Jump to content

Webiste is blocked due to riskware pop-up is always popping-up


Recommended Posts

I downloaded a Microsoft Visio program through the pirate bay, and Malwarebytes got rid of it (Yeey), but I keep having a notification popping up whenever I open a new tab on google chrome and search for a website. The notification says that the website is blocked due to riskware, even though I'm pretty sure the website I'm browsing are 100% safe.

Here is a picture of the notification1357052904_malwarebytesnotification.PNG.12b1fc752b209486d8c2112b5228621e.PNG

How do I get rid of it please.

Best regards

Saliba

Link to post
Share on other sites

Hello Saliba and welcome to Malwarebytes,

Continue with the following:

Open Malwarebytes, select > small cog wheel top right hand corner, that will open "settings" from there select "Security" tab.

Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on....

Clsoe out the settings window, this will take you back to "DashBoard" select the Blue "Scan Now" tab......

When the scan completes quarantine any found entries...

To get the log from Malwarebytes do the following:
 
  • Click on the Detection History tab > from main interface.
  • Then click on "History" that will open to a historical list
  • Double click on the Scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have two options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply

     
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


Next,

Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror
 
  • Right-click on AdwCleaner.exe and select http://i.imgur.com/Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Quarantine button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply


Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status...
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
    user posted image
     
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.


Let me see those logs in your reply...

Thank you,

Kevin....
Link to post
Share on other sites

Hello kevin, thanks for replying to me!

These are my logs

1st log from malwarebytes

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 3/9/21
Protection Event Time: 12:48 AM
Log File: 5cbbd18e-8060-11eb-ae83-88d7f68d527b.json

-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1173
Update Package Version: 1.0.37885
License: Trial

-System Information-
OS: Windows 10 (Build 18362.900)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Blocked, -1, -1, 0.0.0, , 

-Website Data-
Category: RiskWare
Domain: www.cncode.pw
IP Address: 144.202.76.47
Port: 443
Type: Outbound
File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(end)
-------------------------------------------------------------------------------------------------
2nd log from adwcleaner
# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build:    02-15-2021
# Database: 2021-03-08.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    03-09-2021
# Duration: 00:00:16
# OS:       Windows 10 Home Single Language
# Cleaned:  26
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\IObit\Advanced SystemCare
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP4 Player
Deleted       C:\ProgramData\Tencent
Deleted       C:\Users\USER\AppData\Roaming\IObit\Advanced SystemCare
Deleted       C:\Users\USER\AppData\Roaming\Tencent
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER

***** [ Registry ] *****

Deleted       HKCU\Software\Lavasoft\Web Companion
Deleted       HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B1FAF21-E8CC-412E-B28C-EAEA98C8D1D5} 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted       HKLM\Software\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted       HKLM\Software\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted       HKLM\Software\Classes\METNSD
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted       HKLM\System\Setup\FirstBoot\Services\WCAssistantService
Deleted       HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
Deleted       HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted       HKU\S-1-5-18\SOFTWARE\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted       HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
Deleted       HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5603 octets] - [09/03/2021 02:07:09]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

FRST.TXT LOG

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by USER (administrator) on LAPTOP-IBSV7ASJ (ASUSTeK COMPUTER INC. GL553VD) (09-03-2021 02:13:35)
Running from C:\Users\USER\Downloads
Loaded Profiles: USER & lkClassAds
Platform: Windows 10 Home Single Language Version 1903 18362.900 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Connectify (Connectify, Inc.) -> Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Connectify (Connectify, Inc.) -> Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\USER\Downloads\adwcleaner_8.1.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_8b3975f7b9f36d28\Display.NvContainer\NVDisplay.Container.exe <2>
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> THX) C:\Program Files (x86)\Razer\THXService\Drivers\x64\THXService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Connectify Hotspot] => C:\Program Files (x86)\Connectify\Connectify.exe [3579392 2020-03-26] (Connectify (Connectify, Inc.) -> Connectify)
HKLM\...\Run: [THX22adHelper] => C:\Program Files (x86)\Razer\THXVAD\Drivers\x64\THXHelper22ad.exe [386008 2019-09-18] (Razer USA Ltd. -> )
HKLM\...\Run: [THX0520Helper] => C:\Program Files (x86)\Razer\APO0520Drv\Drivers\x64\THXHelper0520.exe [386008 2019-09-18] (Razer USA Ltd. -> )
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353400 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [601784 2019-11-01] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\...\Run: [Discord] => C:\Users\USER\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\...\Run: [Spotify_Lyrics.NET_Helper_UWP] => C:\Users\USER\Documents\Spotify Lyrics .NET\Spotify_Lyrics.NET_Helper_UWP.exe [238080 2020-05-24] () [File not signed]
HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3514720 2021-01-18] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\...\Run: [com.blitz.app] => C:\Users\USER\AppData\Local\Programs\Blitz\Blitz.exe --hidden
HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32712080 2021-01-02] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\...\Run: [Services.exe] => C:\Users\USER\Services.exe <==== ATTENTION
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3514720 2021-01-18] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-02-26] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk [2020-07-14]
ShortcutTarget: NI Error Reporting.lnk -> C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation -> National Instruments Corporation)
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00ACE497-B3BE-414E-A875-E240B4A36A2A} - System32\Tasks\ROG Gaming Center => C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingKey.exe [4702168 2017-09-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {0B7C8BA1-5A5A-441C-B084-0B3014A8359E} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [55808 2016-10-13] (ASUS) [File not signed]
Task: {0C9FE722-8217-426D-AEC4-54888B5D5B5A} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\program files (x86)\microsoft visual studio\installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [65432 2020-10-05] (Microsoft Corporation -> Microsoft)
Task: {0EDCF045-5584-4835-A3F0-BA24ED24246F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {10CF1D34-2FE5-4AE8-BCBF-EAFFE3985D0B} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277520 2020-12-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {2767BBCE-D01E-4A16-9FBD-5722CEBF8DDA} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2A3F542E-0BE5-4AF6-B007-DA0B7C138A20} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\8.1.0\AutoUpdate.exe [2268432 2020-11-10] (IObit Information Technology -> IObit)
Task: {2EC1679F-486C-4C7F-AFD4-4B8299A47B50} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124280 2017-07-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {2F8B827B-E84D-419D-B187-7029F4EB2FD2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3F421CBF-539A-4E58-A678-AED19EBEE1DB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4087C972-25C9-4945-94A1-93F8E4CBBA16} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4CFB83D3-19F7-4B37-AE01-67678C7DE19F} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {55FBFE80-4328-46B7-9559-5431543412DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-13] (Google Inc -> Google Inc.)
Task: {6EC9B42F-64EE-4176-BF70-FA99E4713405} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143160 2019-03-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {7A11F714-DDAE-4AD9-84A4-9B2A5F42E7FF} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506168 2020-12-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {8FB6059F-21C4-45D1-802E-D692C846C47E} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124280 2017-07-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {90B6CC21-2912-460E-B2D4-3E4A528A4D87} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {99C896DD-9425-4241-BCF9-826A55D73B90} - System32\Tasks\Driver Booster SkipUAC (USER) => C:\Program Files (x86)\IObit\Driver Booster\8.1.0\DriverBooster.exe [8020240 2020-11-10] (IObit Information Technology -> IObit)
Task: {A0D1405A-36F7-462D-8943-A7B8C21E1CB2} - System32\Tasks\NIUpdateServiceCheckTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [875400 2019-03-05] (National Instruments Corporation -> National Instruments Corporation)
Task: {A3B235A4-D9DC-43C1-8575-D75FDE8B8087} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AC4B7B3C-672F-4C16-9209-2132C89C8474} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-13] (Google Inc -> Google Inc.)
Task: {B09D8AC4-C817-41C2-B324-2F6F59360107} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B11EC2C7-7C4B-4984-A295-54CA783099EE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BBC8F663-4387-4AE2-A14D-0AE9240236F1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C8466D6B-66C0-4BB6-A087-154E2737AE1B} - System32\Tasks\NIUpdateServiceStartupTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [875400 2019-03-05] (National Instruments Corporation -> National Instruments Corporation)
Task: {D0202A35-9604-4D32-932F-6855102213BE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {D52F4758-94C7-4EF9-9680-AA53F31DBC09} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F988C3C7-E2D9-45A0-B710-BAC07E46D4C2} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [35448 2017-03-07] (National Instruments Corporation -> National Instruments Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [38520 2017-03-07] (National Instruments Corporation -> National Instruments Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d1319113-7f99-41d8-be01-8f8009441748}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ec331220-2e77-4f3b-a7b6-788755b2b531}: [DhcpNameServer] 192.168.1.1

Edge: 
=======
DownloadDir: C:\Users\USER\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\USER\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-08]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [{8B1E27AE-119E-456b-B22E-08C61FACB097}] - C:\Program Files (x86)\Tomabo\MP4 Player\MP4D_FF.xpi
FF Extension: (MP4 Downloader Extension) - C:\Program Files (x86)\Tomabo\MP4 Player\MP4D_FF.xpi [2016-07-26] [Legacy]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default [2021-03-09]
CHR Notifications: Default -> hxxps://appuals.com; hxxps://collegereadiness.collegeboard.org; hxxps://euw.op.gg; hxxps://insider.razer.com; hxxps://mail-notification.info; hxxps://mail.google.com; hxxps://na.op.gg; hxxps://notification-en.sssports.com; hxxps://pcandparts.com; hxxps://plagiarismdetector.net; hxxps://push.zoki.net; hxxps://web.whatsapp.com; hxxps://www.adorama.com; hxxps://www.bhphotovideo.com; hxxps://www.cnet.com; hxxps://www.duplichecker.com; hxxps://www.facebook.com; hxxps://www.g2a.com; hxxps://www.killping.com; hxxps://www.mehe.gov.lb; hxxps://www.op.gg; hxxps://www.princetonreview.com; hxxps://www.quora.com; hxxps://www.razer.com; hxxps://www.reddit.com; hxxps://www.tomsguide.com; hxxps://www.youtube.com
CHR Extension: (Slides) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-13]
CHR Extension: (Docs) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-13]
CHR Extension: (Google Drive) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-13]
CHR Extension: (Adblocker for Youtube™) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiipfbhfpfbimglojobcokeccnbhaeil [2021-03-08] [UpdateUrl:hxxps://clients26.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Sheets) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-13]
CHR Extension: (Google Translate) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiogdnnnljjlfjgkifccooilblmjflkm [2021-03-08]
CHR Extension: (Google Docs Offline) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-01]
CHR Extension: (Grammarly for Chrome) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-02-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-28]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AsHidService; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe [127864 2017-07-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-02-24] (BattlEye Innovations e.K. -> )
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [275968 2020-03-26] (Connectify (Connectify, Inc.) -> Connectify)
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-06] (ASUSTeK Computer Inc. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-01-24] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
S2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [6646680 2021-02-19] (GlassWire -> SecureMix LLC)
S2 KSDE5.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksde.exe [644264 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S2 lkClassAds; C:\WINDOWS\SysWOW64\lkads.exe [69096 2019-03-12] (National Instruments Corporation -> National Instruments Corporation)
S2 lkTimeSync; C:\WINDOWS\SysWOW64\lktsrv.exe [80880 2019-03-12] (National Instruments Corporation -> National Instruments Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-03-03] (Malwarebytes Inc -> Malwarebytes)
S2 niauth; C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe [601544 2019-03-12] (National Instruments Corporation -> National Instruments Corporation)
S2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [432088 2019-03-12] (National Instruments Corporation -> National Instruments Corporation)
S2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [343080 2017-03-07] (National Instruments Corporation -> National Instruments Corporation)
S2 NINetworkDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [189512 2019-03-14] (National Instruments Corporation -> National Instruments Corporation)
S2 NiSvcLoc; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [110040 2019-03-20] (National Instruments Corporation -> National Instruments Corporation)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1110104 2020-11-21] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [320088 2020-11-17] (Razer USA Ltd. -> Razer Inc.)
S2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-12-01] (Razer USA Ltd. -> Razer Inc)
S2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294240 2021-01-15] (Razer USA Ltd. -> Razer Inc.)
S3 ROGGamingCenterService; C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingCenterService.exe [31744 2017-09-12] (ASUSTeK COMPUTER INC.) [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533376 2020-12-09] (Razer USA Ltd. -> Razer Inc.)
R2 THXService; C:\Program Files (x86)\Razer\THXService\Drivers\x64\THXService.exe [356312 2019-09-18] (Razer USA Ltd. -> THX)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10091440 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_8b3975f7b9f36d28\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_8b3975f7b9f36d28\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R1 cfywlan2; C:\WINDOWS\system32\DRIVERS\cfywlan2.sys [46088 2018-12-23] (Connectify (Connectify, Inc.) -> Connectify)
R1 cnnctfy4; C:\WINDOWS\system32\DRIVERS\cnnctfy4.sys [53216 2018-12-23] (Connectify (Connectify, Inc.) -> Connectify)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-03-03] (Malwarebytes Corporation -> Malwarebytes)
R1 gwdrv; C:\WINDOWS\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (GlassWire -> SecureMix LLC)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2020-10-21] (AnchorFree Inc -> The OpenVPN Project)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-03-08] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-03-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-03-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-03-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-03-04] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142416 2021-03-08] (Malwarebytes Inc -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [79504 2016-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 RSP2STOR; C:\WINDOWS\System32\drivers\RtsP2Stor.sys [347736 2020-12-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [53656 2020-11-15] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0227; C:\WINDOWS\System32\drivers\RzDev_0227.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0306; C:\WINDOWS\System32\drivers\RzDev_0306.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0520; C:\WINDOWS\System32\drivers\RzDev_0520.sys [53144 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [52240 2020-12-03] (Razer USA Ltd. -> Razer Inc)
R3 sTHXVAD; C:\WINDOWS\System32\drivers\THXVAD.sys [162184 2019-09-17] (Razer USA Ltd. -> Windows (R) Win 7 DDK provider)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [5782360 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-22] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-22] (Microsoft Windows -> Microsoft Corporation)
S1 tzfemggv; \??\C:\WINDOWS\system32\drivers\tzfemggv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-09 02:13 - 2021-03-09 02:15 - 000028092 _____ C:\Users\USER\Downloads\FRST.txt
2021-03-09 02:13 - 2021-03-09 02:14 - 000000000 ____D C:\FRST
2021-03-09 02:12 - 2021-03-09 02:12 - 002301440 _____ (Farbar) C:\Users\USER\Downloads\FRST64.exe
2021-03-09 02:07 - 2021-03-09 02:07 - 000000828 _____ C:\Users\USER\Desktop\reply for malwarebytes.txt
2021-03-09 02:04 - 2021-03-09 02:09 - 000000000 ____D C:\AdwCleaner
2021-03-09 02:04 - 2021-03-09 02:04 - 008463216 _____ (Malwarebytes) C:\Users\USER\Downloads\adwcleaner_8.1.exe
2021-03-09 02:03 - 2021-03-09 02:03 - 002084016 _____ (Malwarebytes) C:\Users\USER\Downloads\MBSetup (1).exe
2021-03-08 16:11 - 2021-03-08 16:11 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-03-08 16:11 - 2021-03-08 16:11 - 000142416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-03-08 16:11 - 2021-03-08 16:11 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-03-08 15:59 - 2021-03-08 15:59 - 000000258 __RSH C:\ProgramData\ntuser.pol
2021-03-08 15:42 - 2021-03-08 15:42 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-03-08 15:39 - 2021-03-08 16:28 - 000000000 ____D C:\Program Files (x86)\YtOSJPOIFiUn
2021-03-08 15:39 - 2021-03-08 16:28 - 000000000 ____D C:\Program Files (x86)\UIuZPIhUFafU2
2021-03-08 15:39 - 2021-03-08 16:28 - 000000000 ____D C:\Program Files (x86)\LsApxKgZVyAKC
2021-03-08 15:39 - 2021-03-08 16:28 - 000000000 ____D C:\Program Files (x86)\iCanypfjGIE
2021-03-08 15:39 - 2021-03-08 16:28 - 000000000 ____D C:\Program Files (x86)\dDfMVsGHIpKHwiglbAR
2021-03-08 15:38 - 2021-03-08 15:40 - 000000000 ____D C:\Program Files (x86)\ZAFgvPfvU
2021-03-08 15:38 - 2021-03-08 15:38 - 000000000 ____D C:\Users\USER\AppData\Roaming\NVIDIA
2021-03-08 15:37 - 2021-03-08 15:37 - 000000000 ____D C:\Program Files (x86)\Versium Research
2021-03-08 15:36 - 2021-03-08 15:40 - 000000000 ____D C:\ProgramData\N60ANXFVQWH086GUKPRT90993
2021-03-08 15:26 - 2021-03-08 15:28 - 062028992 _____ C:\Users\USER\Desktop\Muhammad Ali Mazidi, Rolin McKinlay, Danny Causey - PIC Microcontroller and Embedded Systems-Pearson Education (2008).pdf
2021-03-08 15:24 - 2021-03-08 15:24 - 000345065 _____ C:\Users\USER\Downloads\CCE 320 - Spring 20-21 (2).pdf
2021-03-08 15:17 - 2021-03-08 15:17 - 000283244 _____ C:\Users\USER\Downloads\CCE202L - Spring 20-21 (1).pdf
2021-03-08 15:15 - 2021-03-08 15:15 - 000283244 _____ C:\Users\USER\Downloads\CCE202L - Spring 20-21.pdf
2021-03-08 15:08 - 2021-03-08 15:26 - 000000000 ____D C:\Users\USER\Downloads\Microsoft Visio 2016 x64 x86 Pro VL Multi-17 Apr 2016
2021-03-08 15:01 - 2021-03-08 15:01 - 000166051 _____ C:\Users\USER\Downloads\CCE 202 Section A Course Outline Spring 2020-2021 (BLP) (2).pdf
2021-03-08 13:00 - 2021-03-08 13:00 - 002764819 _____ C:\Users\USER\Desktop\Circuits 2 Chapter 9 Problems.pdf
2021-03-08 12:59 - 2021-03-08 12:59 - 000057246 _____ C:\Users\USER\Downloads\CCE202 Problem Set 0 Fall 2020 - 2021 (4).pdf
2021-03-08 12:54 - 2021-03-08 12:54 - 000166051 _____ C:\Users\USER\Downloads\CCE 202 Section A Course Outline Spring 2020-2021 (BLP) (1).pdf
2021-03-08 12:42 - 2021-03-08 12:42 - 004146570 _____ C:\Users\USER\Desktop\James W. Nilsson and Susan A. Riedel - Electric Circuits - Instructor's Solutions Manual (c2011, Pearson Education) - libgen.lc.pdf
2021-03-08 12:39 - 2021-03-08 12:39 - 008607222 _____ C:\Users\USER\Downloads\S55BW-5e20062410491 - chapter 9 (complete).pdf
2021-03-08 12:39 - 2021-03-08 12:39 - 000166051 _____ C:\Users\USER\Downloads\CCE 202 Section A Course Outline Spring 2020-2021 (BLP).pdf
2021-03-08 01:34 - 2021-03-08 01:34 - 000345065 _____ C:\Users\USER\Downloads\CCE 320 - Spring 20-21 (1).pdf
2021-03-08 01:33 - 2021-03-08 01:33 - 005324367 _____ C:\Users\USER\Downloads\CCE202L_MAINPDF.pdf
2021-03-06 01:15 - 2021-03-06 01:16 - 000000000 ____D C:\Users\USER\Desktop\Mechanics Solution Manual
2021-03-06 01:15 - 2021-03-06 01:15 - 021990537 _____ C:\Users\USER\Desktop\Charles E. Wilson, Peter Sadler - Kinematics and Dynamics of Machinery (2003, Pearson Education) - libgen.lc.pdf
2021-03-06 01:07 - 2021-03-06 01:08 - 119213147 _____ C:\Users\USER\Desktop\Robert. L. Norton - Design of Machinery - AN INTRODUCTION TO THE SYNTHESIS AND ANALYSIS OF MECHANISMS AND MACHINES    - libgen.lc.pdf
2021-03-06 01:06 - 2021-03-06 01:07 - 042419418 _____ C:\Users\USER\Downloads\Robert L. Norton - Design of Machinery_ An Introduction to the Synthesis and Analysis of Mechanisms and Machines (Mcgraw-Hill Series in Mechanical Engineering) (1998) - libgen.lc.pdf
2021-03-06 00:38 - 2021-03-06 00:38 - 042419418 _____ C:\Users\USER\Downloads\DESIGN_OF_MACHINERY_AN_INTRODUCTION_TO_T.pdf
2021-03-06 00:14 - 2021-03-06 00:14 - 000101734 _____ C:\Users\USER\Downloads\MTE 412 - Syllabus (2).pdf
2021-03-06 00:13 - 2021-03-06 00:13 - 002742105 _____ C:\Users\USER\Downloads\Chapter 2 (1).pdf
2021-03-04 18:36 - 2021-03-04 18:37 - 029540797 _____ C:\Users\USER\Downloads\IMG_1815.wmv
2021-03-04 17:56 - 2021-03-04 17:56 - 019721638 _____ C:\Users\USER\Downloads\IMG_1815.MOV
2021-03-04 17:55 - 2021-03-04 17:55 - 003088701 _____ C:\Users\USER\Downloads\FDEA38ED-1DBD-4532-9A8F-96D52EEC088A.jpeg
2021-03-04 17:55 - 2021-03-04 17:55 - 003065531 _____ C:\Users\USER\Downloads\E7B16C33-CCB6-4BA6-B868-321D4BC29E84.jpeg
2021-03-04 16:47 - 2021-03-04 16:47 - 000611083 _____ C:\Users\USER\Downloads\7- Report Example (2).pdf
2021-03-04 12:25 - 2021-03-04 12:25 - 000611083 _____ C:\Users\USER\Downloads\7- Report Example (1).pdf
2021-03-04 09:33 - 2021-03-04 09:33 - 000101734 _____ C:\Users\USER\Downloads\MTE 412 - Syllabus (1).pdf
2021-03-04 09:32 - 2021-03-04 09:32 - 002742105 _____ C:\Users\USER\Downloads\Chapter 2.pdf
2021-03-03 23:56 - 2021-03-03 23:56 - 001160184 _____ C:\Users\USER\Downloads\COM HW2.pdf
2021-03-03 16:19 - 2021-03-04 09:00 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-03-03 16:19 - 2021-03-03 16:19 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-03-03 16:19 - 2021-03-03 16:19 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-03-03 16:19 - 2021-03-03 16:19 - 000002023 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-03-03 16:19 - 2021-03-03 16:18 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-03-03 16:19 - 2021-03-03 16:18 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-03-03 16:18 - 2021-03-03 16:18 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-03-03 16:17 - 2021-03-03 16:17 - 002084016 _____ (Malwarebytes) C:\Users\USER\Downloads\MBSetup.exe
2021-03-03 16:17 - 2021-03-03 16:17 - 000000000 ____D C:\Program Files\Malwarebytes
2021-03-03 15:58 - 2021-03-03 15:58 - 000001976 _____ C:\Users\Public\Desktop\GlassWire.lnk
2021-03-03 15:58 - 2021-03-03 15:58 - 000001976 _____ C:\ProgramData\Desktop\GlassWire.lnk
2021-03-03 15:58 - 2021-03-03 15:58 - 000000000 ____D C:\Users\USER\AppData\Local\glasswire
2021-03-03 15:58 - 2021-03-03 15:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GlassWire
2021-03-03 15:58 - 2021-03-03 15:58 - 000000000 ____D C:\ProgramData\GlassWire
2021-03-03 15:58 - 2021-03-03 15:58 - 000000000 ____D C:\Program Files (x86)\GlassWire
2021-03-03 15:58 - 2015-05-29 09:30 - 000008392 _____ C:\WINDOWS\system32\Drivers\gwdrv.cat
2021-03-03 15:58 - 2015-05-29 09:15 - 000033152 _____ (SecureMix LLC) C:\WINDOWS\system32\Drivers\gwdrv.sys
2021-03-03 15:55 - 2021-03-03 15:55 - 056499088 _____ (SecureMix LLC) C:\Users\USER\Downloads\GlassWireSetup.exe
2021-03-03 00:34 - 2021-03-03 00:34 - 002764819 _____ C:\Users\USER\Downloads\2021-02-25 19.36.41 (2).pdf
2021-03-03 00:34 - 2021-03-03 00:34 - 000027672 _____ C:\Users\USER\Downloads\CCE202 Problem Set 1 Spring  2020 - 2021 (3).pdf
2021-03-02 18:13 - 2021-03-02 18:13 - 002764819 _____ C:\Users\USER\Downloads\2021-02-25 19.36.41 (1).pdf
2021-03-02 18:13 - 2021-03-02 18:13 - 000027672 _____ C:\Users\USER\Downloads\CCE202 Problem Set 1 Spring  2020 - 2021 (2).pdf
2021-03-02 13:07 - 2021-03-02 13:07 - 000027672 _____ C:\Users\USER\Downloads\CCE202 Problem Set 1 Spring  2020 - 2021 (1).pdf
2021-03-02 13:06 - 2021-03-02 13:06 - 002764819 _____ C:\Users\USER\Downloads\2021-02-25 19.36.41.pdf
2021-03-02 13:01 - 2021-03-02 13:01 - 000027672 _____ C:\Users\USER\Downloads\CCE202 Problem Set 1 Spring  2020 - 2021.pdf
2021-03-01 15:50 - 2021-03-08 15:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\zznote
2021-03-01 15:50 - 2021-03-08 15:36 - 000000000 ____D C:\Program Files (x86)\zznote
2021-03-01 15:49 - 2021-03-08 15:36 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2021-03-01 15:49 - 2021-03-01 15:50 - 000000000 ____D C:\ProgramData\BLDXNNTQB7H9DEVC5N3YPJKP2
2021-03-01 15:49 - 2021-03-01 15:49 - 000000000 __SHD C:\Users\USER\AppData\Roaming\WinCFG
2021-03-01 15:48 - 2021-03-01 15:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProPlugin
2021-03-01 15:48 - 2021-03-01 15:48 - 000000000 ____D C:\Program Files (x86)\ProPlugin
2021-03-01 15:48 - 2019-03-19 10:15 - 000555717 _____ C:\WINDOWS\StorageHealthModel.dat
2021-03-01 15:46 - 2021-03-01 15:46 - 000000000 ____D C:\Users\USER\AppData\Local\AdvinstAnalytics
2021-03-01 15:23 - 2021-03-01 15:31 - 000000000 ____D C:\Users\USER\Downloads\MATLAB R2020a [PC] [x64 x86] with Serial
2021-03-01 03:29 - 2021-03-01 03:29 - 009625384 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlane02.sys
2021-03-01 03:29 - 2021-03-01 03:29 - 000094129 _____ C:\WINDOWS\system32\Drivers\rtldata02.txt
2021-03-01 03:23 - 2021-03-01 03:24 - 000000000 ____D C:\Users\USER\Desktop\Arduino Uno files
2021-03-01 03:22 - 2021-03-09 02:05 - 000000000 ____D C:\Users\USER\Desktop\Spring 2021 ressources
2021-03-01 02:22 - 2021-03-04 17:47 - 000000000 ____D C:\Users\USER\Documents\ArduinoData
2021-03-01 02:22 - 2021-03-01 02:22 - 000000000 ____D C:\Users\USER\Documents\Arduino
2021-03-01 02:22 - 2021-03-01 02:22 - 000000000 ____D C:\ProgramData\Oracle
2021-03-01 02:12 - 2021-03-01 03:29 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-03-01 01:31 - 2021-02-24 14:01 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-03-01 01:31 - 2021-02-24 14:01 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-03-01 01:31 - 2021-02-24 14:01 - 001452336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-03-01 01:31 - 2021-02-24 14:01 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-03-01 01:31 - 2021-02-24 14:01 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-03-01 01:31 - 2021-02-24 14:01 - 001191728 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-03-01 01:31 - 2021-02-24 14:01 - 001094888 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-03-01 01:31 - 2021-02-24 14:01 - 001094888 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-03-01 01:31 - 2021-02-24 14:01 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-03-01 01:31 - 2021-02-24 14:01 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-03-01 01:31 - 2021-02-24 13:58 - 000678704 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-03-01 01:31 - 2021-02-24 13:58 - 000671504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-03-01 01:31 - 2021-02-24 13:58 - 000612120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-03-01 01:31 - 2021-02-24 13:58 - 000546096 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-03-01 01:31 - 2021-02-24 13:57 - 002102576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-03-01 01:31 - 2021-02-24 13:57 - 001587504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-03-01 01:31 - 2021-02-24 13:57 - 001511184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-03-01 01:31 - 2021-02-24 13:57 - 001163544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-03-01 01:31 - 2021-02-24 13:57 - 000811824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-03-01 01:31 - 2021-02-24 13:57 - 000687896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-03-01 01:31 - 2021-02-24 13:57 - 000655664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-03-01 01:31 - 2021-02-24 13:57 - 000556816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-03-01 01:31 - 2021-02-24 13:56 - 008260888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-03-01 01:31 - 2021-02-24 13:56 - 007391504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-03-01 01:31 - 2021-02-24 13:56 - 004610352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-03-01 01:31 - 2021-02-24 13:56 - 002729744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-03-01 01:31 - 2021-02-24 13:56 - 000445200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-03-01 01:31 - 2021-02-24 13:55 - 000848688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-03-01 01:31 - 2021-02-24 13:54 - 006072896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-03-01 01:31 - 2021-02-24 03:50 - 000084450 _____ C:\WINDOWS\system32\nvinfo.pb
2021-02-23 21:19 - 2021-02-23 21:19 - 000057246 _____ C:\Users\USER\Downloads\CCE202 Problem Set 0 Fall 2020 - 2021 (3).pdf
2021-02-22 16:59 - 2021-02-22 16:59 - 000487165 _____ C:\Users\USER\Downloads\6- Mircocontroller Lab Requirements (2).pdf
2021-02-22 16:58 - 2021-02-22 16:58 - 000345065 _____ C:\Users\USER\Downloads\CCE 320 - Spring 20-21.pdf
2021-02-20 15:03 - 2021-02-20 15:03 - 000057246 _____ C:\Users\USER\Downloads\CCE202 Problem Set 0 Fall 2020 - 2021 (2).pdf
2021-02-19 12:23 - 2021-02-19 12:23 - 000057246 _____ C:\Users\USER\Downloads\CCE202 Problem Set 0 Fall 2020 - 2021 (1).pdf
2021-02-18 16:00 - 2021-02-18 16:00 - 000057246 _____ C:\Users\USER\Downloads\CCE202 Problem Set 0 Fall 2020 - 2021.pdf
2021-02-16 17:55 - 2021-02-16 17:55 - 010714917 ___RT C:\Users\USER\Desktop\micro[1309].zip
2021-02-16 17:22 - 2021-02-16 17:22 - 001002709 _____ C:\Users\USER\Downloads\Solution manual micro (1).pdf
2021-02-16 17:17 - 2021-02-16 17:17 - 003336378 _____ C:\Users\USER\Downloads\Carl Hamacher, Zvonko Vranesic, Safwat Zaky, Naraig Manjikian - Computer organization and embedded systems-McGraw-Hill (2011) (1).pdf
2021-02-15 15:53 - 2021-02-15 15:53 - 000487165 _____ C:\Users\USER\Downloads\6- Mircocontroller Lab Requirements (1).pdf
2021-02-15 12:15 - 2021-02-15 12:16 - 005010388 ___RT C:\Users\USER\Desktop\MTE412[1308].zip
2021-02-14 23:41 - 2021-02-14 23:41 - 003036835 _____ C:\Users\USER\Downloads\5- Sensors and Actuators.pdf
2021-02-14 23:41 - 2021-02-14 23:41 - 002330005 _____ C:\Users\USER\Downloads\3- Intro to Arduino (2).pdf
2021-02-14 23:41 - 2021-02-14 23:41 - 001872683 _____ C:\Users\USER\Downloads\2- History of Microprocessors - Microcontrollers.pdf
2021-02-14 23:41 - 2021-02-14 23:41 - 001584893 _____ C:\Users\USER\Downloads\1- History of Transistors.pdf
2021-02-14 23:41 - 2021-02-14 23:41 - 001545832 _____ C:\Users\USER\Downloads\4- Arduino Coding.pdf
2021-02-14 23:41 - 2021-02-14 23:41 - 000611083 _____ C:\Users\USER\Downloads\7- Report Example.pdf
2021-02-14 23:41 - 2021-02-14 23:41 - 000487165 _____ C:\Users\USER\Downloads\6- Mircocontroller Lab Requirements.pdf
2021-02-14 22:48 - 2021-02-14 22:48 - 000101734 _____ C:\Users\USER\Downloads\MTE 412 - Syllabus.pdf
2021-02-14 22:41 - 2021-02-14 22:41 - 002369452 _____ C:\Users\USER\Downloads\0- Introduction - Syllabus.pdf
2021-02-14 22:41 - 2021-02-14 22:41 - 000610514 _____ C:\Users\USER\Downloads\CCE 320L A Course Outline Spring 2020-2021 -BLP.pdf
2021-02-11 20:06 - 2021-02-11 20:06 - 000080920 _____ C:\Users\USER\Downloads\Exp_3_Wittig2 (1).pdf
2021-02-11 20:05 - 2021-02-11 20:05 - 000080920 _____ C:\Users\USER\Downloads\Exp_3_Wittig2.pdf
2021-02-09 14:55 - 2021-02-09 14:55 - 032473810 _____ C:\Users\USER\Downloads\HW1 Solution.pdf
2021-02-09 14:54 - 2021-02-09 14:54 - 031985115 _____ C:\Users\USER\Downloads\HW2 Solution.pdf
2021-02-08 22:18 - 2021-03-08 12:38 - 000000000 ____D C:\Users\USER\Desktop\Circuits 2 Ressources
2021-02-08 22:13 - 2021-02-08 22:13 - 001404091 _____ C:\Users\USER\Downloads\Report 3.pdf
2021-02-08 22:13 - 2021-02-08 22:13 - 001388634 _____ C:\Users\USER\Downloads\Report 2.pdf
2021-02-08 22:13 - 2021-02-08 22:13 - 001341530 _____ C:\Users\USER\Downloads\Report 5.pdf
2021-02-08 22:13 - 2021-02-08 22:13 - 000925656 _____ C:\Users\USER\Downloads\Report 4.pdf
2021-02-08 22:13 - 2021-02-08 22:13 - 000857963 _____ C:\Users\USER\Downloads\Report 6.pdf
2021-02-08 22:12 - 2021-02-08 22:13 - 001600064 _____ C:\Users\USER\Downloads\Report 1.pdf
2021-02-08 22:12 - 2021-02-08 22:12 - 000654416 _____ C:\Users\USER\Downloads\Car Obstacle Avoiding Sensor Presentation.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-09 02:11 - 2018-11-03 17:01 - 000000000 ____D C:\Users\USER\AppData\Local\CrashDumps
2021-03-09 02:10 - 2018-10-10 21:43 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-09 02:09 - 2020-12-03 04:36 - 000000000 ____D C:\Users\USER\AppData\Roaming\IObit
2021-03-09 02:09 - 2020-12-03 04:36 - 000000000 ____D C:\ProgramData\IObit
2021-03-09 02:07 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-09 02:07 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-09 02:05 - 2020-06-04 22:06 - 000000000 ____D C:\Users\USER\Desktop\New folder (2)
2021-03-09 02:02 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-09 02:01 - 2018-12-22 20:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-09 01:58 - 2019-08-30 04:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-09 01:57 - 2018-12-22 20:22 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-09 01:55 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-09 00:48 - 2019-08-12 00:49 - 000000000 ____D C:\Users\USER\Desktop\League of Legends
2021-03-09 00:48 - 2018-11-24 08:29 - 000000000 ____D C:\ProgramData\Riot Games
2021-03-08 18:39 - 2018-10-10 22:50 - 000000200 _____ C:\Users\USER\AppData\Roaming\sp_data.sys
2021-03-08 16:21 - 2019-03-19 06:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-03-08 16:12 - 2020-06-05 01:02 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-03-08 16:11 - 2018-10-10 22:47 - 000000000 __SHD C:\Users\USER\IntelGraphicsProfiles
2021-03-08 16:10 - 2019-08-30 05:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-08 16:09 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-03-08 15:45 - 2019-06-19 23:38 - 000000000 ____D C:\Users\USER\AppData\Roaming\uTorrent
2021-03-08 15:44 - 2019-07-18 17:30 - 000000000 ____D C:\Users\USER\AppData\Local\BitTorrentHelper
2021-03-08 15:38 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2021-03-07 23:19 - 2020-02-02 18:51 - 000000000 ____D C:\Users\USER\AppData\Roaming\Discord
2021-03-07 20:51 - 2020-10-17 00:29 - 000000000 ____D C:\Users\USER\Desktop\Finished movies and series
2021-03-06 00:18 - 2020-10-22 17:30 - 000000000 ____D C:\Users\USER\Downloads\Lucifer S01 Season 1 Complete HDTV XviD-AFG
2021-03-05 11:47 - 2020-09-13 03:13 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-05 11:47 - 2020-09-13 03:13 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-04 14:06 - 2020-01-17 13:58 - 000007603 _____ C:\Users\USER\AppData\Local\Resmon.ResmonCfg
2021-03-03 16:19 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-01 18:16 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2021-03-01 03:32 - 2019-08-30 04:47 - 000840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-01 03:29 - 2018-10-29 23:55 - 000768072 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtkBtfilter.sys
2021-03-01 03:26 - 2020-12-03 04:38 - 000000000 ____D C:\ProgramData\ProductData
2021-03-01 03:23 - 2021-02-05 11:43 - 000000000 ____D C:\Users\USER\Desktop\Computer and microprocessors files
2021-03-01 02:41 - 2020-09-13 03:13 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-01 02:41 - 2020-09-13 03:13 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-03-01 02:41 - 2020-09-13 03:13 - 000002278 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-03-01 02:22 - 2018-12-23 18:32 - 000000000 ____D C:\ProgramData\Packages
2021-03-01 02:22 - 2018-11-14 06:09 - 000000000 ____D C:\Users\USER\AppData\Local\PlaceholderTileLogoFolder
2021-03-01 02:22 - 2018-10-10 22:47 - 000000000 ____D C:\Users\USER\AppData\Local\Packages
2021-03-01 00:56 - 2019-08-30 05:00 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3687056350-4107627854-1885962915-1001
2021-03-01 00:56 - 2019-08-30 04:41 - 000002366 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-01 00:56 - 2018-10-10 22:49 - 000000000 ___RD C:\Users\USER\OneDrive
2021-02-27 23:56 - 2020-09-07 21:43 - 000000000 ____D C:\Users\USER\AppData\Roaming\vlc
2021-02-26 11:08 - 2018-10-13 19:17 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-26 11:08 - 2018-10-13 19:17 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-02-26 11:08 - 2018-10-13 19:17 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-24 13:54 - 2018-10-15 13:36 - 007117744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-02-22 16:55 - 2018-12-23 18:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-16 16:59 - 2019-08-19 14:49 - 000000000 ____D C:\Users\USER\AppData\Roaming\WhatsApp
2021-02-16 16:58 - 2020-03-23 10:42 - 000000000 ____D C:\Users\USER\AppData\Local\WhatsApp
2021-02-14 18:31 - 2019-12-07 12:22 - 000000000 ___HD C:\$WINDOWS.~BT
2021-02-14 18:18 - 2019-08-30 04:59 - 000053343 _____ C:\WINDOWS\diagwrn.xml
2021-02-14 18:18 - 2019-08-30 04:59 - 000053343 _____ C:\WINDOWS\diagerr.xml
2021-02-14 15:22 - 2019-08-29 15:16 - 000000000 ___DC C:\WINDOWS\Panther
2021-02-14 15:03 - 2020-09-13 00:57 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-12 13:54 - 2020-02-05 18:50 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-12 13:54 - 2020-02-05 18:50 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-12 13:54 - 2020-02-05 18:50 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-12 13:54 - 2020-02-05 18:50 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-12 13:54 - 2020-01-17 17:32 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-12 13:54 - 2020-01-17 17:32 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-12 13:54 - 2020-01-17 17:32 - 000001449 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2021-02-12 13:54 - 2020-01-17 17:32 - 000001449 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2021-02-12 13:54 - 2020-01-17 17:31 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-12 13:54 - 2020-01-17 17:31 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-12 13:54 - 2020-01-17 17:31 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-12 13:54 - 2020-01-17 17:31 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-12 13:54 - 2018-10-10 21:43 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-02-12 13:54 - 2018-10-10 21:42 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-02-12 13:54 - 2018-10-10 21:42 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-02-08 13:00 - 2021-02-03 10:34 - 000008861 _____ C:\Users\USER\Desktop\spring 2021 course.xlsx

==================== Files in the root of some directories ========

2021-03-01 15:49 - 2021-03-08 15:36 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2018-10-13 21:33 - 2020-08-15 12:15 - 000000113 _____ () C:\Users\USER\AppData\Roaming\D2Info0
2018-10-13 21:33 - 2020-08-15 12:15 - 000000008 _____ () C:\Users\USER\AppData\Roaming\DofusAppId0_1
2018-10-13 21:49 - 2020-08-15 12:13 - 000000008 _____ () C:\Users\USER\AppData\Roaming\DofusAppId0_2
2018-10-13 21:52 - 2020-08-15 12:14 - 000000008 _____ () C:\Users\USER\AppData\Roaming\DofusAppId0_3
2018-10-13 22:04 - 2020-07-30 17:19 - 000000008 _____ () C:\Users\USER\AppData\Roaming\DofusAppId0_4
2018-10-13 21:33 - 2018-10-14 15:20 - 000000011 _____ () C:\Users\USER\AppData\Roaming\RegPorts-0
2018-10-10 22:50 - 2021-03-08 18:39 - 000000200 _____ () C:\Users\USER\AppData\Roaming\sp_data.sys
2020-01-17 13:58 - 2021-03-04 14:06 - 000007603 _____ () C:\Users\USER\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

ADDITION.TXT LOG

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by USER (09-03-2021 02:15:52)
Running from C:\Users\USER\Downloads
Windows 10 Home Single Language Version 1903 18362.900 (X64) (2019-08-30 03:01:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3687056350-4107627854-1885962915-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3687056350-4107627854-1885962915-503 - Limited - Disabled)
Guest (S-1-5-21-3687056350-4107627854-1885962915-501 - Limited - Disabled)
USER (S-1-5-21-3687056350-4107627854-1885962915-1001 - Administrator - Enabled) => C:\Users\USER
WDAGUtilityAccount (S-1-5-21-3687056350-4107627854-1885962915-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\...\uTorrent) (Version: 3.5.5.45852 - BitTorrent Inc.)
Age of Empires III - Complete Collection version 1.03 (HKLM-x32\...\Age of Empires III - Complete Collection_is1) (Version: 1.03 - Microsoft Studios)
Ankama Launcher 3.0.0 (HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\...\{410fcd79-1be8-5bf1-986e-ea09c55f7edf}) (Version: 3.0.0 - Ankama)
Application Verifier x64 External Package (HKLM\...\{10CA1677-8F02-3131-F25C-780BAB52E468}) (Version: 10.1.18362.1 - Microsoft) Hidden
ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.8 - ASUSTeK COMPUTER INC.)
ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.22 - ASUSTek COMPUTER INC.)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.19.0004 - ASUS)
ATK Package (ASUS Keyboard Hotkeys) (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0057 - ASUSTeK COMPUTER INC.)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.2.9 - ICEpower a/s)
Circuit Wizard (HKLM-x32\...\{66220469-8515-401E-A0E2-8F424852C1EF}) (Version: 1.15.0000 - New Wave Concepts Limited) Hidden
Circuit Wizard (HKLM-x32\...\InstallShield_{66220469-8515-401E-A0E2-8F424852C1EF}) (Version: 1.15.0000 - New Wave Concepts Limited)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Connectify Hotspot 2020 (HKLM\...\Connectify) (Version: 2020.1.0.40115 - Connectify)
DiagnosticsHub_CollectionService (HKLM\...\{1F3C3AAC-9F7A-47DA-A082-0ACE770041BE}) (Version: 16.1.28901 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Driver Booster 8 (HKLM-x32\...\Driver Booster_is1) (Version: 8.1.0 - IObit)
Electronics Assistant V4.1 (HKLM-x32\...\Electronics Assistant_is1) (Version:  - Electronics 2000)
Epic Games Launcher (HKLM-x32\...\{38032CA4-BABE-44FB-813F-E152455B8FED}) (Version: 1.1.291.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
GameFirst IV (HKLM-x32\...\{370651DD-8ABF-4807-9533-0869FDF79BFA}) (Version: 1.5.31 - ASUSTeK COMPUTER INC.) Hidden
GameFirst IV (HKLM-x32\...\GameFirst IV 1.5.31) (Version: 1.5.31 - ASUSTeK COMPUTER INC.)
GlassWire 2.2 (remove only) (HKLM-x32\...\GlassWire 2.2) (Version: 2.2.304 - SecureMix LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC)
icecap_collection_neutral (HKLM-x32\...\{985FBEB2-DBE9-407D-B1E9-B07E0E4D0CBC}) (Version: 16.4.29430 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{1C86330F-D72E-4268-B461-758854BC4A52}) (Version: 16.4.29430 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{9E7C1C9B-6E2E-4057-857D-62F7F5ABE36B}) (Version: 16.4.29430 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{F5C67FC5-BF18-4304-9268-A971876B245A}) (Version: 16.4.29411 - Microsoft Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7325 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.9.0.1015 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Kaspersky VPN (HKLM-x32\...\{221FA56C-0A92-4E58-98FD-CAF82237540C}) (Version: 21.2.16.590 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{221FA56C-0A92-4E58-98FD-CAF82237540C}) (Version: 21.2.16.590 - Kaspersky)
Kits Configuration Installer (HKLM-x32\...\{63AAA877-5536-9481-2385-28A082100D78}) (Version: 10.1.18362.1 - Microsoft) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Legends of Runeterra (HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\...\Riot Game bacon.live) (Version:  - Riot Games, Inc)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Math Kernel Libraries (64-bit) (HKLM\...\{C8AE1FF1-C898-4171-B03B-94D5E487C2D8}) (Version: 17.01.49152 - National Instruments) Hidden
Math Kernel Libraries (64-bit) (HKLM\...\{CE86A4F6-834F-4A88-B219-283946FAB878}) (Version: 18.01.49152 - National Instruments) Hidden
Math Kernel Libraries (HKLM-x32\...\{14B23AC5-B7EF-47D1-A57D-8666BAEE13C3}) (Version: 18.01.49152 - National Instruments) Hidden
Math Kernel Libraries (HKLM-x32\...\{6A8A28A0-4568-4718-A3E7-F951C191602B}) (Version: 17.01.49152 - National Instruments) Hidden
McGraw-Hill Dictionary of Engineering (remove only) (HKLM-x32\...\McGraw-Hill Dictionary of Engineering) (Version:  - )
MetaTrader 5 (HKLM\...\MetaTrader 5) (Version: 5.00 - MetaQuotes Software Corp.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.81 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - )
Microsoft OneDrive (HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM\...\{8D7CE3B0-5379-46FE-9F4B-A65D9F4CC1F1}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM-x32\...\{725CC962-98BD-42C7-87D8-51C680FB1779}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BAB9FCC5-1506-4B4F-BFCA-EDE0BDB86C21}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.7.3066.826 - Microsoft Corporation)
MP4 Player 3 (HKLM-x32\...\MP4 Player_is1) (Version:  - Tomabo)
MSI Development Tools (HKLM-x32\...\{DB4DB790-64DD-1902-4BF2-833B3B6DBCA1}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
National Instruments Software (HKLM-x32\...\NI Uninstaller) (Version:  - National Instruments)
NI .NET Framework 4.6.2 (HKLM-x32\...\{E6406D9C-7E60-4819-B647-41C549D25CCC}) (Version: 4.63.49152 - National Instruments) Hidden
NI ActiveX Container (64-bit) (HKLM\...\{168152A0-6ECA-472B-8157-01E280F6D158}) (Version: 17.11.49152 - National Instruments) Hidden
NI ActiveX Container (HKLM-x32\...\{88DFF01E-7C87-4E35-B194-CB7A2E32FA6D}) (Version: 17.11.49152 - National Instruments) Hidden
NI Authentication 2019 (64-bit) (HKLM\...\{E6E380E8-65B5-403B-9CE5-2F8E61885864}) (Version: 19.00.49152 - National Instruments) Hidden
NI Authentication 2019 (HKLM-x32\...\{E28CF12C-112B-4023-BBA3-C5D30CE583DC}) (Version: 19.00.49152 - National Instruments) Hidden
NI Circuit Design Suite 14.2 Core (HKLM-x32\...\{C85E6F31-702B-476E-B44D-F6EC4092DAC2}) (Version: 14.20.49240 - National Instruments) Hidden
NI Circuit Design Suite 14.2 Pro (HKLM-x32\...\{C50D29DF-20C2-4829-A4D7-58B1ACE0CBF1}) (Version: 14.20.49241 - National Instruments) Hidden
NI Circuit Design Suite 14.2 Pro Licenses (HKLM-x32\...\{A174F3D2-0CCB-4AC8-8EFD-28CD72D021AA}) (Version: 14.20.49246 - National Instruments) Hidden
NI Circuit Design Suite 14.2 Shared (HKLM-x32\...\{364BE6AA-0F62-40A7-A5A8-DD15082A1A7B}) (Version: 14.20.49241 - National Instruments) Hidden
NI Circuit Design Suite Databases (HKLM-x32\...\{37DBCA00-10A2-4BC8-A3C2-4F1A6E3D2AC5}) (Version: 14.20.49251 - National Instruments) Hidden
NI Curl 19.0.0 (64-bit) (HKLM\...\{0B70FBA3-C887-4B13-976E-DBA47D7F7E08}) (Version: 19.00.49152 - National Instruments) Hidden
NI Curl 2019 (HKLM-x32\...\{B29007A1-E053-46E4-8A51-6803638AF06D}) (Version: 19.00.49152 - National Instruments) Hidden
NI DataFinder Desktop Quit (HKLM-x32\...\{48CB48CB-1B2D-4B8E-83F2-682A3AEA8757}) (Version: 18.55.49152 - National Instruments) Hidden
NI DataSocket 19.0 (64-bit) (HKLM\...\{6D66BAC6-D156-46F3-93F9-821FDE8FE90E}) (Version: 19.00.49152 - National Instruments) Hidden
NI DataSocket 19.0 (HKLM-x32\...\{6C2EA93A-BE4B-4929-BC67-ECE3DC942BFB}) (Version: 19.00.49152 - National Instruments) Hidden
NI Error Reporting 2019 (HKLM-x32\...\{BDB8510F-A749-420F-83B6-50471C6E900C}) (Version: 19.00.49152 - National Instruments) Hidden
NI Error Reporting Interface 19.0 (HKLM-x32\...\{69181DFA-D7CA-4AFE-98E2-A985F32B557B}) (Version: 19.00.49152 - National Instruments) Hidden
NI Error Reporting Interface 19.0 for Windows (64-bit) (HKLM\...\{F45959B1-0729-4CF7-8DAF-4EA9F59AB8CF}) (Version: 19.00.49152 - National Instruments) Hidden
NI EulaDepot (HKLM-x32\...\{F8018104-6294-4896-A9E2-CBC919992310}) (Version: 19.00.49152 - National Instruments) Hidden
NI Example Finder 19.0 (HKLM-x32\...\{DF899B49-AD4C-4DBF-AAB9-7804EEC5F897}) (Version: 19.00.49152 - National Instruments) Hidden
NI Help Assistant 2.2.0 (64-bit) (HKLM\...\{1BEB1215-66E8-422C-ACC1-BE46C4217FD7}) (Version: 2.20.49152 - National Instruments) Hidden
NI Help Assistant 2.2.0 (HKLM-x32\...\{40181E81-8E14-435C-8D7B-ACF206717FCA}) (Version: 2.20.49152 - National Instruments) Hidden
NI LabVIEW 2017 Real-Time NBFifo (HKLM-x32\...\{BFC565AE-AE37-435E-9DD8-CCDA67A43A64}) (Version: 17.01.49152 - National Instruments) Hidden
NI LabVIEW 2017 Run-Time Engine Web Server (HKLM-x32\...\{078DEF27-4701-48CB-A4B2-863C38741E3F}) (Version: 17.02.49152 - National Instruments) Hidden
NI LabVIEW 2018 Real-Time NBFifo (HKLM-x32\...\{327F1AC0-F044-4E66-80C1-60E5DE0C3F25}) (Version: 18.01.49152 - National Instruments) Hidden
NI LabVIEW 2018 Run-Time Engine Web Server (HKLM-x32\...\{36AC0BCF-6928-46C6-9B5B-9271B60B8823}) (Version: 18.01.49152 - National Instruments) Hidden
NI LabVIEW 2019 Deployment Framework (HKLM-x32\...\{2D235EC4-446F-4CD5-8516-6BC1AC99F2F2}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabVIEW 2019 Real-Time NBFifo (HKLM-x32\...\{E1D9B566-15DF-41AE-8342-800FD1A6A7A9}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabVIEW 2019 Run-Time Engine Web Server (HKLM-x32\...\{39E48FFF-ED88-4231-A9A7-198A9CE4CCE4}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabVIEW Runtime 2017 SP1 f3 (HKLM-x32\...\{085A7141-FB86-4664-AA46-2B9C6AE2922C}) (Version: 17.60.49152 - National Instruments) Hidden
NI LabVIEW Runtime 2017 SP1 Non-English Support. (HKLM-x32\...\{DD947755-D529-4239-9A19-F589C2F21F94}) (Version: 17.60.49152 - National Instruments) Hidden
NI LabVIEW Runtime 2018 SP1 f3 (HKLM-x32\...\{C5ABCE00-1C4C-4C99-980E-D15086F27D17}) (Version: 18.60.49152 - National Instruments) Hidden
NI LabVIEW Runtime 2018 SP1 Non-English Support. (HKLM-x32\...\{F4956F08-1B8C-47B8-8794-16431062AEC5}) (Version: 18.60.49152 - National Instruments) Hidden
NI LabVIEW Runtime 2019 (HKLM-x32\...\{B20204CA-DD51-4527-95BC-C7D4D15EF68C}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabVIEW Runtime 2019 Non-English Support. (HKLM-x32\...\{21BC6C6B-8341-48B5-9FDC-CF25E4969533}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabVIEW Runtime Interop 2017 (HKLM-x32\...\{E5EAB9B3-AD4C-4962-88F0-8433F9DEBE72}) (Version: 17.60.49152 - National Instruments) Hidden
NI LabVIEW Runtime Interop 2018 (HKLM-x32\...\{61FE1D13-14B7-47FB-8644-F6DC0D1EE02C}) (Version: 18.60.49152 - National Instruments) Hidden
NI LabVIEW Runtime Interop 2019 (HKLM-x32\...\{F2704C4E-5764-46CE-89F2-D015C7355C84}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI 2017 Low-Level Driver (Original) (HKLM-x32\...\{9BB3D4D0-8F6C-4884-93EA-4B86E49E84D3}) (Version: 17.50.49152 - National Instruments) Hidden
NI LabWindows/CVI 2017 Low-Level Driver (Updated) (HKLM-x32\...\{E8147E4B-A2F5-4061-BC17-ED9879EEDF03}) (Version: 17.50.49152 - National Instruments) Hidden
NI LabWindows/CVI 2019 .NET Library (64-bit) (HKLM\...\{F18FEE12-37AB-427B-9E79-2976020ADC05}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI 2019 .NET Library (HKLM-x32\...\{7EE28BBA-8A24-40B1-B0D0-9066A8CFA4AA}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI 2019 .NET Reflector Library (64-bit) (HKLM\...\{ACCD1776-7309-4920-A816-6D41225A4C2A}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI 2019 .NET Reflector Library (HKLM-x32\...\{F456DB40-F5DF-45FE-A582-83DBED5D6432}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI 2019 ActiveX Library (HKLM\...\{710B7DB9-170C-4B4D-A1F4-749E3BFFB2AB}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI 2019 ActiveX Library (HKLM-x32\...\{D72C00A8-14F3-4E45-AFAC-5A71F833E210}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI 2019 Analysis Library (64-bit) (HKLM\...\{2AC39B0D-FBF4-4665-9CFD-C02BF5D67120}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI 2019 Analysis Library (HKLM-x32\...\{16BC0547-DF57-48CF-8CB5-1CC0DF3B4911}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI 2019 DataSocket Library (HKLM-x32\...\{6E1BCD5B-41A1-4E69-8C6E-389F57A19F00}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI 2019 Internet Library (HKLM\...\{2C2766FD-C550-4D05-B049-9691673CAA4E}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI 2019 Internet Library (HKLM-x32\...\{CE61F080-FB64-4F6C-9763-A3060A0E59E6}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI 2019 Network Streams Library (64-bit) (HKLM\...\{421C9B76-B546-4B6C-AE74-A63EFE2BF315}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI 2019 Network Streams Library (HKLM-x32\...\{EEA5281C-7DA9-492E-8F6F-4127DC67AAD6}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI 2019 Network Variable Library (64-bit) (HKLM\...\{061362C1-CF25-4A38-B124-99E07E48D95C}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI 2019 Network Variable Library (HKLM-x32\...\{D1027BA0-C959-44E2-B4FA-10386404AF75}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI 2019 TDMS Library (64-bit) (HKLM\...\{A2364755-BAF8-4756-927F-1CEC88B9AD7D}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI 2019 TDMS Library (HKLM-x32\...\{75191165-D39E-42A2-A7A2-D74AE99F8A84}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI Diadem Connectivity Support (HKLM\...\{E0797B58-12C2-4CC1-A2EA-14312C1961F0}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI Diadem Connectivity Support (HKLM-x32\...\{9B14BAA8-31A5-463B-88C8-EC81F67BEE57}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI Instrument Driver Runtime 2019 (HKLM\...\{FC0D6B63-635F-49BD-9FBA-EB53E7C16F3D}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI Instrument Driver Runtime 2019 (HKLM-x32\...\{E12F09FF-07B3-4677-8D5C-BDD01E9A5545}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI OpenGL Library 2019 (HKLM-x32\...\{FB67912C-BB8D-4FE2-B64E-7712EB90DEA4}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI Real-Time Runtime 2019 (HKLM-x32\...\{0946CDFA-C3C6-4AD5-B884-FB72701ED351}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI Shared Runtime 2019 (HKLM\...\{8CB02A36-1148-4AAC-88ED-34B33D1445D4}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI Shared Runtime 2019 (HKLM-x32\...\{2EB63900-C920-494E-9F7B-56E6B2DCBEE9}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI Shared Runtime 2019 (HKLM-x32\...\{DD4F8DEA-0AA5-48D8-B82C-763E5E087A06}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI Shared Runtime Core 2019 (HKLM\...\{9AAC2070-B661-4D14-BB09-AC6D664AF07B}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI Shared Runtime Core 2019 (HKLM-x32\...\{93977567-FFEC-453C-A47F-CE30077E9F4B}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI Shared Runtime OpenMP 2019 (HKLM\...\{15FD5373-6881-4398-A097-0D18C302E3E2}) (Version: 19.00.49152 - National Instruments) Hidden
NI LabWindows/CVI Shared Runtime OpenMP 2019 (HKLM-x32\...\{5B4D362F-8203-490C-82D1-5F607972196F}) (Version: 19.00.49152 - National Instruments) Hidden
NI Launcher (HKLM-x32\...\{5338A867-DF6C-439F-A973-5EEBF3EF9110}) (Version: 19.00.49156 - National Instruments) Hidden
NI License Manager (HKLM-x32\...\{4475EC31-07FE-4145-878E-D6ADC4483748}) (Version: 4.40.49154 - National Instruments) Hidden
NI License Manager 64 bit (HKLM\...\{B78D3FE2-F8CB-4437-A916-4060C258C7BA}) (Version: 4.40.49154 - National Instruments) Hidden
NI Logos 19.0 (64-bit) (HKLM\...\{7C768772-3A4B-445D-A29E-14A2FDA1545D}) (Version: 19.00.49152 - National Instruments) Hidden
NI Logos 19.0 (HKLM-x32\...\{60684600-163F-45D7-83DB-E247FA48D81F}) (Version: 19.00.49152 - National Instruments) Hidden
NI Logos XT Support (HKLM-x32\...\{52981014-740C-430E-A83A-711186DF565B}) (Version: 19.00.49152 - National Instruments) Hidden
NI Logos64 XT Support (HKLM\...\{FE3294EC-57C4-4B24-9C4B-D734C2761458}) (Version: 19.00.49152 - National Instruments) Hidden
NI MAX Remote Configuration 64-bit Installer 19.0 (HKLM\...\{45605903-B4A7-486E-A2BE-19D47CDEDE52}) (Version: 19.00.49152 - National Instruments) Hidden
NI MAX Remote Configuration Installer 19.0 (HKLM-x32\...\{FAFB3CD7-F8A6-4D31-BCB4-57354C17128E}) (Version: 19.00.49152 - National Instruments) Hidden
NI MDF Support (HKLM-x32\...\{ED664E5A-6D28-48EA-A2EE-B6356EF01B37}) (Version: 19.00.49156 - National Instruments) Hidden
NI mDNS Responder 19.0 for Windows 64-bit (HKLM\...\{9A436E28-853F-4FF1-9B6A-DF8CFDBA3A01}) (Version: 19.00.49152 - National Instruments) Hidden
NI mDNS Responder 19.0.0 (HKLM-x32\...\{5E39EF13-6B0A-4C7A-B7FB-608DB58D1D73}) (Version: 19.00.49152 - National Instruments) Hidden
NI Measurement Studio ComponentWorks 3D Graph (HKLM-x32\...\{A9B6FC03-1277-40DF-A475-32389FD27883}) (Version: 8.75.49152 - National Instruments) Hidden
NI MetaSuite Installer (HKLM-x32\...\{6C245AE4-61B6-4D3F-A9CD-D8B09B1860C5}) (Version: 19.00.49156 - National Instruments) Hidden
NI Microsoft Visual C++ 2015 Run-Time (HKLM-x32\...\{AFC999BB-F270-46EF-B748-AE755EC75322}) (Version: 14.15.49152 - National Instruments) Hidden
NI MSI Properties (HKLM-x32\...\{820FB6E8-8856-48D7-934C-76169DCCFD48}) (Version: 19.00.49156 - National Instruments) Hidden
NI MSI Properties 64-bit (HKLM\...\{2F5E00C7-C0E0-4252-94A4-6144F6AD879D}) (Version: 19.00.49156 - National Instruments) Hidden
NI Multisim LabVIEW Interoperability Support 14.2 (HKLM-x32\...\{C0406B75-9800-4747-BE7C-8B5FFDF15C1B}) (Version: 14.20.49152 - National Instruments) Hidden
NI Network Discovery 19.0 (HKLM-x32\...\{67CAC405-3918-4EDA-A296-D96448453E0C}) (Version: 19.00.49152 - National Instruments) Hidden
NI Network Discovery 19.0 for Windows 64-bit (HKLM\...\{57F0A87F-A86F-4DD1-BFA9-5B355A5885CC}) (Version: 19.00.49152 - National Instruments) Hidden
NI OPCEnum Shared (HKLM-x32\...\{FF52A5AE-9E72-49EE-8E39-C514ED78E1E2}) (Version: 5.63.49152 - National Instruments) Hidden
NI OPCEnum Shared 64-bit (HKLM\...\{2573F484-C0B0-432F-B57D-D8C5D2414169}) (Version: 5.63.49152 - National Instruments) Hidden
NI Package Manager 19.0 (HKLM-x32\...\{8FFD373A-95F4-4B1C-B658-3BBB2C0163D8}) (Version: 19.00.49152 - National Instruments) Hidden
NI Package Manager 32-bit 19.0 (HKLM-x32\...\{56DEA07D-607F-49B3-A805-C30B4792CE4F}) (Version: 19.00.49152 - National Instruments) Hidden
NI Package Manager 64-bit 19.0 (HKLM\...\{24C692BA-4D37-4C61-86C4-8757B6B0D5B6}) (Version: 19.00.49152 - National Instruments) Hidden
NI Package Manager 64-bit 19.0 (HKLM\...\NI Package Manager) (Version: 19.0.0 - National Instruments)
NI Package Manager Deployment Support 19.0 (HKLM-x32\...\{074243FE-6055-4B0A-8B4B-A56A965CB0F7}) (Version: 19.00.49152 - National Instruments) Hidden
NI Package Manager Deployment Support 32-bit 19.0 (HKLM-x32\...\{CB2C1BCF-7E81-43CF-B6B1-ADBE89B38CA9}) (Version: 19.00.49152 - National Instruments) Hidden
NI Package Manager Deployment Support 64-bit 19.0 (HKLM\...\{75A01796-96B9-46DD-8653-2605203FAF83}) (Version: 19.00.49152 - National Instruments) Hidden
NI Portable Configuration 19.0.0 (HKLM-x32\...\{8CA5A8AA-78BD-46D2-9C05-1C27D18AB913}) (Version: 19.00.49152 - National Instruments) Hidden
NI Portable Configuration for 64 Bit Windows 19.0.0 (HKLM\...\{C5298B1E-5CAA-45D2-BA4B-AF44B37F3639}) (Version: 19.00.49152 - National Instruments) Hidden
NI Python Interface (64-bit) (HKLM\...\{5C7A1916-A4BD-426E-8885-3AA000F37B5E}) (Version: 19.00.49152 - National Instruments) Hidden
NI Python Interface (HKLM-x32\...\{678D1766-7559-4F34-BCAE-54CB3A6B6346}) (Version: 19.00.49152 - National Instruments) Hidden
NI Security Update (KB 67L8LCQW) (64-bit) (HKLM\...\{3BD1EEE5-2B3D-428A-9CAB-4DE4A38070C4}) (Version: 2.10.49152 - National Instruments) Hidden
NI Security Update (KB 67L8LCQW) (HKLM-x32\...\{64ECB814-3A6A-4E48-9D2F-D6C2EDD725B7}) (Version: 2.10.49152 - National Instruments) Hidden
NI Service Locator 2019 (HKLM-x32\...\{FF4257C4-CB02-4A5F-9B09-D7FB822E53C2}) (Version: 19.00.49153 - National Instruments) Hidden
NI SSL LabVIEW RTE 2017 Support (HKLM-x32\...\{B18CC3B4-0FAB-493E-9ECE-08322DC3D5DE}) (Version: 17.02.49152 - National Instruments) Hidden
NI SSL LabVIEW RTE 2018 Support (HKLM-x32\...\{F2450132-3E15-4469-B223-AF068A1F002F}) (Version: 18.01.49152 - National Instruments) Hidden
NI SSL LabVIEW RTE 2019 Support (HKLM-x32\...\{B18B5A4C-AFA8-40D3-AEB8-F9DA8D9964D6}) (Version: 19.00.49152 - National Instruments) Hidden
NI SSL Support (64-bit) (HKLM\...\{90194484-29A1-4A4F-BC69-86A5FFD998BB}) (Version: 19.00.49152 - National Instruments) Hidden
NI SSL Support (HKLM-x32\...\{81710CDC-7B4D-4A91-8D44-8E2F8B5C2B6E}) (Version: 19.00.49152 - National Instruments) Hidden
NI System API Windows 32-bit 19.0.0 (HKLM-x32\...\{FA85DBC5-063E-4CA0-9E3A-7C1180D8F7AE}) (Version: 19.00.49154 - National Instruments) Hidden
NI System API Windows 64-bit 19.0.0 (HKLM\...\{FF8D25A5-B402-4D6B-9C61-755731F76A48}) (Version: 19.00.49154 - National Instruments) Hidden
NI System Configuration Runtime 19.0.0 (HKLM-x32\...\{BC2E0887-7154-492A-80E3-1A748C59C0CA}) (Version: 19.00.49152 - National Instruments) Hidden
NI System Configuration Runtime 19.0.0 for Windows 64-bit (HKLM\...\{2971A466-2A74-4E6D-9170-3182DC507458}) (Version: 19.00.49152 - National Instruments) Hidden
NI System Logging Utilities (HKLM-x32\...\{A8EA269D-0DB9-4EF3-A55C-D1A1698510B8}) (Version: 19.00.49152 - National Instruments) Hidden
NI System State Publisher (64-bit) (HKLM\...\{5EAE3D65-8EB6-4592-8DE9-916BE2450C12}) (Version: 19.00.49152 - National Instruments) Hidden
NI System State Publisher (HKLM-x32\...\{CB09014A-8C9C-40D7-ADA0-EB0DE9E7FE1F}) (Version: 19.00.49152 - National Instruments) Hidden
NI TDM Streaming 19.0 (64-bit) (HKLM\...\{675DBC06-3A25-440A-A16D-59C799045788}) (Version: 19.00.49152 - National Instruments) Hidden
NI TDM Streaming 19.0 (HKLM-x32\...\{C0A9F5E2-DCD5-44C1-8B03-C560F4C06D6C}) (Version: 19.00.49152 - National Instruments) Hidden
NI Trace Engine (64-bit) (HKLM\...\{4858AE0F-D4FB-441E-9BB8-442115A9D282}) (Version: 19.00.49152 - National Instruments) Hidden
NI Trace Engine (HKLM-x32\...\{5156FF00-C463-4A1F-9063-F7012042E7F0}) (Version: 19.00.49152 - National Instruments) Hidden
NI Uninstaller 19.0.0 (HKLM-x32\...\{88104A0D-1729-4A73-B798-80BEFC243F18}) (Version: 19.00.49156 - National Instruments) Hidden
NI Update Service 19.0 (64-bit) (HKLM\...\{7921EC81-0F69-4E0F-BD15-25F3916FA394}) (Version: 19.00.49152 - National Instruments) Hidden
NI Update Service 19.0 (HKLM-x32\...\{D484C278-268B-4208-BAE4-4F824C825C91}) (Version: 19.00.49152 - National Instruments) Hidden
NI USI (HKLM-x32\...\{013D2F9F-6833-4763-965E-B49B16A4F9E1}) (Version: 18.55.49152 - National Instruments) Hidden
NI USI 64-bit (HKLM\...\{C760E322-7CBA-48C4-9FE5-FEC7DEB4807F}) (Version: 18.55.49152 - National Instruments) Hidden
NI VC2008RTE x64 (HKLM\...\{06D941A7-5D25-4BE9-8B43-C4C3FDF04B19}) (Version: 9.11.49152 - National Instruments) Hidden
NI VC2008RTE x86 (HKLM-x32\...\{9E5D29BF-8DDF-4F22-98F8-0F8D633D2ED3}) (Version: 9.11.49152 - National Instruments) Hidden
NI VC2010RTE x64 (HKLM\...\{69E75EBE-2F24-4C6E-A8E4-FE4A37C08FA3}) (Version: 10.11.49152 - National Instruments) Hidden
NI VC2010RTE x86 (HKLM-x32\...\{7263BB03-5107-45A2-AD0B-6E15043A8D6B}) (Version: 10.11.49152 - National Instruments) Hidden
NI WS Repl Library 2019 (64-bit) (HKLM\...\{BF5BFD3A-EF84-42DB-A888-F1C0EB1B15FF}) (Version: 19.00.49152 - National Instruments) Hidden
NI WS Repl Library 2019 (HKLM-x32\...\{B0049D5A-380E-4219-A69D-02273F86891C}) (Version: 19.00.49152 - National Instruments) Hidden
NI-Mesa (HKLM\...\{7FEEA40E-893D-4476-938B-5E2B99C068B2}) (Version: 17.11.49152 - National Instruments) Hidden
NI-Mesa (HKLM-x32\...\{F2EEE63A-0DCA-41BF-A243-4E4C0DFA38A4}) (Version: 17.11.49152 - National Instruments) Hidden
NI-RPC 19.0.0f0 (HKLM-x32\...\{EFC648C5-F3BC-4096-9AFE-23121EF06828}) (Version: 19.00.49152 - National Instruments) Hidden
NI-RPC 19.0.0f0 for 64 Bit Windows (HKLM\...\{4E3378C2-DC06-4778-86F9-CDFFD56B9C20}) (Version: 19.00.49152 - National Instruments) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Graphics Driver 461.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.72 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
ProPlugin version 7 (HKLM-x32\...\{1D342DAC-564F-47D0-9A4B-4F073C244B69}_is1) (Version: 7 - ProPlugin)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.24.10 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.6.0130.011816 - Razer Inc.)
REALTEK Bluetooth Filter Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AD}) (Version: 1.5.1004.170926 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.29095 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8746.1 - Realtek Semiconductor Corp.)
Realtek PCI-E Wireless LAN Driver (HKLM-x32\...\InstallShield_{70714FB7-4084-4202-A599-2D5935DECB67}) (Version: Drv_3.00.0019 - REALTEK Semiconductor Corp.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
ROG Gaming Center (HKLM\...\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}) (Version: 2.1.5 - ASUSTeK COMPUTER INC.)
SDK ARM Additions (HKLM-x32\...\{73681F86-CD86-4208-572F-959B45430B04}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{67EE3804-9642-62BA-EBF1-B1561FB4ECBE}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Universal CRT Extension SDK (HKLM-x32\...\{13952D7A-B7B3-F4F8-5F29-5CD18E8168B7}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{74CBC330-ED16-31B9-E8BE-0C6A8E67DE32}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{847D4DAF-0182-265B-324F-406462E8A90D}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{54FE4D23-11A2-F1C4-76E9-79C8FB40A4A1}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{9F7B0D96-881D-8850-C303-43F3A08E6902}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{6F54BF87-2EE6-FA6D-431D-33A665992D49}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VALORANT (HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
vcpp_crt.redist.clickonce (HKLM-x32\...\{A8059244-ADC7-4A76-9EEA-E0562F480BDE}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Versium Research 10.5 (HKLM-x32\...\{0E4D5C35-4BE5-4725-A665-D01591874763}_is1) (Version: 10.5 - Data Finder)
Visual Studio Community 2019 (HKLM-x32\...\fb1c1094) (Version: 16.4.29728.190 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VS Immersive Activate Helper (HKLM-x32\...\{78500789-0EBE-4490-BE43-F9EF8250BF42}) (Version: 16.0.98.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{4137D3AB-5B44-4AC9-83A4-5273F2E2547E}) (Version: 16.0.98.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{D8B26CBD-15D2-440B-BCBD-5616D74EFC7D}) (Version: 16.0.98.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{597EE310-E88F-49D9-ADD5-DB6677766E7B}) (Version: 16.4.29709 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{95E79BBC-97FD-4FEB-91B5-CC0231324812}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{709D609A-B91C-4C1C-890B-966470991D67}) (Version: 16.4.29709 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{6BC9BFD7-46B4-46CF-B248-DEC2B7E2028B}) (Version: 16.4.29709 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{692A0FB3-E6A2-4D41-AC03-4136B4312DC0}) (Version: 16.3.29209 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx64 (HKLM\...\{ABBD10CA-0CFA-4D76-B033-F76C55A54336}) (Version: 16.4.29411 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx86 (HKLM-x32\...\{E47B4703-2337-4ED0-BA24-3EC08D643684}) (Version: 16.4.29411 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{27B16914-BC5D-4018-8074-071262A27F6D}) (Version: 16.2.28917 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{472A5337-3393-436B-8656-00810D36BD67}) (Version: 16.4.29709 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{EC04CD66-C03A-470D-B0D2-4BBC87F6382D}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{E208E682-50EE-4F2F-9860-C91B906B8A03}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\...\WhatsApp) (Version: 2.2102.9 - WhatsApp)
WinAppDeploy (HKLM-x32\...\{8E3AE0EF-D067-700C-BDB4-10D5552155DC}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows Driver Package - ASUSTek COMPUTER INC. (AsusPTPDrv) HIDClass  (08/02/2017 11.0.0.18) (HKLM\...\E90A37D273EA609437C18750E3A7AB5C391A4E33) (Version: 08/02/2017 11.0.0.18 - ASUSTek COMPUTER INC.)
Windows SDK AddOn (HKLM-x32\...\{E6F877A1-2F65-4BF0-87B6-A4071B7663D3}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.18362.1 (HKLM-x32\...\{126dedf0-cc0e-4b48-9ece-806b0e437195}) (Version: 10.1.18362.1 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.5 - ASUSTeK COMPUTER INC.)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{E67F1F03-FB4A-3D61-8999-E6A4C4B26F34}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{7EF010FF-7800-28BA-FF49-2D219EC7BA82}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{36AE12FB-4349-6EAA-B6E4-5F4E06FA8AE8}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{6B03A6A4-643C-57CE-CA6F-4E19BF47497A}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{918A448F-59E8-FBF5-B087-D3F07160C7E0}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{66483041-F590-EC46-4AF0-EE39C62FB680}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{9C61E6D2-C43E-6746-B519-6185558C4A24}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{6B37CC5B-78DF-5050-2215-68479716A587}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{250D5341-0879-4016-399C-BBCD87B80E95}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
XSplit Gamecaster (HKLM-x32\...\{A39B5969-9683-49F9-AA69-F40EF0D91441}) (Version: 3.0.1705.3123 - SplitmediaLabs)
Zoom (HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\...\ZoomUMX) (Version: 5.3.1 (52879.0927) - Zoom Video Communications, Inc.)
zznote version 7 (HKLM-x32\...\{2189876A-814A-4A67-9F0D-A5D64A645CEA}_is1) (Version: 7 - zznote)
zznote version 7 (HKLM-x32\...\{ED79BCCD-AC6D-42BA-9762-B2362CDED959}_is1) (Version: 7 - zznote)

Packages:
=========
Arduino IDE -> C:\Program Files\WindowsApps\ArduinoLLC.ArduinoIDE_1.8.42.0_x86__mdqgnx93n4wtt [2021-03-01] (Arduino LLC)
ASUS GIFTBOX -> C:\Program Files\WindowsApps\B9ECED6F.ASUSGIFTBOX_3.1.9.0_x64__qmba6cd70vzyy [2020-12-13] (ASUSTeK COMPUTER INC.)
ASUS Product Registration Program -> C:\Program Files\WindowsApps\B9ECED6F.ASUSProductRegistrationProgram_3.0.3.0_x86__qmba6cd70vzyy [2018-12-22] (ASUSTeK COMPUTER INC.) [Startup Task]
eManual -> C:\Program Files\WindowsApps\B9ECED6F.eManual_2.0.3.0_x86__qmba6cd70vzyy [2018-12-22] (ASUSTeK COMPUTER INC.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2020-12-13] (Apple Inc.) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-12-22] (LinkedIn)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.54.0_x64__wafk5atnkzcwy [2020-12-13] (McAfee LLC.)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.13628.20274.0_x86__8wekyb3d8bbwe [2021-02-13] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-12] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.13628.20274.0_x86__8wekyb3d8bbwe [2021-02-13] (Microsoft Corporation)
Microsoft Midi gm.dls -> C:\Program Files\WindowsApps\Microsoft.Midi.GmDls_1.0.1.0_neutral__8wekyb3d8bbwe [2018-12-22] (Microsoft Platform Extensions)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.13628.20274.0_x86__8wekyb3d8bbwe [2021-02-13] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13628.20274.0_x86__8wekyb3d8bbwe [2021-02-13] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.13628.20274.0_x86__8wekyb3d8bbwe [2021-02-13] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.13628.20274.0_x86__8wekyb3d8bbwe [2021-02-13] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-13] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_21.10111.5575.0_x64__8wekyb3d8bbwe [2021-02-13] (Microsoft Corporation)
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.13628.20274.0_x86__8wekyb3d8bbwe [2021-02-13] (Microsoft Corporation)
MyASUS-Service Center -> C:\Program Files\WindowsApps\B9ECED6F.MyASUS_3.3.11.0_x86__qmba6cd70vzyy [2018-12-22] (ASUSTeK COMPUTER INC.) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-17] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-29] (NVIDIA Corp.)
PhotoDirector8 for ASUS -> C:\Program Files\WindowsApps\F5080380.PhotoDirector8forASUS_8.0.4020.0_x64__tfv7c950n6xcr [2018-12-22] (CyberLink  Corp.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-11-30] (Microsoft Corporation)
PowerDirector14 for ASUS -> C:\Program Files\WindowsApps\F5080380.PowerDirector14forASUS_14.0.5226.0_x64__tfv7c950n6xcr [2018-12-22] (CyberLink  Corp.)
ROG Aura Core -> C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.30.0_x86__qmba6cd70vzyy [2018-12-22] (ASUSTeK COMPUTER INC.) [Startup Task]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0 [2021-02-13] (Spotify AB) [Startup Task]
WPS Office for ASUS -> C:\Program Files\WindowsApps\ZhuhaiKingsoftOfficeSoftw.WPSOffice_11.2.9669.0_x86__924xes6e8q1tw [2020-10-14] (Kingsoft Office Software Corporation Limited)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [Tomabo.MP4Converter] -> {67A979E9-C5A6-4C0F-B0B7-FB516406FA9E} => C:\Program Files (x86)\Tomabo\MP4 Player\MP4C_WS.dll [2015-07-21] (Tomabo) [File not signed]
ContextMenuHandlers1: [Tomabo.MP4Player] -> {DA4F8B8B-91CF-43AD-BB0B-B52BF770DA3E} => C:\Program Files (x86)\Tomabo\MP4 Player\MP4P_WS.dll [2015-07-21] (Tomabo) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ceba516baea4bed9\igfxDTCM.dll [2020-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_8b3975f7b9f36d28\nvshext.dll [2021-02-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Tomabo.MP4Converter] -> {67A979E9-C5A6-4C0F-B0B7-FB516406FA9E} => C:\Program Files (x86)\Tomabo\MP4 Player\MP4C_WS.dll [2015-07-21] (Tomabo) [File not signed]
ContextMenuHandlers6: [Tomabo.MP4Player] -> {DA4F8B8B-91CF-43AD-BB0B-B52BF770DA3E} => C:\Program Files (x86)\Tomabo\MP4 Player\MP4P_WS.dll [2015-07-21] (Tomabo) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-10-29 04:26 - 2020-10-29 04:26 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoFoundation.dll
2020-10-29 04:26 - 2020-10-29 04:26 - 000207872 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoJSON.dll
2020-10-29 04:26 - 2020-10-29 04:26 - 000810496 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNet.dll
2020-10-29 04:26 - 2020-10-29 04:26 - 000238592 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNetSSLWin.dll
2020-10-29 04:26 - 2020-10-29 04:26 - 000335360 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoUtil.dll
2020-10-29 04:26 - 2020-10-29 04:26 - 000455168 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoXML.dll
2020-04-17 14:30 - 2015-07-21 13:50 - 000055296 _____ (Tomabo) [File not signed] C:\Program Files (x86)\Tomabo\MP4 Player\MP4C_WS.dll
2020-04-17 14:30 - 2015-07-21 13:50 - 000055296 _____ (Tomabo) [File not signed] C:\Program Files (x86)\Tomabo\MP4 Player\MP4P_WS.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-3687056350-4107627854-1885962915-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3687056350-4107627854-1885962915-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Toolbar: HKU\S-1-5-21-3687056350-4107627854-1885962915-1001 -> No Name - {C500C267-63BF-451F-8797-4D720C9A2ED9} -  No File

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2019-04-19 18:11 - 2021-01-31 05:20 - 000000552 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
168.137.162 X.mshome.net # 2020 7 0 5 23 14 33 670

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Users\USER\AppData\Local\Microsoft\WindowsApps;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\USER\Desktop\2637581.jpg
HKU\S-1-5-80-2318606733-4105731500-2265514868-2382646068-3090068018\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: Connectify WLAN LightWeight Filter -> nt_cfywlan2 (enabled) 
Wi-Fi: Connectify LightWeight Filter -> nt_cnnctfy4 (enabled) 
Ethernet: Connectify LightWeight Filter -> nt_cnnctfy4 (enabled) 
Ethernet 4: Connectify LightWeight Filter -> nt_cnnctfy4 (enabled) 
Ethernet 2: Connectify LightWeight Filter -> nt_cnnctfy4 (enabled) 

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "NI Error Reporting.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Connectify Hotspot"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\...\StartupApproved\Run: => "com.blitz.app"
HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\...\StartupApproved\Run: => "Synapse3"
HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\...\StartupApproved\Run: => "Spotify_Lyrics.NET_Helper_UWP"
HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3687056350-4107627854-1885962915-1001\...\StartupApproved\Run: => "EpicGamesLauncher"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{9D8D4D53-870E-48FC-863D-2DE04CBBDFF9}C:\program files\windowsapps\spotifyab.spotifymusic_1.133.569.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.133.569.0_x86__zpdnekdrzrea0\spotify.exe => No File
FirewallRules: [UDP Query User{DB6E0BCA-1430-445B-B2FD-9B321FFE6570}C:\program files\windowsapps\spotifyab.spotifymusic_1.133.569.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.133.569.0_x86__zpdnekdrzrea0\spotify.exe => No File
FirewallRules: [TCP Query User{87C331BC-3812-42DC-966A-DB1F2C83ED92}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{53543EBB-E1CA-46F8-9BBE-26E377EDD268}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{B16EAAFE-BD1A-47B1-A7A3-39BFCBEFAB86}C:\users\user\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\user\appdata\local\programs\blitz\blitz.exe => No File
FirewallRules: [UDP Query User{008E360A-48D2-45B5-918D-A698614335A2}C:\users\user\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\user\appdata\local\programs\blitz\blitz.exe => No File
FirewallRules: [TCP Query User{FAE2DB7E-F39E-436B-8C14-F288724C7179}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{6FB9B39A-227A-4FDF-8BE6-BF7CFEDFCF2D}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{B52DB890-B84B-4CF1-8250-7163962B52AE}C:\program files\windowsapps\spotifyab.spotifymusic_1.133.569.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.133.569.0_x86__zpdnekdrzrea0\spotify.exe => No File
FirewallRules: [UDP Query User{A029328C-D0BA-4FA2-BA82-E366C3A8978A}C:\program files\windowsapps\spotifyab.spotifymusic_1.133.569.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.133.569.0_x86__zpdnekdrzrea0\spotify.exe => No File
FirewallRules: [TCP Query User{68ED2F80-DC61-401D-8186-946009B9A7A8}C:\users\user\appdata\local\programs\blitz\blitz.exe] => (Block) C:\users\user\appdata\local\programs\blitz\blitz.exe => No File
FirewallRules: [UDP Query User{9AE4E4DD-5F1F-4EAA-8D68-71BE6E9B9AB7}C:\users\user\appdata\local\programs\blitz\blitz.exe] => (Block) C:\users\user\appdata\local\programs\blitz\blitz.exe => No File
FirewallRules: [{AB141F27-7CEA-4046-B48A-8E91A3E225D6}] => (Allow) C:\Program Files (x86)\arcai.com\aips.exe => No File
FirewallRules: [{2CC5CBB8-E1F2-47EB-B37A-E83696BCE46E}] => (Allow) C:\Program Files (x86)\arcai.com\aips.exe => No File
FirewallRules: [TCP Query User{101D4FBD-6F51-4D07-B96F-8DDBA204B525}C:\program files (x86)\steam\steam.exe] => (Block) C:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{AFBE832F-2004-410A-98F8-9D93E14690AA}C:\program files (x86)\steam\steam.exe] => (Block) C:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FA209DC6-6D51-4326-B7E6-FC8D6C7FDBB2}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CF2C726E-DCCB-45AF-BEA5-071600F76780}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B9368BB4-2E2E-4118-AA13-F24F25386D60}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{21C13F38-2D9C-4DCB-A170-DDBF2F939FB7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C20F9414-06E9-4A2E-B475-239FE73A893E}] => (Allow) C:\Program Files (x86)\arcai.com\netcut_windows.exe => No File
FirewallRules: [{A5DC2182-48A7-46F0-B78A-23249FCB1752}] => (Allow) C:\Program Files (x86)\arcai.com\netcut_windows.exe => No File
FirewallRules: [{C49148CA-3FED-4805-AC2D-D5FD16804217}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{72FE72C7-6BBF-43CE-B896-4B820B1FACBD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8A3BB187-468E-4D84-9792-02A814D0A23C}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe (National Instruments Corporation -> National Instruments Corporation)
FirewallRules: [{DF58609B-7294-4D7B-8E9A-A4EABA727F0B}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe (National Instruments Corporation -> National Instruments Corporation)
FirewallRules: [{A9C2A7E2-75FE-4C61-8B15-6FCD44513AE3}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe (National Instruments Corporation -> National Instruments Corporation)
FirewallRules: [{6CC2467A-7560-423B-B05D-B4C771F3C8C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{D1C46930-5AB2-4325-A331-FD55837D89B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{265FF968-EFBC-4D71-941F-A395A7AE59CB}C:\program files\windowsapps\appleinc.itunes_12106.2.48003.0_x64__nzyj5cx40ttqa\itunes.exe] => (Allow) C:\program files\windowsapps\appleinc.itunes_12106.2.48003.0_x64__nzyj5cx40ttqa\itunes.exe => No File
FirewallRules: [UDP Query User{BF80464D-2FF3-41E6-A11A-3CEEE6B1FD95}C:\program files\windowsapps\appleinc.itunes_12106.2.48003.0_x64__nzyj5cx40ttqa\itunes.exe] => (Allow) C:\program files\windowsapps\appleinc.itunes_12106.2.48003.0_x64__nzyj5cx40ttqa\itunes.exe => No File
FirewallRules: [TCP Query User{5E7136E8-FE3A-49AB-829B-E587DFB5F83D}C:\program files\windowsapps\appleinc.itunes_12106.2.48003.0_x64__nzyj5cx40ttqa\itunes.exe] => (Block) C:\program files\windowsapps\appleinc.itunes_12106.2.48003.0_x64__nzyj5cx40ttqa\itunes.exe => No File
FirewallRules: [UDP Query User{F11B383E-EBE9-418A-B131-0F91E0336B5D}C:\program files\windowsapps\appleinc.itunes_12106.2.48003.0_x64__nzyj5cx40ttqa\itunes.exe] => (Block) C:\program files\windowsapps\appleinc.itunes_12106.2.48003.0_x64__nzyj5cx40ttqa\itunes.exe => No File
FirewallRules: [TCP Query User{10587E0F-7DA2-4AE1-9B47-0F615A24ED68}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{40100E60-43B4-4664-A0A5-906738800E92}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{35823324-17AC-430E-AF37-5C1B60422320}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\user\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{877D52EB-8A68-439A-9AA7-4EAEDCC71F9C}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\user\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{51A4E21E-B249-4BC6-A99C-678EB741BC25}] => (Allow) C:\Users\USER\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{776A9356-E25F-4F3E-9AB3-56A7B9911DD3}] => (Allow) C:\Users\USER\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{DDA13248-E78F-4A6C-AB00-E5B8E3D66606}] => (Allow) C:\Users\USER\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{FF6E959D-6750-40D9-909D-33C31AD79169}C:\users\user\downloads\anydesk.exe] => (Allow) C:\users\user\downloads\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [UDP Query User{E1D8DD72-C7D7-41F9-B962-2FDAFF3404D0}C:\users\user\downloads\anydesk.exe] => (Allow) C:\users\user\downloads\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{53DD62D2-E541-45CF-9501-262C26A1238E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{37811804-3EE5-446D-B62C-D9A9D9E9BE1E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E20D31FD-6CB9-48F1-BE33-EF543F3C7B0E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B7774B89-41B1-47AB-89A3-229F7331FF56}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7681C4AC-2799-4B36-99BE-2AF08B71AF98}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B10F08C9-890F-4164-9A10-A1416DF7AECE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1C13A173-7B41-4CA9-AAAA-1FFD964D432C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4DA73A06-238C-4070-B6CA-B76C7F404C8C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{619E791D-848F-4748-A732-CA54E1E53C6B}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{387883CD-6BD2-44A1-ABBF-73D506D2A587}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5626358D-0393-434B-A26A-AD7CC372C645}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8B7A88AB-0289-4A5F-A7DE-3C5FC78B104C}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F4780D49-76A4-42A7-949E-537CC8350646}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{38AE7F8C-F1E9-43B7-9B5B-2F989DFC9F9B}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{23B344ED-52E7-4F26-BF5D-10001FC86519}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8E988352-F27D-4F9C-A2B4-4289336B04EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{797E6EA9-D98F-49FE-93E8-CA7FE39D72FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4DD39B73-C575-4B0C-B93C-9F58CB7C2A9C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{88CAC388-40A2-48CD-8DF5-8326B37FFCF2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13628.20274.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BF1596D7-F87A-4FD1-B938-EE15B335B1B4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3438C717-E478-46D2-99E7-24D60A0301EB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FC22977C-1682-4107-BAFE-E0F2ECE6A5AC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0D811981-CEAF-4CCF-8DA9-B5AC0EFBBD7A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5D4B5690-240F-41EC-83EE-1AE5E2999D44}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A8FD526E-9793-4FA6-806F-7E093972EF94}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EB613E8F-51F4-44CF-BA3C-32E90EDF93D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CF450FCE-76C0-4238-9B3E-9DC0B7C004A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{64054B5A-8822-4D98-B431-5B711AF5D26A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7B4E0DEF-E659-4D4A-B169-4837735C5030}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A4CAFC96-B5E6-43B4-AD74-DBD38378FEA7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{840B6C77-247F-45A5-9E1C-E76B23D5B492}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1A6F3FBE-DCFA-4A8E-9510-FC6755935B1B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{A6A75BD3-5316-4F72-B716-2FA784C36225}C:\program files\windowsapps\arduinollc.arduinoide_1.8.42.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe] => (Allow) C:\program files\windowsapps\arduinollc.arduinoide_1.8.42.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe
FirewallRules: [UDP Query User{A6F6C5ED-C946-48E1-9434-797F7592798E}C:\program files\windowsapps\arduinollc.arduinoide_1.8.42.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe] => (Allow) C:\program files\windowsapps\arduinollc.arduinoide_1.8.42.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe
FirewallRules: [{DD589424-9370-484F-92E6-5F88F5AA120A}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC)
FirewallRules: [{16DE18F3-DA95-4CE5-BF2E-C64E6685346D}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Tomabo\MP4 Player\MP4Downloader.exe] => Enabled:MP4 Downloader

==================== Restore Points =========================

03-03-2021 14:20:54 Scheduled Checkpoint
09-03-2021 01:56:27 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/09/2021 02:15:28 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4956,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (03/09/2021 02:11:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 4.0.0.897, time stamp: 0x6019d411
Faulting module name: Qt5Core.dll, version: 5.14.1.0, time stamp: 0x5f84e8d4
Exception code: 0xc0000005
Fault offset: 0x0000000000219dc5
Faulting process id: 0x14ec
Faulting application start time: 0x01d71424f36e0deb
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: 2717494c-aa33-4a3c-932d-295fe72bb86d
Faulting package full name: 
Faulting package-relative application ID:

Error: (03/09/2021 02:01:41 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 25136 and the required size was 40768.

Error: (03/09/2021 01:03:32 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (604,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (03/09/2021 12:44:57 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5576,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (03/09/2021 12:01:40 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14660,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (03/08/2021 11:55:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7920,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (03/08/2021 10:55:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10820,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


System errors:
=============
Error: (03/09/2021 02:09:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Razer Synapse Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/09/2021 02:09:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Dynamic Application Loader Host Interface Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/09/2021 02:09:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 6000 milliseconds: Restart the service.

Error: (03/09/2021 02:09:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Connectify Hotspot 2020 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (03/09/2021 02:09:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NI PSP Service Locator service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/09/2021 02:09:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Razer Chroma SDK Server service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (03/09/2021 02:09:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NI Authentication Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/09/2021 02:09:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NI Domain Service service terminated unexpectedly.  It has done this 1 time(s).


Windows Defender:
================
Date: 2021-03-08 16:04:27.378
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/CoinMiner.N!cl&threatid=2147761796&enterprise=0
Name: Trojan:Win32/CoinMiner.N!cl
Severity: Severe
Category: Trojan
Path: file:_C:\Users\USER\Services.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.331.2432.0, AS: 1.331.2432.0, NIS: 1.331.2432.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-03-08 16:02:04.772
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/CoinMiner.N!cl&threatid=2147761796&enterprise=0
Name: Trojan:Win32/CoinMiner.N!cl
Severity: Severe
Category: Trojan
Path: file:_C:\Users\USER\Services.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.331.2432.0, AS: 1.331.2432.0, NIS: 1.331.2432.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-03-08 15:40:54.629
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Wacapew.C!ml&threatid=265744&enterprise=0
Name: Program:Win32/Wacapew.C!ml
Severity: High
Category: Potentially Unwanted Software
Path: file:_C:\Users\USER\AppData\Local\Microsoft\Windows\INetCache\IE\6XD28CS4\setup[1].exe; file:_C:\Users\USER\AppData\Local\Temp\nsy78DD.tmp\setup_3.exe; file:_C:\Users\USER\AppData\Local\Temp\XwdHdBhDGVzPNSLjY\srfpYPkWdYlIHfI\sOEHORW.exe; file:_C:\Windows\System32\Tasks\bPQWuBtlTggzDQMyKr->(UTF-16LE); file:_C:\Windows\Temp\oNmaQRTdqdgSfwxw\oQLBqOEujNAsUQB\WzmlunH.exe; process:_pid:2760,ProcessStart:132596842120114167; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77F38EED-EA37-4492-8313-C8CA338EA739}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bPQWuBtlTggzDQMyKr; taskscheduler:_C:\Windows\System32\Tasks\bPQWuBtlTggzDQMyKr
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\Temp\oNmaQRTdqdgSfwxw\oQLBqOEujNAsUQB\WzmlunH.exe
Security intelligence Version: AV: 1.331.2432.0, AS: 1.331.2432.0, NIS: 1.331.2432.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-03-08 15:40:38.903
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Wacapew.C!ml&threatid=265744&enterprise=0
Name: Program:Win32/Wacapew.C!ml
Severity: High
Category: Potentially Unwanted Software
Path: file:_C:\Users\USER\AppData\Local\Temp\nsy78DD.tmp\setup_3.exe; file:_C:\Users\USER\AppData\Local\Temp\XwdHdBhDGVzPNSLjY\srfpYPkWdYlIHfI\sOEHORW.exe; file:_C:\Windows\System32\Tasks\bPQWuBtlTggzDQMyKr->(UTF-16LE); file:_C:\Windows\Temp\oNmaQRTdqdgSfwxw\oQLBqOEujNAsUQB\WzmlunH.exe; process:_pid:12464,ProcessStart:132596843221230380; process:_pid:2760,ProcessStart:132596842120114167; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77F38EED-EA37-4492-8313-C8CA338EA739}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bPQWuBtlTggzDQMyKr; taskscheduler:_C:\Windows\System32\Tasks\bPQWuBtlTggzDQMyKr
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
Security intelligence Version: AV: 1.331.2432.0, AS: 1.331.2432.0, NIS: 1.331.2432.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-03-08 15:40:35.856
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Wacapew.C!ml&threatid=265744&enterprise=0
Name: Program:Win32/Wacapew.C!ml
Severity: High
Category: Potentially Unwanted Software
Path: file:_C:\Users\USER\AppData\Local\Microsoft\Windows\INetCache\IE\6XD28CS4\setup[1].exe; file:_C:\Users\USER\AppData\Local\Temp\nsy78DD.tmp\setup_3.exe; file:_C:\Users\USER\AppData\Local\Temp\XwdHdBhDGVzPNSLjY\srfpYPkWdYlIHfI\sOEHORW.exe; file:_C:\Windows\System32\Tasks\bPQWuBtlTggzDQMyKr->(UTF-16LE); file:_C:\Windows\Temp\oNmaQRTdqdgSfwxw\oQLBqOEujNAsUQB\WzmlunH.exe; process:_pid:2760,ProcessStart:132596842120114167; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77F38EED-EA37-4492-8313-C8CA338EA739}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bPQWuBtlTggzDQMyKr; taskscheduler:_C:\Windows\System32\Tasks\bPQWuBtlTggzDQMyKr
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\Temp\oNmaQRTdqdgSfwxw\oQLBqOEujNAsUQB\WzmlunH.exe
Security intelligence Version: AV: 1.331.2432.0, AS: 1.331.2432.0, NIS: 1.331.2432.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-03-04 14:10:01.271
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.331.2269.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17800.5
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 

Date: 2021-02-22 12:10:08.178
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.331.427.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17800.5
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 

Date: 2021-02-22 12:10:08.176
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.331.427.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17800.5
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 

Date: 2021-02-22 12:10:08.174
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.331.427.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17800.5
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 

Date: 2021-02-22 12:10:08.156
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.331.427.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17800.5
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 

==================== Memory info =========================== 

BIOS: American Megatrends Inc. GL553VD.307 04/10/2018
Motherboard: ASUSTeK COMPUTER INC. GL553VD
Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 67%
Total physical RAM: 8076.82 MB
Available physical RAM: 2586.7 MB
Total Virtual: 9920.68 MB
Available Virtual: 3110.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:930.46 GB) (Free:416.56 GB) NTFS

\\?\Volume{17dc8b20-908f-48da-a1fc-d7cc403d107d}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.35 GB) NTFS
\\?\Volume{16235a1d-262b-47bf-b6b4-415aaca0870b}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 81A92295)

Partition: GPT.

==================== End of Addition.txt =======================

This is one hell of a big reply hahah!

Best regards

Saliba

 

 

Link to post
Share on other sites

Hiya Saliba,

Thanks for those logs, continue:

Please download the attached fixlist.txt file and save it to the Desktop or location where you ran FRST from.

NOTE. It's important that both files, FRST or FRSTEnglish, and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt) or wherever you ran FRST from. Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

NOTE-1: This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files.

NOTE-2: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications will be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed.

The following directories are emptied:
 
  • Windows Temp
  • Users Temp folders
  • Edge, IE, FF, Chrome and Opera caches, HTML5 storages, Cookies and History
  • Recently opened files cache
  • Flash Player cache
  • Java cache
  • Steam HTML cache
  • Explorer thumbnail and icon cache
  • BITS transfer queue (qmgr*.dat files)
  • Recycle Bin


Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix.

user posted image

The system will be rebooted after the fix has run.

Next,

Download "Microsoft's Safety Scanner" and save direct to the desktop

Ensure to get the correct version for your system....

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download


Right click on the Tool, select Run as Administrator the tool will expand to the options Window
In the "Scan Type" window, select Quick Scan
Perform a scan and Click Finish when the scan is done.


Retrieve the MSRT log as follows, and post it in your next reply:

1) Select the Windows key and R key together to open the "Run" function
2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

notepad c:\windows\debug\msert.log

The log will include log details for each time MSRT has run, we only need the most recent log by date and time....

Let me see those logs in your reply, also let me know if there are any remaining issues or concerns....

Thank you,

Kevin...

fixlist.txt

Link to post
Share on other sites

Hello, yesterday i did the steps and sent you the reply with the logs, but when i was doing everything, out of nowhere, my laptop was downloading some updates in the background. I was a little bit skeptical as why my laptop did some updates even though i was always ignoring those updates. I Turned off my laptop and went to sleep. 

Today, i start up my laptop and he was installing some updates. It literally took more than an hour to install them. After finishing those updates, the laptop was sooo laggy. Like it was so slow i dont know why. I open chrome to attend my classes, chrome is slow as well but the problem is not here. Whenever i try to open a new tab or click anywhere in the chrome windows, an ad pops up on another tab. If i close it and try to go to another website , another ad pops up on the same tab that i was using . I am pretty sure i downloaded  the same programs you told me to download and didn't do anything extra. Can you please help me? 

Link to post
Share on other sites

Fixlog.txt this is the fixlog

Below is the log from the microsoft safety scanner


---------------------------------------------------------------------------------------

Microsoft Safety Scanner v1.0, (build 1.333.33.0)
Started On Tue Mar 09 18:24:14 2021
->Scan ERROR: resource process://pid:9520,ProcessStart:132597791005775330 (code 0x0000012B (299))
->Scan ERROR: resource process://pid:1600,ProcessStart:132597789689195408 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:10064,ProcessStart:132597790945336278 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:4492,ProcessStart:132597789284919410 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:1808,ProcessStart:132597792874783454 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:8716,ProcessStart:132597792361408962 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:12192,ProcessStart:132597792728855185 (code 0x00000005 (5))
->Scan ERROR: resource file://C:\hiberfil.sys (code 0x00000021 (33))
->Scan ERROR: resource file://C:\hiberfil.sys (code 0x00000021 (33))
->Scan ERROR: resource file://C:\pagefile.sys (code 0x00000021 (33))
->Scan ERROR: resource file://C:\pagefile.sys (code 0x00000021 (33))
->Scan ERROR: resource file://C:\swapfile.sys (code 0x00000021 (33))
->Scan ERROR: resource file://C:\swapfile.sys (code 0x00000021 (33))

Quick Scan Results for 2F6F7DA0-FBCB-4A39-94E8-B9447473620C:
----------------
Threat detected: VirTool:Win32/DefenderTamperingRestore
    regkeyvalue://hklm\software\microsoft\windows defender\\DisableAntiSpyware
        SigSeq: 0x0000055555C57273

Quick Scan Removal Results
----------------
Start 'remove' for regkeyvalue://hklm\software\microsoft\windows defender\\DisableAntiSpyware
Operation succeeded !


Results Summary:
----------------
Found VirTool:Win32/DefenderTamperingRestore and Removed!
Microsoft Safety Scanner Finished On Tue Mar 09 18:31:43 2021


Return code: 6 (0x6)
 

Link to post
Share on other sites

Hiya Saliba,

Thanks for those logs, continue as follows:

Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the new logs. "FRST.txt" and "Addition.txt"

user posted image
 
Thank you,
 
Kevin...
Link to post
Share on other sites

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.