Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-03-2020 Ran by asus (05-04-2020 15:02:18) Running from C:\Users\asus\Desktop Windows 10 Home Single Language Version 1909 18363.657 (X64) (2019-12-24 05:54:15) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2987826816-1455516208-1627320750-500 - Administrator - Disabled) asus (S-1-5-21-2987826816-1455516208-1627320750-1001 - Administrator - Enabled) => C:\Users\asus DefaultAccount (S-1-5-21-2987826816-1455516208-1627320750-503 - Limited - Disabled) Guest (S-1-5-21-2987826816-1455516208-1627320750-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2987826816-1455516208-1627320750-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Android Studio (HKLM\...\Android Studio) (Version: 3.5 - Google LLC) Application Verifier x64 External Package (HKLM\...\{10CA1677-8F02-3131-F25C-780BAB52E468}) (Version: 10.1.18362.1 - Microsoft) Hidden ARMOURY CRATE Service (HKLM\...\{01378DC3-088F-4F55-AAFA-DC6A9CCA292A}) (Version: 2.6.17 - ASUS) ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.2.19.0 - ASUSTek COMPUTER INC.) Hidden ASUS Aac_NBDT HAL (HKLM-x32\...\{58e6cc8d-a70b-4c00-95d6-b8c0ac057512}) (Version: 2.2.19.0 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.21 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Display Component (HKLM-x32\...\{c58f0770-46aa-4b41-a148-b9b73a1451f7}) (Version: 1.1.21 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.2.1 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Headset Component (HKLM-x32\...\{fe55c1b5-bc05-4822-873e-412743572d3e}) (Version: 1.2.1 - ASUSTek COMPUTER INC.) Hidden ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.03.50 - ASUSTek COMPUTER INC.) Hidden ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.33 - ASUSTek COMPUTER INC.) Hidden ASUS Keyboard HAL (HKLM-x32\...\{43baebef-1237-4e88-be25-d3834308a0c6}) (Version: 1.0.33 - ASUSTek COMPUTER INC.) Hidden ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.29 - ASUSTeK Computer Inc.) Hidden ASUS MB Peripheral Products (HKLM-x32\...\{f651776f-58aa-42a2-ab37-593fb3d78ef2}) (Version: 1.0.29 - ASUSTeK Computer Inc.) Hidden ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.29 - ASUSTek COMPUTER INC.) Hidden ASUS Mouse HAL (HKLM-x32\...\{e3f99131-d5d0-4805-96a7-7e126e8295dd}) (Version: 1.0.29 - ASUSTek COMPUTER INC.) Hidden ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.17 - ASUSTeK Computer Inc.) Hidden AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.03.95 - ASUSTeK Computer Inc.) Hidden AURA Service (HKLM-x32\...\{a372961a-54d6-4dbe-a1a6-b77c621fda65}) (Version: 3.03.95 - ASUSTeK Computer Inc.) Blender (HKLM\...\{EDFAE2A8-E73B-4CD1-9648-46A7E4434BDA}) (Version: 2.82.1 - Blender Foundation) Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 80.1.5.123 - Brave Software Inc) CodeBlocks (HKU\S-1-5-21-2987826816-1455516208-1627320750-1001\...\CodeBlocks) (Version: 17.12 - The Code::Blocks Team) DiagnosticsHub_CollectionService (HKLM\...\{1F3C3AAC-9F7A-47DA-A082-0ACE770041BE}) (Version: 16.1.28901 - Microsoft Corporation) Hidden Discord (HKU\S-1-5-21-2987826816-1455516208-1627320750-1001\...\Discord) (Version: 0.0.306 - Discord Inc.) DSB Notification (HKLM\...\{A82D01C4-0F9C-4FD6-9E2F-EDBD1E9826DC}) (Version: 1.2.1 - ASUSTeK COMPUTER INC.) Git version 2.24.1.2 (HKLM\...\Git_is1) (Version: 2.24.1.2 - The Git Development Community) icecap_collection_neutral (HKLM-x32\...\{985FBEB2-DBE9-407D-B1E9-B07E0E4D0CBC}) (Version: 16.4.29430 - Microsoft Corporation) Hidden icecap_collection_x64 (HKLM\...\{1C86330F-D72E-4268-B461-758854BC4A52}) (Version: 16.4.29430 - Microsoft Corporation) Hidden icecap_collectionresources (HKLM-x32\...\{9E7C1C9B-6E2E-4057-857D-62F7F5ABE36B}) (Version: 16.4.29430 - Microsoft Corporation) Hidden icecap_collectionresourcesx64 (HKLM-x32\...\{F5C67FC5-BF18-4304-9268-A971876B245A}) (Version: 16.4.29411 - Microsoft Corporation) Hidden Kits Configuration Installer (HKLM-x32\...\{63AAA877-5536-9481-2385-28A082100D78}) (Version: 10.1.18362.1 - Microsoft) Hidden Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2987826816-1455516208-1627320750-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM\...\{8D7CE3B0-5379-46FE-9F4B-A65D9F4CC1F1}) (Version: 15.0.1200.24 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM-x32\...\{725CC962-98BD-42C7-87D8-51C680FB1779}) (Version: 15.0.1200.24 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation) Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2987826816-1455516208-1627320750-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.43.0 - Microsoft Corporation) Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.4.1080.1113 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Mozilla Firefox 73.0 (x64 en-US) (HKLM\...\Mozilla Firefox 73.0 (x64 en-US)) (Version: 73.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla) MSI Development Tools (HKLM-x32\...\{DB4DB790-64DD-1902-4BF2-833B3B6DBCA1}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Node.js (HKLM\...\{41408FBE-699A-4989-83CA-AB035EECA740}) (Version: 12.13.1 - Node.js Foundation) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation) NVIDIA Graphics Driver 445.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.75 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation) NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) RefreshRateService (HKLM-x32\...\{7E5E84CB-B190-4658-A4DC-166779C329D1}) (Version: 1.0.16 - ASUSTeK COMPUTER INC.) ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.0.24.0 - ASUSTek COMPUTER INC.) SDK ARM Additions (HKLM-x32\...\{73681F86-CD86-4208-572F-959B45430B04}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden SDK ARM Redistributables (HKLM-x32\...\{67EE3804-9642-62BA-EBF1-B1561FB4ECBE}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Universal CRT Extension SDK (HKLM-x32\...\{13952D7A-B7B3-F4F8-5F29-5CD18E8168B7}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (HKLM-x32\...\{74CBC330-ED16-31B9-E8BE-0C6A8E67DE32}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Universal CRT Redistributable (HKLM-x32\...\{847D4DAF-0182-265B-324F-406462E8A90D}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Universal CRT Tools x64 (HKLM\...\{54FE4D23-11A2-F1C4-76E9-79C8FB40A4A1}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Universal CRT Tools x86 (HKLM-x32\...\{9F7B0D96-881D-8850-C303-43F3A08E6902}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Universal General MIDI DLS Extension SDK (HKLM-x32\...\{6F54BF87-2EE6-FA6D-431D-33A665992D49}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) vcpp_crt.redist.clickonce (HKLM-x32\...\{A8059244-ADC7-4A76-9EEA-E0562F480BDE}) (Version: 14.24.28127 - Microsoft Corporation) Hidden Visual Studio Community 2019 (HKLM-x32\...\ee0e8fdd) (Version: 16.4.29806.167 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) VS Immersive Activate Helper (HKLM-x32\...\{78500789-0EBE-4490-BE43-F9EF8250BF42}) (Version: 16.0.98.0 - Microsoft Corporation) Hidden VS JIT Debugger (HKLM\...\{4137D3AB-5B44-4AC9-83A4-5273F2E2547E}) (Version: 16.0.98.0 - Microsoft Corporation) Hidden VS Script Debugging Common (HKLM\...\{D8B26CBD-15D2-440B-BCBD-5616D74EFC7D}) (Version: 16.0.98.0 - Microsoft Corporation) Hidden vs_communitymsi (HKLM-x32\...\{597EE310-E88F-49D9-ADD5-DB6677766E7B}) (Version: 16.4.29709 - Microsoft Corporation) Hidden vs_communitymsires (HKLM-x32\...\{95E79BBC-97FD-4FEB-91B5-CC0231324812}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_filehandler_amd64 (HKLM-x32\...\{709D609A-B91C-4C1C-890B-966470991D67}) (Version: 16.4.29709 - Microsoft Corporation) Hidden vs_filehandler_x86 (HKLM-x32\...\{6BC9BFD7-46B4-46CF-B248-DEC2B7E2028B}) (Version: 16.4.29709 - Microsoft Corporation) Hidden vs_FileTracker_Singleton (HKLM-x32\...\{692A0FB3-E6A2-4D41-AC03-4136B4312DC0}) (Version: 16.3.29209 - Microsoft Corporation) Hidden vs_Graphics_Singletonx64 (HKLM\...\{ABBD10CA-0CFA-4D76-B033-F76C55A54336}) (Version: 16.4.29411 - Microsoft Corporation) Hidden vs_Graphics_Singletonx86 (HKLM-x32\...\{E47B4703-2337-4ED0-BA24-3EC08D643684}) (Version: 16.4.29411 - Microsoft Corporation) Hidden vs_minshellinteropmsi (HKLM-x32\...\{27B16914-BC5D-4018-8074-071262A27F6D}) (Version: 16.2.28917 - Microsoft Corporation) Hidden vs_minshellmsi (HKLM-x32\...\{472A5337-3393-436B-8656-00810D36BD67}) (Version: 16.4.29709 - Microsoft Corporation) Hidden vs_minshellmsires (HKLM-x32\...\{EC04CD66-C03A-470D-B0D2-4BBC87F6382D}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_tipsmsi (HKLM-x32\...\{E208E682-50EE-4F2F-9860-C91B906B8A03}) (Version: 16.0.28329 - Microsoft Corporation) Hidden WinAppDeploy (HKLM-x32\...\{8E3AE0EF-D067-700C-BDB4-10D5552155DC}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation) Windows SDK AddOn (HKLM-x32\...\{E6F877A1-2F65-4BF0-87B6-A4071B7663D3}) (Version: 10.1.0.0 - Microsoft Corporation) Windows Software Development Kit - Windows 10.0.18362.1 (HKLM-x32\...\{126dedf0-cc0e-4b48-9ece-806b0e437195}) (Version: 10.1.18362.1 - Microsoft Corporation) WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH) WinRT Intellisense Desktop - en-us (HKLM-x32\...\{E67F1F03-FB4A-3D61-8999-E6A4C4B26F34}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{7EF010FF-7800-28BA-FF49-2D219EC7BA82}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense IoT - en-us (HKLM-x32\...\{36AE12FB-4349-6EAA-B6E4-5F4E06FA8AE8}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{6B03A6A4-643C-57CE-CA6F-4E19BF47497A}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense Mobile - en-us (HKLM-x32\...\{918A448F-59E8-FBF5-B087-D3F07160C7E0}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense PPI - en-us (HKLM-x32\...\{66483041-F590-EC46-4AF0-EE39C62FB680}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{9C61E6D2-C43E-6746-B519-6185558C4A24}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense UAP - en-us (HKLM-x32\...\{6B37CC5B-78DF-5050-2215-68479716A587}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{250D5341-0879-4016-399C-BBCD87B80E95}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Packages: ========= AMD Display Optimizations -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDDisplayEnhance_10.18.21.0_x64__0a9344xs7nr4m [2019-12-21] (Advanced Micro Devices Inc.) ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_2.6.10.0_x64__qmba6cd70vzyy [2020-03-04] (ASUSTeK COMPUTER INC.) Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.32.4.0_x86__kgqvnymyfvs32 [2020-03-05] (king.com) Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1720.1.0_x86__kgqvnymyfvs32 [2020-03-12] (king.com) Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.4081.0_x64__rz1tebttyb220 [2020-01-30] (Dolby Laboratories) DTS Headphone:X v1 -> C:\Program Files\WindowsApps\dtsinc.dtsheadphonexv1_1.2.4.0_x64__t5j2fzbtdg37r [2019-12-22] (DTS, Inc.) GameVisual -> C:\Program Files\WindowsApps\B9ECED6F.GameVisual_2.2.2.0_x64__qmba6cd70vzyy [2020-01-23] (ASUSTeK COMPUTER INC.) [Startup Task] LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-12-22] (LinkedIn) Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.12527.20242.0_x86__8wekyb3d8bbwe [2020-03-05] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-21] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-21] (Microsoft Corporation) [MS Ad] Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.12527.20242.0_x86__8wekyb3d8bbwe [2020-03-05] (Microsoft Corporation) Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20583.0_x64__8wekyb3d8bbwe [2020-03-12] (Microsoft Corporation) [MS Ad] Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.12527.20242.0_x86__8wekyb3d8bbwe [2020-03-05] (Microsoft Corporation) Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12527.20242.0_x86__8wekyb3d8bbwe [2020-03-05] (Microsoft Corporation) Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.12527.20242.0_x86__8wekyb3d8bbwe [2020-03-05] (Microsoft Corporation) Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.12527.20242.0_x86__8wekyb3d8bbwe [2020-03-05] (Microsoft Corporation) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-21] (Microsoft Studios) [MS Ad] Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.12527.20242.0_x86__8wekyb3d8bbwe [2020-03-05] (Microsoft Corporation) MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20503.0_x64__8wekyb3d8bbwe [2020-03-12] (Microsoft Corporation) [MS Ad] MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_2.2.10.0_x64__qmba6cd70vzyy [2020-02-28] (ASUSTeK COMPUTER INC.) [Startup Task] NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.956.0_x64__56jybvy8sckqj [2019-12-22] (NVIDIA Corp.) Photo Editor | Polarr -> C:\Program Files\WindowsApps\613EBCEA.PolarrPhotoEditorAcademicEdition_5.10.150.0_x64__jb41c8remg0x2 [2020-03-12] (Polarr) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.169.0_x64__dt26b99r8h8gj [2019-12-22] (Realtek Semiconductor Corp) Sketchable -> C:\Program Files\WindowsApps\SiliconBendersLLC.Sketchable_5.0.16.0_x64__r2kxzpx527qgj [2020-03-12] (Silicon Benders LLC) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-03-25] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_af6519e6e3300977\nvshext.dll [2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e2f3576b7abb043d\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory=Default ==================== Loaded Modules (Whitelisted) ============= ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2018-09-15 13:16 - 2018-09-15 13:16 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2987826816-1455516208-1627320750-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\asus\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\galaxies-wallpaper-14.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) MSCONFIG\Services: AdobeUpdateService => 2 MSCONFIG\Services: AGMService => 2 MSCONFIG\Services: AGSService => 2 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: ArmouryCrateService => 2 MSCONFIG\Services: asus => 2 MSCONFIG\Services: ASUSLinkNear => 2 MSCONFIG\Services: ASUSLinkRemote => 2 MSCONFIG\Services: asusm => 3 MSCONFIG\Services: ASUSOptimization => 2 MSCONFIG\Services: ASUSSoftwareManager => 2 MSCONFIG\Services: ASUSSystemAnalysis => 2 MSCONFIG\Services: ASUSSystemDiagnosis => 2 MSCONFIG\Services: brave => 2 MSCONFIG\Services: bravem => 3 MSCONFIG\Services: DTSAPO3Service => 2 MSCONFIG\Services: LightingService => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: NvContainerLocalSystem => 2 MSCONFIG\Services: NvContainerNetworkService => 3 MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2 MSCONFIG\Services: RefreshRateService => 2 MSCONFIG\Services: ROG Live Service => 2 MSCONFIG\Services: RtkAudioUniversalService => 2 MSCONFIG\Services: RtkBtManServ => 2 MSCONFIG\Services: Steam Client Service => 3 HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "AvastUI.exe" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKU\S-1-5-21-2987826816-1455516208-1627320750-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2987826816-1455516208-1627320750-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-2987826816-1455516208-1627320750-1001\...\StartupApproved\Run: => "Steam" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [UDP Query User{B6DFE427-DEF6-4381-8130-EF86ECE3292C}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe FirewallRules: [TCP Query User{5C4E0489-716A-4D80-B9FF-E262DDF08A4F}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe FirewallRules: [UDP Query User{33456F4F-1E74-4150-B103-03C7B2F088D0}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe FirewallRules: [TCP Query User{31C99C00-50C8-4D50-BE56-8453CC583587}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe FirewallRules: [{B20042AC-38C9-4654-B620-90F583E51851}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{9DAA6F1B-4744-460B-8F91-73E24F9C4488}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{9764AF7D-4D33-4824-BB46-58525F612CF6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.10730.20103.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe No File FirewallRules: [{13E51765-9FEC-431E-BBE8-D316808BF98A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{ED9ABAE9-232D-470E-9359-6C8B360E1F3C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{BC8C78BC-5F47-4E79-ABF2-53FD93560AF6}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK Computer Inc. -> ) FirewallRules: [TCP Query User{CBB3D407-8839-4AEF-81A5-D790D542FBF0}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe No File FirewallRules: [UDP Query User{D8A7E7F5-16A9-4ABF-82F5-6EC293ED3888}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe No File FirewallRules: [TCP Query User{107CCF32-FAC5-430C-9F43-413CDFBBBFE9}D:\games\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) D:\games\the witcher 2 enhanced edition\bin\witcher2.exe No File FirewallRules: [UDP Query User{4683300E-E3EB-4FE5-AE65-ECB024B65FAD}D:\games\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) D:\games\the witcher 2 enhanced edition\bin\witcher2.exe No File FirewallRules: [TCP Query User{811D39FA-6BD5-44BD-A1BD-56E87780AF55}D:\games\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) D:\games\the witcher 2 enhanced edition\bin\witcher2.exe No File FirewallRules: [UDP Query User{F796F13C-D179-4C86-8227-76EAAA458355}D:\games\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) D:\games\the witcher 2 enhanced edition\bin\witcher2.exe No File FirewallRules: [{4CC7B51C-FEF5-49BD-AE8B-54382B0E45D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{100081C3-9146-4913-AE24-4AA57FB519B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FC40A73B-9359-468B-9C78-0DD4A291979A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{0FB43244-2D91-40B8-9A29-2A728B15597E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{4ED56317-D830-4885-8367-EA0F36D4E259}C:\users\asus\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\asus\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{7DB67535-9DF4-4FC1-9458-684E1F3A5518}C:\users\asus\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\asus\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{A959B66C-2A6B-4CB1-8783-FBA15C95F1C0}C:\users\asus\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\asus\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{7C533DF6-EF55-49C9-AC6E-DBBD32D9FBEB}C:\users\asus\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\asus\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C9225E85-AA8B-4212-B1D9-1FAB92CAE15A}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ad7335318d8ac5a5\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) FirewallRules: [{52D509ED-00F9-4156-AB6E-63063C2F742C}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ad7335318d8ac5a5\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) FirewallRules: [{B9912B5B-ED8D-4A1A-907F-5EE052D99E0D}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ad7335318d8ac5a5\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) FirewallRules: [{ECCC7345-F90B-47DF-8A46-F3D7EE1EC39D}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ad7335318d8ac5a5\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) FirewallRules: [{DD53D20B-D97B-44C8-98E9-B8D3EE306B24}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12527.20242.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{1BFE5A57-2FDA-44F2-809E-38683ADFCA21}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_610b7c1b6fee074c\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) FirewallRules: [{EB84FF4E-1B52-44BE-A4D6-049F7F24AE24}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_610b7c1b6fee074c\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) FirewallRules: [{FC7F1383-DE8A-4B05-A2A3-8D46C278244E}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) FirewallRules: [{15EF2C9B-E5EA-4BD4-87EA-A77648A57701}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) FirewallRules: [{529265BF-5A25-46CE-B3A6-D5A92032EAFA}] => (Allow) D:\Games\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{351F9E46-F40B-4CEC-B845-BD74A433D4C5}] => (Allow) D:\Games\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{E517822E-E69B-4983-A674-BF06751CE21D}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{808CE438-DDA9-4BFB-9E86-61192DD337F8}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{3C592081-9348-44E4-B119-49E6AE9D720D}] => (Allow) D:\Games\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> ) FirewallRules: [{823A119C-7ECF-4306-BABF-FE62F7B41B42}] => (Allow) D:\Games\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> ) FirewallRules: [{AE8CF7C6-1904-4B95-A18D-AAD8D5CCA4BE}] => (Allow) D:\Games\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{04FF575D-6DA5-4BAA-89D8-7D4B95EE30EF}] => (Allow) D:\Games\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{072993A1-A450-4950-BA23-A7A8FA8A85FB}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [{BCEF1965-5C23-4A62-AE6A-DBF7F1A8F4B4}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK Computer Inc. -> ) FirewallRules: [{A2052F6E-0A6F-4CD7-9296-A642FA25FC55}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK Computer Inc. -> ) FirewallRules: [{20FDE323-F8E0-4F15-B46D-C4D0492EB377}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_610b7c1b6fee074c\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) FirewallRules: [{BA6ABFD9-5C7A-43C8-8CCD-7580294D28A2}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_610b7c1b6fee074c\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) ==================== Restore Points ========================= ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (04/05/2020 02:51:38 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program SystemSettings.exe version 10.0.18362.628 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 1cdc Start Time: 01d60b28410ad119 Termination Time: 4294967295 Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe Report Id: e5a64879-7b36-456d-be2a-8f0a6953e964 Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel Hang type: Cross-process Error: (04/05/2020 02:27:23 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, A device attached to the system is not functioning. . Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (04/05/2020 02:27:22 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Google Update Helper -- Error 1316. The specified account already exists. Error: (04/05/2020 02:27:08 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {45a735b9-7048-454c-9a71-0af419b96d0c} Error: (04/05/2020 12:36:06 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program SystemSettings.exe version 10.0.18362.628 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 2100 Start Time: 01d60ae4bbc88346 Termination Time: 4294967295 Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe Report Id: 1d7d7ace-f819-48d1-ae07-2c8801197658 Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel Hang type: Cross-process Error: (04/05/2020 12:27:22 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Google Update Helper -- Error 1316. The specified account already exists. Error: (04/05/2020 11:27:21 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Google Update Helper -- Error 1316. The specified account already exists. Error: (04/05/2020 10:27:21 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Google Update Helper -- Error 1316. The specified account already exists. System errors: ============= Error: (04/05/2020 03:03:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The wuauserv service terminated with the following error: The system cannot find the file specified. Error: (04/05/2020 03:03:37 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout. Error: (04/05/2020 03:01:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The wuauserv service terminated with the following error: The system cannot find the file specified. Error: (04/05/2020 03:01:37 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout. Error: (04/05/2020 02:59:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The wuauserv service terminated with the following error: The system cannot find the file specified. Error: (04/05/2020 02:59:37 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout. Error: (04/05/2020 02:57:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The wuauserv service terminated with the following error: The system cannot find the file specified. Error: (04/05/2020 02:57:37 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout. Windows Defender: =================================== Date: 2020-03-03 14:58:34.432 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {19B1B569-BCFB-4499-AEB4-8244298C542C} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-03-03 14:43:48.128 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {3E4C75BE-B355-498A-AC79-F6AC36CF99B4} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-03-01 13:29:54.696 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {EFC93734-5D44-44B2-BD75-C22269704296} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-03-01 12:17:11.041 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {942A87BE-FCF4-4F90-A047-436CCDF73D53} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-03-01 12:12:44.470 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {C3D29BF1-6518-4AD0-9954-7D89E86FC681} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-03-14 07:23:22.237 Description: Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. Date: 2020-03-04 11:44:48.317 Description: Windows Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.311.446.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.16800.2 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2020-03-04 03:52:45.678 Description: Windows Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.311.446.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.16800.2 Error code: 0x80240438 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2020-02-13 15:51:16.009 Description: Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80508023 Error description: The program could not find the malware and other potentially unwanted software on this device. Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. Date: 2020-02-13 14:10:59.158 Description: Windows Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 0.0.0.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. CodeIntegrity: =================================== Date: 2020-02-13 19:26:45.839 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-13 19:25:49.365 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-13 19:25:48.879 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-13 19:25:21.961 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-13 19:25:20.951 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-13 19:25:03.935 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-13 19:25:01.603 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-13 19:24:09.799 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. FX505DT.308 09/19/2019 Motherboard: ASUSTeK COMPUTER INC. FX505DT Processor: AMD Ryzen 5 3550H with Radeon Vega Mobile Gfx Percentage of memory in use: 43% Total physical RAM: 8000.9 MB Available physical RAM: 4552.97 MB Total Virtual: 9280.9 MB Available Virtual: 4615.04 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:182.82 GB) (Free:81.29 GB) NTFS Drive d: (New Volume) (Fixed) (Total:293.02 GB) (Free:227.88 GB) NTFS \\?\Volume{bda9ea36-3dd3-4845-bc32-3e7b386b7173}\ (RECOVERY) (Fixed) (Total:0.83 GB) (Free:0.39 GB) NTFS \\?\Volume{3a4d81e4-9288-4e21-b72e-7fac3fc49d70}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 476.9 GB) (Disk ID: 9FECF103) Partition: GPT. ==================== End of Addition.txt =======================