
Platform: Windows 10 Home Version 1909 18363.1016 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_b12b0d488bd75133\ASUSLinkRemote\AsusLinkRemote.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS_FRQ_Control\ASUS_FRQ_Control.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
(ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS HID Control Service\AsHidCtrlService.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_b12b0d488bd75133\ASUSLinkNear\AsusLinkNear.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_b12b0d488bd75133\ASUSOptimization\AsusOptimization.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_b12b0d488bd75133\ASUSOptimization\AsusOptimizationStartupTask.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_b12b0d488bd75133\ASUSOptimization\AsusOSD.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_b12b0d488bd75133\ASUSSoftwareManager\AsusSoftwareManager.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_b12b0d488bd75133\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(A-Volute -> Nahimic) C:\Windows\System32\NahimicService.exe
(A-Volute -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(A-Volute -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(A-Volute) C:\Program Files\WindowsApps\A-Volute.SonicStudio3_3.16.11.0_x64__w2gh52qy24etm\SonicStudio3.exe
(Charles Milette) C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_9.0.0.0_x86__v826wp6bftszj\TranslucentTB\TranslucentTB.exe
(Chengdu Zhagu Technology Co., Ltd. -> Smart Game Booster) C:\Program Files (x86)\PCGameBoost\Smart Game Booster\4.5.0\SgbTray.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c52b34f1b30918c5\RstMwService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_16c0b30f7916739a\Intel_PIE_Service.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Driver Booster\7.6.0\Pub\PubPlatform.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avpui.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\abood\Downloads\adwcleaner_8.0.7 (1).exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2008.1001.11.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.44.5001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.44.5001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\DriverStore\FileRepository\asusdigifilter.inf_amd64_04c699496abece1e\AsusPTPService.exe
(Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_b12b0d488bd75133\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\MsMpEng.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_326005dc610b0539\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353776 2020-07-30] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [331064 2020-07-24] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Duet Display] => C:\Program Files\Kairos\Duet Display\duet.exe [5505968 2020-02-19] (Duet, Inc. -> Duet, Inc.)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [62620472 2020-03-06] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [NoPublishingWizard] 1
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\Run: [Discord] => C:\Users\abood\AppData\Local\Discord\app-0.0.307\Discord.exe [91023672 2020-08-04] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-05-07] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2020-05-07] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-05-07] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-05-07] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2020-05-07] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe [582672 2020-04-08] (Kaspersky Lab -> AO Kaspersky Lab)
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\Run: [AnyTransToolHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AnyTransToolHelper.exe [579072 2020-05-14] (iMobie Inc. -> iMobie Inc.)
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29271224 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\MountPoints2: {874a5be6-4f28-11ea-98f8-9078412efa12} - "D:\HiSuiteDownLoader.exe" 
HKLM\...\Print\Monitors\HP D811 Status Monitor: C:\Windows\system32\hpinkstsD811LM.dll [393352 2017-04-05] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.125\Installer\chrmstp.exe [2020-08-12] (Google LLC -> Google LLC)
Startup: C:\Users\abood\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2020-07-29]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Firebit OU -> Rainmeter)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update UWP App.lnk [2020-08-14]
ShortcutTarget: Update UWP App.lnk -> C:\Program Files (x86)\LastPass\lpwinmetro\AppxUpgradeUwp.exe (LogMeIn, Inc. -> )
BootExecute: autocheck autochk * SmartDefragBootTime.exe
GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02493349-77BB-4A56-BA51-4970354EED2E} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2020-05-07] (Apple Inc. -> Apple Inc.)
Task: {0e30ce0a-f85f-466a-b613-3972517bffe4} - no filepath
Task: {0edc37c4-56e8-4e1c-94eb-459329e6cf6c} - no filepath
Task: {0FC128A5-5810-4AFE-9FD9-4426FE61E778} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-08-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1326335e-22b5-4b99-8be0-fe644967fc57} - no filepath
Task: {13DF6656-CAF4-412B-9B3B-88944F4EA99C} - System32\Tasks\RtkAudUService64_BG => C:\Windows\System32\RtkAudUService64.exe [881440 2019-06-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {15253731-7DAC-4701-9F3C-5013EBD9CC53} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-08-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1E190514-2004-4B1D-A431-0961DCD57156} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23819120 2020-08-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {20B040C8-D210-4C81-BBB0-291363F3D8BD} - System32\Tasks\NahimicTask32 => C:\Windows\system32\..\SysWOW64\NahimicSvc32.exe [810224 2020-05-07] (A-Volute -> Nahimic)
Task: {234AEAEE-BF4D-4424-B24A-D13E809D6CAD} - System32\Tasks\Software Updater SkipUAC(abood) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4490512 2020-07-20] (IObit Information Technology -> IObit) <==== ATTENTION
Task: {24A8CFD1-CF9C-4794-B831-8B9AFA7789AC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-08] (Google LLC -> Google LLC)
Task: {26ea1fc4-909f-4d12-a9f0-e81e4e15c8f3} - no filepath
Task: {278E3770-A47D-45EB-96AC-998448CD992C} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {28326067-D5FD-4FD2-B263-5AAD420549EA} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [810224 2020-05-07] (A-Volute -> Nahimic)
Task: {3601D5D9-32C6-4E0A-A769-38C478F4EAE1} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {38067738-F2EF-4FB1-AAF5-CD12D205E9D5} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [314128 2018-05-02] (IObit Information Technology -> IObit)
Task: {38276C6F-F1B5-4549-99F3-5BBC05E6CF1E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3724680 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3E5B57B6-0D73-4297-BE17-FF8F137AB89B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155488 2020-08-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {3FA9A4BA-1009-4200-8D71-1812BAA92CB9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155488 2020-08-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {46E07176-21CB-4067-99A5-F53C42E97FD2} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {50EF6B28-62EB-4B7C-AA4B-B8CCB99B05B3} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2019-08-23] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {5350ec2d-0270-438e-abc3-30698d4c2068} - no filepath
Task: {584a1cc4-dd26-4d3e-b4d5-38df2960ce07} - no filepath
Task: {595E2BAA-DBCE-477C-AA94-745809FDC0FB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-08] (Google LLC -> Google LLC)
Task: {59E949CA-A5E6-41B6-8631-BA676C1F16F5} - System32\Tasks\Driver Booster SkipUAC (abood) => C:\Program Files (x86)\IObit\Driver Booster\7.6.0\DriverBooster.exe [7945488 2020-07-24] (IObit Information Technology -> IObit)
Task: {66473599-6EC7-49B5-A21C-93C825249673} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1729736 2020-06-19] (ASUSTeK Computer Inc. -> ASUS)
Task: {6796A0C1-3B37-4B5A-9031-7E5A8AC68BCB} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [5866768 2020-07-17] (IObit Information Technology -> IObit)
Task: {6D055D26-F0FD-426A-8059-BE72E63345F9} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7031df1c-cd13-405b-ab2a-0dbcf66b9bc3} - no filepath
Task: {70C56362-4649-4928-A73D-EB2FACCF90B1} - System32\Tasks\NahimicTask64 => C:\Windows\system32\.\NahimicSvc64.exe [1080568 2020-05-07] (A-Volute -> Nahimic)
Task: {793FCE97-2A1A-4E79-990D-6BC78670915E} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d559a9f1a5289e => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2019-08-23] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {79900E14-C3B5-4292-900C-605D230C4387} - System32\Tasks\RazerCortexScheduleClean => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [530520 2020-06-29] (Razer USA Ltd. -> Razer)
Task: {7D45DB96-78F8-4E0E-86BF-A7F4F69AAF71} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [49048864 2020-06-05] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {7DE0E36F-2D7E-4CD7-90F6-F0AFF0866BA7} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_b12b0d488bd75133\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2060200 2020-07-28] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {7ef0f4fd-5bf3-4899-b71e-739cea872f1f} - no filepath
Task: {84C6E708-3234-42B4-9F02-4713265C4597} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {89368db4-34de-47cc-b656-9ab57619df6a} - no filepath
Task: {8C841C56-D93F-44BB-BEE5-B2BF18DAF40B} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {912C783A-7D0D-4C80-BC49-A2F54EDCA022} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [702856 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {96EC511D-11DA-48F7-80B6-250F4395B084} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572808 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9900830D-F2A6-4454-AD8F-FE90520EB87A} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [3031824 2020-07-07] (IObit Information Technology -> IObit)
Task: {99284309-3440-4705-9FFE-072770BB2D44} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2020-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
Task: {9c533d4c-57b0-4e33-96ee-35376400391d} - no filepath
Task: {9EB6197B-A4A0-4444-91EF-E21609BD29B3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A89A4A89-AAD5-4DDF-A54A-6CB8373E9EE8} - System32\Tasks\DuetUpdater => C:\Program Files\Kairos\Duet Display\DuetUpdater.exe [1201584 2020-02-19] (Duet, Inc. -> Kairos)
Task: {a98100ca-ad23-40b4-8c54-28784498c7f6} - no filepath
Task: {ABF25D65-1693-4F51-8BC0-1393F5B3F731} - System32\Tasks\SmartGameBooster Update => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\4.5.0\SgbUpdater.exe [2692152 2020-06-28] (Chengdu Zhagu Technology Co., Ltd. -> Smart Game Booster)
Task: {B1CE88F5-1347-4E34-AFBF-989A9E8F7E37} - System32\Tasks\SmartGameBooster SkipUAC (abood) => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\4.5.0\SgbMain.exe [3505208 2020-07-14] (Chengdu Zhagu Technology Co., Ltd. -> Smart Game Booster)
Task: {B56942E5-9772-43C1-BC7B-68CE88BAB72B} - System32\Tasks\ASUS Update Checker 2.0 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_b12b0d488bd75133\ASUSSoftwareManager\AsusUpdateChecker.exe [675240 2020-07-28] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {b69d7d39-395b-4671-8635-cae1083996c7} - no filepath
Task: {B7FE2F85-D312-4FE5-83F3-A7DCC436F676} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\7.6.0\AutoUpdate.exe [2375952 2020-07-24] (IObit Information Technology -> IObit)
Task: {B800516C-DC90-4ADC-9C8A-5CF2E59B1CEC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-08-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BB46C59F-578C-4B4F-ACD5-9C5996F5154F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23819120 2020-08-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {BCA273EA-F451-42E5-BCFF-C40ED356EEA0} - System32\Tasks\LastPassUpdater => C:\Program Files (x86)\LastPass\Updater\Updater.exe [1307672 2020-08-10] (LogMeIn, Inc. -> )
Task: {C24AD305-2EB3-496C-B505-25129AD6D776} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24770744 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C3217264-1EE3-4602-A424-B074A1D7D7F6} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe [60408 2020-04-23] (ASUSTeK Computer Inc. -> )
Task: {C9E6F0ED-50A8-4474-9AB5-306EE292F58B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {CBFEAE83-DD8C-4BCC-9B1A-9C527FD555BF} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_b12b0d488bd75133\ASUSOptimization\AsusHotkeyExec.exe [218024 2020-07-28] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {cd188537-fc98-4a2d-8a20-af4743c37881} - no filepath
Task: {D1C0BC33-5E38-4B3E-8F37-7D236393F0CF} - System32\Tasks\SU_AutoUpdate => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4490512 2020-07-20] (IObit Information Technology -> IObit)
Task: {DF7426E5-AB1F-4F51-9080-F83E63D8D211} - System32\Tasks\Software Updater Scheduler => C:\Program Files (x86)\IObit\Software Updater\SUInit.exe [1789200 2020-06-30] (IObit Information Technology -> IObit Software updater) <==== ATTENTION
Task: {E3FB2B7A-6AD3-415E-8C63-044D1FA4F712} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E6ED3D84-3732-431A-96D9-5C0A0D318895} - System32\Tasks\ASUS_FRQ_Control => C:\Program Files (x86)\ASUS\ASUS_FRQ_Control\ASUS_FRQ_Control.exe [133256 2019-05-20] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {E76985DD-8817-4D09-B0A5-6FBDA3CC3F0C} - System32\Tasks\BoostTray SkipUAC (abood) => C:\Program Files (x86)\IObit\Driver Booster\7.6.0\BoostTray.exe [3173136 2020-07-24] (IObit Information Technology -> IObit)
Task: {E8E00D60-C036-48CC-9B08-283E1177327E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-08-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ED85A9D3-A6FB-4870-94D0-2A6CB461512D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EE603B07-DFB6-43E3-9B34-C5A1535B361D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EF1713C9-30A0-4403-B543-B41D94A0AF25} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1080568 2020-05-07] (A-Volute -> Nahimic)
Task: {efa4529f-2afd-4df9-adeb-e175bf5b847f} - no filepath
Task: {F15A411A-631E-400E-BC61-4C4C67529FC7} - System32\Tasks\SmartGameBooster Startup => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\4.5.0\SgbTray.exe [1607736 2020-07-10] (Chengdu Zhagu Technology Co., Ltd. -> Smart Game Booster)
Task: {F593C462-A511-407A-AD53-98B600742EB2} - System32\Tasks\Uninstaller_SkipUac_abood => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [6041360 2020-06-30] (IObit Information Technology -> IObit)
Task: {f63b71f9-ab11-4eaa-bada-107b32a64f3b} - no filepath

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{0b3b33cb-665a-417d-a3ac-ca134bcf3ae2}: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{2b1a94d0-3937-4bd5-96a6-eefd3eaa83c4}: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{382b4e11-2f97-4d79-8c9a-e9619308399d}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-3694255521-1418403984-3529247322-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=UP15DF&PC=UP15&q={searchTerms}&src=IE-SearchBox
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_261\bin\ssv.dll [2020-07-15] (Oracle America, Inc. -> Oracle Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2020-08-10] (LogMeIn, Inc. -> LastPass)
BHO: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\IEExt\ie_plugin.dll [2020-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-07-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-02-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-07-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2020-08-10] (LogMeIn, Inc. -> LastPass)
BHO-x32: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\IEExt\ie_plugin.dll [2020-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-07-15] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\IEExt\ie_plugin.dll [2020-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2020-08-10] (LogMeIn, Inc. -> LastPass)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\IEExt\ie_plugin.dll [2020-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2020-08-10] (LogMeIn, Inc. -> LastPass)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-08-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-08-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-08-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-08-06] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
======
DownloadDir: C:\Users\abood\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-3694255521-1418403984-3529247322-1001 -> about:tabs
Edge Notifications: HKU\S-1-5-21-3694255521-1418403984-3529247322-1001 -> hxxps://www.facebook.com
Edge Extension: (IObit Surfing Protection & Ads Removal) -> EdgeExtension_18411IObit121073B4FE2A6_8nkkvw7c6ghbg => C:\Program Files\WindowsApps\18411IObit.121073B4FE2A6_2.8.77.0_x64__8nkkvw7c6ghbg [2020-02-26]
Edge Extension: (No Name) -> hdokiejnpimakedhajhdlcegeplioahd_LastPassLastPassFreePasswordManager_qq0fmhteeht3j => C:\Program Files\WindowsApps\LastPass.LastPassFreePasswordManager_4.48.0.0_neutral__qq0fmhteeht3j [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\abood\AppData\Local\Microsoft\Edge\User Data\Default [2020-08-18]
Edge Notifications: Default -> hxxps://www.myinstants.com
Edge HomePage: Default -> hxxp://asus17win10.msn.com/?pc=ASTE
Edge StartupUrls: Default -> "hxxp://www.google.com/"
Edge Extension: (Google Translate) - C:\Users\abood\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-06-03]
Edge Extension: (LastPass: Free Password Manager) - C:\Users\abood\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bbcinlkgjjkejfdpemiealijmmooekmp [2020-08-18]
Edge Extension: (Microsoft Rewards) - C:\Users\abood\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bnplfnhcidhhdapmblniehfaaompjlck [2020-08-18]
Edge Extension: (Grammarly for Microsoft Edge) - C:\Users\abood\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2020-07-25]
Edge Extension: (Kaspersky Protection) - C:\Users\abood\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2020-07-03]
Edge Extension: (iCloud Bookmarks) - C:\Users\abood\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2020-06-03]
Edge Extension: (The Great Suspender) - C:\Users\abood\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2020-06-03]
Edge Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\abood\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ojakpbihgianncnalanimeamahdmkpie [2020-06-03]
Edge HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [elhpdacimkjpccooodognopfhbdgnpbk]
Edge HKLM-x32\...\Edge\Extension: [bbcinlkgjjkejfdpemiealijmmooekmp]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-07-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-07-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-02-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-07-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-07-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-02-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.asus.com/ASUS Update;version=3 -> C:\Program Files (x86)\ASUS\Update\1.3.107.27\npAsusUpdate3.dll [2020-08-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FF Plugin-x32: @tools.asus.com/ASUS Update;version=9 -> C:\Program Files (x86)\ASUS\Update\1.3.107.27\npAsusUpdate3.dll [2020-08-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)

Chrome: 
=======
CHR Profile: C:\Users\abood\AppData\Local\Google\Chrome\User Data\Default [2020-08-18]
CHR Notifications: Default -> hxxps://connect.sa.zain.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://abs.twimg.com/responsive-web/web/icon-default.3c3b2244.png
CHR Extension: (Just Black) - C:\Users\abood\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-08-16]
CHR Extension: (Kaspersky Protection) - C:\Users\abood\AppData\Local\Google\Chrome\User Data\Default\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2020-06-30]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\abood\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-08-15]
CHR Extension: (Twitter) - C:\Users\abood\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgeocpdicgmkeemopbanhokmhcgcflmi [2020-06-15]
CHR Extension: (The Great Suspender) - C:\Users\abood\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2020-06-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\abood\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-02-08]
CHR Extension: (Chrome Media Router) - C:\Users\abood\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-07-22]
CHR Profile: C:\Users\abood\AppData\Local\Google\Chrome\User Data\System Profile [2020-08-16]
CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-05-20] (Apple Inc. -> Apple Inc.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [312288 2020-08-05] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-01-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsHidCtrlService; C:\Program Files\ASUS\ASUS HID Control Service\AsHidCtrlService.exe [170632 2019-05-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2019-08-23] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 ASUSLinkNear; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_b12b0d488bd75133\ASUSLinkNear\AsusLinkNear.exe [1048488 2020-07-28] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_b12b0d488bd75133\ASUSLinkRemote\AsusLinkRemote.exe [695720 2020-07-28] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2019-08-23] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_b12b0d488bd75133\ASUSOptimization\AsusOptimization.exe [273832 2020-07-28] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 AsusPTPService; C:\Windows\System32\DriverStore\FileRepository\asusdigifilter.inf_amd64_04c699496abece1e\AsusPTPService.exe [175504 2019-07-19] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 ASUSSoftwareManager; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_b12b0d488bd75133\ASUSSoftwareManager\AsusSoftwareManager.exe [731560 2020-07-28] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_b12b0d488bd75133\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2060200 2020-07-28] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_b12b0d488bd75133\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [565144 2020-07-28] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R2 AVP20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8646752 2020-07-12] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10566536 2020-08-05] (Microsoft Corporation -> Microsoft Corporation)
S3 DuetUpdater; C:\Program Files\Kairos\Duet Display\DuetUpdater.exe [1201584 2020-02-19] (Duet, Inc. -> Kairos)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-02-29] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 GameInput; C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe [29696 2020-08-05] (Microsoft Corporation) [File not signed]
R2 GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_2.44.5001.0_x64__8wekyb3d8bbwe\GamingServices.exe [46000 2020-08-09] (Microsoft Corporation -> Microsoft Corporation)
R2 GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_2.44.5001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [46000 2020-08-09] (Microsoft Corporation -> Microsoft Corporation)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [156944 2020-06-30] (IObit Information Technology -> IObit)
S3 klvssbridge64_20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\vssbridge64.exe [438928 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [354152 2020-04-08] (Kaspersky Lab -> AO Kaspersky Lab)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [2977672 2020-07-20] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6970968 2020-08-18] (Malwarebytes Inc -> Malwarebytes)
R2 NahimicService; C:\Windows\system32\NahimicService.exe [2696432 2020-05-07] (A-Volute -> Nahimic)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2510648 2020-08-14] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3464000 2020-08-14] (Electronic Arts, Inc. -> Electronic Arts)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-06-24] (Razer USA Ltd. -> Razer Inc)
R2 RefreshRateService; C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe [30720 2019-04-18] () [File not signed]
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1453184 2020-08-15] (Rockstar Games, Inc. -> Rockstar Games)
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [2411232 2020-07-20] (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2020-06-06] (Razer USA Ltd. -> Razer Inc.)
S3 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [290864 2020-06-29] (Razer USA Ltd. -> Razer Inc.)
S3 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [334208 2020-04-05] (Twitch Interactive, Inc. -> )
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Uncheater\ucldr_battlegrounds_gl.exe [6995800 2020-06-21] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2020-02-12] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9754048 2020-07-30] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\NisSrv.exe [2169568 2020-08-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MsMpEng.exe [128376 2020-08-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [230200 2020-03-05] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Addins\Unlock\DriverInstall.exe [122768 2020-05-07] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 XTU3SERVICE; C:\Windows\SysWOW64\XtuService.exe [82200 2019-10-30] (Intel Corporation -> Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_326005dc610b0539\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_326005dc610b0539\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-04-14] (ASUSTeK Computer Inc. -> )
S3 AsusNumpadKbd; C:\Windows\System32\DriverStore\FileRepository\asusdigifilterkbd.inf_amd64_ca6873608812d804\AsusDigiFilter.sys [137472 2019-08-02] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R3 AsusNumpadPTP; C:\Windows\System32\DriverStore\FileRepository\asusdigifilter.inf_amd64_04c699496abece1e\AsusDigiFilter.sys [136448 2019-07-19] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
S3 AsusPTPDrv; C:\Windows\System32\drivers\AsusPTPFilter.sys [105384 2018-10-18] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ASUSSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_b12b0d488bd75133\ASUSSystemAnalysis\ASUSSAIO.sys [33192 2020-07-28] (ASUSTek Computer Inc. -> )
R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_b12b0d488bd75133\ASUSOptimization\atkwmiacpi64.sys [44680 2020-07-28] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
S3 cpuz145; C:\Windows\temp\cpuz145\cpuz145_x64.sys [49968 2020-08-18] (CPUID -> CPUID)
R3 duetbus; C:\Windows\System32\drivers\duetbus.sys [32512 2019-03-25] (Duet, Inc. -> Duet, Inc.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-08-18] (Malwarebytes Corporation -> Malwarebytes)
R3 gameflt; C:\Windows\System32\DriverStore\FileRepository\gameflt.inf_amd64_a90f388ad71d52a3\gameflt.sys [71528 2020-07-26] (Microsoft Windows -> Microsoft Corporation)
R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-02-26] (Martin Malik - REALiX -> REALiX(tm))
R0 IaNVMe; C:\Windows\System32\drivers\IaNVMe.sys [154312 2020-02-26] (Intel Corporation -> Intel Corporation)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [44104 2020-06-30] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37328 2020-06-30] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [49800 2020-06-30] (IObit Information Technology -> IObit)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [79768 2020-04-13] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [145504 2020-02-13] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [37816 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [251800 2020-08-10] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [643840 2020-06-26] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1277704 2020-06-26] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\klids.sys [240200 2020-07-29] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [998808 2020-08-10] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [79760 2020-04-13] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [45904 2019-03-10] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [256760 2020-08-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\Windows\System32\Drivers\klupd_klif_kimul.sys [99152 2020-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [309768 2020-08-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [117512 2020-08-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [206888 2020-08-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [211048 2020-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [233368 2020-08-10] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [216056 2020-08-18] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-08-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [197264 2020-08-18] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73368 2020-08-18] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-08-18] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [131232 2020-08-18] (Malwarebytes Inc -> Malwarebytes)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [23040 2020-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit Information Technology -> IObit)
S3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [44976 2020-01-15] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tesrsdt; C:\Windows\system32\drivers\tesrsdt.sys [442128 2020-02-12] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [555064 2020-02-12] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [5395880 2020-07-30] (Riot Games, Inc. -> Riot Games, Inc.)
R3 VOICEMOD_Driver; C:\Windows\system32\drivers\vmdrv.sys [45408 2019-07-02] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [78216 2020-08-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [430320 2020-08-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [98520 2020-08-16] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [2740480 2020-06-21] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 XTUComponent; C:\Windows\System32\drivers\iocbios2.sys [48632 2019-10-30] (Intel Corporation -> Intel Corporation)
R3 Xvdd; C:\Windows\System32\DriverStore\FileRepository\xvdd.inf_amd64_40930fe3390b9014\xvdd.sys [511848 2020-07-26] (Microsoft Windows -> Microsoft Corporation)
U4 AppMgmt; no ImagePath
U4 CscService; no ImagePath
U4 HomeGroupProvider; no ImagePath
U4 napagent; no ImagePath
U4 PeerDistSvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-08-18 21:10 - 2020-08-18 21:11 - 000056254 _____ C:\Users\abood\Downloads\FRST.txt
2020-08-18 21:09 - 2020-08-18 21:10 - 000000000 ____D C:\FRST
2020-08-18 21:09 - 2020-08-18 21:09 - 002296320 _____ (Farbar) C:\Users\abood\Downloads\FRST64.exe
2020-08-18 21:05 - 2020-08-18 21:05 - 000197264 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2020-08-18 21:05 - 2020-08-18 21:05 - 000131232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2020-08-18 21:05 - 2020-08-18 21:05 - 000073368 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2020-08-18 21:05 - 2020-08-18 21:05 - 000003112 _____ C:\Windows\system32\Tasks\NahimicTask32
2020-08-18 21:05 - 2020-08-18 21:05 - 000003092 _____ C:\Windows\system32\Tasks\NahimicTask64
2020-08-18 21:05 - 2020-08-18 21:05 - 000000000 ____D C:\Users\abood\AppData\LocalLow\IGDump
2020-08-18 21:02 - 2020-08-18 21:02 - 008414384 _____ (Malwarebytes) C:\Users\abood\Downloads\adwcleaner_8.0.7 (1).exe
2020-08-18 21:02 - 2020-08-18 21:02 - 002040904 _____ (Malwarebytes) C:\Users\abood\Downloads\MBSetup (2).exe
2020-08-18 21:02 - 2020-08-18 21:01 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-08-18 20:59 - 2020-08-18 20:59 - 002040904 _____ (Malwarebytes) C:\Users\abood\Downloads\MBSetup (1).exe
2020-08-18 18:34 - 2020-08-18 21:04 - 000000000 ____D C:\AdwCleaner
2020-08-18 18:34 - 2020-08-18 21:02 - 000002043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-08-18 18:34 - 2020-08-18 21:02 - 000002031 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-08-18 18:34 - 2020-08-18 21:02 - 000002031 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-08-18 18:34 - 2020-08-18 18:34 - 008414384 _____ (Malwarebytes) C:\Users\abood\Downloads\adwcleaner_8.0.7.exe
2020-08-18 18:34 - 2020-08-18 18:34 - 000000000 ____D C:\Users\abood\AppData\Local\mbam
2020-08-18 18:33 - 2020-08-18 21:01 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-08-18 18:33 - 2020-08-18 18:33 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-08-18 18:33 - 2020-08-18 18:33 - 000216056 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-08-18 18:33 - 2020-08-18 18:33 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-08-18 18:32 - 2020-08-18 18:32 - 002040904 _____ (Malwarebytes) C:\Users\abood\Downloads\MBSetup.exe
2020-08-18 15:29 - 2020-08-18 18:29 - 000460888 _____ C:\Windows\ntbtlog.txt
2020-08-18 15:29 - 2020-08-18 15:29 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2020-08-18 15:04 - 2020-08-14 02:04 - 001780960 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-08-18 15:04 - 2020-08-14 02:04 - 001780960 _____ C:\Windows\system32\vulkaninfo.exe
2020-08-18 15:04 - 2020-08-14 02:04 - 001371360 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-08-18 15:04 - 2020-08-14 02:04 - 001371360 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2020-08-18 15:04 - 2020-08-14 02:04 - 001086688 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-08-18 15:04 - 2020-08-14 02:04 - 001086688 _____ C:\Windows\system32\vulkan-1.dll
2020-08-18 15:04 - 2020-08-14 02:04 - 000946400 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-08-18 15:04 - 2020-08-14 02:04 - 000946400 _____ C:\Windows\SysWOW64\vulkan-1.dll
2020-08-18 15:04 - 2020-08-14 02:04 - 000455408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-08-18 15:04 - 2020-08-14 02:04 - 000349928 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-08-18 15:04 - 2020-08-14 02:01 - 001485544 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2020-08-18 15:04 - 2020-08-14 02:01 - 001146256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2020-08-18 15:04 - 2020-08-14 02:01 - 001018768 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2020-08-18 15:04 - 2020-08-14 02:01 - 000816360 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2020-08-18 15:04 - 2020-08-14 02:01 - 000675224 _____ C:\Windows\system32\nvofapi64.dll
2020-08-18 15:04 - 2020-08-14 02:01 - 000669416 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2020-08-18 15:04 - 2020-08-14 02:01 - 000582904 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2020-08-18 15:04 - 2020-08-14 02:01 - 000555920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2020-08-18 15:04 - 2020-08-14 02:01 - 000541928 _____ C:\Windows\SysWOW64\nvofapi.dll
2020-08-18 15:04 - 2020-08-14 02:00 - 006653328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2020-08-18 15:04 - 2020-08-14 02:00 - 005882600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2020-08-18 15:04 - 2020-08-14 02:00 - 002376080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2020-08-18 15:04 - 2020-08-14 02:00 - 002078096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2020-08-18 15:04 - 2020-08-14 02:00 - 001570704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2020-08-18 15:04 - 2020-08-14 02:00 - 000811240 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2020-08-18 15:04 - 2020-08-14 02:00 - 000656784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2020-08-18 15:04 - 2020-08-14 02:00 - 000443624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2020-08-18 15:04 - 2020-08-14 01:59 - 003916688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2020-08-18 15:04 - 2020-08-14 01:59 - 000849640 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2020-08-18 15:04 - 2020-08-14 01:58 - 005395088 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2020-08-18 15:04 - 2020-08-14 01:58 - 004707696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2020-08-18 15:04 - 2020-08-13 04:47 - 000077891 _____ C:\Windows\system32\nvinfo.pb
2020-08-18 14:37 - 2020-08-18 14:37 - 000000000 ____D C:\Program Files\Malwarebytes
2020-08-18 00:12 - 2020-08-18 00:12 - 000002653 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AltServer.lnk
2020-08-17 15:35 - 2020-08-17 15:35 - 000309768 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
2020-08-17 15:34 - 2020-08-17 15:35 - 000206888 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
2020-08-17 15:34 - 2020-08-17 15:34 - 000256760 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2020-08-17 15:34 - 2020-08-17 15:34 - 000117512 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2020-08-17 15:32 - 2020-08-17 15:32 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-08-16 20:07 - 2020-08-16 20:07 - 106573824 _____ C:\Windows\system32\config\SOFTWARE.iobit
2020-08-16 20:07 - 2020-08-16 20:07 - 009793536 _____ C:\Windows\system32\config\DRIVERS.iobit
2020-08-16 20:07 - 2020-08-16 20:07 - 002580480 _____ C:\Windows\system32\config\DEFAULT.iobit
2020-08-16 20:07 - 2020-08-16 20:07 - 000073728 _____ C:\Windows\system32\config\SECURITY.iobit
2020-08-16 20:07 - 2020-08-16 20:07 - 000073728 _____ C:\Windows\system32\config\SAM.iobit
2020-08-14 15:28 - 2020-08-14 15:29 - 000027417 _____ C:\_2020-08-14
2020-08-14 15:28 - 2020-08-14 15:28 - 000003790 _____ C:\Windows\system32\Tasks\LastPassUpdater
2020-08-14 15:28 - 2020-08-14 15:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2020-08-13 00:17 - 2020-08-13 00:17 - 003637760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2020-08-13 00:17 - 2020-08-13 00:17 - 002259192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2020-08-13 00:17 - 2020-08-13 00:17 - 002138280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2020-08-13 00:17 - 2020-08-13 00:17 - 001870200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2020-08-13 00:17 - 2020-08-13 00:17 - 001418832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2020-08-13 00:17 - 2020-08-13 00:17 - 001012792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2020-08-13 00:17 - 2020-08-13 00:17 - 000941568 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2020-08-13 00:17 - 2020-08-13 00:17 - 000724480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2020-08-13 00:17 - 2020-08-13 00:17 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2020-08-13 00:17 - 2020-08-13 00:17 - 000666280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2020-08-13 00:17 - 2020-08-13 00:17 - 000432640 _____ (Microsoft Corporation) C:\Windows\system32\WalletService.dll
2020-08-13 00:17 - 2020-08-13 00:17 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2020-08-13 00:17 - 2020-08-13 00:17 - 000343408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2020-08-13 00:17 - 2020-08-13 00:17 - 000338944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll
2020-08-13 00:17 - 2020-08-13 00:17 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll
2020-08-13 00:16 - 2020-08-13 00:17 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 025903104 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 022642688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 019852288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 019812352 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 018032128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 014820352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 009932088 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 007758848 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 007604584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 007270912 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 006526448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 006436864 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 006294528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 006074552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 005946368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 005904896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 005849872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 005767224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 005111296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 005013504 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 005003824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 004611072 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 004129408 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 003974376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 003822592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 003806208 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 003743056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 003516416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 003368616 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 002986808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-08-13 00:16 - 2020-08-13 00:16 - 002950808 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 002799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-08-13 00:16 - 2020-08-13 00:16 - 002766952 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2020-08-13 00:16 - 2020-08-13 00:16 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2020-08-13 00:16 - 2020-08-13 00:16 - 002739200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\directml.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 002737664 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 002698048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2020-08-13 00:16 - 2020-08-13 00:16 - 002588688 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2020-08-13 00:16 - 2020-08-13 00:16 - 002583496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 002576896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 002422384 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2020-08-13 00:16 - 2020-08-13 00:16 - 002307584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 002096128 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 002085632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 002022400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 001836160 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 001740800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 001672544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 001669344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 001665024 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 001654312 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 001587712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 001564160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 001482568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2020-08-13 00:16 - 2020-08-13 00:16 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 001420320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 001406464 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 001397576 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 001393960 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 001319936 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 001282872 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2020-08-13 00:16 - 2020-08-13 00:16 - 001215488 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 001197056 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 001151816 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 001101312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 001077048 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 001015296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 001009664 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000995840 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\dsregcmd.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 000950784 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000914432 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000899072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000897648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000894032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 000888352 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000882688 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000875520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000867840 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000843776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000843776 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000823744 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 000822800 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000783480 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 000782336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000775480 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 000738064 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2020-08-13 00:16 - 2020-08-13 00:16 - 000718336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000717312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.FileExplorer.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000705536 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000702976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BTAGService.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000692224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000690536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000675040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 000675024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000673088 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000672256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000671744 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000671040 _____ (Microsoft Corporation) C:\Windows\system32\computecore.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000669184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000668672 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000661816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2020-08-13 00:16 - 2020-08-13 00:16 - 000649728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000593480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000579584 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000572200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000568128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000564488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StateRepository.Core.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000562688 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000535040 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000534016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000525824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000500224 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.FileExplorer.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000495104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdlg.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000477496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-08-13 00:16 - 2020-08-13 00:16 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000467968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000463168 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000462848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000461112 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000457016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2020-08-13 00:16 - 2020-08-13 00:16 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000452096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TileDataRepository.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000431104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000410624 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\DispBroker.Desktop.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000403456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000379704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000359496 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2020-08-13 00:16 - 2020-08-13 00:16 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000353280 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000339456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\HrtfApo.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2020-08-13 00:16 - 2020-08-13 00:16 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000309248 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000273744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tapisrv.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000247856 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\rasplap.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000220984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000211256 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasplap.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000199480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 000194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SpatializerApo.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000193592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\weretw.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000179512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-08-13 00:16 - 2020-08-13 00:16 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\profsvcext.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000170496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000165176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtm.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\net1.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 000141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Winlangdb.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000133256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47mrm.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000132408 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\StorageUsage.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\sdshext.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000124512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000114176 _____ (Microsoft Corporation) C:\Windows\system32\DeviceUpdateAgent.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\globinputhost.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000090936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000089328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdSSDP.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000072704 _____ (Microsoft Corporation) C:\Windows\system32\lpkinstall.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iemigplugin.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguageProfileCallback.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afunix.sys
2020-08-13 00:16 - 2020-08-13 00:16 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\acwow64.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryCore.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\afunix.sys
2020-08-13 00:16 - 2020-08-13 00:16 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\wiatrace.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtprio.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2020-08-13 00:16 - 2020-08-13 00:16 - 000003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2020-08-13 00:16 - 2020-08-13 00:16 - 000000357 _____ C:\Windows\system32\DrtmAuthKeyDelegate_From_20190529_To_20200303.bin
2020-08-13 00:16 - 2020-08-13 00:16 - 000000357 _____ C:\Windows\system32\DrtmAuth1KeyDelegate.bin
2020-08-13 00:16 - 2020-08-13 00:16 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-08-13 00:16 - 2020-08-13 00:16 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-08-13 00:16 - 2020-08-13 00:16 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-08-13 00:16 - 2020-08-13 00:16 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-08-13 00:16 - 2020-08-13 00:16 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-08-13 00:16 - 2020-08-13 00:16 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-08-13 00:16 - 2020-08-13 00:16 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-08-13 00:16 - 2020-08-13 00:16 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-08-13 00:16 - 2020-08-13 00:16 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-08-13 00:16 - 2020-08-13 00:16 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-08-13 00:16 - 2020-08-13 00:16 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-08-13 00:16 - 2020-08-13 00:16 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-08-13 00:15 - 2020-08-13 00:15 - 017792512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 007915864 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 007850784 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 007583272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 007297536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 007270728 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 005283776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 004625184 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2020-08-13 00:15 - 2020-08-13 00:15 - 004565248 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-08-13 00:15 - 2020-08-13 00:15 - 004227116 _____ C:\Windows\system32\DefaultHrtfs.bin
2020-08-13 00:15 - 2020-08-13 00:15 - 004005376 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 003727872 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-08-13 00:15 - 2020-08-13 00:15 - 003712000 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 003581240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-08-13 00:15 - 2020-08-13 00:15 - 003141632 _____ (Microsoft Corporation) C:\Windows\system32\directml.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 003084800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 002808832 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 002717696 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-08-13 00:15 - 2020-08-13 00:15 - 002552120 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 002523136 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 002471936 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 002289152 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 002260312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\WpcDesktopMonSvc.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 001942528 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 001885184 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 001756592 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-08-13 00:15 - 2020-08-13 00:15 - 001751040 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 001743680 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 001660536 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 001612800 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 001540096 _____ (Microsoft Corporation) C:\Windows\system32\WindowManagement.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 001512848 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-08-13 00:15 - 2020-08-13 00:15 - 001366144 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-08-13 00:15 - 2020-08-13 00:15 - 001338368 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 001274128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryPS.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 001182248 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2020-08-13 00:15 - 2020-08-13 00:15 - 001182208 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 001149712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2020-08-13 00:15 - 2020-08-13 00:15 - 001127424 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 001123344 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 001072128 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 001059328 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 001055232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 001008128 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000963072 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000937984 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000917800 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000875424 _____ (Microsoft Corporation) C:\Windows\system32\pkeyhelper.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000874296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2020-08-13 00:15 - 2020-08-13 00:15 - 000865280 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000716312 _____ (Microsoft Corporation) C:\Windows\system32\StateRepository.Core.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000677888 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000624640 _____ (Microsoft Corporation) C:\Windows\system32\TileDataRepository.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000562688 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-08-13 00:15 - 2020-08-13 00:15 - 000548352 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000522688 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2020-08-13 00:15 - 2020-08-13 00:15 - 000521728 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\HrtfApo.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000441144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-08-13 00:15 - 2020-08-13 00:15 - 000374784 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000369304 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000355840 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicSvc.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000340992 _____ (Microsoft Corporation) C:\Windows\system32\LanguageOverlayServer.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000335872 _____ (Microsoft Corporation) C:\Windows\system32\RasMediaManager.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000314368 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000312832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000302080 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe
2020-08-13 00:15 - 2020-08-13 00:15 - 000287232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.AppDefaults.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicCapsule.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000255488 _____ (Microsoft Corporation) C:\Windows\system32\wpnservice.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000252928 _____ (Microsoft Corporation) C:\Windows\system32\SpatializerApo.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000209208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000201544 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_SIUF.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000199168 _____ (Microsoft Corporation) C:\Windows\system32\Winlangdb.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2020-08-13 00:15 - 2020-08-13 00:15 - 000186472 _____ (Microsoft Corporation) C:\Windows\system32\BCP47mrm.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000174592 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000152416 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\globinputhost.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000104248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2020-08-13 00:15 - 2020-08-13 00:15 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicAgent.exe
2020-08-13 00:15 - 2020-08-13 00:15 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\CustomInstallExec.exe
2020-08-13 00:15 - 2020-08-13 00:15 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguageProfileCallback.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2020-08-13 00:15 - 2020-08-13 00:15 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryCore.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cellulardatacapabilityhandler.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2020-08-13 00:15 - 2020-08-13 00:15 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\FaxPrinterInstaller.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicPS.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\sbservicetrigger.dll
2020-08-13 00:15 - 2020-08-13 00:15 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2020-08-13 00:05 - 2020-07-18 06:07 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-08-13 00:05 - 2020-07-18 05:53 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-08-11 02:16 - 2020-08-11 02:16 - 000000000 ____D C:\win32-loader
2020-08-11 02:15 - 2020-08-11 02:15 - 000000258 __RSH C:\ProgramData\ntuser.pol
2020-08-10 19:39 - 2020-08-10 19:39 - 000002239 _____ C:\Users\abood\Desktop\Discord.lnk
2020-08-10 17:09 - 2020-08-10 17:09 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2020-08-10 17:09 - 2020-08-10 17:09 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2020-08-10 15:46 - 2020-08-10 15:46 - 000998808 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2020-08-10 15:46 - 2020-08-10 15:46 - 000251800 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2020-08-10 15:46 - 2020-08-10 15:46 - 000233368 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kneps.sys
2020-08-08 18:44 - 2020-08-08 18:44 - 000003178 _____ C:\Windows\system32\Tasks\Driver Booster Update
2020-08-08 18:44 - 2020-08-08 18:44 - 000002952 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (abood)
2020-08-08 18:44 - 2020-08-08 18:44 - 000002928 _____ C:\Windows\system32\Tasks\BoostTray SkipUAC (abood)
2020-08-08 18:44 - 2020-08-08 18:44 - 000002361 _____ C:\Users\Public\Desktop\Driver Booster 7.lnk
2020-08-08 18:44 - 2020-08-08 18:44 - 000002361 _____ C:\ProgramData\Desktop\Driver Booster 7.lnk
2020-08-08 18:44 - 2020-08-08 18:44 - 000001933 _____ C:\Users\abood\Desktop\Zoom.lnk
2020-08-08 18:44 - 2020-08-08 18:44 - 000000000 ____D C:\Users\abood\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-08-08 18:44 - 2020-08-08 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 7
2020-08-06 22:52 - 2020-08-06 22:52 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3694255521-1418403984-3529247322-1001
2020-08-06 22:52 - 2020-08-06 22:52 - 000002369 _____ C:\Users\abood\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-08-04 15:08 - 2020-08-04 15:08 - 001348576 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorAC.sys
2020-08-04 15:08 - 2020-08-04 15:08 - 000027616 _____ (Intel Corporation) C:\Windows\system32\RstMwEventLogMsg.dll
2020-08-01 03:14 - 2020-08-01 03:14 - 000001818 _____ C:\Users\Public\Desktop\iTunes.lnk
2020-08-01 03:14 - 2020-08-01 03:14 - 000001818 _____ C:\ProgramData\Desktop\iTunes.lnk
2020-08-01 03:14 - 2020-08-01 03:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2020-08-01 03:14 - 2020-08-01 03:14 - 000000000 ____D C:\Program Files\iTunes
2020-08-01 03:14 - 2020-08-01 03:14 - 000000000 ____D C:\Program Files\iPod
2020-07-31 11:55 - 2020-07-31 11:55 - 000000000 ____D C:\Users\abood\AppData\Local\F-Secure
2020-07-31 11:55 - 2020-07-31 11:55 - 000000000 ____D C:\ProgramData\F-Secure
2020-07-30 00:19 - 2020-07-30 00:19 - 000004122 _____ C:\Windows\system32\Tasks\ASUS Update Checker 2.0
2020-07-30 00:19 - 2020-07-30 00:19 - 000003764 _____ C:\Windows\system32\Tasks\ASUS Optimization 36D18D69AFC3
2020-07-29 22:21 - 2020-07-29 22:21 - 000003264 _____ C:\Windows\system32\Tasks\SmartDefrag_AutoAnalyze
2020-07-29 22:21 - 2020-07-29 22:21 - 000001241 _____ C:\Users\Public\Desktop\Smart Defrag 6.lnk
2020-07-29 22:21 - 2020-07-29 22:21 - 000001241 _____ C:\ProgramData\Desktop\Smart Defrag 6.lnk
2020-07-29 22:21 - 2019-09-12 09:59 - 000178960 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2020-07-29 22:21 - 2017-03-09 13:53 - 000030744 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2020-07-29 14:21 - 2020-07-29 14:21 - 000001749 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
2020-07-29 14:21 - 2020-07-29 14:21 - 000000000 ____D C:\Users\abood\Documents\Rainmeter
2020-07-29 14:21 - 2020-07-29 14:21 - 000000000 ____D C:\Users\abood\AppData\Roaming\Rainmeter
2020-07-29 14:21 - 2020-07-29 14:21 - 000000000 ____D C:\Program Files\Rainmeter
2020-07-29 10:11 - 2020-07-29 10:11 - 000003184 _____ C:\Windows\system32\Tasks\Software Updater Scheduler
2020-07-29 10:11 - 2020-07-29 10:11 - 000001423 _____ C:\Users\Public\Desktop\IObit Software Updater.lnk
2020-07-29 10:11 - 2020-07-29 10:11 - 000001423 _____ C:\ProgramData\Desktop\IObit Software Updater.lnk
2020-07-27 19:01 - 2020-07-27 19:02 - 000000000 _RSHD C:\ProgramData\Key-Base
2020-07-27 19:01 - 2020-07-27 19:01 - 000000000 ____D C:\Users\abood\AppData\Local\LC Technology Inc
2020-07-27 19:00 - 2020-07-27 19:00 - 000001213 _____ C:\Users\Public\Desktop\RescuePRO Deluxe.lnk
2020-07-27 19:00 - 2020-07-27 19:00 - 000001213 _____ C:\ProgramData\Desktop\RescuePRO Deluxe.lnk
2020-07-27 19:00 - 2020-07-27 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RescuePRO Deluxe
2020-07-27 19:00 - 2020-07-27 19:00 - 000000000 ____D C:\Program Files (x86)\RescuePRO Deluxe
2020-07-26 15:05 - 2020-08-18 00:12 - 000000000 ____D C:\Program Files (x86)\AltServer
2020-07-22 21:08 - 2020-07-22 21:08 - 000001990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs OBS.lnk
2020-07-22 21:08 - 2020-07-22 21:08 - 000001978 _____ C:\Users\Public\Desktop\Streamlabs OBS.lnk
2020-07-22 21:08 - 2020-07-22 21:08 - 000001978 _____ C:\ProgramData\Desktop\Streamlabs OBS.lnk
2020-07-22 21:06 - 2020-07-22 21:08 - 000000000 ____D C:\Program Files\Streamlabs OBS
2020-07-20 14:37 - 2020-07-20 14:37 - 000001495 _____ C:\Users\Public\Desktop\Smart Game Booster 4.lnk
2020-07-20 14:37 - 2020-07-20 14:37 - 000001495 _____ C:\ProgramData\Desktop\Smart Game Booster 4.lnk
2020-07-20 00:36 - 2020-07-20 01:45 - 000002266 _____ C:\Users\abood\Desktop\LastPass for Windows Desktop.lnk
2020-07-19 15:30 - 2020-07-19 15:33 - 000000000 ____D C:\Users\abood\AppData\LocalLow\LastPass
2020-07-19 15:28 - 2020-08-14 15:28 - 000000000 ____D C:\Program Files (x86)\LastPass

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-08-18 21:09 - 2020-02-12 13:19 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-08-18 21:08 - 2020-06-02 14:32 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2020-08-18 21:07 - 2020-02-09 06:11 - 000003748 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2020-08-18 21:05 - 2020-06-02 15:47 - 000000000 ____D C:\ProgramData\NVIDIA
2020-08-18 21:05 - 2019-04-21 14:05 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-08-18 21:05 - 2019-03-19 07:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-08-18 21:05 - 2019-03-19 07:37 - 000786432 _____ C:\Windows\system32\config\BBI
2020-08-18 21:02 - 2019-03-19 07:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-08-18 20:42 - 2019-04-21 14:05 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-08-18 19:05 - 2020-02-08 16:46 - 000000000 ____D C:\Users\abood\AppData\Local\D3DSCache
2020-08-18 19:03 - 2020-02-08 23:06 - 000000000 ____D C:\Program Files (x86)\Origin
2020-08-18 18:36 - 2019-04-21 14:12 - 000840852 _____ C:\Windows\system32\PerfStringBackup.INI
2020-08-18 18:36 - 2019-03-19 07:50 - 000000000 ____D C:\Windows\INF
2020-08-18 15:47 - 2020-02-21 21:26 - 000000000 ____D C:\Users\abood\AppData\Local\ElevatedDiagnostics
2020-08-18 15:10 - 2020-06-02 15:48 - 000000000 ____D C:\Users\abood\AppData\Local\NVIDIA
2020-08-18 15:10 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\AppReadiness
2020-08-18 15:02 - 2020-02-26 13:34 - 000000000 ____D C:\Users\abood\AppData\Roaming\IObit
2020-08-18 14:54 - 2020-02-26 13:34 - 000000000 ____D C:\Users\abood\AppData\LocalLow\IObit
2020-08-18 14:50 - 2020-05-15 00:29 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2020-08-18 14:09 - 2020-06-03 12:42 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-08-18 14:09 - 2020-06-03 12:42 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-08-18 14:09 - 2020-06-03 12:42 - 000002280 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-08-18 01:10 - 2019-03-19 07:37 - 000032768 _____ C:\Windows\system32\config\ELAM
2020-08-17 22:11 - 2020-02-15 16:25 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-08-17 22:11 - 2020-02-15 16:25 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-08-17 21:02 - 2020-02-29 20:31 - 000000000 ____D C:\Program Files\Microsoft Office
2020-08-17 15:31 - 2020-03-07 18:17 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-08-17 15:31 - 2020-03-07 18:17 - 000000867 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-08-17 15:31 - 2020-02-26 13:49 - 000003450 _____ C:\Windows\system32\Tasks\SU_AutoUpdate
2020-08-16 20:12 - 2020-02-08 17:11 - 000000000 ____D C:\Program Files (x86)\Steam
2020-08-16 15:44 - 2020-02-08 17:20 - 000000000 ____D C:\Users\abood\AppData\Local\CrashDumps
2020-08-16 14:10 - 2019-04-21 14:05 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-08-15 20:36 - 2020-02-26 13:34 - 000000000 ____D C:\ProgramData\ProductData
2020-08-15 00:30 - 2020-06-16 03:34 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-08-15 00:30 - 2020-02-09 15:42 - 000000000 ____D C:\Program Files\Rockstar Games
2020-08-14 15:28 - 2019-03-19 07:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-08-13 23:39 - 2020-06-12 13:51 - 000000000 ____D C:\Users\abood\AppData\Local\Spotify
2020-08-13 23:29 - 2020-06-12 13:47 - 000000000 ____D C:\Users\abood\AppData\Roaming\Spotify
2020-08-13 00:23 - 2020-02-09 06:19 - 000000000 ___RD C:\Users\abood\3D Objects
2020-08-13 00:23 - 2019-08-23 14:48 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-08-13 00:22 - 2019-04-21 14:05 - 000452984 _____ C:\Windows\system32\FNTCACHE.DAT
2020-08-13 00:21 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\SysWOW64\setup
2020-08-13 00:21 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\SysWOW64\oobe
2020-08-13 00:21 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-08-13 00:21 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\SystemResources
2020-08-13 00:21 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\system32\setup
2020-08-13 00:21 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2020-08-13 00:21 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\system32\oobe
2020-08-13 00:21 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\system32\migwiz
2020-08-13 00:21 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\system32\Dism
2020-08-13 00:21 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-08-13 00:21 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\Provisioning
2020-08-13 00:21 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\bcastdvr
2020-08-13 00:21 - 2019-03-19 07:37 - 000000000 ____D C:\Windows\servicing
2020-08-13 00:21 - 2019-03-19 07:37 - 000000000 ____D C:\Windows\CbsTemp
2020-08-11 22:23 - 2020-02-09 15:31 - 000000000 ____D C:\Users\abood\AppData\Roaming\Discord
2020-08-10 19:39 - 2020-03-06 16:23 - 000000000 ____D C:\Users\abood\AppData\Local\Discord
2020-08-10 19:39 - 2020-02-09 15:31 - 000000000 ____D C:\Users\abood\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-08-10 17:47 - 2020-02-12 14:54 - 000016512 _____ C:\Windows\SysWOW64\antimalware.unwanted_products.product_registry.kvdb-wal
2020-08-10 17:09 - 2020-02-12 14:54 - 000032768 _____ C:\Windows\SysWOW64\antimalware.unwanted_products.product_registry.kvdb-shm
2020-08-10 17:09 - 2020-02-12 14:54 - 000032768 _____ C:\Windows\SysWOW64\antimalware.unwanted_products.browser_extension_registry.kvdb-shm
2020-08-10 17:09 - 2020-02-12 14:54 - 000032768 _____ C:\Windows\SysWOW64\antimalware.patch_management.product_registry.kvdb-shm
2020-08-10 15:18 - 2019-08-23 14:56 - 000000000 ____D C:\Program Files (x86)\LightingService
2020-08-09 22:40 - 2020-04-19 11:52 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2020-08-09 22:40 - 2020-04-05 09:08 - 001514432 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2020-08-09 22:40 - 2020-04-05 09:08 - 000166328 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2020-08-09 22:40 - 2020-04-05 09:08 - 000158648 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2020-08-09 22:40 - 2020-04-05 09:08 - 000150456 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2020-08-09 22:40 - 2020-04-05 09:08 - 000033720 _____ (Microsoft Corporation) C:\Windows\system32\gamemodcontrol.exe
2020-08-08 18:44 - 2020-07-06 14:00 - 000000000 ____D C:\Users\abood\AppData\Roaming\Zoom
2020-08-08 18:04 - 2020-02-09 06:19 - 000000000 __SHD C:\Users\abood\IntelGraphicsProfiles
2020-08-07 21:17 - 2020-07-03 17:42 - 000000000 ____D C:\Users\abood\AppData\Roaming\EasyAntiCheat
2020-08-07 21:17 - 2020-02-21 09:44 - 000000000 ____D C:\Users\abood\AppData\Local\Ubisoft Game Launcher
2020-08-07 21:14 - 2020-02-08 23:05 - 000000000 ____D C:\Users\abood\AppData\Roaming\Origin
2020-08-07 21:14 - 2020-02-08 22:32 - 000000000 ____D C:\ProgramData\Origin
2020-08-07 21:08 - 2020-04-22 13:18 - 000000000 ____D C:\Program Files (x86)\Origin Games
2020-08-07 21:08 - 2020-02-08 23:05 - 000000000 ____D C:\Users\abood\AppData\Local\Origin
2020-08-06 22:52 - 2020-02-08 15:20 - 000000000 ___RD C:\Users\abood\OneDrive
2020-08-05 15:46 - 2020-02-09 22:12 - 000000000 ___RD C:\Users\abood\iCloudDrive
2020-08-05 15:33 - 2020-06-12 13:51 - 000001852 _____ C:\Users\abood\Desktop\Spotify.lnk
2020-08-05 15:33 - 2020-06-12 13:51 - 000001838 _____ C:\Users\abood\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2020-08-05 15:28 - 2020-06-02 14:23 - 000000000 ____D C:\Program Files\Riot Vanguard
2020-08-05 05:01 - 2020-04-19 11:52 - 000198144 _____ (Microsoft Corporation) C:\Windows\system32\GameInput.dll
2020-08-05 03:36 - 2020-04-19 11:52 - 000156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GameInput.dll
2020-08-03 00:55 - 2020-02-29 19:50 - 000000000 ____D C:\Users\abood\AppData\Roaming\youtube-music-desktop-app
2020-07-29 22:21 - 2020-04-04 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2020-07-29 17:33 - 2019-08-23 14:52 - 000000000 ____D C:\ProgramData\ASUS
2020-07-29 10:11 - 2020-04-07 11:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Software Updater
2020-07-27 19:01 - 2020-02-09 06:14 - 000000000 ____D C:\Users\abood
2020-07-27 14:42 - 2020-05-07 01:07 - 000000000 ____D C:\Users\abood\Desktop\New folder
2020-07-26 21:10 - 2019-08-23 14:56 - 000000000 ____D C:\Program Files (x86)\ASUS
2020-07-25 17:01 - 2019-08-23 14:50 - 000000000 ____D C:\ProgramData\Package Cache
2020-07-24 16:23 - 2020-04-06 18:13 - 000000000 ____D C:\Users\abood\AppData\Roaming\slobs-client
2020-07-24 02:07 - 2020-02-09 06:19 - 000000000 ____D C:\Users\abood\AppData\Local\Packages
2020-07-24 02:07 - 2020-02-08 15:21 - 000000000 ____D C:\Users\abood\AppData\Local\PlaceholderTileLogoFolder
2020-07-24 02:05 - 2020-02-09 06:19 - 000000000 ____D C:\Users\abood\AppData\Local\Intel
2020-07-24 01:56 - 2020-02-26 16:54 - 000002292 _____ C:\Windows\system32\AuraDlgSetProfile.xml
2020-07-24 00:42 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\LiveKernelReports
2020-07-20 17:19 - 2020-02-08 16:26 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-07-20 17:19 - 2019-08-23 14:57 - 000000000 ____D C:\Windows\system32\Tasks\ASUS
2020-07-20 15:31 - 2020-05-09 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex
2020-07-20 15:29 - 2020-02-09 06:15 - 000000000 ____D C:\ProgramData\Packages
2020-07-20 14:37 - 2020-04-04 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Game Booster 4
2020-07-20 14:37 - 2020-02-27 22:02 - 000003202 _____ C:\Windows\system32\Tasks\SmartGameBooster Update
2020-07-20 14:37 - 2020-02-27 22:02 - 000003198 _____ C:\Windows\system32\Tasks\SmartGameBooster Startup
2020-07-20 14:37 - 2020-02-27 22:02 - 000002960 _____ C:\Windows\system32\Tasks\SmartGameBooster SkipUAC (abood)
2020-07-20 01:47 - 2020-03-08 20:24 - 000000000 ___HD C:\Wondershare_DrFone_IOSRepair
2020-07-20 01:04 - 2020-03-09 17:05 - 000000000 ____D C:\Users\abood\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grammarly
2020-07-19 00:00 - 2020-07-12 23:55 - 000000000 ____D C:\Users\abood\AppData\Local\Vivox

==================== Files in the root of some directories ========

2020-05-05 22:44 - 2020-05-05 22:44 - 009533440 _____ () C:\Program Files (x86)\GUT5E4.tmp
2020-02-16 20:50 - 2020-02-16 20:50 - 000000000 _____ () C:\Users\abood\AppData\Local\oobelibMkey.log
2020-07-07 14:10 - 2020-07-07 14:10 - 000000737 _____ () C:\Users\abood\AppData\Local\recently-used.xbel
2020-03-09 16:25 - 2020-07-15 19:22 - 000007605 _____ () C:\Users\abood\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Link to post
Share on other sites

this is addition.txt 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-08-2020
Ran by abood (18-08-2020 21:11:21)
Running from C:\Users\abood\Downloads
Windows 10 Home Version 1909 18363.1016 (X64) (2020-02-09 03:10:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

abood (S-1-5-21-3694255521-1418403984-3529247322-1001 - Administrator - Enabled) => C:\Users\abood
Administrator (S-1-5-21-3694255521-1418403984-3529247322-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3694255521-1418403984-3529247322-503 - Limited - Disabled)
Guest (S-1-5-21-3694255521-1418403984-3529247322-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3694255521-1418403984-3529247322-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Kaspersky Internet Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
FW: Kaspersky Internet Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.11 (HKLM\...\{2DC070EE-D256-4564-BC7C-A78085F22080}) (Version: 4.11.3.3420 - Open Media LLC)
Adobe Connect (HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\Adobe Connect App) (Version: 2020.1.5.32 - Adobe Systems Inc.)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0) (Version: 20.0.0 - Adobe Systems Incorporated)
AltServer (HKLM-x32\...\{602DB327-2135-4133-92D4-2AE5F665B788}) (Version: 1.3.3 - Riley Testut)
AnyTrans (HKLM-x32\...\AnyTrans) (Version: 8.1.0.0 - iMobie Inc.)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.4.1 - Electronic Arts, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{11C4575B-4B32-44D2-A097-D59A00BA60DE}) (Version: 8.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D39B163A-9E12-442C-95E9-33FA5746AB21}) (Version: 8.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C788AE25-3D4E-4D18-811B-3219F778487E}) (Version: 13.5.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ARMOURY CRATE Service (HKLM\...\{01378DC3-088F-4F55-AAFA-DC6A9CCA292A}) (Version: 3.0.5 - ASUS)
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.4.1.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{62194eb5-96ca-4ebc-bb26-5433c914ac9b}) (Version: 2.4.1.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.23 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32\...\{b8af8e27-5c72-412c-bab7-dc6430e70f1b}) (Version: 1.1.23 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.2.4 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{7f23d3ea-a821-4293-b7f7-34383bf06437}) (Version: 1.2.4 - ASUSTek COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.03.53 - ASUSTek COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32\...\{CB0E3BB6-3F2F-401E-B1D4-E23C582ACB11}) (Version: 1.0.4.5 - ASUSTek COMPUTER INC.) Hidden
ASUS HID Control Service (HKLM\...\{0F2EECD1-9CCE-4907-8D9A-11629B0608CE}) (Version: 1.2.0 - ASUS)
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.36 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{3ee3abea-aaa5-4bdb-a8a3-cbbbed892bb1}) (Version: 1.0.36 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.30 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{a3a1beb0-9f5b-4b4e-8cfa-ef25842faf55}) (Version: 1.0.30 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.36 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{0fc56b57-bf6d-45dc-928b-4bc661c8c773}) (Version: 1.0.36 - ASUSTek COMPUTER INC.) Hidden
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.27 - ASUSTeK Computer Inc.) Hidden
ASUS_FRQ_Control (HKLM-x32\...\{8714A8D1-0F08-4681-9DF6-A8C4607A58B4}) (Version: 1.1.0 - ASUSTek COMPUTER INC.)
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.11 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.11 - ASUS)
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.04.15 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{409f323b-0865-4c82-8161-a444b1f3f709}) (Version: 3.04.15 - ASUSTeK Computer Inc.)
Authy Desktop (HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\authy-electron) (Version: 1.8.0 - Twilio Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.70 - Piriform)
Discord (HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\Discord) (Version: 0.0.307 - Discord Inc.)
dr.fone (Version 10.3.6) (HKLM-x32\...\{E8F86DA8-B8E4-42C7-AFD4-EBB692AC43FD}_is1) (Version: 10.3.6.281 - Wondershare Technology Co.,Ltd.)
Driver Booster 7 (HKLM-x32\...\Driver Booster_is1) (Version: 7.6.0 - IObit)
Duet Display (HKLM\...\{F1AD33B2-4BF4-4A3E-8E5F-94309DF487ED}) (Version: 1.8.6.3 - Kairos) Hidden
Duet Display (HKLM\...\Duet Display 1.8.6.3) (Version: 1.8.6.3 - Kairos)
Epic Games Launcher (HKLM-x32\...\{DCE27B29-200D-491A-BBC5-98ECEFEC0843}) (Version: 1.1.257.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
GameInput Redistributable (HKLM-x32\...\{304E6524-F34A-C534-23B3-E0E86370050A}) (Version: 10.1.19041.3878 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 84.0.4147.125 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Grammarly for Microsoft® Office Suite (HKLM\...\{257A3890-9A0E-4C09-B881-ADA64130C9F9}) (Version: 6.7.211 - Grammarly) Hidden
Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\{a3dda12d-e361-487d-afb4-81da65a7b523}) (Version: 6.7.211 - Grammarly)
Hyper Scape (HKLM-x32\...\Uplay Install 11957) (Version:  - Ubisoft)
iCloud (HKLM\...\{F0AD317D-AE18-45D0-BE5B-30074AFE6740}) (Version: 7.19.0.10 - Apple Inc.)
IObit Software Updater (HKLM-x32\...\IObit Software Updater_is1) (Version: 3.2.0.1659 - IObit)
IObit Uninstaller 9 (HKLM-x32\...\IObitUninstall) (Version: 9.6.0.2 - IObit)
iTunes (HKLM\...\{EA1B93E5-47D8-4252-8441-DEC5F5274C60}) (Version: 12.10.8.5 - Apple Inc.)
Java 8 Update 261 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky)
Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab)
LastPass (HKLM-x32\...\{7DA6E793-4F71-4D9D-BA18-5DC655B4FA50}) (Version: 4.54.0.1795 - LogMeIn)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.1.2.73 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.2.73 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 84.0.522.61 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.133.5 - )
Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.13029.20344 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\OneDriveSetup.exe) (Version: 20.124.0621.0006 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{F6678473-0198-46D0-A88F-2A247E6FA03C}) (Version: 1.0.0.0 - Mojang)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.13 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation)
NVIDIA Graphics Driver 452.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.34 - NVIDIA Corporation)
NVIDIA Install Application (HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer) (Version: 2.1002.344.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13029.20200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13029.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13029.20200 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.81.43142 - Electronic Arts, Inc.)
Python 3.8.1 (32-bit) (HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\{4e3c79d9-fd08-4d23-ba50-d6f19553b0ee}) (Version: 3.8.1150.0 - Python Software Foundation)
Python 3.8.1 Add to Path (32-bit) (HKLM-x32\...\{39F3EF2E-1A91-4A80-8C81-F696C487553B}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Core Interpreter (32-bit) (HKLM-x32\...\{03976998-4294-4FA5-9BE9-3E01B1DBEDC3}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Development Libraries (32-bit) (HKLM-x32\...\{0211E4D2-E2F6-422D-AEC9-46AD4CC583DD}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Documentation (32-bit) (HKLM-x32\...\{4408F4FC-AFC1-483E-A744-D61491A8AB85}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Executables (32-bit) (HKLM-x32\...\{F4F906AC-DFDB-4DA2-86C4-D116EAB497FA}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 pip Bootstrap (32-bit) (HKLM-x32\...\{34B7C438-99B2-4876-8F3A-5295A7DA2AE0}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Standard Library (32-bit) (HKLM-x32\...\{81CC98E6-C3E9-41EE-9ECC-30A6952AF726}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Tcl/Tk Support (32-bit) (HKLM-x32\...\{F97C2D8A-7ED6-4BA9-BAA7-036878A8AC5B}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Test Suite (32-bit) (HKLM-x32\...\{656BF6D9-2710-466C-8F82-88135B8EAF00}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Utility Scripts (32-bit) (HKLM-x32\...\{EE756009-EBAF-4C88-A99B-2E30FD1FA5DC}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{41A9BB87-60B8-47C3-BB79-6EC186827EC7}) (Version: 3.8.6925.0 - Python Software Foundation)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.3.1 r3321 - Rainmeter)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.9.8.1244 - Razer Inc.)
RefreshRateService (HKLM-x32\...\{0167A031-AD97-403B-A129-9DFCB53F3890}) (Version: 1.0.17 - ASUSTeK COMPUTER INC.)
RescuePRO Deluxe 7.0.0.6 (HKLM-x32\...\{38D9AAB8-116B-40BB-A801-50B71DF82D24}_is1) (Version: 7.0.0.6 - LC Technology International, Inc.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
Roblox Player for abood (HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\roblox-player) (Version:  - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.27.272 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.6.5 - Rockstar Games)
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.1.2.0 - ASUSTek COMPUTER INC.)
Smart Defrag 6 (HKLM-x32\...\Smart Defrag_is1) (Version: 6.6.0 - IObit)
Smart Game Booster 4.5 (HKLM-x32\...\Smart Game Booster_is1) (Version: 4.5.0 - Smart Game Booster)
Spotify (HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\Spotify) (Version: 1.1.39.612.g1e7e78a4 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.22.3 - General Workings, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft)
VALORANT (HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 1.2.6.7 - Voicemod S.L.)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
YouTube Music Desktop App 1.11.0 (HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\afca255d-79c9-539f-84c6-b3a7619889d5) (Version: 1.11.0 - Adler Luiz)
Zoom (HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\ZoomUMX) (Version: 5.2.0 (42619.0804) - Zoom Video Communications, Inc.)

Packages:
=========
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_3.0.4.0_x64__qmba6cd70vzyy [2020-07-29] (ASUSTeK COMPUTER INC.)
ASUS Grid (Beta) -> C:\Program Files\WindowsApps\B9ECED6F.133F79A42C6_1.0.14.0_x64__qmba6cd70vzyy [2020-04-19] (ASUSTeK COMPUTER INC.)
AURA Creator -> C:\Program Files\WindowsApps\B9ECED6F.AURACreator_2.0.3.0_x64__qmba6cd70vzyy [2020-07-16] (ASUSTeK COMPUTER INC.)
Cities: Skylines - Windows 10 Edition -> C:\Program Files\WindowsApps\ParadoxInteractive.81845321AE_10.1.1.2_x64__zfnrdv2de78ny [2020-06-22] (Paradox Interactive)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x64__8wekyb3d8bbwe [2020-04-05] (Microsoft Corporation)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x86__8wekyb3d8bbwe [2020-04-05] (Microsoft Corporation)
Gaming Services -> C:\Program Files\WindowsApps\Microsoft.GamingServices_2.44.5001.0_x64__8wekyb3d8bbwe [2020-08-09] (Microsoft Corporation)
Hotspot Shield Free VPN -> C:\Program Files\WindowsApps\6F71D7A7.HotspotShieldFreeVPN_2.6.1.0_x64__nsbqstbb9qxb6 [2020-08-06] (Pango Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-06-17] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-18] (INTEL CORP)
IObit Surfing Protection & Ads Removal -> C:\Program Files\WindowsApps\18411IObit.121073B4FE2A6_2.8.77.0_x64__8nkkvw7c6ghbg [2020-02-26] (Both Talent International Limited)
LastPass for Windows Desktop -> C:\Program Files\WindowsApps\LastPass.LastPass_4.4.3.0_x64__sbg7naapqq8fj [2020-07-19] (LastPass)
LastPass: Free Password Manager -> C:\Program Files\WindowsApps\LastPass.LastPassFreePasswordManager_4.53.0.0_neutral__qq0fmhteeht3j [2020-08-02] (LastPass)
Lunacy -> C:\Program Files\WindowsApps\Icons8LLC.Lunacy_6.0.0.0_x64__7g68zyg4rddyp [2020-08-09] (Icons8 LLC)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-02-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-02-08] (Microsoft Corporation) [MS Ad]
Microsoft Rewards -> C:\Program Files\WindowsApps\Microsoft.MicrosoftRewards_2.1.0.0_neutral__8wekyb3d8bbwe [2020-07-08] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8042.0_x64__8wekyb3d8bbwe [2020-08-09] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_2.2.28.0_x64__qmba6cd70vzyy [2020-08-06] (ASUSTeK COMPUTER INC.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-06-23] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-01] (Microsoft Corporation)
Razer Cortex -> C:\Program Files\WindowsApps\37003RazerUSALtd.RazerCortex_1.0.56.0_x64__fm2vaa0rg472m [2020-07-20] (Razer USA Ltd)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.183.0_x64__dt26b99r8h8gj [2019-08-23] (Realtek Semiconductor Corp)
Sonic Studio 3 -> C:\Program Files\WindowsApps\A-Volute.SonicStudio3_3.16.11.0_x64__w2gh52qy24etm [2020-07-16] (A-Volute)
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.12.128.0_x64__43tkc6nmykmb6 [2020-08-14] (Ookla)
TranslucentTB -> C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_9.0.0.0_x86__v826wp6bftszj [2020-07-22] (Charles Milette) [Startup Task]
Xbox -> C:\Program Files\WindowsApps\Microsoft.GamingApp_2008.1001.11.0_x64__8wekyb3d8bbwe [2020-08-14] (Microsoft Corporation) [Startup Task]
Xbox Avatar Editor -> C:\Program Files\WindowsApps\Microsoft.XboxIdentity_100.1906.4002.0_x64__8wekyb3d8bbwe [2020-04-21] (Microsoft Corporation)
Xbox Insider Hub -> C:\Program Files\WindowsApps\Microsoft.FlightDashboard_474.2007.28001.0_x64__8wekyb3d8bbwe [2020-08-02] (Microsoft Corporation)
X-VPN - Free Unlimited VPN Proxy -> C:\Program Files\WindowsApps\29645FreeConnectedLimited.X-VPN-FreeUnlimitedVPNPr_15.0.187.0_x64__qjvpctbgym0d0 [2020-08-02] (Free Connected Limited.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3694255521-1418403984-3529247322-1001_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\abood\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.211\C4D9CA8E86\GrammarlyShim64.dll (Grammarly, Inc. -> CompanyName)
CustomCLSID: HKU\S-1-5-21-3694255521-1418403984-3529247322-1001_Classes\CLSID\{4BE56754-B616-4998-B825-D16983AEE1B2}\InprocServer32 -> C:\Users\abood\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.211\C4D9CA8E86\Grammarly.AddIn.Connect.ActiveX.dll (Grammarly, Inc. -> Grammarly)
ContextMenuHandlers1: [DBGameBoosterMenu] -> {96086A41-005D-457D-0910-0D4A91ECF1B1} => C:\Program Files (x86)\IObit\Driver Booster\7.6.0\boost\BoostMenu64.dll [2020-07-24] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-06-30] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2020-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-05-07] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\4.5.0\MenuExt64.dll [2020-05-29] (Chengdu Zhagu Technology Co., Ltd. -> Smart Game Booster)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2020-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [DBGameBoosterMenu] -> {96086A41-005D-457D-0910-0D4A91ECF1B1} => C:\Program Files (x86)\IObit\Driver Booster\7.6.0\boost\BoostMenu64.dll [2020-07-24] (IObit Information Technology -> IObit)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-18] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\4.5.0\MenuExt64.dll [2020-05-29] (Chengdu Zhagu Technology Co., Ltd. -> Smart Game Booster)
ContextMenuHandlers4: [DBGameBoosterMenu] -> {96086A41-005D-457D-0910-0D4A91ECF1B1} => C:\Program Files (x86)\IObit\Driver Booster\7.6.0\boost\BoostMenu64.dll [2020-07-24] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-06-30] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2020-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\4.5.0\MenuExt64.dll [2020-05-29] (Chengdu Zhagu Technology Co., Ltd. -> Smart Game Booster)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_326005dc610b0539\nvshext.dll [2020-08-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [DBGameBoosterMenu] -> {96086A41-005D-457D-0910-0D4A91ECF1B1} => C:\Program Files (x86)\IObit\Driver Booster\7.6.0\boost\BoostMenu64.dll [2020-07-24] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-06-30] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2020-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-18] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\4.5.0\MenuExt64.dll [2020-05-29] (Chengdu Zhagu Technology Co., Ltd. -> Smart Game Booster)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\abood\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Twitter.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=jgeocpdicgmkeemopbanhokmhcgcflmi

==================== Loaded Modules (Whitelisted) =============

2020-06-05 08:34 - 2020-06-05 08:34 - 000148992 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi\build\Release\ffi_bindings.node
2020-06-05 08:34 - 2020-06-05 08:34 - 000138752 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref\build\Release\binding.node
2020-07-20 17:19 - 2019-12-23 18:51 - 000093184 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll
2020-07-20 17:19 - 2019-06-26 16:07 - 000094208 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\MacroControl.dll
2019-10-24 16:46 - 2019-10-24 16:46 - 000081920 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2020-03-18 19:34 - 2020-03-18 19:34 - 001912320 _____ () [File not signed] C:\Program Files\WindowsApps\A-Volute.SonicStudio3_3.16.11.0_x64__w2gh52qy24etm\AudioGraphSettingsClient.dll
2020-07-16 15:40 - 2020-07-16 15:40 - 027547136 _____ () [File not signed] C:\Program Files\WindowsApps\A-Volute.SonicStudio3_3.16.11.0_x64__w2gh52qy24etm\SonicStudio3.dll
2019-12-11 03:40 - 2019-12-11 03:40 - 002831360 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\LightingService\log4cxx.dll
2020-07-20 17:19 - 2019-10-24 11:15 - 002676736 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\AURAChecker.dll
2020-03-18 19:34 - 2020-03-18 19:34 - 001550208 _____ (A-Volute -> ) [File not signed] C:\Program Files\WindowsApps\A-Volute.SonicStudio3_3.16.11.0_x64__w2gh52qy24etm\AGSWRC.dll
2020-07-22 23:58 - 2020-07-22 23:58 - 000059392 _____ (by nICO (chick80@libero.it) - 2004. Modified by TranslucentTB devs) [File not signed] C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_9.0.0.0_x86__v826wp6bftszj\TranslucentTB\CPicker.dll
2020-07-20 17:19 - 2019-06-26 16:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll
2020-07-20 17:19 - 2019-06-26 16:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll
2020-08-18 19:03 - 2020-03-16 14:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-08-18 19:03 - 2020-03-16 14:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-08-18 19:03 - 2020-02-08 23:06 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-08-18 19:03 - 2020-02-08 23:06 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-08-18 19:03 - 2020-02-08 23:06 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-08-18 19:03 - 2020-02-08 23:06 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-08-18 19:03 - 2020-02-08 23:06 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-08-18 19:03 - 2020-02-08 23:06 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-08-18 19:03 - 2020-02-08 23:06 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2020-07-20 17:19 - 2019-07-31 14:48 - 000072704 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Protocol\Interrupt\InterruptTransfer.dll
2019-06-07 03:57 - 2019-06-07 03:57 - 000427520 _____ (TODO: <Company name>) [File not signed] C:\Program Files\ASUS\Aac_Keyboard\AacKbHal_x86.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\desktop.ini:CachedTiles [488]
AlternateDataStreams: C:\Users\abood\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\abood\Application Data:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\abood\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\abood\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\abood\AppData\Local\Temp:$DATA [16]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [224]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-02-18 20:47 - 2020-06-19 15:58 - 000000913 _____ C:\Windows\system32\drivers\etc\hosts
142.44.142.126 sessionserver.mojang.com
142.44.142.126 authserver.mojang.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKCU\Environment\\Path -> C:\Users\abood\AppData\Local\Programs\Python\Python38-32\Scripts\;C:\Users\abood\AppData\Local\Programs\Python\Python38-32\;%USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\abood\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Duet Display"
HKLM\...\StartupApproved\Run32: => "Discord"
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\StartupApproved\StartupFolder: => "Rainmeter.lnk"
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_DA1DEA3C97BA9FDE577F46B586DF6B2E"
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\StartupApproved\Run: => "AppleIEDAV"
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\StartupApproved\Run: => "kpm.exe"
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\StartupApproved\Run: => "Advanced SystemCare"
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\StartupApproved\Run: => "AnyTransToolHelper"
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3694255521-1418403984-3529247322-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_EE8FA6C999FCDDB1E7F3EAF6875FDE57"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AF8DFF95-3B14-4340-93CC-FC59E65F2D92}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{BEDA770E-332E-44C3-A1FA-756AD5ED1E07}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{FB060514-6045-46AA-AEB2-502384DFFBA0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{39F66957-682F-4CD1-8EB0-D71A6AF7F0D7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C334E6CF-BABD-42DB-8BAE-917937CC8E4C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1144D659-5593-4852-9AE4-D5DE4D5AD655}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D0CBA345-3C76-4944-969D-415DDE2AF21D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B647B3D5-B4D6-4601-AA5B-9068A7E8E880}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FC84A506-4D4D-4660-A8AD-9EC9DA39807F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{72CD0533-932D-48B9-9292-4E11905611D9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{9C1D81CB-52E9-4D49-80CF-996BAD53B1A4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1D743BCC-66E2-4ADE-98A2-F658F47ACB63}] => (Allow) C:\Program Files (x86)\iMobie\AnyTrans\AnyTrans for iOS.exe (iMobie Inc. -> iMobie Inc.)
FirewallRules: [{A3B1ECBB-B34C-4B38-B6A3-242CF281FE89}] => (Allow) C:\Program Files (x86)\iMobie\AnyTrans\AnyTrans for iOS.exe (iMobie Inc. -> iMobie Inc.)
FirewallRules: [{F91A6F2A-F751-4795-902B-A82B8F6E99E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{EA3C8413-E6EA-45BA-93CB-21DD7AC1A863}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{1BA1D854-9357-4F7F-9818-46DAEEAE596D}] => (Allow) C:\Program Files\Kairos\Duet Display\duet.exe (Duet, Inc. -> Duet, Inc.)
FirewallRules: [{361DC00F-BCBC-434F-BD70-C51F7B79DEE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Watch_Dogs2\bin\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{0B6983C1-E1D4-4578-8D47-AE041B2A721D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Watch_Dogs2\bin\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{E60D7B58-FC84-45B5-89FD-08A836506732}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)
FirewallRules: [{F8B62A05-43A2-444E-AF1F-02E0D2D68B74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)
FirewallRules: [TCP Query User{4EFEE344-09DD-47D3-844C-55C038F40240}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{341B5C61-75B9-4856-B835-FB96D0ABDE70}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [{BB63976B-7D33-453E-8B41-44E76E3E6127}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Watch_Dogs2\EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{3BFDCBCE-CB25-4707-9D83-D9BCD817AD57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Watch_Dogs2\EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{920ABD87-9738-4AAB-943E-930AEDD4CF96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{546E5B83-60B6-4A4A-9451-C1F4A4450A3A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DD6533F4-8689-43C2-B171-DE2C42119707}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{26BC09A8-FF6C-44D3-94E1-3F297921C873}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A88E85A1-03B7-47D1-94CA-DF90FB327EAC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{075C33D3-8AC3-4705-9A7C-4FDF84F86722}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{54EBC7E4-137A-401E-ADD6-4C4A2FE7B433}C:\users\abood\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\abood\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{45E1856C-0ED2-4F59-A347-7CBC05B19883}C:\users\abood\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\abood\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DADCCA38-E71B-4349-A846-25F1402D4B66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pixel Strike 3D\PixelStrike3D.exe () [File not signed]
FirewallRules: [{5545EF4C-1D5B-42AF-AFEB-A548DA2F7C7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pixel Strike 3D\PixelStrike3D.exe () [File not signed]
FirewallRules: [{1FE4B0CE-B07F-4EC7-A0D9-577FCCC330FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{65C78D17-8DCF-454D-9627-1718FF9430C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{3817E73E-A4AC-42A4-AE34-17F58D2E03BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{9CABCD75-BC96-40FC-B23C-BAEF9DB5C40A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{36FA8F69-4BD6-46EB-A3A8-F1318F1BF07B}] => (Allow) C:\Users\abood\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{E42AC0E2-FAA5-495E-883D-77DBABD1419C}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{230594F3-BCF2-430E-BEFD-82872A1A569D}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{7ED16BBF-0732-48DA-B209-E318214D5B80}] => (Allow) C:\Program Files\Epic Games\TrackmaniaNext\trackmania.exe (NADEO SASU -> Nadeo)
FirewallRules: [{7D509929-2779-47FD-8C9B-E4822EA13F01}] => (Allow) C:\Program Files\Epic Games\TrackmaniaNext\trackmania.exe (NADEO SASU -> Nadeo)
FirewallRules: [{83DB2F57-4BB1-4B09-B134-BB2521F37824}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{A148AE8F-72D7-4ECB-9153-AD822F4DA0E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{0A956A5A-E20C-4A01-85F4-C2AF714AD662}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{E4FC185D-B6ED-497A-9173-F9FCCA39E5C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{C1E81DE0-D5D8-4457-BD75-C7FF21FAC76B}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{594C1A04-220F-469F-9A71-AFF6D29D8B07}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [TCP Query User{1321EDA0-8DA5-4E14-BDE9-1D77B090F84A}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [UDP Query User{0362BED1-E192-4D6B-A6F5-E4F174DB47C3}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [{441EF586-859F-4EDF-9222-C6736B184879}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{57185105-C181-47F9-9A5D-2DB97F651198}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{ECCFB6A7-0BF6-4CE0-A069-38E9BCC4B312}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
FirewallRules: [{A682E598-8CE4-435E-B9EA-5ACC658F8713}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
FirewallRules: [{2B511FC4-B0CC-4331-988B-2073652FF575}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{005CC63C-13A2-42BD-AB0A-8655755A11E7}] => (Allow) C:\Users\abood\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{5AEE0919-1CEF-4A9B-A023-C478E708DA5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{7C5F5AF3-0C83-4BFC-9A32-74774DC43AB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{F72B1A5F-AE42-44C2-83AD-AC5244ECAFFB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{057D56C2-2B9A-4437-B1F5-DB504AB080A1}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_b12b0d488bd75133\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{759EE216-7579-47B3-B93A-EAF255F0672E}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_b12b0d488bd75133\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{4E654CC8-B672-45DF-82EB-D14E439A90C4}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_b12b0d488bd75133\ASUSLinkNear\AsusLinkNear.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
FirewallRules: [{47DCE00F-3547-43D8-9670-99C553B44B01}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{A9709674-C71F-45F3-B98A-15FBB0A454D9}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK Computer Inc. -> )

==================== Restore Points =========================

08-08-2020 18:44:11 IObit Software Updater restore point
13-08-2020 00:04:38 Windows Update
17-08-2020 15:31:24 IObit Software Updater restore point
18-08-2020 00:11:50 Installed AltServer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/18/2020 09:05:11 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (08/18/2020 09:05:11 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (08/18/2020 09:05:11 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (08/18/2020 09:05:11 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (08/18/2020 03:27:36 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (08/18/2020 03:27:36 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (08/18/2020 03:27:36 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (08/18/2020 03:27:36 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]


System errors:
=============
Error: (08/18/2020 09:05:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The jhi_service service depends on the iphlpsvc service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (08/18/2020 09:05:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The igfxCUIService2.0.0.0 service depends on the SENS service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (08/18/2020 09:05:27 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (08/18/2020 09:05:12 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\system32\IntelIHVRouter08.dll

Error: (08/18/2020 09:05:12 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\system32\IntelIHVRouter08.dll

Error: (08/18/2020 09:05:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ROG Live Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

Error: (08/18/2020 09:05:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\system32\IntelIHVRouter08.dll

Error: (08/18/2020 09:05:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Origin Web Helper Service service terminated unexpectedly.  It has done this 1 time(s).


Windows Defender:
===================================
Date: 2020-08-16 14:09:57.089
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {5182E852-3B39-455E-A77B-5E8FDC0AC112}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-07-13 22:45:26.862
Description: 
Controlled Folder Access blocked C:\Program Files\CCleaner\CCleaner64.exe from making changes to memory.
Detection time: 2020-07-13T19:45:26.861Z
Path: \Device\Harddisk0\DR0
Process Name: C:\Program Files\CCleaner\CCleaner64.exe
Security intelligence Version: 1.317.858.0
Engine Version: 1.1.17100.2
Product Version: 4.18.2005.5

Date: 2020-07-13 22:45:12.309
Description: 
Controlled Folder Access blocked C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe from making changes to memory.
Detection time: 2020-07-13T19:45:12.308Z
Path: \Device\HarddiskVolume3
Process Name: C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
Security intelligence Version: 1.317.858.0
Engine Version: 1.1.17100.2
Product Version: 4.18.2005.5

Date: 2020-06-08 16:49:02.981
Description: 
Controlled Folder Access blocked C:\Program Files\CCleaner\CCleaner64.exe from making changes to memory.
Detection time: 2020-06-08T13:49:02.981Z
Path: \Device\Harddisk0\DR0
Process Name: C:\Program Files\CCleaner\CCleaner64.exe
Security intelligence Version: 1.317.858.0
Engine Version: 1.1.17100.2
Product Version: 4.18.2005.5

Date: 2020-06-08 16:48:55.616
Description: 
Controlled Folder Access blocked C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe from making changes to memory.
Detection time: 2020-06-08T13:48:55.615Z
Path: \Device\HarddiskVolume3
Process Name: C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
Security intelligence Version: 1.317.858.0
Engine Version: 1.1.17100.2
Product Version: 4.18.2005.5

Date: 2020-08-18 15:39:08.489
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.321.1678.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17300.4
Error code: 0x8007043c
Error description: This service cannot be started in Safe Mode 

Date: 2020-08-18 15:29:06.525
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2020-08-15 00:20:28.588
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.317.858.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17100.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 

Date: 2020-08-15 00:20:28.588
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.317.858.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17100.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 

Date: 2020-08-15 00:20:28.588
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.317.858.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17100.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 

CodeIntegrity:
===================================

Date: 2020-08-18 21:11:27.862
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2020-08-18 21:11:27.860
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2020-08-18 21:11:27.608
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2020-08-18 21:11:27.606
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2020-08-18 21:11:27.407
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2020-08-18 21:11:27.405
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2020-08-18 21:11:26.906
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2020-08-18 21:11:26.904
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. G531GT.306 03/11/2020
Motherboard: ASUSTeK COMPUTER INC. G531GT
Processor: Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz
Percentage of memory in use: 49%
Total physical RAM: 8043.2 MB
Available physical RAM: 4084.36 MB
Total Virtual: 17494.97 MB
Available Virtual: 10959.43 MB

==================== Drives ================================

Drive 😄 (OS) (Fixed) (Total:476.03 GB) (Free:25.86 GB) NTFS

\\?\Volume{ea809a10-2806-478c-ac16-d5786ae93ad5}\ (RECOVERY) (Fixed) (Total:0.63 GB) (Free:0.26 GB) NTFS
\\?\Volume{ef6603f4-d205-4cdc-ae80-e35dc39e6b3f}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 5F429115)

Partition: GPT.

==================== End of Addition.txt =======================

Link to post
Share on other sites

Sadly after I did every scan possible I haven’t found anything all of them were like pup’s advanced software from iobit or outbyte that’s it but I deleted both of them because I thought it might be from them so I followed what malware bytes have said to do also no I didn’t know how to get the logs what if I open a forum on Microsoft’s website or what so I can get further help in addition to ur help because I’m scared that I’m gonna lose my new laptop it has been w me since 4 months and it was an investment for college again thank you for your help

Link to post
Share on other sites

Continue with the following:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file when running FRST fix"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Download ESET Online Scanner and save it to your desktop.
  • Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
  • When the tool opens, click Get Started.
  • Read and accept the license agreement.
  • At the Welcome to ESET Online Scanner window, click Get Started.
  • Select whether you would like to send anonymous data to ESET.
  • Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
  • Click on the Full Scan option.
  • Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
  • ESET will now begin scanning your computer. This may take some time.
  • When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
  • ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
  • On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
  • Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.


Let me see those logs in your reply...

fixlist.txt

Link to post
Share on other sites

  • Root Admin

No problem @kevinf80 I'll take over, have a great vacation

@Aboode

Let me have you run the following please.

 

Please download the attached fixlist.txt file and save it to the Desktop or location where you ran FRST from.
NOTE. It's important that both files, FRST or FRST64, and fixlist.txt are in the same location or the fix will not work.

Please make sure you disable any real time antivirus or security software before running this script. Once completed make sure you re-enable it.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt) or wherever you ran FRST from. Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

NOTE-1:  This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. It will also run a disk check on the restart to ensure disk integrity. Depending on the speed of your computer this fix may take 30 minutes or more.

NOTE-2: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications will be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed. The use of an external password manager is highly recommended instead of using your browser to store passwords.

The following directories are emptied:

  • Windows Temp
  • Users Temp folders
  • Edge, IE, FF, Chrome and Opera caches, HTML5 storages, Cookies and History
  • Recently opened files cache
  • Flash Player cache
  • Java cache
  • Steam HTML cache
  • Explorer thumbnail and icon cache
  • BITS transfer queue (qmgr*.dat files)
  • Recycle Bin

Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix.

The system will be rebooted after the fix has run.

fixlist.txt

Thanks

 

Link to post
Share on other sites

  • Root Admin

At minimum then I need new logs please. I will try to get back to you over the weekend if I can, but if not then on Monday

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.

Thank you

 

 

Link to post
Share on other sites

  • Root Admin

May need to look at your licensing. Does the computer show as activated now?

I may not be back until Monday but please run the following.

 

Let me have you run a different scanner to double-check. I don't expect it to find anything, but no harm in checking.

I would suggest a free scan with the ESET Online Scanner

Go to https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe

  • It will start a download of "esetonlinescanner.exe"
  • Save the file to your system, such as the Downloads folder, or else to the Desktop.
  • Go to the saved file, and double click it to get it started. 
  • When presented with the initial ESET options, click on "Computer Scan".
  • Next, when prompted by Windows, allow it to start by clicking Yes 
  • When prompted for scan type, Click on Full scan 
  • Look at & tick  ( select )   the radio selection "Enable ESET to detect and quarantine potentially unwanted applications"   and click on Start scan button.
  • Have patience.  The entire process may take an hour or more. There is an initial update download.
  • There is a progress window display.
  • You should ignore all prompts to get the ESET antivirus software program.   ( e.g.  their standard program).   You do not need to buy or get or install anything else.
  • When the scan is completed, if something was found, it will show a screen with the number of detected items.  If so, click the button marked “View detected results”.
  • Click The blue “Save scan log” to save the log.
  • If something was removed and you know it is a false finding, you may click on the blue ”Restore cleaned files”  ( in blue, at bottom).
  • Press Continue when all done.  You should click to off the offer for “periodic scanning”.

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.