Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-03-2020 Ran by asus (04-04-2020 20:54:27) Running from C:\Users\asus\Desktop Windows 10 Home Single Language Version 1909 18363.657 (X64) (2019-12-24 05:54:15) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2987826816-1455516208-1627320750-500 - Administrator - Disabled) asus (S-1-5-21-2987826816-1455516208-1627320750-1001 - Administrator - Enabled) => C:\Users\asus DefaultAccount (S-1-5-21-2987826816-1455516208-1627320750-503 - Limited - Disabled) Guest (S-1-5-21-2987826816-1455516208-1627320750-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2987826816-1455516208-1627320750-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Android Studio (HKLM\...\Android Studio) (Version: 3.5 - Google LLC) Application Verifier x64 External Package (HKLM\...\{10CA1677-8F02-3131-F25C-780BAB52E468}) (Version: 10.1.18362.1 - Microsoft) Hidden ARMOURY CRATE Service (HKLM\...\{01378DC3-088F-4F55-AAFA-DC6A9CCA292A}) (Version: 2.6.17 - ASUS) ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.2.19.0 - ASUSTek COMPUTER INC.) Hidden ASUS Aac_NBDT HAL (HKLM-x32\...\{58e6cc8d-a70b-4c00-95d6-b8c0ac057512}) (Version: 2.2.19.0 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.21 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Display Component (HKLM-x32\...\{c58f0770-46aa-4b41-a148-b9b73a1451f7}) (Version: 1.1.21 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.2.1 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Headset Component (HKLM-x32\...\{fe55c1b5-bc05-4822-873e-412743572d3e}) (Version: 1.2.1 - ASUSTek COMPUTER INC.) Hidden ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.03.50 - ASUSTek COMPUTER INC.) Hidden ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.33 - ASUSTek COMPUTER INC.) Hidden ASUS Keyboard HAL (HKLM-x32\...\{43baebef-1237-4e88-be25-d3834308a0c6}) (Version: 1.0.33 - ASUSTek COMPUTER INC.) Hidden ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.29 - ASUSTeK Computer Inc.) Hidden ASUS MB Peripheral Products (HKLM-x32\...\{f651776f-58aa-42a2-ab37-593fb3d78ef2}) (Version: 1.0.29 - ASUSTeK Computer Inc.) Hidden ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.29 - ASUSTek COMPUTER INC.) Hidden ASUS Mouse HAL (HKLM-x32\...\{e3f99131-d5d0-4805-96a7-7e126e8295dd}) (Version: 1.0.29 - ASUSTek COMPUTER INC.) Hidden ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.17 - ASUSTeK Computer Inc.) Hidden AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.03.95 - ASUSTeK Computer Inc.) Hidden AURA Service (HKLM-x32\...\{a372961a-54d6-4dbe-a1a6-b77c621fda65}) (Version: 3.03.95 - ASUSTeK Computer Inc.) Blender (HKLM\...\{EDFAE2A8-E73B-4CD1-9648-46A7E4434BDA}) (Version: 2.82.1 - Blender Foundation) Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 80.1.5.123 - Brave Software Inc) CodeBlocks (HKU\S-1-5-21-2987826816-1455516208-1627320750-1001\...\CodeBlocks) (Version: 17.12 - The Code::Blocks Team) DiagnosticsHub_CollectionService (HKLM\...\{1F3C3AAC-9F7A-47DA-A082-0ACE770041BE}) (Version: 16.1.28901 - Microsoft Corporation) Hidden Discord (HKU\S-1-5-21-2987826816-1455516208-1627320750-1001\...\Discord) (Version: 0.0.306 - Discord Inc.) DSB Notification (HKLM\...\{A82D01C4-0F9C-4FD6-9E2F-EDBD1E9826DC}) (Version: 1.2.1 - ASUSTeK COMPUTER INC.) Git version 2.24.1.2 (HKLM\...\Git_is1) (Version: 2.24.1.2 - The Git Development Community) icecap_collection_neutral (HKLM-x32\...\{985FBEB2-DBE9-407D-B1E9-B07E0E4D0CBC}) (Version: 16.4.29430 - Microsoft Corporation) Hidden icecap_collection_x64 (HKLM\...\{1C86330F-D72E-4268-B461-758854BC4A52}) (Version: 16.4.29430 - Microsoft Corporation) Hidden icecap_collectionresources (HKLM-x32\...\{9E7C1C9B-6E2E-4057-857D-62F7F5ABE36B}) (Version: 16.4.29430 - Microsoft Corporation) Hidden icecap_collectionresourcesx64 (HKLM-x32\...\{F5C67FC5-BF18-4304-9268-A971876B245A}) (Version: 16.4.29411 - Microsoft Corporation) Hidden Kits Configuration Installer (HKLM-x32\...\{63AAA877-5536-9481-2385-28A082100D78}) (Version: 10.1.18362.1 - Microsoft) Hidden Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2987826816-1455516208-1627320750-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM\...\{8D7CE3B0-5379-46FE-9F4B-A65D9F4CC1F1}) (Version: 15.0.1200.24 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM-x32\...\{725CC962-98BD-42C7-87D8-51C680FB1779}) (Version: 15.0.1200.24 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation) Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2987826816-1455516208-1627320750-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.43.0 - Microsoft Corporation) Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.4.1080.1113 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Mozilla Firefox 73.0 (x64 en-US) (HKLM\...\Mozilla Firefox 73.0 (x64 en-US)) (Version: 73.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla) MSI Development Tools (HKLM-x32\...\{DB4DB790-64DD-1902-4BF2-833B3B6DBCA1}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Node.js (HKLM\...\{41408FBE-699A-4989-83CA-AB035EECA740}) (Version: 12.13.1 - Node.js Foundation) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation) NVIDIA Graphics Driver 445.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.75 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation) NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) RefreshRateService (HKLM-x32\...\{7E5E84CB-B190-4658-A4DC-166779C329D1}) (Version: 1.0.16 - ASUSTeK COMPUTER INC.) ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.0.24.0 - ASUSTek COMPUTER INC.) SDK ARM Additions (HKLM-x32\...\{73681F86-CD86-4208-572F-959B45430B04}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden SDK ARM Redistributables (HKLM-x32\...\{67EE3804-9642-62BA-EBF1-B1561FB4ECBE}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Universal CRT Extension SDK (HKLM-x32\...\{13952D7A-B7B3-F4F8-5F29-5CD18E8168B7}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (HKLM-x32\...\{74CBC330-ED16-31B9-E8BE-0C6A8E67DE32}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Universal CRT Redistributable (HKLM-x32\...\{847D4DAF-0182-265B-324F-406462E8A90D}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Universal CRT Tools x64 (HKLM\...\{54FE4D23-11A2-F1C4-76E9-79C8FB40A4A1}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Universal CRT Tools x86 (HKLM-x32\...\{9F7B0D96-881D-8850-C303-43F3A08E6902}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Universal General MIDI DLS Extension SDK (HKLM-x32\...\{6F54BF87-2EE6-FA6D-431D-33A665992D49}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) vcpp_crt.redist.clickonce (HKLM-x32\...\{A8059244-ADC7-4A76-9EEA-E0562F480BDE}) (Version: 14.24.28127 - Microsoft Corporation) Hidden Visual Studio Community 2019 (HKLM-x32\...\ee0e8fdd) (Version: 16.4.29806.167 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) VS Immersive Activate Helper (HKLM-x32\...\{78500789-0EBE-4490-BE43-F9EF8250BF42}) (Version: 16.0.98.0 - Microsoft Corporation) Hidden VS JIT Debugger (HKLM\...\{4137D3AB-5B44-4AC9-83A4-5273F2E2547E}) (Version: 16.0.98.0 - Microsoft Corporation) Hidden VS Script Debugging Common (HKLM\...\{D8B26CBD-15D2-440B-BCBD-5616D74EFC7D}) (Version: 16.0.98.0 - Microsoft Corporation) Hidden vs_communitymsi (HKLM-x32\...\{597EE310-E88F-49D9-ADD5-DB6677766E7B}) (Version: 16.4.29709 - Microsoft Corporation) Hidden vs_communitymsires (HKLM-x32\...\{95E79BBC-97FD-4FEB-91B5-CC0231324812}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_filehandler_amd64 (HKLM-x32\...\{709D609A-B91C-4C1C-890B-966470991D67}) (Version: 16.4.29709 - Microsoft Corporation) Hidden vs_filehandler_x86 (HKLM-x32\...\{6BC9BFD7-46B4-46CF-B248-DEC2B7E2028B}) (Version: 16.4.29709 - Microsoft Corporation) Hidden vs_FileTracker_Singleton (HKLM-x32\...\{692A0FB3-E6A2-4D41-AC03-4136B4312DC0}) (Version: 16.3.29209 - Microsoft Corporation) Hidden vs_Graphics_Singletonx64 (HKLM\...\{ABBD10CA-0CFA-4D76-B033-F76C55A54336}) (Version: 16.4.29411 - Microsoft Corporation) Hidden vs_Graphics_Singletonx86 (HKLM-x32\...\{E47B4703-2337-4ED0-BA24-3EC08D643684}) (Version: 16.4.29411 - Microsoft Corporation) Hidden vs_minshellinteropmsi (HKLM-x32\...\{27B16914-BC5D-4018-8074-071262A27F6D}) (Version: 16.2.28917 - Microsoft Corporation) Hidden vs_minshellmsi (HKLM-x32\...\{472A5337-3393-436B-8656-00810D36BD67}) (Version: 16.4.29709 - Microsoft Corporation) Hidden vs_minshellmsires (HKLM-x32\...\{EC04CD66-C03A-470D-B0D2-4BBC87F6382D}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_tipsmsi (HKLM-x32\...\{E208E682-50EE-4F2F-9860-C91B906B8A03}) (Version: 16.0.28329 - Microsoft Corporation) Hidden WinAppDeploy (HKLM-x32\...\{8E3AE0EF-D067-700C-BDB4-10D5552155DC}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Windows SDK AddOn (HKLM-x32\...\{E6F877A1-2F65-4BF0-87B6-A4071B7663D3}) (Version: 10.1.0.0 - Microsoft Corporation) Windows Software Development Kit - Windows 10.0.18362.1 (HKLM-x32\...\{126dedf0-cc0e-4b48-9ece-806b0e437195}) (Version: 10.1.18362.1 - Microsoft Corporation) WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH) WinRT Intellisense Desktop - en-us (HKLM-x32\...\{E67F1F03-FB4A-3D61-8999-E6A4C4B26F34}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{7EF010FF-7800-28BA-FF49-2D219EC7BA82}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense IoT - en-us (HKLM-x32\...\{36AE12FB-4349-6EAA-B6E4-5F4E06FA8AE8}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{6B03A6A4-643C-57CE-CA6F-4E19BF47497A}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense Mobile - en-us (HKLM-x32\...\{918A448F-59E8-FBF5-B087-D3F07160C7E0}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense PPI - en-us (HKLM-x32\...\{66483041-F590-EC46-4AF0-EE39C62FB680}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{9C61E6D2-C43E-6746-B519-6185558C4A24}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense UAP - en-us (HKLM-x32\...\{6B37CC5B-78DF-5050-2215-68479716A587}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{250D5341-0879-4016-399C-BBCD87B80E95}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Packages: ========= AMD Display Optimizations -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDDisplayEnhance_10.18.21.0_x64__0a9344xs7nr4m [2019-12-21] (Advanced Micro Devices Inc.) ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_2.6.10.0_x64__qmba6cd70vzyy [2020-03-04] (ASUSTeK COMPUTER INC.) Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.32.4.0_x86__kgqvnymyfvs32 [2020-03-05] (king.com) Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1720.1.0_x86__kgqvnymyfvs32 [2020-03-12] (king.com) Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.4081.0_x64__rz1tebttyb220 [2020-01-30] (Dolby Laboratories) DTS Headphone:X v1 -> C:\Program Files\WindowsApps\dtsinc.dtsheadphonexv1_1.2.4.0_x64__t5j2fzbtdg37r [2019-12-22] (DTS, Inc.) GameVisual -> C:\Program Files\WindowsApps\B9ECED6F.GameVisual_2.2.2.0_x64__qmba6cd70vzyy [2020-01-23] (ASUSTeK COMPUTER INC.) [Startup Task] LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-12-22] (LinkedIn) Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.12527.20242.0_x86__8wekyb3d8bbwe [2020-03-05] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-21] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-21] (Microsoft Corporation) [MS Ad] Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.12527.20242.0_x86__8wekyb3d8bbwe [2020-03-05] (Microsoft Corporation) Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20583.0_x64__8wekyb3d8bbwe [2020-03-12] (Microsoft Corporation) [MS Ad] Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.12527.20242.0_x86__8wekyb3d8bbwe [2020-03-05] (Microsoft Corporation) Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12527.20242.0_x86__8wekyb3d8bbwe [2020-03-05] (Microsoft Corporation) Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.12527.20242.0_x86__8wekyb3d8bbwe [2020-03-05] (Microsoft Corporation) Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.12527.20242.0_x86__8wekyb3d8bbwe [2020-03-05] (Microsoft Corporation) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-21] (Microsoft Studios) [MS Ad] Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.12527.20242.0_x86__8wekyb3d8bbwe [2020-03-05] (Microsoft Corporation) MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20503.0_x64__8wekyb3d8bbwe [2020-03-12] (Microsoft Corporation) [MS Ad] MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_2.2.10.0_x64__qmba6cd70vzyy [2020-02-28] (ASUSTeK COMPUTER INC.) [Startup Task] NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.956.0_x64__56jybvy8sckqj [2019-12-22] (NVIDIA Corp.) Photo Editor | Polarr -> C:\Program Files\WindowsApps\613EBCEA.PolarrPhotoEditorAcademicEdition_5.10.150.0_x64__jb41c8remg0x2 [2020-03-12] (Polarr) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.169.0_x64__dt26b99r8h8gj [2019-12-22] (Realtek Semiconductor Corp) Sketchable -> C:\Program Files\WindowsApps\SiliconBendersLLC.Sketchable_5.0.16.0_x64__r2kxzpx527qgj [2020-03-12] (Silicon Benders LLC) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-03-25] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_af6519e6e3300977\nvshext.dll [2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e2f3576b7abb043d\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory=Default ==================== Loaded Modules (Whitelisted) ============= ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2018-09-15 13:16 - 2018-09-15 13:16 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2987826816-1455516208-1627320750-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\asus\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\galaxies-wallpaper-14.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) MSCONFIG\Services: AdobeUpdateService => 2 MSCONFIG\Services: AGMService => 2 MSCONFIG\Services: AGSService => 2 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: ArmouryCrateService => 2 MSCONFIG\Services: asus => 2 MSCONFIG\Services: ASUSLinkNear => 2 MSCONFIG\Services: ASUSLinkRemote => 2 MSCONFIG\Services: asusm => 3 MSCONFIG\Services: ASUSOptimization => 2 MSCONFIG\Services: ASUSSoftwareManager => 2 MSCONFIG\Services: ASUSSystemAnalysis => 2 MSCONFIG\Services: ASUSSystemDiagnosis => 2 MSCONFIG\Services: brave => 2 MSCONFIG\Services: bravem => 3 MSCONFIG\Services: DTSAPO3Service => 2 MSCONFIG\Services: LightingService => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: NvContainerLocalSystem => 2 MSCONFIG\Services: NvContainerNetworkService => 3 MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2 MSCONFIG\Services: RefreshRateService => 2 MSCONFIG\Services: ROG Live Service => 2 MSCONFIG\Services: RtkAudioUniversalService => 2 MSCONFIG\Services: RtkBtManServ => 2 MSCONFIG\Services: Steam Client Service => 3 HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "AvastUI.exe" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKU\S-1-5-21-2987826816-1455516208-1627320750-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2987826816-1455516208-1627320750-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-2987826816-1455516208-1627320750-1001\...\StartupApproved\Run: => "Steam" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [UDP Query User{B6DFE427-DEF6-4381-8130-EF86ECE3292C}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe FirewallRules: [TCP Query User{5C4E0489-716A-4D80-B9FF-E262DDF08A4F}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe FirewallRules: [UDP Query User{33456F4F-1E74-4150-B103-03C7B2F088D0}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe FirewallRules: [TCP Query User{31C99C00-50C8-4D50-BE56-8453CC583587}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe FirewallRules: [{B20042AC-38C9-4654-B620-90F583E51851}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{9DAA6F1B-4744-460B-8F91-73E24F9C4488}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{9764AF7D-4D33-4824-BB46-58525F612CF6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.10730.20103.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe No File FirewallRules: [{13E51765-9FEC-431E-BBE8-D316808BF98A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{ED9ABAE9-232D-470E-9359-6C8B360E1F3C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{BC8C78BC-5F47-4E79-ABF2-53FD93560AF6}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK Computer Inc. -> ) FirewallRules: [TCP Query User{CBB3D407-8839-4AEF-81A5-D790D542FBF0}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe No File FirewallRules: [UDP Query User{D8A7E7F5-16A9-4ABF-82F5-6EC293ED3888}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe No File FirewallRules: [TCP Query User{107CCF32-FAC5-430C-9F43-413CDFBBBFE9}D:\games\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) D:\games\the witcher 2 enhanced edition\bin\witcher2.exe No File FirewallRules: [UDP Query User{4683300E-E3EB-4FE5-AE65-ECB024B65FAD}D:\games\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) D:\games\the witcher 2 enhanced edition\bin\witcher2.exe No File FirewallRules: [TCP Query User{811D39FA-6BD5-44BD-A1BD-56E87780AF55}D:\games\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) D:\games\the witcher 2 enhanced edition\bin\witcher2.exe No File FirewallRules: [UDP Query User{F796F13C-D179-4C86-8227-76EAAA458355}D:\games\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) D:\games\the witcher 2 enhanced edition\bin\witcher2.exe No File FirewallRules: [{4CC7B51C-FEF5-49BD-AE8B-54382B0E45D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{100081C3-9146-4913-AE24-4AA57FB519B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FC40A73B-9359-468B-9C78-0DD4A291979A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{0FB43244-2D91-40B8-9A29-2A728B15597E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{9A9878B6-8C45-46CC-9B72-9CE6A49BE195}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_cdacbd58a24d27d4\ASUSLinkRemote\LinktoMyASUS_Agent-remote.exe No File FirewallRules: [{6739F4CB-D9E8-4B7F-BA9A-114250E790AF}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_cdacbd58a24d27d4\ASUSLinkRemote\LinktoMyASUS_Agent-remote.exe No File FirewallRules: [{E5500F92-855F-4899-87F3-362B7957E0E2}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_cdacbd58a24d27d4\ASUSLinkRemote\LinktoMyASUS_Agent-remote.exe No File FirewallRules: [{0C187F94-CC18-4C45-AC32-EB66024B917C}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_cdacbd58a24d27d4\ASUSLinkRemote\LinktoMyASUS_Agent-remote.exe No File FirewallRules: [TCP Query User{86B9F015-6E12-4F8A-81BD-1C1830523E6A}C:\program files\android\android studio1\jre\bin\java.exe] => (Allow) C:\program files\android\android studio1\jre\bin\java.exe No File FirewallRules: [UDP Query User{0A31AEF7-1098-4EAD-B40C-E821880B4DEF}C:\program files\android\android studio1\jre\bin\java.exe] => (Allow) C:\program files\android\android studio1\jre\bin\java.exe No File FirewallRules: [TCP Query User{C706BB9A-680A-4D24-935D-2C7DADB920AB}C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe No File FirewallRules: [UDP Query User{035AED66-F871-445A-A632-455D6855244B}C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe No File FirewallRules: [TCP Query User{BA58459C-74C6-4731-B3B4-557C248BC938}C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe No File FirewallRules: [UDP Query User{5AC95D6E-E6A1-499F-AE2A-7189A1D6CF9F}C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe No File FirewallRules: [TCP Query User{4BD03EDD-FF2C-42F3-B4DD-39A158802265}D:\games\doom.2016\doomx64.exe] => (Allow) D:\games\doom.2016\doomx64.exe No File FirewallRules: [UDP Query User{DAE7176E-F540-4EA4-B14C-95607A55D78B}D:\games\doom.2016\doomx64.exe] => (Allow) D:\games\doom.2016\doomx64.exe No File FirewallRules: [TCP Query User{0B176D98-AD20-4A66-BEBF-2F5DE9456524}C:\program files\android\android studio1\jre\bin\java.exe] => (Allow) C:\program files\android\android studio1\jre\bin\java.exe No File FirewallRules: [UDP Query User{75FE936B-C026-43A0-8B17-150E458B82A4}C:\program files\android\android studio1\jre\bin\java.exe] => (Allow) C:\program files\android\android studio1\jre\bin\java.exe No File FirewallRules: [TCP Query User{4ED56317-D830-4885-8367-EA0F36D4E259}C:\users\asus\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\asus\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{7DB67535-9DF4-4FC1-9458-684E1F3A5518}C:\users\asus\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\asus\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{A959B66C-2A6B-4CB1-8783-FBA15C95F1C0}C:\users\asus\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\asus\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{7C533DF6-EF55-49C9-AC6E-DBBD32D9FBEB}C:\users\asus\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\asus\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C9225E85-AA8B-4212-B1D9-1FAB92CAE15A}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ad7335318d8ac5a5\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) FirewallRules: [{52D509ED-00F9-4156-AB6E-63063C2F742C}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ad7335318d8ac5a5\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) FirewallRules: [{B9912B5B-ED8D-4A1A-907F-5EE052D99E0D}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ad7335318d8ac5a5\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) FirewallRules: [{ECCC7345-F90B-47DF-8A46-F3D7EE1EC39D}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ad7335318d8ac5a5\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) FirewallRules: [TCP Query User{F0D86C67-C82B-43BE-B0D3-8D099E09CE6E}D:\games\doom.2016\doomx64.exe] => (Allow) D:\games\doom.2016\doomx64.exe No File FirewallRules: [UDP Query User{32C09130-B65D-4032-95EE-521E88A0E3BB}D:\games\doom.2016\doomx64.exe] => (Allow) D:\games\doom.2016\doomx64.exe No File FirewallRules: [{DD53D20B-D97B-44C8-98E9-B8D3EE306B24}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12527.20242.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{AAF3F56C-0DAF-4659-B517-9EA7DB729EA4}] => (Allow) D:\Games\Grand Theft Auto V\GTA5.exe No File FirewallRules: [{90060D29-511B-4B8E-9AC3-030AF96EE629}] => (Allow) D:\Games\Grand Theft Auto V\GTA5.exe No File FirewallRules: [{1BFE5A57-2FDA-44F2-809E-38683ADFCA21}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_610b7c1b6fee074c\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) FirewallRules: [{EB84FF4E-1B52-44BE-A4D6-049F7F24AE24}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_610b7c1b6fee074c\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) FirewallRules: [{FC7F1383-DE8A-4B05-A2A3-8D46C278244E}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) FirewallRules: [{15EF2C9B-E5EA-4BD4-87EA-A77648A57701}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) FirewallRules: [{529265BF-5A25-46CE-B3A6-D5A92032EAFA}] => (Allow) D:\Games\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{351F9E46-F40B-4CEC-B845-BD74A433D4C5}] => (Allow) D:\Games\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{E517822E-E69B-4983-A674-BF06751CE21D}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{808CE438-DDA9-4BFB-9E86-61192DD337F8}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{3C592081-9348-44E4-B119-49E6AE9D720D}] => (Allow) D:\Games\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> ) FirewallRules: [{823A119C-7ECF-4306-BABF-FE62F7B41B42}] => (Allow) D:\Games\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> ) FirewallRules: [{AE8CF7C6-1904-4B95-A18D-AAD8D5CCA4BE}] => (Allow) D:\Games\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{04FF575D-6DA5-4BAA-89D8-7D4B95EE30EF}] => (Allow) D:\Games\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{072993A1-A450-4950-BA23-A7A8FA8A85FB}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [{BCEF1965-5C23-4A62-AE6A-DBF7F1A8F4B4}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK Computer Inc. -> ) FirewallRules: [{A2052F6E-0A6F-4CD7-9296-A642FA25FC55}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK Computer Inc. -> ) FirewallRules: [{20FDE323-F8E0-4F15-B46D-C4D0492EB377}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_610b7c1b6fee074c\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) FirewallRules: [{BA6ABFD9-5C7A-43C8-8CCD-7580294D28A2}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_610b7c1b6fee074c\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) FirewallRules: [{F2BD04F7-198B-4CD2-8ACE-BC6A4CC976FB}] => (Allow) C:\WINDOWS\system32\winrmsrv.exe No File ==================== Restore Points ========================= ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (04/04/2020 07:15:32 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program SystemSettings.exe version 10.0.18362.628 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: ec0 Start Time: 01d60a77c36258bd Termination Time: 4294967295 Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe Report Id: 5e6bd0bd-a341-43e4-b226-164b8c4d4898 Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel Hang type: Cross-process Error: (04/04/2020 07:15:27 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: esetonlinescanner.exe, version: 3.3.3.0, time stamp: 0x5e7b736f Faulting module name: wininet.dll, version: 11.0.18362.657, time stamp: 0x68b92187 Exception code: 0xc0000005 Fault offset: 0x002b7537 Faulting process id: 0xc88 Faulting application start time: 0x01d60a78489fcae2 Faulting application path: C:\Users\asus\Desktop\esetonlinescanner.exe Faulting module path: C:\WINDOWS\SYSTEM32\wininet.dll Report Id: 1e67a420-e853-42ff-9418-28be713cb645 Faulting package full name: Faulting package-relative application ID: Error: (04/04/2020 06:27:22 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Google Update Helper -- Error 1316. The specified account already exists. Error: (04/04/2020 05:27:22 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Google Update Helper -- Error 1316. The specified account already exists. Error: (04/04/2020 05:03:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SecHealthUI.exe, version: 10.0.18362.628, time stamp: 0x5e27c8f3 Faulting module name: SecHealthUIViewModels.dll, version: 10.0.18362.628, time stamp: 0x5e27c833 Exception code: 0xc000041d Fault offset: 0x00000000000088d8 Faulting process id: 0x2094 Faulting application start time: 0x01d60a72666f56f0 Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe Faulting module path: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll Report Id: 02f7366a-9d79-483f-b0c0-c1001ba219fb Faulting package full name: Microsoft.Windows.SecHealthUI_10.0.18362.449_neutral__cw5n1h2txyewy Faulting package-relative application ID: SecHealthUI Error: (04/04/2020 05:03:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SecHealthUI.exe, version: 10.0.18362.628, time stamp: 0x5e27c8f3 Faulting module name: SecHealthUIViewModels.dll, version: 10.0.18362.628, time stamp: 0x5e27c833 Exception code: 0xc0000005 Fault offset: 0x00000000000088d8 Faulting process id: 0x2094 Faulting application start time: 0x01d60a72666f56f0 Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe Faulting module path: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll Report Id: 32174f91-3594-46a7-874d-b12134221383 Faulting package full name: Microsoft.Windows.SecHealthUI_10.0.18362.449_neutral__cw5n1h2txyewy Faulting package-relative application ID: SecHealthUI Error: (04/04/2020 04:57:38 PM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Security Center failed to validate caller with error %1. Error: (04/04/2020 04:48:40 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program SystemSettings.exe version 10.0.18362.628 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 59c Start Time: 01d60a7086efd609 Termination Time: 4294967295 Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe Report Id: cad9ca36-b8b1-41d7-8224-fb1d0a6357c8 Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel Hang type: Cross-process System errors: ============= Error: (04/04/2020 08:54:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The wuauserv service terminated with the following error: The system cannot find the file specified. Error: (04/04/2020 08:54:42 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-D8R09741) Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout. Error: (04/04/2020 08:52:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The wuauserv service terminated with the following error: The system cannot find the file specified. Error: (04/04/2020 08:52:42 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout. Error: (04/04/2020 08:50:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The wuauserv service terminated with the following error: The system cannot find the file specified. Error: (04/04/2020 08:50:42 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout. Error: (04/04/2020 08:48:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The wuauserv service terminated with the following error: The system cannot find the file specified. Error: (04/04/2020 08:48:42 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-D8R09741) Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout. Windows Defender: =================================== Date: 2020-03-03 14:58:34.432 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {19B1B569-BCFB-4499-AEB4-8244298C542C} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-03-03 14:43:48.128 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {3E4C75BE-B355-498A-AC79-F6AC36CF99B4} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-03-01 13:29:54.696 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {EFC93734-5D44-44B2-BD75-C22269704296} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-03-01 12:17:11.041 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {942A87BE-FCF4-4F90-A047-436CCDF73D53} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-03-01 12:12:44.470 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {C3D29BF1-6518-4AD0-9954-7D89E86FC681} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-03-14 07:23:22.237 Description: Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. Date: 2020-03-04 11:44:48.317 Description: Windows Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.311.446.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.16800.2 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2020-03-04 03:52:45.678 Description: Windows Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.311.446.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.16800.2 Error code: 0x80240438 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2020-02-13 15:51:16.009 Description: Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80508023 Error description: The program could not find the malware and other potentially unwanted software on this device. Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. Date: 2020-02-13 14:10:59.158 Description: Windows Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 0.0.0.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. CodeIntegrity: =================================== Date: 2020-02-13 19:26:45.839 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-13 19:25:49.365 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-13 19:25:48.879 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-13 19:25:21.961 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-13 19:25:20.951 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-13 19:25:03.935 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-13 19:25:01.603 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-13 19:24:09.799 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. FX505DT.308 09/19/2019 Motherboard: ASUSTeK COMPUTER INC. FX505DT Processor: AMD Ryzen 5 3550H with Radeon Vega Mobile Gfx Percentage of memory in use: 42% Total physical RAM: 8000.9 MB Available physical RAM: 4628.28 MB Total Virtual: 9280.9 MB Available Virtual: 4543.51 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:182.82 GB) (Free:77.4 GB) NTFS Drive d: (New Volume) (Fixed) (Total:293.02 GB) (Free:227.88 GB) NTFS \\?\Volume{bda9ea36-3dd3-4845-bc32-3e7b386b7173}\ (RECOVERY) (Fixed) (Total:0.83 GB) (Free:0.39 GB) NTFS \\?\Volume{3a4d81e4-9288-4e21-b72e-7fac3fc49d70}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 476.9 GB) (Disk ID: 9FECF103) Partition: GPT. ==================== End of Addition.txt =======================