Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

svhost.exe (NetworkService -p) is consuming too much of data


  • This topic is locked This topic is locked

#1
shubhamimortal

shubhamimortal

    Member

  • Member
  • PipPip
  • 70 posts

i think my computer is having issue it is consuming too much of data 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-08-2019
Ran by Asus (administrator) on DESKTOP-BPIER31 (ASUSTeK COMPUTER INC. X541NA) (28-08-2019 12:13:39)
Running from C:\Users\Asus\Desktop
Loaded Profiles: Asus (Available Profiles: Asus)
Platform: Windows 10 Pro Version 1803 17134.950 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\jhi_service.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_457b8915f31c148e\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_457b8915f31c148e\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_457b8915f31c148e\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_457b8915f31c148e\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(philandro Software GmbH -> ) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Tally Solutions Private Limited -> ) D:\Tally.ERP9\tally.exe
(Tally Solutions Private Limited -> Tally Solutions Pvt. Ltd.) D:\Tally.ERP9\tallygatewayserver.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [FTAutoUpdater] => F:\FTUPDATESVC\FTUpdateService.exe [4261376 2016-10-12] (Financial Technologies) [File not signed]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [99048 2019-07-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-07] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2018-03-05]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {2008647D-3E96-43B2-9B49-64165EB2F583} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {33D2161B-C5E2-4433-AC6C-9DE2B9A20453} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {38741D50-C6C2-4A0C-A270-241A4792C27E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {75DB6077-0071-40C9-AE06-7A162EFA63ED} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1473032 2017-09-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {9E81372A-5F3B-4725-8D11-B0E69EA54303} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {A42F3FEE-8996-4EB0-82D6-A5833DF82FAA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {ACF7C0BF-4CA3-4C46-8AB9-021EE8B0E240} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-11] (Google Inc -> Google Inc.)
Task: {D28309FF-DBAA-432D-BB9B-BE8B3B57D295} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-11] (Google Inc -> Google Inc.)
Task: {D6853FBF-E9F1-4012-B136-B4023E405043} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16717832 2017-09-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E4DB2B5D-5FD2-451C-A92A-5AE34725AC93} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FA4D018D-4836-4951-913B-88213975B588} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {FCC02682-7B2B-44F8-B70A-15119CD08321} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{06ec91aa-36c9-4d7f-8428-207dce8dd257}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{1ab83dda-3855-45a1-b981-9f1208deed4d}: [DhcpNameServer] 192.168.225.1 192.168.225.1
Tcpip\..\Interfaces\{23f32b0b-6009-45ae-8df6-d63f5bd5137e}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{41f64e8f-b1ca-4e7e-bcf6-cc9ee4f3f9cc}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{747daed6-d0b3-4d89-ab1b-104ff572d639}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{7604c8fe-11e3-4ea4-ab45-5895ce32b55c}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{8b64d324-1c5e-4250-a7f1-c79bde71bea2}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{9c192e17-9c94-43b9-b136-791e5225b2c5}: [DhcpNameServer] 192.168.42.129
 
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3657311311-3207568325-3766398190-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-02-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-09-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2017-12-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2017-12-22] (Oracle America, Inc. -> Oracle Corporation)
 
FireFox:
========
FF DefaultProfile: qc5t3h7g.default
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\qc5t3h7g.default [2019-08-14]
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2017-12-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2017-12-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default [2019-08-28]
CHR Extension: (Slides) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-11]
CHR Extension: (Docs) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-11]
CHR Extension: (Google Drive) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18]
CHR Extension: (YouTube) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-11]
CHR Extension: (Sheets) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-11]
CHR Extension: (Google Docs Offline) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-08]
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-07-31]
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-31]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [1810120 2018-03-05] (philandro Software GmbH -> )
R2 AtherosSvc; C:\WINDOWS\system32\DRIVERS\AdminService.exe [415992 2019-01-30] (Qualcomm Atheros -> Windows ® Win 7 DDK provider)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [453408 2019-07-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2215168 2016-11-01] (Intel Corporation -> Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\WINDOWS\System32\Intel\iCLS Client\lib\SocketHeciServer.exe [767184 2018-06-11] (Intel® Trust Services -> Intel® Corporation)
S2 Intel® TPM Provisioning Service; C:\WINDOWS\System32\Intel\iCLS Client\lib\TPMProvisioningService.exe [727224 2018-06-11] (Intel® Trust Services -> Intel® Corporation)
R2 jhi_service; C:\WINDOWS\System32\jhi_service.exe [576560 2018-06-05] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074128 2019-08-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [33224 2016-04-16] (LENOVO -> SHAREit Technologies Co.Ltd)
R2 Tally Gateway Server 10.0; D:\Tally.ERP9\tallygatewayserver.exe [2500792 2018-08-11] (Tally Solutions Private Limited -> Tally Solutions Pvt. Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-08-13] (TeamViewer GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-07-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-07-29] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [71232 2016-11-01] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [66616 2016-11-01] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [350272 2016-11-01] (Intel Corporation -> Intel Corporation)
R1 MpKsle2431d7f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1132AB01-8875-460C-B3A0-01B7A72C1BE9}\MpKsle2431d7f.sys [58120 2019-08-27] (Microsoft Corporation -> Microsoft Corporation)
S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2019-04-30] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [428032 2017-09-21] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-07-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344288 2019-07-29] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2017-09-27] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-07-29] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-08-28 12:13 - 2019-08-28 12:16 - 000020424 _____ C:\Users\Asus\Desktop\FRST.txt
2019-08-28 12:10 - 2019-08-28 12:13 - 000000000 ____D C:\FRST
2019-08-28 12:09 - 2019-08-28 12:09 - 001613312 _____ (Farbar) C:\Users\Asus\Desktop\FRST64.exe
2019-08-27 16:06 - 2019-08-27 16:06 - 000020918 _____ C:\Users\Asus\Downloads\PCL.pdf
2019-08-27 16:06 - 2019-08-27 16:06 - 000012027 _____ C:\Users\Asus\Downloads\TCPL.pdf
2019-08-27 16:01 - 2019-08-27 16:01 - 000106780 _____ C:\Users\Asus\Desktop\OpTransactionHistoryUX3_PDF27-08-2019 (1).pdf
2019-08-27 16:01 - 2019-08-27 16:01 - 000106778 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF27-08-2019.pdf
2019-08-26 14:04 - 2019-08-26 14:04 - 000000000 ___HD C:\$WINDOWS.~BT
2019-08-20 19:57 - 2019-08-20 19:57 - 000044502 _____ C:\Users\Asus\Desktop\629.pdf
2019-08-20 19:57 - 2019-08-20 19:57 - 000044480 _____ C:\Users\Asus\Desktop\631.pdf
2019-08-20 19:57 - 2019-08-20 19:57 - 000044480 _____ C:\Users\Asus\Desktop\628.pdf
2019-08-20 19:57 - 2019-08-20 19:57 - 000044475 _____ C:\Users\Asus\Desktop\630.pdf
2019-08-19 15:41 - 2019-08-19 15:41 - 000046124 _____ C:\Users\Asus\Desktop\party name detail PDF.pdf
2019-08-17 16:49 - 2019-08-07 18:48 - 001786680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-08-17 16:49 - 2019-08-07 18:48 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-08-17 16:49 - 2019-08-07 18:44 - 000303928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-08-17 16:49 - 2019-08-07 18:43 - 021389776 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-08-17 16:49 - 2019-08-07 18:43 - 001632112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-08-17 16:49 - 2019-08-07 18:43 - 001515904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-08-17 16:49 - 2019-08-07 18:43 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-08-17 16:49 - 2019-08-07 18:28 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-08-17 16:49 - 2019-08-07 18:25 - 008626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-08-17 16:49 - 2019-08-07 18:24 - 004783104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-08-17 16:49 - 2019-08-07 18:23 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-08-17 16:49 - 2019-08-07 18:22 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-08-17 16:49 - 2019-08-07 18:13 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-08-17 16:49 - 2019-08-07 18:11 - 001322688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-08-17 16:49 - 2019-08-07 18:11 - 000662112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-08-17 16:49 - 2019-08-07 18:10 - 020384344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-08-17 16:49 - 2019-08-07 17:57 - 007990272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-08-17 16:49 - 2019-08-07 17:55 - 004175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-08-17 16:49 - 2019-08-07 17:54 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-08-17 16:49 - 2019-08-07 17:54 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-08-17 16:49 - 2019-08-07 15:10 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-08-17 16:49 - 2019-08-07 13:39 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-08-17 16:49 - 2019-08-07 13:39 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-08-17 16:49 - 2019-08-07 13:39 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-08-17 16:49 - 2019-08-07 13:39 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-08-17 16:49 - 2019-08-07 13:39 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-08-17 16:49 - 2019-08-07 13:39 - 000194352 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-08-17 16:49 - 2019-08-07 13:39 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-08-17 16:49 - 2019-08-07 13:39 - 000095008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-08-17 16:49 - 2019-08-07 13:38 - 007435720 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-08-17 16:49 - 2019-08-07 13:38 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-08-17 16:49 - 2019-08-07 13:38 - 002470648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-08-17 16:49 - 2019-08-07 13:38 - 001566736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-08-17 16:49 - 2019-08-07 13:38 - 001141712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-08-17 16:49 - 2019-08-07 13:38 - 000723216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-08-17 16:49 - 2019-08-07 13:38 - 000710232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-08-17 16:49 - 2019-08-07 13:38 - 000494992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-08-17 16:49 - 2019-08-07 13:38 - 000227744 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll
2019-08-17 16:49 - 2019-08-07 13:38 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-08-17 16:49 - 2019-08-07 13:38 - 000130840 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-08-17 16:49 - 2019-08-07 13:37 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-08-17 16:49 - 2019-08-07 13:37 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-08-17 16:49 - 2019-08-07 13:37 - 002719240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-08-17 16:49 - 2019-08-07 13:37 - 001459328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-08-17 16:49 - 2019-08-07 13:37 - 001260992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-08-17 16:49 - 2019-08-07 13:37 - 001031696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-08-17 16:49 - 2019-08-07 13:37 - 000984152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-08-17 16:49 - 2019-08-07 13:37 - 000786288 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-08-17 16:49 - 2019-08-07 13:27 - 000081256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-08-17 16:49 - 2019-08-07 13:26 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-08-17 16:49 - 2019-08-07 13:26 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-08-17 16:49 - 2019-08-07 13:26 - 001993344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-08-17 16:49 - 2019-08-07 13:26 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-08-17 16:49 - 2019-08-07 13:26 - 000357336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-08-17 16:49 - 2019-08-07 13:26 - 000192608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xmllite.dll
2019-08-17 16:49 - 2019-08-07 13:26 - 000101400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-08-17 16:49 - 2019-08-07 13:25 - 000603792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-08-17 16:49 - 2019-08-07 13:19 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-08-17 16:49 - 2019-08-07 13:17 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-08-17 16:49 - 2019-08-07 13:14 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-08-17 16:49 - 2019-08-07 13:12 - 022717952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-08-17 16:49 - 2019-08-07 13:09 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-08-17 16:49 - 2019-08-07 13:08 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-08-17 16:49 - 2019-08-07 13:08 - 004385792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-08-17 16:49 - 2019-08-07 13:08 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-08-17 16:49 - 2019-08-07 13:08 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-08-17 16:49 - 2019-08-07 13:07 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-08-17 16:49 - 2019-08-07 13:07 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2019-08-17 16:49 - 2019-08-07 13:06 - 007572480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-08-17 16:49 - 2019-08-07 13:06 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-08-17 16:49 - 2019-08-07 13:06 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-08-17 16:49 - 2019-08-07 13:06 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-08-17 16:49 - 2019-08-07 13:05 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-08-17 16:49 - 2019-08-07 13:05 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-08-17 16:49 - 2019-08-07 13:05 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2019-08-17 16:49 - 2019-08-07 13:05 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-08-17 16:49 - 2019-08-07 13:04 - 005769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-08-17 16:49 - 2019-08-07 13:04 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-08-17 16:49 - 2019-08-07 13:04 - 001680384 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-08-17 16:49 - 2019-08-07 13:04 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-08-17 16:49 - 2019-08-07 13:04 - 000521216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2019-08-17 16:49 - 2019-08-07 13:04 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-08-17 16:49 - 2019-08-07 13:03 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-08-17 16:49 - 2019-08-07 13:02 - 004938240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-08-17 16:49 - 2019-08-07 13:02 - 004516864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-08-17 16:49 - 2019-08-07 13:02 - 002165760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-08-17 16:49 - 2019-08-07 13:02 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-08-17 16:49 - 2019-08-07 13:02 - 001154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-08-17 16:49 - 2019-08-07 13:02 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-08-17 16:49 - 2019-08-07 13:02 - 000318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-08-17 16:49 - 2019-08-07 13:02 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-08-17 16:49 - 2019-08-07 13:01 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-08-17 16:49 - 2019-08-07 13:01 - 001110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-08-17 16:49 - 2019-08-07 13:01 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-08-17 16:49 - 2019-08-07 13:01 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-08-17 16:49 - 2019-08-07 13:01 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-08-17 16:49 - 2019-08-07 13:01 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-08-17 16:49 - 2019-08-07 13:01 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-08-17 16:49 - 2019-08-07 13:01 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-08-17 16:49 - 2019-08-07 13:01 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-08-17 16:49 - 2019-08-07 13:01 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-08-17 16:49 - 2019-07-11 12:18 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-08-17 16:49 - 2019-07-11 07:00 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-08-17 16:49 - 2019-07-11 07:00 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-08-17 16:49 - 2019-07-09 13:37 - 001627664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-08-17 16:49 - 2019-07-09 13:37 - 001038352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-08-17 16:49 - 2019-07-09 13:37 - 000954384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2019-08-17 16:49 - 2019-07-09 13:37 - 000830480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-08-17 16:49 - 2019-07-09 13:37 - 000827920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-08-17 16:49 - 2019-07-09 13:37 - 000825360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-08-17 16:49 - 2019-07-09 13:37 - 000750096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-08-17 16:49 - 2019-07-09 13:37 - 000670224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-08-17 16:49 - 2019-07-09 13:37 - 000652304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-08-17 16:49 - 2019-07-09 13:37 - 000506088 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-08-17 16:49 - 2019-07-09 13:37 - 000495632 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-08-17 16:49 - 2019-07-09 13:37 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-08-17 16:49 - 2019-07-09 13:34 - 000348664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-08-17 16:49 - 2019-07-09 13:31 - 004527792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-08-17 16:49 - 2019-07-09 13:30 - 001616824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-08-17 16:49 - 2019-07-09 13:14 - 012757504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-08-17 16:49 - 2019-07-09 13:13 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-08-17 16:49 - 2019-07-09 13:13 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-08-17 16:49 - 2019-07-09 13:11 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-08-17 16:49 - 2019-07-09 13:10 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-08-17 16:49 - 2019-07-09 13:09 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-08-17 16:49 - 2019-07-09 13:08 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-08-17 16:49 - 2019-07-09 13:07 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-08-17 16:49 - 2019-07-09 12:29 - 000022840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hvsicontainerservice.dll
2019-08-17 16:49 - 2019-07-09 12:12 - 011943424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-08-17 16:49 - 2019-07-09 12:08 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-08-17 16:49 - 2019-07-09 08:59 - 000375312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-08-17 16:49 - 2019-07-09 08:59 - 000230200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2019-08-17 16:49 - 2019-07-09 08:59 - 000031032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2019-08-17 16:49 - 2019-07-09 08:53 - 001213264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-08-17 16:49 - 2019-07-09 08:53 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-08-17 16:49 - 2019-07-09 08:51 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-08-17 16:49 - 2019-07-09 08:50 - 000500536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-08-17 16:49 - 2019-07-09 08:50 - 000227640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-08-17 16:49 - 2019-07-09 08:49 - 002769472 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-08-17 16:49 - 2019-07-09 08:49 - 002371504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-08-17 16:49 - 2019-07-09 08:49 - 001674216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-08-17 16:49 - 2019-07-09 08:49 - 000799248 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-08-17 16:49 - 2019-07-09 08:49 - 000767232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-08-17 16:49 - 2019-07-09 08:49 - 000713488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-08-17 16:49 - 2019-07-09 08:49 - 000152104 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-08-17 16:49 - 2019-07-09 08:49 - 000046608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\werkernel.sys
2019-08-17 16:49 - 2019-07-09 08:42 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-08-17 16:49 - 2019-07-09 08:42 - 001286528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2019-08-17 16:49 - 2019-07-09 08:42 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-08-17 16:49 - 2019-07-09 08:42 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-08-17 16:49 - 2019-07-09 08:41 - 002257336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-08-17 16:49 - 2019-07-09 08:41 - 000576528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-08-17 16:49 - 2019-07-09 08:25 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-08-17 16:49 - 2019-07-09 08:23 - 003708416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-08-17 16:49 - 2019-07-09 08:22 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-08-17 16:49 - 2019-07-09 08:21 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-08-17 16:49 - 2019-07-09 08:21 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-08-17 16:49 - 2019-07-09 08:21 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-08-17 16:49 - 2019-07-09 08:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-08-17 16:49 - 2019-07-09 08:21 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-08-17 16:49 - 2019-07-09 08:20 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-08-17 16:49 - 2019-07-09 08:20 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-08-17 16:49 - 2019-07-09 08:20 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-08-17 16:49 - 2019-07-09 08:20 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-08-17 16:49 - 2019-07-09 08:19 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-08-17 16:49 - 2019-07-09 08:19 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-08-17 16:49 - 2019-07-09 08:19 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2019-08-17 16:49 - 2019-07-09 08:19 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-08-17 16:49 - 2019-07-09 08:18 - 003402240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-08-17 16:49 - 2019-07-09 08:18 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-08-17 16:49 - 2019-07-09 08:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-08-17 16:49 - 2019-07-09 08:18 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-08-17 16:49 - 2019-07-09 08:17 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-08-17 16:49 - 2019-07-09 08:17 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-08-17 16:49 - 2019-07-09 08:17 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-08-17 16:49 - 2019-07-09 08:17 - 000928768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-08-17 16:49 - 2019-07-09 08:17 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-08-17 16:49 - 2019-07-09 08:17 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-08-17 16:49 - 2019-07-09 08:17 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-08-17 16:49 - 2019-07-09 08:16 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-08-17 16:49 - 2019-07-09 08:16 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-08-17 16:49 - 2019-07-09 08:16 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-08-17 16:49 - 2019-07-09 08:15 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-08-17 16:49 - 2019-07-09 08:15 - 001218560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-08-17 16:49 - 2019-07-09 08:15 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-08-17 16:49 - 2019-07-09 08:15 - 000510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-08-17 16:49 - 2019-07-09 08:15 - 000504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2019-08-17 16:49 - 2019-07-09 08:14 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-08-17 16:49 - 2019-07-09 08:14 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-17 16:49 - 2019-07-09 08:14 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-08-17 16:49 - 2019-07-09 08:14 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-08-17 16:49 - 2019-07-09 08:14 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-08-17 16:49 - 2019-07-09 08:13 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-08-17 16:49 - 2019-07-09 08:13 - 001398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-08-17 16:49 - 2019-07-09 08:13 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-08-17 16:49 - 2019-07-09 08:13 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-08-17 16:48 - 2019-08-07 18:28 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-08-17 16:48 - 2019-08-07 18:25 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2PGraph.dll
2019-08-17 16:48 - 2019-08-07 18:25 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2019-08-17 16:48 - 2019-08-07 18:23 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2019-08-17 16:48 - 2019-08-07 18:23 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2pnetsh.dll
2019-08-17 16:48 - 2019-08-07 18:21 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2019-08-17 16:48 - 2019-08-07 18:00 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-08-17 16:48 - 2019-08-07 18:00 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-08-17 16:48 - 2019-08-07 17:56 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2PGraph.dll
2019-08-17 16:48 - 2019-08-07 17:56 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2019-08-17 16:48 - 2019-08-07 17:54 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\p2pnetsh.dll
2019-08-17 16:48 - 2019-08-07 13:39 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-08-17 16:48 - 2019-08-07 13:38 - 000091568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-08-17 16:48 - 2019-08-07 13:37 - 000115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-08-17 16:48 - 2019-08-07 13:07 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-08-17 16:48 - 2019-08-07 13:06 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-08-17 16:48 - 2019-08-07 13:06 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2019-08-17 16:48 - 2019-08-07 13:06 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2019-08-17 16:48 - 2019-08-07 13:05 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-08-17 16:48 - 2019-08-07 13:05 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2019-08-17 16:48 - 2019-08-07 13:05 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-08-17 16:48 - 2019-08-07 13:04 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-08-17 16:48 - 2019-08-07 13:04 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-08-17 16:48 - 2019-08-07 13:04 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-08-17 16:48 - 2019-08-07 13:03 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2019-08-17 16:48 - 2019-08-07 13:03 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-08-17 16:48 - 2019-08-07 13:02 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-08-17 16:48 - 2019-08-07 13:02 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-08-17 16:48 - 2019-08-07 11:45 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-08-17 16:48 - 2019-07-11 07:00 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-08-17 16:48 - 2019-07-09 13:14 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-08-17 16:48 - 2019-07-09 13:13 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2019-08-17 16:48 - 2019-07-09 13:09 - 001210880 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2019-08-17 16:48 - 2019-07-09 13:09 - 001193472 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2019-08-17 16:48 - 2019-07-09 13:07 - 000517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2019-08-17 16:48 - 2019-07-09 13:07 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-08-17 16:48 - 2019-07-09 13:07 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-08-17 16:48 - 2019-07-09 12:07 - 000485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2019-08-17 16:48 - 2019-07-09 08:51 - 000133136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2019-08-17 16:48 - 2019-07-09 08:50 - 000275512 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-08-17 16:48 - 2019-07-09 08:49 - 000142352 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2019-08-17 16:48 - 2019-07-09 08:41 - 000108560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2019-08-17 16:48 - 2019-07-09 08:26 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-08-17 16:48 - 2019-07-09 08:26 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2019-08-17 16:48 - 2019-07-09 08:25 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2019-08-17 16:48 - 2019-07-09 08:25 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-08-17 16:48 - 2019-07-09 08:23 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-08-17 16:48 - 2019-07-09 08:22 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2019-08-17 16:48 - 2019-07-09 08:21 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-08-17 16:48 - 2019-07-09 08:21 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-08-17 16:48 - 2019-07-09 08:21 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2019-08-17 16:48 - 2019-07-09 08:21 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-08-17 16:48 - 2019-07-09 08:20 - 000659456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-08-17 16:48 - 2019-07-09 08:20 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-08-17 16:48 - 2019-07-09 08:20 - 000141312 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2019-08-17 16:48 - 2019-07-09 08:20 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2019-08-17 16:48 - 2019-07-09 08:20 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdcpw.dll
2019-08-17 16:48 - 2019-07-09 08:20 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-08-17 16:48 - 2019-07-09 08:19 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-08-17 16:48 - 2019-07-09 08:19 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-08-17 16:48 - 2019-07-09 08:19 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-08-17 16:48 - 2019-07-09 08:19 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetDriverInstall.dll
2019-08-17 16:48 - 2019-07-09 08:18 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-17 16:48 - 2019-07-09 08:18 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2019-08-17 16:48 - 2019-07-09 08:18 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-08-17 16:48 - 2019-07-09 08:16 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-08-17 16:48 - 2019-07-09 08:14 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-08-17 16:48 - 2019-07-09 08:14 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-08-17 16:48 - 2019-06-20 07:51 - 000058882 _____ C:\WINDOWS\system32\srms.dat
2019-08-17 15:43 - 2019-08-17 15:50 - 000000000 ____D C:\Users\Asus\Desktop\sultaniya uncle
2019-08-16 11:08 - 2019-08-16 11:08 - 000108635 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF16-08-2019.pdf
2019-08-13 18:36 - 2019-08-13 18:36 - 000044480 _____ C:\Users\Asus\Desktop\608.pdf
2019-08-13 18:36 - 2019-08-13 18:36 - 000044479 _____ C:\Users\Asus\Desktop\607.pdf
2019-08-13 18:36 - 2019-08-13 18:36 - 000044448 _____ C:\Users\Asus\Desktop\606.pdf
2019-08-13 18:36 - 2019-08-13 18:36 - 000044431 _____ C:\Users\Asus\Desktop\605.pdf
2019-08-13 18:35 - 2019-08-13 18:35 - 000044445 _____ C:\Users\Asus\Desktop\604.pdf
2019-08-12 11:04 - 2019-08-12 11:04 - 000108612 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF12-08-2019 (1).pdf
2019-08-12 11:04 - 2019-08-12 11:04 - 000108609 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF12-08-2019.pdf
2019-08-12 11:04 - 2019-08-12 11:04 - 000108609 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF12-08-2019 (2).pdf
2019-08-09 12:22 - 2019-08-09 12:23 - 000453058 _____ C:\Users\Asus\Downloads\Annual Foreign Trade Statistics, 207576 (201819)_2019-07-28-15-18-13.xlsx
2019-08-09 11:44 - 2019-08-09 11:44 - 000106884 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF09-08-2019.pdf
2019-08-07 17:54 - 2019-08-07 17:55 - 000124749 _____ C:\Users\Asus\Downloads\po ghorahi.pdf
2019-08-07 12:24 - 2019-08-07 12:24 - 000106499 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF07-08-2019.pdf
2019-08-05 10:49 - 2019-08-05 10:49 - 000107879 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF05-08-2019.pdf
2019-08-03 17:20 - 2019-08-03 17:20 - 000107400 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF03-08-2019 (1).pdf
2019-08-03 11:05 - 2019-08-03 11:05 - 000110440 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF03-08-2019.pdf
2019-08-01 11:32 - 2019-08-01 11:32 - 000109993 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF01-08-2019 (2).pdf
2019-08-01 11:22 - 2019-08-01 11:22 - 000106611 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF01-08-2019 (1).pdf
2019-08-01 11:18 - 2019-08-01 11:18 - 000105090 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF01-08-2019.pdf
2019-07-30 15:34 - 2019-07-30 15:34 - 000189966 _____ C:\Users\Asus\Desktop\544 eway.pdf
2019-07-30 15:32 - 2019-07-30 15:32 - 000189426 _____ C:\Users\Asus\Desktop\543 eway.pdf
2019-07-29 12:58 - 2019-07-31 11:17 - 000012750 _____ C:\Users\Asus\Documents\badminton 28 jul 2019.xlsx
 
==================== One month (modified) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-08-28 12:15 - 2018-06-07 11:44 - 000007611 _____ C:\Users\Asus\AppData\Local\Resmon.ResmonCfg
2019-08-28 12:05 - 2018-04-12 05:08 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-28 11:50 - 2018-08-31 11:17 - 000004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{68B0AD90-3E3C-45B1-86F3-54CBFE9C5935}
2019-08-28 11:46 - 2018-04-12 05:08 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-28 11:45 - 2018-08-31 10:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-26 14:09 - 2018-04-12 05:08 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-26 14:08 - 2018-08-30 12:27 - 000000000 ___DC C:\WINDOWS\Panther
2019-08-23 14:17 - 2017-10-19 15:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-08-23 14:11 - 2017-10-19 15:31 - 134272480 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-08-20 17:15 - 2017-09-14 05:39 - 000000000 __SHD C:\Users\Asus\IntelGraphicsProfiles
2019-08-20 12:28 - 2019-07-04 12:10 - 000000000 ____D C:\Users\Asus\AppData\Roaming\DesktopCal
2019-08-20 12:27 - 2019-05-09 16:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-08-20 12:27 - 2019-05-09 16:01 - 000000000 ____D C:\ProgramData\Avira
2019-08-20 12:27 - 2019-05-09 16:01 - 000000000 ____D C:\Program Files (x86)\Avira
2019-08-20 12:27 - 2018-04-12 05:06 - 000000000 ____D C:\WINDOWS\INF
2019-08-19 17:09 - 2018-04-12 05:00 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-08-19 15:46 - 2018-08-31 11:00 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-17 18:11 - 2018-02-12 16:30 - 000000000 ___RD C:\Users\Asus\3D Objects
2019-08-17 18:11 - 2017-09-14 05:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-17 18:10 - 2018-08-31 10:40 - 000700168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-08-17 18:09 - 2018-09-03 18:42 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-08-17 18:09 - 2018-08-31 11:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-17 18:08 - 2018-04-12 02:34 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-08-17 18:07 - 2018-04-12 14:50 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-08-17 18:07 - 2018-04-12 05:08 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-08-17 18:07 - 2018-04-12 05:08 - 000000000 ____D C:\WINDOWS\TextInput
2019-08-17 18:07 - 2018-04-12 05:08 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-08-17 18:07 - 2018-04-12 05:08 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-08-17 18:07 - 2018-04-12 05:08 - 000000000 ____D C:\WINDOWS\Provisioning
2019-08-17 18:07 - 2018-04-12 05:08 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-08-17 18:07 - 2018-04-12 05:08 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-08-17 09:15 - 2018-08-31 10:47 - 000000000 ____D C:\Users\Asus
2019-08-14 17:12 - 2019-06-06 11:29 - 000000000 ____D C:\Users\Asus\Desktop\ghorahi
2019-08-11 14:01 - 2018-08-31 11:17 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-08-11 11:29 - 2018-08-31 11:17 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3657311311-3207568325-3766398190-1001
2019-08-11 11:29 - 2018-08-31 10:47 - 000002364 _____ C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-08-11 11:29 - 2017-09-14 05:07 - 000000000 ___RD C:\Users\Asus\OneDrive
2019-08-10 11:29 - 2018-10-27 14:11 - 000000000 ____D C:\Users\Asus\Desktop\service tax audit
2019-08-09 12:25 - 2017-09-14 05:05 - 000000000 ____D C:\Users\Asus\AppData\Local\Packages
2019-08-07 12:48 - 2018-01-11 17:34 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-07 12:48 - 2018-01-11 17:34 - 000002290 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-07 12:15 - 2017-09-14 05:52 - 000000000 ____D C:\ProgramData\Package Cache
2019-08-02 17:05 - 2017-09-27 16:44 - 000000000 ____D C:\Program Files\rempl
2019-07-29 12:52 - 2018-03-05 15:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
 
==================== Files in the root of some directories ================
 
2018-06-07 11:44 - 2019-08-28 12:15 - 000007611 _____ () C:\Users\Asus\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ===============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ============================Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-08-2019
Ran by Asus (administrator) on DESKTOP-BPIER31 (ASUSTeK COMPUTER INC. X541NA) (28-08-2019 12:13:39)
Running from C:\Users\Asus\Desktop
Loaded Profiles: Asus (Available Profiles: Asus)
Platform: Windows 10 Pro Version 1803 17134.950 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\jhi_service.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_457b8915f31c148e\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_457b8915f31c148e\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_457b8915f31c148e\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_457b8915f31c148e\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(philandro Software GmbH -> ) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Tally Solutions Private Limited -> ) D:\Tally.ERP9\tally.exe
(Tally Solutions Private Limited -> Tally Solutions Pvt. Ltd.) D:\Tally.ERP9\tallygatewayserver.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [FTAutoUpdater] => F:\FTUPDATESVC\FTUpdateService.exe [4261376 2016-10-12] (Financial Technologies) [File not signed]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [99048 2019-07-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-07] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2018-03-05]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {2008647D-3E96-43B2-9B49-64165EB2F583} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {33D2161B-C5E2-4433-AC6C-9DE2B9A20453} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {38741D50-C6C2-4A0C-A270-241A4792C27E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {75DB6077-0071-40C9-AE06-7A162EFA63ED} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1473032 2017-09-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {9E81372A-5F3B-4725-8D11-B0E69EA54303} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {A42F3FEE-8996-4EB0-82D6-A5833DF82FAA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {ACF7C0BF-4CA3-4C46-8AB9-021EE8B0E240} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-11] (Google Inc -> Google Inc.)
Task: {D28309FF-DBAA-432D-BB9B-BE8B3B57D295} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-11] (Google Inc -> Google Inc.)
Task: {D6853FBF-E9F1-4012-B136-B4023E405043} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16717832 2017-09-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E4DB2B5D-5FD2-451C-A92A-5AE34725AC93} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FA4D018D-4836-4951-913B-88213975B588} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {FCC02682-7B2B-44F8-B70A-15119CD08321} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{06ec91aa-36c9-4d7f-8428-207dce8dd257}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{1ab83dda-3855-45a1-b981-9f1208deed4d}: [DhcpNameServer] 192.168.225.1 192.168.225.1
Tcpip\..\Interfaces\{23f32b0b-6009-45ae-8df6-d63f5bd5137e}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{41f64e8f-b1ca-4e7e-bcf6-cc9ee4f3f9cc}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{747daed6-d0b3-4d89-ab1b-104ff572d639}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{7604c8fe-11e3-4ea4-ab45-5895ce32b55c}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{8b64d324-1c5e-4250-a7f1-c79bde71bea2}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{9c192e17-9c94-43b9-b136-791e5225b2c5}: [DhcpNameServer] 192.168.42.129
 
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3657311311-3207568325-3766398190-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-02-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-09-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2017-12-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2017-12-22] (Oracle America, Inc. -> Oracle Corporation)
 
FireFox:
========
FF DefaultProfile: qc5t3h7g.default
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\qc5t3h7g.default [2019-08-14]
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2017-12-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2017-12-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default [2019-08-28]
CHR Extension: (Slides) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-11]
CHR Extension: (Docs) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-11]
CHR Extension: (Google Drive) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18]
CHR Extension: (YouTube) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-11]
CHR Extension: (Sheets) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-11]
CHR Extension: (Google Docs Offline) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-08]
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-07-31]
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-31]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [1810120 2018-03-05] (philandro Software GmbH -> )
R2 AtherosSvc; C:\WINDOWS\system32\DRIVERS\AdminService.exe [415992 2019-01-30] (Qualcomm Atheros -> Windows ® Win 7 DDK provider)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [453408 2019-07-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2215168 2016-11-01] (Intel Corporation -> Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\WINDOWS\System32\Intel\iCLS Client\lib\SocketHeciServer.exe [767184 2018-06-11] (Intel® Trust Services -> Intel® Corporation)
S2 Intel® TPM Provisioning Service; C:\WINDOWS\System32\Intel\iCLS Client\lib\TPMProvisioningService.exe [727224 2018-06-11] (Intel® Trust Services -> Intel® Corporation)
R2 jhi_service; C:\WINDOWS\System32\jhi_service.exe [576560 2018-06-05] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074128 2019-08-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [33224 2016-04-16] (LENOVO -> SHAREit Technologies Co.Ltd)
R2 Tally Gateway Server 10.0; D:\Tally.ERP9\tallygatewayserver.exe [2500792 2018-08-11] (Tally Solutions Private Limited -> Tally Solutions Pvt. Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-08-13] (TeamViewer GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-07-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-07-29] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [71232 2016-11-01] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [66616 2016-11-01] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [350272 2016-11-01] (Intel Corporation -> Intel Corporation)
R1 MpKsle2431d7f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1132AB01-8875-460C-B3A0-01B7A72C1BE9}\MpKsle2431d7f.sys [58120 2019-08-27] (Microsoft Corporation -> Microsoft Corporation)
S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2019-04-30] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [428032 2017-09-21] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-07-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344288 2019-07-29] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2017-09-27] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-07-29] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-08-28 12:13 - 2019-08-28 12:16 - 000020424 _____ C:\Users\Asus\Desktop\FRST.txt
2019-08-28 12:10 - 2019-08-28 12:13 - 000000000 ____D C:\FRST
2019-08-28 12:09 - 2019-08-28 12:09 - 001613312 _____ (Farbar) C:\Users\Asus\Desktop\FRST64.exe
2019-08-27 16:06 - 2019-08-27 16:06 - 000020918 _____ C:\Users\Asus\Downloads\PCL.pdf
2019-08-27 16:06 - 2019-08-27 16:06 - 000012027 _____ C:\Users\Asus\Downloads\TCPL.pdf
2019-08-27 16:01 - 2019-08-27 16:01 - 000106780 _____ C:\Users\Asus\Desktop\OpTransactionHistoryUX3_PDF27-08-2019 (1).pdf
2019-08-27 16:01 - 2019-08-27 16:01 - 000106778 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF27-08-2019.pdf
2019-08-26 14:04 - 2019-08-26 14:04 - 000000000 ___HD C:\$WINDOWS.~BT
2019-08-20 19:57 - 2019-08-20 19:57 - 000044502 _____ C:\Users\Asus\Desktop\629.pdf
2019-08-20 19:57 - 2019-08-20 19:57 - 000044480 _____ C:\Users\Asus\Desktop\631.pdf
2019-08-20 19:57 - 2019-08-20 19:57 - 000044480 _____ C:\Users\Asus\Desktop\628.pdf
2019-08-20 19:57 - 2019-08-20 19:57 - 000044475 _____ C:\Users\Asus\Desktop\630.pdf
2019-08-19 15:41 - 2019-08-19 15:41 - 000046124 _____ C:\Users\Asus\Desktop\party name detail PDF.pdf
2019-08-17 16:49 - 2019-08-07 18:48 - 001786680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-08-17 16:49 - 2019-08-07 18:48 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-08-17 16:49 - 2019-08-07 18:44 - 000303928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-08-17 16:49 - 2019-08-07 18:43 - 021389776 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-08-17 16:49 - 2019-08-07 18:43 - 001632112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-08-17 16:49 - 2019-08-07 18:43 - 001515904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-08-17 16:49 - 2019-08-07 18:43 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-08-17 16:49 - 2019-08-07 18:28 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-08-17 16:49 - 2019-08-07 18:25 - 008626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-08-17 16:49 - 2019-08-07 18:24 - 004783104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-08-17 16:49 - 2019-08-07 18:23 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-08-17 16:49 - 2019-08-07 18:22 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-08-17 16:49 - 2019-08-07 18:13 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-08-17 16:49 - 2019-08-07 18:11 - 001322688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-08-17 16:49 - 2019-08-07 18:11 - 000662112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-08-17 16:49 - 2019-08-07 18:10 - 020384344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-08-17 16:49 - 2019-08-07 17:57 - 007990272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-08-17 16:49 - 2019-08-07 17:55 - 004175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-08-17 16:49 - 2019-08-07 17:54 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-08-17 16:49 - 2019-08-07 17:54 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-08-17 16:49 - 2019-08-07 15:10 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-08-17 16:49 - 2019-08-07 13:39 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-08-17 16:49 - 2019-08-07 13:39 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-08-17 16:49 - 2019-08-07 13:39 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-08-17 16:49 - 2019-08-07 13:39 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-08-17 16:49 - 2019-08-07 13:39 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-08-17 16:49 - 2019-08-07 13:39 - 000194352 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-08-17 16:49 - 2019-08-07 13:39 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-08-17 16:49 - 2019-08-07 13:39 - 000095008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-08-17 16:49 - 2019-08-07 13:38 - 007435720 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-08-17 16:49 - 2019-08-07 13:38 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-08-17 16:49 - 2019-08-07 13:38 - 002470648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-08-17 16:49 - 2019-08-07 13:38 - 001566736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-08-17 16:49 - 2019-08-07 13:38 - 001141712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-08-17 16:49 - 2019-08-07 13:38 - 000723216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-08-17 16:49 - 2019-08-07 13:38 - 000710232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-08-17 16:49 - 2019-08-07 13:38 - 000494992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-08-17 16:49 - 2019-08-07 13:38 - 000227744 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll
2019-08-17 16:49 - 2019-08-07 13:38 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-08-17 16:49 - 2019-08-07 13:38 - 000130840 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-08-17 16:49 - 2019-08-07 13:37 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-08-17 16:49 - 2019-08-07 13:37 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-08-17 16:49 - 2019-08-07 13:37 - 002719240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-08-17 16:49 - 2019-08-07 13:37 - 001459328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-08-17 16:49 - 2019-08-07 13:37 - 001260992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-08-17 16:49 - 2019-08-07 13:37 - 001031696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-08-17 16:49 - 2019-08-07 13:37 - 000984152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-08-17 16:49 - 2019-08-07 13:37 - 000786288 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-08-17 16:49 - 2019-08-07 13:27 - 000081256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-08-17 16:49 - 2019-08-07 13:26 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-08-17 16:49 - 2019-08-07 13:26 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-08-17 16:49 - 2019-08-07 13:26 - 001993344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-08-17 16:49 - 2019-08-07 13:26 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-08-17 16:49 - 2019-08-07 13:26 - 000357336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-08-17 16:49 - 2019-08-07 13:26 - 000192608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xmllite.dll
2019-08-17 16:49 - 2019-08-07 13:26 - 000101400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-08-17 16:49 - 2019-08-07 13:25 - 000603792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-08-17 16:49 - 2019-08-07 13:19 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-08-17 16:49 - 2019-08-07 13:17 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-08-17 16:49 - 2019-08-07 13:14 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-08-17 16:49 - 2019-08-07 13:12 - 022717952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-08-17 16:49 - 2019-08-07 13:09 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-08-17 16:49 - 2019-08-07 13:08 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-08-17 16:49 - 2019-08-07 13:08 - 004385792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-08-17 16:49 - 2019-08-07 13:08 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-08-17 16:49 - 2019-08-07 13:08 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-08-17 16:49 - 2019-08-07 13:07 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-08-17 16:49 - 2019-08-07 13:07 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2019-08-17 16:49 - 2019-08-07 13:06 - 007572480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-08-17 16:49 - 2019-08-07 13:06 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-08-17 16:49 - 2019-08-07 13:06 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-08-17 16:49 - 2019-08-07 13:06 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-08-17 16:49 - 2019-08-07 13:05 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-08-17 16:49 - 2019-08-07 13:05 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-08-17 16:49 - 2019-08-07 13:05 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2019-08-17 16:49 - 2019-08-07 13:05 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-08-17 16:49 - 2019-08-07 13:04 - 005769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-08-17 16:49 - 2019-08-07 13:04 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-08-17 16:49 - 2019-08-07 13:04 - 001680384 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-08-17 16:49 - 2019-08-07 13:04 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-08-17 16:49 - 2019-08-07 13:04 - 000521216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2019-08-17 16:49 - 2019-08-07 13:04 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-08-17 16:49 - 2019-08-07 13:03 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-08-17 16:49 - 2019-08-07 13:02 - 004938240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-08-17 16:49 - 2019-08-07 13:02 - 004516864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-08-17 16:49 - 2019-08-07 13:02 - 002165760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-08-17 16:49 - 2019-08-07 13:02 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-08-17 16:49 - 2019-08-07 13:02 - 001154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-08-17 16:49 - 2019-08-07 13:02 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-08-17 16:49 - 2019-08-07 13:02 - 000318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-08-17 16:49 - 2019-08-07 13:02 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-08-17 16:49 - 2019-08-07 13:01 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-08-17 16:49 - 2019-08-07 13:01 - 001110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-08-17 16:49 - 2019-08-07 13:01 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-08-17 16:49 - 2019-08-07 13:01 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-08-17 16:49 - 2019-08-07 13:01 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-08-17 16:49 - 2019-08-07 13:01 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-08-17 16:49 - 2019-08-07 13:01 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-08-17 16:49 - 2019-08-07 13:01 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-08-17 16:49 - 2019-08-07 13:01 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-08-17 16:49 - 2019-08-07 13:01 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-08-17 16:49 - 2019-07-11 12:18 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-08-17 16:49 - 2019-07-11 07:00 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-08-17 16:49 - 2019-07-11 07:00 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-08-17 16:49 - 2019-07-09 13:37 - 001627664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-08-17 16:49 - 2019-07-09 13:37 - 001038352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-08-17 16:49 - 2019-07-09 13:37 - 000954384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2019-08-17 16:49 - 2019-07-09 13:37 - 000830480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-08-17 16:49 - 2019-07-09 13:37 - 000827920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-08-17 16:49 - 2019-07-09 13:37 - 000825360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-08-17 16:49 - 2019-07-09 13:37 - 000750096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-08-17 16:49 - 2019-07-09 13:37 - 000670224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-08-17 16:49 - 2019-07-09 13:37 - 000652304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-08-17 16:49 - 2019-07-09 13:37 - 000506088 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-08-17 16:49 - 2019-07-09 13:37 - 000495632 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-08-17 16:49 - 2019-07-09 13:37 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-08-17 16:49 - 2019-07-09 13:34 - 000348664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-08-17 16:49 - 2019-07-09 13:31 - 004527792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-08-17 16:49 - 2019-07-09 13:30 - 001616824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-08-17 16:49 - 2019-07-09 13:14 - 012757504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-08-17 16:49 - 2019-07-09 13:13 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-08-17 16:49 - 2019-07-09 13:13 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-08-17 16:49 - 2019-07-09 13:11 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-08-17 16:49 - 2019-07-09 13:10 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-08-17 16:49 - 2019-07-09 13:09 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-08-17 16:49 - 2019-07-09 13:08 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-08-17 16:49 - 2019-07-09 13:07 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-08-17 16:49 - 2019-07-09 12:29 - 000022840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hvsicontainerservice.dll
2019-08-17 16:49 - 2019-07-09 12:12 - 011943424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-08-17 16:49 - 2019-07-09 12:08 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-08-17 16:49 - 2019-07-09 08:59 - 000375312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-08-17 16:49 - 2019-07-09 08:59 - 000230200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2019-08-17 16:49 - 2019-07-09 08:59 - 000031032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2019-08-17 16:49 - 2019-07-09 08:53 - 001213264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-08-17 16:49 - 2019-07-09 08:53 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-08-17 16:49 - 2019-07-09 08:51 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-08-17 16:49 - 2019-07-09 08:50 - 000500536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-08-17 16:49 - 2019-07-09 08:50 - 000227640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-08-17 16:49 - 2019-07-09 08:49 - 002769472 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-08-17 16:49 - 2019-07-09 08:49 - 002371504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-08-17 16:49 - 2019-07-09 08:49 - 001674216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-08-17 16:49 - 2019-07-09 08:49 - 000799248 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-08-17 16:49 - 2019-07-09 08:49 - 000767232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-08-17 16:49 - 2019-07-09 08:49 - 000713488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-08-17 16:49 - 2019-07-09 08:49 - 000152104 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-08-17 16:49 - 2019-07-09 08:49 - 000046608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\werkernel.sys
2019-08-17 16:49 - 2019-07-09 08:42 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-08-17 16:49 - 2019-07-09 08:42 - 001286528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2019-08-17 16:49 - 2019-07-09 08:42 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-08-17 16:49 - 2019-07-09 08:42 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-08-17 16:49 - 2019-07-09 08:41 - 002257336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-08-17 16:49 - 2019-07-09 08:41 - 000576528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-08-17 16:49 - 2019-07-09 08:25 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-08-17 16:49 - 2019-07-09 08:23 - 003708416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-08-17 16:49 - 2019-07-09 08:22 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-08-17 16:49 - 2019-07-09 08:21 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-08-17 16:49 - 2019-07-09 08:21 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-08-17 16:49 - 2019-07-09 08:21 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-08-17 16:49 - 2019-07-09 08:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-08-17 16:49 - 2019-07-09 08:21 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-08-17 16:49 - 2019-07-09 08:20 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-08-17 16:49 - 2019-07-09 08:20 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-08-17 16:49 - 2019-07-09 08:20 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-08-17 16:49 - 2019-07-09 08:20 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-08-17 16:49 - 2019-07-09 08:19 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-08-17 16:49 - 2019-07-09 08:19 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-08-17 16:49 - 2019-07-09 08:19 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2019-08-17 16:49 - 2019-07-09 08:19 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-08-17 16:49 - 2019-07-09 08:18 - 003402240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-08-17 16:49 - 2019-07-09 08:18 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-08-17 16:49 - 2019-07-09 08:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-08-17 16:49 - 2019-07-09 08:18 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-08-17 16:49 - 2019-07-09 08:17 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-08-17 16:49 - 2019-07-09 08:17 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-08-17 16:49 - 2019-07-09 08:17 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-08-17 16:49 - 2019-07-09 08:17 - 000928768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-08-17 16:49 - 2019-07-09 08:17 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-08-17 16:49 - 2019-07-09 08:17 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-08-17 16:49 - 2019-07-09 08:17 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-08-17 16:49 - 2019-07-09 08:16 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-08-17 16:49 - 2019-07-09 08:16 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-08-17 16:49 - 2019-07-09 08:16 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-08-17 16:49 - 2019-07-09 08:15 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-08-17 16:49 - 2019-07-09 08:15 - 001218560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-08-17 16:49 - 2019-07-09 08:15 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-08-17 16:49 - 2019-07-09 08:15 - 000510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-08-17 16:49 - 2019-07-09 08:15 - 000504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2019-08-17 16:49 - 2019-07-09 08:14 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-08-17 16:49 - 2019-07-09 08:14 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-17 16:49 - 2019-07-09 08:14 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-08-17 16:49 - 2019-07-09 08:14 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-08-17 16:49 - 2019-07-09 08:14 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-08-17 16:49 - 2019-07-09 08:13 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-08-17 16:49 - 2019-07-09 08:13 - 001398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-08-17 16:49 - 2019-07-09 08:13 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-08-17 16:49 - 2019-07-09 08:13 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-08-17 16:48 - 2019-08-07 18:28 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-08-17 16:48 - 2019-08-07 18:25 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2PGraph.dll
2019-08-17 16:48 - 2019-08-07 18:25 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2019-08-17 16:48 - 2019-08-07 18:23 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2019-08-17 16:48 - 2019-08-07 18:23 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2pnetsh.dll
2019-08-17 16:48 - 2019-08-07 18:21 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2019-08-17 16:48 - 2019-08-07 18:00 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-08-17 16:48 - 2019-08-07 18:00 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-08-17 16:48 - 2019-08-07 17:56 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2PGraph.dll
2019-08-17 16:48 - 2019-08-07 17:56 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2019-08-17 16:48 - 2019-08-07 17:54 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\p2pnetsh.dll
2019-08-17 16:48 - 2019-08-07 13:39 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-08-17 16:48 - 2019-08-07 13:38 - 000091568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-08-17 16:48 - 2019-08-07 13:37 - 000115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-08-17 16:48 - 2019-08-07 13:07 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-08-17 16:48 - 2019-08-07 13:06 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-08-17 16:48 - 2019-08-07 13:06 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2019-08-17 16:48 - 2019-08-07 13:06 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2019-08-17 16:48 - 2019-08-07 13:05 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-08-17 16:48 - 2019-08-07 13:05 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2019-08-17 16:48 - 2019-08-07 13:05 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-08-17 16:48 - 2019-08-07 13:04 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-08-17 16:48 - 2019-08-07 13:04 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-08-17 16:48 - 2019-08-07 13:04 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-08-17 16:48 - 2019-08-07 13:03 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2019-08-17 16:48 - 2019-08-07 13:03 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-08-17 16:48 - 2019-08-07 13:02 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-08-17 16:48 - 2019-08-07 13:02 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-08-17 16:48 - 2019-08-07 11:45 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-08-17 16:48 - 2019-07-11 07:00 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-08-17 16:48 - 2019-07-09 13:14 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-08-17 16:48 - 2019-07-09 13:13 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2019-08-17 16:48 - 2019-07-09 13:09 - 001210880 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2019-08-17 16:48 - 2019-07-09 13:09 - 001193472 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2019-08-17 16:48 - 2019-07-09 13:07 - 000517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2019-08-17 16:48 - 2019-07-09 13:07 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-08-17 16:48 - 2019-07-09 13:07 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-08-17 16:48 - 2019-07-09 12:07 - 000485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2019-08-17 16:48 - 2019-07-09 08:51 - 000133136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2019-08-17 16:48 - 2019-07-09 08:50 - 000275512 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-08-17 16:48 - 2019-07-09 08:49 - 000142352 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2019-08-17 16:48 - 2019-07-09 08:41 - 000108560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2019-08-17 16:48 - 2019-07-09 08:26 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-08-17 16:48 - 2019-07-09 08:26 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2019-08-17 16:48 - 2019-07-09 08:25 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2019-08-17 16:48 - 2019-07-09 08:25 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-08-17 16:48 - 2019-07-09 08:23 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-08-17 16:48 - 2019-07-09 08:22 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2019-08-17 16:48 - 2019-07-09 08:21 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-08-17 16:48 - 2019-07-09 08:21 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-08-17 16:48 - 2019-07-09 08:21 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2019-08-17 16:48 - 2019-07-09 08:21 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-08-17 16:48 - 2019-07-09 08:20 - 000659456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-08-17 16:48 - 2019-07-09 08:20 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-08-17 16:48 - 2019-07-09 08:20 - 000141312 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2019-08-17 16:48 - 2019-07-09 08:20 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2019-08-17 16:48 - 2019-07-09 08:20 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdcpw.dll
2019-08-17 16:48 - 2019-07-09 08:20 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-08-17 16:48 - 2019-07-09 08:19 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-08-17 16:48 - 2019-07-09 08:19 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-08-17 16:48 - 2019-07-09 08:19 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-08-17 16:48 - 2019-07-09 08:19 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetDriverInstall.dll
2019-08-17 16:48 - 2019-07-09 08:18 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-17 16:48 - 2019-07-09 08:18 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2019-08-17 16:48 - 2019-07-09 08:18 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-08-17 16:48 - 2019-07-09 08:16 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-08-17 16:48 - 2019-07-09 08:14 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-08-17 16:48 - 2019-07-09 08:14 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-08-17 16:48 - 2019-06-20 07:51 - 000058882 _____ C:\WINDOWS\system32\srms.dat
2019-08-17 15:43 - 2019-08-17 15:50 - 000000000 ____D C:\Users\Asus\Desktop\sultaniya uncle
2019-08-16 11:08 - 2019-08-16 11:08 - 000108635 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF16-08-2019.pdf
2019-08-13 18:36 - 2019-08-13 18:36 - 000044480 _____ C:\Users\Asus\Desktop\608.pdf
2019-08-13 18:36 - 2019-08-13 18:36 - 000044479 _____ C:\Users\Asus\Desktop\607.pdf
2019-08-13 18:36 - 2019-08-13 18:36 - 000044448 _____ C:\Users\Asus\Desktop\606.pdf
2019-08-13 18:36 - 2019-08-13 18:36 - 000044431 _____ C:\Users\Asus\Desktop\605.pdf
2019-08-13 18:35 - 2019-08-13 18:35 - 000044445 _____ C:\Users\Asus\Desktop\604.pdf
2019-08-12 11:04 - 2019-08-12 11:04 - 000108612 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF12-08-2019 (1).pdf
2019-08-12 11:04 - 2019-08-12 11:04 - 000108609 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF12-08-2019.pdf
2019-08-12 11:04 - 2019-08-12 11:04 - 000108609 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF12-08-2019 (2).pdf
2019-08-09 12:22 - 2019-08-09 12:23 - 000453058 _____ C:\Users\Asus\Downloads\Annual Foreign Trade Statistics, 207576 (201819)_2019-07-28-15-18-13.xlsx
2019-08-09 11:44 - 2019-08-09 11:44 - 000106884 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF09-08-2019.pdf
2019-08-07 17:54 - 2019-08-07 17:55 - 000124749 _____ C:\Users\Asus\Downloads\po ghorahi.pdf
2019-08-07 12:24 - 2019-08-07 12:24 - 000106499 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF07-08-2019.pdf
2019-08-05 10:49 - 2019-08-05 10:49 - 000107879 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF05-08-2019.pdf
2019-08-03 17:20 - 2019-08-03 17:20 - 000107400 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF03-08-2019 (1).pdf
2019-08-03 11:05 - 2019-08-03 11:05 - 000110440 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF03-08-2019.pdf
2019-08-01 11:32 - 2019-08-01 11:32 - 000109993 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF01-08-2019 (2).pdf
2019-08-01 11:22 - 2019-08-01 11:22 - 000106611 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF01-08-2019 (1).pdf
2019-08-01 11:18 - 2019-08-01 11:18 - 000105090 _____ C:\Users\Asus\Downloads\OpTransactionHistoryUX3_PDF01-08-2019.pdf
2019-07-30 15:34 - 2019-07-30 15:34 - 000189966 _____ C:\Users\Asus\Desktop\544 eway.pdf
2019-07-30 15:32 - 2019-07-30 15:32 - 000189426 _____ C:\Users\Asus\Desktop\543 eway.pdf
2019-07-29 12:58 - 2019-07-31 11:17 - 000012750 _____ C:\Users\Asus\Documents\badminton 28 jul 2019.xlsx
 
==================== One month (modified) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-08-28 12:15 - 2018-06-07 11:44 - 000007611 _____ C:\Users\Asus\AppData\Local\Resmon.ResmonCfg
2019-08-28 12:05 - 2018-04-12 05:08 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-28 11:50 - 2018-08-31 11:17 - 000004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{68B0AD90-3E3C-45B1-86F3-54CBFE9C5935}
2019-08-28 11:46 - 2018-04-12 05:08 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-28 11:45 - 2018-08-31 10:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-26 14:09 - 2018-04-12 05:08 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-26 14:08 - 2018-08-30 12:27 - 000000000 ___DC C:\WINDOWS\Panther
2019-08-23 14:17 - 2017-10-19 15:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-08-23 14:11 - 2017-10-19 15:31 - 134272480 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-08-20 17:15 - 2017-09-14 05:39 - 000000000 __SHD C:\Users\Asus\IntelGraphicsProfiles
2019-08-20 12:28 - 2019-07-04 12:10 - 000000000 ____D C:\Users\Asus\AppData\Roaming\DesktopCal
2019-08-20 12:27 - 2019-05-09 16:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-08-20 12:27 - 2019-05-09 16:01 - 000000000 ____D C:\ProgramData\Avira
2019-08-20 12:27 - 2019-05-09 16:01 - 000000000 ____D C:\Program Files (x86)\Avira
2019-08-20 12:27 - 2018-04-12 05:06 - 000000000 ____D C:\WINDOWS\INF
2019-08-19 17:09 - 2018-04-12 05:00 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-08-19 15:46 - 2018-08-31 11:00 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-17 18:11 - 2018-02-12 16:30 - 000000000 ___RD C:\Users\Asus\3D Objects
2019-08-17 18:11 - 2017-09-14 05:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-17 18:10 - 2018-08-31 10:40 - 000700168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-08-17 18:09 - 2018-09-03 18:42 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-08-17 18:09 - 2018-08-31 11:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-17 18:08 - 2018-04-12 02:34 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-08-17 18:07 - 2018-04-12 14:50 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-08-17 18:07 - 2018-04-12 05:08 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-08-17 18:07 - 2018-04-12 05:08 - 000000000 ____D C:\WINDOWS\TextInput
2019-08-17 18:07 - 2018-04-12 05:08 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-08-17 18:07 - 2018-04-12 05:08 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-08-17 18:07 - 2018-04-12 05:08 - 000000000 ____D C:\WINDOWS\Provisioning
2019-08-17 18:07 - 2018-04-12 05:08 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-08-17 18:07 - 2018-04-12 05:08 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-08-17 09:15 - 2018-08-31 10:47 - 000000000 ____D C:\Users\Asus
2019-08-14 17:12 - 2019-06-06 11:29 - 000000000 ____D C:\Users\Asus\Desktop\ghorahi
2019-08-11 14:01 - 2018-08-31 11:17 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-08-11 11:29 - 2018-08-31 11:17 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3657311311-3207568325-3766398190-1001
2019-08-11 11:29 - 2018-08-31 10:47 - 000002364 _____ C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-08-11 11:29 - 2017-09-14 05:07 - 000000000 ___RD C:\Users\Asus\OneDrive
2019-08-10 11:29 - 2018-10-27 14:11 - 000000000 ____D C:\Users\Asus\Desktop\service tax audit
2019-08-09 12:25 - 2017-09-14 05:05 - 000000000 ____D C:\Users\Asus\AppData\Local\Packages
2019-08-07 12:48 - 2018-01-11 17:34 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-07 12:48 - 2018-01-11 17:34 - 000002290 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-07 12:15 - 2017-09-14 05:52 - 000000000 ____D C:\ProgramData\Package Cache
2019-08-02 17:05 - 2017-09-27 16:44 - 000000000 ____D C:\Program Files\rempl
2019-07-29 12:52 - 2018-03-05 15:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
 
==================== Files in the root of some directories ================
 
2018-06-07 11:44 - 2019-08-28 12:15 - 000007611 _____ () C:\Users\Asus\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ===============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ============================
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2019
Ran by Asus (28-08-2019 12:18:15)
Running from C:\Users\Asus\Desktop
Windows 10 Pro Version 1803 17134.950 (X64) (2018-08-31 05:52:39)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3657311311-3207568325-3766398190-500 - Administrator - Disabled)
Asus (S-1-5-21-3657311311-3207568325-3766398190-1001 - Administrator - Enabled) => C:\Users\Asus
DefaultAccount (S-1-5-21-3657311311-3207568325-3766398190-503 - Limited - Disabled)
Guest (S-1-5-21-3657311311-3207568325-3766398190-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3657311311-3207568325-3766398190-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Reader XI (11.0.23) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 3.7.0 - philandro Software GmbH)
Avira (HKLM-x32\...\{21a0516b-5dd7-4dee-9d36-85ebdc37aa45}) (Version: 1.2.135.51949 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{42F08141-3F60-46FF-A5B4-08C4783DACFE}) (Version: 1.2.135.51949 - Avira Operations GmbH & Co. KG) Hidden
Epson Event Manager (HKLM-x32\...\{C9AC7ED6-FD1C-4E83-8553-ECF8BCA111E8}) (Version: 3.01.0007 - Seiko Epson Corporation)
EPSON M200 Series Printer Uninstall (HKLM\...\EPSON M200 Series) (Version:  - SEIKO EPSON Corporation)
Epson Network Guide M200 Series (HKLM-x32\...\M200 Series Netg) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson User's Guide M200 Series (HKLM-x32\...\M200 Series Useg) (Version:  - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel® Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1631.3 - Intel Corporation)
Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 3.0.12.1138 - Intel Corporation)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3657311311-3207568325-3766398190-1001\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7960 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.5.0.1144 - Lenovo)
Street Racer (HKLM-x32\...\Street Racer_is1) (Version: 1.0 - Media Contact LLC)
Supercow (HKLM-x32\...\Supercow_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Tally.ERP 9 (HKLM-x32\...\{4AA1FE2E-373C-447E-9995-BAA7E4FD0E24}) (Version: Series A 5.5.6 Build 4767 - Tally Solutions Pvt. Ltd.)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.14327 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
 
Packages:
=========
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-07] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-07] (Microsoft Corporation) [MS Ad]
Microsoft Phone Companion -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-15] (Microsoft Corporation)
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-05-22] () [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-05-22] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_457b8915f31c148e\igfxDTCM.dll [2017-01-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-05-22] () [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\Asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --disable-gpu"
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --disable-gpu"
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-09-14 05:33 - 2006-12-11 14:44 - 000043008 _____ () [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll
2017-09-14 11:54 - 2011-08-30 13:38 - 000558080 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2017-09-14 11:54 - 2011-08-01 18:24 - 000250880 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enpres.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-07-10 16:34 - 2015-07-10 16:32 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\TXE Components\iCLS\;C:\Program Files\Intel\TXE Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3657311311-3207568325-3766398190-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Asus\AppData\Local\Microsoft\Windows\Themes\transcodedwallpaper
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
If an entry is included in the fixlist, it will be removed.
 
HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "FTAutoUpdater"
HKU\S-1-5-21-3657311311-3207568325-3766398190-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3657311311-3207568325-3766398190-1001\...\StartupApproved\Run: => "Lync"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{8219EB41-487A-4249-A4FC-D1FAFAD59126}] => (Allow) D:\Tally.ERP9\tally.exe (Tally Solutions Private Limited -> )
FirewallRules: [{22031EC2-2422-494F-B999-CE18C60D0206}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2BC03B91-75F8-4A2C-A142-51BE093B7271}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{48FCD5A4-EFC2-4E70-8ABD-41CAF6DCF126}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{04E13453-101F-44A4-808C-361A6214C755}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{A7F7DF77-E77D-48DF-BCCE-073BE379789A}D:\tally.erp9\tally.exe] => (Allow) D:\tally.erp9\tally.exe (Tally Solutions Private Limited -> )
FirewallRules: [TCP Query User{D7AB0F21-0F8D-4BCD-8119-DFB12CFD76E9}D:\tally.erp9\tally.exe] => (Allow) D:\tally.erp9\tally.exe (Tally Solutions Private Limited -> )
FirewallRules: [{25A5BCBE-CBC8-4E46-8D9C-C656CCB8FC33}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{41B86D73-AD50-4A78-9143-CB58B15811B7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4978543F-FFF2-4E96-93E3-36036C012508}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
FirewallRules: [{22A6F8B3-F5BE-4254-9608-4B6D37C712E8}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
FirewallRules: [{A2FDB3F3-4A44-438F-B737-F2BE92A87602}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2FE1EC5D-198F-4FBC-AF65-2B171A97A00B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{59CF70C8-0271-43E0-803B-74F3E3B81BB4}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C87A96D2-2EA7-4FA0-80EC-E17A206F07F2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{47CF5D99-7443-48E5-9877-38FCB2B2383C}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{DB0CF502-82BA-4B12-A71F-BA1096B1446A}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{E6504A5A-87EE-401F-AB88-E122FF60F610}E:\data\shubham0\tally.erp9\tally.exe] => (Block) E:\data\shubham0\tally.erp9\tally.exe No File
FirewallRules: [UDP Query User{017D5ED5-F9C0-45BD-A876-AC057051F634}E:\data\shubham0\tally.erp9\tally.exe] => (Block) E:\data\shubham0\tally.erp9\tally.exe No File
FirewallRules: [TCP Query User{80238B10-2599-42DD-81F7-F2B06FB936E7}C:\tally\tally9.exe] => (Allow) C:\tally\tally9.exe No File
FirewallRules: [UDP Query User{719FE5C6-8740-4FA0-AC47-901CF97D7BF1}C:\tally\tally9.exe] => (Allow) C:\tally\tally9.exe No File
FirewallRules: [TCP Query User{D49AF95A-371D-418E-9D22-B082832160C5}E:\tally.erp9-org\tally.exe] => (Allow) E:\tally.erp9-org\tally.exe No File
FirewallRules: [UDP Query User{CEA465AC-6269-4301-9710-4AD23F855708}E:\tally.erp9-org\tally.exe] => (Allow) E:\tally.erp9-org\tally.exe No File
FirewallRules: [TCP Query User{879833D3-348C-4873-B274-7A606716C951}D:\tally.erp9\tally.exe] => (Allow) D:\tally.erp9\tally.exe (Tally Solutions Private Limited -> )
FirewallRules: [UDP Query User{E64071A2-4899-487F-9AA3-F88B43D590FA}D:\tally.erp9\tally.exe] => (Allow) D:\tally.erp9\tally.exe (Tally Solutions Private Limited -> )
FirewallRules: [TCP Query User{54536F74-AEEF-4052-B3C4-07A33DD964B7}E:\tally.erp9\tally.exe] => (Allow) E:\tally.erp9\tally.exe (Tally Solutions Private Limited -> )
FirewallRules: [UDP Query User{78B65275-D1F9-45F6-B428-A189BA3C44DE}E:\tally.erp9\tally.exe] => (Allow) E:\tally.erp9\tally.exe (Tally Solutions Private Limited -> )
FirewallRules: [TCP Query User{DF452578-DFC7-413C-B44F-FD3F367CD719}C:\tally.erp9\tally.exe] => (Allow) C:\tally.erp9\tally.exe () [File not signed]
FirewallRules: [UDP Query User{A6147BD4-4FB5-48E3-9459-C17C2D736B4C}C:\tally.erp9\tally.exe] => (Allow) C:\tally.erp9\tally.exe () [File not signed]
FirewallRules: [TCP Query User{8037D300-BE42-471D-ADCF-BF031CB1CB05}H:\soft\tally\tally9.2\tally9.exe] => (Allow) H:\soft\tally\tally9.2\tally9.exe No File
FirewallRules: [UDP Query User{F4ED48E0-C4CA-4F58-A999-109F973FBE63}H:\soft\tally\tally9.2\tally9.exe] => (Allow) H:\soft\tally\tally9.2\tally9.exe No File
FirewallRules: [TCP Query User{BE88F3B7-1A5C-4FBD-94C6-5FFBDCF595F7}H:\soft\tally\tally9.2\tally.exe] => (Allow) H:\soft\tally\tally9.2\tally.exe No File
FirewallRules: [UDP Query User{39455A5C-D629-489D-802D-F1CDAF1C22F0}H:\soft\tally\tally9.2\tally.exe] => (Allow) H:\soft\tally\tally9.2\tally.exe No File
FirewallRules: [{BDFE5380-E6A7-4BAC-B4E2-8D0E41896780}] => (Allow) D:\Tally.ERP9\tallygatewayserver.exe (Tally Solutions Private Limited -> Tally Solutions Pvt. Ltd.)
FirewallRules: [{5EB51EC8-9262-425B-B191-3591151310A4}] => (Allow) D:\Tally.ERP9\tallygatewayserver.exe (Tally Solutions Private Limited -> Tally Solutions Pvt. Ltd.)
FirewallRules: [TCP Query User{400FE788-8320-4C67-92FB-A22EA9062B90}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{93D877F5-121B-4CE0-890B-ECF9786640EA}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{58413B47-596C-400C-8663-81345B4A6786}C:\users\asus\appdata\local\temp\rar$ex01.453\anydesk(1).exe] => (Allow) C:\users\asus\appdata\local\temp\rar$ex01.453\anydesk(1).exe No File
FirewallRules: [UDP Query User{6878BF67-4139-41C0-9B5D-F679C08BD902}C:\users\asus\appdata\local\temp\rar$ex01.453\anydesk(1).exe] => (Allow) C:\users\asus\appdata\local\temp\rar$ex01.453\anydesk(1).exe No File
FirewallRules: [{98E53707-9280-440B-B611-2E2B3B39A0AA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{95C93243-2238-4B2B-810D-D14BEF6BA62F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{6BB71610-54E4-4089-A04A-84C968CE52DD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{6013E3B7-8451-47EC-95E4-EE3210757664}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{526AF210-E3F0-440C-9DBE-0FCA66D7710B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{8A8E77E7-94C2-47FB-99FF-6A71ED1B5DED}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{4AD7E354-EBB7-4FCA-8CA6-798FCB39A477}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{FBFDEBDD-DA37-4412-A47F-DC83390C4991}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{B8668C1D-2A8A-4032-AE65-06E98ECED74D}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{C925046E-9474-4E00-9967-03300DEFCBA8}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{E0774941-922A-4E10-B769-C2CDC23A805B}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{7B53902E-FD3C-440F-A1D3-E519681284BC}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{37E71892-6080-446D-B168-D6EDD99629C2}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
 
==================== Restore Points =========================
 
11-08-2019 14:15:09 Scheduled Checkpoint
17-08-2019 16:46:25 Windows Update
23-08-2019 14:10:26 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/28/2019 11:50:05 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (08/27/2019 04:05:04 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkQuarantineRetry
 
Error: (08/27/2019 04:00:16 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (08/27/2019 04:00:06 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (08/27/2019 02:36:36 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkQuarantineRetry
 
Error: (08/27/2019 02:32:08 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (08/27/2019 02:31:59 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (08/27/2019 02:30:17 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
 
 
System errors:
=============
Error: (08/28/2019 11:57:36 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-BPIER31)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-BPIER31\Asus SID (S-1-5-21-3657311311-3207568325-3766398190-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/28/2019 11:49:49 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-BPIER31)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DESKTOP-BPIER31\Asus SID (S-1-5-21-3657311311-3207568325-3766398190-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/28/2019 11:49:08 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-BPIER31)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-BPIER31\Asus SID (S-1-5-21-3657311311-3207568325-3766398190-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/27/2019 03:59:30 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-BPIER31)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-BPIER31\Asus SID (S-1-5-21-3657311311-3207568325-3766398190-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/27/2019 02:29:55 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-BPIER31)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-BPIER31\Asus SID (S-1-5-21-3657311311-3207568325-3766398190-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/26/2019 07:10:18 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-BPIER31)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-BPIER31\Asus SID (S-1-5-21-3657311311-3207568325-3766398190-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/26/2019 03:15:34 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-BPIER31)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-BPIER31\Asus SID (S-1-5-21-3657311311-3207568325-3766398190-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/26/2019 01:04:25 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-BPIER31)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DESKTOP-BPIER31\Asus SID (S-1-5-21-3657311311-3207568325-3766398190-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
 
Windows Defender:
===================================
Date: 2019-08-27 16:37:18.122
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {29821046-8DA5-47C1-B3AC-D070253424A4}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-08-27 16:21:55.736
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {2A6F4C28-48D1-4FDF-BCD2-8D0FABDACE38}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-08-18 18:32:04.622
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {32265BD2-2FD9-4684-B92E-9150AF578A8C}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-08-17 17:36:26.554
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {0F66825A-7DDD-4E77-AF52-09319CEE0FEF}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-08-17 14:07:11.502
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {3E9A77D3-9C2D-42FD-A52E-0E5C18FFA72D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-08-28 11:24:45.866
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.299.2860.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16200.1
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
Date: 2019-08-28 11:24:45.865
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.299.2860.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16200.1
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
Date: 2019-08-28 11:24:45.864
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.299.2860.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16200.1
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
Date: 2019-08-28 11:24:45.835
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.299.2860.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16200.1
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
Date: 2019-08-28 11:24:45.834
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.299.2860.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16200.1
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. X541NA.309 05/25/2017
Motherboard: ASUSTeK COMPUTER INC. X541NA
Processor: Intel® Pentium® CPU N4200 @ 1.10GHz
Percentage of memory in use: 68%
Total physical RAM: 3959.57 MB
Available physical RAM: 1242.87 MB
Total Virtual: 4669.93 MB
Available Virtual: 1030.91 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:145.08 GB) (Free:95.86 GB) NTFS
Drive d: () (Fixed) (Total:258.79 GB) (Free:253.03 GB) NTFS
Drive e: () (Fixed) (Total:258.79 GB) (Free:245.9 GB) NTFS
Drive f: () (Fixed) (Total:267.45 GB) (Free:266.72 GB) NTFS
 
\\?\Volume{ba592957-adfa-48cf-8c59-2053df761512}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{bf629060-b674-4c90-9878-b2fd3334fd79}\ () (Fixed) (Total:0.85 GB) (Free:0.34 GB) NTFS
\\?\Volume{616f6c1e-e1c8-432a-b97d-553b4133c7bd}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ==================
 
==================== End of Addition.txt ============================
 
 
 
 

  • 0

Advertisements


#2
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 793 posts
Hi shubhamimortal, welcome to the Geeks to Go malware removal forum.

I am iMacg3 and will be helping you with your computer problems.

Please keep the following information in mind before we begin:
  • Back up any important data before we continue.
    • Back up any important data on your computer to external media. I will not knowingly suggest any steps that will damage your computer; however, malware infections are often unpredictable and it may be necessary to reformat and reinstall your operating system depending on the infection.
  • Do not install any new software or run any fixes/tools on your system unless I request that you do so.
    • Running additional tools on your system can interfere with the clean-up process, or cause issues such as false positives.
  • Please read all instructions carefully, and complete them in the order listed.
    • Items that are especially important will be highlighted in bold or red.
  • If your computer seems to start working normally, please don't abandon the topic.
    • Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.
  • If you have pirated or illegal software on your computer, uninstall it now before proceeding.
    • Using pirated/cracked software is an easy way to infect your computer - almost as easy as intentionally downloading malware. Therefore, please remove any, if present, before we begin the clean-up.
  • If you don't respond to your topic in 4 days, it will be closed.
    • If your topic is closed and you still need assistance, send me a Personal Message with a link to your topic.
  • If you have questions at any time during the cleanup, feel free to ask.
Please give me some time to go over your logs and I will get back to you as soon as possible.
  • 0

#3
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 793 posts
Hi shubhamimortal,

Is this computer used for business purposes?

---------------------------------------------------
CKScanner

Download CKScanner by askey127 from here

Important : Save it to your desktop.
  • Double-click CKScanner.exe and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify that the file is saved.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.
---------------------------------------------------

Please do this...
  • Click the Start button and type Command Prompt in the search box.
  • Right-click "Command Prompt" in the search results and select Run as Administrator.
  • At the command prompt, type slmgr -dlv and press Enter.
  • A window will open after a few seconds. Press Ctrl + C on your keyboard to copy its contents.
    • Press the Windows key + R. Type Notepad and click OK.
    • A new text file will appear. Press Ctrl + V to paste the contents of the window into the text file.
    • Click File > Save and save the file to your desktop.
Copy and paste the contents of the text file in your next reply.

---------------------------------------------------

In your next reply, please include:
  • CKFiles.txt
  • slmgr results

  • 0

#4
shubhamimortal

shubhamimortal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 70 posts

just some accounting and mail not too important to any one except me 


  • 0

#5
shubhamimortal

shubhamimortal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 70 posts
CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\windows\winsxs\amd64_openssh-common-components-onecore_31bf3856ad364e35_10.0.17134.1_none_a227092418e9be66\ssh-keygen.exe
c:\windows\winsxs\amd64_openssh-common-components-onecore_31bf3856ad364e35_10.0.17134.81_none_b683e3bc89a9896c\ssh-keygen.exe
scanner sequence 3.LB.11.JFNAGZ
 ----- EOF ----- 
 
 
---------------------------
Windows Script Host
---------------------------
Unrecognized option: -dlv'
 
 
 
Windows Software Licensing Management Tool
 
Usage: slmgr.vbs [MachineName [User Password]] [<Option>]
 
           MachineName: Name of remote machine (default is local machine)
 
           User:        Account with required privilege on remote machine
 
           Password:    password for the previous account
 
 
 
Global Options:
 
/ipk <Product Key>
 
    Install product key (replaces existing key)
 
/ato [Activation ID]
 
    Activate Windows
 
/dli [Activation ID | All]
 
    Display license information (default: current license)
 
/dlv [Activation ID | All]
 
    Display detailed license information (default: current license)
 
/xpr [Activation ID]
 
    Expiration date for current license state
 
 
---------------------------
OK   
---------------------------
 

  • 0

#6
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 793 posts
Hi shubhamimortal,

It looks like there was a typo in the slmgr -dlv command. Please try to run it again and post the contents of the slmgr results.
  • 0

#7
shubhamimortal

shubhamimortal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 70 posts
---------------------------
Windows Script Host
---------------------------
Software licensing service version: 10.0.17134.915
 
 
 
Name: Windows®, Professional edition
 
Description: Windows® Operating System, VOLUME_KMSCLIENT channel
 
Activation ID: 2de67392-b7a7-462a-b1ca-108dd189f588
 
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
 
Extended PID: 03612-03311-000-000001-03-1033-17134.0000-2432018
 
Product Key Channel: Volume:GVLK
 
Installation ID: 388786518616856253041376015695106340200690615713638378144647040
 
Partial Product Key: T83GX
 
License Status: Notification
 
Notification Reason: 0xC004F056.
 
Remaining Windows rearm count: 1001
 
Remaining SKU rearm count: 1001
 
Trusted time: 31-Aug-19 2:44:22 PM
 
Configured Activation Type: All
 
Please use slmgr.vbs /ato to activate and update KMS client information in order to update values.
 
 
 
 
---------------------------
OK   
---------------------------

  • 0

#8
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 793 posts
It appears that your operating system is improperly activated.

As per the Geeks to Go Terms of Use:
 

We will NOT help anyone we suspect of having obtained their software or services illegally.


This topic is now closed.
  • 0






Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP