Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

"There was a problem starting StartupCheckLibrary.dll" I belie


  • Please log in to reply

#1
nasirnasir1

nasirnasir1

    New Member

  • Member
  • Pip
  • 6 posts

Both my Windows Defender and Bit Defender have been uninstalled without my knowledge and I cant reinstall them. The Error in the title is the only hint that i have to fixing the problem.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-09-2020
Ran by Nasir York (administrator) on DESKTOP-DTOHOOC (ASUS All Series) (11-09-2020 19:45:02)
Running from C:\Users\Nasir York\Desktop
Loaded Profiles: Nasir York
Platform: Windows 10 Pro Version 1903 18362.1016 (X64) Language: English (United States)
Default browser: "C:\Users\Nasir York\AppData\Local\Google\Chrome SxS\Application\chrome.exe" --single-argument %1
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.11\AsusFanControlService.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Discord Inc. -> Discord Inc.) C:\Users\Nasir York\AppData\Local\Discord\app-0.0.308\Discord.exe <6>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Electronic Arts, Inc. -> Electronic Arts) F:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Express Vpn LLC -> ) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Users\Nasir York\AppData\Local\Google\Chrome SxS\Application\chrome.exe <29>
(Iain Patterson) [File not signed] C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel® Driver Update Utility -> Intel) C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe
(Intel® Software Development Products -> ) C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(NETGEAR -> ) C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Razer USA Ltd. -> ) F:\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) F:\Razer Cortex\RzKLService.exe
(Razer USA Ltd. -> Razer Inc.) F:\Synapse3\Service\Razer Synapse Service.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7660760 2014-10-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17494136 2017-04-05] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302392 2020-03-28] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe
HKLM\...\Run: [CL-25-786B446E-275C-4A7F-BE5E-29564044FED2] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-25-786B446E-275C-4A7F-BE5E-29564044FED2\setuplauncher.exe" /run:Installer.exe /args:"/setup-folder:"CL-25-786B446E-275C-4A7F-BE5E-2956404 (the data entry has 7 more characters).
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Kraken71ChromaHelper] => C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe [1600096 2017-02-14] (Razer USA Ltd. -> Razer Inc)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver Update Utility\DsaTray.exe [137976 2017-08-10] (Intel® Driver Update Utility -> Intel)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [601784 2020-05-13] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe [779144 2019-05-22] (Express Vpn LLC -> ExpressVPN)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [429624 2020-06-20] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Kraken0510Helper] => C:\Program Files (x86)\Razer\Razer_Kraken0510_Driver\Drivers\SysAudio\Kraken0510Helper.exe [1599432 2016-09-08] (Razer USA Ltd. -> Razer Inc)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-06-06] (Adobe Inc. -> )
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7651840 2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [705928 2020-08-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Run: [GoogleChromeAutoLaunch_8463E4E6F536B8D8D1FC6B6ADD3BC0C5] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Run: [Synapse3] => F:\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3513072 2020-08-18] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Run: [EpicGamesLauncher] => F:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32410000 2020-09-11] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [915848 2020-03-30] (Nota Inc. -> Nota Inc.)
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Run: [Google Update] => C:\Users\Nasir York\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-06-21] (Google LLC -> Google LLC)
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Run: [GoogleChromeAutoLaunch_2952BC569372D1E14E2D5D2EA119F0E6] => "C:\Users\Nasir York\AppData\Local\Google\Chrome SxS\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Run: [] => [X]
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [Synapse3] => F:\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3513072 2020-08-18] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.102\Installer\chrmstp.exe [2020-09-10] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk [2017-04-10]
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe (NETGEAR -> )
Startup: C:\Users\Nasir York\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk [2019-12-13]
ShortcutTarget: GenuineService.lnk -> C:\Users\Nasir York\Autodesk\Genuine Service\GenuineService.exe (Autodesk Inc -> Autodesk)
Startup: C:\Users\Nasir York\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2020-08-15]
ShortcutTarget: Twitch.lnk -> F:\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
GroupPolicy: Restriction ? <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {02443D27-8E80-4036-88C2-C765BD59F9A1} - \ASUS\ASUSUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {0655C164-67DD-46E8-9494-0915AAED1236} - \NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {08C3CC1F-48C9-42DF-B888-4414684FE749} - \ASUS\RemoteWakeAgent Execute -> No File <==== ATTENTION
Task: {0F9798BF-5AD7-4145-8065-E9C87E7D5B1D} - \Opera scheduled Autoupdate 1576754873 -> No File <==== ATTENTION
Task: {1046BEF6-BCDB-4CCE-9A6C-9B0B657FE595} - \Adobe Acrobat Update Task -> No File <==== ATTENTION
Task: {12111E5C-16BF-4CEB-A23B-03466FBF7E22} - \DropboxUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {1DC5A62F-7688-4FC3-87B8-508877D16A16} - \[email protected] -> No File <==== ATTENTION
Task: {20311710-456D-4767-99F4-A7708EDF31BC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5137312 2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {21C57211-8792-45F4-9398-13A7B2FD1E4D} - \ASUS\ASUS DIPAwayMode -> No File <==== ATTENTION
Task: {2574549F-267F-4613-9974-0E92A70C89F7} - \ASUS\ASUSUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {2595D41E-4D2C-4ACF-8984-2E535BE5A10D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {27EE5F7B-7516-41FF-A235-0EBFE77A4717} - \USER_ESRV_SVC_QUEENCREEK -> No File <==== ATTENTION
Task: {36C947FD-22FE-4786-B7B8-D242C0AA4979} - \Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 -> No File <==== ATTENTION
Task: {3A597984-D942-4829-BD3F-2068AA05D3AC} - \Apple\AppleSoftwareUpdate -> No File <==== ATTENTION
Task: {3EA23887-C60A-4CDB-9A78-D3A69AB9E3F5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5137312 2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {41B1704B-7AF7-46B8-ACC7-03C0EDB7AABA} - \GoogleUpdateTaskUserS-1-5-21-412816286-677371127-1562832458-1001Core -> No File <==== ATTENTION
Task: {42DEACA5-BF42-46F6-AFD9-815592BAD50E} - \Adobe Uninstaller -> No File <==== ATTENTION
Task: {439948FD-38DD-41C9-A515-EE39BD2D521E} - \BlueStacksHelper -> No File <==== ATTENTION
Task: {47DFA091-12DF-4E94-824E-57428ED0BCCA} - \GoogleUpdateTaskUserS-1-5-21-412816286-677371127-1562832458-1001UA -> No File <==== ATTENTION
Task: {4A51E577-D219-4FD7-9638-A1A3D182297A} - \ASUS\P508PowerAgent_sdk -> No File <==== ATTENTION
Task: {4D71BF85-19BF-4A05-A66B-BC11461B1536} - \User_Feed_Synchronization-{B290DBA9-18E3-4ED0-9D2F-E1631691DB35} -> No File <==== ATTENTION
Task: {4EF358B1-FF38-4429-868B-5089880C39D9} - \Avira_Security_Update -> No File <==== ATTENTION
Task: {4F4A521E-3784-4E7C-A54B-73BD8B8C235D} - \OneDrive Standalone Update Task-S-1-5-21-412816286-677371127-1562832458-1010 -> No File <==== ATTENTION
Task: {50D8A60A-B2DF-4623-A543-D5D53683C9B7} - \avast! Windows 10 Start Menu helper -> No File <==== ATTENTION
Task: {593F6AF6-E1E9-450B-9EF7-13ED11849B77} - \CAM -> No File <==== ATTENTION
Task: {5BB75B78-3DEC-4A08-B9D4-AEB479CE0BCA} - \ASUS\Ez Update -> No File <==== ATTENTION
Task: {5BFC000C-E4A5-4544-BF8E-41937419FE3D} - \ASUS\USB 3.0 Boost Service -> No File <==== ATTENTION
Task: {5CE6B8BB-BDE1-4C17-A87C-A756BEAEB0F8} - \ASUS\ArmourySocketServer -> No File <==== ATTENTION
Task: {5E32FA34-B9F7-4ACF-944F-FE651626415B} - \NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {65F2B608-9B5D-4064-9E65-D83DF0787E9E} - \NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {678E46CB-7C8E-41E6-8A95-95C9F8D4488D} - \GyazoUpdateTaskMachine -> No File <==== ATTENTION
Task: {6AEB6C3A-46A8-4622-9463-C2F30EE6ABB3} - \ASUS\Framework Service -> No File <==== ATTENTION
Task: {6DABF057-4641-49C1-9899-B8754988137F} - \AdobeAAMUpdater-1.0-DESKTOP-DTOHOOC-Nasir York -> No File <==== ATTENTION
Task: {714CB444-815B-4337-A258-0405BDFC4269} - \GyazoUpdateTaskMachineDaily -> No File <==== ATTENTION
Task: {71F857FB-3485-4959-8BF0-5F837AF27086} - \DropboxUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {77C644E1-D8E4-4A70-B10C-57779DBE9916} - \NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {7CA2624A-CCD2-4501-A4F2-50A8DCC2E767} - \NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {7E15967B-0F80-4BCB-947D-687490A3F67B} - \MicrosoftEdgeUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {867FA7B7-AE9D-4176-B867-18823BCAF956} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-09-15] (Google Inc -> Google Inc.)
Task: {972CBA3A-3286-4F3D-863D-61F39BF4B405} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144728 2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {9764361E-27F9-4D98-B379-346CC88AEE04} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [139448 2016-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C841347-84DC-43E1-A316-61D9A8C64918} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {A2229CF2-762D-44BC-9F0C-6F0BF66A8005} - \ASUS\GpuFanHelper -> No File <==== ATTENTION
Task: {ACC8B202-AEF5-46D9-9947-C1F0CB2C12DB} - \NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {AFD54B92-18E3-4D56-853B-7C439EEBA02E} - \ASUS\Push Notice Server Execute -> No File <==== ATTENTION
Task: {B1515E09-FD31-4D60-8593-D9A88413C9EF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22854008 2020-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {B656939C-E37D-4A40-9AC6-EB2AA7EC9C15} - \NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {C161F3F9-3343-4892-A82B-B233761AE765} - \ASUS\ASUS Media Streamer DMR -> No File <==== ATTENTION
Task: {C18F20E5-A676-44C6-AF13-1F39031C09D7} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1535896 2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {C64A0226-933F-4386-AA98-A4F73D3B5D74} - \AVG_SYS_TASK_0615piz -> No File <==== ATTENTION
Task: {C790CDD9-3C0B-4E8A-AF45-E1E67A7D36E0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {C792B4C1-8EFA-4F9B-8E95-575080A6F7DF} - \Adobe Flash Player PPAPI Notifier -> No File <==== ATTENTION
Task: {C7CC324F-D821-4C23-866C-4FD39AC85EF9} - \ASUS\ASUS AISuiteIII -> No File <==== ATTENTION
Task: {C8DA042E-9920-4547-A363-7490216C8566} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {C90D22C1-31D4-47CD-AE57-D05F3C8FD951} - \MicrosoftEdgeUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {CA03C619-D818-485E-A0BA-BF0B0A789496} - \NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {D30FB75D-B52A-46A6-884F-A8E412C5AA51} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22854008 2020-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {D319C04D-CA23-48D1-819C-E3B3F41768E8} - \AviraSystemSpeedupUpdate -> No File <==== ATTENTION
Task: {D857C645-CDC5-467A-B8D4-21FBEAB54349} - \AVG_SYS_TASK_0615piz_DELETE -> No File <==== ATTENTION
Task: {DDC035AF-43C1-4204-A507-DD7EC9271BEC} - \{1260EC0B-316C-479A-A0F7-D86CBFD9E973} -> No File <==== ATTENTION
Task: {DE71B6B2-6239-41B6-B984-19C5E4A9E9EB} - \AdobeGCInvoker-1.0 -> No File <==== ATTENTION
Task: {DFEECB4B-3CAF-40A9-A70B-A2BFF0E48726} - \Adobe Flash Player Updater -> No File <==== ATTENTION
Task: {E2937634-206E-448C-9988-C9D8D66527A6} - \Intel\Intel Telemetry 2 -> No File <==== ATTENTION
Task: {E33DBBCB-F6CA-4B54-BD54-5A66EE74E3C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-09-15] (Google Inc -> Google Inc.)
Task: {E5B46CDB-D1A7-41E2-B6FA-F516A06828DB} - \ProtonVPN Update -> No File <==== ATTENTION
Task: {E5C4818E-41A3-4BD0-A7DC-354A8DF62E50} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144728 2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E7062269-51BE-44AA-85FA-64D519E0F7E0} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
Task: {E7CE0E71-48BC-4B4F-BDAD-DC4518533D75} - \AsushomeCloudStart -> No File <==== ATTENTION
Task: {E85D5E25-2002-4CD1-8EA0-15C28378B806} - \MSIAfterburner -> No File <==== ATTENTION
Task: {EDC3AFFA-C7AB-4945-9E0B-DE19277669C9} - \Opera scheduled assistant Autoupdate 1576754934 -> No File <==== ATTENTION
Task: {F25A667C-8EE0-45EB-AA6B-BEFE29FADF6E} - \S-1-5-21-412816286-677371127-1562832458-1001\DataSenseLiveTileTask -> No File <==== ATTENTION
Task: {F79E9260-CEDC-4323-B267-8CFF6D9D6EA6} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2648592 2020-09-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{10416cf3-1d1f-46f8-98dd-5dc013e80178}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{308a0871-4f66-4569-90b8-ee3d237ffb36}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{854a3fd2-6045-49de-b682-6ddec26557da}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bfeb5d3a-0ad2-401e-9ba8-31f842c13770}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll => No File
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll => No File
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll => No File
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll => No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-12-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-23] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll No File
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll No File
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
 
Edge: 
======
Edge Profile: C:\Users\Nasir York\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-11]
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi => not found
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi => not found
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-08-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-06-20] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> F:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> F:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-12-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-12-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-08-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.asus.com/ASUS Update;version=3 -> C:\Program Files (x86)\ASUS\Update\1.3.107.27\npAsusUpdate3.dll [2020-08-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FF Plugin-x32: @tools.asus.com/ASUS Update;version=9 -> C:\Program Files (x86)\ASUS\Update\1.3.107.27\npAsusUpdate3.dll [2020-08-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-06-20] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-412816286-677371127-1562832458-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-01-07] (Ubisoft Entertainment Sweden AB -> )
 
Chrome: 
=======
CHR Profile: C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default [2020-09-11]
CHR DownloadDir: F:\Downloads
CHR Notifications: Default -> hxxps://thevirts.os.tc; hxxps://www.escapefromtarkov.com; hxxps://www.facebook.com; hxxps://www.netflix.com; hxxps://www.razer.com; hxxps://www.reddit.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Extension: (BetterTTV) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-09-11]
CHR Extension: (Google Drive) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (Hypothesis - Web & PDF Annotation) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjfhmglciegochdpefhhlphglcehbmek [2020-09-11]
CHR Extension: (Honey) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-09-11]
CHR Extension: (Avira Safe Shopping) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2020-09-11]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-09-11]
CHR Extension: (uBlock Origin) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-09-11]
CHR Extension: (Skillshare Free Downloader) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\dafpgbifpihaomcjenlnebhepkklhkfh [2020-03-05]
CHR Extension: (Dark Mode) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2020-06-19]
CHR Extension: (AHA Music - Song Finder for Browser) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf [2020-06-10]
CHR Extension: (Session Buddy) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2020-05-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-07-16]
CHR Extension: (Zotero Connector) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2020-09-11]
CHR Extension: (Gyazo) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdaeeijbbijklfcpahbghahojgfgebo [2020-09-11]
CHR Extension: (Bitdefender Wallet) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2020-07-30]
CHR Extension: (Hola Free VPN Proxy Unblocker - Best VPN) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2020-09-11]
CHR Extension: (goo.gl URL Shortener (Unofficial)) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk [2018-01-15]
CHR Extension: (Looper for YouTube) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\iggpfpnahkgpnindfkdncknoldgnccdg [2020-04-22]
CHR Extension: (View Image) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcmhcelnjdmblfmjabdeclccemkghjk [2020-04-27]
CHR Extension: (Grammarly for Chrome) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-09-11]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2020-09-11]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2020-07-30]
CHR Extension: (No History) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljamgkbcojbnmcaonjokopmcblmmpfch [2018-01-15]
CHR Extension: (Wikibuy from Capital One) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2020-09-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Material Simple Dark Grey) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookepigabmicjpgfnmncjiplegcacdbm [2018-09-30]
CHR Extension: (Steam Community Market Quick Buy) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbfjlhfadijipchkejgenbnnoebonckm [2018-01-15]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2020-09-11]
CHR Extension: (Gmail) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-10]
CHR Extension: (Chrome Media Router) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-11]
CHR Profile: C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\System Profile [2020-07-18]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1388920 2018-05-09] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-07-08] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-15] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844856 2020-06-20] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1208080 2020-09-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [537160 2020-08-04] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484440 2020-09-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484440 2020-09-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [572752 2020-08-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-03-27] (Apple Inc. -> Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-27] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-04-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] (ASUSTeK Computer Inc. -> ) [File not signed]
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2020-07-18] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.11\AsusFanControlService.exe [394040 2014-07-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2020-07-18] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [654936 2020-07-18] (ASUSTeK Computer Inc. -> ASUS)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636592 2020-08-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [382728 2020-08-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [245400 2020-09-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161376 2020-08-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8553552 2020-03-06] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8928120 2020-09-08] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-07-30] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-07-30] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
R2 DSAService; C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe [22264 2017-08-10] (Intel® Driver Update Utility -> Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2019-10-15] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [368640 2019-05-22] (Iain Patterson) [File not signed]
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [2977672 2020-07-20] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-04-05] (Logitech Inc -> Logitech Inc.)
R2 MSSQL$ASUSHOMECLOUD; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe [43130032 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; F:\Program Files (x86)\Origin\OriginClientService.exe [2519352 2020-09-07] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; F:\Program Files (x86)\Origin\OriginWebHelperService.exe [3472192 2020-09-07] (Electronic Arts, Inc. -> Electronic Arts)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [101184 2020-06-04] (ProtonVPN AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-06-04] (ProtonVPN AG -> )
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [981592 2020-07-29] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [292440 2020-07-29] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-06-24] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; F:\Synapse3\Service\Razer Synapse Service.exe [294128 2020-08-13] (Razer USA Ltd. -> Razer Inc.)
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [2411232 2020-07-20] (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2020-06-05] (Razer USA Ltd. -> Razer Inc.)
R2 RzKLService; F:\Razer Cortex\RzKLService.exe [290864 2020-08-21] (Razer USA Ltd. -> Razer Inc.)
S4 SQLAgent$ASUSHOMECLOUD; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\SQLAGENT.EXE [381104 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 tomcat6; C:\Program Files\ASUS\HomeCloud\Tomcat\Tomcat_OmniStore\bin\tomcat6.exe [80896 2013-04-28] (Apache Software Foundation) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [316120 2014-08-18] (NETGEAR -> )
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 AfVpnService; "C:\Program Files\Bitdefender\Bitdefender VPN\hydra.sdk.windows.service.exe" [X]
S2 BDAuxSrv; "C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe" "settings/services/configs/bdauxsrv_config.json" [X]
S2 BDProtSrv; "C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe" "settings\services\configs\bdprotsrv_config.json" [X]
S2 BdVpnService; "C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe" "service" [X]
S2 ProductAgentService; "C:\Program Files\Bitdefender Agent\ProductAgentService.exe" [X]
S2 UPDATESRV; "C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe" /service [X]
S2 VSSERV; "C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe" "settings/services/configs/bdshieldsrv_config.json" [X]
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-27] (ASUSTeK Computer Inc. -> )
S3 asstor64; C:\WINDOWS\System32\drivers\asstor64.sys [84816 2014-03-14] (ASMedia Technology Inc. -> Asmedia Technology)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] (ASUSTeK Computer Inc. -> )
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. -> )
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [2113184 2020-06-18] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [208024 2020-06-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199752 2020-04-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-03-26] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-28] (Microsoft Corporation) [File not signed]
R1 cbfs5; C:\Windows\system32\drivers\cbfs5.sys [422080 2015-05-22] (EldoS Corporation -> EldoS Corporation)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [28160 2019-05-22] (ExprsVPN LLC -> )
R1 GLCKIO2; C:\WINDOWS\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-07-02] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-04-05] (Logitech Inc -> Logitech Inc.)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (Windows Central Build Account - X -> MediaTek Inc.)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2014-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2019-03-19] (Microsoft Windows -> MediaTek Inc.)
S3 ProtonVPNSplitTunnel; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.SplitTunnelDriver.sys [31584 2020-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R2 RealWoW60; C:\WINDOWS\system32\DRIVERS\RealWoW60.sys [29400 2015-09-09] (Realtek Semiconductor Corp -> Realtek semiconductor corp)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [51776 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0203; C:\WINDOWS\System32\drivers\RzDev_0203.sys [52288 2020-02-17] (Razer USA Ltd. -> Razer Inc)
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [52240 2016-10-30] (Razer USA Ltd. -> Razer Inc)
S3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Razer USA Ltd. -> Windows ® Win 7 DDK provider)
R0 SCMNdisP; C:\WINDOWS\System32\DRIVERS\scmndisp.sys [29472 2012-09-05] (NETGEAR -> SerComm Corporation)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [297984 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R2 speedfan; C:\WINDOWS\SysWoW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2018-01-31] (TunnelBear, Inc. -> The OpenVPN Project)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [47920 2020-02-20] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-02-01] (Windscribe Limited -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 VBAudioHFVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_hfvaio64_win7.sys [33512 2017-06-18] (Vincent Burel -> Windows ® Win 7 DDK provider)
S3 VBAudioVMAUXVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmauxvaio64_win10.sys [71920 2019-10-20] (Vincent Burel -> Windows ® Win 7 DDK provider)
S3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [53128 2018-01-19] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [45408 2018-03-15] (Voicemod Sociedad Limitada -> Windows ® Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45976 2020-07-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [408816 2020-07-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-01] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36832 2017-02-11] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-12-21] (Zemana Ltd. -> Zemana Ltd.)
S2 BdDci; \SystemRoot\system32\DRIVERS\bddci.sys [X]
S0 Gemma; system32\DRIVERS\gemma.sys [X]
U4 napagent; no ImagePath
S3 VBAudioVMVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-09-11 19:45 - 2020-09-11 19:45 - 000056598 _____ C:\Users\Nasir York\Desktop\FRST.txt
2020-09-11 19:44 - 2020-09-11 19:44 - 002297344 _____ (Farbar) C:\Users\Nasir York\Desktop\FRST64.exe
2020-09-11 19:40 - 2020-09-11 19:45 - 000000000 ____D C:\FRST
2020-09-11 19:39 - 2020-09-11 19:39 - 002297344 _____ (Farbar) C:\Users\Nasir York\Downloads\FRST64.exe
2020-09-11 19:05 - 2020-09-11 19:45 - 000076376 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2020-09-11 19:04 - 2020-09-11 19:04 - 000121408 _____ C:\ProgramData\agent.1599865464.bdinstall.v2.bin
2020-09-11 19:04 - 2020-09-11 19:04 - 000000000 ____D C:\Program Files\Bitdefender Agent
2020-09-11 19:03 - 2020-09-11 19:03 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-09-11 16:40 - 2020-09-11 16:40 - 012444368 _____ C:\Users\Nasir York\Downloads\bitdefender_online (2).exe
2020-09-11 16:40 - 2020-09-11 16:40 - 012444368 _____ C:\Users\Nasir York\Downloads\bitdefender_online (1).exe
2020-09-11 16:35 - 2020-09-11 16:35 - 000000000 ____D C:\Users\Public\Security Sessions
2020-09-11 16:34 - 2020-09-11 16:35 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Avira
2020-09-11 16:34 - 2020-09-11 16:34 - 000003374 _____ C:\WINDOWS\system32\Tasks\Avira_Antivirus_Systray
2020-09-11 16:34 - 2020-09-11 16:34 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2020-09-11 16:34 - 2020-06-09 13:37 - 000208024 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2020-09-11 16:34 - 2020-04-30 12:37 - 000199752 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2020-09-11 16:34 - 2019-06-07 15:09 - 000078936 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys
2020-09-11 16:34 - 2019-03-20 18:50 - 000089736 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2020-09-11 16:34 - 2019-03-20 18:50 - 000046704 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2020-09-11 16:34 - 2019-03-20 18:50 - 000045472 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2020-09-11 16:34 - 2019-03-20 18:50 - 000022336 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avelam.sys
2020-09-11 16:33 - 2020-09-11 16:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-09-11 16:33 - 2020-09-11 16:35 - 000000000 ____D C:\ProgramData\Avira
2020-09-11 16:33 - 2020-09-11 16:35 - 000000000 ____D C:\Program Files (x86)\Avira
2020-09-11 16:33 - 2020-09-11 16:34 - 000000000 ____D C:\Users\Public\Speedup Sessions
2020-09-11 16:33 - 2020-09-11 16:33 - 004434320 _____ (Avira Operations GmbH & Co. KG) C:\Users\Nasir York\Downloads\avira_en_sptl1_6e21dd0459dc77d5__pavwws-spotlight-release.exe
2020-09-11 16:33 - 2020-09-11 16:33 - 000001265 _____ C:\Users\Public\Desktop\Avira.lnk
2020-09-11 16:33 - 2020-09-11 16:33 - 000001265 _____ C:\ProgramData\Desktop\Avira.lnk
2020-09-11 16:17 - 2020-09-11 16:17 - 000402788 _____ C:\ProgramData\cl.uninstall.1599855423.bdinstall.v2.bin
2020-09-11 16:12 - 2020-09-11 16:12 - 012444368 _____ C:\Users\Nasir York\Downloads\bitdefender_online.exe
2020-09-10 22:25 - 2020-09-10 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-09-10 03:39 - 2020-09-10 03:39 - 000766842 _____ C:\Users\Nasir York\Downloads\feeWaiver_DE268681DDF248D78D93E800EDF2CFD3.pdf
2020-09-10 03:35 - 2020-09-10 03:35 - 001260661 _____ C:\Users\Nasir York\Downloads\app_DE268681DDF248D78D93E800EDF2CFD3.pdf
2020-09-10 02:29 - 2020-09-10 02:29 - 001494867 _____ C:\Users\Nasir York\Desktop\SATStudentScoreReport_1599719389248.pdf
2020-09-09 07:45 - 2020-09-09 07:45 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-09-09 07:45 - 2020-09-09 07:45 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-09-09 07:45 - 2020-09-09 07:45 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-09-09 07:45 - 2020-09-09 07:45 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2020-09-08 16:36 - 2020-09-08 16:36 - 000860064 _____ C:\Users\Nasir York\Desktop\BROMFIELDDIANAR2018.pdf
2020-09-07 13:49 - 2020-09-07 13:49 - 000000651 _____ C:\Users\Public\Desktop\Webull Desktop.lnk
2020-09-07 13:49 - 2020-09-07 13:49 - 000000651 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webull Desktop.lnk
2020-09-07 13:49 - 2020-09-07 13:49 - 000000651 _____ C:\ProgramData\Desktop\Webull Desktop.lnk
2020-09-07 13:49 - 2020-09-07 13:49 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\Webull Desktop
2020-09-07 13:49 - 2020-09-07 13:49 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\upgradecache
2020-09-07 13:47 - 2020-09-07 13:47 - 098219056 _____ (Webull Company, Inc. ) C:\Users\Nasir York\Downloads\Webull Desktop 4.2.0.exe
2020-09-06 13:31 - 2020-09-06 13:32 - 000040276 _____ C:\Users\Nasir York\Downloads\FontsFree-Net-Thedus-Wide.ttf
2020-09-06 13:29 - 2020-09-06 13:29 - 000016393 _____ C:\Users\Nasir York\Downloads\genuine.zip
2020-09-06 13:27 - 2020-09-06 13:27 - 000036241 _____ C:\Users\Nasir York\Downloads\Luckiest_Guy.zip
2020-09-06 13:24 - 2020-09-06 13:24 - 000039881 _____ C:\Users\Nasir York\Downloads\hanson-bold.zip
2020-09-04 22:08 - 2020-09-04 22:08 - 000001106 _____ C:\Users\Nasir York\Desktop\On-Screen Keyboard (2).lnk
2020-09-04 17:30 - 2020-09-04 17:30 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Epic Games
2020-09-03 18:18 - 2020-09-03 18:18 - 000000260 _____ C:\Users\Nasir York\Desktop\Spellbreak.url
2020-09-03 14:51 - 2020-09-06 14:05 - 000000131 _____ C:\Users\Nasir York\Desktop\Stonks.txt
2020-08-28 00:10 - 2020-08-28 00:10 - 000000000 ____D C:\Users\Nasir York\AppData\LocalLow\Innersloth
2020-08-26 19:27 - 2020-08-26 19:28 - 000059797 _____ C:\Users\Nasir York\Desktop\Nasir York Official Resume - Google Docs.pdf
2020-08-22 03:03 - 2020-08-22 03:03 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-08-20 02:33 - 2020-08-20 02:33 - 063638048 _____ (Electronic Arts) C:\Users\Nasir York\Downloads\OriginThinSetup.exe
2020-08-20 01:35 - 2020-08-20 01:35 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-08-20 01:34 - 2020-08-13 19:59 - 001371344 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-08-20 01:34 - 2020-08-13 19:59 - 001371344 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-08-20 01:34 - 2020-08-13 19:58 - 001780944 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-08-20 01:34 - 2020-08-13 19:58 - 001780944 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-08-20 01:34 - 2020-08-13 19:58 - 001086672 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-08-20 01:34 - 2020-08-13 19:58 - 001086672 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-08-20 01:34 - 2020-08-13 19:58 - 000946392 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-08-20 01:34 - 2020-08-13 19:58 - 000946392 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-08-20 01:34 - 2020-08-13 19:58 - 000455400 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-08-20 01:34 - 2020-08-13 19:58 - 000349928 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-08-20 01:34 - 2020-08-13 19:56 - 000816376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-08-20 01:34 - 2020-08-13 19:56 - 000675216 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-08-20 01:34 - 2020-08-13 19:56 - 000541928 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 002078104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 001570720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 001485544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 001146256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 000811256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 000669432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 000656792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 000555936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-08-20 01:34 - 2020-08-13 19:54 - 006653328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-08-20 01:34 - 2020-08-13 19:54 - 005882600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-08-20 01:34 - 2020-08-13 19:54 - 003916688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-08-20 01:34 - 2020-08-13 19:54 - 002376080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-08-20 01:34 - 2020-08-13 19:54 - 001722088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6445206.dll
2020-08-20 01:34 - 2020-08-13 19:54 - 001482992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6445206.dll
2020-08-20 01:34 - 2020-08-13 19:51 - 005395088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-08-20 01:34 - 2020-08-13 19:51 - 004707696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-08-20 01:34 - 2020-08-12 21:43 - 001682368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2020-08-20 01:34 - 2020-08-12 21:43 - 000222112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2020-08-20 01:34 - 2020-08-12 21:43 - 000058596 _____ C:\WINDOWS\system32\nvinfo.pb
2020-08-20 01:34 - 2020-08-12 21:43 - 000039824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2020-08-20 01:29 - 2020-06-23 10:20 - 002754024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2020-08-20 01:29 - 2020-06-23 10:20 - 002122216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2020-08-20 01:29 - 2020-03-04 08:54 - 001804784 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2020-08-20 01:29 - 2020-03-04 08:54 - 000050592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys
2020-08-20 01:25 - 2020-08-20 01:25 - 000000000 ____D C:\Program Files\Razer
2020-08-18 15:41 - 2020-09-11 18:46 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\Zoom
2020-08-18 03:46 - 2020-08-18 03:46 - 000279486 _____ C:\Users\Nasir York\Downloads\Motion_Bro_Extension.zip
2020-08-18 02:17 - 2020-08-18 02:17 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\AEJuice
2020-08-18 01:57 - 2020-08-18 01:57 - 006997850 _____ C:\Users\Nasir York\Downloads\AEJuice_Pack_Manager.zip
2020-08-17 20:47 - 2020-08-17 20:47 - 000696038 _____ C:\Users\Nasir York\Downloads\Free Glitch Stinger Transition.aep
2020-08-17 18:19 - 2020-08-17 18:19 - 003027968 _____ C:\Users\Nasir York\Downloads\Motion Array_1.4.1.zxp
2020-08-17 18:18 - 2020-08-17 18:18 - 322312351 _____ C:\Users\Nasir York\Downloads\Motion+Array+Installer+1.9.0+Windows.zip
2020-08-17 01:53 - 2020-08-17 01:59 - 000000000 ____D C:\Users\Nasir York\AppData\Local\VideoCopilot
2020-08-17 01:44 - 2020-08-17 01:44 - 001869794 _____ C:\Users\Nasir York\Downloads\FXConsoleInstaller_1.0.5_Win.zip
2020-08-17 01:40 - 2020-08-17 01:40 - 000916668 _____ C:\Users\Nasir York\Downloads\ButtCapper_v1.1.zip
2020-08-17 01:37 - 2020-08-17 01:37 - 000973799 _____ C:\Users\Nasir York\Downloads\SaberInstaller_1.0.39_Win_2018.zip
2020-08-17 00:52 - 2020-08-17 00:52 - 000000745 _____ C:\Users\Nasir York\Downloads\Free Presets for Motion Bro.zip
2020-08-17 00:49 - 2020-08-17 00:49 - 000815350 _____ C:\Users\Nasir York\Downloads\Gilroy-FREE.zip
2020-08-17 00:48 - 2020-08-17 00:48 - 001215743 _____ C:\Users\Nasir York\Downloads\open-sans.zip
2020-08-17 00:44 - 2020-08-17 00:44 - 004330141 _____ C:\Users\Nasir York\Downloads\montserrat.zip
2020-08-17 00:44 - 2020-08-17 00:44 - 000161960 _____ C:\Users\Nasir York\Downloads\chunkfive.zip
2020-08-17 00:43 - 2020-08-17 00:43 - 000650395 _____ C:\Users\Nasir York\Downloads\BebasNeue.zip
2020-08-17 00:41 - 2020-08-17 00:41 - 101421884 _____ C:\Users\Nasir York\Downloads\22601944_graphics-pack_by_motioncan_preview (1).mp4
2020-08-17 00:24 - 2020-08-17 00:25 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\MotionBro Preferences
2020-08-16 23:54 - 2020-08-17 00:27 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\ZXPInstaller
2020-08-16 23:54 - 2020-08-16 23:54 - 047069298 _____ C:\Users\Nasir York\Downloads\ZXPInstaller.Setup.exe
2020-08-16 20:22 - 2020-08-16 20:22 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2020-08-16 20:22 - 2020-08-16 20:22 - 000000003 _____ C:\WINDOWS\system32\wdbcache.tmp
2020-08-16 18:57 - 2020-08-16 18:57 - 000023435 _____ C:\Users\Nasir York\Downloads\wandertucker.zip
2020-08-16 14:43 - 2020-08-16 16:47 - 2255310455 _____ C:\Users\Nasir York\Downloads\22601944-Graphics_Pack_V3.0-ShareAE.com (1).zip
2020-08-16 13:47 - 2020-08-16 14:42 - 000000008 _____ C:\Users\Nasir York\Downloads\22601944-Graphics_Pack_V3.0-ShareAE.com.zip
2020-08-16 13:45 - 2020-08-16 13:45 - 017172500 _____ C:\Users\Nasir York\Downloads\EbSynth-Beta-Win.zip
2020-08-16 13:39 - 2020-08-16 13:39 - 101421884 _____ C:\Users\Nasir York\Downloads\22601944_graphics-pack_by_motioncan_preview.mp4
2020-08-16 13:02 - 2020-08-16 13:02 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogui.exe
2020-08-15 23:38 - 2020-08-15 23:38 - 132829310 _____ C:\Users\Nasir York\Downloads\Lake.mp4
2020-08-15 23:34 - 2020-08-15 23:34 - 020563241 _____ C:\Users\Nasir York\Downloads\Water drone.mp4
2020-08-15 23:28 - 2020-08-15 23:28 - 026455208 _____ C:\Users\Nasir York\Downloads\City Drone.mp4
2020-08-15 17:19 - 2020-08-15 17:19 - 000000842 _____ C:\Users\Nasir York\Desktop\Adobe Premiere Pro 2020.lnk
2020-08-15 17:19 - 2020-08-15 17:19 - 000000842 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2020.lnk
2020-08-15 16:24 - 2020-08-15 16:24 - 087258448 _____ (Twitch Interactive, Inc.) C:\Users\Nasir York\Downloads\TwitchSetup.exe
2020-08-15 16:24 - 2020-08-15 16:24 - 000000724 _____ C:\Users\Nasir York\Desktop\Twitch.lnk
2020-08-15 16:24 - 2020-08-15 16:24 - 000000724 _____ C:\Users\Nasir York\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk
2020-08-15 16:24 - 2020-08-15 16:24 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\Twitch
2020-08-13 23:27 - 2020-08-13 23:27 - 000030044 _____ C:\Users\Nasir York\Downloads\elements-etna-sans-serif-KM9HK3-2016-06-26.zip
2020-08-13 03:57 - 2020-08-13 03:57 - 025903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 022642688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 007758848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 007270912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 006294528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 005904896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 005013504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 004611072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 004129408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 003637760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 003516416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-08-13 03:57 - 2020-08-13 03:57 - 002950808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-08-13 03:57 - 2020-08-13 03:57 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-08-13 03:57 - 2020-08-13 03:57 - 002588688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2020-08-13 03:57 - 2020-08-13 03:57 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-08-13 03:57 - 2020-08-13 03:57 - 002259192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2020-08-13 03:57 - 2020-08-13 03:57 - 002138280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-08-13 03:57 - 2020-08-13 03:57 - 001870200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 001836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 001418832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 001316352 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 001282872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-08-13 03:57 - 2020-08-13 03:57 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-08-13 03:57 - 2020-08-13 03:57 - 001197056 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000995840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-08-13 03:57 - 2020-08-13 03:57 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000931328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2020-08-13 03:57 - 2020-08-13 03:57 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-08-13 03:57 - 2020-08-13 03:57 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-08-13 03:57 - 2020-08-13 03:57 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000738064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-08-13 03:57 - 2020-08-13 03:57 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000671040 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-08-13 03:57 - 2020-08-13 03:57 - 000639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000359496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2020-08-13 03:57 - 2020-08-13 03:57 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000343408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2020-08-13 03:57 - 2020-08-13 03:57 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\net1.exe
2020-08-13 03:57 - 2020-08-13 03:57 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrahc.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\net1.exe
2020-08-13 03:57 - 2020-08-13 03:57 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintBrmUi.exe
2020-08-13 03:57 - 2020-08-13 03:57 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-08-13 03:57 - 2020-08-13 03:57 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000000357 _____ C:\WINDOWS\system32\DrtmAuthKeyDelegate_From_20190529_To_20200303.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth1KeyDelegate.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-08-13 03:56 - 2020-08-13 03:57 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 017792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 014820352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 009932088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 007915864 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 007850784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 007583272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 007297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 007270728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 006436864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 006074552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 005946368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 005849872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 005767224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 005283776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 005111296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 005003824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 004625184 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2020-08-13 03:56 - 2020-08-13 03:56 - 004005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 003984896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 003974376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 003806208 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 003743056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 003368616 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 003141632 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 002766952 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002737664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002717696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 002698048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002471936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002260312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002136064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002085632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002022400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001756592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-08-13 03:56 - 2020-08-13 03:56 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001740800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001660536 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001654312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001512848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 001482568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001420320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001406464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-08-13 03:56 - 2020-08-13 03:56 - 001338368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001123344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 001072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001055232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000917800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000897648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000888352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000875520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000875424 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 000867840 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000823744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000822800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000718336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000716312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000690536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000675040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000675024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000568128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000564488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 000548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000522688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-08-13 03:56 - 2020-08-13 03:56 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\HrtfApo.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000463168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000379704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000369304 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayServer.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HrtfApo.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000275256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 000273744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Winlangdb.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000186472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47mrm.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000165176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Winlangdb.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47mrm.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\globinputhost.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000124512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\globinputhost.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguageProfileCallback.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguageProfileCallback.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acwow64.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-08-13 03:51 - 2020-08-13 03:51 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-08-13 03:51 - 2020-08-13 03:51 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-08-12 17:30 - 2020-08-12 17:30 - 000273300 _____ C:\Users\Nasir York\Downloads\planet_artwork_color_palette_tutvid.zip
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-09-11 19:41 - 2015-12-26 18:01 - 000000000 _____ C:\WINDOWS\Path.idx
2020-09-11 19:32 - 2016-01-31 14:28 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\discord
2020-09-11 19:11 - 2019-09-28 03:10 - 000870996 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-11 19:11 - 2019-03-19 00:50 - 000000000 ____D C:\WINDOWS\INF
2020-09-11 19:06 - 2019-03-19 00:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-11 19:06 - 2017-04-24 00:41 - 000000000 ____D C:\ProgramData\NVIDIA
2020-09-11 19:06 - 2015-12-26 17:41 - 001048576 _____ C:\WINDOWS\PE_Rom.dll
2020-09-11 19:05 - 2020-07-18 14:24 - 000550634 _____ C:\WINDOWS\ntbtlog.txt
2020-09-11 19:05 - 2019-09-28 03:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-11 19:05 - 2019-09-28 03:11 - 000000000 ____D C:\Users\Nasir York
2020-09-11 19:05 - 2019-09-28 03:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-11 19:02 - 2019-03-19 00:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-09-11 18:46 - 2019-09-28 03:08 - 004099168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-09-11 18:45 - 2015-12-27 22:16 - 000000000 ____D C:\Users\Nasir York\AppData\Local\CrashDumps
2020-09-11 18:41 - 2016-05-04 19:17 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Battle.net
2020-09-11 18:29 - 2019-12-13 19:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Apple
2020-09-11 18:29 - 2019-09-28 03:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-412816286-677371127-1562832458-1001
2020-09-11 18:29 - 2019-09-28 03:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2020-09-11 18:29 - 2019-09-28 03:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2020-09-11 17:01 - 2015-12-28 19:01 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Ubisoft Game Launcher
2020-09-11 16:52 - 2019-03-19 00:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-11 16:52 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-11 16:52 - 2017-10-29 12:44 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Packages
2020-09-11 16:52 - 2015-12-26 17:05 - 000000000 ____D C:\ProgramData\Package Cache
2020-09-11 16:48 - 2020-07-20 00:14 - 000000000 ____D C:\Program Files (x86)\Proton Technologies
2020-09-11 16:45 - 2019-12-19 07:28 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Opera Software
2020-09-11 16:34 - 2019-03-19 00:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-09-11 16:12 - 2020-07-28 14:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender VPN
2020-09-11 13:46 - 2020-08-03 13:28 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-11 04:11 - 2020-06-21 14:05 - 000002577 _____ C:\Users\Nasir York\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary.lnk
2020-09-10 22:26 - 2020-07-30 17:24 - 000000000 ___RD C:\Users\Nasir York\Dropbox
2020-09-10 22:25 - 2020-07-30 17:21 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-09-10 21:24 - 2018-09-27 19:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-09-10 21:24 - 2016-01-11 22:35 - 000000000 ____D C:\Program Files\Microsoft Office
2020-09-10 21:18 - 2019-09-28 13:24 - 000000000 ____D C:\Users\Nasir York\AppData\Local\D3DSCache
2020-09-10 18:07 - 2018-01-15 13:22 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-10 14:33 - 2018-06-26 13:57 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Discord
2020-09-09 03:51 - 2020-08-03 19:55 - 000000636 _____ C:\Users\Nasir York\Desktop\College.txt
2020-09-04 17:30 - 2020-08-02 23:40 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\EasyAntiCheat
2020-09-04 00:33 - 2016-05-04 19:16 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-09-03 21:51 - 2018-10-02 19:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex
2020-08-27 17:09 - 2018-09-26 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2020-08-27 17:08 - 2016-08-19 20:28 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2020-08-22 19:14 - 2015-12-27 22:14 - 000000000 ____D C:\Users\Nasir York\AppData\Local\NVIDIA
2020-08-21 15:37 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-08-20 04:00 - 2015-12-27 23:56 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\Origin
2020-08-20 02:44 - 2015-12-27 23:54 - 000000000 ____D C:\ProgramData\Origin
2020-08-20 02:34 - 2015-12-27 23:56 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Origin
2020-08-20 01:29 - 2017-04-24 00:41 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-08-20 01:29 - 2017-04-24 00:41 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-08-20 01:29 - 2017-04-24 00:41 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-08-20 01:26 - 2017-04-24 00:41 - 000000000 ____D C:\ProgramData\Razer
2020-08-20 01:25 - 2017-04-24 00:40 - 000000000 ____D C:\Program Files (x86)\Razer
2020-08-18 21:11 - 2016-01-11 18:57 - 000000000 ____D C:\Program Files\Adobe
2020-08-18 21:11 - 2016-01-04 05:14 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-08-18 02:17 - 2015-12-26 16:55 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\Adobe
2020-08-17 18:19 - 2015-12-26 17:42 - 000000000 ____D C:\ProgramData\Adobe
2020-08-17 01:15 - 2020-07-23 13:45 - 000000950 _____ C:\Users\Nasir York\Desktop\Adobe After Effects 2020.lnk
2020-08-16 13:02 - 2019-03-19 00:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-08-14 04:07 - 2019-03-19 02:23 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-08-14 04:07 - 2019-03-19 00:37 - 000000000 ____D C:\WINDOWS\servicing
2020-08-13 03:59 - 2019-03-19 00:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-08-12 19:28 - 2019-03-19 00:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-08-12 19:15 - 2020-04-20 22:03 - 000991032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-08-12 19:15 - 2020-03-11 19:48 - 005491512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-08-12 19:15 - 2020-03-11 19:48 - 002634728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-08-12 19:15 - 2020-03-11 19:48 - 001759032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-08-12 19:15 - 2020-03-11 19:48 - 000195560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2020-08-12 19:15 - 2020-03-11 19:48 - 000122344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-08-12 19:15 - 2020-03-11 19:48 - 000083256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-08-12 18:35 - 2020-03-11 19:48 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
 
==================== Files in the root of some directories ========
 
2018-10-14 21:58 - 2018-10-14 21:58 - 000000260 _____ () C:\ProgramData\fontcacheev1.dat
2015-12-26 17:36 - 2015-12-26 17:36 - 000000138 _____ () C:\Program Files\IntelRemoteWakeAgent.ini
2020-06-20 00:13 - 2020-06-20 00:13 - 000000132 _____ () C:\Users\Nasir York\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
2019-10-26 20:20 - 2020-07-21 03:23 - 000000132 _____ () C:\Users\Nasir York\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-10-03 19:58 - 2017-10-03 20:03 - 000683808 _____ () C:\Users\Nasir York\AppData\Roaming\AvidCloudClientServices_Install.log
2020-07-20 12:39 - 2020-08-06 21:21 - 000000028 _____ () C:\Users\Nasir York\AppData\Roaming\kulerdata.json
2015-12-30 10:37 - 2016-01-02 20:23 - 000012523 _____ () C:\Users\Nasir York\AppData\Roaming\SpeedRunnersLog.txt
2017-06-18 20:25 - 2017-11-11 12:12 - 000004521 _____ () C:\Users\Nasir York\AppData\Roaming\VoiceMeeterDefault.xml
2020-06-20 00:08 - 2020-06-20 00:08 - 000001456 _____ () C:\Users\Nasir York\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-01-03 07:27 - 2016-01-03 07:27 - 001065984 _____ () C:\Users\Nasir York\AppData\Local\file__0.localstorage
2019-08-03 18:30 - 2019-08-03 18:34 - 000007057 _____ () C:\Users\Nasir York\AppData\Local\krita.log
2019-08-03 18:34 - 2019-08-03 18:34 - 000000039 _____ () C:\Users\Nasir York\AppData\Local\kritadisplayrc
2019-08-03 18:30 - 2019-08-03 18:34 - 000016136 _____ () C:\Users\Nasir York\AppData\Local\kritarc
2018-09-26 18:30 - 2018-09-26 18:30 - 000000000 _____ () C:\Users\Nasir York\AppData\Local\oobelibMkey.log
2020-06-25 01:55 - 2020-06-25 01:55 - 000000218 _____ () C:\Users\Nasir York\AppData\Local\recently-used.xbel
2017-07-13 17:13 - 2020-04-11 19:03 - 000007602 _____ () C:\Users\Nasir York\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-09-2020
Ran by Nasir York (11-09-2020 19:46:32)
Running from C:\Users\Nasir York\Desktop
Windows 10 Pro Version 1903 18362.1016 (X64) (2019-09-28 07:16:44)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-412816286-677371127-1562832458-500 - Administrator - Disabled)
chian (S-1-5-21-412816286-677371127-1562832458-1007 - Limited - Disabled)
DefaultAccount (S-1-5-21-412816286-677371127-1562832458-503 - Limited - Disabled)
Gears Fix (S-1-5-21-412816286-677371127-1562832458-1010 - Limited - Enabled) => C:\Users\Gears Fix
Guest (S-1-5-21-412816286-677371127-1562832458-501 - Limited - Disabled)
nasir (S-1-5-21-412816286-677371127-1562832458-1006 - Limited - Disabled)
Nasir York (S-1-5-21-412816286-677371127-1562832458-1001 - Administrator - Enabled) => C:\Users\Nasir York
WDAGUtilityAccount (S-1-5-21-412816286-677371127-1562832458-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
FW: Bitdefender Firewall (Disabled) {362C5A58-E860-6396-9204-BEEEF20CA463}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
. . (HKLM\...\{E99F3005-A18B-4BF7-B751-7E780C5E87F0}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{26ABF655-7062-4BBB-B954-F21DF44A1D76}) (Version: 2.9.0.2 - Intel) Hidden
7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_0_4) (Version: 17.0.4 - Adobe Inc.)
Adobe Animate 2020 (HKLM-x32\...\FLPR_20_0_2) (Version: 20.0.2 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Dimension (HKLM-x32\...\ESHR_3_1_1) (Version: 3.1.1 - Adobe Systems Incorporated)
Adobe Illustrator CC 2019 (HKLM-x32\...\ILST_23_0_1) (Version: 23.0.1 - Adobe Inc.)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_2_1) (Version: 8.2.1 - Adobe Inc.)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.2.0 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Inc.)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_0_3) (Version: 14.0.3 - Adobe Inc.)
AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.83 - ASUSTeK Computer Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (32-bit) (HKLM-x32\...\{6CF0CAEE-54B6-4D84-A055-3AF110F189D3}) (Version: 8.4 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{8B127943-89E7-4691-A7A4-D05807920A84}) (Version: 8.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A394C41-FBA7-4930-85FC-3A973B34E6C6}) (Version: 13.5.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.23 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{c1fab792-fdc8-4343-aa29-cae3af29ce76}) (Version: 1.0.23 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.03.53 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.2.6 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{5c465d6f-1288-415a-946e-b6ecf1b1a30c}) (Version: 0.0.2.6 - ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\...\{ae62c209-3c0a-4062-b1dd-7f31e7a07a49}) (Version: 1.0.4.5 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{CB0E3BB6-3F2F-401E-B1D4-E23C582ACB11}) (Version: 1.0.4.5 - ASUSTek COMPUTER INC.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{3507c756-a80f-4b0e-8475-975d8b432176}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS HomeCloud Launcher (HKLM-x32\...\4ff11ffb-5880-4338-90e0-1502e835b184) (Version: 1.01.04 - ASUSTeK Computer Inc.)
Asus Sonic Suite Plugins (HKLM-x32\...\{0eaccf04-4462-4fb3-8d97-6e9fe2f1c642}) (Version: 2.1.1801 - ASUSTeKcomputer.Inc) Hidden
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.27 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.48 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{95c37d21-77e3-4b72-9e0e-7ba93e636dde}) (Version: 1.0.48 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.11 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.11 - ASUS)
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.04.15 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{409f323b-0865-4c82-8161-a444b1f3f709}) (Version: 3.04.15 - ASUSTeK Computer Inc.)
Autodesk Genuine Service (HKLM-x32\...\{EF86FB37-98AB-49C2-930B-77A5E04758FE}) (Version: 2.2.0 - Autodesk)
Avira (HKLM-x32\...\{30361B56-9FDE-41F7-9E9E-5F46D7C5BA9C}) (Version: 1.2.149.21141 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{34a7e780-9295-4863-9fe4-6c679faf7f44}) (Version: 1.2.149.21141 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2009.1960 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.35.1.21885 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.36.11467 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version:  - Avira Operations GmbH & Co. KG;)
Avira Software Updater (HKLM-x32\...\{073825B9-FF06-4690-8CE4-3C0B72036122}) (Version: 2.0.6.37231 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.7.0.11004 - Avira Operations GmbH & Co. KG) Hidden
Azure AD Authentication Connected Service (HKLM-x32\...\{8A1AD070-269F-4A15-AAB5-76AB896EF195}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 24.0.1.169 - Bitdefender)
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\{892913E7-EB3C-43F8-ABDE-9333ABBF959A}) (Version: 2.82.0 - Blender Foundation)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.190.0.5002 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty Black Ops 4 (HKLM-x32\...\Call of Duty Black Ops 4) (Version:  - Blizzard Entertainment)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
Contents64 (HKLM\...\{C2D307EA-96F8-4F6E-880E-E244779D8477}) (Version: 19.1.0.12 - Corel Corporation) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Discord (HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Discord) (Version: 0.0.308 - Discord Inc.)
Dotfuscator and Analytics Community Edition 5.22.0 (HKLM-x32\...\{60018889-9E0F-43E8-9B89-29E8C828B40A}) (Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 105.4.651 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.335.1 - Dropbox, Inc.) Hidden
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 3.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.23.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{1ed73932-bb1f-42f9-b276-d10182a64b07}) (Version: 1.1.23.0 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.5.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{f009cab7-dc2f-4859-bdfd-b94d0064c20b}) (Version: 1.0.5.0 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{53041896-BE90-4A26-9954-9E9FDC7D4495}) (Version: 1.1.229.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ExpressVPN (HKLM-x32\...\{3cb2ba2a-ceb7-4515-b7ca-0182de74b68c}) (Version: 7.1.1.7992 - ExpressVPN)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B846DD9769}) (Version: 7.1.1.7992 - ExpressVPN) Hidden
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version:  - Image-Line)
GDR 4042 for SQL Server 2008 R2 (KB3045313) (HKLM-x32\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.102 - Google LLC)
Google Chrome Canary (HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Google Chrome SxS) (Version: 87.0.4261.0 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Gyazo 4.1.2.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
ICA (HKLM-x32\...\{EE80DAA0-0071-475C-A222-F1782888FC55}) (Version: 19.1.0.12 - Corel Corporation) Hidden
Inpaint 8.1 (HKLM\...\{5808866F-D115-46B2-8123-BB6801968101}_is1) (Version:  - Teorex)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{d370215a-d003-43ae-a3b6-1028af64d5a1}) (Version: 10.0.20 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel® Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{e0c04d85-bdcb-4572-ac96-c3e248f87a87}) (Version: 2.9.0.2 - Intel)
IPM_VS_Pro64 (HKLM\...\{1BD7EE90-7C52-4142-B4DD-55C4F28F9EE7}) (Version: 19.0 - Corel Corporation) Hidden
iTunes (HKLM\...\{739B363A-A8C1-4D32-843D-07603700D19F}) (Version: 12.10.6.2 - Apple Inc.)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Jump Force Ultimate Edition MULTi14 - ElAmigos version 2.00 (HKLM-x32\...\{E7BE40FB-7006-42A9-ADCF-7F57D754B9F0}_is1) (Version: 2.00 - Bandai Namco Entertainment)
Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.26 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{e5d9f7b7-590f-42bf-8068-23e9a16c58fb}) (Version: 1.0.26 - KINGSTON COMPONENTS INC.) Hidden
Kits Configuration Installer (HKLM-x32\...\{84645792-B4DC-8386-13D6-94810C42EF8A}) (Version: 10.1.14393.795 - Microsoft) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Gaming Software 8.92 (HKLM\...\Logitech Gaming Software) (Version: 8.92.67 - Logitech Inc.)
Melodyne Runtime 4.1 (x64) (HKLM\...\{721E4E34-AF7C-4345-93F9-282CCC8CCCB5}) (Version: 1.0.2 - Celemony Software GmbH)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.13231.20126 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (HKLM-x32\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{49860BCD-24D6-44C1-922E-AC12FE32234E}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{EFECC55D-7B0A-4D05-8487-CC2FD7C618A3}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 (HKLM-x32\...\{7d607fb4-7e28-4c7a-a92f-3fcdaf555faf}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{D68E6605-F852-4936-AB64-04B80E0C85AD}) (Version: 2.2.0.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{128C1654-3B9E-4959-8BFB-CE6F09C0A01D}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
My Hero Ones Justice 2 (HKLM-x32\...\My Hero Ones Justice 2_is1) (Version:  - )
NahimicSettingsConfigurator (HKLM\...\{C0C4818E-DCAD-44F9-A2FF-FAACAEC791B5}) (Version: 2.1.1801 - ASUSTeKcomputer.Inc) Hidden
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.4 - NETGEAR)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.4.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.4.14 - NVIDIA Corporation)
NVIDIA Graphics Driver 452.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.34 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 24.0.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.83.43781 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwatch League Replay Viewer (HKLM-x32\...\Overwatch League Replay Viewer) (Version:  - Blizzard Entertainment)
Overwatch Test (HKLM-x32\...\Overwatch Test) (Version:  - Blizzard Entertainment)
Overwatch World Cup Viewer (HKLM-x32\...\Overwatch World Cup Viewer) (Version:  - Blizzard Entertainment)
PC Building Simulator (HKLM-x32\...\{BF3FA925-71A0-47FA-9485-73FC139B36F5}_is1) (Version: 1.8 - Repack by Team-LiL)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
ProtonVPN (HKLM-x32\...\{CC56589D-2FE8-4B38-9024-0ABCD9F3CB0E}) (Version: 1.16.1 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.16.1) (Version: 1.16.1 - Proton Technologies AG)
Python 3.5.1 (32-bit) (HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\{c39d559b-aa83-4476-ba20-988a35a1199a}) (Version: 3.5.1150.0 - Python Software Foundation)
Python 3.5.1 Core Interpreter (32-bit) (HKLM-x32\...\{7665C66D-78C4-4B30-B4B9-8DD484403532}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Development Libraries (32-bit) (HKLM-x32\...\{2B2FED36-5D63-411A-A8C4-E311D70BCF33}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Documentation (32-bit) (HKLM-x32\...\{77EEC303-714C-4290-AF63-5252FDB5D7C8}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit) (HKLM-x32\...\{946BBA68-EDC0-4981-83D3-09592B9A84FA}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 pip Bootstrap (32-bit) (HKLM-x32\...\{4F29879C-940D-4599-8CEC-407579F73DF7}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit) (HKLM-x32\...\{65A2F7DA-ACD7-4EC1-8A88-665D535D9CE7}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit) (HKLM-x32\...\{C387DB53-A25F-49E3-8DF7-94F47E5A7921}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit) (HKLM-x32\...\{FA87440D-634A-4581-AD9C-C6FA859B88DD}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Utility Scripts (32-bit) (HKLM-x32\...\{9254A29B-0F60-444C-B5CE-DB7E2505474C}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Razer Chroma SDK (HKLM-x32\...\Razer Chroma SDK) (Version: 3.14.7 - Razer Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.10.8.1270 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.24.34 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.0831.082315 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.1.2.0 - ASUSTek COMPUTER INC.)
Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{7138CC92-123A-393F-BC30-B784794DF4E7}) (Version: 14.0.25421 - Microsoft Corporation) Hidden
SDK Debuggers (HKLM-x32\...\{905D1773-308E-B34B-7489-1E1557BF0AF4}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (HKLM-x32\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
Setup (HKLM-x32\...\{F8B95E3C-40A0-49CE-B5F9-3861F238B9FF}) (Version: 19.1.0.12 - Corel Corporation) Hidden
Share64 (HKLM\...\{A61EEC3A-E37C-49A5-BE61-7AEE04F1A15D}) (Version: 19.1.0.12 - Corel Corporation) Hidden
ShiftWindow 1.02 (HKLM-x32\...\ShiftWindow_is1) (Version:  - Grismar)
Should I Remove It (HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Sonic Studio Plugin (HKLM\...\{DDA3EA99-E4F2-4EBF-8BD5-EF3898D6B3D8}) (Version: 2.1.1801 - ASUSTeKcomputer.Inc) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM-x32\...\{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM-x32\...\{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM-x32\...\{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM-x32\...\{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM-x32\...\{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM-x32\...\{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM-x32\...\{93998800-1608-403F-9A51-420A77D23C25}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StreamElements OBS.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 20.2.28.571 - StreamElements)
SuperF4 (HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\SuperF4) (Version: 1.3 - Stefan Sundin)
Team Explorer for Microsoft Visual Studio 2015 Update 3 CTP1 (HKLM-x32\...\{C0402801-37B7-30B1-A678-AE3E73E4C4F6}) (Version: 14.98.25331 - Microsoft) Hidden
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.17057 - Microsoft Corporation)
Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Twitch (HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
TypeScript Power Tool (HKLM-x32\...\{465ACA24-B8D6-4FEC-A42D-9EFCB92CD560}) (Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{BDB33BE7-73D0-4C02-A576-78FD17C95A8D}) (Version: 1.8.34.0 - Microsoft Corporation) Hidden
UNO (HKLM-x32\...\Uplay Install 3352) (Version:  - Ubisoft)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 71.0 - Ubisoft)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{8BA11E80-4FB0-11E7-9B6D-A9EF5249FCEF}) (Version: 14.0.270 - VEGAS)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VS Update core components (HKLM-x32\...\{5C946395-4D29-3274-A47D-B77D4B10E126}) (Version: 14.0.25421 - Microsoft Corporation) Hidden
vs_update3notification (HKLM-x32\...\{B5BE6171-568A-3657-90CD-A76BEC01F62D}) (Version: 14.0.25421 - Microsoft Corporation) Hidden
VSClassic64 (HKLM\...\{99B95309-4793-43D9-8F1C-EC086FC74CB5}) (Version: 19.1.0.12 - Corel Corporation) Hidden
VSUltimate64 (HKLM\...\{3F5D769B-346B-487A-851A-A1AF147D5B39}) (Version: 19.1.0.12 - Corel Corporation) Hidden
WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Webull Desktop version 4.2.0 (HKLM-x32\...\{ACD3494F-0DDF-4520-B50A-2BEAAAD4DAC3}_is1) (Version: 4.2.0 - Webull Company, Inc.)
WinDirStat 1.1.2 (HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\WinDirStat) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
Windows Software Development Kit - Windows 10.0.14393.795 (HKLM-x32\...\{5eb6fbea-73ee-4a8e-9042-110704768d7f}) (Version: 10.1.14393.795 - Microsoft Corporation)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
 
Packages:
=========
ASUS Welcome -> C:\Program Files\WindowsApps\B9ECED6F.ASUSWelcome_1.0.1.0_x64__qmba6cd70vzyy [2016-01-31] (ASUSTeK COMPUTER INC.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-28] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-16] (Netflix, Inc.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-02] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0 [2020-08-12] (Spotify AB) [Startup Task]
Xbox Accessories -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_300.1911.1001.0_x64__8wekyb3d8bbwe [2019-11-24] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-7063B4B49902} -> [Creative Cloud Files] => F:\Creative Cloud Files0
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\RxAppCtrl.Ocx => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Nasir York\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{305CA226-D286-468e-B848-2B2E8E697B74}\Shell\Open\Command -> C:\Program Files (x86)\Avira\Antivirus\StartUi.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\RxAppDocView.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\RxAppDocView.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\RxTest.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\DtCp.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Nasir York\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\RxAppCtrl.Ocx => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Nasir York\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\UCxTextBtn.Ocx => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\UCxTextBtn.Ocx => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\Inventor.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\RxApprenticeServer.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\RxInventorUtilities.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Nasir York\Dropbox [2020-07-30 17:24]
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Nasir York\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\Nasir York\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\DTInterop.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\InvResc.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FA372A6E-149F-4E95-832D-8F698D40AD7F}\localserver32 -> C:\Users\Nasir York\AppData\Local\Google\Chrome SxS\Application\87.0.4261.0\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\InvTXTStack.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FD703B01-4362-423E-9BDB-91BDCB16C1C9}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\DTInterop.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
SSODL: EldosMountNotificator-cbfs5 - {877C17A2-141F-499A-989E-CB89EF388FC8} - C:\Windows\system32\cbfsMntNtf5.dll (EldoS Corporation -> EldoS Corporation)
SSODL-x32: EldosMountNotificator-cbfs5 - {877C17A2-141F-499A-989E-CB89EF388FC8} - C:\Windows\SysWOW64\cbfsMntNtf5.dll (EldoS Corporation -> EldoS Corporation)
ShellServiceObjects: Virtual Storage Mount Notification -> {877C17A2-141F-499A-989E-CB89EF388FC8} => C:\Windows\system32\cbfsMntNtf5.dll [2015-05-22] (EldoS Corporation -> EldoS Corporation)
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {877C17A2-141F-499A-989E-CB89EF388FC8} => C:\Windows\SysWOW64\cbfsMntNtf5.dll [2015-05-22] (EldoS Corporation -> EldoS Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs5] -> {A884D27C-84DC-41DD-89FB-8D8ABF3460D1} => C:\Windows\system32\cbfsMntNtf5.dll [2015-05-22] (EldoS Corporation -> EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs5] -> {A884D27C-84DC-41DD-89FB-8D8ABF3460D1} => C:\Windows\system32\cbfsMntNtf5.dll [2015-05-22] (EldoS Corporation -> EldoS Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => F:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-05-17] (Notepad++ -> )
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2016-11-17] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-09-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-09-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-09-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-08-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-09-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-09-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6_S-1-5-21-412816286-677371127-1562832458-1001: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} => F:\Program Files\Autodesk\Inventor 2019\Bin\DtBridge.dll -> No File
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\system32\vorbis.acm [1562432 2017-03-01] (Image Line -> HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [msacm.dvacm_vspx9] => C:\Program Files\Corel\CORELV~1\Dvacm.acm
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [652288 2013-05-28] () [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1456448 2017-03-01] (Image Line -> HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] () [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Nasir York\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Canary Apps\Codebender App.lnk -> C:\Users\Nasir York\AppData\Local\Google\Chrome SxS\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=magknjdfniglanojbpadmpjlglepnlko
 
==================== Loaded Modules (Whitelisted) =============
 
2020-06-05 08:34 - 2020-06-05 08:34 - 000148992 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi\build\Release\ffi_bindings.node
2020-06-05 08:34 - 2020-06-05 08:34 - 000138752 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref\build\Release\binding.node
2015-12-26 17:28 - 2014-04-24 18:03 - 000662016 ____R () [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2015-12-26 17:28 - 2014-04-25 10:03 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2015-12-26 17:29 - 2014-07-17 15:42 - 004095488 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2015-12-26 17:29 - 2014-07-09 15:05 - 000711680 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2015-12-26 17:29 - 2014-07-02 21:41 - 000851456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2015-12-26 17:29 - 2014-07-02 21:41 - 000801792 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2015-12-26 17:29 - 2014-07-02 21:41 - 000807936 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2015-12-26 17:29 - 2014-07-02 21:41 - 000010240 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccHelper.dll
2015-12-26 17:29 - 2014-07-02 21:41 - 000010240 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\IccHelper.dll
2015-12-26 17:29 - 2014-07-02 21:41 - 000091648 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2015-12-26 17:29 - 2014-10-30 19:36 - 001139712 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2015-12-26 17:29 - 2014-10-09 13:31 - 000237568 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2015-12-26 17:29 - 2014-02-24 21:49 - 000208896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2015-12-26 17:28 - 2014-04-25 10:03 - 000208896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\ImageHelper.dll
2015-12-26 17:28 - 2014-04-25 10:03 - 000091648 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2015-12-26 17:28 - 2014-04-25 10:03 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\pngio.dll
2015-12-26 17:29 - 2013-11-20 14:10 - 000662016 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\aaHMLib.dll
2015-12-26 17:29 - 2013-07-02 14:40 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\pngio.dll
2015-12-26 17:30 - 2010-09-23 15:51 - 000114688 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\AsIdxParser.dll
2015-12-26 17:30 - 2012-01-19 13:39 - 000028672 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\PEInfo.dll
2015-12-26 17:28 - 2014-04-25 10:03 - 000827392 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll
2020-07-18 14:57 - 2019-12-23 18:51 - 000093184 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll
2020-07-18 14:57 - 2019-06-26 16:07 - 000094208 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\MacroControl.dll
2020-04-22 15:35 - 2020-04-22 15:35 - 000081920 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2015-12-26 17:29 - 2014-07-02 05:41 - 000053248 ____R () [File not signed] C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll
2015-12-26 17:29 - 2014-07-02 05:41 - 000278528 ____R () [File not signed] C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll
2019-05-22 20:29 - 2019-05-22 20:29 - 000303104 _____ () [File not signed] C:\Program Files (x86)\ExpressVPN\expressvpnd\windows\ExpressVPN.SplitTunnel.dll
2017-04-10 14:09 - 2015-02-26 20:19 - 000380928 _____ () [File not signed] C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll
2015-12-26 17:28 - 2014-04-25 10:03 - 002109952 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\log4cxx.dll
2020-03-30 15:25 - 2020-03-30 15:25 - 002831360 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\LightingService\log4cxx.dll
2015-12-26 17:28 - 2014-04-24 18:03 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.22\ASACPI.DLL
2015-12-26 17:28 - 2014-04-25 10:03 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\ASACPI.DLL
2015-12-26 17:29 - 2014-07-02 21:41 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpi.dll
2015-12-26 17:29 - 2014-07-02 05:41 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.11\AsAcpi.dll
2020-09-11 19:05 - 2020-09-11 19:05 - 000044176 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2015-12-26 17:28 - 2014-04-24 18:03 - 000677376 ____R (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.22\asacpiEx.dll
2015-12-26 17:28 - 2014-04-25 10:03 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\asacpiEx.dll
2015-12-26 17:28 - 2014-04-25 10:03 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsMultiLang.dll
2015-12-26 17:29 - 2014-07-02 21:41 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\asacpiex.dll
2015-12-26 17:29 - 2014-07-02 21:41 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\AsMultiLang.dll
2015-12-26 17:29 - 2014-07-02 21:41 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpiex.dll
2015-12-26 17:29 - 2013-11-20 14:10 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\AsMultiLang.dll
2015-12-26 17:29 - 2014-07-25 19:46 - 001328128 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotice.dll
2015-12-26 17:29 - 2013-08-29 19:30 - 001070080 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\System Information\SystemInfo.dll
2015-12-26 17:30 - 2010-03-08 21:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\AsMultiLang.dll
2015-12-26 17:30 - 2014-03-10 22:03 - 000897536 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\Express.dll
2015-12-26 17:30 - 2010-03-08 21:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\AsMultiLang.dll
2015-12-26 17:30 - 2013-09-05 20:18 - 001004032 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\BIOSFLK.dll
2015-12-26 17:30 - 2010-09-09 01:25 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\USB Charger+\AsMultiLang.dll
2015-12-26 17:30 - 2013-04-17 15:39 - 000883200 _____ (ASUSTek Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\USB Charger+\Charger.dll
2020-07-18 14:57 - 2019-10-24 11:15 - 002676736 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\AURAChecker.dll
2015-12-26 17:29 - 2014-07-02 05:41 - 000676864 ____R (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.11\asacpiEx.dll
2015-12-26 17:29 - 2014-07-02 05:41 - 000102400 ____R (ASUSTek Computer Inc.,) [File not signed] C:\Program Files (x86)\ASUS\VGA COM\1.00.20\EIO.DLL
2017-04-10 14:09 - 2011-06-21 16:04 - 000229376 _____ (Broadcom Corporation) [File not signed] C:\Program Files (x86)\NETGEAR\WNA3100\wps_api.dll
2020-02-26 10:19 - 2020-02-26 10:19 - 000187904 _____ (ENE Technology inc.) [File not signed] C:\Program Files\ENE\Aac_ENE_EHD_M2_HAL\AacHal_x86.dll
2014-05-28 14:10 - 2014-05-28 14:10 - 000296960 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2014-05-28 14:10 - 2014-05-28 14:10 - 000526336 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2020-07-18 14:57 - 2019-06-26 16:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll
2020-07-18 14:57 - 2019-06-26 16:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll
2020-09-11 17:18 - 2020-08-20 02:33 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] F:\Program Files (x86)\Origin\LIBEAY32.dll
2020-09-11 17:18 - 2020-08-20 02:33 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] F:\Program Files (x86)\Origin\ssleay32.dll
2020-09-11 17:18 - 2020-08-20 02:33 - 001611264 _____ (The Qt Company Ltd) [File not signed] F:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-09-11 17:18 - 2020-08-20 02:33 - 005487104 _____ (The Qt Company Ltd) [File not signed] F:\Program Files (x86)\Origin\Qt5Core.dll
2020-09-11 17:18 - 2020-08-20 02:33 - 005841920 _____ (The Qt Company Ltd) [File not signed] F:\Program Files (x86)\Origin\Qt5Gui.dll
2020-09-11 17:18 - 2020-08-20 02:33 - 001179136 _____ (The Qt Company Ltd) [File not signed] F:\Program Files (x86)\Origin\Qt5Network.dll
2020-09-11 17:18 - 2020-08-20 02:33 - 000146432 _____ (The Qt Company Ltd) [File not signed] F:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-09-11 17:18 - 2020-08-20 02:33 - 005089792 _____ (The Qt Company Ltd) [File not signed] F:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-09-11 17:18 - 2020-08-20 02:33 - 000184832 _____ (The Qt Company Ltd) [File not signed] F:\Program Files (x86)\Origin\Qt5Xml.dll
2015-12-26 17:29 - 2014-07-16 23:35 - 000927744 ____R (TODO: <Company name>) [File not signed] [File is in use] C:\Program Files (x86)\ASUS\VGA COM\1.00.20\AsusGpuTweak.dll
2020-07-18 14:57 - 2019-07-31 14:48 - 000072704 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Protocol\Interrupt\InterruptTransfer.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`pgyjhinhqhifh [0]
AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`pgyjhiqhnhm [0]
AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`pgyjhjhhlik [0]
AlternateDataStreams: C:\Users\Nasir York\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Nasir York\Desktop\Twitch.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Nasir York\Downloads\OriginThinSetup.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\Nasir York\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-412816286-677371127-1562832458-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\sharepoint.com -> hxxps://unhnewhaven-files.sharepoint.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2018-04-09 13:50 - 2020-08-16 04:37 - 000001042 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64_win\compiler;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files (x86)\GtkSharp\2.12\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\Nasir York\AppData\Local\Microsoft\WindowsApps;C:\Users\Nasir York\AppData\Local\atom\bin;C:\Users\Nasir York\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-412816286-677371127-1562832458-1001\Control Panel\Desktop\\Wallpaper -> F:\Media\Art\Digital Art\Photoshop\Finished\Ceejust Backgrounds\Ceejust Neon Name.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
Network Binding:
=============
Ethernet 2: General NDIS Protocol Driver -> SCM_NDISPROT (enabled) 
Ethernet 2: Realtek RealWoW Driver -> rtk_realwow60 (enabled) 
Ethernet: General NDIS Protocol Driver -> SCM_NDISPROT (enabled) 
Ethernet: Realtek RealWoW Driver -> rtk_realwow60 (enabled) 
Local Area Connection 2: Realtek RealWoW Driver -> rtk_realwow60 (enabled) 
Local Area Connection 2: General NDIS Protocol Driver -> SCM_NDISPROT (enabled) 
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: Razer Synapse Service => 2
HKLM\...\StartupApproved\StartupFolder: => "NETGEAR WNA3100 Genie.lnk"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "BdVpnApp"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ASUS Ai Charger"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer DMS"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer WSAgent"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "AO Link Server"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer ShareEdit"
HKLM\...\StartupApproved\Run32: => "WebStorage"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "ProductUpdater"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "DSATray"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "ExpressVPNNotificationService"
HKLM\...\StartupApproved\Run32: => "Kraken0510Helper"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\StartupFolder: => "CAM.lnk"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\StartupFolder: => "GenuineService.lnk"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_8463E4E6F536B8D8D1FC6B6ADD3BC0C5"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Prime95"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "f.lux"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Haste"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "ExpressVPN4"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Windscribe"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Synapse3"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Adguard"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Parsec.App.0"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_2952BC569372D1E14E2D5D2EA119F0E6"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{51D476F8-3BAE-474C-9CFF-F680B438B98B}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Gears5\GearGame\Binaries\Steam\Gears5_EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{1024DE61-118A-4103-A145-758F2B79FB5B}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Gears5\GearGame\Binaries\Steam\Gears5_EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{8F485514-2CD8-4096-863F-09DE3D46DDAD}F:\program files (x86)\steam\steamapps\common\gears5\geargame\binaries\steam\gears5.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\gears5\geargame\binaries\steam\gears5.exe (The Coalition) [File not signed]
FirewallRules: [TCP Query User{590E5C09-CCA0-42F5-ACE0-012B0C972182}F:\program files (x86)\steam\steamapps\common\gears5\geargame\binaries\steam\gears5.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\gears5\geargame\binaries\steam\gears5.exe (The Coalition) [File not signed]
FirewallRules: [UDP Query User{0F02A7E5-6A0A-49CC-869A-E7604EE34078}F:\overwatch\_replay_viewer_\overwatch.exe] => (Allow) F:\overwatch\_replay_viewer_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{6F6D654B-CFC3-4E1A-8EEF-FF14D5D4E529}F:\overwatch\_replay_viewer_\overwatch.exe] => (Allow) F:\overwatch\_replay_viewer_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{FAA42020-AE0F-480E-A5FB-39DB9B6E6DCF}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{4B2EDAB9-C9C3-4BD5-BF53-4F4A2D5B69DB}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{69ED1D1D-803B-4429-A24D-20A1E8A8D22C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{EFE0EBBA-3538-4EE3-B07F-6101CF715257}F:\overwatch\_retail_\overwatch.exe] => (Allow) F:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{22345150-265E-42DA-B57A-632BD98D34B7}F:\overwatch\_retail_\overwatch.exe] => (Allow) F:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{769EDB8E-C4CF-4733-9ABC-ECE5A1C5855C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AB8024B6-575F-48E4-9AB2-5D4EA3098782}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{323A6CD8-6C95-47DA-B8EA-6E56AF68A040}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{10345D00-3C90-444F-B123-011CB4DEDCF0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{8C19F219-0087-4C94-B00C-DB06FC2F7CEC}C:\users\nasir york\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\nasir york\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [TCP Query User{78D3AAB9-5579-435B-96F4-9B3168D0E1D0}C:\users\nasir york\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\nasir york\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [{4BAB5CD9-6E27-46C5-84EE-D101CC44EC27}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DFC73CF5-6F85-4B78-B06F-CD25BEAC4F11}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E60CB4A0-9020-43BE-8659-61FA246DB9C6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8987247E-FC72-4AB4-98C3-7C9D5C0EEE23}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{4D1C3445-5A70-4A27-B420-858F3DE7CB55}C:\program files (x86)\ultrabox entertainment\chroma sync\chroma sync.exe] => (Allow) C:\program files (x86)\ultrabox entertainment\chroma sync\chroma sync.exe (Ultrabox Entertainment Limited) [File not signed]
FirewallRules: [TCP Query User{140EBC3E-8CB1-4395-A70A-A6938008A4B0}C:\program files (x86)\ultrabox entertainment\chroma sync\chroma sync.exe] => (Allow) C:\program files (x86)\ultrabox entertainment\chroma sync\chroma sync.exe (Ultrabox Entertainment Limited) [File not signed]
FirewallRules: [{3472F3E3-EB83-48C4-8C9F-70BC7B31C494}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{48F1975D-7450-4740-B939-3B15EE68B755}C:\users\nasir york\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\nasir york\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [TCP Query User{183DC536-1AFB-431F-B318-A3BBCFE58DD6}C:\users\nasir york\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\nasir york\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{0E477258-A72F-4641-A893-9BF99A6C874B}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [TCP Query User{B7C8C640-DA1A-4D8C-9104-5706D1DD492E}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{272984B9-36F3-4A7F-AD00-163FE8D587BD}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Nuclear Throne\nuclearthrone.exe (Vlambeer) [File not signed]
FirewallRules: [{3EDD8817-1E20-4BFA-8390-08DE7B5C28BE}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Nuclear Throne\nuclearthrone.exe (Vlambeer) [File not signed]
FirewallRules: [{B1C13B69-1072-4979-B674-15F99133D4D4}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{62B7B065-40FE-4E16-9ABA-74E9BF34815D}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1C9421D3-54CA-4821-AD73-B393E622199E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6794B290-4B93-4D17-941E-13513C0E9DE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{17558CA4-236E-489C-8D33-36F7B27C6453}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{844CFC51-B020-4861-A647-A8B11E547D99}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{458C194B-6874-4226-B4BB-08CB743AC670}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{924174D4-D8BD-4DF6-93E7-D4FEE3C54211}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E95983F0-5E49-4B31-A2E2-CD9D28B6DC83}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0EDED09F-998F-49DF-BCC9-C6D51C289138}] => (Allow) LPort=8586
FirewallRules: [{CDA361F6-1E0E-47C7-A290-59E2AE3B384A}] => (Allow) LPort=8586
FirewallRules: [{1BF0374E-D402-4461-ACC9-5CABA1661D87}] => (Allow) C:\Program Files\ASUS\HomeCloud\ServerConsole\HomeBox Server.exe (ASUS Cloud Corporation -> )
FirewallRules: [{BCAA783B-26AD-4818-8A04-7DD9EFB78E6D}] => (Allow) C:\Program Files\ASUS\HomeCloud\Tomcat\Tomcat_OmniStore\bin\tomcat6.exe (Apache Software Foundation) [File not signed]
FirewallRules: [{0AB69F55-FBE9-4736-81EE-9F7EBB51FC06}] => (Allow) C:\Windows\SysWOW64\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C9D3AB42-785F-49BA-A67C-DFD6D14B1A1F}] => (Allow) C:\Windows\SysWOW64\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F84AAD75-6D5F-4299-B776-A8F604EE5759}] => (Allow) C:\Windows\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3D947D72-553F-4358-AB7E-4D2385D03424}] => (Allow) C:\Windows\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4178D8DD-19BF-40DD-9BE7-7792CDF4D7CE}] => (Allow) C:\Program Files\ASUS\HomeCloud\Tomcat\Tomcat_OmniStore\bin\tomcat6.exe (Apache Software Foundation) [File not signed]
FirewallRules: [{6C85886A-C2D2-4451-89A6-D9DD8491538E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => No File
FirewallRules: [{3E7FAE9A-D542-4EC4-BFC8-BA127B08C939}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => No File
FirewallRules: [{E8C16E11-7B75-4EDB-9F8D-F73A6AA4BFD9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BCC60612-AC04-4A62-8669-5B337285A951}] => (Allow) LPort=2869
FirewallRules: [{186DB426-F3A9-4202-9E59-044785CC3E73}] => (Allow) LPort=1900
FirewallRules: [{054426D8-6634-4EBB-A3CB-E9168193853D}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B1195FFC-E0E4-497F-9AC2-46BC643D2B28}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity\2015\UnityVS.OpenFile.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{365F721A-9DAF-4AAB-9E3A-C76D84C7153C}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EEA97C71-35AF-4242-8F3E-A5701CE6A9B9}] => (Allow) LPort=9143
FirewallRules: [{03CC62E0-41BE-4CE6-B200-FB93D41BB642}] => (Allow) LPort=2333
FirewallRules: [TCP Query User{B02CE1BF-7783-4A84-9097-50A47F884CF7}F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{69C281DB-AA33-4528-A933-48D4676DC563}F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{4BC50C2B-ADB1-43A0-BE8D-36B1D9CBE947}F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{D7EB5DB3-163D-4995-BCC6-87B3A070D886}F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{6AD53E49-3B21-4776-B54B-02E8F608C385}] => (Allow) F:\Program Files (x86)\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => No File
FirewallRules: [{19157D2D-30EA-497C-8431-3E0A839758D9}] => (Allow) F:\Program Files (x86)\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => No File
FirewallRules: [{7317925F-42FC-4612-9F6A-579C7A97F732}] => (Allow) F:\Program Files (x86)\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe => No File
FirewallRules: [{671D1596-419B-4F3C-8BF9-187799E11ED1}] => (Allow) F:\Program Files (x86)\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe => No File
FirewallRules: [TCP Query User{34D845BC-B448-4CA2-86F7-D516DF447067}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{223076EA-973E-4967-A447-1918A872E8FB}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{80B023F5-7F75-4B21-AD71-AEF783F5FF8A}] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{F7A6F8B6-B5F0-4070-BD72-2BADCCF0D3C6}] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{8935D5CE-BD0A-4746-9588-8DA71738BDFE}F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{88160334-C8A4-48B5-BA6D-C7A46337792C}F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{03D23C5A-06FD-47AC-A9EB-70780FE00F1C}F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{362EF7CB-3950-4597-929A-F9F6FC74C88E}F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{88EFAABD-C600-4172-93C9-0062AF27191A}F:\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) F:\spellbreak\g3\binaries\win64\spellbreak.exe (Proletariat, Inc. -> Proletariat, Inc.)
FirewallRules: [UDP Query User{3C71A0CE-1253-48DE-9872-C3CE79B4B76A}F:\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) F:\spellbreak\g3\binaries\win64\spellbreak.exe (Proletariat, Inc. -> Proletariat, Inc.)
FirewallRules: [TCP Query User{AEC007E5-F181-4646-A764-A9D95C5ED818}F:\program files (x86)\image-line\fl studio 20\fl64.exe] => (Allow) F:\program files (x86)\image-line\fl studio 20\fl64.exe (Image Line -> Image-Line)
FirewallRules: [UDP Query User{0650DA28-52C3-4CAF-ACF8-E19664D14291}F:\program files (x86)\image-line\fl studio 20\fl64.exe] => (Allow) F:\program files (x86)\image-line\fl studio 20\fl64.exe (Image Line -> Image-Line)
FirewallRules: [TCP Query User{6CEE534C-F353-4887-8C26-141D2F6132FD}F:\call of duty modern warfare\modernwarfare.exe] => (Allow) F:\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{6C595E5F-E92A-4AF5-BDD3-230C2B32565E}F:\call of duty modern warfare\modernwarfare.exe] => (Allow) F:\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{40EAABF4-8377-4941-9D6A-30C6626A9C35}F:\overwatch\_ptr_\overwatch.exe] => (Allow) F:\overwatch\_ptr_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{36FEE0DF-4E80-4300-A52F-9F2FFF7A7BD0}F:\overwatch\_ptr_\overwatch.exe] => (Allow) F:\overwatch\_ptr_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{55235E7F-BD01-40C7-A12A-BFD9DD64C868}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{F14C29FD-A73C-46DB-9BA8-4A6850024372}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{C549623F-A634-4D56-822A-16AE9040CAD9}C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe] => (Allow) C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{D8BA3168-0128-43B7-B47C-A05388C7A87B}C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe] => (Allow) C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{55A8918A-6FD4-44E4-93C0-3904E121756B}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Monopoly Plus\Monopoly.exe (Ubisoft Entertainment -> Asobo Studio)
FirewallRules: [{504B6E4D-737A-4786-B7FC-5A5222D5C16F}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Monopoly Plus\Monopoly.exe (Ubisoft Entertainment -> Asobo Studio)
FirewallRules: [TCP Query User{29DB45C5-99C4-42F3-B4E8-00786E23FCBA}C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe] => (Allow) C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{DBA2C3B3-0A42-43A1-BF16-B86E1441D7CB}C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe] => (Allow) C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{8A92559A-7D4C-4676-B9B8-1B4028E063E2}F:\overwatch\_retail_\overwatch.exe] => (Allow) F:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{6F5FE14B-520C-453D-B40F-9B63A53CE446}F:\overwatch\_retail_\overwatch.exe] => (Allow) F:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{6B384191-52C4-4C08-8A24-88055B24C825}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{877B8420-F044-4B4B-84F9-85C76A8CF45C}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{36A3E05C-8330-4672-BF7C-7056E87A7075}] => (Allow) F:\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{4B13106E-17B6-4DBB-9C8A-DAD7C9383C08}] => (Allow) F:\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{43ED2535-CA56-4E5F-B552-E8EB5A1301E2}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
FirewallRules: [{26864FCF-EA1F-4BC7-97BB-CF763AF707E2}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
FirewallRules: [TCP Query User{E1166514-730C-498F-BF4A-4C8822211D02}F:\games\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe] => (Allow) F:\games\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [UDP Query User{4AFCEADB-CBEC-4FA3-A7FC-7C4B69A9AA2E}F:\games\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe] => (Allow) F:\games\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [{C516BDC7-D6AE-41E7-AC07-1D59AE2207EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{77428367-99CA-4340-9CA6-9607DE43AAB5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{93A2DDCE-6DF1-44F1-BE81-73EA31BD72E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{15D9A618-321A-48B7-97BE-32F875C5ED98}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1DE3A896-A5FE-41E2-8637-05B56CAA8CB4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FB935313-DD8C-4955-A819-3139C52809A4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{86005953-F1FC-4583-B7B6-9D12214006BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{875D342C-DB8D-46A9-B5BC-F6801EE39511}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{97BD67F5-9ED3-44E5-82B4-74E19E6FEA01}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{473D44C9-792D-446E-A047-E3196B5CA312}] => (Allow) C:\Users\Nasir York\AppData\Roaming\Zoom\bin\Zoom.exe => No File
FirewallRules: [{33450982-A001-4AC2-8DF7-B03F4D69CDF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C150C4F8-D021-45F1-9E07-DCBA080F1034}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9D26EFB7-CE4F-496E-AFCE-964A355156A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{686AF5BA-CE6E-400D-A674-CD199843F067}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{2E798E51-CB97-4C71-BD56-DE9C3716A9A8}F:\twitch\bin\electron\twitchui.exe] => (Block) F:\twitch\bin\electron\twitchui.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
FirewallRules: [UDP Query User{00D08F4D-5C9A-4DEA-BCB3-7FD534059E87}F:\twitch\bin\electron\twitchui.exe] => (Block) F:\twitch\bin\electron\twitchui.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
FirewallRules: [{2F34D270-1A68-4A4B-BC58-DA17A8CDF4FD}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{D29D465C-33DD-4101-AC7C-5578FBC426A6}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{05ADAD83-A502-484C-AB55-3BEE07ACE20F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E7F12560-078D-4995-A806-BC0E2A7D66DE}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{A830E0EC-7E8F-4D5E-8380-35259C75A8CD}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{ABD6C08E-9103-4251-A3F3-C74C1C5DF2BD}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{74009E11-891A-49D1-8CEB-32EA6B673F43}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{9DDFFCF2-7565-4D12-A185-783745EE89C4}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{6E056ED9-E878-4F5B-BAFD-B564B0DD787E}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (09/11/2020 07:43:38 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9000,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (09/11/2020 07:35:05 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1812,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (09/11/2020 07:16:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8532,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (09/11/2020 07:08:09 PM) (Source: MSSQL$ASUSHOMECLOUD) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$ASUSHOMECLOUD\Performance'. SQL Server performance counters are disabled.
 
Error: (09/11/2020 06:57:08 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8028,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (09/11/2020 06:48:28 PM) (Source: MSSQL$ASUSHOMECLOUD) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$ASUSHOMECLOUD\Performance'. SQL Server performance counters are disabled.
 
Error: (09/11/2020 06:46:25 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1017) (User: NT AUTHORITY)
Description: Disabled performance counter data collection from the "ASP.NET_64_2.0.50727" service because the performance counter library for that service has generated one or more errors. The errors that forced this action have been written to the application event log. Correct the errors before enabling the performance counters for this service.
 
Error: (09/11/2020 06:46:25 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1022) (User: NT AUTHORITY)
Description: Windows cannot open the 64-bit extensible counter DLL C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\aspnet_perf.dll in a 32-bit environment (Win32 error code 193). Contact the file vendor to obtain a 32-bit version. Alternatively if you are running a 64-bit native environment, you can open the 64-bit extensible counter DLL by using the 64-bit version of Performance Monitor. To use this tool, open the Windows folder, open the System32 folder, and then start Perfmon.exe.
 
 
System errors:
=============
Error: (09/11/2020 07:46:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error: 
The system cannot find the file specified.
 
Error: (09/11/2020 07:46:05 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
 
Error: (09/11/2020 07:44:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error: 
The system cannot find the file specified.
 
Error: (09/11/2020 07:44:05 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
 
Error: (09/11/2020 07:42:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error: 
The system cannot find the file specified.
 
Error: (09/11/2020 07:42:05 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
 
Error: (09/11/2020 07:40:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error: 
The system cannot find the file specified.
 
Error: (09/11/2020 07:40:05 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
 
 
Windows Defender:
===================================
Date: 2020-07-23 03:29:24.576
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {6F0DBAC6-A7AD-492E-89FE-08E3F248018B}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-07-17 21:18:04.243
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {2F8C8B91-56E3-4396-80A1-6016F02C3A87}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-07-17 20:58:18.047
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {D57B2799-F7E7-492F-A943-610990AA81C9}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-07-12 17:15:29.080
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {7FE171BF-D811-4DD3-8492-6E9DA0C22783}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-07-11 15:11:30.052
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {D7533DE5-C2CD-49B9-931F-7153506B28E9}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-07-18 14:24:20.377
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
Date: 2020-07-18 13:29:17.966
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.319.1676.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17200.2
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
Date: 2020-07-18 13:14:51.821
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.319.1676.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17200.2
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
CodeIntegrity:
===================================
 
Date: 2020-07-28 14:42:55.902
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-07-28 14:42:54.848
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-07-28 14:42:54.841
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-07-28 14:42:54.423
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-07-28 14:42:49.522
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-07-28 14:42:29.211
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-06-21 14:04:12.101
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-04-16 10:21:10.804
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. 2702 04/27/2015
Motherboard: ASUSTeK COMPUTER INC. MAXIMUS VII HERO
Processor: Intel® Core™ i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 35%
Total physical RAM: 16326.49 MB
Available physical RAM: 10545.49 MB
Total Virtual: 26054.49 MB
Available Virtual: 17928.8 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:111.3 GB) (Free:11.47 GB) NTFS
Drive f: (Hard Drive) (Fixed) (Total:1863.01 GB) (Free:882.92 GB) NTFS
 
\\?\Volume{92c7ec7c-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.44 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 92C7EC7C)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 2EEE4D9F)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt =======================
 

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,142 posts
  • MVP

I assume you installed Avira after BitDefender quit working?

 

See if you can get MBAR to run:

 

https://www.malwareb...om/antirootkit/

 

It doesn't really look like an infection tho.  (The error you refer to in the title is from a Microsoft mistake.  The file was removed by a Windows update but they forgot to remove the task.)

 

Lot of files missing so it might be your hard drive is failing.  Let's check:

 

Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.


 


  • 0

#3
nasirnasir1

nasirnasir1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Avira Was installed After so i could check for anything wrong. I still cant install bit defender/ use windows defender. MBAR didnt detect anything.

Attached Files


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,142 posts
  • MVP

Hard drive doesn't look bad so not sure what happened to BitDefender.   Most of its files have vanished but it still appears to be installed.   Windows Defender is not going to run because of a policy set by BitDefender or perhaps Avira.  You do not want two anti-viruses active at the same time.  They fight each other and slow things down.

 

 

Speccy says your hard drives are OK.  I thought you might have some bad sectors but there is no trace of that.

 

Your C: drive is running out of space.  You need to free up as much space as possible.

 

Uninstall:

Bitdefender Agent

Dropbox (unless you are really using it)

ExpressVPN (you can reinstall it later if you need to)

Intel® Driver Update Utility (Never seems to find anything and often causes problems)

Java 8 Update 151 (obsolete)
Java SE Development Kit 7 Update 79 (64-bit) (obsolete)
Microsoft Silverlight (obsolete)
Should I Remove It (not needed)
Windows Live Essentials (obsolete but some still use it if you do then keep it)
 
Also uninstall any game you  no longer play and any that are easy to redownload and reinstall.  We really need to recover as much space as possible.  In the future make sure that anything you install gets installed on the Seagate.  I would create three folders on the F: drive:
 
F:\Program Files (x86)
F:\Program Files (I see from the Firewall listings that you already have the two folders and have started using them so disregard)
F:\Downloads
and point all installs to one of the two Program Folders depending on if they are 32 or 64 bits. respectively.
Move any downloaded files you want to keep or perhaps all of them from C:\Users\Nasir York\Downloads to F:\Downloads.
Go into Chrome and click on the three dots in the upper right.  Click on Settings
Click on: Advanced
Under Downloads:  change to point at your new F:\Downloads folder
 
Right click on your C: drive and select Properties then Disk Cleanup then on Cleanup System Files.  Check everything then OK.  Will take a while to complete.
 
Search for

task scheduler

hit Enter

Click on the arrow in front of Task Scheduler Library then

Click on the arrow in front of Microsoft

Click on the arrow in front of Windows

Click on Application Experience.  In the next pane to the right, right click on each Task and Disable.  Should be three tasks.

Click on Customer Experience Improvement Program.  In the next pane to the right, right click on each Task and Disable.  Should be two tasks.

Download OOSU10.exe:

https://www.oo-softw...com/en/shutup10

Download and Save it (You will get a popup while it's downloading.  You can X out of it)
then Right click and Run As Admin.
Allow it to make a System Restore Point.
Click on Actions then on Apply Recommended Settings.

Close the program.  No need to reboot right away.


 

 

The following fixlist will remove all of the deadwood and check your system files for damage.  Should take about 25 minutes to run.  Be patient.

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   78.03KB   13 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.


 


  • 0

#5
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,142 posts
  • MVP

Also:

 

Get the BitDefender Removal tool

https://www.bitdefender.com/uninstall/

 

See if you can get it to remove all traces of BitDefender.  Then uninstall Avira.  See if Windows Defender is able to run.  Then try reinstalling BitDefender with a new download to F:\Downloads and point it at F:\Program Files


  • 0

#6
nasirnasir1

nasirnasir1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Should I Remove it "This action is only valid for products that are currently installed"
 
Melodyne Runtime 4.1 (x64) " This app has been locked for your protection" Red Notification Cant Uninstall
Blue Stack App Wont Uninstall No Notification
Star Wars: The old Republic "Not found on the computer"
 
Was Able to install the free version of Bit Defender, Windows Security is still missing.
No Problems in F:\program files (x86) or F:\program files
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-09-2020 01
Ran by Nasir York (administrator) on DESKTOP-DTOHOOC (ASUS All Series) (12-09-2020 17:57:45)
Running from C:\Users\Nasir York\Desktop
Loaded Profiles: Nasir York
Platform: Windows 10 Pro Version 1903 18362.1016 (X64) Language: English (United States)
Default browser: "C:\Users\Nasir York\AppData\Local\Google\Chrome SxS\Application\chrome.exe" --single-argument %1
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.11\AsusFanControlService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Electronic Arts, Inc. -> Electronic Arts) F:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Users\Nasir York\AppData\Local\Google\Chrome SxS\Application\chrome.exe <27>
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(NETGEAR -> ) C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Razer USA Ltd. -> ) F:\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) F:\Razer Cortex\RzKLService.exe
(Razer USA Ltd. -> Razer Inc.) F:\Synapse3\Service\Razer Synapse Service.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7660760 2014-10-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17494136 2017-04-05] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302392 2020-03-28] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Kraken71ChromaHelper] => C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe [1600096 2017-02-14] (Razer USA Ltd. -> Razer Inc)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [601784 2020-05-13] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [429624 2020-06-20] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Kraken0510Helper] => C:\Program Files (x86)\Razer\Razer_Kraken0510_Driver\Drivers\SysAudio\Kraken0510Helper.exe [1599432 2016-09-08] (Razer USA Ltd. -> Razer Inc)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-06-06] (Adobe Inc. -> )
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Run: [Synapse3] => F:\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3513072 2020-09-02] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Run: [EpicGamesLauncher] => F:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32410000 2020-09-11] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [915848 2020-03-30] (Nota Inc. -> Nota Inc.)
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Run: [Google Update] => C:\Users\Nasir York\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-06-21] (Google LLC -> Google LLC)
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Run: [] => [X]
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Run: [GoogleChromeAutoLaunch_2952BC569372D1E14E2D5D2EA119F0E6] => "C:\Users\Nasir York\AppData\Local\Google\Chrome SxS\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-18\...\Run: [Synapse3] => F:\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3513072 2020-09-02] (Razer USA Ltd. -> Razer Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk [2017-04-10]
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe (NETGEAR -> )
Startup: C:\Users\Nasir York\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk [2019-12-13]
ShortcutTarget: GenuineService.lnk -> C:\Users\Nasir York\Autodesk\Genuine Service\GenuineService.exe (Autodesk Inc -> Autodesk)
Startup: C:\Users\Nasir York\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2020-08-15]
ShortcutTarget: Twitch.lnk -> F:\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {20311710-456D-4767-99F4-A7708EDF31BC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5137312 2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {3EA23887-C60A-4CDB-9A78-D3A69AB9E3F5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5137312 2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E15967B-0F80-4BCB-947D-687490A3F67B} - \MicrosoftEdgeUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {867FA7B7-AE9D-4176-B867-18823BCAF956} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-09-15] (Google Inc -> Google Inc.)
Task: {972CBA3A-3286-4F3D-863D-61F39BF4B405} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144728 2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {9764361E-27F9-4D98-B379-346CC88AEE04} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [139448 2016-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {B1515E09-FD31-4D60-8593-D9A88413C9EF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22854008 2020-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {C18F20E5-A676-44C6-AF13-1F39031C09D7} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1535896 2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {D30FB75D-B52A-46A6-884F-A8E412C5AA51} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22854008 2020-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {E5C4818E-41A3-4BD0-A7DC-354A8DF62E50} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144728 2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {F79E9260-CEDC-4323-B267-8CFF6D9D6EA6} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{10416cf3-1d1f-46f8-98dd-5dc013e80178}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{308a0871-4f66-4569-90b8-ee3d237ffb36}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{854a3fd2-6045-49de-b682-6ddec26557da}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bfeb5d3a-0ad2-401e-9ba8-31f842c13770}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
 
Edge: 
======
Edge Profile: C:\Users\Nasir York\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-11]
 
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-08-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-06-20] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-08-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.asus.com/ASUS Update;version=3 -> C:\Program Files (x86)\ASUS\Update\1.3.107.27\npAsusUpdate3.dll [2020-08-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FF Plugin-x32: @tools.asus.com/ASUS Update;version=9 -> C:\Program Files (x86)\ASUS\Update\1.3.107.27\npAsusUpdate3.dll [2020-08-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-06-20] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-412816286-677371127-1562832458-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-01-07] (Ubisoft Entertainment Sweden AB -> )
 
Chrome: 
=======
CHR Profile: C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default [2020-09-11]
CHR DownloadDir: F:\Downloads
CHR Notifications: Default -> hxxps://thevirts.os.tc; hxxps://www.escapefromtarkov.com; hxxps://www.facebook.com; hxxps://www.netflix.com; hxxps://www.razer.com; hxxps://www.reddit.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Extension: (BetterTTV) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-09-11]
CHR Extension: (Google Drive) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (Hypothesis - Web & PDF Annotation) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjfhmglciegochdpefhhlphglcehbmek [2020-09-11]
CHR Extension: (Honey) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-09-11]
CHR Extension: (Avira Safe Shopping) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2020-09-11]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-09-11]
CHR Extension: (uBlock Origin) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-09-11]
CHR Extension: (Skillshare Free Downloader) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\dafpgbifpihaomcjenlnebhepkklhkfh [2020-03-05]
CHR Extension: (Dark Mode) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2020-06-19]
CHR Extension: (AHA Music - Song Finder for Browser) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf [2020-06-10]
CHR Extension: (Session Buddy) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2020-05-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-07-16]
CHR Extension: (Zotero Connector) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2020-09-11]
CHR Extension: (Gyazo) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdaeeijbbijklfcpahbghahojgfgebo [2020-09-11]
CHR Extension: (Bitdefender Wallet) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2020-07-30]
CHR Extension: (Hola Free VPN Proxy Unblocker - Best VPN) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2020-09-11]
CHR Extension: (goo.gl URL Shortener (Unofficial)) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk [2018-01-15]
CHR Extension: (Looper for YouTube) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\iggpfpnahkgpnindfkdncknoldgnccdg [2020-04-22]
CHR Extension: (View Image) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcmhcelnjdmblfmjabdeclccemkghjk [2020-04-27]
CHR Extension: (Grammarly for Chrome) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-09-11]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2020-09-11]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2020-07-30]
CHR Extension: (No History) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljamgkbcojbnmcaonjokopmcblmmpfch [2018-01-15]
CHR Extension: (Wikibuy from Capital One) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2020-09-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Material Simple Dark Grey) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookepigabmicjpgfnmncjiplegcacdbm [2018-09-30]
CHR Extension: (Steam Community Market Quick Buy) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbfjlhfadijipchkejgenbnnoebonckm [2018-01-15]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2020-09-11]
CHR Extension: (Gmail) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-10]
CHR Extension: (Chrome Media Router) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-11]
CHR Profile: C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\System Profile [2020-07-18]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1388920 2018-05-09] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-07-08] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-15] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844856 2020-06-20] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-03-27] (Apple Inc. -> Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-27] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-04-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] (ASUSTeK Computer Inc. -> ) [File not signed]
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2020-07-18] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.11\AsusFanControlService.exe [394040 2014-07-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2020-07-18] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [654936 2020-07-18] (ASUSTeK Computer Inc. -> ASUS)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8553552 2020-03-06] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8928120 2020-09-08] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2019-10-15] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [2977672 2020-07-20] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-04-05] (Logitech Inc -> Logitech Inc.)
R2 MSSQL$ASUSHOMECLOUD; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe [43130032 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; F:\Program Files (x86)\Origin\OriginClientService.exe [2519352 2020-09-07] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; F:\Program Files (x86)\Origin\OriginWebHelperService.exe [3472192 2020-09-07] (Electronic Arts, Inc. -> Electronic Arts)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [101184 2020-06-04] (ProtonVPN AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-06-04] (ProtonVPN AG -> )
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [981592 2020-07-29] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [292440 2020-07-29] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-06-24] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; F:\Synapse3\Service\Razer Synapse Service.exe [294128 2020-09-02] (Razer USA Ltd. -> Razer Inc.)
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [2411232 2020-07-20] (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2020-06-05] (Razer USA Ltd. -> Razer Inc.)
R2 RzKLService; F:\Razer Cortex\RzKLService.exe [290864 2020-08-21] (Razer USA Ltd. -> Razer Inc.)
S4 SQLAgent$ASUSHOMECLOUD; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\SQLAGENT.EXE [381104 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 tomcat6; C:\Program Files\ASUS\HomeCloud\Tomcat\Tomcat_OmniStore\bin\tomcat6.exe [80896 2013-04-28] (Apache Software Foundation) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [316120 2014-08-18] (NETGEAR -> )
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 AfVpnService; "C:\Program Files\Bitdefender\Bitdefender VPN\hydra.sdk.windows.service.exe" [X]
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-27] (ASUSTeK Computer Inc. -> )
S3 asstor64; C:\WINDOWS\System32\drivers\asstor64.sys [84816 2014-03-14] (ASMedia Technology Inc. -> Asmedia Technology)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] (ASUSTeK Computer Inc. -> )
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. -> )
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-03-26] (Bluestack Systems, Inc -> Bluestack System Inc.)
R1 cbfs5; C:\Windows\system32\drivers\cbfs5.sys [422080 2015-05-22] (EldoS Corporation -> EldoS Corporation)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 GLCKIO2; C:\WINDOWS\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-04-05] (Logitech Inc -> Logitech Inc.)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (Windows Central Build Account - X -> MediaTek Inc.)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2014-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 ProtonVPNSplitTunnel; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.SplitTunnelDriver.sys [31584 2020-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R2 RealWoW60; C:\WINDOWS\system32\DRIVERS\RealWoW60.sys [29400 2015-09-09] (Realtek Semiconductor Corp -> Realtek semiconductor corp)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [51776 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0203; C:\WINDOWS\System32\drivers\RzDev_0203.sys [52288 2020-02-17] (Razer USA Ltd. -> Razer Inc)
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [52240 2016-10-30] (Razer USA Ltd. -> Razer Inc)
S3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Razer USA Ltd. -> Windows ® Win 7 DDK provider)
R0 SCMNdisP; C:\WINDOWS\System32\DRIVERS\scmndisp.sys [29472 2012-09-05] (NETGEAR -> SerComm Corporation)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [297984 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R2 speedfan; C:\WINDOWS\SysWoW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2018-01-31] (TunnelBear, Inc. -> The OpenVPN Project)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [47920 2020-02-20] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-02-01] (Windscribe Limited -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 VBAudioHFVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_hfvaio64_win7.sys [33512 2017-06-18] (Vincent Burel -> Windows ® Win 7 DDK provider)
S3 VBAudioVMAUXVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmauxvaio64_win10.sys [71920 2019-10-20] (Vincent Burel -> Windows ® Win 7 DDK provider)
S3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [53128 2018-01-19] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [45408 2018-03-15] (Voicemod Sociedad Limitada -> Windows ® Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45976 2020-07-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [408816 2020-07-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-01] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36832 2017-02-11] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-12-21] (Zemana Ltd. -> Zemana Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-09-12 17:49 - 2020-09-12 17:58 - 000050593 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2020-09-12 17:49 - 2020-09-12 17:49 - 000027604 _____ C:\ProgramData\uninstalltool.1599947341.11868.bin
2020-09-12 17:49 - 2020-09-12 17:49 - 000001856 _____ C:\ProgramData\uninstalltool.1599947341.9680.bin
2020-09-12 17:48 - 2020-09-12 17:48 - 000000008 __RSH C:\ProgramData\ntuser.pol
2020-09-12 17:46 - 2020-03-12 13:33 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2020-09-12 17:45 - 2020-09-12 17:48 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2020-09-12 17:45 - 2020-09-12 17:45 - 000115340 _____ C:\ProgramData\agent.1599947114.bdinstall.v2.bin
2020-09-12 17:41 - 2020-09-12 17:46 - 000156740 _____ C:\Users\Nasir York\Desktop\Fixlog.txt
2020-09-12 17:41 - 2020-09-12 17:41 - 002297856 _____ (Farbar) C:\Users\Nasir York\Desktop\FRST64.exe
2020-09-12 17:41 - 2020-09-12 17:41 - 000000000 ____D C:\Users\Nasir York\Desktop\FRST-OlderVersion
2020-09-12 17:33 - 2020-09-12 17:33 - 000000000 ____D C:\Users\Nasir York\AppData\Local\OO Software
2020-09-12 17:18 - 2020-09-12 17:54 - 000000240 _____ C:\Users\Nasir York\Desktop\GeektoGo Notes.txt
2020-09-12 14:05 - 2020-09-12 14:07 - 000115895 _____ C:\Users\Nasir York\Desktop\DESKTOP-DTOHOOC.txt
2020-09-12 13:51 - 2020-09-12 13:51 - 000000837 _____ C:\Users\Nasir York\Desktop\Speccy.lnk
2020-09-12 13:51 - 2020-09-12 13:51 - 000000000 ____D C:\Program Files\Speccy
2020-09-12 13:50 - 2020-09-12 13:50 - 006889184 _____ (Piriform Ltd) C:\Users\Nasir York\Desktop\spsetup132.exe
2020-09-12 13:28 - 2020-09-12 17:56 - 000000000 ____D C:\Users\Nasir York\Desktop\mbar
2020-09-12 13:28 - 2020-09-12 13:45 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-09-12 13:28 - 2020-09-12 13:28 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\2345362E.sys
2020-09-12 13:28 - 2020-09-12 13:28 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2020-09-11 19:46 - 2020-09-11 19:47 - 000130045 _____ C:\Users\Nasir York\Desktop\Addition.txt
2020-09-11 19:45 - 2020-09-12 17:58 - 000033694 _____ C:\Users\Nasir York\Desktop\FRST.txt
2020-09-11 19:40 - 2020-09-12 17:58 - 000000000 ____D C:\FRST
2020-09-11 18:45 - 2020-09-12 05:46 - 000083680 ____H C:\Users\Nasir York\AppData\Local\IconCache.db.backup
2020-09-11 16:35 - 2020-09-11 16:35 - 000000000 ____D C:\Users\Public\Security Sessions
2020-09-11 16:34 - 2020-09-11 16:35 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Avira
2020-09-11 16:34 - 2020-09-11 16:34 - 000003374 _____ C:\WINDOWS\system32\Tasks\Avira_Antivirus_Systray
2020-09-11 16:34 - 2020-09-11 16:34 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2020-09-11 16:33 - 2020-09-12 16:54 - 000000000 ____D C:\ProgramData\Avira
2020-09-10 02:29 - 2020-09-10 02:29 - 001494867 _____ C:\Users\Nasir York\Desktop\SATStudentScoreReport_1599719389248.pdf
2020-09-08 16:36 - 2020-09-08 16:36 - 000860064 _____ C:\Users\Nasir York\Desktop\BROMFIELDDIANAR2018.pdf
2020-09-07 13:49 - 2020-09-07 13:49 - 000000651 _____ C:\Users\Public\Desktop\Webull Desktop.lnk
2020-09-07 13:49 - 2020-09-07 13:49 - 000000651 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webull Desktop.lnk
2020-09-07 13:49 - 2020-09-07 13:49 - 000000651 _____ C:\ProgramData\Desktop\Webull Desktop.lnk
2020-09-07 13:49 - 2020-09-07 13:49 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\Webull Desktop
2020-09-07 13:49 - 2020-09-07 13:49 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\upgradecache
2020-09-04 22:08 - 2020-09-04 22:08 - 000001106 _____ C:\Users\Nasir York\Desktop\On-Screen Keyboard (2).lnk
2020-09-04 17:30 - 2020-09-04 17:30 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Epic Games
2020-09-03 18:18 - 2020-09-03 18:18 - 000000260 _____ C:\Users\Nasir York\Desktop\Spellbreak.url
2020-09-03 14:51 - 2020-09-06 14:05 - 000000131 _____ C:\Users\Nasir York\Desktop\Stonks.txt
2020-08-28 00:10 - 2020-08-28 00:10 - 000000000 ____D C:\Users\Nasir York\AppData\LocalLow\Innersloth
2020-08-26 19:27 - 2020-08-26 19:28 - 000059797 _____ C:\Users\Nasir York\Desktop\Nasir York Official Resume - Google Docs.pdf
2020-08-22 03:03 - 2020-08-22 03:03 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-08-20 01:34 - 2020-08-13 19:59 - 001371344 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-08-20 01:34 - 2020-08-13 19:59 - 001371344 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-08-20 01:34 - 2020-08-13 19:58 - 001780944 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-08-20 01:34 - 2020-08-13 19:58 - 001780944 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-08-20 01:34 - 2020-08-13 19:58 - 001086672 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-08-20 01:34 - 2020-08-13 19:58 - 001086672 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-08-20 01:34 - 2020-08-13 19:58 - 000946392 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-08-20 01:34 - 2020-08-13 19:58 - 000946392 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-08-20 01:34 - 2020-08-13 19:58 - 000455400 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-08-20 01:34 - 2020-08-13 19:58 - 000349928 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-08-20 01:34 - 2020-08-13 19:56 - 000816376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-08-20 01:34 - 2020-08-13 19:56 - 000675216 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-08-20 01:34 - 2020-08-13 19:56 - 000541928 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 002078104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 001570720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 001485544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 001146256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 000811256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 000669432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 000656792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 000555936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-08-20 01:34 - 2020-08-13 19:54 - 006653328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-08-20 01:34 - 2020-08-13 19:54 - 005882600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-08-20 01:34 - 2020-08-13 19:54 - 003916688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-08-20 01:34 - 2020-08-13 19:54 - 002376080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-08-20 01:34 - 2020-08-13 19:54 - 001722088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6445206.dll
2020-08-20 01:34 - 2020-08-13 19:54 - 001482992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6445206.dll
2020-08-20 01:34 - 2020-08-13 19:51 - 005395088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-08-20 01:34 - 2020-08-13 19:51 - 004707696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-08-20 01:34 - 2020-08-12 21:43 - 001682368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2020-08-20 01:34 - 2020-08-12 21:43 - 000222112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2020-08-20 01:34 - 2020-08-12 21:43 - 000058596 _____ C:\WINDOWS\system32\nvinfo.pb
2020-08-20 01:34 - 2020-08-12 21:43 - 000039824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2020-08-20 01:29 - 2020-06-23 10:20 - 002754024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2020-08-20 01:29 - 2020-06-23 10:20 - 002122216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2020-08-20 01:29 - 2020-03-04 08:54 - 001804784 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2020-08-20 01:29 - 2020-03-04 08:54 - 000050592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys
2020-08-20 01:25 - 2020-08-20 01:25 - 000000000 ____D C:\Program Files\Razer
2020-08-18 15:41 - 2020-09-11 18:46 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\Zoom
2020-08-18 02:17 - 2020-08-18 02:17 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\AEJuice
2020-08-17 01:53 - 2020-08-17 01:59 - 000000000 ____D C:\Users\Nasir York\AppData\Local\VideoCopilot
2020-08-17 00:24 - 2020-08-17 00:25 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\MotionBro Preferences
2020-08-16 23:54 - 2020-08-17 00:27 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\ZXPInstaller
2020-08-16 20:22 - 2020-08-16 20:22 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2020-08-16 20:22 - 2020-08-16 20:22 - 000000003 _____ C:\WINDOWS\system32\wdbcache.tmp
2020-08-16 13:02 - 2020-08-16 13:02 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogui.exe
2020-08-15 17:19 - 2020-08-15 17:19 - 000000842 _____ C:\Users\Nasir York\Desktop\Adobe Premiere Pro 2020.lnk
2020-08-15 17:19 - 2020-08-15 17:19 - 000000842 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2020.lnk
2020-08-15 16:24 - 2020-08-15 16:24 - 000000724 _____ C:\Users\Nasir York\Desktop\Twitch.lnk
2020-08-15 16:24 - 2020-08-15 16:24 - 000000724 _____ C:\Users\Nasir York\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk
2020-08-15 16:24 - 2020-08-15 16:24 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\Twitch
2020-08-13 03:57 - 2020-08-13 03:57 - 025903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 022642688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 007758848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 007270912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 006294528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 005904896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 005013504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 004611072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 004129408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 003637760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 003516416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-08-13 03:57 - 2020-08-13 03:57 - 002950808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-08-13 03:57 - 2020-08-13 03:57 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-08-13 03:57 - 2020-08-13 03:57 - 002588688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2020-08-13 03:57 - 2020-08-13 03:57 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-08-13 03:57 - 2020-08-13 03:57 - 002259192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2020-08-13 03:57 - 2020-08-13 03:57 - 002138280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-08-13 03:57 - 2020-08-13 03:57 - 001870200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 001836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 001418832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 001316352 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 001282872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-08-13 03:57 - 2020-08-13 03:57 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-08-13 03:57 - 2020-08-13 03:57 - 001197056 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000995840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-08-13 03:57 - 2020-08-13 03:57 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000931328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2020-08-13 03:57 - 2020-08-13 03:57 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-08-13 03:57 - 2020-08-13 03:57 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-08-13 03:57 - 2020-08-13 03:57 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000738064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-08-13 03:57 - 2020-08-13 03:57 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000671040 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-08-13 03:57 - 2020-08-13 03:57 - 000639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000359496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2020-08-13 03:57 - 2020-08-13 03:57 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000343408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2020-08-13 03:57 - 2020-08-13 03:57 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\net1.exe
2020-08-13 03:57 - 2020-08-13 03:57 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrahc.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\net1.exe
2020-08-13 03:57 - 2020-08-13 03:57 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintBrmUi.exe
2020-08-13 03:57 - 2020-08-13 03:57 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-08-13 03:57 - 2020-08-13 03:57 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-08-13 03:57 - 2020-08-13 03:57 - 000000357 _____ C:\WINDOWS\system32\DrtmAuthKeyDelegate_From_20190529_To_20200303.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth1KeyDelegate.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-08-13 03:57 - 2020-08-13 03:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-08-13 03:56 - 2020-08-13 03:57 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 017792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 014820352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 009932088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 007915864 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 007850784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 007583272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 007297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 007270728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 006436864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 006074552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 005946368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 005849872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 005767224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 005283776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 005111296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 005003824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 004625184 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2020-08-13 03:56 - 2020-08-13 03:56 - 004005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 003984896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 003974376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 003806208 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 003743056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 003368616 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 003141632 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 002766952 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002737664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002717696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 002698048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002471936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002260312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002136064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002085632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 002022400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001756592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-08-13 03:56 - 2020-08-13 03:56 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001740800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001660536 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001654312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001512848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 001482568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001420320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001406464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-08-13 03:56 - 2020-08-13 03:56 - 001338368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001123344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 001072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001055232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000917800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000897648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000888352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000875520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000875424 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 000867840 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000823744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000822800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000718336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000716312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000690536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000675040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000675024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000568128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000564488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 000548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000522688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-08-13 03:56 - 2020-08-13 03:56 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\HrtfApo.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000463168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000379704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000369304 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayServer.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HrtfApo.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000275256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 000273744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Winlangdb.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000186472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47mrm.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000165176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Winlangdb.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47mrm.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\globinputhost.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000124512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\globinputhost.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguageProfileCallback.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguageProfileCallback.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acwow64.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-08-13 03:56 - 2020-08-13 03:56 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2020-08-13 03:56 - 2020-08-13 03:56 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-08-13 03:56 - 2020-08-13 03:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-08-13 03:51 - 2020-08-13 03:51 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-08-13 03:51 - 2020-08-13 03:51 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-09-12 17:55 - 2019-09-28 03:10 - 000871060 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-12 17:55 - 2019-03-19 00:50 - 000000000 ____D C:\WINDOWS\INF
2020-09-12 17:53 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-12 17:53 - 2017-10-29 12:44 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Packages
2020-09-12 17:51 - 2020-04-12 19:25 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Bluestacks
2020-09-12 17:49 - 2019-09-28 03:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-12 17:49 - 2019-03-19 00:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-12 17:49 - 2019-03-19 00:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-09-12 17:49 - 2017-04-24 00:41 - 000000000 ____D C:\ProgramData\NVIDIA
2020-09-12 17:44 - 2015-12-26 18:01 - 000000000 _____ C:\WINDOWS\Path.idx
2020-09-12 17:43 - 2019-03-19 00:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-09-12 17:41 - 2015-07-10 07:04 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2020-09-12 17:15 - 2016-02-27 15:38 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2020-09-12 17:15 - 2016-02-27 15:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2020-09-12 17:13 - 2019-09-28 13:24 - 000000000 ____D C:\Users\Nasir York\AppData\Local\D3DSCache
2020-09-12 17:09 - 2015-12-26 17:41 - 001048576 _____ C:\WINDOWS\PE_Rom.dll
2020-09-12 16:59 - 2016-04-24 21:17 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Windows Live
2020-09-12 16:59 - 2016-04-24 21:17 - 000000000 ____D C:\Program Files (x86)\Windows Live
2020-09-12 16:59 - 2016-04-24 21:17 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2020-09-12 16:56 - 2017-09-15 17:45 - 000000000 ____D C:\Program Files\Intel Driver Update Utility
2020-09-12 16:56 - 2015-12-26 17:38 - 000000000 ____D C:\Program Files (x86)\Java
2020-09-12 16:56 - 2015-12-26 17:05 - 000000000 ____D C:\ProgramData\Package Cache
2020-09-12 16:56 - 2015-12-26 17:05 - 000000000 ____D C:\Program Files\Intel
2020-09-12 16:53 - 2019-03-19 00:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-09-12 16:51 - 2019-09-28 03:11 - 000000000 ____D C:\Users\Nasir York
2020-09-12 16:51 - 2016-01-31 14:28 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\discord
2020-09-12 15:17 - 2019-09-28 03:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-12 13:28 - 2015-12-28 02:15 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-09-12 00:14 - 2018-09-26 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2020-09-12 00:13 - 2016-08-19 20:28 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2020-09-11 19:05 - 2020-07-18 14:24 - 000550634 _____ C:\WINDOWS\ntbtlog.txt
2020-09-11 18:46 - 2019-09-28 03:08 - 004099168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-09-11 18:45 - 2015-12-27 22:16 - 000000000 ____D C:\Users\Nasir York\AppData\Local\CrashDumps
2020-09-11 18:41 - 2016-05-04 19:17 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Battle.net
2020-09-11 18:29 - 2019-12-13 19:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Apple
2020-09-11 18:29 - 2019-09-28 03:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-412816286-677371127-1562832458-1001
2020-09-11 18:29 - 2019-09-28 03:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2020-09-11 17:01 - 2015-12-28 19:01 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Ubisoft Game Launcher
2020-09-11 16:52 - 2019-03-19 00:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-11 16:48 - 2020-07-20 00:14 - 000000000 ____D C:\Program Files (x86)\Proton Technologies
2020-09-11 16:45 - 2019-12-19 07:28 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Opera Software
2020-09-11 13:46 - 2020-08-03 13:28 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-11 04:11 - 2020-06-21 14:05 - 000002577 _____ C:\Users\Nasir York\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary.lnk
2020-09-10 22:26 - 2020-07-30 17:24 - 000000000 ___RD C:\Users\Nasir York\Dropbox
2020-09-10 21:24 - 2018-09-27 19:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-09-10 21:24 - 2016-01-11 22:35 - 000000000 ____D C:\Program Files\Microsoft Office
2020-09-10 18:07 - 2018-01-15 13:22 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-10 14:33 - 2018-06-26 13:57 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Discord
2020-09-09 03:51 - 2020-08-03 19:55 - 000000636 _____ C:\Users\Nasir York\Desktop\College.txt
2020-09-04 17:30 - 2020-08-02 23:40 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\EasyAntiCheat
2020-09-04 00:33 - 2016-05-04 19:16 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-09-03 21:51 - 2018-10-02 19:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex
2020-08-22 19:14 - 2015-12-27 22:14 - 000000000 ____D C:\Users\Nasir York\AppData\Local\NVIDIA
2020-08-21 15:37 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-08-20 04:00 - 2015-12-27 23:56 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\Origin
2020-08-20 02:44 - 2015-12-27 23:54 - 000000000 ____D C:\ProgramData\Origin
2020-08-20 02:34 - 2015-12-27 23:56 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Origin
2020-08-20 01:29 - 2017-04-24 00:41 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-08-20 01:29 - 2017-04-24 00:41 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-08-20 01:29 - 2017-04-24 00:41 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-08-20 01:26 - 2017-04-24 00:41 - 000000000 ____D C:\ProgramData\Razer
2020-08-20 01:25 - 2017-04-24 00:40 - 000000000 ____D C:\Program Files (x86)\Razer
2020-08-18 21:11 - 2016-01-11 18:57 - 000000000 ____D C:\Program Files\Adobe
2020-08-18 21:11 - 2016-01-04 05:14 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-08-18 02:17 - 2015-12-26 16:55 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\Adobe
2020-08-17 18:19 - 2015-12-26 17:42 - 000000000 ____D C:\ProgramData\Adobe
2020-08-17 01:15 - 2020-07-23 13:45 - 000000950 _____ C:\Users\Nasir York\Desktop\Adobe After Effects 2020.lnk
2020-08-16 13:02 - 2019-03-19 00:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-08-14 04:07 - 2019-03-19 02:23 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-08-14 04:07 - 2019-03-19 00:37 - 000000000 ____D C:\WINDOWS\servicing
 
==================== Files in the root of some directories ========
 
2018-10-14 21:58 - 2018-10-14 21:58 - 000000260 _____ () C:\ProgramData\fontcacheev1.dat
2015-12-26 17:36 - 2015-12-26 17:36 - 000000138 _____ () C:\Program Files\IntelRemoteWakeAgent.ini
2020-06-20 00:13 - 2020-06-20 00:13 - 000000132 _____ () C:\Users\Nasir York\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
2019-10-26 20:20 - 2020-07-21 03:23 - 000000132 _____ () C:\Users\Nasir York\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-10-03 19:58 - 2017-10-03 20:03 - 000683808 _____ () C:\Users\Nasir York\AppData\Roaming\AvidCloudClientServices_Install.log
2020-07-20 12:39 - 2020-08-06 21:21 - 000000028 _____ () C:\Users\Nasir York\AppData\Roaming\kulerdata.json
2015-12-30 10:37 - 2016-01-02 20:23 - 000012523 _____ () C:\Users\Nasir York\AppData\Roaming\SpeedRunnersLog.txt
2017-06-18 20:25 - 2017-11-11 12:12 - 000004521 _____ () C:\Users\Nasir York\AppData\Roaming\VoiceMeeterDefault.xml
2020-06-20 00:08 - 2020-06-20 00:08 - 000001456 _____ () C:\Users\Nasir York\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-01-03 07:27 - 2016-01-03 07:27 - 001065984 _____ () C:\Users\Nasir York\AppData\Local\file__0.localstorage
2019-08-03 18:30 - 2019-08-03 18:34 - 000007057 _____ () C:\Users\Nasir York\AppData\Local\krita.log
2019-08-03 18:34 - 2019-08-03 18:34 - 000000039 _____ () C:\Users\Nasir York\AppData\Local\kritadisplayrc
2019-08-03 18:30 - 2019-08-03 18:34 - 000016136 _____ () C:\Users\Nasir York\AppData\Local\kritarc
2018-09-26 18:30 - 2018-09-26 18:30 - 000000000 _____ () C:\Users\Nasir York\AppData\Local\oobelibMkey.log
2020-06-25 01:55 - 2020-06-25 01:55 - 000000218 _____ () C:\Users\Nasir York\AppData\Local\recently-used.xbel
2017-07-13 17:13 - 2020-04-11 19:03 - 000007602 _____ () C:\Users\Nasir York\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2020 01
Ran by Nasir York (12-09-2020 17:58:47)
Running from C:\Users\Nasir York\Desktop
Windows 10 Pro Version 1903 18362.1016 (X64) (2019-09-28 07:16:44)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-412816286-677371127-1562832458-500 - Administrator - Disabled)
chian (S-1-5-21-412816286-677371127-1562832458-1007 - Limited - Disabled)
DefaultAccount (S-1-5-21-412816286-677371127-1562832458-503 - Limited - Disabled)
Gears Fix (S-1-5-21-412816286-677371127-1562832458-1010 - Limited - Enabled) => C:\Users\Gears Fix
Guest (S-1-5-21-412816286-677371127-1562832458-501 - Limited - Disabled)
nasir (S-1-5-21-412816286-677371127-1562832458-1006 - Limited - Disabled)
Nasir York (S-1-5-21-412816286-677371127-1562832458-1001 - Administrator - Enabled) => C:\Users\Nasir York
WDAGUtilityAccount (S-1-5-21-412816286-677371127-1562832458-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_0_4) (Version: 17.0.4 - Adobe Inc.)
Adobe Animate 2020 (HKLM-x32\...\FLPR_20_0_2) (Version: 20.0.2 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Dimension (HKLM-x32\...\ESHR_3_1_1) (Version: 3.1.1 - Adobe Systems Incorporated)
Adobe Illustrator CC 2019 (HKLM-x32\...\ILST_23_0_1) (Version: 23.0.1 - Adobe Inc.)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_2_1) (Version: 8.2.1 - Adobe Inc.)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.2.0 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Inc.)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_0_3) (Version: 14.0.3 - Adobe Inc.)
AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.83 - ASUSTeK Computer Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (32-bit) (HKLM-x32\...\{6CF0CAEE-54B6-4D84-A055-3AF110F189D3}) (Version: 8.4 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{8B127943-89E7-4691-A7A4-D05807920A84}) (Version: 8.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A394C41-FBA7-4930-85FC-3A973B34E6C6}) (Version: 13.5.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.23 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{c1fab792-fdc8-4343-aa29-cae3af29ce76}) (Version: 1.0.23 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.03.53 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.2.6 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{5c465d6f-1288-415a-946e-b6ecf1b1a30c}) (Version: 0.0.2.6 - ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\...\{ae62c209-3c0a-4062-b1dd-7f31e7a07a49}) (Version: 1.0.4.5 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{CB0E3BB6-3F2F-401E-B1D4-E23C582ACB11}) (Version: 1.0.4.5 - ASUSTek COMPUTER INC.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{3507c756-a80f-4b0e-8475-975d8b432176}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS HomeCloud Launcher (HKLM-x32\...\4ff11ffb-5880-4338-90e0-1502e835b184) (Version: 1.01.04 - ASUSTeK Computer Inc.)
Asus Sonic Suite Plugins (HKLM-x32\...\{0eaccf04-4462-4fb3-8d97-6e9fe2f1c642}) (Version: 2.1.1801 - ASUSTeKcomputer.Inc) Hidden
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.27 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.48 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{95c37d21-77e3-4b72-9e0e-7ba93e636dde}) (Version: 1.0.48 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.11 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.11 - ASUS)
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.04.15 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{409f323b-0865-4c82-8161-a444b1f3f709}) (Version: 3.04.15 - ASUSTeK Computer Inc.)
Autodesk Genuine Service (HKLM-x32\...\{EF86FB37-98AB-49C2-930B-77A5E04758FE}) (Version: 2.2.0 - Autodesk)
Azure AD Authentication Connected Service (HKLM-x32\...\{8A1AD070-269F-4A15-AAB5-76AB896EF195}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\{892913E7-EB3C-43F8-ABDE-9333ABBF959A}) (Version: 2.82.0 - Blender Foundation)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.190.0.5002 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty Black Ops 4 (HKLM-x32\...\Call of Duty Black Ops 4) (Version:  - Blizzard Entertainment)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
Contents64 (HKLM\...\{C2D307EA-96F8-4F6E-880E-E244779D8477}) (Version: 19.1.0.12 - Corel Corporation) Hidden
Discord (HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Discord) (Version: 0.0.308 - Discord Inc.)
Dotfuscator and Analytics Community Edition 5.22.0 (HKLM-x32\...\{60018889-9E0F-43E8-9B89-29E8C828B40A}) (Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 3.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.23.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{1ed73932-bb1f-42f9-b276-d10182a64b07}) (Version: 1.1.23.0 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.5.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{f009cab7-dc2f-4859-bdfd-b94d0064c20b}) (Version: 1.0.5.0 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{53041896-BE90-4A26-9954-9E9FDC7D4495}) (Version: 1.1.229.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
GDR 4042 for SQL Server 2008 R2 (KB3045313) (HKLM-x32\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.102 - Google LLC)
Google Chrome Canary (HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Google Chrome SxS) (Version: 87.0.4261.0 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Gyazo 4.1.2.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
ICA (HKLM-x32\...\{EE80DAA0-0071-475C-A222-F1782888FC55}) (Version: 19.1.0.12 - Corel Corporation) Hidden
Inpaint 8.1 (HKLM\...\{5808866F-D115-46B2-8123-BB6801968101}_is1) (Version:  - Teorex)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{d370215a-d003-43ae-a3b6-1028af64d5a1}) (Version: 10.0.20 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel® Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
IPM_VS_Pro64 (HKLM\...\{1BD7EE90-7C52-4142-B4DD-55C4F28F9EE7}) (Version: 19.0 - Corel Corporation) Hidden
iTunes (HKLM\...\{739B363A-A8C1-4D32-843D-07603700D19F}) (Version: 12.10.6.2 - Apple Inc.)
Jump Force Ultimate Edition MULTi14 - ElAmigos version 2.00 (HKLM-x32\...\{E7BE40FB-7006-42A9-ADCF-7F57D754B9F0}_is1) (Version: 2.00 - Bandai Namco Entertainment)
Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.26 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{e5d9f7b7-590f-42bf-8068-23e9a16c58fb}) (Version: 1.0.26 - KINGSTON COMPONENTS INC.) Hidden
Kits Configuration Installer (HKLM-x32\...\{84645792-B4DC-8386-13D6-94810C42EF8A}) (Version: 10.1.14393.795 - Microsoft) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Gaming Software 8.92 (HKLM\...\Logitech Gaming Software) (Version: 8.92.67 - Logitech Inc.)
Melodyne Runtime 4.1 (x64) (HKLM\...\{721E4E34-AF7C-4345-93F9-282CCC8CCCB5}) (Version: 1.0.2 - Celemony Software GmbH)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.13231.20126 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (HKLM-x32\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{49860BCD-24D6-44C1-922E-AC12FE32234E}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{EFECC55D-7B0A-4D05-8487-CC2FD7C618A3}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 (HKLM-x32\...\{7d607fb4-7e28-4c7a-a92f-3fcdaf555faf}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{D68E6605-F852-4936-AB64-04B80E0C85AD}) (Version: 2.2.0.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{128C1654-3B9E-4959-8BFB-CE6F09C0A01D}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
My Hero Ones Justice 2 (HKLM-x32\...\My Hero Ones Justice 2_is1) (Version:  - )
NahimicSettingsConfigurator (HKLM\...\{C0C4818E-DCAD-44F9-A2FF-FAACAEC791B5}) (Version: 2.1.1801 - ASUSTeKcomputer.Inc) Hidden
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.4 - NETGEAR)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.4.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.4.14 - NVIDIA Corporation)
NVIDIA Graphics Driver 452.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.34 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 24.0.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation)
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation)
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.83.43781 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwatch League Replay Viewer (HKLM-x32\...\Overwatch League Replay Viewer) (Version:  - Blizzard Entertainment)
Overwatch Test (HKLM-x32\...\Overwatch Test) (Version:  - Blizzard Entertainment)
Overwatch World Cup Viewer (HKLM-x32\...\Overwatch World Cup Viewer) (Version:  - Blizzard Entertainment)
PC Building Simulator (HKLM-x32\...\{BF3FA925-71A0-47FA-9485-73FC139B36F5}_is1) (Version: 1.8 - Repack by Team-LiL)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
ProtonVPN (HKLM-x32\...\{CC56589D-2FE8-4B38-9024-0ABCD9F3CB0E}) (Version: 1.16.1 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.16.1) (Version: 1.16.1 - Proton Technologies AG)
Python 3.5.1 (32-bit) (HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\{c39d559b-aa83-4476-ba20-988a35a1199a}) (Version: 3.5.1150.0 - Python Software Foundation)
Python 3.5.1 Core Interpreter (32-bit) (HKLM-x32\...\{7665C66D-78C4-4B30-B4B9-8DD484403532}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Development Libraries (32-bit) (HKLM-x32\...\{2B2FED36-5D63-411A-A8C4-E311D70BCF33}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Documentation (32-bit) (HKLM-x32\...\{77EEC303-714C-4290-AF63-5252FDB5D7C8}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit) (HKLM-x32\...\{946BBA68-EDC0-4981-83D3-09592B9A84FA}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 pip Bootstrap (32-bit) (HKLM-x32\...\{4F29879C-940D-4599-8CEC-407579F73DF7}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit) (HKLM-x32\...\{65A2F7DA-ACD7-4EC1-8A88-665D535D9CE7}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit) (HKLM-x32\...\{C387DB53-A25F-49E3-8DF7-94F47E5A7921}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit) (HKLM-x32\...\{FA87440D-634A-4581-AD9C-C6FA859B88DD}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Utility Scripts (32-bit) (HKLM-x32\...\{9254A29B-0F60-444C-B5CE-DB7E2505474C}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Razer Chroma SDK (HKLM-x32\...\Razer Chroma SDK) (Version: 3.14.8 - Razer Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.10.8.1270 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.24.34 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.0907.090217 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.1.2.0 - ASUSTek COMPUTER INC.)
Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{7138CC92-123A-393F-BC30-B784794DF4E7}) (Version: 14.0.25421 - Microsoft Corporation) Hidden
SDK Debuggers (HKLM-x32\...\{905D1773-308E-B34B-7489-1E1557BF0AF4}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (HKLM-x32\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
Setup (HKLM-x32\...\{F8B95E3C-40A0-49CE-B5F9-3861F238B9FF}) (Version: 19.1.0.12 - Corel Corporation) Hidden
Share64 (HKLM\...\{A61EEC3A-E37C-49A5-BE61-7AEE04F1A15D}) (Version: 19.1.0.12 - Corel Corporation) Hidden
ShiftWindow 1.02 (HKLM-x32\...\ShiftWindow_is1) (Version:  - Grismar)
Should I Remove It (HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Sonic Studio Plugin (HKLM\...\{DDA3EA99-E4F2-4EBF-8BD5-EF3898D6B3D8}) (Version: 2.1.1801 - ASUSTeKcomputer.Inc) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SQL Server 2008 R2 SP2 Common Files (HKLM-x32\...\{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM-x32\...\{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM-x32\...\{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM-x32\...\{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM-x32\...\{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM-x32\...\{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM-x32\...\{93998800-1608-403F-9A51-420A77D23C25}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StreamElements OBS.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 20.2.28.571 - StreamElements)
SuperF4 (HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\SuperF4) (Version: 1.3 - Stefan Sundin)
Team Explorer for Microsoft Visual Studio 2015 Update 3 CTP1 (HKLM-x32\...\{C0402801-37B7-30B1-A678-AE3E73E4C4F6}) (Version: 14.98.25331 - Microsoft) Hidden
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.17057 - Microsoft Corporation)
Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Twitch (HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
TypeScript Power Tool (HKLM-x32\...\{465ACA24-B8D6-4FEC-A42D-9EFCB92CD560}) (Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{BDB33BE7-73D0-4C02-A576-78FD17C95A8D}) (Version: 1.8.34.0 - Microsoft Corporation) Hidden
UNO (HKLM-x32\...\Uplay Install 3352) (Version:  - Ubisoft)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 71.0 - Ubisoft)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{8BA11E80-4FB0-11E7-9B6D-A9EF5249FCEF}) (Version: 14.0.270 - VEGAS)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VS Update core components (HKLM-x32\...\{5C946395-4D29-3274-A47D-B77D4B10E126}) (Version: 14.0.25421 - Microsoft Corporation) Hidden
vs_update3notification (HKLM-x32\...\{B5BE6171-568A-3657-90CD-A76BEC01F62D}) (Version: 14.0.25421 - Microsoft Corporation) Hidden
VSClassic64 (HKLM\...\{99B95309-4793-43D9-8F1C-EC086FC74CB5}) (Version: 19.1.0.12 - Corel Corporation) Hidden
VSUltimate64 (HKLM\...\{3F5D769B-346B-487A-851A-A1AF147D5B39}) (Version: 19.1.0.12 - Corel Corporation) Hidden
WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Webull Desktop version 4.2.0 (HKLM-x32\...\{ACD3494F-0DDF-4520-B50A-2BEAAAD4DAC3}_is1) (Version: 4.2.0 - Webull Company, Inc.)
WinDirStat 1.1.2 (HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\WinDirStat) (Version:  - )
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
Windows Software Development Kit - Windows 10.0.14393.795 (HKLM-x32\...\{5eb6fbea-73ee-4a8e-9042-110704768d7f}) (Version: 10.1.14393.795 - Microsoft Corporation)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
 
Packages:
=========
ASUS Welcome -> C:\Program Files\WindowsApps\B9ECED6F.ASUSWelcome_1.0.1.0_x64__qmba6cd70vzyy [2016-01-31] (ASUSTeK COMPUTER INC.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-28] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-16] (Netflix, Inc.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-02] (Microsoft Corporation)
Xbox Accessories -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_300.1911.1001.0_x64__8wekyb3d8bbwe [2019-11-24] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-7063B4B49902} -> [Creative Cloud Files] => F:\Creative Cloud Files0
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Nasir York\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\Nasir York\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FA372A6E-149F-4E95-832D-8F698D40AD7F}\localserver32 -> C:\Users\Nasir York\AppData\Local\Google\Chrome SxS\Application\87.0.4261.0\notification_helper.exe (Google LLC -> Google LLC)
SSODL: EldosMountNotificator-cbfs5 - {877C17A2-141F-499A-989E-CB89EF388FC8} - C:\Windows\system32\cbfsMntNtf5.dll (EldoS Corporation -> EldoS Corporation)
SSODL-x32: EldosMountNotificator-cbfs5 - {877C17A2-141F-499A-989E-CB89EF388FC8} - C:\Windows\SysWOW64\cbfsMntNtf5.dll (EldoS Corporation -> EldoS Corporation)
ShellServiceObjects: Virtual Storage Mount Notification -> {877C17A2-141F-499A-989E-CB89EF388FC8} => C:\Windows\system32\cbfsMntNtf5.dll [2015-05-22] (EldoS Corporation -> EldoS Corporation)
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {877C17A2-141F-499A-989E-CB89EF388FC8} => C:\Windows\SysWOW64\cbfsMntNtf5.dll [2015-05-22] (EldoS Corporation -> EldoS Corporation)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs5] -> {A884D27C-84DC-41DD-89FB-8D8ABF3460D1} => C:\Windows\system32\cbfsMntNtf5.dll [2015-05-22] (EldoS Corporation -> EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs5] -> {A884D27C-84DC-41DD-89FB-8D8ABF3460D1} => C:\Windows\system32\cbfsMntNtf5.dll [2015-05-22] (EldoS Corporation -> EldoS Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => F:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-05-17] (Notepad++ -> )
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2016-11-17] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-08-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\system32\vorbis.acm [1562432 2017-03-01] (Image Line -> HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [msacm.dvacm_vspx9] => C:\Program Files\Corel\CORELV~1\Dvacm.acm
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [652288 2013-05-28] () [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1456448 2017-03-01] (Image Line -> HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] () [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Nasir York\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Canary Apps\Codebender App.lnk -> C:\Users\Nasir York\AppData\Local\Google\Chrome SxS\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=magknjdfniglanojbpadmpjlglepnlko
 
==================== Loaded Modules (Whitelisted) =============
 
2017-04-10 14:09 - 2015-02-26 20:19 - 000380928 _____ () [File not signed] C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll
2020-03-30 15:25 - 2020-03-30 15:25 - 002831360 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\LightingService\log4cxx.dll
2015-12-26 17:28 - 2014-04-24 18:03 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.22\ASACPI.DLL
2015-12-26 17:29 - 2014-07-02 05:41 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.11\AsAcpi.dll
2020-09-12 17:49 - 2020-09-12 17:49 - 000044176 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2015-12-26 17:29 - 2014-07-02 05:41 - 000676864 ____R (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.11\asacpiEx.dll
2017-04-10 14:09 - 2011-06-21 16:04 - 000229376 _____ (Broadcom Corporation) [File not signed] C:\Program Files (x86)\NETGEAR\WNA3100\wps_api.dll
2020-02-26 10:19 - 2020-02-26 10:19 - 000187904 _____ (ENE Technology inc.) [File not signed] C:\Program Files\ENE\Aac_ENE_EHD_M2_HAL\AacHal_x86.dll
2014-05-28 14:10 - 2014-05-28 14:10 - 000296960 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2014-05-28 14:10 - 2014-05-28 14:10 - 000526336 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2020-09-11 17:18 - 2020-08-20 02:33 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] F:\Program Files (x86)\Origin\LIBEAY32.dll
2020-09-11 17:18 - 2020-08-20 02:33 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] F:\Program Files (x86)\Origin\ssleay32.dll
2020-09-11 17:18 - 2020-08-20 02:33 - 001611264 _____ (The Qt Company Ltd) [File not signed] F:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-09-11 17:18 - 2020-08-20 02:33 - 005487104 _____ (The Qt Company Ltd) [File not signed] F:\Program Files (x86)\Origin\Qt5Core.dll
2020-09-11 17:18 - 2020-08-20 02:33 - 005841920 _____ (The Qt Company Ltd) [File not signed] F:\Program Files (x86)\Origin\Qt5Gui.dll
2020-09-11 17:18 - 2020-08-20 02:33 - 001179136 _____ (The Qt Company Ltd) [File not signed] F:\Program Files (x86)\Origin\Qt5Network.dll
2020-09-11 17:18 - 2020-08-20 02:33 - 000146432 _____ (The Qt Company Ltd) [File not signed] F:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-09-11 17:18 - 2020-08-20 02:33 - 005089792 _____ (The Qt Company Ltd) [File not signed] F:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-09-11 17:18 - 2020-08-20 02:33 - 000184832 _____ (The Qt Company Ltd) [File not signed] F:\Program Files (x86)\Origin\Qt5Xml.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\sharepoint.com -> hxxps://unhnewhaven-files.sharepoint.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2018-04-09 13:50 - 2020-08-16 04:37 - 000001042 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64_win\compiler;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files (x86)\GtkSharp\2.12\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\Nasir York\AppData\Local\Microsoft\WindowsApps;C:\Users\Nasir York\AppData\Local\atom\bin;C:\Users\Nasir York\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-412816286-677371127-1562832458-1001\Control Panel\Desktop\\Wallpaper -> F:\Media\Art\Digital Art\Photoshop\Finished\Ceejust Backgrounds\Ceejust Neon Name.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
Network Binding:
=============
Ethernet 2: General NDIS Protocol Driver -> SCM_NDISPROT (enabled) 
Ethernet 2: Realtek RealWoW Driver -> rtk_realwow60 (enabled) 
Ethernet: General NDIS Protocol Driver -> SCM_NDISPROT (enabled) 
Ethernet: Realtek RealWoW Driver -> rtk_realwow60 (enabled) 
Local Area Connection 2: Realtek RealWoW Driver -> rtk_realwow60 (enabled) 
Local Area Connection 2: General NDIS Protocol Driver -> SCM_NDISPROT (enabled) 
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: Razer Synapse Service => 2
HKLM\...\StartupApproved\StartupFolder: => "NETGEAR WNA3100 Genie.lnk"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "BdVpnApp"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ASUS Ai Charger"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer DMS"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer WSAgent"
HKLM\...\StartupApproved\Run32: => "AO Link Server"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer ShareEdit"
HKLM\...\StartupApproved\Run32: => "WebStorage"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "ProductUpdater"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "DSATray"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "ExpressVPNNotificationService"
HKLM\...\StartupApproved\Run32: => "Kraken0510Helper"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\StartupFolder: => "CAM.lnk"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\StartupFolder: => "GenuineService.lnk"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_8463E4E6F536B8D8D1FC6B6ADD3BC0C5"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Prime95"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "f.lux"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Haste"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "ExpressVPN4"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Windscribe"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Synapse3"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Adguard"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Parsec.App.0"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_2952BC569372D1E14E2D5D2EA119F0E6"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{51D476F8-3BAE-474C-9CFF-F680B438B98B}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Gears5\GearGame\Binaries\Steam\Gears5_EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{1024DE61-118A-4103-A145-758F2B79FB5B}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Gears5\GearGame\Binaries\Steam\Gears5_EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{8F485514-2CD8-4096-863F-09DE3D46DDAD}F:\program files (x86)\steam\steamapps\common\gears5\geargame\binaries\steam\gears5.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\gears5\geargame\binaries\steam\gears5.exe (The Coalition) [File not signed]
FirewallRules: [TCP Query User{590E5C09-CCA0-42F5-ACE0-012B0C972182}F:\program files (x86)\steam\steamapps\common\gears5\geargame\binaries\steam\gears5.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\gears5\geargame\binaries\steam\gears5.exe (The Coalition) [File not signed]
FirewallRules: [UDP Query User{0F02A7E5-6A0A-49CC-869A-E7604EE34078}F:\overwatch\_replay_viewer_\overwatch.exe] => (Allow) F:\overwatch\_replay_viewer_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{6F6D654B-CFC3-4E1A-8EEF-FF14D5D4E529}F:\overwatch\_replay_viewer_\overwatch.exe] => (Allow) F:\overwatch\_replay_viewer_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{FAA42020-AE0F-480E-A5FB-39DB9B6E6DCF}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{4B2EDAB9-C9C3-4BD5-BF53-4F4A2D5B69DB}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{69ED1D1D-803B-4429-A24D-20A1E8A8D22C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{EFE0EBBA-3538-4EE3-B07F-6101CF715257}F:\overwatch\_retail_\overwatch.exe] => (Allow) F:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{22345150-265E-42DA-B57A-632BD98D34B7}F:\overwatch\_retail_\overwatch.exe] => (Allow) F:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{769EDB8E-C4CF-4733-9ABC-ECE5A1C5855C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AB8024B6-575F-48E4-9AB2-5D4EA3098782}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{323A6CD8-6C95-47DA-B8EA-6E56AF68A040}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{10345D00-3C90-444F-B123-011CB4DEDCF0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{8C19F219-0087-4C94-B00C-DB06FC2F7CEC}C:\users\nasir york\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\nasir york\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [TCP Query User{78D3AAB9-5579-435B-96F4-9B3168D0E1D0}C:\users\nasir york\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\nasir york\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [{4BAB5CD9-6E27-46C5-84EE-D101CC44EC27}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DFC73CF5-6F85-4B78-B06F-CD25BEAC4F11}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E60CB4A0-9020-43BE-8659-61FA246DB9C6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8987247E-FC72-4AB4-98C3-7C9D5C0EEE23}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{4D1C3445-5A70-4A27-B420-858F3DE7CB55}C:\program files (x86)\ultrabox entertainment\chroma sync\chroma sync.exe] => (Allow) C:\program files (x86)\ultrabox entertainment\chroma sync\chroma sync.exe (Ultrabox Entertainment Limited) [File not signed]
FirewallRules: [TCP Query User{140EBC3E-8CB1-4395-A70A-A6938008A4B0}C:\program files (x86)\ultrabox entertainment\chroma sync\chroma sync.exe] => (Allow) C:\program files (x86)\ultrabox entertainment\chroma sync\chroma sync.exe (Ultrabox Entertainment Limited) [File not signed]
FirewallRules: [{3472F3E3-EB83-48C4-8C9F-70BC7B31C494}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{48F1975D-7450-4740-B939-3B15EE68B755}C:\users\nasir york\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\nasir york\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [TCP Query User{183DC536-1AFB-431F-B318-A3BBCFE58DD6}C:\users\nasir york\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\nasir york\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{0E477258-A72F-4641-A893-9BF99A6C874B}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [TCP Query User{B7C8C640-DA1A-4D8C-9104-5706D1DD492E}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{272984B9-36F3-4A7F-AD00-163FE8D587BD}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Nuclear Throne\nuclearthrone.exe (Vlambeer) [File not signed]
FirewallRules: [{3EDD8817-1E20-4BFA-8390-08DE7B5C28BE}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Nuclear Throne\nuclearthrone.exe (Vlambeer) [File not signed]
FirewallRules: [{B1C13B69-1072-4979-B674-15F99133D4D4}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{62B7B065-40FE-4E16-9ABA-74E9BF34815D}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1C9421D3-54CA-4821-AD73-B393E622199E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6794B290-4B93-4D17-941E-13513C0E9DE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{17558CA4-236E-489C-8D33-36F7B27C6453}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{844CFC51-B020-4861-A647-A8B11E547D99}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{458C194B-6874-4226-B4BB-08CB743AC670}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{924174D4-D8BD-4DF6-93E7-D4FEE3C54211}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E95983F0-5E49-4B31-A2E2-CD9D28B6DC83}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0EDED09F-998F-49DF-BCC9-C6D51C289138}] => (Allow) LPort=8586
FirewallRules: [{CDA361F6-1E0E-47C7-A290-59E2AE3B384A}] => (Allow) LPort=8586
FirewallRules: [{1BF0374E-D402-4461-ACC9-5CABA1661D87}] => (Allow) C:\Program Files\ASUS\HomeCloud\ServerConsole\HomeBox Server.exe (ASUS Cloud Corporation -> )
FirewallRules: [{BCAA783B-26AD-4818-8A04-7DD9EFB78E6D}] => (Allow) C:\Program Files\ASUS\HomeCloud\Tomcat\Tomcat_OmniStore\bin\tomcat6.exe (Apache Software Foundation) [File not signed]
FirewallRules: [{0AB69F55-FBE9-4736-81EE-9F7EBB51FC06}] => (Allow) C:\Windows\SysWOW64\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C9D3AB42-785F-49BA-A67C-DFD6D14B1A1F}] => (Allow) C:\Windows\SysWOW64\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F84AAD75-6D5F-4299-B776-A8F604EE5759}] => (Allow) C:\Windows\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3D947D72-553F-4358-AB7E-4D2385D03424}] => (Allow) C:\Windows\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4178D8DD-19BF-40DD-9BE7-7792CDF4D7CE}] => (Allow) C:\Program Files\ASUS\HomeCloud\Tomcat\Tomcat_OmniStore\bin\tomcat6.exe (Apache Software Foundation) [File not signed]
FirewallRules: [{054426D8-6634-4EBB-A3CB-E9168193853D}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B1195FFC-E0E4-497F-9AC2-46BC643D2B28}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity\2015\UnityVS.OpenFile.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{365F721A-9DAF-4AAB-9E3A-C76D84C7153C}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EEA97C71-35AF-4242-8F3E-A5701CE6A9B9}] => (Allow) LPort=9143
FirewallRules: [{03CC62E0-41BE-4CE6-B200-FB93D41BB642}] => (Allow) LPort=2333
FirewallRules: [TCP Query User{B02CE1BF-7783-4A84-9097-50A47F884CF7}F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{69C281DB-AA33-4528-A933-48D4676DC563}F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{4BC50C2B-ADB1-43A0-BE8D-36B1D9CBE947}F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{D7EB5DB3-163D-4995-BCC6-87B3A070D886}F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{34D845BC-B448-4CA2-86F7-D516DF447067}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{223076EA-973E-4967-A447-1918A872E8FB}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{80B023F5-7F75-4B21-AD71-AEF783F5FF8A}] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{F7A6F8B6-B5F0-4070-BD72-2BADCCF0D3C6}] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{8935D5CE-BD0A-4746-9588-8DA71738BDFE}F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{88160334-C8A4-48B5-BA6D-C7A46337792C}F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{03D23C5A-06FD-47AC-A9EB-70780FE00F1C}F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{362EF7CB-3950-4597-929A-F9F6FC74C88E}F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{88EFAABD-C600-4172-93C9-0062AF27191A}F:\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) F:\spellbreak\g3\binaries\win64\spellbreak.exe (Proletariat, Inc. -> Proletariat, Inc.)
FirewallRules: [UDP Query User{3C71A0CE-1253-48DE-9872-C3CE79B4B76A}F:\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) F:\spellbreak\g3\binaries\win64\spellbreak.exe (Proletariat, Inc. -> Proletariat, Inc.)
FirewallRules: [TCP Query User{AEC007E5-F181-4646-A764-A9D95C5ED818}F:\program files (x86)\image-line\fl studio 20\fl64.exe] => (Allow) F:\program files (x86)\image-line\fl studio 20\fl64.exe => No File
FirewallRules: [UDP Query User{0650DA28-52C3-4CAF-ACF8-E19664D14291}F:\program files (x86)\image-line\fl studio 20\fl64.exe] => (Allow) F:\program files (x86)\image-line\fl studio 20\fl64.exe => No File
FirewallRules: [TCP Query User{6CEE534C-F353-4887-8C26-141D2F6132FD}F:\call of duty modern warfare\modernwarfare.exe] => (Allow) F:\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{6C595E5F-E92A-4AF5-BDD3-230C2B32565E}F:\call of duty modern warfare\modernwarfare.exe] => (Allow) F:\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{40EAABF4-8377-4941-9D6A-30C6626A9C35}F:\overwatch\_ptr_\overwatch.exe] => (Allow) F:\overwatch\_ptr_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{36FEE0DF-4E80-4300-A52F-9F2FFF7A7BD0}F:\overwatch\_ptr_\overwatch.exe] => (Allow) F:\overwatch\_ptr_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{55235E7F-BD01-40C7-A12A-BFD9DD64C868}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{F14C29FD-A73C-46DB-9BA8-4A6850024372}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{C549623F-A634-4D56-822A-16AE9040CAD9}C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe] => (Allow) C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{D8BA3168-0128-43B7-B47C-A05388C7A87B}C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe] => (Allow) C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{55A8918A-6FD4-44E4-93C0-3904E121756B}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Monopoly Plus\Monopoly.exe (Ubisoft Entertainment -> Asobo Studio)
FirewallRules: [{504B6E4D-737A-4786-B7FC-5A5222D5C16F}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Monopoly Plus\Monopoly.exe (Ubisoft Entertainment -> Asobo Studio)
FirewallRules: [TCP Query User{29DB45C5-99C4-42F3-B4E8-00786E23FCBA}C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe] => (Allow) C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{DBA2C3B3-0A42-43A1-BF16-B86E1441D7CB}C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe] => (Allow) C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{8A92559A-7D4C-4676-B9B8-1B4028E063E2}F:\overwatch\_retail_\overwatch.exe] => (Allow) F:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{6F5FE14B-520C-453D-B40F-9B63A53CE446}F:\overwatch\_retail_\overwatch.exe] => (Allow) F:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{6B384191-52C4-4C08-8A24-88055B24C825}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{877B8420-F044-4B4B-84F9-85C76A8CF45C}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{36A3E05C-8330-4672-BF7C-7056E87A7075}] => (Allow) F:\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{4B13106E-17B6-4DBB-9C8A-DAD7C9383C08}] => (Allow) F:\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{43ED2535-CA56-4E5F-B552-E8EB5A1301E2}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
FirewallRules: [{26864FCF-EA1F-4BC7-97BB-CF763AF707E2}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
FirewallRules: [TCP Query User{E1166514-730C-498F-BF4A-4C8822211D02}F:\games\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe] => (Allow) F:\games\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [UDP Query User{4AFCEADB-CBEC-4FA3-A7FC-7C4B69A9AA2E}F:\games\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe] => (Allow) F:\games\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [{C516BDC7-D6AE-41E7-AC07-1D59AE2207EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{77428367-99CA-4340-9CA6-9607DE43AAB5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{93A2DDCE-6DF1-44F1-BE81-73EA31BD72E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{15D9A618-321A-48B7-97BE-32F875C5ED98}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1DE3A896-A5FE-41E2-8637-05B56CAA8CB4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FB935313-DD8C-4955-A819-3139C52809A4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{86005953-F1FC-4583-B7B6-9D12214006BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{875D342C-DB8D-46A9-B5BC-F6801EE39511}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{97BD67F5-9ED3-44E5-82B4-74E19E6FEA01}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{473D44C9-792D-446E-A047-E3196B5CA312}] => (Allow) C:\Users\Nasir York\AppData\Roaming\Zoom\bin\Zoom.exe => No File
FirewallRules: [{33450982-A001-4AC2-8DF7-B03F4D69CDF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C150C4F8-D021-45F1-9E07-DCBA080F1034}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9D26EFB7-CE4F-496E-AFCE-964A355156A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{686AF5BA-CE6E-400D-A674-CD199843F067}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{2E798E51-CB97-4C71-BD56-DE9C3716A9A8}F:\twitch\bin\electron\twitchui.exe] => (Block) F:\twitch\bin\electron\twitchui.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
FirewallRules: [UDP Query User{00D08F4D-5C9A-4DEA-BCB3-7FD534059E87}F:\twitch\bin\electron\twitchui.exe] => (Block) F:\twitch\bin\electron\twitchui.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
FirewallRules: [{2F34D270-1A68-4A4B-BC58-DA17A8CDF4FD}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{D29D465C-33DD-4101-AC7C-5578FBC426A6}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{05ADAD83-A502-484C-AB55-3BEE07ACE20F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4CE79FCA-50F7-421C-91C9-356B5BABB3D2}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{17F4BE24-FCCD-41BC-AB1A-E1355923A298}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{402B9580-1362-4A80-B217-699D4EAE4C51}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{58542554-1444-4E05-89C7-7984F9352AA1}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{09FA7472-CFDA-4EAC-AF21-A23D83B94688}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
 
==================== Restore Points =========================
 
12-09-2020 17:36:49 O&O ShutUp10
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (09/12/2020 05:51:45 PM) (Source: MSSQL$ASUSHOMECLOUD) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$ASUSHOMECLOUD\Performance'. SQL Server performance counters are disabled.
 
 
System errors:
=============
Error: (09/12/2020 05:59:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error: 
The system cannot find the file specified.
 
Error: (09/12/2020 05:59:50 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
 
Error: (09/12/2020 05:57:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error: 
The system cannot find the file specified.
 
Error: (09/12/2020 05:57:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DTOHOOC)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
 
Error: (09/12/2020 05:55:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error: 
The system cannot find the file specified.
 
Error: (09/12/2020 05:55:50 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
 
Error: (09/12/2020 05:53:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error: 
The system cannot find the file specified.
 
Error: (09/12/2020 05:53:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DTOHOOC)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. 2702 04/27/2015
Motherboard: ASUSTeK COMPUTER INC. MAXIMUS VII HERO
Processor: Intel® Core™ i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 27%
Total physical RAM: 16326.49 MB
Available physical RAM: 11905.82 MB
Total Virtual: 25542.49 MB
Available Virtual: 19106.05 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:111.3 GB) (Free:25.18 GB) NTFS
Drive f: (Hard Drive) (Fixed) (Total:1863.01 GB) (Free:886.52 GB) NTFS
 
\\?\Volume{92c7ec7c-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.44 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 92C7EC7C)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 2EEE4D9F)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt =======================

  • 0

#7
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,142 posts
  • MVP

For Melodyne try:

 

Copy the next line:

msiexec /x {721E4E34-AF7C-4345-93F9-282CCC8CCCB5}

hit Enter.  It may ask you if you are sure.  Say Y.

 

If that doesn't work then see:

 

https://discuss.cake...odyne-run-time/

 

Could I see the fixlog please?

Open an elevated command prompt:

http://www.howtogeek...-in-windows-10/
http://www.eightforu...indows-8-a.html

(If you open an elevated Command Prompt properly it will say Administrator: Command Prompt in the margin at the top of the window)


Once you have an elevated command prompt:

 

Open an Elevated Command Prompt (admin)

 

 

Right click and select Paste (or Edit then Paste) and the copied line should appear.  Hit Enter.


  • 0

#8
nasirnasir1

nasirnasir1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Sorry, Here you go
 
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-09-2020 01
Ran by Nasir York (12-09-2020 17:41:26) Run:1
Running from C:\Users\Nasir York\Desktop
Loaded Profiles: Nasir York
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Unlock: C:\Windows\system32\wuaueng.dll
File: C:\Windows\system32\wuaueng.dll
CMD: sc start wuauserv
HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe
HKLM\...\Run: [CL-25-786B446E-275C-4A7F-BE5E-29564044FED2] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-25-786B446E-275C-4A7F-BE5E-29564044FED2\setuplauncher.exe" /run:Installer.exe /args:"/setup-folder:"CL-25-786B446E-275C-4A7F-BE5E-2956404 (the data entry has 7 more characters).
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
REG: reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender" /s
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Run: [GoogleChromeAutoLaunch_8463E4E6F536B8D8D1FC6B6ADD3BC0C5] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Run: [GoogleChromeAutoLaunch_2952BC569372D1E14E2D5D2EA119F0E6] => "C:\Users\Nasir York\AppData\Local\Google\Chrome SxS\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.102\Installer\chrmstp.exe [2020-09-10] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Task: {02443D27-8E80-4036-88C2-C765BD59F9A1} - \ASUS\ASUSUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {0655C164-67DD-46E8-9494-0915AAED1236} - \NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {08C3CC1F-48C9-42DF-B888-4414684FE749} - \ASUS\RemoteWakeAgent Execute -> No File <==== ATTENTION
Task: {0F9798BF-5AD7-4145-8065-E9C87E7D5B1D} - \Opera scheduled Autoupdate 1576754873 -> No File <==== ATTENTION
Task: {1046BEF6-BCDB-4CCE-9A6C-9B0B657FE595} - \Adobe Acrobat Update Task -> No File <==== ATTENTION
Task: {12111E5C-16BF-4CEB-A23B-03466FBF7E22} - \DropboxUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {1DC5A62F-7688-4FC3-87B8-508877D16A16} - \[email protected] -> No File <==== ATTENTION
Task: {21C57211-8792-45F4-9398-13A7B2FD1E4D} - \ASUS\ASUS DIPAwayMode -> No File <==== ATTENTION
Task: {2574549F-267F-4613-9974-0E92A70C89F7} - \ASUS\ASUSUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {2595D41E-4D2C-4ACF-8984-2E535BE5A10D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {27EE5F7B-7516-41FF-A235-0EBFE77A4717} - \USER_ESRV_SVC_QUEENCREEK -> No File <==== ATTENTION
Task: {36C947FD-22FE-4786-B7B8-D242C0AA4979} - \Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 -> No File <==== ATTENTION
Task: {3A597984-D942-4829-BD3F-2068AA05D3AC} - \Apple\AppleSoftwareUpdate -> No File <==== ATTENTION
Task: {41B1704B-7AF7-46B8-ACC7-03C0EDB7AABA} - \GoogleUpdateTaskUserS-1-5-21-412816286-677371127-1562832458-1001Core -> No File <==== ATTENTION
Task: {42DEACA5-BF42-46F6-AFD9-815592BAD50E} - \Adobe Uninstaller -> No File <==== ATTENTION
Task: {439948FD-38DD-41C9-A515-EE39BD2D521E} - \BlueStacksHelper -> No File <==== ATTENTION
Task: {47DFA091-12DF-4E94-824E-57428ED0BCCA} - \GoogleUpdateTaskUserS-1-5-21-412816286-677371127-1562832458-1001UA -> No File <==== ATTENTION
Task: {4A51E577-D219-4FD7-9638-A1A3D182297A} - \ASUS\P508PowerAgent_sdk -> No File <==== ATTENTION
Task: {4D71BF85-19BF-4A05-A66B-BC11461B1536} - \User_Feed_Synchronization-{B290DBA9-18E3-4ED0-9D2F-E1631691DB35} -> No File <==== ATTENTION
Task: {4EF358B1-FF38-4429-868B-5089880C39D9} - \Avira_Security_Update -> No File <==== ATTENTION
Task: {4F4A521E-3784-4E7C-A54B-73BD8B8C235D} - \OneDrive Standalone Update Task-S-1-5-21-412816286-677371127-1562832458-1010 -> No File <==== ATTENTION
Task: {50D8A60A-B2DF-4623-A543-D5D53683C9B7} - \avast! Windows 10 Start Menu helper -> No File <==== ATTENTION
Task: {593F6AF6-E1E9-450B-9EF7-13ED11849B77} - \CAM -> No File <==== ATTENTION
Task: {5BB75B78-3DEC-4A08-B9D4-AEB479CE0BCA} - \ASUS\Ez Update -> No File <==== ATTENTION
Task: {5BFC000C-E4A5-4544-BF8E-41937419FE3D} - \ASUS\USB 3.0 Boost Service -> No File <==== ATTENTION
Task: {5CE6B8BB-BDE1-4C17-A87C-A756BEAEB0F8} - \ASUS\ArmourySocketServer -> No File <==== ATTENTION
Task: {5E32FA34-B9F7-4ACF-944F-FE651626415B} - \NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {65F2B608-9B5D-4064-9E65-D83DF0787E9E} - \NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {678E46CB-7C8E-41E6-8A95-95C9F8D4488D} - \GyazoUpdateTaskMachine -> No File <==== ATTENTION
Task: {6AEB6C3A-46A8-4622-9463-C2F30EE6ABB3} - \ASUS\Framework Service -> No File <==== ATTENTION
Task: {6DABF057-4641-49C1-9899-B8754988137F} - \AdobeAAMUpdater-1.0-DESKTOP-DTOHOOC-Nasir York -> No File <==== ATTENTION
Task: {714CB444-815B-4337-A258-0405BDFC4269} - \GyazoUpdateTaskMachineDaily -> No File <==== ATTENTION
Task: {71F857FB-3485-4959-8BF0-5F837AF27086} - \DropboxUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {77C644E1-D8E4-4A70-B10C-57779DBE9916} - \NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {7CA2624A-CCD2-4501-A4F2-50A8DCC2E767} - \NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {9C841347-84DC-43E1-A316-61D9A8C64918} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {A2229CF2-762D-44BC-9F0C-6F0BF66A8005} - \ASUS\GpuFanHelper -> No File <==== ATTENTION
Task: {ACC8B202-AEF5-46D9-9947-C1F0CB2C12DB} - \NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {AFD54B92-18E3-4D56-853B-7C439EEBA02E} - \ASUS\Push Notice Server Execute -> No File <==== ATTENTION
Task: {B656939C-E37D-4A40-9AC6-EB2AA7EC9C15} - \NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {C161F3F9-3343-4892-A82B-B233761AE765} - \ASUS\ASUS Media Streamer DMR -> No File <==== ATTENTION
Task: {C64A0226-933F-4386-AA98-A4F73D3B5D74} - \AVG_SYS_TASK_0615piz -> No File <==== ATTENTION
Task: {C790CDD9-3C0B-4E8A-AF45-E1E67A7D36E0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {C792B4C1-8EFA-4F9B-8E95-575080A6F7DF} - \Adobe Flash Player PPAPI Notifier -> No File <==== ATTENTION
Task: {C7CC324F-D821-4C23-866C-4FD39AC85EF9} - \ASUS\ASUS AISuiteIII -> No File <==== ATTENTION
Task: {C8DA042E-9920-4547-A363-7490216C8566} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {C90D22C1-31D4-47CD-AE57-D05F3C8FD951} - \MicrosoftEdgeUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {CA03C619-D818-485E-A0BA-BF0B0A789496} - \NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {D319C04D-CA23-48D1-819C-E3B3F41768E8} - \AviraSystemSpeedupUpdate -> No File <==== ATTENTION
Task: {D857C645-CDC5-467A-B8D4-21FBEAB54349} - \AVG_SYS_TASK_0615piz_DELETE -> No File <==== ATTENTION
Task: {DDC035AF-43C1-4204-A507-DD7EC9271BEC} - \{1260EC0B-316C-479A-A0F7-D86CBFD9E973} -> No File <==== ATTENTION
Task: {DE71B6B2-6239-41B6-B984-19C5E4A9E9EB} - \AdobeGCInvoker-1.0 -> No File <==== ATTENTION
Task: {DFEECB4B-3CAF-40A9-A70B-A2BFF0E48726} - \Adobe Flash Player Updater -> No File <==== ATTENTION
Task: {E2937634-206E-448C-9988-C9D8D66527A6} - \Intel\Intel Telemetry 2 -> No File <==== ATTENTION
Task: {E33DBBCB-F6CA-4B54-BD54-5A66EE74E3C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-09-15] (Google Inc -> Google Inc.)
Task: {E5B46CDB-D1A7-41E2-B6FA-F516A06828DB} - \ProtonVPN Update -> No File <==== ATTENTION
Task: {E7062269-51BE-44AA-85FA-64D519E0F7E0} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
Task: {E7CE0E71-48BC-4B4F-BDAD-DC4518533D75} - \AsushomeCloudStart -> No File <==== ATTENTION
Task: {E85D5E25-2002-4CD1-8EA0-15C28378B806} - \MSIAfterburner -> No File <==== ATTENTION
Task: {EDC3AFFA-C7AB-4945-9E0B-DE19277669C9} - \Opera scheduled assistant Autoupdate 1576754934 -> No File <==== ATTENTION
Task: {F25A667C-8EE0-45EB-AA6B-BEFE29FADF6E} - \S-1-5-21-412816286-677371127-1562832458-1001\DataSenseLiveTileTask -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll => No File
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll => No File
BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll => No File
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll => No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-12-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-23] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll No File
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll No File
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi => not found
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi => not found
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> F:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> F:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
S2 BDAuxSrv; "C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe" "settings/services/configs/bdauxsrv_config.json" [X]
S2 BDProtSrv; "C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe" "settings\services\configs\bdprotsrv_config.json" [X]
S2 BdVpnService; "C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe" "service" [X]
S2 ProductAgentService; "C:\Program Files\Bitdefender Agent\ProductAgentService.exe" [X]
S2 UPDATESRV; "C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe" /service [X]
S2 VSSERV; "C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe" "settings/services/configs/bdshieldsrv_config.json" [X]
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [2113184 2020-06-18] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
S2 BdDci; \SystemRoot\system32\DRIVERS\bddci.sys [X]
S0 Gemma; system32\DRIVERS\gemma.sys [X]
U4 napagent; no ImagePath
S3 VBAudioVMVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys [X]
2020-09-11 19:04 - 2020-09-11 19:04 - 000121408 _____ C:\ProgramData\agent.1599865464.bdinstall.v2.bin
2020-09-11 19:04 - 2020-09-11 19:04 - 000000000 ____D C:\Program Files\Bitdefender Agent
2020-09-11 19:03 - 2020-09-11 19:03 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-09-11 16:40 - 2020-09-11 16:40 - 012444368 _____ C:\Users\Nasir York\Downloads\bitdefender_online (2).exe
2020-09-11 16:40 - 2020-09-11 16:40 - 012444368 _____ C:\Users\Nasir York\Downloads\bitdefender_online (1).exe
2020-09-11 16:17 - 2020-09-11 16:17 - 000402788 _____ C:\ProgramData\cl.uninstall.1599855423.bdinstall.v2.bin
2020-09-11 16:12 - 2020-09-11 16:12 - 012444368 _____ C:\Users\Nasir York\Downloads\bitdefender_online.exe
2020-09-11 16:12 - 2020-07-28 14:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender VPN
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
FW: Bitdefender Firewall (Disabled) {362C5A58-E860-6396-9204-BEEEF20CA463}
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden 
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\RxAppCtrl.Ocx => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Nasir York\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\RxAppDocView.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\RxAppDocView.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\RxTest.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\DtCp.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Nasir York\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\RxAppCtrl.Ocx => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Nasir York\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\UCxTextBtn.Ocx => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\UCxTextBtn.Ocx => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\Inventor.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\RxApprenticeServer.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\RxInventorUtilities.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\DTInterop.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\InvResc.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\InvTXTStack.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FD703B01-4362-423E-9BDB-91BDCB16C1C9}\InprocServer32 -> F:\Program Files\Autodesk\Inventor 2019\Bin\DTInterop.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} =>  -> No File
ContextMenuHandlers6_S-1-5-21-412816286-677371127-1562832458-1001: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} => F:\Program Files\Autodesk\Inventor 2019\Bin\DtBridge.dll -> No File
AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`pgyjhinhqhifh [0]
AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`pgyjhiqhnhm [0]
AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`pgyjhjhhlik [0]
AlternateDataStreams: C:\Users\Nasir York\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Nasir York\Desktop\Twitch.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Nasir York\Downloads\OriginThinSetup.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\Nasir York\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
HKU\S-1-5-21-412816286-677371127-1562832458-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
FirewallRules: [{6C85886A-C2D2-4451-89A6-D9DD8491538E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => No File
FirewallRules: [{3E7FAE9A-D542-4EC4-BFC8-BA127B08C939}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => No File
FirewallRules: [{6AD53E49-3B21-4776-B54B-02E8F608C385}] => (Allow) F:\Program Files (x86)\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => No File
FirewallRules: [{19157D2D-30EA-497C-8431-3E0A839758D9}] => (Allow) F:\Program Files (x86)\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => No File
FirewallRules: [{7317925F-42FC-4612-9F6A-579C7A97F732}] => (Allow) F:\Program Files (x86)\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe => No File
FirewallRules: [{671D1596-419B-4F3C-8BF9-187799E11ED1}] => (Allow) F:\Program Files (x86)\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe => No File
CMD: mkdir C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer
CMD: mkdir C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow
CMD: findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
*****************
 
"C:\Windows\system32\wuaueng.dll" => was unlocked
 
========================= File: C:\Windows\system32\wuaueng.dll ========================
 
C:\Windows\system32\wuaueng.dll
Catalog: C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0412~31bf3856ad364e35~amd64~~10.0.18362.1016.cat
File is digitally signed
MD5: 95336878FE34E39BC21F8BF5C60448C0
Creation and modification date: 2020-05-13 14:44 - 2020-05-13 14:44
Size: 003109376
Attributes: ----A
Company Name: Microsoft Windows -> Microsoft Corporation
Internal Name: wuaueng.dll
Original Name: wuaueng.dll
Product: Microsoft® Windows® Operating System
Description: Windows Update Agent
File Version: 10.0.18362.836 (WinBuild.160101.0800)
Product Version: 10.0.18362.836
Copyright: © Microsoft Corporation. All rights reserved.
 
====== End of File: ======
 
 
========= sc start wuauserv =========
 
 
SERVICE_NAME: wuauserv 
        TYPE               : 30  WIN32  
        STATE              : 2  START_PENDING 
                                (NOT_STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x0
        WAIT_HINT          : 0x7d0
        PID                : 7344
        FLAGS              : 
 
========= End of CMD: =========
 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\BdVpnApp" => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\CL-25-786B446E-275C-4A7F-BE5E-29564044FED2" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth" => removed successfully
 
========= reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender" /s =========
 
 
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender
    DisableAntiSpyware    REG_DWORD    0x1
 
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Policy Manager
 
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
    DisableBehaviorMonitoring    REG_DWORD    0x1
    DisableOnAccessProtection    REG_DWORD    0x1
    DisableScanOnRealtimeEnable    REG_DWORD    0x1
 
 
 
========= End of Reg: =========
 
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-412816286-677371127-1562832458-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_8463E4E6F536B8D8D1FC6B6ADD3BC0C5" => removed successfully
"HKU\S-1-5-21-412816286-677371127-1562832458-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_2952BC569372D1E14E2D5D2EA119F0E6" => removed successfully
"HKU\S-1-5-21-412816286-677371127-1562832458-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks" => removed successfully
HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{02443D27-8E80-4036-88C2-C765BD59F9A1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02443D27-8E80-4036-88C2-C765BD59F9A1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\ASUSUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0655C164-67DD-46E8-9494-0915AAED1236}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0655C164-67DD-46E8-9494-0915AAED1236}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{08C3CC1F-48C9-42DF-B888-4414684FE749}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08C3CC1F-48C9-42DF-B888-4414684FE749}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\RemoteWakeAgent Execute" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0F9798BF-5AD7-4145-8065-E9C87E7D5B1D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F9798BF-5AD7-4145-8065-E9C87E7D5B1D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1576754873" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1046BEF6-BCDB-4CCE-9A6C-9B0B657FE595}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1046BEF6-BCDB-4CCE-9A6C-9B0B657FE595}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{12111E5C-16BF-4CEB-A23B-03466FBF7E22}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12111E5C-16BF-4CEB-A23B-03466FBF7E22}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DropboxUpdateTaskMachineCore" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1DC5A62F-7688-4FC3-87B8-508877D16A16}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DC5A62F-7688-4FC3-87B8-508877D16A16}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\[email protected]" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{21C57211-8792-45F4-9398-13A7B2FD1E4D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21C57211-8792-45F4-9398-13A7B2FD1E4D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\ASUS DIPAwayMode" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2574549F-267F-4613-9974-0E92A70C89F7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2574549F-267F-4613-9974-0E92A70C89F7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\ASUSUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2595D41E-4D2C-4ACF-8984-2E535BE5A10D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2595D41E-4D2C-4ACF-8984-2E535BE5A10D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{27EE5F7B-7516-41FF-A235-0EBFE77A4717}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27EE5F7B-7516-41FF-A235-0EBFE77A4717}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\USER_ESRV_SVC_QUEENCREEK" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{36C947FD-22FE-4786-B7B8-D242C0AA4979}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36C947FD-22FE-4786-B7B8-D242C0AA4979}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3A597984-D942-4829-BD3F-2068AA05D3AC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A597984-D942-4829-BD3F-2068AA05D3AC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{41B1704B-7AF7-46B8-ACC7-03C0EDB7AABA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41B1704B-7AF7-46B8-ACC7-03C0EDB7AABA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-412816286-677371127-1562832458-1001Core" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{42DEACA5-BF42-46F6-AFD9-815592BAD50E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42DEACA5-BF42-46F6-AFD9-815592BAD50E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Uninstaller" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{439948FD-38DD-41C9-A515-EE39BD2D521E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{439948FD-38DD-41C9-A515-EE39BD2D521E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BlueStacksHelper" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47DFA091-12DF-4E94-824E-57428ED0BCCA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47DFA091-12DF-4E94-824E-57428ED0BCCA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-412816286-677371127-1562832458-1001UA" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4A51E577-D219-4FD7-9638-A1A3D182297A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A51E577-D219-4FD7-9638-A1A3D182297A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\P508PowerAgent_sdk" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D71BF85-19BF-4A05-A66B-BC11461B1536}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D71BF85-19BF-4A05-A66B-BC11461B1536}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\User_Feed_Synchronization-{B290DBA9-18E3-4ED0-9D2F-E1631691DB35}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4EF358B1-FF38-4429-868B-5089880C39D9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4EF358B1-FF38-4429-868B-5089880C39D9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira_Security_Update" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F4A521E-3784-4E7C-A54B-73BD8B8C235D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F4A521E-3784-4E7C-A54B-73BD8B8C235D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-412816286-677371127-1562832458-1010" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{50D8A60A-B2DF-4623-A543-D5D53683C9B7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50D8A60A-B2DF-4623-A543-D5D53683C9B7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avast! Windows 10 Start Menu helper" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{593F6AF6-E1E9-450B-9EF7-13ED11849B77}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{593F6AF6-E1E9-450B-9EF7-13ED11849B77}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CAM" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5BB75B78-3DEC-4A08-B9D4-AEB479CE0BCA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BB75B78-3DEC-4A08-B9D4-AEB479CE0BCA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\Ez Update" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5BFC000C-E4A5-4544-BF8E-41937419FE3D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BFC000C-E4A5-4544-BF8E-41937419FE3D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\USB 3.0 Boost Service" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5CE6B8BB-BDE1-4C17-A87C-A756BEAEB0F8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CE6B8BB-BDE1-4C17-A87C-A756BEAEB0F8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\ArmourySocketServer" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5E32FA34-B9F7-4ACF-944F-FE651626415B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E32FA34-B9F7-4ACF-944F-FE651626415B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65F2B608-9B5D-4064-9E65-D83DF0787E9E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65F2B608-9B5D-4064-9E65-D83DF0787E9E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{678E46CB-7C8E-41E6-8A95-95C9F8D4488D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{678E46CB-7C8E-41E6-8A95-95C9F8D4488D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GyazoUpdateTaskMachine" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6AEB6C3A-46A8-4622-9463-C2F30EE6ABB3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AEB6C3A-46A8-4622-9463-C2F30EE6ABB3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\Framework Service" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6DABF057-4641-49C1-9899-B8754988137F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DABF057-4641-49C1-9899-B8754988137F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-DESKTOP-DTOHOOC-Nasir York" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{714CB444-815B-4337-A258-0405BDFC4269}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{714CB444-815B-4337-A258-0405BDFC4269}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GyazoUpdateTaskMachineDaily" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71F857FB-3485-4959-8BF0-5F837AF27086}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71F857FB-3485-4959-8BF0-5F837AF27086}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DropboxUpdateTaskMachineUA" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{77C644E1-D8E4-4A70-B10C-57779DBE9916}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77C644E1-D8E4-4A70-B10C-57779DBE9916}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CA2624A-CCD2-4501-A4F2-50A8DCC2E767}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CA2624A-CCD2-4501-A4F2-50A8DCC2E767}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9C841347-84DC-43E1-A316-61D9A8C64918}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C841347-84DC-43E1-A316-61D9A8C64918}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A2229CF2-762D-44BC-9F0C-6F0BF66A8005}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2229CF2-762D-44BC-9F0C-6F0BF66A8005}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\GpuFanHelper" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ACC8B202-AEF5-46D9-9947-C1F0CB2C12DB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ACC8B202-AEF5-46D9-9947-C1F0CB2C12DB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AFD54B92-18E3-4D56-853B-7C439EEBA02E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFD54B92-18E3-4D56-853B-7C439EEBA02E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\Push Notice Server Execute" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B656939C-E37D-4A40-9AC6-EB2AA7EC9C15}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B656939C-E37D-4A40-9AC6-EB2AA7EC9C15}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C161F3F9-3343-4892-A82B-B233761AE765}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C161F3F9-3343-4892-A82B-B233761AE765}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\ASUS Media Streamer DMR" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C64A0226-933F-4386-AA98-A4F73D3B5D74}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C64A0226-933F-4386-AA98-A4F73D3B5D74}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG_SYS_TASK_0615piz" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C790CDD9-3C0B-4E8A-AF45-E1E67A7D36E0}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C792B4C1-8EFA-4F9B-8E95-575080A6F7DF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C792B4C1-8EFA-4F9B-8E95-575080A6F7DF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player PPAPI Notifier" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C7CC324F-D821-4C23-866C-4FD39AC85EF9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7CC324F-D821-4C23-866C-4FD39AC85EF9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\ASUS AISuiteIII" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8DA042E-9920-4547-A363-7490216C8566}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8DA042E-9920-4547-A363-7490216C8566}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C90D22C1-31D4-47CD-AE57-D05F3C8FD951}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C90D22C1-31D4-47CD-AE57-D05F3C8FD951}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MicrosoftEdgeUpdateTaskMachineCore" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA03C619-D818-485E-A0BA-BF0B0A789496}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA03C619-D818-485E-A0BA-BF0B0A789496}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D319C04D-CA23-48D1-819C-E3B3F41768E8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D319C04D-CA23-48D1-819C-E3B3F41768E8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AviraSystemSpeedupUpdate" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D857C645-CDC5-467A-B8D4-21FBEAB54349}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D857C645-CDC5-467A-B8D4-21FBEAB54349}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG_SYS_TASK_0615piz_DELETE" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DDC035AF-43C1-4204-A507-DD7EC9271BEC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDC035AF-43C1-4204-A507-DD7EC9271BEC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1260EC0B-316C-479A-A0F7-D86CBFD9E973}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE71B6B2-6239-41B6-B984-19C5E4A9E9EB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE71B6B2-6239-41B6-B984-19C5E4A9E9EB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeGCInvoker-1.0" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DFEECB4B-3CAF-40A9-A70B-A2BFF0E48726}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFEECB4B-3CAF-40A9-A70B-A2BFF0E48726}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2937634-206E-448C-9988-C9D8D66527A6}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Intel\Intel Telemetry 2" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E33DBBCB-F6CA-4B54-BD54-5A66EE74E3C7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E33DBBCB-F6CA-4B54-BD54-5A66EE74E3C7}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E5B46CDB-D1A7-41E2-B6FA-F516A06828DB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5B46CDB-D1A7-41E2-B6FA-F516A06828DB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProtonVPN Update" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E7062269-51BE-44AA-85FA-64D519E0F7E0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7062269-51BE-44AA-85FA-64D519E0F7E0}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\StartupCheckLibrary" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E7CE0E71-48BC-4B4F-BDAD-DC4518533D75}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7CE0E71-48BC-4B4F-BDAD-DC4518533D75}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AsushomeCloudStart" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E85D5E25-2002-4CD1-8EA0-15C28378B806}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E85D5E25-2002-4CD1-8EA0-15C28378B806}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MSIAfterburner" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EDC3AFFA-C7AB-4945-9E0B-DE19277669C9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EDC3AFFA-C7AB-4945-9E0B-DE19277669C9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled assistant Autoupdate 1576754934" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F25A667C-8EE0-45EB-AA6B-BEFE29FADF6E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F25A667C-8EE0-45EB-AA6B-BEFE29FADF6E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\S-1-5-21-412816286-677371127-1562832458-1001\DataSenseLiveTileTask" => removed successfully
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft..../?LinkId=69157"=> value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft..../?LinkId=69157"=> value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft..../?LinkId=54896"=> value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft..../?LinkId=54896"=> value restored successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{159ff5d5-55f1-4d2f-b706-767a55f77abb} => removed successfully
HKLM\Software\Classes\CLSID\{159ff5d5-55f1-4d2f-b706-767a55f77abb} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => removed successfully
HKLM\Software\Classes\CLSID\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{159ff5d5-55f1-4d2f-b706-767a55f77abb} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{159ff5d5-55f1-4d2f-b706-767a55f77abb} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}" => removed successfully
"HKLM\Software\Mozilla\Firefox\Extensions\\[email protected]" => removed successfully
"HKLM\Software\Mozilla\Firefox\Extensions\\[email protected]" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected]" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected]" => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf => removed successfully
HKLM\System\CurrentControlSet\Services\BDAuxSrv => removed successfully
BDAuxSrv => service removed successfully
HKLM\System\CurrentControlSet\Services\BDProtSrv => removed successfully
BDProtSrv => service removed successfully
BdVpnService => service not found.
ProductAgentService => service not found.
HKLM\System\CurrentControlSet\Services\UPDATESRV => removed successfully
UPDATESRV => service removed successfully
HKLM\System\CurrentControlSet\Services\VSSERV => removed successfully
VSSERV => service removed successfully
atc => Unable to stop service.
HKLM\System\CurrentControlSet\Services\atc => removed successfully
atc => service removed successfully
HKLM\System\CurrentControlSet\Services\BdDci => removed successfully
BdDci => service removed successfully
HKLM\System\CurrentControlSet\Services\Gemma => removed successfully
Gemma => service removed successfully
"HKLM\System\CurrentControlSet\Services\napagent" => removed successfully
napagent => service removed successfully
HKLM\System\CurrentControlSet\Services\VBAudioVMVAIOMME => removed successfully
VBAudioVMVAIOMME => service removed successfully
"C:\ProgramData\agent.1599865464.bdinstall.v2.bin" => not found
"C:\Program Files\Bitdefender Agent" => not found
"C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job" => not found
"C:\Users\Nasir York\Downloads\bitdefender_online (2).exe" => not found
"C:\Users\Nasir York\Downloads\bitdefender_online (1).exe" => not found
C:\ProgramData\cl.uninstall.1599855423.bdinstall.v2.bin => moved successfully
"C:\Users\Nasir York\Downloads\bitdefender_online.exe" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender VPN" => not found
"AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}" => removed successfully
"FW: Bitdefender Firewall (Disabled) {362C5A58-E860-6396-9204-BEEEF20CA463}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90160000-008C-0000-1000-0000000FF1CE}\\SystemComponent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90160000-007E-0000-1000-0000000FF1CE}\\SystemComponent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90160000-008C-0409-1000-0000000FF1CE}\\SystemComponent" => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FD703B01-4362-423E-9BDB-91BDCB16C1C9} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220} => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxDTCM => removed successfully
HKU\S-1-5-21-412816286-677371127-1562832458-1001\Software\Classes\Folder\ShellEx\ContextMenuHandlers\InventorMenu => removed successfully
C:\ProgramData\Reprise => ":jhqduwvxlctbqqijsf`usjbm`pgyjhinhqhifh" ADS removed successfully
C:\ProgramData\Reprise => ":jhqduwvxlctbqqijsf`usjbm`pgyjhiqhnhm" ADS removed successfully
C:\ProgramData\Reprise => ":jhqduwvxlctbqqijsf`usjbm`pgyjhjhhlik" ADS removed successfully
C:\Users\Nasir York\Application Data => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
C:\Users\Nasir York\Desktop\Twitch.lnk => ":com.dropbox.attrs" ADS removed successfully
"C:\Users\Nasir York\Downloads\OriginThinSetup.exe" => ":SmartScreen" ADS not found.
"C:\Users\Nasir York\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
HKU\S-1-5-21-412816286-677371127-1562832458-1001\Software\Classes\regfile => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\SunJavaUpdateSched" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6C85886A-C2D2-4451-89A6-D9DD8491538E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3E7FAE9A-D542-4EC4-BFC8-BA127B08C939}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6AD53E49-3B21-4776-B54B-02E8F608C385}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{19157D2D-30EA-497C-8431-3E0A839758D9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7317925F-42FC-4612-9F6A-579C7A97F732}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{671D1596-419B-4F3C-8BF9-187799E11ED1}" => removed successfully
 
========= mkdir C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer =========
 
 
========= End of CMD: =========
 
 
========= mkdir C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database =========
 
 
========= End of CMD: =========
 
 
========= DISM /Online /Cleanup-Image /RestoreHealth =========
 
 
Deployment Image Servicing and Management tool
Version: 10.0.18362.900
 
Image Version: 10.0.18362.1016
 
 
[==                         3.8%                           ] 
 
[==                         4.5%                           ] 
 
[===                        5.5%                           ] 
 
[===                        6.0%                           ] 
 
[===                        6.6%                           ] 
 
[====                       7.6%                           ] 
 
[====                       8.6%                           ] 
 
[=====                      9.6%                           ] 
 
[======                     10.6%                          ] 
 
[======                     11.5%                          ] 
 
[=======                    12.2%                          ] 
 
[=======                    13.1%                          ] 
 
[========                   14.0%                          ] 
 
[========                   15.0%                          ] 
 
[=========                  16.0%                          ] 
 
[=========                  17.0%                          ] 
 
[==========                 18.0%                          ] 
 
[==========                 18.9%                          ] 
 
[===========                19.9%                          ] 
 
[============               20.9%                          ] 
 
[============               21.9%                          ] 
 
[=============              22.9%                          ] 
 
[=============              23.8%                          ] 
 
[==============             24.8%                          ] 
 
[==============             25.6%                          ] 
 
[==============             25.8%                          ] 
 
[===============            26.4%                          ] 
 
[===============            26.9%                          ] 
 
[===============            27.1%                          ] 
 
[===============            27.2%                          ] 
 
[================           28.2%                          ] 
 
[================           29.1%                          ] 
 
[=================          30.1%                          ] 
 
[==================         31.1%                          ] 
 
[==================         32.1%                          ] 
 
[===================        33.1%                          ] 
 
[===================        34.0%                          ] 
 
[====================       35.0%                          ] 
 
[====================       36.0%                          ] 
 
[=====================      36.5%                          ] 
 
[=====================      37.5%                          ] 
 
[=====================      37.8%                          ] 
 
[======================     38.8%                          ] 
 
[======================     39.2%                          ] 
 
[======================     39.5%                          ] 
 
[=======================    40.4%                          ] 
 
[=======================    40.8%                          ] 
 
[========================   41.4%                          ] 
 
[========================   42.3%                          ] 
 
[========================   42.6%                          ] 
 
[=========================  43.3%                          ] 
 
[=========================  44.3%                          ] 
 
[=========================  44.5%                          ] 
 
[========================== 45.0%                          ] 
 
[========================== 45.1%                          ] 
 
[========================== 46.1%                          ] 
 
[===========================47.1%                          ] 
 
[===========================48.1%                          ] 
 
[===========================49.1%                          ] 
 
[===========================50.0%                          ] 
 
[===========================51.0%                          ] 
 
[===========================51.5%                          ] 
 
[===========================51.6%                          ] 
 
[===========================51.7%                          ] 
 
[===========================51.8%                          ] 
 
[===========================51.8%                          ] 
 
[===========================51.8%                          ] 
 
[===========================51.8%                          ] 
 
[===========================51.9%                          ] 
 
[===========================52.0%                          ] 
 
[===========================52.1%                          ] 
 
[===========================52.1%                          ] 
 
[===========================52.2%                          ] 
 
[===========================52.2%                          ] 
 
[===========================52.3%                          ] 
 
[===========================52.4%                          ] 
 
[===========================52.5%                          ] 
 
[===========================52.5%                          ] 
 
[===========================52.5%                          ] 
 
[===========================52.5%                          ] 
 
[===========================52.5%                          ] 
 
[===========================52.6%                          ] 
 
[===========================52.6%                          ] 
 
[===========================52.6%                          ] 
 
[===========================52.7%                          ] 
 
[===========================52.7%                          ] 
 
[===========================52.8%                          ] 
 
[===========================52.8%                          ] 
 
[===========================53.0%                          ] 
 
[===========================53.1%                          ] 
 
[===========================53.2%                          ] 
 
[===========================53.2%                          ] 
 
[===========================53.4%                          ] 
 
[===========================53.4%                          ] 
 
[===========================53.5%                          ] 
 
[===========================54.5%                          ] 
 
[===========================55.5%                          ] 
 
[===========================55.8%                          ] 
 
[===========================56.8%                          ] 
 
[===========================57.8%=                         ] 
 
[===========================58.8%==                        ] 
 
[===========================59.8%==                        ] 
 
[===========================62.3%====                      ] 
 
[===========================84.9%=================         ] 
 
[==========================100.0%==========================] 
The restore operation completed successfully.
The operation completed successfully.
 
========= End of CMD: =========
 
 
========= SFC /scannow =========
 
 
 
Beginning system scan.  This process will take some time.
 
 
 
Beginning verification phase of system scan.
 
 
Verification 0% complete.
Verification 1% complete.
Verification 1% complete.
Verification 2% complete.
Verification 2% complete.
Verification 3% complete.
Verification 4% complete.
Verification 4% complete.
Verification 5% complete.
Verification 5% complete.
Verification 6% complete.
Verification 6% complete.
Verification 7% complete.
Verification 8% complete.
Verification 8% complete.
Verification 9% complete.
Verification 9% complete.
Verification 10% complete.
Verification 11% complete.
Verification 11% complete.
Verification 12% complete.
Verification 12% complete.
Verification 13% complete.
Verification 13% complete.
Verification 14% complete.
Verification 15% complete.
Verification 15% complete.
Verification 16% complete.
Verification 16% complete.
Verification 17% complete.
Verification 18% complete.
Verification 18% complete.
Verification 19% complete.
Verification 19% complete.
Verification 20% complete.
Verification 20% complete.
Verification 21% complete.
Verification 22% complete.
Verification 22% complete.
Verification 23% complete.
Verification 23% complete.
Verification 24% complete.
Verification 25% complete.
Verification 25% complete.
Verification 26% complete.
Verification 26% complete.
Verification 27% complete.
Verification 27% complete.
Verification 28% complete.
Verification 29% complete.
Verification 29% complete.
Verification 30% complete.
Verification 30% complete.
Verification 31% complete.
Verification 32% complete.
Verification 32% complete.
Verification 33% complete.
Verification 33% complete.
Verification 34% complete.
Verification 34% complete.
Verification 35% complete.
Verification 36% complete.
Verification 36% complete.
Verification 37% complete.
Verification 37% complete.
Verification 38% complete.
Verification 39% complete.
Verification 39% complete.
Verification 40% complete.
Verification 40% complete.
Verification 41% complete.
Verification 41% complete.
Verification 42% complete.
Verification 43% complete.
Verification 43% complete.
Verification 44% complete.
Verification 44% complete.
Verification 45% complete.
Verification 46% complete.
Verification 46% complete.
Verification 47% complete.
Verification 47% complete.
Verification 48% complete.
Verification 48% complete.
Verification 49% complete.
Verification 50% complete.
Verification 50% complete.
Verification 51% complete.
Verification 51% complete.
Verification 52% complete.
Verification 53% complete.
Verification 53% complete.
Verification 54% complete.
Verification 54% complete.
Verification 55% complete.
Verification 55% complete.
Verification 56% complete.
Verification 57% complete.
Verification 57% complete.
Verification 58% complete.
Verification 58% complete.
Verification 59% complete.
Verification 60% complete.
Verification 60% complete.
Verification 61% complete.
Verification 61% complete.
Verification 62% complete.
Verification 62% complete.
Verification 63% complete.
Verification 64% complete.
Verification 64% complete.
Verification 65% complete.
Verification 65% complete.
Verification 66% complete.
Verification 67% complete.
Verification 67% complete.
Verification 68% complete.
Verification 68% complete.
Verification 69% complete.
Verification 69% complete.
Verification 70% complete.
Verification 71% complete.
Verification 71% complete.
Verification 72% complete.
Verification 72% complete.
Verification 73% complete.
Verification 74% complete.
Verification 74% complete.
Verification 75% complete.
Verification 75% complete.
Verification 76% complete.
Verification 76% complete.
Verification 77% complete.
Verification 78% complete.
Verification 78% complete.
Verification 79% complete.
Verification 79% complete.
Verification 80% complete.
Verification 81% complete.
Verification 81% complete.
Verification 82% complete.
Verification 82% complete.
Verification 83% complete.
Verification 83% complete.
Verification 84% complete.
Verification 85% complete.
Verification 85% complete.
Verification 86% complete.
Verification 86% complete.
Verification 87% complete.
Verification 88% complete.
Verification 88% complete.
Verification 89% complete.
Verification 89% complete.
Verification 90% complete.
Verification 90% complete.
Verification 91% complete.
Verification 92% complete.
Verification 92% complete.
Verification 93% complete.
Verification 93% complete.
Verification 94% complete.
Verification 95% complete.
Verification 95% complete.
Verification 96% complete.
Verification 96% complete.
Verification 97% complete.
Verification 97% complete.
Verification 98% complete.
Verification 99% complete.
Verification 99% complete.
Verification 100% complete.
 
 
Windows Resource Protection found corrupt files and successfully repaired them.
 
For online repairs, details are included in the CBS log file located at
 
windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline
 
repairs, details are included in the log file provided by the /OFFLOGFILE flag.
 
 
========= End of CMD: =========
 
 
========= findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log =========
 
2020-09-12 17:43:39, Info                  CSI    0000000f [SR] Verifying 100 components
2020-09-12 17:43:39, Info                  CSI    00000010 [SR] Beginning Verify and Repair transaction
2020-09-12 17:43:39, Info                  CSI    00000011 [SR] Verify complete
2020-09-12 17:43:39, Info                  CSI    00000012 [SR] Verifying 100 components
2020-09-12 17:43:39, Info                  CSI    00000013 [SR] Beginning Verify and Repair transaction
2020-09-12 17:43:39, Info                  CSI    00000014 [SR] Verify complete
2020-09-12 17:43:39, Info                  CSI    00000015 [SR] Verifying 100 components
2020-09-12 17:43:39, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2020-09-12 17:43:40, Info                  CSI    00000017 [SR] Verify complete
2020-09-12 17:43:40, Info                  CSI    00000018 [SR] Verifying 100 components
2020-09-12 17:43:40, Info                  CSI    00000019 [SR] Beginning Verify and Repair transaction
2020-09-12 17:43:40, Info                  CSI    0000001a [SR] Verify complete
2020-09-12 17:43:40, Info                  CSI    0000001b [SR] Verifying 100 components
2020-09-12 17:43:40, Info                  CSI    0000001c [SR] Beginning Verify and Repair transaction
2020-09-12 17:43:41, Info                  CSI    0000001e [SR] Verify complete
2020-09-12 17:43:41, Info                  CSI    0000001f [SR] Verifying 100 components
2020-09-12 17:43:41, Info                  CSI    00000020 [SR] Beginning Verify and Repair transaction
2020-09-12 17:43:41, Info                  CSI    00000021 [SR] Verify complete
2020-09-12 17:43:41, Info                  CSI    00000022 [SR] Verifying 100 components
2020-09-12 17:43:41, Info                  CSI    00000023 [SR] Beginning Verify and Repair transaction
2020-09-12 17:43:41, Info                  CSI    00000024 [SR] Verify complete
2020-09-12 17:43:41, Info                  CSI    00000025 [SR] Verifying 100 components
2020-09-12 17:43:41, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2020-09-12 17:43:42, Info                  CSI    00000027 [SR] Verify complete
2020-09-12 17:43:42, Info                  CSI    00000028 [SR] Verifying 100 components
2020-09-12 17:43:42, Info                  CSI    00000029 [SR] Beginning Verify and Repair transaction
2020-09-12 17:43:43, Info                  CSI    0000002a [SR] Verify complete
2020-09-12 17:43:43, Info                  CSI    0000002b [SR] Verifying 100 components
2020-09-12 17:43:43, Info                  CSI    0000002c [SR] Beginning Verify and Repair transaction
2020-09-12 17:43:45, Info                  CSI    0000002d [SR] Verify complete
2020-09-12 17:43:45, Info                  CSI    0000002e [SR] Verifying 100 components
2020-09-12 17:43:45, Info                  CSI    0000002f [SR] Beginning Verify and Repair transaction
2020-09-12 17:43:46, Info                  CSI    00000030 [SR] Verify complete
2020-09-12 17:43:47, Info                  CSI    00000031 [SR] Verifying 100 components
2020-09-12 17:43:47, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2020-09-12 17:43:51, Info                  CSI    00000033 [SR] Verify complete
2020-09-12 17:43:51, Info                  CSI    00000034 [SR] Verifying 100 components
2020-09-12 17:43:51, Info                  CSI    00000035 [SR] Beginning Verify and Repair transaction
2020-09-12 17:43:56, Info                  CSI    00000036 [SR] Verify complete
2020-09-12 17:43:56, Info                  CSI    00000037 [SR] Verifying 100 components
2020-09-12 17:43:56, Info                  CSI    00000038 [SR] Beginning Verify and Repair transaction
2020-09-12 17:43:57, Info                  CSI    00000039 [SR] Verify complete
2020-09-12 17:43:57, Info                  CSI    0000003a [SR] Verifying 100 components
2020-09-12 17:43:57, Info                  CSI    0000003b [SR] Beginning Verify and Repair transaction
2020-09-12 17:43:57, Info                  CSI    0000003c [SR] Verify complete
2020-09-12 17:43:57, Info                  CSI    0000003d [SR] Verifying 100 components
2020-09-12 17:43:57, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2020-09-12 17:43:58, Info                  CSI    0000003f [SR] Verify complete
2020-09-12 17:43:58, Info                  CSI    00000040 [SR] Verifying 100 components
2020-09-12 17:43:58, Info                  CSI    00000041 [SR] Beginning Verify and Repair transaction
2020-09-12 17:43:59, Info                  CSI    00000043 [SR] Verify complete
2020-09-12 17:43:59, Info                  CSI    00000044 [SR] Verifying 100 components
2020-09-12 17:43:59, Info                  CSI    00000045 [SR] Beginning Verify and Repair transaction
2020-09-12 17:43:59, Info                  CSI    00000046 [SR] Verify complete
2020-09-12 17:44:00, Info                  CSI    00000047 [SR] Verifying 100 components
2020-09-12 17:44:00, Info                  CSI    00000048 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:00, Info                  CSI    00000049 [SR] Verify complete
2020-09-12 17:44:00, Info                  CSI    0000004a [SR] Verifying 100 components
2020-09-12 17:44:00, Info                  CSI    0000004b [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:01, Info                  CSI    0000004c [SR] Verify complete
2020-09-12 17:44:01, Info                  CSI    0000004d [SR] Verifying 100 components
2020-09-12 17:44:01, Info                  CSI    0000004e [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:02, Info                  CSI    0000004f [SR] Verify complete
2020-09-12 17:44:02, Info                  CSI    00000050 [SR] Verifying 100 components
2020-09-12 17:44:02, Info                  CSI    00000051 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:04, Info                  CSI    00000052 [SR] Verify complete
2020-09-12 17:44:04, Info                  CSI    00000053 [SR] Verifying 100 components
2020-09-12 17:44:04, Info                  CSI    00000054 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:05, Info                  CSI    00000055 [SR] Verify complete
2020-09-12 17:44:05, Info                  CSI    00000056 [SR] Verifying 100 components
2020-09-12 17:44:05, Info                  CSI    00000057 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:05, Info                  CSI    00000058 [SR] Verify complete
2020-09-12 17:44:06, Info                  CSI    00000059 [SR] Verifying 100 components
2020-09-12 17:44:06, Info                  CSI    0000005a [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:06, Info                  CSI    0000005b [SR] Verify complete
2020-09-12 17:44:06, Info                  CSI    0000005c [SR] Verifying 100 components
2020-09-12 17:44:06, Info                  CSI    0000005d [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:07, Info                  CSI    0000005e [SR] Verify complete
2020-09-12 17:44:07, Info                  CSI    0000005f [SR] Verifying 100 components
2020-09-12 17:44:07, Info                  CSI    00000060 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:09, Info                  CSI    00000062 [SR] Verify complete
2020-09-12 17:44:09, Info                  CSI    00000063 [SR] Verifying 100 components
2020-09-12 17:44:09, Info                  CSI    00000064 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:10, Info                  CSI    00000065 [SR] Verify complete
2020-09-12 17:44:10, Info                  CSI    00000066 [SR] Verifying 100 components
2020-09-12 17:44:10, Info                  CSI    00000067 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:11, Info                  CSI    00000068 [SR] Verify complete
2020-09-12 17:44:11, Info                  CSI    00000069 [SR] Verifying 100 components
2020-09-12 17:44:11, Info                  CSI    0000006a [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:11, Info                  CSI    0000006b [SR] Verify complete
2020-09-12 17:44:11, Info                  CSI    0000006c [SR] Verifying 100 components
2020-09-12 17:44:11, Info                  CSI    0000006d [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:12, Info                  CSI    0000006e [SR] Verify complete
2020-09-12 17:44:12, Info                  CSI    0000006f [SR] Verifying 100 components
2020-09-12 17:44:12, Info                  CSI    00000070 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:13, Info                  CSI    00000072 [SR] Verify complete
2020-09-12 17:44:13, Info                  CSI    00000073 [SR] Verifying 100 components
2020-09-12 17:44:13, Info                  CSI    00000074 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:13, Info                  CSI    00000075 [SR] Verify complete
2020-09-12 17:44:13, Info                  CSI    00000076 [SR] Verifying 100 components
2020-09-12 17:44:13, Info                  CSI    00000077 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:14, Info                  CSI    00000078 [SR] Verify complete
2020-09-12 17:44:14, Info                  CSI    00000079 [SR] Verifying 100 components
2020-09-12 17:44:14, Info                  CSI    0000007a [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:14, Info                  CSI    0000007b [SR] Verify complete
2020-09-12 17:44:14, Info                  CSI    0000007c [SR] Verifying 100 components
2020-09-12 17:44:14, Info                  CSI    0000007d [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:15, Info                  CSI    0000007e [SR] Verify complete
2020-09-12 17:44:15, Info                  CSI    0000007f [SR] Verifying 100 components
2020-09-12 17:44:15, Info                  CSI    00000080 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:16, Info                  CSI    00000081 [SR] Verify complete
2020-09-12 17:44:16, Info                  CSI    00000082 [SR] Verifying 100 components
2020-09-12 17:44:16, Info                  CSI    00000083 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:17, Info                  CSI    00000086 [SR] Verify complete
2020-09-12 17:44:17, Info                  CSI    00000087 [SR] Verifying 100 components
2020-09-12 17:44:17, Info                  CSI    00000088 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:19, Info                  CSI    0000008a [SR] Verify complete
2020-09-12 17:44:19, Info                  CSI    0000008b [SR] Verifying 100 components
2020-09-12 17:44:19, Info                  CSI    0000008c [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:20, Info                  CSI    0000008d [SR] Verify complete
2020-09-12 17:44:20, Info                  CSI    0000008e [SR] Verifying 100 components
2020-09-12 17:44:20, Info                  CSI    0000008f [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:21, Info                  CSI    00000094 [SR] Verify complete
2020-09-12 17:44:21, Info                  CSI    00000095 [SR] Verifying 100 components
2020-09-12 17:44:21, Info                  CSI    00000096 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:23, Info                  CSI    00000098 [SR] Verify complete
2020-09-12 17:44:23, Info                  CSI    00000099 [SR] Verifying 100 components
2020-09-12 17:44:23, Info                  CSI    0000009a [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:25, Info                  CSI    0000009e [SR] Verify complete
2020-09-12 17:44:25, Info                  CSI    0000009f [SR] Verifying 100 components
2020-09-12 17:44:25, Info                  CSI    000000a0 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:26, Info                  CSI    000000a1 [SR] Verify complete
2020-09-12 17:44:26, Info                  CSI    000000a2 [SR] Verifying 100 components
2020-09-12 17:44:26, Info                  CSI    000000a3 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:27, Info                  CSI    000000a4 [SR] Verify complete
2020-09-12 17:44:27, Info                  CSI    000000a5 [SR] Verifying 100 components
2020-09-12 17:44:27, Info                  CSI    000000a6 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:28, Info                  CSI    000000a9 [SR] Verify complete
2020-09-12 17:44:28, Info                  CSI    000000aa [SR] Verifying 100 components
2020-09-12 17:44:28, Info                  CSI    000000ab [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:29, Info                  CSI    000000ac [SR] Verify complete
2020-09-12 17:44:29, Info                  CSI    000000ad [SR] Verifying 100 components
2020-09-12 17:44:29, Info                  CSI    000000ae [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:29, Info                  CSI    000000af [SR] Verify complete
2020-09-12 17:44:29, Info                  CSI    000000b0 [SR] Verifying 100 components
2020-09-12 17:44:29, Info                  CSI    000000b1 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:30, Info                  CSI    000000b2 [SR] Verify complete
2020-09-12 17:44:30, Info                  CSI    000000b3 [SR] Verifying 100 components
2020-09-12 17:44:30, Info                  CSI    000000b4 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:31, Info                  CSI    000000b5 [SR] Verify complete
2020-09-12 17:44:31, Info                  CSI    000000b6 [SR] Verifying 100 components
2020-09-12 17:44:31, Info                  CSI    000000b7 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:32, Info                  CSI    000000b9 [SR] Verify complete
2020-09-12 17:44:32, Info                  CSI    000000ba [SR] Verifying 100 components
2020-09-12 17:44:32, Info                  CSI    000000bb [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:34, Info                  CSI    000000be [SR] Verify complete
2020-09-12 17:44:34, Info                  CSI    000000bf [SR] Verifying 100 components
2020-09-12 17:44:34, Info                  CSI    000000c0 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:34, Info                  CSI    000000c1 [SR] Verify complete
2020-09-12 17:44:34, Info                  CSI    000000c2 [SR] Verifying 100 components
2020-09-12 17:44:34, Info                  CSI    000000c3 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:35, Info                  CSI    000000c4 [SR] Verify complete
2020-09-12 17:44:35, Info                  CSI    000000c5 [SR] Verifying 100 components
2020-09-12 17:44:35, Info                  CSI    000000c6 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:35, Info                  CSI    000000c7 [SR] Verify complete
2020-09-12 17:44:35, Info                  CSI    000000c8 [SR] Verifying 100 components
2020-09-12 17:44:35, Info                  CSI    000000c9 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:36, Info                  CSI    000000ca [SR] Verify complete
2020-09-12 17:44:36, Info                  CSI    000000cb [SR] Verifying 100 components
2020-09-12 17:44:36, Info                  CSI    000000cc [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:37, Info                  CSI    000000cd [SR] Verify complete
2020-09-12 17:44:37, Info                  CSI    000000ce [SR] Verifying 100 components
2020-09-12 17:44:37, Info                  CSI    000000cf [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:37, Info                  CSI    000000d1 [SR] Verify complete
2020-09-12 17:44:38, Info                  CSI    000000d2 [SR] Verifying 100 components
2020-09-12 17:44:38, Info                  CSI    000000d3 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:38, Info                  CSI    000000d5 [SR] Verify complete
2020-09-12 17:44:39, Info                  CSI    000000d6 [SR] Verifying 100 components
2020-09-12 17:44:39, Info                  CSI    000000d7 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:41, Info                  CSI    000000db [SR] Verify complete
2020-09-12 17:44:42, Info                  CSI    000000dc [SR] Verifying 100 components
2020-09-12 17:44:42, Info                  CSI    000000dd [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:42, Info                  CSI    000000de [SR] Verify complete
2020-09-12 17:44:42, Info                  CSI    000000df [SR] Verifying 100 components
2020-09-12 17:44:42, Info                  CSI    000000e0 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:43, Info                  CSI    000000e1 [SR] Verify complete
2020-09-12 17:44:43, Info                  CSI    000000e2 [SR] Verifying 100 components
2020-09-12 17:44:43, Info                  CSI    000000e3 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:44, Info                  CSI    000000e4 [SR] Verify complete
2020-09-12 17:44:44, Info                  CSI    000000e5 [SR] Verifying 100 components
2020-09-12 17:44:44, Info                  CSI    000000e6 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:45, Info                  CSI    000000e7 [SR] Verify complete
2020-09-12 17:44:45, Info                  CSI    000000e8 [SR] Verifying 100 components
2020-09-12 17:44:45, Info                  CSI    000000e9 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:46, Info                  CSI    000000ea [SR] Verify complete
2020-09-12 17:44:46, Info                  CSI    000000eb [SR] Verifying 100 components
2020-09-12 17:44:46, Info                  CSI    000000ec [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:47, Info                  CSI    000000ed [SR] Verify complete
2020-09-12 17:44:47, Info                  CSI    000000ee [SR] Verifying 100 components
2020-09-12 17:44:47, Info                  CSI    000000ef [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:48, Info                  CSI    000000f0 [SR] Verify complete
2020-09-12 17:44:48, Info                  CSI    000000f1 [SR] Verifying 100 components
2020-09-12 17:44:48, Info                  CSI    000000f2 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:49, Info                  CSI    000000f3 [SR] Verify complete
2020-09-12 17:44:49, Info                  CSI    000000f4 [SR] Verifying 100 components
2020-09-12 17:44:49, Info                  CSI    000000f5 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:49, Info                  CSI    000000f6 [SR] Verify complete
2020-09-12 17:44:49, Info                  CSI    000000f7 [SR] Verifying 100 components
2020-09-12 17:44:49, Info                  CSI    000000f8 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:50, Info                  CSI    000000f9 [SR] Verify complete
2020-09-12 17:44:50, Info                  CSI    000000fa [SR] Verifying 100 components
2020-09-12 17:44:50, Info                  CSI    000000fb [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:50, Info                  CSI    000000fc [SR] Verify complete
2020-09-12 17:44:51, Info                  CSI    000000fd [SR] Verifying 100 components
2020-09-12 17:44:51, Info                  CSI    000000fe [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:51, Info                  CSI    000000ff [SR] Verify complete
2020-09-12 17:44:51, Info                  CSI    00000100 [SR] Verifying 100 components
2020-09-12 17:44:51, Info                  CSI    00000101 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:52, Info                  CSI    00000102 [SR] Verify complete
2020-09-12 17:44:52, Info                  CSI    00000103 [SR] Verifying 100 components
2020-09-12 17:44:52, Info                  CSI    00000104 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:52, Info                  CSI    00000105 [SR] Verify complete
2020-09-12 17:44:53, Info                  CSI    00000106 [SR] Verifying 100 components
2020-09-12 17:44:53, Info                  CSI    00000107 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:53, Info                  CSI    00000108 [SR] Verify complete
2020-09-12 17:44:53, Info                  CSI    00000109 [SR] Verifying 100 components
2020-09-12 17:44:53, Info                  CSI    0000010a [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:54, Info                  CSI    0000010b [SR] Verify complete
2020-09-12 17:44:54, Info                  CSI    0000010c [SR] Verifying 100 components
2020-09-12 17:44:54, Info                  CSI    0000010d [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:54, Info                  CSI    0000010e [SR] Verify complete
2020-09-12 17:44:54, Info                  CSI    0000010f [SR] Verifying 100 components
2020-09-12 17:44:54, Info                  CSI    00000110 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:55, Info                  CSI    00000111 [SR] Verify complete
2020-09-12 17:44:55, Info                  CSI    00000112 [SR] Verifying 100 components
2020-09-12 17:44:55, Info                  CSI    00000113 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:56, Info                  CSI    00000114 [SR] Verify complete
2020-09-12 17:44:56, Info                  CSI    00000115 [SR] Verifying 100 components
2020-09-12 17:44:56, Info                  CSI    00000116 [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:57, Info                  CSI    00000118 [SR] Verify complete
2020-09-12 17:44:57, Info                  CSI    00000119 [SR] Verifying 100 components
2020-09-12 17:44:57, Info                  CSI    0000011a [SR] Beginning Verify and Repair transaction
2020-09-12 17:44:58, Info                  CSI    0000011b [SR] Verify complete
2020-09-12 17:44:58, Info                  CSI    0000011c [SR] Verifying 100 components
2020-09-12 17:44:58, Info                  CSI    0000011d [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:00, Info                  CSI    00000123 [SR] Verify complete
2020-09-12 17:45:00, Info                  CSI    00000124 [SR] Verifying 100 components
2020-09-12 17:45:00, Info                  CSI    00000125 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:03, Info                  CSI    00000127 [SR] Verify complete
2020-09-12 17:45:03, Info                  CSI    00000128 [SR] Verifying 100 components
2020-09-12 17:45:03, Info                  CSI    00000129 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:04, Info                  CSI    0000012a [SR] Verify complete
2020-09-12 17:45:04, Info                  CSI    0000012b [SR] Verifying 100 components
2020-09-12 17:45:04, Info                  CSI    0000012c [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:05, Info                  CSI    0000012d [SR] Verify complete
2020-09-12 17:45:05, Info                  CSI    0000012e [SR] Verifying 100 components
2020-09-12 17:45:05, Info                  CSI    0000012f [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:06, Info                  CSI    00000131 [SR] Verify complete
2020-09-12 17:45:06, Info                  CSI    00000132 [SR] Verifying 100 components
2020-09-12 17:45:06, Info                  CSI    00000133 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:08, Info                  CSI    00000135 [SR] Verify complete
2020-09-12 17:45:08, Info                  CSI    00000136 [SR] Verifying 100 components
2020-09-12 17:45:08, Info                  CSI    00000137 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:09, Info                  CSI    00000138 [SR] Verify complete
2020-09-12 17:45:09, Info                  CSI    00000139 [SR] Verifying 100 components
2020-09-12 17:45:09, Info                  CSI    0000013a [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:10, Info                  CSI    0000013b [SR] Verify complete
2020-09-12 17:45:10, Info                  CSI    0000013c [SR] Verifying 100 components
2020-09-12 17:45:10, Info                  CSI    0000013d [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:12, Info                  CSI    0000013f [SR] Verify complete
2020-09-12 17:45:12, Info                  CSI    00000140 [SR] Verifying 100 components
2020-09-12 17:45:12, Info                  CSI    00000141 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:12, Info                  CSI    00000142 [SR] Verify complete
2020-09-12 17:45:12, Info                  CSI    00000143 [SR] Verifying 100 components
2020-09-12 17:45:12, Info                  CSI    00000144 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:13, Info                  CSI    00000145 [SR] Verify complete
2020-09-12 17:45:13, Info                  CSI    00000146 [SR] Verifying 100 components
2020-09-12 17:45:13, Info                  CSI    00000147 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:13, Info                  CSI    00000148 [SR] Verify complete
2020-09-12 17:45:13, Info                  CSI    00000149 [SR] Verifying 100 components
2020-09-12 17:45:13, Info                  CSI    0000014a [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:14, Info                  CSI    0000014b [SR] Verify complete
2020-09-12 17:45:14, Info                  CSI    0000014c [SR] Verifying 100 components
2020-09-12 17:45:14, Info                  CSI    0000014d [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:15, Info                  CSI    0000014f [SR] Verify complete
2020-09-12 17:45:15, Info                  CSI    00000150 [SR] Verifying 100 components
2020-09-12 17:45:15, Info                  CSI    00000151 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:16, Info                  CSI    00000152 [SR] Verify complete
2020-09-12 17:45:16, Info                  CSI    00000153 [SR] Verifying 100 components
2020-09-12 17:45:16, Info                  CSI    00000154 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:17, Info                  CSI    00000155 [SR] Verify complete
2020-09-12 17:45:17, Info                  CSI    00000156 [SR] Verifying 100 components
2020-09-12 17:45:17, Info                  CSI    00000157 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:18, Info                  CSI    00000158 [SR] Verify complete
2020-09-12 17:45:18, Info                  CSI    00000159 [SR] Verifying 100 components
2020-09-12 17:45:18, Info                  CSI    0000015a [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:19, Info                  CSI    0000015b [SR] Verify complete
2020-09-12 17:45:19, Info                  CSI    0000015c [SR] Verifying 100 components
2020-09-12 17:45:19, Info                  CSI    0000015d [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:19, Info                  CSI    0000015e [SR] Verify complete
2020-09-12 17:45:19, Info                  CSI    0000015f [SR] Verifying 100 components
2020-09-12 17:45:19, Info                  CSI    00000160 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:20, Info                  CSI    00000161 [SR] Verify complete
2020-09-12 17:45:20, Info                  CSI    00000162 [SR] Verifying 100 components
2020-09-12 17:45:20, Info                  CSI    00000163 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:20, Info                  CSI    00000164 [SR] Verify complete
2020-09-12 17:45:20, Info                  CSI    00000165 [SR] Verifying 100 components
2020-09-12 17:45:20, Info                  CSI    00000166 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:21, Info                  CSI    00000167 [SR] Verify complete
2020-09-12 17:45:21, Info                  CSI    00000168 [SR] Verifying 100 components
2020-09-12 17:45:21, Info                  CSI    00000169 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:22, Info                  CSI    0000016a [SR] Verify complete
2020-09-12 17:45:22, Info                  CSI    0000016b [SR] Verifying 100 components
2020-09-12 17:45:22, Info                  CSI    0000016c [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:23, Info                  CSI    0000016e [SR] Verify complete
2020-09-12 17:45:23, Info                  CSI    0000016f [SR] Verifying 100 components
2020-09-12 17:45:23, Info                  CSI    00000170 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:24, Info                  CSI    00000172 [SR] Verify complete
2020-09-12 17:45:24, Info                  CSI    00000173 [SR] Verifying 100 components
2020-09-12 17:45:24, Info                  CSI    00000174 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:24, Info                  CSI    00000175 [SR] Verify complete
2020-09-12 17:45:25, Info                  CSI    00000176 [SR] Verifying 100 components
2020-09-12 17:45:25, Info                  CSI    00000177 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:25, Info                  CSI    00000178 [SR] Verify complete
2020-09-12 17:45:25, Info                  CSI    00000179 [SR] Verifying 100 components
2020-09-12 17:45:25, Info                  CSI    0000017a [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:26, Info                  CSI    0000017b [SR] Verify complete
2020-09-12 17:45:26, Info                  CSI    0000017c [SR] Verifying 100 components
2020-09-12 17:45:26, Info                  CSI    0000017d [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:27, Info                  CSI    0000017e [SR] Verify complete
2020-09-12 17:45:28, Info                  CSI    0000017f [SR] Verifying 100 components
2020-09-12 17:45:28, Info                  CSI    00000180 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:28, Info                  CSI    00000181 [SR] Verify complete
2020-09-12 17:45:28, Info                  CSI    00000182 [SR] Verifying 100 components
2020-09-12 17:45:28, Info                  CSI    00000183 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:29, Info                  CSI    00000184 [SR] Verify complete
2020-09-12 17:45:29, Info                  CSI    00000185 [SR] Verifying 100 components
2020-09-12 17:45:29, Info                  CSI    00000186 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:30, Info                  CSI    00000187 [SR] Verify complete
2020-09-12 17:45:30, Info                  CSI    00000188 [SR] Verifying 100 components
2020-09-12 17:45:30, Info                  CSI    00000189 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:30, Info                  CSI    0000018a [SR] Verify complete
2020-09-12 17:45:30, Info                  CSI    0000018b [SR] Verifying 100 components
2020-09-12 17:45:30, Info                  CSI    0000018c [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:31, Info                  CSI    0000018d [SR] Verify complete
2020-09-12 17:45:31, Info                  CSI    0000018e [SR] Verifying 100 components
2020-09-12 17:45:31, Info                  CSI    0000018f [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:32, Info                  CSI    00000191 [SR] Verify complete
2020-09-12 17:45:33, Info                  CSI    00000192 [SR] Verifying 100 components
2020-09-12 17:45:33, Info                  CSI    00000193 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:33, Info                  CSI    00000194 [SR] Verify complete
2020-09-12 17:45:33, Info                  CSI    00000195 [SR] Verifying 100 components
2020-09-12 17:45:33, Info                  CSI    00000196 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:34, Info                  CSI    00000197 [SR] Verify complete
2020-09-12 17:45:34, Info                  CSI    00000198 [SR] Verifying 100 components
2020-09-12 17:45:34, Info                  CSI    00000199 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:34, Info                  CSI    0000019a [SR] Verify complete
2020-09-12 17:45:34, Info                  CSI    0000019b [SR] Verifying 100 components
2020-09-12 17:45:34, Info                  CSI    0000019c [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:35, Info                  CSI    0000019d [SR] Verify complete
2020-09-12 17:45:35, Info                  CSI    0000019e [SR] Verifying 100 components
2020-09-12 17:45:35, Info                  CSI    0000019f [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:35, Info                  CSI    000001a0 [SR] Verify complete
2020-09-12 17:45:35, Info                  CSI    000001a1 [SR] Verifying 100 components
2020-09-12 17:45:35, Info                  CSI    000001a2 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:36, Info                  CSI    000001a3 [SR] Verify complete
2020-09-12 17:45:36, Info                  CSI    000001a4 [SR] Verifying 100 components
2020-09-12 17:45:36, Info                  CSI    000001a5 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:37, Info                  CSI    000001a6 [SR] Verify complete
2020-09-12 17:45:37, Info                  CSI    000001a7 [SR] Verifying 100 components
2020-09-12 17:45:37, Info                  CSI    000001a8 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:37, Info                  CSI    000001a9 [SR] Verify complete
2020-09-12 17:45:38, Info                  CSI    000001aa [SR] Verifying 100 components
2020-09-12 17:45:38, Info                  CSI    000001ab [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:39, Info                  CSI    000001ad [SR] Verify complete
2020-09-12 17:45:39, Info                  CSI    000001ae [SR] Verifying 100 components
2020-09-12 17:45:39, Info                  CSI    000001af [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:39, Info                  CSI    000001b0 [SR] Verify complete
2020-09-12 17:45:39, Info                  CSI    000001b1 [SR] Verifying 100 components
2020-09-12 17:45:39, Info                  CSI    000001b2 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:40, Info                  CSI    000001b3 [SR] Verify complete
2020-09-12 17:45:40, Info                  CSI    000001b4 [SR] Verifying 100 components
2020-09-12 17:45:40, Info                  CSI    000001b5 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:41, Info                  CSI    000001b6 [SR] Verify complete
2020-09-12 17:45:41, Info                  CSI    000001b7 [SR] Verifying 100 components
2020-09-12 17:45:41, Info                  CSI    000001b8 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:41, Info                  CSI    000001b9 [SR] Verify complete
2020-09-12 17:45:42, Info                  CSI    000001ba [SR] Verifying 100 components
2020-09-12 17:45:42, Info                  CSI    000001bb [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:42, Info                  CSI    000001bc [SR] Verify complete
2020-09-12 17:45:42, Info                  CSI    000001bd [SR] Verifying 100 components
2020-09-12 17:45:42, Info                  CSI    000001be [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:43, Info                  CSI    000001bf [SR] Verify complete
2020-09-12 17:45:43, Info                  CSI    000001c0 [SR] Verifying 100 components
2020-09-12 17:45:43, Info                  CSI    000001c1 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:43, Info                  CSI    000001c2 [SR] Verify complete
2020-09-12 17:45:44, Info                  CSI    000001c3 [SR] Verifying 100 components
2020-09-12 17:45:44, Info                  CSI    000001c4 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:45, Info                  CSI    000001c6 [SR] Verify complete
2020-09-12 17:45:45, Info                  CSI    000001c7 [SR] Verifying 100 components
2020-09-12 17:45:45, Info                  CSI    000001c8 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:45, Info                  CSI    000001cc [SR] Verify complete
2020-09-12 17:45:46, Info                  CSI    000001cd [SR] Verifying 100 components
2020-09-12 17:45:46, Info                  CSI    000001ce [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:46, Info                  CSI    000001cf [SR] Verify complete
2020-09-12 17:45:46, Info                  CSI    000001d0 [SR] Verifying 100 components
2020-09-12 17:45:46, Info                  CSI    000001d1 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:47, Info                  CSI    000001d2 [SR] Verify complete
2020-09-12 17:45:47, Info                  CSI    000001d3 [SR] Verifying 100 components
2020-09-12 17:45:47, Info                  CSI    000001d4 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:47, Info                  CSI    000001d5 [SR] Verify complete
2020-09-12 17:45:47, Info                  CSI    000001d6 [SR] Verifying 100 components
2020-09-12 17:45:47, Info                  CSI    000001d7 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:47, Info                  CSI    000001d8 [SR] Verify complete
2020-09-12 17:45:47, Info                  CSI    000001d9 [SR] Verifying 100 components
2020-09-12 17:45:47, Info                  CSI    000001da [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:49, Info                  CSI    000001de [SR] Verify complete
2020-09-12 17:45:49, Info                  CSI    000001df [SR] Verifying 100 components
2020-09-12 17:45:49, Info                  CSI    000001e0 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:49, Info                  CSI    000001e1 [SR] Verify complete
2020-09-12 17:45:49, Info                  CSI    000001e2 [SR] Verifying 100 components
2020-09-12 17:45:49, Info                  CSI    000001e3 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:50, Info                  CSI    000001e4 [SR] Verify complete
2020-09-12 17:45:50, Info                  CSI    000001e5 [SR] Verifying 100 components
2020-09-12 17:45:50, Info                  CSI    000001e6 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:51, Info                  CSI    000001e7 [SR] Verify complete
2020-09-12 17:45:51, Info                  CSI    000001e8 [SR] Verifying 100 components
2020-09-12 17:45:51, Info                  CSI    000001e9 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:52, Info                  CSI    000001ea [SR] Verify complete
2020-09-12 17:45:52, Info                  CSI    000001eb [SR] Verifying 100 components
2020-09-12 17:45:52, Info                  CSI    000001ec [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:52, Info                  CSI    000001ed [SR] Verify complete
2020-09-12 17:45:52, Info                  CSI    000001ee [SR] Verifying 100 components
2020-09-12 17:45:52, Info                  CSI    000001ef [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:54, Info                  CSI    000001f0 [SR] Repairing corrupted file \??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\\OneDrive.lnk from store
2020-09-12 17:45:54, Info                  CSI    000001f2 [SR] Verify complete
2020-09-12 17:45:54, Info                  CSI    000001f3 [SR] Verifying 100 components
2020-09-12 17:45:54, Info                  CSI    000001f4 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:54, Info                  CSI    000001f5 [SR] Verify complete
2020-09-12 17:45:54, Info                  CSI    000001f6 [SR] Verifying 100 components
2020-09-12 17:45:54, Info                  CSI    000001f7 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:55, Info                  CSI    000001f8 [SR] Verify complete
2020-09-12 17:45:55, Info                  CSI    000001f9 [SR] Verifying 100 components
2020-09-12 17:45:55, Info                  CSI    000001fa [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:55, Info                  CSI    000001fb [SR] Verify complete
2020-09-12 17:45:55, Info                  CSI    000001fc [SR] Verifying 100 components
2020-09-12 17:45:55, Info                  CSI    000001fd [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:56, Info                  CSI    000001fe [SR] Verify complete
2020-09-12 17:45:56, Info                  CSI    000001ff [SR] Verifying 100 components
2020-09-12 17:45:56, Info                  CSI    00000200 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:57, Info                  CSI    00000201 [SR] Verify complete
2020-09-12 17:45:57, Info                  CSI    00000202 [SR] Verifying 100 components
2020-09-12 17:45:57, Info                  CSI    00000203 [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:58, Info                  CSI    00000208 [SR] Verify complete
2020-09-12 17:45:58, Info                  CSI    00000209 [SR] Verifying 100 components
2020-09-12 17:45:58, Info                  CSI    0000020a [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:59, Info                  CSI    0000020b [SR] Verify complete
2020-09-12 17:45:59, Info                  CSI    0000020c [SR] Verifying 100 components
2020-09-12 17:45:59, Info                  CSI    0000020d [SR] Beginning Verify and Repair transaction
2020-09-12 17:45:59, Info                  CSI    0000020e [SR] Verify complete
2020-09-12 17:45:59, Info                  CSI    0000020f [SR] Verifying 100 components
2020-09-12 17:45:59, Info                  CSI    00000210 [SR] Beginning Verify and Repair transaction
2020-09-12 17:46:00, Info                  CSI    00000211 [SR] Verify complete
2020-09-12 17:46:00, Info                  CSI    00000212 [SR] Verifying 100 components
2020-09-12 17:46:00, Info                  CSI    00000213 [SR] Beginning Verify and Repair transaction
2020-09-12 17:46:01, Info                  CSI    00000215 [SR] Verify complete
2020-09-12 17:46:01, Info                  CSI    00000216 [SR] Verifying 100 components
2020-09-12 17:46:01, Info                  CSI    00000217 [SR] Beginning Verify and Repair transaction
2020-09-12 17:46:02, Info                  CSI    00000218 [SR] Verify complete
2020-09-12 17:46:02, Info                  CSI    00000219 [SR] Verifying 100 components
2020-09-12 17:46:02, Info                  CSI    0000021a [SR] Beginning Verify and Repair transaction
2020-09-12 17:46:02, Info                  CSI    0000021b [SR] Verify complete
2020-09-12 17:46:03, Info                  CSI    0000021c [SR] Verifying 100 components
2020-09-12 17:46:03, Info                  CSI    0000021d [SR] Beginning Verify and Repair transaction
2020-09-12 17:46:03, Info                  CSI    0000021e [SR] Verify complete
2020-09-12 17:46:03, Info                  CSI    0000021f [SR] Verifying 100 components
2020-09-12 17:46:03, Info                  CSI    00000220 [SR] Beginning Verify and Repair transaction
2020-09-12 17:46:04, Info                  CSI    00000221 [SR] Verify complete
2020-09-12 17:46:04, Info                  CSI    00000222 [SR] Verifying 100 components
2020-09-12 17:46:04, Info                  CSI    00000223 [SR] Beginning Verify and Repair transaction
2020-09-12 17:46:05, Info                  CSI    00000224 [SR] Verify complete
2020-09-12 17:46:05, Info                  CSI    00000225 [SR] Verifying 100 components
2020-09-12 17:46:05, Info                  CSI    00000226 [SR] Beginning Verify and Repair transaction
2020-09-12 17:46:05, Info                  CSI    00000227 [SR] Verify complete
2020-09-12 17:46:05, Info                  CSI    00000228 [SR] Verifying 100 components
2020-09-12 17:46:05, Info                  CSI    00000229 [SR] Beginning Verify and Repair transaction
2020-09-12 17:46:06, Info                  CSI    0000022a [SR] Verify complete
2020-09-12 17:46:06, Info                  CSI    0000022b [SR] Verifying 100 components
2020-09-12 17:46:06, Info                  CSI    0000022c [SR] Beginning Verify and Repair transaction
2020-09-12 17:46:06, Info                  CSI    0000022d [SR] Verify complete
2020-09-12 17:46:07, Info                  CSI    0000022e [SR] Verifying 100 components
2020-09-12 17:46:07, Info                  CSI    0000022f [SR] Beginning Verify and Repair transaction
2020-09-12 17:46:07, Info                  CSI    00000230 [SR] Verify complete
2020-09-12 17:46:07, Info                  CSI    00000231 [SR] Verifying 100 components
2020-09-12 17:46:07, Info                  CSI    00000232 [SR] Beginning Verify and Repair transaction
2020-09-12 17:46:08, Info                  CSI    00000233 [SR] Verify complete
2020-09-12 17:46:08, Info                  CSI    00000234 [SR] Verifying 100 components
2020-09-12 17:46:08, Info                  CSI    00000235 [SR] Beginning Verify and Repair transaction
2020-09-12 17:46:08, Info                  CSI    00000236 [SR] Verify complete
2020-09-12 17:46:08, Info                  CSI    00000237 [SR] Verifying 100 components
2020-09-12 17:46:08, Info                  CSI    00000238 [SR] Beginning Verify and Repair transaction
2020-09-12 17:46:09, Info                  CSI    0000023a [SR] Repairing corrupted file \??\C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\\mscormmc.dll from store
2020-09-12 17:46:09, Info                  CSI    0000023b [SR] Verify complete
2020-09-12 17:46:09, Info                  CSI    0000023c [SR] Verifying 100 components
2020-09-12 17:46:09, Info                  CSI    0000023d [SR] Beginning Verify and Repair transaction
2020-09-12 17:46:10, Info                  CSI    0000023e [SR] Verify complete
2020-09-12 17:46:10, Info                  CSI    0000023f [SR] Verifying 100 components
2020-09-12 17:46:10, Info                  CSI    00000240 [SR] Beginning Verify and Repair transaction
2020-09-12 17:46:10, Info                  CSI    00000242 [SR] Verify complete
2020-09-12 17:46:10, Info                  CSI    00000243 [SR] Verifying 100 components
2020-09-12 17:46:10, Info                  CSI    00000244 [SR] Beginning Verify and Repair transaction
2020-09-12 17:46:11, Info                  CSI    00000245 [SR] Verify complete
2020-09-12 17:46:11, Info                  CSI    00000246 [SR] Verifying 100 components
2020-09-12 17:46:11, Info                  CSI    00000247 [SR] Beginning Verify and Repair transaction
2020-09-12 17:46:12, Info                  CSI    00000248 [SR] Verify complete
2020-09-12 17:46:12, Info                  CSI    00000249 [SR] Verifying 44 components
2020-09-12 17:46:12, Info                  CSI    0000024a [SR] Beginning Verify and Repair transaction
2020-09-12 17:46:13, Info                  CSI    0000024b [SR] Verify complete
2020-09-12 17:46:13, Info                  CSI    0000024c [SR] Repairing 2 components
2020-09-12 17:46:13, Info                  CSI    0000024d [SR] Beginning Verify and Repair transaction
2020-09-12 17:46:13, Info                  CSI    0000024f [SR] Repairing corrupted file \??\C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\\mscormmc.dll from store
2020-09-12 17:46:13, Info                  CSI    00000250 [SR] Repairing corrupted file \??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\\OneDrive.lnk from store
2020-09-12 17:46:13, Info                  CSI    00000252 [SR] Repair complete
2020-09-12 17:46:13, Info                  CSI    00000253 [SR] Committing transaction
2020-09-12 17:46:13, Info                  CSI    00000258 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction  have been successfully repaired
 
========= End of CMD: =========
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
Failed to clear log Microsoft-Windows-LiveId/Analytic.
Access is denied.
Failed to clear log Microsoft-Windows-LiveId/Operational.
Access is denied.
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 17:46:35 ====

  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,142 posts
  • MVP

Assuming you haven't reinstalled Avira or Bitdefender let's try another fixlist.  This one shouldn't take too long but will need to reboot.

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   3.19KB   14 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.

 


  • 0

#10
nasirnasir1

nasirnasir1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Avira is removed, Bit Defender works now so i just windows Security to work now.

Here is the Fix Log.txt , Addition.txt and FRST.txt in that order.

Also Thank you so much for all the help and advice.

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-09-2020 01
Ran by Nasir York (13-09-2020 00:06:11) Run:2
Running from C:\Users\Nasir York\Desktop
Loaded Profiles: Nasir York
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Task: {7E15967B-0F80-4BCB-947D-687490A3F67B} - \MicrosoftEdgeUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {F79E9260-CEDC-4323-B267-8CFF6D9D6EA6} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
FirewallRules: [{473D44C9-792D-446E-A047-E3196B5CA312}] => (Allow) C:\Users\Nasir York\AppData\Roaming\Zoom\bin\Zoom.exe => No File
FirewallRules: [{4CE79FCA-50F7-421C-91C9-356B5BABB3D2}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{17F4BE24-FCCD-41BC-AB1A-E1355923A298}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{402B9580-1362-4A80-B217-699D4EAE4C51}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
ListPermissions: C:\Windows\system32\wuaueng.dll
REG: reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /s
REG: reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v Start /t REG_DWORD /d 2
CMD: sc start wuauserv
REG: reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdBoot" /v Start /t REG_DWORD /d 0
REG: reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdFilter" /v Start /t REG_DWORD /d 0
REG: reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend" /v Start /t REG_DWORD /d 2
CMD: sc start WdBoot
CMD: sc start WdFilter
CMD: sc start WinDefend
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
*****************
 
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E15967B-0F80-4BCB-947D-687490A3F67B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E15967B-0F80-4BCB-947D-687490A3F67B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MicrosoftEdgeUpdateTaskMachineUA" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F79E9260-CEDC-4323-B267-8CFF6D9D6EA6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F79E9260-CEDC-4323-B267-8CFF6D9D6EA6}" => removed successfully
C:\WINDOWS\System32\Tasks\Avira_Antivirus_Systray => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira_Antivirus_Systray" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{473D44C9-792D-446E-A047-E3196B5CA312}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4CE79FCA-50F7-421C-91C9-356B5BABB3D2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{17F4BE24-FCCD-41BC-AB1A-E1355923A298}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{402B9580-1362-4A80-B217-699D4EAE4C51}" => removed successfully
===================================
permissions of "C:\Windows\system32\wuaueng.dll":
 
Owner: BUILTIN\Administrators
 
DACL(PAI):
 
BUILTIN\Administrators ALLOW FULL (NI)
NT AUTHORITY\SYSTEM ALLOW FULL (NI)
BUILTIN\Users ALLOW READ/EXECUTE (NI)
 
===================================
 
========= reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /s =========
 
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv
    Type    REG_DWORD    0x20
    Start    REG_DWORD    0x3
    ErrorControl    REG_DWORD    0x1
    ServiceSidType    REG_DWORD    0x1
    ImagePath    REG_SZ    C:\WINDOWS\system32\svchost.exe -k netsvcs -p
    ObjectName    REG_SZ    LocalSystem
    DependOnService    REG_MULTI_SZ    rpcss
    RequiredPrivileges    REG_MULTI_SZ    SeAuditPrivilege\0SeCreateGlobalPrivilege\0SeCreatePageFilePrivilege\0SeTcbPrivilege\0SeAssignPrimaryTokenPrivilege\0SeImpersonatePrivilege\0SeIncreaseQuotaPrivilege\0SeShutdownPrivilege\0SeDebugPrivilege\0SeBackupPrivilege\0SeRestorePrivilege\0SeSecurityPrivilege\0SeTakeOwnershipPrivilege\0SeLoadDriverPrivilege\0SeManageVolumePrivilege\0SeSystemEnvironmentPrivilege\0SeCreateSymbolicLinkPrivilege\0SeIncreaseBasePriorityPrivilege
 
 
 
========= End of Reg: =========
 
 
========= reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v Start /t REG_DWORD /d 2 =========
 
 
 
========= End of Reg: =========
 
 
========= sc start wuauserv =========
 
 
SERVICE_NAME: wuauserv 
        TYPE               : 30  WIN32  
        STATE              : 2  START_PENDING 
                                (NOT_STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x0
        WAIT_HINT          : 0x7d0
        PID                : 12852
        FLAGS              : 
 
========= End of CMD: =========
 
 
========= reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdBoot" /v Start /t REG_DWORD /d 0 =========
 
 
 
========= End of Reg: =========
 
 
========= reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdFilter" /v Start /t REG_DWORD /d 0 =========
 
 
 
========= End of Reg: =========
 
 
========= reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend" /v Start /t REG_DWORD /d 2 =========
 
 
 
========= End of Reg: =========
 
 
========= sc start WdBoot =========
 
[SC] StartService FAILED 31:
 
A device attached to the system is not functioning.
 
 
========= End of CMD: =========
 
 
========= sc start WdFilter =========
 
 
SERVICE_NAME: WdFilter 
        TYPE               : 2  FILE_SYSTEM_DRIVER  
        STATE              : 4  RUNNING 
                                (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x0
        WAIT_HINT          : 0x0
        PID                : 0
        FLAGS              : 
 
========= End of CMD: =========
 
 
========= sc start WinDefend =========
 
[SC] StartService: OpenService FAILED 1060:
 
The specified service does not exist as an installed service.
 
 
========= End of CMD: =========
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
Failed to clear log Microsoft-Windows-LiveId/Analytic.
Access is denied.
Failed to clear log Microsoft-Windows-LiveId/Operational.
Access is denied.
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 00:06:49 ====
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2020 01
Ran by Nasir York (13-09-2020 00:12:47)
Running from C:\Users\Nasir York\Desktop
Windows 10 Pro Version 1903 18362.1016 (X64) (2019-09-28 07:16:44)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-412816286-677371127-1562832458-500 - Administrator - Disabled)
chian (S-1-5-21-412816286-677371127-1562832458-1007 - Limited - Disabled)
DefaultAccount (S-1-5-21-412816286-677371127-1562832458-503 - Limited - Disabled)
Gears Fix (S-1-5-21-412816286-677371127-1562832458-1010 - Limited - Enabled) => C:\Users\Gears Fix
Guest (S-1-5-21-412816286-677371127-1562832458-501 - Limited - Disabled)
nasir (S-1-5-21-412816286-677371127-1562832458-1006 - Limited - Disabled)
Nasir York (S-1-5-21-412816286-677371127-1562832458-1001 - Administrator - Enabled) => C:\Users\Nasir York
WDAGUtilityAccount (S-1-5-21-412816286-677371127-1562832458-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
FW: Bitdefender Firewall (Enabled) {362C5A58-E860-6396-9204-BEEEF20CA463}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_0_4) (Version: 17.0.4 - Adobe Inc.)
Adobe Animate 2020 (HKLM-x32\...\FLPR_20_0_2) (Version: 20.0.2 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Dimension (HKLM-x32\...\ESHR_3_1_1) (Version: 3.1.1 - Adobe Systems Incorporated)
Adobe Illustrator CC 2019 (HKLM-x32\...\ILST_23_0_1) (Version: 23.0.1 - Adobe Inc.)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_2_1) (Version: 8.2.1 - Adobe Inc.)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.2.0 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Inc.)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_0_3) (Version: 14.0.3 - Adobe Inc.)
AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.83 - ASUSTeK Computer Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{6CF0CAEE-54B6-4D84-A055-3AF110F189D3}) (Version: 8.4 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{8B127943-89E7-4691-A7A4-D05807920A84}) (Version: 8.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A394C41-FBA7-4930-85FC-3A973B34E6C6}) (Version: 13.5.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.23 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{c1fab792-fdc8-4343-aa29-cae3af29ce76}) (Version: 1.0.23 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.2.6 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{5c465d6f-1288-415a-946e-b6ecf1b1a30c}) (Version: 0.0.2.6 - ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\...\{ae62c209-3c0a-4062-b1dd-7f31e7a07a49}) (Version: 1.0.4.5 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{CB0E3BB6-3F2F-401E-B1D4-E23C582ACB11}) (Version: 1.0.4.5 - ASUSTek COMPUTER INC.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{3507c756-a80f-4b0e-8475-975d8b432176}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS HomeCloud Launcher (HKLM-x32\...\4ff11ffb-5880-4338-90e0-1502e835b184) (Version: 1.01.04 - ASUSTeK Computer Inc.)
Asus Sonic Suite Plugins (HKLM-x32\...\{0eaccf04-4462-4fb3-8d97-6e9fe2f1c642}) (Version: 2.1.1801 - ASUSTeKcomputer.Inc) Hidden
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.27 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.48 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{95c37d21-77e3-4b72-9e0e-7ba93e636dde}) (Version: 1.0.48 - ASUS) Hidden
Autodesk Genuine Service (HKLM-x32\...\{EF86FB37-98AB-49C2-930B-77A5E04758FE}) (Version: 2.2.0 - Autodesk)
Azure AD Authentication Connected Service (HKLM-x32\...\{8A1AD070-269F-4A15-AAB5-76AB896EF195}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 24.0.1.169 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 25.0.2.14 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 25.0.1.12 - Bitdefender)
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\{892913E7-EB3C-43F8-ABDE-9333ABBF959A}) (Version: 2.82.0 - Blender Foundation)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.190.0.5002 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty Black Ops 4 (HKLM-x32\...\Call of Duty Black Ops 4) (Version:  - Blizzard Entertainment)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
Contents64 (HKLM\...\{C2D307EA-96F8-4F6E-880E-E244779D8477}) (Version: 19.1.0.12 - Corel Corporation) Hidden
Discord (HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Discord) (Version: 0.0.308 - Discord Inc.)
Dotfuscator and Analytics Community Edition 5.22.0 (HKLM-x32\...\{60018889-9E0F-43E8-9B89-29E8C828B40A}) (Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 3.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.23.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{1ed73932-bb1f-42f9-b276-d10182a64b07}) (Version: 1.1.23.0 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.5.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{f009cab7-dc2f-4859-bdfd-b94d0064c20b}) (Version: 1.0.5.0 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{53041896-BE90-4A26-9954-9E9FDC7D4495}) (Version: 1.1.229.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
GDR 4042 for SQL Server 2008 R2 (KB3045313) (HKLM-x32\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation)
Google Chrome Canary (HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Google Chrome SxS) (Version: 87.0.4261.0 - Google LLC)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Gyazo 4.1.2.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
ICA (HKLM-x32\...\{EE80DAA0-0071-475C-A222-F1782888FC55}) (Version: 19.1.0.12 - Corel Corporation) Hidden
Inpaint 8.1 (HKLM\...\{5808866F-D115-46B2-8123-BB6801968101}_is1) (Version:  - Teorex)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{d370215a-d003-43ae-a3b6-1028af64d5a1}) (Version: 10.0.20 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel® Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
IPM_VS_Pro64 (HKLM\...\{1BD7EE90-7C52-4142-B4DD-55C4F28F9EE7}) (Version: 19.0 - Corel Corporation) Hidden
iTunes (HKLM\...\{739B363A-A8C1-4D32-843D-07603700D19F}) (Version: 12.10.6.2 - Apple Inc.)
Jump Force Ultimate Edition MULTi14 - ElAmigos version 2.00 (HKLM-x32\...\{E7BE40FB-7006-42A9-ADCF-7F57D754B9F0}_is1) (Version: 2.00 - Bandai Namco Entertainment)
Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.26 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{e5d9f7b7-590f-42bf-8068-23e9a16c58fb}) (Version: 1.0.26 - KINGSTON COMPONENTS INC.) Hidden
Kits Configuration Installer (HKLM-x32\...\{84645792-B4DC-8386-13D6-94810C42EF8A}) (Version: 10.1.14393.795 - Microsoft) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Gaming Software 8.92 (HKLM\...\Logitech Gaming Software) (Version: 8.92.67 - Logitech Inc.)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.13231.20126 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (HKLM-x32\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{49860BCD-24D6-44C1-922E-AC12FE32234E}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{EFECC55D-7B0A-4D05-8487-CC2FD7C618A3}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 (HKLM-x32\...\{7d607fb4-7e28-4c7a-a92f-3fcdaf555faf}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{D68E6605-F852-4936-AB64-04B80E0C85AD}) (Version: 2.2.0.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{128C1654-3B9E-4959-8BFB-CE6F09C0A01D}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
My Hero Ones Justice 2 (HKLM-x32\...\My Hero Ones Justice 2_is1) (Version:  - )
NahimicSettingsConfigurator (HKLM\...\{C0C4818E-DCAD-44F9-A2FF-FAACAEC791B5}) (Version: 2.1.1801 - ASUSTeKcomputer.Inc) Hidden
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.4 - NETGEAR)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.4.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.4.14 - NVIDIA Corporation)
NVIDIA Graphics Driver 452.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.34 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 24.0.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation)
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation)
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwatch League Replay Viewer (HKLM-x32\...\Overwatch League Replay Viewer) (Version:  - Blizzard Entertainment)
Overwatch Test (HKLM-x32\...\Overwatch Test) (Version:  - Blizzard Entertainment)
Overwatch World Cup Viewer (HKLM-x32\...\Overwatch World Cup Viewer) (Version:  - Blizzard Entertainment)
PC Building Simulator (HKLM-x32\...\{BF3FA925-71A0-47FA-9485-73FC139B36F5}_is1) (Version: 1.8 - Repack by Team-LiL)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
ProtonVPN (HKLM-x32\...\{CC56589D-2FE8-4B38-9024-0ABCD9F3CB0E}) (Version: 1.16.1 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.16.1) (Version: 1.16.1 - Proton Technologies AG)
Python 3.5.1 (32-bit) (HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\{c39d559b-aa83-4476-ba20-988a35a1199a}) (Version: 3.5.1150.0 - Python Software Foundation)
Python 3.5.1 Core Interpreter (32-bit) (HKLM-x32\...\{7665C66D-78C4-4B30-B4B9-8DD484403532}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Development Libraries (32-bit) (HKLM-x32\...\{2B2FED36-5D63-411A-A8C4-E311D70BCF33}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Documentation (32-bit) (HKLM-x32\...\{77EEC303-714C-4290-AF63-5252FDB5D7C8}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit) (HKLM-x32\...\{946BBA68-EDC0-4981-83D3-09592B9A84FA}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 pip Bootstrap (32-bit) (HKLM-x32\...\{4F29879C-940D-4599-8CEC-407579F73DF7}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit) (HKLM-x32\...\{65A2F7DA-ACD7-4EC1-8A88-665D535D9CE7}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit) (HKLM-x32\...\{C387DB53-A25F-49E3-8DF7-94F47E5A7921}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit) (HKLM-x32\...\{FA87440D-634A-4581-AD9C-C6FA859B88DD}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Utility Scripts (32-bit) (HKLM-x32\...\{9254A29B-0F60-444C-B5CE-DB7E2505474C}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Razer Chroma SDK (HKLM-x32\...\Razer Chroma SDK) (Version: 3.14.8 - Razer Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.10.8.1270 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.0907.090217 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.1.2.0 - ASUSTek COMPUTER INC.)
Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{7138CC92-123A-393F-BC30-B784794DF4E7}) (Version: 14.0.25421 - Microsoft Corporation) Hidden
SDK Debuggers (HKLM-x32\...\{905D1773-308E-B34B-7489-1E1557BF0AF4}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (HKLM-x32\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
Setup (HKLM-x32\...\{F8B95E3C-40A0-49CE-B5F9-3861F238B9FF}) (Version: 19.1.0.12 - Corel Corporation) Hidden
Share64 (HKLM\...\{A61EEC3A-E37C-49A5-BE61-7AEE04F1A15D}) (Version: 19.1.0.12 - Corel Corporation) Hidden
ShiftWindow 1.02 (HKLM-x32\...\ShiftWindow_is1) (Version:  - Grismar)
Should I Remove It (HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Sonic Studio Plugin (HKLM\...\{DDA3EA99-E4F2-4EBF-8BD5-EF3898D6B3D8}) (Version: 2.1.1801 - ASUSTeKcomputer.Inc) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SQL Server 2008 R2 SP2 Common Files (HKLM-x32\...\{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM-x32\...\{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM-x32\...\{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM-x32\...\{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM-x32\...\{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM-x32\...\{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM-x32\...\{93998800-1608-403F-9A51-420A77D23C25}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StreamElements OBS.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 20.2.28.571 - StreamElements)
SuperF4 (HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\SuperF4) (Version: 1.3 - Stefan Sundin)
Team Explorer for Microsoft Visual Studio 2015 Update 3 CTP1 (HKLM-x32\...\{C0402801-37B7-30B1-A678-AE3E73E4C4F6}) (Version: 14.98.25331 - Microsoft) Hidden
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.17057 - Microsoft Corporation)
Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Twitch (HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
TypeScript Power Tool (HKLM-x32\...\{465ACA24-B8D6-4FEC-A42D-9EFCB92CD560}) (Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{BDB33BE7-73D0-4C02-A576-78FD17C95A8D}) (Version: 1.8.34.0 - Microsoft Corporation) Hidden
UNO (HKLM-x32\...\Uplay Install 3352) (Version:  - Ubisoft)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 71.0 - Ubisoft)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{8BA11E80-4FB0-11E7-9B6D-A9EF5249FCEF}) (Version: 14.0.270 - VEGAS)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VS Update core components (HKLM-x32\...\{5C946395-4D29-3274-A47D-B77D4B10E126}) (Version: 14.0.25421 - Microsoft Corporation) Hidden
vs_update3notification (HKLM-x32\...\{B5BE6171-568A-3657-90CD-A76BEC01F62D}) (Version: 14.0.25421 - Microsoft Corporation) Hidden
VSClassic64 (HKLM\...\{99B95309-4793-43D9-8F1C-EC086FC74CB5}) (Version: 19.1.0.12 - Corel Corporation) Hidden
VSUltimate64 (HKLM\...\{3F5D769B-346B-487A-851A-A1AF147D5B39}) (Version: 19.1.0.12 - Corel Corporation) Hidden
WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Webull Desktop version 4.2.0 (HKLM-x32\...\{ACD3494F-0DDF-4520-B50A-2BEAAAD4DAC3}_is1) (Version: 4.2.0 - Webull Company, Inc.)
WinDirStat 1.1.2 (HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\WinDirStat) (Version:  - )
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
Windows Software Development Kit - Windows 10.0.14393.795 (HKLM-x32\...\{5eb6fbea-73ee-4a8e-9042-110704768d7f}) (Version: 10.1.14393.795 - Microsoft Corporation)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
 
Packages:
=========
ASUS Welcome -> C:\Program Files\WindowsApps\B9ECED6F.ASUSWelcome_1.0.1.0_x64__qmba6cd70vzyy [2016-01-31] (ASUSTeK COMPUTER INC.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-28] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-16] (Netflix, Inc.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-02] (Microsoft Corporation)
Xbox Accessories -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_300.1911.1001.0_x64__8wekyb3d8bbwe [2019-11-24] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-7063B4B49902} -> [Creative Cloud Files] => F:\Creative Cloud Files0
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Nasir York\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\Nasir York\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-412816286-677371127-1562832458-1001_Classes\CLSID\{FA372A6E-149F-4E95-832D-8F698D40AD7F}\localserver32 -> C:\Users\Nasir York\AppData\Local\Google\Chrome SxS\Application\87.0.4261.0\notification_helper.exe (Google LLC -> Google LLC)
SSODL: EldosMountNotificator-cbfs5 - {877C17A2-141F-499A-989E-CB89EF388FC8} - C:\Windows\system32\cbfsMntNtf5.dll (EldoS Corporation -> EldoS Corporation)
SSODL-x32: EldosMountNotificator-cbfs5 - {877C17A2-141F-499A-989E-CB89EF388FC8} - C:\Windows\SysWOW64\cbfsMntNtf5.dll (EldoS Corporation -> EldoS Corporation)
ShellServiceObjects: Virtual Storage Mount Notification -> {877C17A2-141F-499A-989E-CB89EF388FC8} => C:\Windows\system32\cbfsMntNtf5.dll [2015-05-22] (EldoS Corporation -> EldoS Corporation)
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {877C17A2-141F-499A-989E-CB89EF388FC8} => C:\Windows\SysWOW64\cbfsMntNtf5.dll [2015-05-22] (EldoS Corporation -> EldoS Corporation)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs5] -> {A884D27C-84DC-41DD-89FB-8D8ABF3460D1} => C:\Windows\system32\cbfsMntNtf5.dll [2015-05-22] (EldoS Corporation -> EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs5] -> {A884D27C-84DC-41DD-89FB-8D8ABF3460D1} => C:\Windows\system32\cbfsMntNtf5.dll [2015-05-22] (EldoS Corporation -> EldoS Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => F:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-05-17] (Notepad++ -> )
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2016-11-17] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-08-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\system32\vorbis.acm [1562432 2017-03-01] (Image Line -> HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [msacm.dvacm_vspx9] => C:\Program Files\Corel\CORELV~1\Dvacm.acm
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [652288 2013-05-28] () [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1456448 2017-03-01] (Image Line -> HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] () [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Nasir York\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Canary Apps\Codebender App.lnk -> C:\Users\Nasir York\AppData\Local\Google\Chrome SxS\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=magknjdfniglanojbpadmpjlglepnlko
 
==================== Loaded Modules (Whitelisted) =============
 
2017-04-10 14:09 - 2015-02-26 20:19 - 000380928 _____ () [File not signed] C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll
2015-12-26 17:28 - 2014-04-24 18:03 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.22\ASACPI.DLL
2015-12-26 17:29 - 2014-07-02 05:41 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.11\AsAcpi.dll
2020-09-13 00:08 - 2020-09-13 00:08 - 000044176 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2015-12-26 17:29 - 2014-07-02 05:41 - 000676864 ____R (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.11\asacpiEx.dll
2017-04-10 14:09 - 2011-06-21 16:04 - 000229376 _____ (Broadcom Corporation) [File not signed] C:\Program Files (x86)\NETGEAR\WNA3100\wps_api.dll
2015-12-28 07:20 - 2015-11-19 10:36 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2014-05-28 14:10 - 2014-05-28 14:10 - 000296960 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2014-05-28 14:10 - 2014-05-28 14:10 - 000526336 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2020-07-16] (Bitdefender SRL -> Bitdefender)
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2020-07-16] (Bitdefender SRL -> Bitdefender)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [2020-07-16] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2020-07-16] (Bitdefender SRL -> Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2020-07-16] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2020-07-16] (Bitdefender SRL -> Bitdefender)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\sharepoint.com -> hxxps://unhnewhaven-files.sharepoint.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2018-04-09 13:50 - 2020-09-13 00:08 - 000001042 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64_win\compiler;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files (x86)\GtkSharp\2.12\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\Nasir York\AppData\Local\Microsoft\WindowsApps;C:\Users\Nasir York\AppData\Local\atom\bin;C:\Users\Nasir York\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-412816286-677371127-1562832458-1001\Control Panel\Desktop\\Wallpaper -> F:\Media\Art\Digital Art\Photoshop\Finished\Ceejust Backgrounds\Ceejust Neon Name.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
Network Binding:
=============
Ethernet 2: General NDIS Protocol Driver -> SCM_NDISPROT (enabled) 
Ethernet 2: Realtek RealWoW Driver -> rtk_realwow60 (enabled) 
Local Area Connection: Realtek RealWoW Driver -> rtk_realwow60 (enabled) 
Local Area Connection: General NDIS Protocol Driver -> SCM_NDISPROT (enabled) 
Ethernet: General NDIS Protocol Driver -> SCM_NDISPROT (enabled) 
Ethernet: Realtek RealWoW Driver -> rtk_realwow60 (enabled) 
Local Area Connection 2: General NDIS Protocol Driver -> SCM_NDISPROT (enabled) 
Local Area Connection 2: Realtek RealWoW Driver -> rtk_realwow60 (enabled) 
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: Razer Synapse Service => 2
HKLM\...\StartupApproved\StartupFolder: => "NETGEAR WNA3100 Genie.lnk"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "BdVpnApp"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ASUS Ai Charger"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer DMS"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer WSAgent"
HKLM\...\StartupApproved\Run32: => "AO Link Server"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer ShareEdit"
HKLM\...\StartupApproved\Run32: => "WebStorage"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "ProductUpdater"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "DSATray"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "ExpressVPNNotificationService"
HKLM\...\StartupApproved\Run32: => "Kraken0510Helper"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\StartupFolder: => "CAM.lnk"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\StartupFolder: => "GenuineService.lnk"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_8463E4E6F536B8D8D1FC6B6ADD3BC0C5"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Prime95"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "f.lux"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Haste"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "ExpressVPN4"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Windscribe"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Synapse3"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Adguard"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Parsec.App.0"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_2952BC569372D1E14E2D5D2EA119F0E6"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{51D476F8-3BAE-474C-9CFF-F680B438B98B}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Gears5\GearGame\Binaries\Steam\Gears5_EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{1024DE61-118A-4103-A145-758F2B79FB5B}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Gears5\GearGame\Binaries\Steam\Gears5_EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{8F485514-2CD8-4096-863F-09DE3D46DDAD}F:\program files (x86)\steam\steamapps\common\gears5\geargame\binaries\steam\gears5.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\gears5\geargame\binaries\steam\gears5.exe (The Coalition) [File not signed]
FirewallRules: [TCP Query User{590E5C09-CCA0-42F5-ACE0-012B0C972182}F:\program files (x86)\steam\steamapps\common\gears5\geargame\binaries\steam\gears5.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\gears5\geargame\binaries\steam\gears5.exe (The Coalition) [File not signed]
FirewallRules: [UDP Query User{0F02A7E5-6A0A-49CC-869A-E7604EE34078}F:\overwatch\_replay_viewer_\overwatch.exe] => (Allow) F:\overwatch\_replay_viewer_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{6F6D654B-CFC3-4E1A-8EEF-FF14D5D4E529}F:\overwatch\_replay_viewer_\overwatch.exe] => (Allow) F:\overwatch\_replay_viewer_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{FAA42020-AE0F-480E-A5FB-39DB9B6E6DCF}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{4B2EDAB9-C9C3-4BD5-BF53-4F4A2D5B69DB}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{69ED1D1D-803B-4429-A24D-20A1E8A8D22C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{EFE0EBBA-3538-4EE3-B07F-6101CF715257}F:\overwatch\_retail_\overwatch.exe] => (Allow) F:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{22345150-265E-42DA-B57A-632BD98D34B7}F:\overwatch\_retail_\overwatch.exe] => (Allow) F:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{769EDB8E-C4CF-4733-9ABC-ECE5A1C5855C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AB8024B6-575F-48E4-9AB2-5D4EA3098782}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{323A6CD8-6C95-47DA-B8EA-6E56AF68A040}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{10345D00-3C90-444F-B123-011CB4DEDCF0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{8C19F219-0087-4C94-B00C-DB06FC2F7CEC}C:\users\nasir york\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\nasir york\appdata\local\akamai\netsession_win.exe => No File
FirewallRules: [TCP Query User{78D3AAB9-5579-435B-96F4-9B3168D0E1D0}C:\users\nasir york\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\nasir york\appdata\local\akamai\netsession_win.exe => No File
FirewallRules: [{4BAB5CD9-6E27-46C5-84EE-D101CC44EC27}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DFC73CF5-6F85-4B78-B06F-CD25BEAC4F11}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E60CB4A0-9020-43BE-8659-61FA246DB9C6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8987247E-FC72-4AB4-98C3-7C9D5C0EEE23}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{4D1C3445-5A70-4A27-B420-858F3DE7CB55}C:\program files (x86)\ultrabox entertainment\chroma sync\chroma sync.exe] => (Allow) C:\program files (x86)\ultrabox entertainment\chroma sync\chroma sync.exe (Ultrabox Entertainment Limited) [File not signed]
FirewallRules: [TCP Query User{140EBC3E-8CB1-4395-A70A-A6938008A4B0}C:\program files (x86)\ultrabox entertainment\chroma sync\chroma sync.exe] => (Allow) C:\program files (x86)\ultrabox entertainment\chroma sync\chroma sync.exe (Ultrabox Entertainment Limited) [File not signed]
FirewallRules: [{3472F3E3-EB83-48C4-8C9F-70BC7B31C494}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{48F1975D-7450-4740-B939-3B15EE68B755}C:\users\nasir york\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\nasir york\appdata\local\akamai\netsession_win.exe => No File
FirewallRules: [TCP Query User{183DC536-1AFB-431F-B318-A3BBCFE58DD6}C:\users\nasir york\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\nasir york\appdata\local\akamai\netsession_win.exe => No File
FirewallRules: [UDP Query User{0E477258-A72F-4641-A893-9BF99A6C874B}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [TCP Query User{B7C8C640-DA1A-4D8C-9104-5706D1DD492E}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{272984B9-36F3-4A7F-AD00-163FE8D587BD}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Nuclear Throne\nuclearthrone.exe (Vlambeer) [File not signed]
FirewallRules: [{3EDD8817-1E20-4BFA-8390-08DE7B5C28BE}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Nuclear Throne\nuclearthrone.exe (Vlambeer) [File not signed]
FirewallRules: [{B1C13B69-1072-4979-B674-15F99133D4D4}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{62B7B065-40FE-4E16-9ABA-74E9BF34815D}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1C9421D3-54CA-4821-AD73-B393E622199E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6794B290-4B93-4D17-941E-13513C0E9DE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{17558CA4-236E-489C-8D33-36F7B27C6453}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{844CFC51-B020-4861-A647-A8B11E547D99}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{458C194B-6874-4226-B4BB-08CB743AC670}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{924174D4-D8BD-4DF6-93E7-D4FEE3C54211}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E95983F0-5E49-4B31-A2E2-CD9D28B6DC83}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0EDED09F-998F-49DF-BCC9-C6D51C289138}] => (Allow) LPort=8586
FirewallRules: [{CDA361F6-1E0E-47C7-A290-59E2AE3B384A}] => (Allow) LPort=8586
FirewallRules: [{1BF0374E-D402-4461-ACC9-5CABA1661D87}] => (Allow) C:\Program Files\ASUS\HomeCloud\ServerConsole\HomeBox Server.exe (ASUS Cloud Corporation -> )
FirewallRules: [{BCAA783B-26AD-4818-8A04-7DD9EFB78E6D}] => (Allow) C:\Program Files\ASUS\HomeCloud\Tomcat\Tomcat_OmniStore\bin\tomcat6.exe (Apache Software Foundation) [File not signed]
FirewallRules: [{0AB69F55-FBE9-4736-81EE-9F7EBB51FC06}] => (Allow) C:\Windows\SysWOW64\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C9D3AB42-785F-49BA-A67C-DFD6D14B1A1F}] => (Allow) C:\Windows\SysWOW64\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F84AAD75-6D5F-4299-B776-A8F604EE5759}] => (Allow) C:\Windows\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3D947D72-553F-4358-AB7E-4D2385D03424}] => (Allow) C:\Windows\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4178D8DD-19BF-40DD-9BE7-7792CDF4D7CE}] => (Allow) C:\Program Files\ASUS\HomeCloud\Tomcat\Tomcat_OmniStore\bin\tomcat6.exe (Apache Software Foundation) [File not signed]
FirewallRules: [{054426D8-6634-4EBB-A3CB-E9168193853D}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B1195FFC-E0E4-497F-9AC2-46BC643D2B28}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity\2015\UnityVS.OpenFile.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{365F721A-9DAF-4AAB-9E3A-C76D84C7153C}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EEA97C71-35AF-4242-8F3E-A5701CE6A9B9}] => (Allow) LPort=9143
FirewallRules: [{03CC62E0-41BE-4CE6-B200-FB93D41BB642}] => (Allow) LPort=2333
FirewallRules: [TCP Query User{B02CE1BF-7783-4A84-9097-50A47F884CF7}F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{69C281DB-AA33-4528-A933-48D4676DC563}F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{4BC50C2B-ADB1-43A0-BE8D-36B1D9CBE947}F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{D7EB5DB3-163D-4995-BCC6-87B3A070D886}F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{34D845BC-B448-4CA2-86F7-D516DF447067}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{223076EA-973E-4967-A447-1918A872E8FB}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{80B023F5-7F75-4B21-AD71-AEF783F5FF8A}] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{F7A6F8B6-B5F0-4070-BD72-2BADCCF0D3C6}] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{8935D5CE-BD0A-4746-9588-8DA71738BDFE}F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{88160334-C8A4-48B5-BA6D-C7A46337792C}F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{03D23C5A-06FD-47AC-A9EB-70780FE00F1C}F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{362EF7CB-3950-4597-929A-F9F6FC74C88E}F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{88EFAABD-C600-4172-93C9-0062AF27191A}F:\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) F:\spellbreak\g3\binaries\win64\spellbreak.exe (Proletariat, Inc. -> Proletariat, Inc.)
FirewallRules: [UDP Query User{3C71A0CE-1253-48DE-9872-C3CE79B4B76A}F:\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) F:\spellbreak\g3\binaries\win64\spellbreak.exe (Proletariat, Inc. -> Proletariat, Inc.)
FirewallRules: [TCP Query User{AEC007E5-F181-4646-A764-A9D95C5ED818}F:\program files (x86)\image-line\fl studio 20\fl64.exe] => (Allow) F:\program files (x86)\image-line\fl studio 20\fl64.exe => No File
FirewallRules: [UDP Query User{0650DA28-52C3-4CAF-ACF8-E19664D14291}F:\program files (x86)\image-line\fl studio 20\fl64.exe] => (Allow) F:\program files (x86)\image-line\fl studio 20\fl64.exe => No File
FirewallRules: [TCP Query User{6CEE534C-F353-4887-8C26-141D2F6132FD}F:\call of duty modern warfare\modernwarfare.exe] => (Allow) F:\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{6C595E5F-E92A-4AF5-BDD3-230C2B32565E}F:\call of duty modern warfare\modernwarfare.exe] => (Allow) F:\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{40EAABF4-8377-4941-9D6A-30C6626A9C35}F:\overwatch\_ptr_\overwatch.exe] => (Allow) F:\overwatch\_ptr_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{36FEE0DF-4E80-4300-A52F-9F2FFF7A7BD0}F:\overwatch\_ptr_\overwatch.exe] => (Allow) F:\overwatch\_ptr_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{55235E7F-BD01-40C7-A12A-BFD9DD64C868}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{F14C29FD-A73C-46DB-9BA8-4A6850024372}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{C549623F-A634-4D56-822A-16AE9040CAD9}C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe] => (Allow) C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{D8BA3168-0128-43B7-B47C-A05388C7A87B}C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe] => (Allow) C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{55A8918A-6FD4-44E4-93C0-3904E121756B}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Monopoly Plus\Monopoly.exe (Ubisoft Entertainment -> Asobo Studio)
FirewallRules: [{504B6E4D-737A-4786-B7FC-5A5222D5C16F}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Monopoly Plus\Monopoly.exe (Ubisoft Entertainment -> Asobo Studio)
FirewallRules: [TCP Query User{29DB45C5-99C4-42F3-B4E8-00786E23FCBA}C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe] => (Allow) C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{DBA2C3B3-0A42-43A1-BF16-B86E1441D7CB}C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe] => (Allow) C:\users\nasir york\appdata\local\google\chrome sxs\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{8A92559A-7D4C-4676-B9B8-1B4028E063E2}F:\overwatch\_retail_\overwatch.exe] => (Allow) F:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{6F5FE14B-520C-453D-B40F-9B63A53CE446}F:\overwatch\_retail_\overwatch.exe] => (Allow) F:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{6B384191-52C4-4C08-8A24-88055B24C825}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{877B8420-F044-4B4B-84F9-85C76A8CF45C}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{36A3E05C-8330-4672-BF7C-7056E87A7075}] => (Allow) F:\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{4B13106E-17B6-4DBB-9C8A-DAD7C9383C08}] => (Allow) F:\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{43ED2535-CA56-4E5F-B552-E8EB5A1301E2}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
FirewallRules: [{26864FCF-EA1F-4BC7-97BB-CF763AF707E2}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
FirewallRules: [TCP Query User{E1166514-730C-498F-BF4A-4C8822211D02}F:\games\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe] => (Allow) F:\games\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [UDP Query User{4AFCEADB-CBEC-4FA3-A7FC-7C4B69A9AA2E}F:\games\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe] => (Allow) F:\games\jump force\jump_force\binaries\win64\jump_force-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [{C516BDC7-D6AE-41E7-AC07-1D59AE2207EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{77428367-99CA-4340-9CA6-9607DE43AAB5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{93A2DDCE-6DF1-44F1-BE81-73EA31BD72E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{15D9A618-321A-48B7-97BE-32F875C5ED98}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1DE3A896-A5FE-41E2-8637-05B56CAA8CB4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FB935313-DD8C-4955-A819-3139C52809A4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{86005953-F1FC-4583-B7B6-9D12214006BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{875D342C-DB8D-46A9-B5BC-F6801EE39511}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{97BD67F5-9ED3-44E5-82B4-74E19E6FEA01}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{33450982-A001-4AC2-8DF7-B03F4D69CDF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C150C4F8-D021-45F1-9E07-DCBA080F1034}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9D26EFB7-CE4F-496E-AFCE-964A355156A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{686AF5BA-CE6E-400D-A674-CD199843F067}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{2E798E51-CB97-4C71-BD56-DE9C3716A9A8}F:\twitch\bin\electron\twitchui.exe] => (Block) F:\twitch\bin\electron\twitchui.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
FirewallRules: [UDP Query User{00D08F4D-5C9A-4DEA-BCB3-7FD534059E87}F:\twitch\bin\electron\twitchui.exe] => (Block) F:\twitch\bin\electron\twitchui.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
FirewallRules: [{2F34D270-1A68-4A4B-BC58-DA17A8CDF4FD}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{D29D465C-33DD-4101-AC7C-5578FBC426A6}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{58542554-1444-4E05-89C7-7984F9352AA1}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{09FA7472-CFDA-4EAC-AF21-A23D83B94688}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
 
==================== Restore Points =========================
 
12-09-2020 21:26:21 Removed Melodyne Runtime 4.1 (x64)
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (09/13/2020 12:10:57 AM) (Source: MSSQL$ASUSHOMECLOUD) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$ASUSHOMECLOUD\Performance'. SQL Server performance counters are disabled.
 
Error: (09/13/2020 12:07:27 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (09/13/2020 12:07:27 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
 
System errors:
=============
Error: (09/13/2020 12:14:54 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error: 
The system cannot find the file specified.
 
Error: (09/13/2020 12:14:54 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DTOHOOC)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
 
Error: (09/13/2020 12:12:54 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error: 
The system cannot find the file specified.
 
Error: (09/13/2020 12:12:54 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
 
Error: (09/13/2020 12:10:54 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error: 
The system cannot find the file specified.
 
Error: (09/13/2020 12:10:53 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
 
Error: (09/13/2020 12:08:53 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error: 
The system cannot find the file specified.
 
Error: (09/13/2020 12:07:37 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. 2702 04/27/2015
Motherboard: ASUSTeK COMPUTER INC. MAXIMUS VII HERO
Processor: Intel® Core™ i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 31%
Total physical RAM: 16326.49 MB
Available physical RAM: 11147.52 MB
Total Virtual: 25542.49 MB
Available Virtual: 18166.7 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:111.3 GB) (Free:25.14 GB) NTFS
Drive f: (Hard Drive) (Fixed) (Total:1863.01 GB) (Free:887.03 GB) NTFS
 
\\?\Volume{92c7ec7c-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.44 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 92C7EC7C)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 2EEE4D9F)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt =======================
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-09-2020 01
Ran by Nasir York (administrator) on DESKTOP-DTOHOOC (ASUS All Series) (13-09-2020 00:11:10)
Running from C:\Users\Nasir York\Desktop
Loaded Profiles: Nasir York
Platform: Windows 10 Pro Version 1903 18362.1016 (X64) Language: English (United States)
Default browser: "C:\Users\Nasir York\AppData\Local\Google\Chrome SxS\Application\chrome.exe" --single-argument %1
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.11\AsusFanControlService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
(ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Google LLC -> Google LLC) C:\Users\Nasir York\AppData\Local\Google\Chrome SxS\Application\chrome.exe <24>
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NETGEAR -> ) C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Razer USA Ltd. -> ) F:\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(Razer USA Ltd. -> Razer Inc.) F:\Razer Cortex\RzKLService.exe
(Razer USA Ltd. -> Razer Inc.) F:\Synapse3\Service\Razer Synapse Service.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7660760 2014-10-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17494136 2017-04-05] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302392 2020-03-28] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [217144 2020-07-15] (Bitdefender SRL -> Bitdefender)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [429624 2020-06-20] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-06-06] (Adobe Inc. -> )
HKLM-x32\...\Run: [RzWizard] => C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [263112 2016-05-23] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Run: [Synapse3] => F:\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3513072 2020-09-02] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Run: [EpicGamesLauncher] => F:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32410000 2020-09-11] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [915848 2020-03-30] (Nota Inc. -> Nota Inc.)
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Run: [Google Update] => C:\Users\Nasir York\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-06-21] (Google LLC -> Google LLC)
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Run: [] => [X]
HKU\S-1-5-21-412816286-677371127-1562832458-1001\...\Run: [GoogleChromeAutoLaunch_2952BC569372D1E14E2D5D2EA119F0E6] => "C:\Users\Nasir York\AppData\Local\Google\Chrome SxS\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-18\...\Run: [Synapse3] => F:\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3513072 2020-09-02] (Razer USA Ltd. -> Razer Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk [2017-04-10]
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe (NETGEAR -> )
Startup: C:\Users\Nasir York\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk [2019-12-13]
ShortcutTarget: GenuineService.lnk -> C:\Users\Nasir York\Autodesk\Genuine Service\GenuineService.exe (Autodesk Inc -> Autodesk)
Startup: C:\Users\Nasir York\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2020-08-15]
ShortcutTarget: Twitch.lnk -> F:\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {20311710-456D-4767-99F4-A7708EDF31BC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5137312 2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {3EA23887-C60A-4CDB-9A78-D3A69AB9E3F5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5137312 2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {70D17777-CDF1-4192-ACC4-9E7530202A96} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [491320 2020-06-23] (Bitdefender SRL -> Bitdefender)
Task: {867FA7B7-AE9D-4176-B867-18823BCAF956} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {972CBA3A-3286-4F3D-863D-61F39BF4B405} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144728 2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {9764361E-27F9-4D98-B379-346CC88AEE04} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [139448 2016-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {B1515E09-FD31-4D60-8593-D9A88413C9EF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22854008 2020-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {C18F20E5-A676-44C6-AF13-1F39031C09D7} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1535896 2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {D30FB75D-B52A-46A6-884F-A8E412C5AA51} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22854008 2020-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9001879-AAEC-449E-B008-417D6FEFF465} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [545840 2020-07-16] (Bitdefender SRL -> Bitdefender)
Task: {E5C4818E-41A3-4BD0-A7DC-354A8DF62E50} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144728 2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{10416cf3-1d1f-46f8-98dd-5dc013e80178}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{308a0871-4f66-4569-90b8-ee3d237ffb36}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{854a3fd2-6045-49de-b682-6ddec26557da}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bfeb5d3a-0ad2-401e-9ba8-31f842c13770}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
 
Edge: 
======
Edge Profile: C:\Users\Nasir York\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-12]
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2020-07-16] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/wallet/updates.json ]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Extension: (Bitdefender Anti-tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2020-07-16] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2020-07-22] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-08-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-06-20] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-08-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.asus.com/ASUS Update;version=3 -> C:\Program Files (x86)\ASUS\Update\1.3.107.27\npAsusUpdate3.dll [2020-08-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FF Plugin-x32: @tools.asus.com/ASUS Update;version=9 -> C:\Program Files (x86)\ASUS\Update\1.3.107.27\npAsusUpdate3.dll [2020-08-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-06-20] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-412816286-677371127-1562832458-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-01-07] (Ubisoft Entertainment Sweden AB -> )
 
Chrome: 
=======
CHR Profile: C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default [2020-09-11]
CHR DownloadDir: F:\Downloads
CHR Notifications: Default -> hxxps://thevirts.os.tc; hxxps://www.escapefromtarkov.com; hxxps://www.facebook.com; hxxps://www.netflix.com; hxxps://www.razer.com; hxxps://www.reddit.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Extension: (BetterTTV) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-09-11]
CHR Extension: (Google Drive) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (Hypothesis - Web & PDF Annotation) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjfhmglciegochdpefhhlphglcehbmek [2020-09-11]
CHR Extension: (Honey) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-09-11]
CHR Extension: (Avira Safe Shopping) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2020-09-11]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-09-11]
CHR Extension: (uBlock Origin) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-09-11]
CHR Extension: (Skillshare Free Downloader) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\dafpgbifpihaomcjenlnebhepkklhkfh [2020-03-05]
CHR Extension: (Dark Mode) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2020-06-19]
CHR Extension: (AHA Music - Song Finder for Browser) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf [2020-06-10]
CHR Extension: (Session Buddy) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2020-05-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-07-16]
CHR Extension: (Zotero Connector) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2020-09-11]
CHR Extension: (Gyazo) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdaeeijbbijklfcpahbghahojgfgebo [2020-09-11]
CHR Extension: (Bitdefender Wallet) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2020-07-30]
CHR Extension: (Hola Free VPN Proxy Unblocker - Best VPN) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2020-09-11]
CHR Extension: (goo.gl URL Shortener (Unofficial)) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk [2018-01-15]
CHR Extension: (Looper for YouTube) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\iggpfpnahkgpnindfkdncknoldgnccdg [2020-04-22]
CHR Extension: (View Image) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcmhcelnjdmblfmjabdeclccemkghjk [2020-04-27]
CHR Extension: (Grammarly for Chrome) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-09-11]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2020-09-11]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2020-07-30]
CHR Extension: (No History) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljamgkbcojbnmcaonjokopmcblmmpfch [2018-01-15]
CHR Extension: (Wikibuy from Capital One) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2020-09-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Material Simple Dark Grey) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookepigabmicjpgfnmncjiplegcacdbm [2018-09-30]
CHR Extension: (Steam Community Market Quick Buy) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbfjlhfadijipchkejgenbnnoebonckm [2018-01-15]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2020-09-11]
CHR Extension: (Gmail) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-10]
CHR Extension: (Chrome Media Router) - C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-11]
CHR Profile: C:\Users\Nasir York\AppData\Local\Google\Chrome\User Data\System Profile [2020-07-18]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1388920 2018-05-09] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-07-08] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-15] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844856 2020-06-20] (Adobe Inc. -> Adobe Inc.)
S3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\hydra.sdk.windows.service.exe [132480 2020-06-24] (AnchorFree Inc -> AnchorFree Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-03-27] (Apple Inc. -> Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-27] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-04-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] (ASUSTeK Computer Inc. -> ) [File not signed]
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2020-07-18] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.11\AsusFanControlService.exe [394040 2014-07-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2020-07-18] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [654936 2020-07-18] (ASUSTeK Computer Inc. -> ASUS)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2020-07-16] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2020-07-16] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195344 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 BdVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [230128 2020-07-15] (Bitdefender SRL -> Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8553552 2020-03-06] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8928120 2020-09-08] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2019-10-15] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-04-05] (Logitech Inc -> Logitech Inc.)
R2 MSSQL$ASUSHOMECLOUD; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe [43130032 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1356792 2020-06-23] (Bitdefender SRL -> Bitdefender)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [101184 2020-06-04] (ProtonVPN AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-06-04] (ProtonVPN AG -> )
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [981592 2020-07-29] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [292440 2020-07-29] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-06-24] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; F:\Synapse3\Service\Razer Synapse Service.exe [294128 2020-09-02] (Razer USA Ltd. -> Razer Inc.)
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [2411232 2020-07-20] (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2020-06-05] (Razer USA Ltd. -> Razer Inc.)
R2 RzKLService; F:\Razer Cortex\RzKLService.exe [290864 2020-08-21] (Razer USA Ltd. -> Razer Inc.)
R2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [376272 2016-05-23] (Razer USA Ltd. -> Razer Inc.)
S4 SQLAgent$ASUSHOMECLOUD; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\SQLAGENT.EXE [381104 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 tomcat6; C:\Program Files\ASUS\HomeCloud\Tomcat\Tomcat_OmniStore\bin\tomcat6.exe [80896 2013-04-28] (Apache Software Foundation) [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [170840 2020-07-16] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2020-07-16] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [316120 2014-08-18] (NETGEAR -> )
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-27] (ASUSTeK Computer Inc. -> )
S3 asstor64; C:\WINDOWS\System32\drivers\asstor64.sys [84816 2014-03-14] (ASMedia Technology Inc. -> Asmedia Technology)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] (ASUSTeK Computer Inc. -> )
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. -> )
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [2113184 2020-06-18] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [757240 2020-04-30] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22960 2019-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [46056 2020-01-17] (Bitdefender SRL -> © Bitdefender SRL)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-03-26] (Bluestack Systems, Inc -> Bluestack System Inc.)
R1 cbfs5; C:\Windows\system32\drivers\cbfs5.sys [422080 2015-05-22] (EldoS Corporation -> EldoS Corporation)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [453344 2020-06-02] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 GLCKIO2; C:\WINDOWS\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [194712 2020-06-15] (Bitdefender SRL -> BitDefender LLC)
R2 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [185320 2020-09-12] (Bitdefender SRL -> Bitdefender)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-04-05] (Logitech Inc -> Logitech Inc.)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (Windows Central Build Account - X -> MediaTek Inc.)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2014-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 ProtonVPNSplitTunnel; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.SplitTunnelDriver.sys [31584 2020-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R2 RealWoW60; C:\WINDOWS\system32\DRIVERS\RealWoW60.sys [29400 2015-09-09] (Realtek Semiconductor Corp -> Realtek semiconductor corp)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [51776 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0203; C:\WINDOWS\System32\drivers\RzDev_0203.sys [52288 2020-02-17] (Razer USA Ltd. -> Razer Inc)
S3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Razer USA Ltd. -> Windows ® Win 7 DDK provider)
R0 SCMNdisP; C:\WINDOWS\System32\DRIVERS\scmndisp.sys [29472 2012-09-05] (NETGEAR -> SerComm Corporation)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [297984 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R2 speedfan; C:\WINDOWS\SysWoW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2018-01-31] (TunnelBear, Inc. -> The OpenVPN Project)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [47920 2020-02-20] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-02-01] (Windscribe Limited -> The OpenVPN Project)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [638368 2020-01-31] (Bitdefender SRL -> Bitdefender)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 VBAudioHFVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_hfvaio64_win7.sys [33512 2017-06-18] (Vincent Burel -> Windows ® Win 7 DDK provider)
S3 VBAudioVMAUXVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmauxvaio64_win10.sys [71920 2019-10-20] (Vincent Burel -> Windows ® Win 7 DDK provider)
S3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [53128 2018-01-19] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [45408 2018-03-15] (Voicemod Sociedad Limitada -> Windows ® Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45976 2020-07-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [408816 2020-07-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-01] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36832 2017-02-11] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-12-21] (Zemana Ltd. -> Zemana Ltd.)
S3 rzendpt; \SystemRoot\System32\drivers\rzendpt.sys [X]
S3 rzudd; \SystemRoot\System32\drivers\rzudd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-09-13 00:11 - 2020-09-13 00:11 - 000036820 _____ C:\Users\Nasir York\Desktop\FRST.txt
2020-09-13 00:08 - 2020-09-13 00:12 - 000043421 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2020-09-13 00:06 - 2020-09-13 00:06 - 000007079 _____ C:\Users\Nasir York\Desktop\Fixlog.txt
2020-09-12 18:53 - 2020-09-12 18:53 - 000185320 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2020-09-12 18:40 - 2020-09-12 18:40 - 000180724 _____ C:\ProgramData\vpn.1599950413.bdinstall.v2.bin
2020-09-12 18:40 - 2020-09-12 18:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender VPN
2020-09-12 18:40 - 2020-09-12 18:40 - 000000000 ____D C:\ProgramData\Bitdefender VPN
2020-09-12 18:38 - 2020-09-12 18:38 - 000815684 _____ C:\ProgramData\cl.1599950142.bdinstall.v2.bin
2020-09-12 18:38 - 2020-09-12 18:38 - 000105108 _____ C:\ProgramData\cl.kit.1599950140.bdinstall.v2.bin
2020-09-12 18:38 - 2020-09-12 18:38 - 000003420 _____ C:\WINDOWS\system32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2020-09-12 18:37 - 2020-09-12 18:40 - 000000000 ____D C:\Program Files\Bitdefender
2020-09-12 18:37 - 2020-09-12 18:37 - 000002352 _____ C:\Users\Public\Desktop\Bitdefender.lnk
2020-09-12 18:37 - 2020-09-12 18:37 - 000002352 _____ C:\ProgramData\Desktop\Bitdefender.lnk
2020-09-12 18:37 - 2020-09-12 18:37 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\Bitdefender
2020-09-12 18:37 - 2020-09-12 18:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2020-09-12 18:37 - 2020-06-18 13:29 - 002113184 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2020-09-12 18:37 - 2020-06-15 16:10 - 000194712 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2020-09-12 18:37 - 2020-06-02 17:38 - 000453344 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\gemma.sys
2020-09-12 18:37 - 2020-04-30 18:04 - 000757240 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2020-09-12 18:37 - 2020-01-31 17:11 - 000638368 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2020-09-12 18:37 - 2020-01-17 03:03 - 000046056 _____ (© Bitdefender SRL) C:\WINDOWS\system32\Drivers\bdprivmon.sys
2020-09-12 18:37 - 2019-03-21 00:12 - 000022960 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2020-09-12 18:35 - 2020-09-12 18:37 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2020-09-12 18:35 - 2020-09-12 18:35 - 000084260 _____ C:\ProgramData\agent.update.1599950096.bdinstall.v2.bin
2020-09-12 18:09 - 2020-09-12 18:09 - 000003802 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2020-09-12 18:08 - 2020-09-12 18:08 - 000001210 _____ C:\Users\Nasir York\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2020-09-12 18:08 - 2020-09-12 18:08 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2020-09-12 18:07 - 2020-09-12 18:38 - 000000000 ____D C:\Program Files\Bitdefender Agent
2020-09-12 18:07 - 2020-09-12 18:07 - 000115388 _____ C:\ProgramData\agent.1599948421.bdinstall.v2.bin
2020-09-12 18:07 - 2020-09-12 18:07 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2020-09-12 17:49 - 2020-09-12 17:49 - 000027604 _____ C:\ProgramData\uninstalltool.1599947341.11868.bin
2020-09-12 17:49 - 2020-09-12 17:49 - 000001856 _____ C:\ProgramData\uninstalltool.1599947341.9680.bin
2020-09-12 17:48 - 2020-09-12 17:48 - 000000008 __RSH C:\ProgramData\ntuser.pol
2020-09-12 17:46 - 2020-03-12 13:33 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2020-09-12 17:41 - 2020-09-12 17:41 - 002297856 _____ (Farbar) C:\Users\Nasir York\Desktop\FRST64.exe
2020-09-12 17:33 - 2020-09-12 17:33 - 000000000 ____D C:\Users\Nasir York\AppData\Local\OO Software
2020-09-12 17:18 - 2020-09-12 18:03 - 000000309 _____ C:\Users\Nasir York\Desktop\GeektoGo Notes.txt
2020-09-12 13:51 - 2020-09-12 13:51 - 000000837 _____ C:\Users\Nasir York\Desktop\Speccy.lnk
2020-09-12 13:51 - 2020-09-12 13:51 - 000000000 ____D C:\Program Files\Speccy
2020-09-12 13:28 - 2020-09-12 17:56 - 000000000 ____D C:\Users\Nasir York\Desktop\mbar
2020-09-12 13:28 - 2020-09-12 13:45 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-09-12 13:28 - 2020-09-12 13:28 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\2345362E.sys
2020-09-12 13:28 - 2020-09-12 13:28 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2020-09-11 19:40 - 2020-09-13 00:11 - 000000000 ____D C:\FRST
2020-09-11 18:45 - 2020-09-12 05:46 - 000083680 ____H C:\Users\Nasir York\AppData\Local\IconCache.db.backup
2020-09-11 16:35 - 2020-09-11 16:35 - 000000000 ____D C:\Users\Public\Security Sessions
2020-09-11 16:34 - 2020-09-11 16:35 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Avira
2020-09-11 16:34 - 2020-09-11 16:34 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2020-09-11 16:33 - 2020-09-12 16:54 - 000000000 ____D C:\ProgramData\Avira
2020-09-10 02:29 - 2020-09-10 02:29 - 001494867 _____ C:\Users\Nasir York\Desktop\SATStudentScoreReport_1599719389248.pdf
2020-09-08 16:36 - 2020-09-08 16:36 - 000860064 _____ C:\Users\Nasir York\Desktop\BROMFIELDDIANAR2018.pdf
2020-09-07 13:49 - 2020-09-07 13:49 - 000000651 _____ C:\Users\Public\Desktop\Webull Desktop.lnk
2020-09-07 13:49 - 2020-09-07 13:49 - 000000651 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webull Desktop.lnk
2020-09-07 13:49 - 2020-09-07 13:49 - 000000651 _____ C:\ProgramData\Desktop\Webull Desktop.lnk
2020-09-07 13:49 - 2020-09-07 13:49 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\Webull Desktop
2020-09-07 13:49 - 2020-09-07 13:49 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\upgradecache
2020-09-04 22:08 - 2020-09-04 22:08 - 000001106 _____ C:\Users\Nasir York\Desktop\On-Screen Keyboard (2).lnk
2020-09-04 17:30 - 2020-09-04 17:30 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Epic Games
2020-09-03 18:18 - 2020-09-03 18:18 - 000000260 _____ C:\Users\Nasir York\Desktop\Spellbreak.url
2020-09-03 14:51 - 2020-09-06 14:05 - 000000131 _____ C:\Users\Nasir York\Desktop\Stonks.txt
2020-08-28 00:10 - 2020-08-28 00:10 - 000000000 ____D C:\Users\Nasir York\AppData\LocalLow\Innersloth
2020-08-26 19:27 - 2020-08-26 19:28 - 000059797 _____ C:\Users\Nasir York\Desktop\Nasir York Official Resume - Google Docs.pdf
2020-08-22 03:03 - 2020-08-22 03:03 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-08-20 01:34 - 2020-08-13 19:59 - 001371344 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-08-20 01:34 - 2020-08-13 19:59 - 001371344 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-08-20 01:34 - 2020-08-13 19:58 - 001780944 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-08-20 01:34 - 2020-08-13 19:58 - 001780944 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-08-20 01:34 - 2020-08-13 19:58 - 001086672 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-08-20 01:34 - 2020-08-13 19:58 - 001086672 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-08-20 01:34 - 2020-08-13 19:58 - 000946392 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-08-20 01:34 - 2020-08-13 19:58 - 000946392 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-08-20 01:34 - 2020-08-13 19:58 - 000455400 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-08-20 01:34 - 2020-08-13 19:58 - 000349928 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-08-20 01:34 - 2020-08-13 19:56 - 000816376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-08-20 01:34 - 2020-08-13 19:56 - 000675216 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-08-20 01:34 - 2020-08-13 19:56 - 000541928 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 002078104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 001570720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 001485544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 001146256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 000811256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 000669432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 000656792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-08-20 01:34 - 2020-08-13 19:55 - 000555936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-08-20 01:34 - 2020-08-13 19:54 - 006653328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-08-20 01:34 - 2020-08-13 19:54 - 005882600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-08-20 01:34 - 2020-08-13 19:54 - 003916688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-08-20 01:34 - 2020-08-13 19:54 - 002376080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-08-20 01:34 - 2020-08-13 19:54 - 001722088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6445206.dll
2020-08-20 01:34 - 2020-08-13 19:54 - 001482992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6445206.dll
2020-08-20 01:34 - 2020-08-13 19:51 - 005395088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-08-20 01:34 - 2020-08-13 19:51 - 004707696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-08-20 01:34 - 2020-08-12 21:43 - 001682368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2020-08-20 01:34 - 2020-08-12 21:43 - 000222112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2020-08-20 01:34 - 2020-08-12 21:43 - 000058596 _____ C:\WINDOWS\system32\nvinfo.pb
2020-08-20 01:34 - 2020-08-12 21:43 - 000039824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2020-08-20 01:29 - 2020-06-23 10:20 - 002754024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2020-08-20 01:29 - 2020-06-23 10:20 - 002122216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2020-08-20 01:29 - 2020-03-04 08:54 - 001804784 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2020-08-20 01:29 - 2020-03-04 08:54 - 000050592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys
2020-08-20 01:25 - 2020-08-20 01:25 - 000000000 ____D C:\Program Files\Razer
2020-08-18 15:41 - 2020-09-11 18:46 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\Zoom
2020-08-18 02:17 - 2020-08-18 02:17 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\AEJuice
2020-08-17 01:53 - 2020-08-17 01:59 - 000000000 ____D C:\Users\Nasir York\AppData\Local\VideoCopilot
2020-08-17 00:24 - 2020-08-17 00:25 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\MotionBro Preferences
2020-08-16 23:54 - 2020-08-17 00:27 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\ZXPInstaller
2020-08-16 20:22 - 2020-08-16 20:22 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2020-08-16 20:22 - 2020-08-16 20:22 - 000000003 _____ C:\WINDOWS\system32\wdbcache.tmp
2020-08-16 13:02 - 2020-08-16 13:02 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogui.exe
2020-08-15 17:19 - 2020-08-15 17:19 - 000000842 _____ C:\Users\Nasir York\Desktop\Adobe Premiere Pro 2020.lnk
2020-08-15 17:19 - 2020-08-15 17:19 - 000000842 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2020.lnk
2020-08-15 16:24 - 2020-08-15 16:24 - 000000724 _____ C:\Users\Nasir York\Desktop\Twitch.lnk
2020-08-15 16:24 - 2020-08-15 16:24 - 000000724 _____ C:\Users\Nasir York\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk
2020-08-15 16:24 - 2020-08-15 16:24 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\Twitch
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-09-13 00:09 - 2019-03-19 00:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-13 00:09 - 2017-04-24 00:41 - 000000000 ____D C:\ProgramData\NVIDIA
2020-09-13 00:08 - 2019-09-28 03:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-13 00:08 - 2019-03-19 00:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-09-13 00:07 - 2016-01-31 14:28 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\discord
2020-09-13 00:06 - 2016-05-04 19:17 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Battle.net
2020-09-12 23:52 - 2019-09-28 03:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-12 19:17 - 2019-09-28 13:24 - 000000000 ____D C:\Users\Nasir York\AppData\Local\D3DSCache
2020-09-12 19:01 - 2019-09-28 03:10 - 000871060 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-12 19:01 - 2019-03-19 00:50 - 000000000 ____D C:\WINDOWS\INF
2020-09-12 18:55 - 2017-04-24 00:41 - 000000000 ____D C:\ProgramData\Razer
2020-09-12 18:55 - 2017-04-24 00:40 - 000000000 ____D C:\Program Files (x86)\Razer
2020-09-12 18:55 - 2015-12-27 22:16 - 000000000 ____D C:\Users\Nasir York\AppData\Local\CrashDumps
2020-09-12 18:54 - 2016-08-19 20:30 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Razer
2020-09-12 18:53 - 2020-07-28 14:46 - 000000000 ____D C:\ProgramData\Bitdefender
2020-09-12 18:53 - 2018-09-26 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2020-09-12 18:52 - 2015-12-27 23:54 - 000000000 ____D C:\ProgramData\Origin
2020-09-12 18:52 - 2015-12-27 23:54 - 000000000 ____D C:\ProgramData\Electronic Arts
2020-09-12 18:48 - 2015-12-26 17:01 - 000000000 ____D C:\Program Files (x86)\Google
2020-09-12 18:47 - 2020-07-18 15:12 - 000000000 ____D C:\Program Files (x86)\LightingService
2020-09-12 18:47 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-12 18:47 - 2017-10-29 12:44 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Packages
2020-09-12 18:47 - 2017-04-24 00:41 - 000000000 ____D C:\Program Files\ASUS
2020-09-12 18:47 - 2015-12-26 17:05 - 000000000 ____D C:\ProgramData\Package Cache
2020-09-12 18:46 - 2017-04-24 00:41 - 000000000 ____D C:\Program Files (x86)\ASUS
2020-09-12 18:44 - 2018-11-13 21:16 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Akamai
2020-09-12 18:37 - 2019-03-19 00:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-09-12 18:36 - 2019-03-19 00:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-09-12 17:51 - 2020-04-12 19:25 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Bluestacks
2020-09-12 17:44 - 2015-12-26 18:01 - 000000000 _____ C:\WINDOWS\Path.idx
2020-09-12 17:43 - 2019-03-19 00:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-09-12 17:41 - 2015-07-10 07:04 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2020-09-12 17:15 - 2016-02-27 15:38 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2020-09-12 17:15 - 2016-02-27 15:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2020-09-12 17:09 - 2015-12-26 17:41 - 001048576 _____ C:\WINDOWS\PE_Rom.dll
2020-09-12 16:59 - 2016-04-24 21:17 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Windows Live
2020-09-12 16:59 - 2016-04-24 21:17 - 000000000 ____D C:\Program Files (x86)\Windows Live
2020-09-12 16:59 - 2016-04-24 21:17 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2020-09-12 16:56 - 2017-09-15 17:45 - 000000000 ____D C:\Program Files\Intel Driver Update Utility
2020-09-12 16:56 - 2015-12-26 17:38 - 000000000 ____D C:\Program Files (x86)\Java
2020-09-12 16:56 - 2015-12-26 17:05 - 000000000 ____D C:\Program Files\Intel
2020-09-12 16:51 - 2019-09-28 03:11 - 000000000 ____D C:\Users\Nasir York
2020-09-12 13:28 - 2015-12-28 02:15 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-09-12 00:13 - 2016-08-19 20:28 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2020-09-11 19:05 - 2020-07-18 14:24 - 000550634 _____ C:\WINDOWS\ntbtlog.txt
2020-09-11 18:46 - 2019-09-28 03:08 - 004099168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-09-11 18:29 - 2019-12-13 19:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Apple
2020-09-11 18:29 - 2019-09-28 03:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-412816286-677371127-1562832458-1001
2020-09-11 18:29 - 2019-09-28 03:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2020-09-11 17:01 - 2015-12-28 19:01 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Ubisoft Game Launcher
2020-09-11 16:52 - 2019-03-19 00:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-11 16:48 - 2020-07-20 00:14 - 000000000 ____D C:\Program Files (x86)\Proton Technologies
2020-09-11 16:45 - 2019-12-19 07:28 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Opera Software
2020-09-11 13:46 - 2020-08-03 13:28 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-11 04:11 - 2020-06-21 14:05 - 000002577 _____ C:\Users\Nasir York\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary.lnk
2020-09-10 22:26 - 2020-07-30 17:24 - 000000000 ___RD C:\Users\Nasir York\Dropbox
2020-09-10 21:24 - 2018-09-27 19:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-09-10 21:24 - 2016-01-11 22:35 - 000000000 ____D C:\Program Files\Microsoft Office
2020-09-10 14:33 - 2018-06-26 13:57 - 000000000 ____D C:\Users\Nasir York\AppData\Local\Discord
2020-09-09 03:51 - 2020-08-03 19:55 - 000000636 _____ C:\Users\Nasir York\Desktop\College.txt
2020-09-04 17:30 - 2020-08-02 23:40 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\EasyAntiCheat
2020-09-04 00:33 - 2016-05-04 19:16 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-09-03 21:51 - 2018-10-02 19:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex
2020-08-22 19:14 - 2015-12-27 22:14 - 000000000 ____D C:\Users\Nasir York\AppData\Local\NVIDIA
2020-08-21 15:37 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-08-20 01:29 - 2017-04-24 00:41 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-08-20 01:29 - 2017-04-24 00:41 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-08-20 01:29 - 2017-04-24 00:41 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-08-18 21:11 - 2016-01-11 18:57 - 000000000 ____D C:\Program Files\Adobe
2020-08-18 21:11 - 2016-01-04 05:14 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-08-18 02:17 - 2015-12-26 16:55 - 000000000 ____D C:\Users\Nasir York\AppData\Roaming\Adobe
2020-08-17 18:19 - 2015-12-26 17:42 - 000000000 ____D C:\ProgramData\Adobe
2020-08-17 01:15 - 2020-07-23 13:45 - 000000950 _____ C:\Users\Nasir York\Desktop\Adobe After Effects 2020.lnk
2020-08-16 13:02 - 2019-03-19 00:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-08-14 04:07 - 2019-03-19 02:23 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-08-14 04:07 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-08-14 04:07 - 2019-03-19 00:37 - 000000000 ____D C:\WINDOWS\servicing
 
==================== Files in the root of some directories ========
 
2018-10-14 21:58 - 2018-10-14 21:58 - 000000260 _____ () C:\ProgramData\fontcacheev1.dat
2015-12-26 17:36 - 2015-12-26 17:36 - 000000138 _____ () C:\Program Files\IntelRemoteWakeAgent.ini
2020-06-20 00:13 - 2020-06-20 00:13 - 000000132 _____ () C:\Users\Nasir York\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
2019-10-26 20:20 - 2020-07-21 03:23 - 000000132 _____ () C:\Users\Nasir York\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-10-03 19:58 - 2017-10-03 20:03 - 000683808 _____ () C:\Users\Nasir York\AppData\Roaming\AvidCloudClientServices_Install.log
2020-07-20 12:39 - 2020-08-06 21:21 - 000000028 _____ () C:\Users\Nasir York\AppData\Roaming\kulerdata.json
2015-12-30 10:37 - 2016-01-02 20:23 - 000012523 _____ () C:\Users\Nasir York\AppData\Roaming\SpeedRunnersLog.txt
2017-06-18 20:25 - 2017-11-11 12:12 - 000004521 _____ () C:\Users\Nasir York\AppData\Roaming\VoiceMeeterDefault.xml
2020-06-20 00:08 - 2020-06-20 00:08 - 000001456 _____ () C:\Users\Nasir York\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-01-03 07:27 - 2016-01-03 07:27 - 001065984 _____ () C:\Users\Nasir York\AppData\Local\file__0.localstorage
2019-08-03 18:30 - 2019-08-03 18:34 - 000007057 _____ () C:\Users\Nasir York\AppData\Local\krita.log
2019-08-03 18:34 - 2019-08-03 18:34 - 000000039 _____ () C:\Users\Nasir York\AppData\Local\kritadisplayrc
2019-08-03 18:30 - 2019-08-03 18:34 - 000016136 _____ () C:\Users\Nasir York\AppData\Local\kritarc
2018-09-26 18:30 - 2018-09-26 18:30 - 000000000 _____ () C:\Users\Nasir York\AppData\Local\oobelibMkey.log
2020-06-25 01:55 - 2020-06-25 01:55 - 000000218 _____ () C:\Users\Nasir York\AppData\Local\recently-used.xbel
2017-07-13 17:13 - 2020-04-11 19:03 - 000007602 _____ () C:\Users\Nasir York\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================

  • 0

#11
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,142 posts
  • MVP

Only thing I see now is your Windows Update is broken.  Appears that the registry entry is missing some key entries.  To repair it you can download the attached wuauserv.reg file, save it then right click on it and merge.  Attached File  wuauserv.reg   9.95KB   9 downloads

 

Reboot.

 

Search for

services.msc

hit Enter

scroll down in the services window and find Windows Update and click on it.  If the Service is not running there will be a Start button in the upper left.  Press it.  Does it start?

 

If that works

Go to Settings, Update and Security, Check for Updates

Does it find anything?

 

You are running Version 1903.  With an SSD you should be at 1909.  Hopefully we will get 2004 in the near future.  SSD systems have been delayed because of a problem with Optimizing (defrag).  You can try forcing the 2004 update.

 

Go to

https://www.microsof...nload/windows10

 

Click on Update Now then download, Save and right click and Run As Admin.  Follow the prompts.

 

If it works (and it may not with only 25 GB free) you should right click on your C: drive and select Properties then Tools.  Select Optimize, Change Settings, Choose then uncheck the C: OK.

 

To remove FRST and all of its files:

 

right click on FRST.exe or FRST64.exe (whichever you used) and rename it to uninstall.exe.  Then right click on uninstall.exe and Run as Admin.

Uninstall Speccy and delete its logs.

 

 


  • 0

#12
nasirnasir1

nasirnasir1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

The problem is fixed thank you so much for all of the support


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP