Hi, iMacg3, I did not uncheck any of the items you have stated. Here are the files, though.
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by ming2 (administrator) on DESKTOP-KA7J4FM (ASUSTeK COMPUTER INC. G752VSK) (17-07-2019 20:48:46)
Running from C:\Users\ming2\Downloads
Loaded Profiles: ming2 (Available Profiles: ming2 & Administrator)
Platform: Windows 10 Home Single Language Version 1803 17134.407 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2Svc32.exe
() [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2Svc64.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(ASUS) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ROG MacroKey\AsListen.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ROG MacroKey\MacroSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe
(ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(A-Volute -> ) C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\ming2\AppData\Roaming\uTorrent Web\utweb.exe
(Borland Software Corporation) [File not signed] C:\Program Files (x86)\Borland\InterBase\bin\ibguard.exe
(Borland Software Corporation) [File not signed] C:\Program Files (x86)\Borland\InterBase\bin\ibserver.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Gaijin Network LTD -> Gaijin Entertainment) C:\Users\ming2\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® Extreme Tuning Utility -> Intel® Corporation) C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Users\ming2\Downloads\AdwCleaner.exe
(McAfee, Inc. -> Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.7.371.0\McCSPServiceHost.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\browserhost.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\ming2\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\SysWOW64\UMonit64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.17.3.50\nsWscSvc.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) D:\STM\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\STM\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\STM\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\STM\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\STM\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\STM\Steam.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => %ProgramFiles%\Windows Defender\MSASCuiL.exe
HKLM\...\Run: [SS2UILauncher] => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe [1143312 2016-11-11] (A-Volute -> )
HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3589471471-3968619273-1564904599-1001\...\Run: [utweb] => C:\Users\ming2\AppData\Roaming\uTorrent Web\utweb.exe [5116600 2018-02-21] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3589471471-3968619273-1564904599-1001\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software) [File not signed]
HKU\S-1-5-21-3589471471-3968619273-1564904599-1001\...\Run: [Steam] => D:\STM\steam.exe [3148576 2019-06-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-3589471471-3968619273-1564904599-1001\...\Run: [movavi_videoconverter_agent] => C:\Users\ming2\AppData\Roaming\Movavi Video Converter 19 Premium\ConverterAgent.exe
HKU\S-1-5-21-3589471471-3968619273-1564904599-1001\...\Run: [Gaijin.Net Updater] => C:\Users\ming2\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2105416 2019-04-18] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-3589471471-3968619273-1564904599-1001\...\Run: [Gaijin.Net Agent] => C:\Users\ming2\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2105416 2019-04-18] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-3589471471-3968619273-1564904599-1001\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe [1049608 2017-07-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc)
HKU\S-1-5-21-3589471471-3968619273-1564904599-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe [1049608 2017-07-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [vidc.xtor] => C:\WINDOWS\system32\DxtoryCodec.dll [2606144 2015-08-10] (ExKode Co.Ltd. -> ExKode Co. Ltd.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [vidc.xtor] => C:\WINDOWS\System32\DxtoryCodec.dll [2606144 2015-08-10] (ExKode Co.Ltd. -> ExKode Co. Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-16] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {000BFF18-F5E8-4528-8F20-18ACF54384D8} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {006FA409-1DB1-4634-BB1B-590C6F22B25E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {06970E83-BF59-4DE2-8C08-FD7BC12EACF6} - System32\Tasks\SS2Svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2Svc32.exe [2573312 2016-11-11] () [File not signed]
Task: {0704FF8C-C053-4D38-AF8D-FA762A2637FF} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2003E7BA-1A5E-4FF0-AD5A-C7305B05060E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {22EFDDE5-50E8-41D3-9AC5-6D534DA88F66} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9037832 2016-10-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {24740FFA-9EE2-44CE-AE42-06D4BE3B1E97} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {27F5DF75-84CE-4DDF-B742-5C3E6C6DB942} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1542080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {29992AC6-C3D2-4CEC-8924-7186C2F4112A} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe [42190848 2016-06-13] (SplitmediaLabs Limited -> SplitmediaLabs)
Task: {2B6F9ECE-525C-48ED-B6D8-7F9B8E01B4D1} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19786024 2016-08-24] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {339A8D80-E4AF-476D-BCD0-6CC1AD948A1D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24222880 2018-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {37E0674B-9C13-4A84-A218-71F8D7330C81} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-23] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {427AC9FC-DDF5-4DB0-B637-C7B81D39BAA6} - System32\Tasks\UMonitor Task => C:\WINDOWS\SysWOW64\UMonit64.exe [62016 2017-08-03] (Microsoft Windows Hardware Compatibility Publisher -> )
Task: {46F6A6A1-EA3E-49A4-ABDF-9F7DC2482508} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {49A79EB6-1C62-42F8-B311-10A9120EFB24} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\ming2\Downloads\esetonlinescanner_enu.exe [7969304 2019-07-16] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {4A123D6D-E19E-441C-BCD8-AB908F31DF21} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.17.3.50\WSCStub.exe [2225296 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {4D9FBF95-45BA-4CE8-A1B0-A45D393E4240} - System32\Tasks\ASUS ROG Macro Key Listener => C:\Program Files (x86)\ASUS\ROG MacroKey\AsListen.exe [516000 2016-03-24] (ASUSTeK Computer Inc. -> ASUS)
Task: {4EC29BD8-2823-4652-872A-2614A12EE8EE} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [909112 2016-07-27] (Intel® Trusted Connect Service -> Intel® Corporation)
Task: {50C04686-FE40-4976-8CA5-B8A20E0B8DFC} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {547EA1C0-657C-4A6D-BA72-AC72A8D6BFA6} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\Thunderbolt.exe [440544 2016-05-17] (Intel® Client Connectivity Division SW -> Intel Corporation)
Task: {554A65E9-CEAA-44B3-8C9C-7FD8F6CF5BFE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-04] (Google Inc -> Google Inc.)
Task: {5F818B96-0CA3-4B41-A403-D9597B6F6825} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe
Task: {6E28355A-06EE-4F95-A375-A0301606A8F5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2298256 2018-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {71A63D57-8ECF-4F97-A86E-C856A6CA2235} - System32\Tasks\ROG Gaming Center => C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe [3855544 2016-11-24] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {71C8CAA2-4682-4B93-8D27-244C4706DC04} - System32\Tasks\SS2UILauncherRun => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe [1143312 2016-11-11] (A-Volute -> )
Task: {73C05A41-FFC9-432F-9514-826E30DF3FA5} - System32\Tasks\ASUSTek Computer Inc\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe [1049608 2017-07-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc)
Task: {77DF86BC-4AE9-49F4-AE40-0C5BCB620D50} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7EC889D9-D831-4A5B-9921-BB56FE03BE79} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7F4BAC96-BBA7-4A33-BB72-ED7AB5801442} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {800DAD31-7813-4565-90FD-2B4CEC66AA9A} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [55808 2016-10-13] (ASUS) [File not signed]
Task: {81D299C9-F5C8-486E-926A-B3689600D254} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [1897184 2016-05-17] (Intel® Client Connectivity Division SW -> Intel Corporation)
Task: {895A6FC2-87F1-4955-B3A7-FF1FE1DB6768} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {89862666-77ED-472E-B5FE-243E1A3D1ACC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B30E3F8-3A5A-4A28-A2A8-11C25475FF31} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143160 2019-03-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {94F78AB9-59C2-4564-B9F4-7FA6684D60A0} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-3589471471-3968619273-1564904599-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [22016 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
Task: {9A407403-2F30-4613-AEF5-2D6A3473727B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-04] (Google Inc -> Google Inc.)
Task: {9EDFA1BF-4EBB-4069-BFB9-A8C839FDCB1F} - System32\Tasks\SS2Svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2Svc64.exe [259072 2016-11-11] () [File not signed]
Task: {A087754D-9508-44DD-9499-1494BA5E928D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [123200 2018-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0F57D1E-E66E-49AA-B582-58B4C2A3A052} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {A5424974-8C2E-40BC-B2B3-5398212984EC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {A9EBEFF5-91B7-42A1-9934-38C42B9A5DCE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24222880 2018-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {B325E479-D54F-434F-9B87-641989D38F49} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\Thunderbolt.exe [440544 2016-05-17] (Intel® Client Connectivity Division SW -> Intel Corporation)
Task: {B649DCDA-C465-4A6F-8791-5F9437BC7333} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {C930195F-41E6-484F-BCA4-F8C67C97B8CE} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1473032 2016-10-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {CB17402D-849B-488A-9FB2-54E15AC1849D} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1579296 2016-11-09] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) [File not signed]
Task: {D20A59B4-8332-49C4-AB5C-A870144BA674} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2298256 2018-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {D4C1438E-F72B-447D-BC74-BADF09DFCB63} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [123200 2018-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {E69966FF-247B-4B99-AA7F-D5ECEEC74821} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [960448 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ECA12F93-DC1C-4CF7-A256-13C17A955223} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F007EE4A-AC69-43F1-BF3F-2449CB92AC7A} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2225296 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {F4FBE679-26EF-4DCE-9292-018C6180722C} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\ming2\Downloads\esetonlinescanner_enu.exe [7969304 2019-07-16] (ESET, spol. s r.o. -> ESET spol. s r.o.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.2
Tcpip\..\Interfaces\{7e847706-107c-470a-a7d9-0507dd0c47a0}: [DhcpNameServer] 10.0.0.2
Tcpip\..\Interfaces\{b8e1759a-637a-4d42-87ef-26abff9e6ece}: [DhcpNameServer] 10.0.0.2
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3589471471-3968619273-1564904599-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-07-12] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-12-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-03-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-07-12] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-15] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-12-08] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: crw27yce.default
FF ProfilePath: C:\Users\ming2\AppData\Roaming\Mozilla\Firefox\Profiles\crw27yce.default [2019-07-15]
FF NewTab: Mozilla\Firefox\Profiles\crw27yce.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__180225
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\ming2\AppData\Roaming\Mozilla\Firefox\Profiles\crw27yce.default\Extensions\
[email protected] [2018-09-15] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/sp/update.json]
FF Extension: (Avast Online Security) - C:\Users\ming2\AppData\Roaming\Mozilla\Firefox\Profiles\crw27yce.default\Extensions\
[email protected] [2018-07-20]
FF Extension: (Google Reverse Image Search) - C:\Users\ming2\AppData\Roaming\Mozilla\Firefox\Profiles\crw27yce.default\Extensions\{95322c08-05ff-4f3c-85fd-8ceb821988dd}.xpi [2018-09-15]
FF Extension: (Google Code Correction) - C:\Users\ming2\AppData\Roaming\Mozilla\Firefox\Profiles\crw27yce.default\features\{03601851-27e3-4939-9991-e20a31d73260}\
[email protected] [2018-09-15] [Legacy]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-07-12]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-03-13] (CANON INC.) [File not signed]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2011-10-18] (Google) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-03-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-09-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-17] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-17] (Google Inc -> Google LLC)
Chrome:
=======
CHR Profile: C:\Users\ming2\AppData\Local\Google\Chrome\User Data\Default [2019-07-17]
CHR Extension: (Slides) - C:\Users\ming2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-04]
CHR Extension: (Docs) - C:\Users\ming2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-04]
CHR Extension: (Google Drive) - C:\Users\ming2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-04]
CHR Extension: (MEGA) - C:\Users\ming2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2019-07-14]
CHR Extension: (YouTube) - C:\Users\ming2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-04]
CHR Extension: (Sheets) - C:\Users\ming2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-04]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\ming2\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-05-09]
CHR Extension: (Google Docs Offline) - C:\Users\ming2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-03]
CHR Extension: (Avast Online Security) - C:\Users\ming2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ming2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (Gmail) - C:\Users\ming2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-09]
CHR Extension: (Chrome Media Router) - C:\Users\ming2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-03]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AsHidService; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe [126648 2016-06-16] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUS Rog Macro Key; C:\Program Files (x86)\ASUS\ROG MacroKey\MacroSrv.exe [492344 2015-07-03] (ASUSTeK Computer Inc. -> ASUS)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9646240 2018-11-20] (Microsoft Corporation -> Microsoft Corporation)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-08-23] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2397816 2017-04-04] (Intel Corporation - pGFX -> Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190208 2016-10-15] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [391744 2017-07-11] (Canon Inc. -> )
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-27] (Intel® Trusted Connect Service -> Intel® Corporation)
R2 InterBaseGuardian; C:\Program Files (x86)\Borland\InterBase\bin\ibguard.exe [32768 2001-11-29] (Borland Software Corporation) [File not signed]
R3 InterBaseServer; C:\Program Files (x86)\Borland\InterBase\bin\ibserver.exe [1769472 2001-11-29] (Borland Software Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [177440 2016-10-06] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899264 2019-07-12] (McAfee, LLC -> McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.7.371.0\\McCSPServiceHost.exe [2140888 2017-12-14] (McAfee, Inc. -> McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-11-29] (Intel Corporation-Wireless Connectivity Solutions -> )
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe [225608 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.17.3.50\nsWscSvc.exe [933200 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1046456 2017-09-24] (McAfee, Inc. -> Intel Security, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-15] (CyberLink Corp. -> )
S3 ROGGamingCenterService; C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingCenterService.exe [42680 2016-11-25] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [1897184 2016-05-17] (Intel® Client Connectivity Division SW -> Intel Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe [18232 2016-11-10] (Intel® Extreme Tuning Utility -> Intel® Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-11-29] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)
S3 aswbIDSAgent; "C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe" [X]
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]
S3 AvastWscReporter; "C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [29312 2016-08-24] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [107008 2016-09-01] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [201240 2018-12-03] (AVAST Software s.r.o. -> AVAST Software)
S3 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [230344 2018-12-03] (AVAST Software s.r.o. -> AVAST Software)
S3 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201768 2018-12-03] (AVAST Software s.r.o. -> AVAST Software)
S3 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346592 2018-12-03] (AVAST Software s.r.o. -> AVAST Software)
S3 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59496 2018-12-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-07-20] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239840 2018-12-03] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46384 2018-12-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2018-12-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163208 2018-12-03] (AVAST Software s.r.o. -> AVAST Software)
S3 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111800 2018-12-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87432 2018-12-03] (AVAST Software s.r.o. -> AVAST Software)
S3 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1028680 2018-12-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469272 2018-12-03] (AVAST Software s.r.o. -> AVAST Software)
S3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [208472 2018-12-03] (AVAST Software s.r.o. -> AVAST Software)
S3 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380464 2018-12-03] (AVAST Software s.r.o. -> AVAST Software)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.17.1.50\Definitions\BASHDefs\20190709.001\BHDrvx64.sys [1935880 2019-06-25] (Symantec Corporation -> Symantec Corporation)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\ccSetx64.sys [192704 2019-06-20] (Symantec Corporation -> Symantec Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515592 2019-06-15] (Symantec Corporation -> Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153096 2019-06-16] (Symantec Corporation -> Symantec Corporation)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [130920 2017-08-03] (Genesys Logic, Inc. -> GenesysLogic)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [31120 2016-12-19] (ASUSTeK Computer Inc. -> ASUS)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [69632 2017-03-28] (Intel® Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [732416 2016-10-15] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.17.1.50\Definitions\IPSDefs\20190715.061\IDSvia64.sys [1441800 2019-07-02] (Symantec Corporation -> Symantec Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37064 2016-08-25] (Intel Corporation -> Intel Corporation)
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [79504 2016-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2018-04-12] (Microsoft Windows -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_45d4f41b93b9677a\nvlddmkm.sys [14461344 2017-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-01] (Realtek Semiconductor Corp. -> Realtek )
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SRTSP64.SYS [864776 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SRTSPX64.SYS [49672 2019-06-20] (Symantec Corporation -> Symantec Corporation)
S3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [45936 2017-08-15] (SteelSeries ApS -> SteelSeries ApS)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SYMEFASI64.SYS [1998552 2019-06-20] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SymELAM.sys [25744 2019-06-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [99848 2019-06-16] (Symantec Corporation -> Symantec Corporation)
S4 SymEvnt; C:\Program Files\Norton Security\NortonData\22.17.1.50\SymPlatform\SymEvnt.sys [712200 2019-06-26] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\Ironx64.SYS [315912 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\symnets.sys [573448 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [213216 2018-11-08] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [223000 2018-11-08] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\wpCtrlDrv.sys [1012120 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [54352 2016-08-18] (Intel Corporation -> Intel Corporation)
U3 aswbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2099-09-08 08:07 - 2018-04-12 01:34 - 000098304 _____ (Microsoft Corporation) C:\Utilman.exe
2099-09-07 22:33 - 2117-09-07 23:42 - 000000000 ___DC C:\Users\Administrator\AppData\Local\CrashDumps
2099-09-07 22:33 - 2117-09-07 22:33 - 000000000 ___DC C:\Users\Administrator\AppData\Local\DBG
2099-09-07 22:29 - 2117-09-07 22:29 - 000000000 ___DC C:\Users\Administrator\AppData\Local\Comms
2099-09-07 22:17 - 2117-09-07 22:17 - 000000000 ___DC C:\Users\Administrator\AppData\Roaming\Sun
2099-09-07 22:17 - 2117-09-07 22:17 - 000000000 ___DC C:\Users\Administrator\AppData\LocalLow\Sun
2099-09-07 22:15 - 2117-09-07 23:41 - 000000182 ____C C:\Users\Administrator\AppData\Roaming\sp_data.sys
2099-09-07 22:14 - 2117-09-07 22:14 - 000000000 ___HD C:\Users\Administrator\MicrosoftEdgeBackups
2099-09-07 22:13 - 2117-09-07 22:13 - 000003306 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2099-09-07 22:13 - 2117-09-07 22:13 - 000000000 ___RD C:\Users\Administrator\OneDrive
2099-09-07 22:12 - 2117-09-07 22:30 - 000000000 ___DC C:\Users\Administrator\AppData\Local\Packages
2099-09-07 22:12 - 2117-09-07 22:14 - 000000000 ___DC C:\Users\Administrator\AppData\Local\NVIDIA Corporation
2099-09-07 22:12 - 2117-09-07 22:14 - 000000000 ____D C:\Users\Administrator
2099-09-07 22:12 - 2117-09-07 22:13 - 000002389 ____C C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2099-09-07 22:12 - 2117-09-07 22:12 - 000001417 ____C C:\Users\Administrator\Desktop\Microsoft Edge.lnk
2099-09-07 22:12 - 2117-09-07 22:12 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2099-09-07 22:12 - 2117-09-07 22:12 - 000000000 ___RD C:\Users\Administrator\3D Objects
2099-09-07 22:12 - 2117-09-07 22:12 - 000000000 ___DC C:\Users\Administrator\AppData\Roaming\Intel
2099-09-07 22:12 - 2117-09-07 22:12 - 000000000 ___DC C:\Users\Administrator\AppData\Roaming\Canon
2099-09-07 22:12 - 2117-09-07 22:12 - 000000000 ___DC C:\Users\Administrator\AppData\Roaming\Adobe
2099-09-07 22:12 - 2117-09-07 22:12 - 000000000 ___DC C:\Users\Administrator\AppData\Local\SS22.0.34
2099-09-07 22:12 - 2117-09-07 22:12 - 000000000 ___DC C:\Users\Administrator\AppData\Local\Publishers
2099-09-07 22:12 - 2117-09-07 22:12 - 000000000 ___DC C:\Users\Administrator\AppData\Local\NVIDIA
2099-09-07 22:12 - 2117-09-07 22:12 - 000000000 ___DC C:\Users\Administrator\AppData\Local\MicrosoftEdge
2099-09-07 22:12 - 2117-09-07 22:12 - 000000000 ___DC C:\Users\Administrator\AppData\Local\Google
2099-09-07 22:12 - 2117-09-07 22:12 - 000000000 ___DC C:\Users\Administrator\AppData\Local\Crashpad
2099-09-07 22:12 - 2117-09-07 22:12 - 000000000 ___DC C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2099-09-07 22:12 - 2117-09-07 22:12 - 000000000 ___DC C:\Users\Administrator\AppData\Local\ASUS GIFTBOX
2099-09-07 22:12 - 2117-09-07 22:12 - 000000000 ___DC C:\Users\Administrator\AppData\Local\ASUS
2019-07-16 19:28 - 2019-07-16 19:28 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2019-07-16 18:50 - 2019-07-16 18:50 - 000003812 _____ C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn
2019-07-16 18:50 - 2019-07-16 18:50 - 000003370 _____ C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime
2019-07-16 17:29 - 2019-07-16 17:29 - 007969304 _____ (ESET spol. s r.o.) C:\Users\ming2\Downloads\esetonlinescanner_enu.exe
2019-07-16 17:29 - 2019-07-16 17:29 - 000000771 ____C C:\Users\ming2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2019-07-16 17:29 - 2019-07-16 17:29 - 000000000 ___DC C:\Users\ming2\AppData\Local\ESET
2019-07-15 23:28 - 2019-07-16 17:27 - 000000000 ____D C:\AdwCleaner
2019-07-15 23:28 - 2019-07-15 23:28 - 007025360 _____ (Malwarebytes) C:\Users\ming2\Downloads\AdwCleaner.exe
2019-07-15 23:23 - 2019-07-15 23:24 - 000023757 _____ C:\Users\ming2\Downloads\Fixlog.txt
2019-07-15 23:22 - 2019-07-15 23:22 - 000000000 ____D C:\Users\ming2\Downloads\FRST-OlderVersion
2019-07-15 14:37 - 2019-07-15 14:37 - 000000447 _____ C:\Users\ming2\Downloads\ckfiles.txt
2019-07-15 14:28 - 2019-07-15 14:28 - 000468480 _____ () C:\Users\ming2\Downloads\CKScanner.exe
2019-07-14 21:40 - 2019-07-14 21:40 - 000061866 _____ C:\Users\ming2\Downloads\FRST (1).txt
2019-07-14 21:03 - 2019-07-14 21:04 - 000058887 _____ C:\Users\ming2\Downloads\Addition.txt
2019-07-14 21:02 - 2019-07-17 20:49 - 000048107 _____ C:\Users\ming2\Downloads\FRST.txt
2019-07-14 21:02 - 2019-07-17 20:48 - 000000000 ____D C:\FRST
2019-07-14 21:00 - 2019-07-15 23:22 - 002095104 _____ (Farbar) C:\Users\ming2\Downloads\FRST64.exe
2019-07-14 17:52 - 2019-07-14 19:25 - 000000000 ___HD C:\$WINDOWS.~BT
2019-07-12 21:29 - 2019-07-14 17:50 - 000000000 ___HD C:\$GetCurrent
2019-07-12 21:28 - 2019-07-14 18:01 - 000000000 ____D C:\Windows10Upgrade
2019-07-12 21:19 - 2019-07-12 21:19 - 000000000 ___DC C:\Users\ming2\AppData\Local\PackageStaging
2019-07-07 19:16 - 2019-07-17 03:11 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security with Backup
2019-07-07 19:11 - 2019-07-07 19:11 - 000003376 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2019-07-07 19:11 - 2019-07-07 19:11 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2019-07-03 16:20 - 2019-07-07 21:05 - 000000000 ____D C:\Program Files\Common Files\AV
2019-07-03 14:34 - 2019-07-04 00:45 - 000000000 ___HD C:\$SysReset
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2099-09-07 22:30 - 2018-07-05 20:28 - 000000000 ____D C:\ProgramData\Packages
2099-09-07 22:12 - 2017-09-08 20:36 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-17 20:49 - 2018-09-29 01:39 - 000004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6C8E1341-1372-4261-A633-F6C028A0E18A}
2019-07-17 20:46 - 2019-06-15 18:01 - 000000000 ___DC C:\Users\ming2\AppData\Local\PlaceholderTileLogoFolder
2019-07-17 20:46 - 2018-09-29 01:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-17 20:46 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-17 20:46 - 2018-02-04 16:26 - 000000182 ____C C:\Users\ming2\AppData\Roaming\sp_data.sys
2019-07-16 22:45 - 2018-02-04 20:18 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-16 22:45 - 2018-02-04 20:18 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-07-16 19:11 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-16 18:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-07-16 18:56 - 2018-02-04 16:25 - 000000000 ___RD C:\Users\ming2\OneDrive
2019-07-16 17:35 - 2018-09-29 11:25 - 000761100 _____ C:\WINDOWS\system32\prfh0416.dat
2019-07-16 17:35 - 2018-09-29 11:25 - 000148248 _____ C:\WINDOWS\system32\prfc0416.dat
2019-07-16 17:35 - 2018-09-29 11:23 - 000775498 _____ C:\WINDOWS\system32\prfh0816.dat
2019-07-16 17:35 - 2018-09-29 11:23 - 000151752 _____ C:\WINDOWS\system32\prfc0816.dat
2019-07-16 17:35 - 2018-09-29 11:21 - 000789246 _____ C:\WINDOWS\system32\perfh00C.dat
2019-07-16 17:35 - 2018-09-29 11:21 - 000149092 _____ C:\WINDOWS\system32\perfc00C.dat
2019-07-16 17:35 - 2018-09-29 11:17 - 000785584 _____ C:\WINDOWS\system32\perfh00A.dat
2019-07-16 17:35 - 2018-09-29 11:17 - 000154772 _____ C:\WINDOWS\system32\perfc00A.dat
2019-07-16 17:35 - 2018-09-29 11:15 - 000703544 _____ C:\WINDOWS\system32\perfh01F.dat
2019-07-16 17:35 - 2018-09-29 11:15 - 000143920 _____ C:\WINDOWS\system32\perfc01F.dat
2019-07-16 17:35 - 2018-09-29 01:41 - 005349780 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-16 17:35 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-07-16 17:28 - 2017-09-08 20:42 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-16 17:27 - 2018-09-29 01:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-16 17:27 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-07-15 23:26 - 2018-02-25 22:47 - 000000000 ___DC C:\Users\ming2\AppData\Local\CrashDumps
2019-07-15 23:24 - 2018-02-06 21:44 - 000000000 ___DC C:\Users\ming2\AppData\LocalLow\Temp
2019-07-15 14:25 - 2019-02-18 00:52 - 000000000 ___HD C:\OneDriveTemp
2019-07-14 19:33 - 2018-10-30 21:50 - 000000000 ____D C:\ivory
2019-07-14 19:30 - 2018-12-09 21:11 - 000000000 ___DC C:\Users\ming2\AppData\Roaming\uTorrent
2019-07-14 19:02 - 2019-03-07 00:22 - 000000000 ____D C:\WINDOWS\Panther
2019-07-14 19:02 - 2018-09-29 01:39 - 000001908 _____ C:\WINDOWS\diagwrn.xml
2019-07-14 19:02 - 2018-09-29 01:39 - 000001908 _____ C:\WINDOWS\diagerr.xml
2019-07-14 18:01 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Registration
2019-07-14 17:55 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-14 17:52 - 2018-03-11 16:54 - 000000036 _____ C:\WINDOWS\progress.ini
2019-07-14 17:50 - 2018-03-09 23:52 - 000000733 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
2019-07-12 23:23 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-07-12 21:19 - 2018-02-04 16:23 - 000000000 ___DC C:\Users\ming2\AppData\Local\Packages
2019-07-12 21:18 - 2018-10-30 22:05 - 000000000 ___DC C:\Users\ming2\AppData\Local\ElevatedDiagnostics
2019-07-12 20:59 - 2018-09-29 01:39 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3589471471-3968619273-1564904599-1001
2019-07-12 20:59 - 2018-09-29 01:34 - 000002369 ____C C:\Users\ming2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-07 21:01 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-07-07 19:24 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-07-07 19:11 - 2019-06-16 18:23 - 000002410 _____ C:\Users\Public\Desktop\Norton Security.lnk
2019-07-07 19:11 - 2019-06-16 18:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2019-07-03 14:39 - 2018-03-16 16:00 - 000000000 ____D C:\ProgramData\CanonIJPLM
==================== Files in the root of some directories ================
2018-02-04 16:26 - 2019-07-17 20:46 - 000000182 ____C () C:\Users\ming2\AppData\Roaming\sp_data.sys
2018-02-08 07:07 - 2018-02-26 15:55 - 001065984 ____C () C:\Users\ming2\AppData\Local\file__0.localstorage
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by ming2 (17-07-2019 20:49:48)
Running from C:\Users\ming2\Downloads
Windows 10 Home Single Language Version 1803 17134.407 (X64) (2018-09-28 23:39:34)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3589471471-3968619273-1564904599-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3589471471-3968619273-1564904599-503 - Limited - Disabled)
Guest (S-1-5-21-3589471471-3968619273-1564904599-501 - Limited - Disabled)
ming2 (S-1-5-21-3589471471-3968619273-1564904599-1001 - Administrator - Enabled) => C:\Users\ming2
WDAGUtilityAccount (S-1-5-21-3589471471-3968619273-1564904599-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security (Disabled - Out of date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Disabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 381.67 - NVIDIA Corporation) Hidden
ASUS GIFTBOX (HKLM-x32\...\ASUS GIFTBOX) (Version: 7.5.24 - ASUSTek Computer Inc)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.8 - ASUSTeK COMPUTER INC.)
ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.13 - ASUS)
Asus Sonic Suite Plugins (HKLM-x32\...\{d555d60b-d333-4c38-ad0e-0f3049b81c41}) (Version: 2.0.34 - ASUSTeKcomputer.Inc)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.19.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.8 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0050 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
BitLord 2.4 (HKLM-x32\...\BitLord) (Version: 2.4.6-332 - House of Life)
Borland Delphi 7 (HKLM-x32\...\{72263053-50D1-4598-9502-51ED64E54C51}) (Version: 7.0 - Borland Software Corporation)
Canon G3010 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_G3010_series) (Version: 1.00 - Canon Inc.)
Canon G3010 series On-screen Manual (HKLM-x32\...\Canon G3010 series On-screen Manual) (Version: 1.0.0 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.05.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 5.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
CheckDevicesConfigurator (HKLM\...\{25EA28D9-7BD5-46E1-89A1-02147CF0A4A7}) (Version: 2.0.3401 - ASUSTeKcomputer.Inc) Hidden
Crossout Launcher 1.0.3.75 (HKLM-x32\...\CrossOutLauncher_is1) (Version: - )
Crossout Launcher 1.0.3.91 (HKU\S-1-5-21-3589471471-3968619273-1564904599-1001\...\CrossOutLauncher_is1) (Version: - )
CyberLink PhotoDirector 5 (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.)
DCS World (HKLM\...\DCS World_is1) (Version: 2.5 - Eagle Dynamics)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.2.7 - ASUSTek COMPUTER INC.)
DJI driver version 2.02 (HKLM-x32\...\{EDFDE5EE-84C7-4936-804C-6563943E5754}_is1) (Version: 2.02 - DJI)
Dxtory version 2.0.142 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.142 - ExKode Co. Ltd.)
Fallout 3 (HKLM-x32\...\1454315831_is1) (Version: 1.7.0.3 - GOG.com)
GameFirst IV (HKLM-x32\...\{370651DD-8ABF-4807-9533-0869FDF79BFA}) (Version: 1.5.31 - ASUSTeK COMPUTER INC.) Hidden
GameFirst IV (HKLM-x32\...\GameFirst IV 1.5.31) (Version: 1.5.31 - ASUSTeK COMPUTER INC.)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.2.0.1001 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Earth Plug-in (HKLM-x32\...\{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}) (Version: 6.1.0.5001 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Ground Station 4.0.11 (HKLM-x32\...\{47B0D79A-8369-463F-A111-A3C24E208B73}) (Version: 4.0.11 - DJI Product)
Hearts of Iron IV Waking the Tiger (HKLM-x32\...\Hearts of Iron IV Waking the Tiger_is1) (Version: - )
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 8.0.1.303 - Huawei Technologies Co.,Ltd)
Installer (HKLM\...\{E9675998-9B12-4560-8E98-A6CCCDE0BE18}) (Version: 1.0.0 - Default Company Name)
Intel Security Software Manager (HKLM\...\Intel Security Software Manager) (Version: 1.1.107.0 - Intel Security)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1035 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{52DA40D6-6EF4-4B28-B501-FC538ECE638C}) (Version: 19.01.1627.3533 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{5853172b-5520-4089-9ef4-e26c594382b3}) (Version: 19.30.0 - Intel Corporation)
InterBase 6.5 (HKLM-x32\...\InterBase) (Version: - )
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Katawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version: - )
LauncherSetup (HKLM\...\{B9FCF2A8-67FE-444D-A26F-C656A9A08B54}) (Version: 2.0.3401 - ASUSTeKcomputer.Inc) Hidden
Mad Max (HKLM-x32\...\Mad Max_is1) (Version: - )
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.78 - McAfee, LLC.)
Microsoft Office 365 - ar-sa (HKLM\...\O365HomePremRetail - ar-sa) (Version: 16.0.11029.20079 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.11029.20079 - Microsoft Corporation)
Microsoft Office 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.11029.20079 - Microsoft Corporation)
Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.11029.20079 - Microsoft Corporation)
Microsoft Office 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 16.0.11029.20079 - Microsoft Corporation)
Microsoft Office 365 - pt-pt (HKLM\...\O365HomePremRetail - pt-pt) (Version: 16.0.11029.20079 - Microsoft Corporation)
Microsoft Office 365 - tr-tr (HKLM\...\O365HomePremRetail - tr-tr) (Version: 16.0.11029.20079 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.11029.20079 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3589471471-3968619273-1564904599-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26608 (HKLM-x32\...\{14b0e021-2fba-4fa5-ba97-e92df20267fa}) (Version: 14.15.26608.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26608 (HKLM-x32\...\{3442067b-bd8a-4af4-a129-9769e4e29a07}) (Version: 14.15.26608.1 - Microsoft Corporation)
Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version: - )
Movavi Video Converter 19 Premium (HKU\S-1-5-21-3589471471-3968619273-1564904599-1001\...\Movavi Video Converter 19 Premium) (Version: 19.2.0 - Movavi)
Mozilla Firefox 56.0 (x64 en-US) (HKLM\...\Mozilla Firefox 56.0 (x64 en-US)) (Version: 56.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla)
NahimicSettingsConfigurator (HKLM\...\{B0C3F386-FAD9-48F8-AA7D-43BA6ABA891C}) (Version: 2.0.3401 - ASUSTeKcomputer.Inc) Hidden
NEKOPARA Vol 0 (HKLM-x32\...\NEKOPARA Vol 0_is1) (Version: - )
Norton Security (HKLM-x32\...\NGC) (Version: 22.17.3.50 - Symantec Corporation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.4 - Notepad++ Team)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0401-1000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-041F-1000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0816-1000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 5.2.22 (HKLM\...\{85307853-1C18-4D00-AA0B-B561502BD7C0}) (Version: 5.2.22 - Oracle Corporation)
ProductDaemonSetup (HKLM\...\{81C30475-7662-4753-9B8B-C1730C74730B}) (Version: 2.0.3401 - ASUSTeKcomputer.Inc) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7960 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.0.2 (HKLM-x32\...\RTSS) (Version: 7.0.2 - Unwinder)
ROG Gaming Center (HKLM-x32\...\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}) (Version: 2.0.3 - ASUS)
ROG MacroKey (HKLM-x32\...\{1101D2B9-7E8C-4361-88D5-AB0A2EB705EC}) (Version: 1.0.6 - ASUS)
Rust (2112/6.09.2018) (HKLM\...\Rust (2112/6.09.2018)) (Version: - )
SonicRadarSetup (HKLM\...\{65AFFD10-3043-4065-B9A2-9DD4C35AAD87}) (Version: 1.0.0.0 - ASUSTeKcomputer.Inc) Hidden
SonicStudioSetup (HKLM\...\{0111777E-C60C-493D-BE55-CF8B02764327}) (Version: 2.0.3401 - ASUSTeKcomputer.Inc) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Subnautica.REPACK-KaOs Uninstaller v3.0 (HKLM-x32\...\Subnautica.REPACK-KaOs_is1) (Version: 3.0 - KaOsKrew)
The Elder Scrolls V Skyrim Legendary Edition version 1.9.32.8 (HKLM-x32\...\The Elder Scrolls V Skyrim Legendary Edition_is1) (Version: 1.9.32.8 - Mr DJ)
Thunderbolt Software (HKLM-x32\...\{FBD934F4-FC23-4044-8392-3551DC8D972F}) (Version: 16.1.47.275 - Intel Corporation)
Unigine Superposition Benchmark 1.0 (HKLM\...\Superposition_is1) (Version: 1.0 - Unigine Corp.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
uTorrent Web (HKU\S-1-5-21-3589471471-3968619273-1564904599-1001\...\utweb) (Version: 0.12.0 - BitTorrent, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
War Thunder Launcher 1.0.3.168 (HKU\S-1-5-21-3589471471-3968619273-1564904599-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
West of Loathing (HKLM-x32\...\1154606028_is1) (Version: 1.0.3d - GOG.com)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
Windows Driver Package - ASUS (AsusPTPDrv) HIDClass (08/15/2016 11.0.0.13) (HKLM\...\A2DEE012DC7578575962E3ACBE995AE145C87914) (Version: 08/15/2016 11.0.0.13 - ASUS)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.2 - ASUSTeK COMPUTER INC.)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
XSplit Gamecaster (HKLM-x32\...\{9E8A3821-032E-4230-9C12-C14D3FC8685E}) (Version: 2.8.1605.2342 - SplitmediaLabs)
Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_5.0.2.0_x86__kgqvnymyfvs32 [2018-12-10] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.127.300.0_x86__kgqvnymyfvs32 [2018-12-03] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.7.0.1_neutral__6e5tt8cgb93ep [2018-03-18] (Canon Inc.)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20116.0_x64__8wekyb3d8bbwe [2018-12-11] (Microsoft Corporation) [MS Ad]
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_3.7.0.7_x86__h6adky7gbf63m [2018-12-08] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2018-09-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x86__8wekyb3d8bbwe [2018-09-26] (Microsoft Corporation) [MS Ad]
Microsoft People -> C:\Program Files\WindowsApps\Microsoft.People_10.1808.2473.0_x64__8wekyb3d8bbwe [2018-10-04] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.2.11280.0_x86__8wekyb3d8bbwe [2018-12-11] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.8.24.0_x64__8wekyb3d8bbwe [2018-12-11] (Microsoft Studios)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.26.12153.0_x64__8wekyb3d8bbwe [2018-09-03] (Microsoft Corporation) [MS Ad]
MyASUS-Service Center -> C:\Program Files\WindowsApps\B9ECED6F.MyASUS_3.3.11.0_x86__qmba6cd70vzyy [2018-05-04] (ASUSTeK COMPUTER INC.)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.89.355.0_x64__mcm4njqhnhss8 [2018-12-11] (Netflix, Inc.)
PDF Reader - View, Edit, Share -> C:\Program Files\WindowsApps\0D9A1B2D.PDFReaderUWP_1.8.1128.0_x64__jhretta7p24aw [2018-12-07] (Kdan Mobile Software Ltd.) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2018-02-07] (Samsung Electronics Co. Ltd.)
WPS Office -> C:\Program Files\WindowsApps\ZhuhaiKingsoftOfficeSoftw.WPSOffice_10.2.5831.0_x86__924xes6e8q1tw [2018-02-04] (ms-resource:Resources/PublisherDisplayName)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-01-01] (Notepad++ -> )
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-06-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-10-13 07:17 - 2016-10-13 07:17 - 000125440 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-10-13 07:17 - 2016-10-13 07:17 - 000033280 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2016-10-13 07:17 - 2016-10-13 07:17 - 000029184 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll
2016-11-11 00:18 - 2016-11-11 00:18 - 000086528 _____ () [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\sradarlauncher.dll
2016-11-11 00:18 - 2016-11-11 00:18 - 002573312 _____ () [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2svc32.exe
2016-11-11 00:21 - 2016-11-11 00:21 - 000259072 _____ () [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2svc64.exe
2018-02-21 03:12 - 2018-02-21 03:12 - 001221120 _____ () [File not signed] C:\Users\ming2\AppData\Roaming\uTorrent Web\avcodec-57.dll
2018-02-21 03:12 - 2018-02-21 03:12 - 000796160 _____ () [File not signed] C:\Users\ming2\AppData\Roaming\uTorrent Web\avformat-57.dll
2018-02-21 03:12 - 2018-02-21 03:12 - 000446976 _____ () [File not signed] C:\Users\ming2\AppData\Roaming\uTorrent Web\avutil-55.dll
2018-02-21 03:12 - 2018-02-21 03:12 - 000146944 _____ () [File not signed] C:\Users\ming2\AppData\Roaming\uTorrent Web\swresample-2.dll
2016-10-13 07:17 - 2016-10-13 07:17 - 001676288 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ApplyLUT.dll
2016-10-13 07:17 - 2016-10-13 07:17 - 000178176 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\GenLUT.dll
2016-10-13 07:17 - 2016-10-13 07:17 - 000055808 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
2016-10-13 07:17 - 2016-10-13 07:17 - 000165888 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll
2018-08-08 10:09 - 2001-11-29 01:50 - 000032768 _____ (Borland Software Corporation) [File not signed] C:\Program Files (x86)\Borland\InterBase\bin\ibguard.exe
2018-08-08 10:09 - 2001-11-29 01:50 - 001769472 _____ (Borland Software Corporation) [File not signed] C:\Program Files (x86)\Borland\InterBase\bin\ibserver.exe
2018-03-18 14:39 - 2017-07-05 13:43 - 000561152 _____ (CANON INC. ) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll
2018-03-16 15:59 - 2017-05-02 09:06 - 000123904 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJPLM\CNMPU.DLL
2018-03-18 14:39 - 2017-07-05 13:49 - 000593920 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2018-08-23 14:42 - 2018-08-23 14:42 - 000190784 _____ (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2017-09-08 21:04 - 2017-09-08 21:04 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppvIsvSubsystems64.dll
2017-09-08 21:04 - 2017-09-08 21:04 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2018-02-21 03:12 - 2018-02-21 03:12 - 001272320 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\ming2\AppData\Roaming\uTorrent Web\LIBEAY32.dll
2018-02-21 03:12 - 2018-02-21 03:12 - 000278528 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\ming2\AppData\Roaming\uTorrent Web\SSLEAY32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3589471471-3968619273-1564904599-1001\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 23:03 - 2018-12-04 21:29 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts
2018-07-20 11:45 - 2018-07-31 10:53 - 000000511 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 DESKTOP-KA7J4FM.mshome.net # 2023 7 0 30 8 53 30 210
192.168.137.12 RODINAMATZOVET.mshome.net # 2018 8 2 7 8 53 30 210
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Borland\Delphi7\Bin;C:\Program Files (x86)\Borland\Delphi7\Projects\Bpl\;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3589471471-3968619273-1564904599-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ming2\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{c2194b8b-c9a4-4198-96a8-aecc1fe58b7f}.jpg
DNS Servers: 10.0.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{907EF30B-CABE-43AB-AC8C-7AAC3D134F6C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E3F9906C-9EBE-4743-8D01-68FBDD9DD3A2}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F42EEB18-9BD7-4BAA-918C-F993BB11BFEC}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{BF58E9F6-E1C1-4D8A-A737-3868125B7AFB}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8628B7E7-8E5B-4951-9545-237A29047445}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{811288A7-5DA0-4FC4-8D73-F1403E9EF85E}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{9B678B49-2CC9-46D3-BA60-3A3418436E13}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{81FCEFA8-6AFD-4C09-80EC-6FB23D23D820}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{89817988-906D-42FA-87D5-381FD58C40EB}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{BA80EE48-EF47-42EE-ADC5-CDC5C9A86290}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{22940046-8BF5-4585-9B6A-2F7211F0825F}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4FF5558E-D42F-4A9A-BBD7-74E1D4613B05}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{3ECC70D7-F93E-45F7-A563-D79F1549B754}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{157C066B-E9B7-42E3-8BB0-F9B2BEEE9EBC}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{AFAC1047-0B7D-4592-BAA7-C0F0D8EE73E3}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{81321D18-A8E8-4AF3-86E8-BEA7853069DC}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{5842D391-118E-4B58-90D3-8FE070DDC32D}C:\program files (x86)\dji product\ground station 4.0.11\release\groundstationver4.exe] => (Allow) C:\program files (x86)\dji product\ground station 4.0.11\release\groundstationver4.exe (大疆创新科技有限公司 -> ) [File not signed]
FirewallRules: [TCP Query User{3BDB112F-4AB1-4466-85B1-8FDD76BC8429}C:\program files (x86)\dji product\ground station 4.0.11\release\groundstationver4.exe] => (Allow) C:\program files (x86)\dji product\ground station 4.0.11\release\groundstationver4.exe (大疆创新科技有限公司 -> ) [File not signed]
FirewallRules: [{6A017BEA-7094-4499-80F5-9F7F2A374169}] => (Allow) C:\Users\ming2\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{63FCC68F-B35D-47F3-AD3D-9F6BD6AE49CB}] => (Allow) C:\Users\ming2\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{AE6A5BFC-4EAD-4B61-991D-7E9CFC00AA12}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4E9B4BCF-5614-42F4-A7EA-2F1C8F7AFDBF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D9671DFE-A088-468E-9F37-CB3D484D8FC9}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{3594CFEA-995F-4043-AA1A-3A2B23FE97FE}] => (Allow) C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGCAndroidService.exe (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{0602CF54-0B86-4F98-AB92-DA64F1084053}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CE792659-28F8-44E2-9AD2-B86B3D87688A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{733417E5-B3DB-49A2-9A0B-5F87204EEBC7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{13781CFC-026E-4D7C-A3D2-23D993C33E63}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9D109623-346C-4146-94A1-5F287030DE68}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{91BEDDD1-C006-4FB3-B319-737A94FA92AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B3109EDD-2114-442F-98E4-13FACD8492D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2F20194D-1AA0-4485-ACDD-793D4A5F22C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8794EC28-7CA5-430C-980F-B87037C90D05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DA55D71D-126B-4624-B04F-3732509DBF74}] => (Allow) C:\Users\ming2\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2C1D2DFF-3E76-4CA0-9CB6-93B234EB1101}] => (Allow) C:\Users\ming2\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{A83B9630-24A2-4C35-8DA6-5DDA3F5E782E}] => (Allow) C:\Users\ming2\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7E047D02-3D88-43B3-A5BA-4CDE9AC484DD}] => (Allow) C:\Users\ming2\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{78A357D3-A5DB-404C-A4B0-CC6221889115}] => (Allow) C:\Users\ming2\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{0267A1E3-59BA-418D-909E-13F1CD66E8D3}] => (Allow) C:\Users\ming2\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{3994890C-93B1-4394-BBC1-E8CA6808EE03}] => (Allow) C:\Program Files\SE7EN\No Mans Sky\7launcher\tools\aria2\aria2c.exe (Rainsky Evgeny Valeryevich -> )
FirewallRules: [{E3B90B4E-C651-44E6-8169-113A084597C0}] => (Allow) C:\Program Files\SE7EN\No Mans Sky\7launcher\tools\aria2\aria2c.exe (Rainsky Evgeny Valeryevich -> )
FirewallRules: [{BA195E0A-5A5F-4232-A9DC-132578D4A113}] => (Allow) C:\Program Files\SE7EN\No Mans Sky\Run_NMS.exe (Rainsky Evgeny Valeryevich -> SE7EN Solutions)
FirewallRules: [{B2C32366-0869-4759-9272-D564DE2BE6C6}] => (Allow) C:\Program Files\SE7EN\No Mans Sky\Run_NMS.exe (Rainsky Evgeny Valeryevich -> SE7EN Solutions)
FirewallRules: [TCP Query User{0F5C6AA9-134E-4639-84EC-4511EF59E000}D:\crossout\launcher.exe] => (Allow) D:\crossout\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{796D80B6-0C97-42B1-B334-AE628F6B1B94}D:\crossout\launcher.exe] => (Allow) D:\crossout\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{1EBAEB4C-1B8C-4C20-B4AA-17F0DA4ABD2A}] => (Allow) D:\STM\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{24F6320D-41AF-4AF5-8933-161BF12A2569}] => (Allow) D:\STM\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{1AC9B28A-C6C9-4B20-ACBF-96179228D558}D:\bin\dcs.exe] => (Block) D:\bin\dcs.exe (The Fighter Collection -> Eagle Dynamics)
FirewallRules: [UDP Query User{CE3B7A36-1C8A-4C5B-9EA5-1A34DD1A25A8}D:\bin\dcs.exe] => (Block) D:\bin\dcs.exe (The Fighter Collection -> Eagle Dynamics)
FirewallRules: [{6CA942BE-FEB9-4AD0-9087-9EC0B22DDD69}] => (Allow) D:\STM\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{151FB6C2-CD14-4130-AB4F-DC8173046BAF}] => (Allow) D:\STM\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{52C89D19-E393-4729-B4B1-1356E740B30C}] => (Allow) D:\STM\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{69A2216F-BC9A-4F6B-878B-AD8F906B6430}] => (Allow) D:\STM\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{A2450993-B0F4-4B17-9F36-79687BF564E5}D:\stm\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\stm\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{B4ABA80C-DAA9-445C-A726-EC96A24F8755}D:\stm\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\stm\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{A8A464D2-41EC-4A18-96CD-C7A8F1CF5312}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/15/2019 11:26:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WinStore.App.exe, version: 11810.1001.12.0, time stamp: 0x5bdcde4a
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.17134.376, time stamp: 0x35659a8d
Exception code: 0xc000027b
Fault offset: 0x00000000006a56b2
Faulting process id: 0x3118
Faulting application start time: 0x01d53b53d90e0057
Faulting application path: C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: b3f07e05-cce5-4a27-8a0f-3784f77032d7
Faulting package full name: Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App
Error: (07/15/2019 11:23:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, A device attached to the system is not functioning.
.
Operation:
Executing Asynchronous Operation
Context:
Current State: DoSnapshotSet
Error: (07/15/2019 11:23:06 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {b1e3ac5a-3eb0-4a95-a149-b881c3812c23}
Error: (07/14/2019 07:30:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: utorrentie.exe, version: 1.0.0.45283, time stamp: 0x5d0a9962
Faulting module name: SS2OSD.dll, version: 0.0.0.0, time stamp: 0x5824818b
Exception code: 0xc000041d
Fault offset: 0x00005c69
Faulting process id: 0x2d00
Faulting application start time: 0x01d53a69ce0abbcd
Faulting application path: C:\Users\ming2\AppData\Roaming\uTorrent\updates\3.5.5_45283\utorrentie.exe
Faulting module path: C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2OSD.dll
Report Id: 7e058687-08b5-4560-a805-acdbd23b85b1
Faulting package full name:
Faulting package-relative application ID:
Error: (07/14/2019 07:25:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: utorrentie.exe, version: 1.0.0.45283, time stamp: 0x5d0a9962
Faulting module name: SS2OSD.dll, version: 0.0.0.0, time stamp: 0x5824818b
Exception code: 0xc000041d
Fault offset: 0x00005c69
Faulting process id: 0x38ec
Faulting application start time: 0x01d53a69242ac5e7
Faulting application path: C:\Users\ming2\AppData\Roaming\uTorrent\updates\3.5.5_45283\utorrentie.exe
Faulting module path: C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2OSD.dll
Report Id: 4c545274-5653-4fec-b7ca-7825624501e6
Faulting package full name:
Faulting package-relative application ID:
Error: (07/14/2019 07:25:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: utorrentie.exe, version: 1.0.0.45283, time stamp: 0x5d0a9962
Faulting module name: SS2OSD.dll, version: 0.0.0.0, time stamp: 0x5824818b
Exception code: 0xc000041d
Fault offset: 0x00005c69
Faulting process id: 0x3548
Faulting application start time: 0x01d53a691e2d1248
Faulting application path: C:\Users\ming2\AppData\Roaming\uTorrent\updates\3.5.5_45283\utorrentie.exe
Faulting module path: C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2OSD.dll
Report Id: dec1d6da-d74d-4b8c-b6fc-545eba6510dc
Faulting package full name:
Faulting package-relative application ID:
Error: (07/14/2019 06:42:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: utorrentie.exe, version: 1.0.0.45283, time stamp: 0x5d0a9962
Faulting module name: SS2OSD.dll, version: 0.0.0.0, time stamp: 0x5824818b
Exception code: 0xc000041d
Fault offset: 0x00005c69
Faulting process id: 0x45c4
Faulting application start time: 0x01d53a631664fff3
Faulting application path: C:\Users\ming2\AppData\Roaming\uTorrent\updates\3.5.5_45283\utorrentie.exe
Faulting module path: C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2OSD.dll
Report Id: 05e33a05-2900-4438-ae18-4f1f7553552e
Faulting package full name:
Faulting package-relative application ID:
Error: (07/14/2019 05:42:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: utorrentie.exe, version: 1.0.0.45283, time stamp: 0x5d0a9962
Faulting module name: SS2OSD.dll, version: 0.0.0.0, time stamp: 0x5824818b
Exception code: 0xc000041d
Fault offset: 0x00005c69
Faulting process id: 0x444c
Faulting application start time: 0x01d53a5abbf944bb
Faulting application path: C:\Users\ming2\AppData\Roaming\uTorrent\updates\3.5.5_45283\utorrentie.exe
Faulting module path: C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2OSD.dll
Report Id: 1ec658d8-acdf-4c85-a060-7c58ede385a3
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (07/17/2019 08:46:46 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KA7J4FM)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user DESKTOP-KA7J4FM\ming2 SID (S-1-5-21-3589471471-3968619273-1564904599-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
Error: (07/17/2019 03:23:23 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/16/2019 06:26:59 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KA7J4FM)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-KA7J4FM\ming2 SID (S-1-5-21-3589471471-3968619273-1564904599-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/16/2019 05:47:56 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/16/2019 05:43:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (07/16/2019 05:43:07 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\ming2\AppData\Local\Temp\ehdrv.sys
Error: (07/16/2019 05:43:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (07/16/2019 05:43:06 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\ming2\AppData\Local\Temp\ehdrv.sys
Windows Defender:
===================================
Date: 2018-12-02 22:15:53.982
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {EC1693E1-E492-4C2F-8F10-4EE8DFBD560C}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-12-02 18:34:03.521
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {83D8F154-7359-4BCF-AFA4-18632285C05B}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-10-24 06:04:55.019
Description:
Windows Defender Antivirus has detected a suspicious behavior.
Name: Informational:Behavior/ModifiedKernel
ID: 2291308795
Severity: Low
Category: Suspicious Behavior
Path Found: process:_0
Detection Origin: Unknown
Detection Type: Suspicious
Detection Source: Real-Time Protection
Status: Executing
Process Name: Unknown
Signature ID: 717259538435
Signature Version: AV: 1.279.236.0, AS: 1.279.236.0
Engine Version: 1.1.15400.4
Fidelity Label: Medium
Target File Name: c:\windows\\system32\ntoskrnl.exe
Date: 2018-10-22 02:08:53.331
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {F761CF7A-D0C9-40DA-B4DF-472BB9457427}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-10-22 02:07:59.981
Description:
Windows Defender Antivirus has detected a suspicious behavior.
Name: Informational:Behavior/ModifiedKernel
ID: 2302377808
Severity: Low
Category: Suspicious Behavior
Path Found: process:_0
Detection Origin: Unknown
Detection Type: Suspicious
Detection Source: Real-Time Protection
Status: Executing
Process Name: Unknown
Signature ID: 717259538435
Signature Version: AV: 1.279.236.0, AS: 1.279.236.0
Engine Version: 1.1.15400.4
Fidelity Label: Medium
Target File Name: c:\windows\\system32\ntoskrnl.exe
Date: 2018-12-15 12:14:01.079
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2018-12-15 10:54:23.985
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.369.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2018-12-15 10:54:23.985
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.369.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2018-12-15 10:54:23.985
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.369.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2018-12-15 10:54:23.976
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.369.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
CodeIntegrity:
===================================
Date: 2019-07-16 17:48:30.000
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2OSD.dll that did not meet the Store signing level requirements.
Date: 2019-07-16 17:48:29.997
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2DevProps.dll that did not meet the Store signing level requirements.
Date: 2019-07-16 17:48:29.995
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2OSD.dll that did not meet the Store signing level requirements.
Date: 2019-07-16 17:48:29.991
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2DevProps.dll that did not meet the Store signing level requirements.
Date: 2019-07-16 17:48:29.724
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2019-07-16 17:48:29.696
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2019-07-16 17:48:29.592
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2OSD.dll that did not meet the Store signing level requirements.
Date: 2019-07-16 17:48:29.589
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2DevProps.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. G752VSK.304 11/17/2017
Motherboard: ASUSTeK COMPUTER INC. G752VSK
Processor: Intel® Core i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 40%
Total physical RAM: 16340.46 MB
Available physical RAM: 9682.49 MB
Total Virtual: 18772.46 MB
Available Virtual: 10834.57 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:237.42 GB) (Free:163.66 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:781.91 GB) NTFS
Drive e: (WIRELESS NVR KIT) (CDROM) (Total:0.07 GB) (Free:0 GB) CDFS
\\?\Volume{1995c5dd-fa55-43fc-9791-8fbb23fe8f37}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.34 GB) NTFS
\\?\Volume{af1237ce-f1b1-42cb-adb7-d573dca5bfbd}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9077E21C)
Partition: GPT.
========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 247699B9)
Partition: GPT.
==================== End of Addition.txt ============================
Thanks again.