Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs

Reply
 
Topic Tools
  #1  
Old December 15th, 2020, 05:03 AM
jodys67 jodys67 is offline
Member
 
Join Date: Jan 2005
Posts: 93
Running slow

I have a machine running very slow. What do I do to help you help me?

Thank you so much!
Reply With Quote
  #2  
Old December 15th, 2020, 04:58 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,284
Hi jodys67,

Slowness doesn't always mean malware involvement, but let's take a look.


For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to the desktop.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to the desktop.

Please run it and click Scan, post back with the 2 logfiles.
Reply With Quote
  #3  
Old December 16th, 2020, 08:11 PM
jodys67 jodys67 is offline
Member
 
Join Date: Jan 2005
Posts: 93
1st half of log 1 of 2 (4 total posts)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by selmi (administrator) on LAPTOP-GDUKT0K9 (ASUSTeK COMPUTER INC. Zephyrus G GU502DU_GA502DU) (16-12-2020 12:59:41)
Running from C:\Users\selmi\Dropbox\My PC (LAPTOP-GDUKT0K9)\Downloads
Loaded Profiles: selmi
Platform: Windows 10 Home Version 2004 19041.630 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted)

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_ x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u03 44838.inf_amd64_b53db069165c20dc\B344480\atieclxx. exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u03 44838.inf_amd64_b53db069165c20dc\B344480\atiesrxx. exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\M ouse\ROG STRIX CARRY\P508PowerAgent.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgen t.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\A rmourySocketServer.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSLinkRemote\As usLinkRemote.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSSoftwareManag er\AsusSoftwareManagerAgent.exe
(ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\USB Charger Plus Service\USBChargerService.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSLinkNear\Asus LinkNear.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSLinkNear\Asus LinkNearExt.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSOptimization\ AsusOptimization.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSOptimization\ AsusOptimizationStartupTask.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSOptimization\ AsusOSD.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSSoftwareManag er\AsusSoftwareManager.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSSystemAnalysi s\AsusSystemAnalysis.exe
(ASUSTek Computer Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
(ASUSTeK COMPUTER INC.) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_2.3.7.0 _x64__qmba6cd70vzyy\TrayIcons\SysTray.exe
(ASUSTek COMPUTER INC.) C:\Program Files\WindowsApps\b9eced6f.usbchargerplus_5.0.9.0_ x86__qmba6cd70vzyy\USBChargerPlus\USBChargerPlus.e xe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(A-Volute -> Nahimic) C:\Windows\System32\NahimicService.exe
(A-Volute -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(A-Volute -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <36>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.e xe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64 .exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.1 3426.20308.0_x86__8wekyb3d8bbwe\Office16\SDXHelper Bgt.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_16005.13426.20316.0_x64__8wekyb3d8bbwe\HxOutlo ok.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_16005.13426.20316.0_x64__8wekyb3d8bbwe\HxTsr.e xe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.100 1.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.42 0.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.42 0.11102.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.ex e
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.621_non e_e7694895260e0b6d\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSSystemDiagnos is\AsusSystemDiagnosis.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nva m.inf_amd64_f92a5acfce8259e8\Display.NvContainer\N VDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\PMA_A\PMA.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\PMA_A\PMAService.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [339464 2017-01-17] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [664872 2020-03-03] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2091064 2020-07-17] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5866032 2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [670856 2020-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [896136 2020-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [795744 2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [460384 2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-06-05] (Adobe Inc. -> )
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81373696 2020-08-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [677512 2020-07-25] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\selmi\AppData\Local\Microsoft\Teams\Updat e.exe [2453688 2020-11-19] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\Run: [PTOneClick] => C:\Users\selmi\AppData\Local\Webex\Webex\Applicati ons\ptoneclk.exe [7742784 2020-07-30] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3377440 2020-07-31] (Valve -> Valve Corporation)
HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\Run: [EPSDNMON] => C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE [346712 2020-07-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2630712 2020-07-17] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\selmi\AppData\Local\Microsoft\OneDrive\U pdate\OneDriveSetup.exe"
HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\selmi\AppData\Local\Microsoft\OneDrive\S tandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\RunOnce: [Uninstall 20.169.0823.0008\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\selmi\AppData\Local\Microsoft\OneDrive\2 0.169.0823.0008\amd64"
HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\RunOnce: [Uninstall 20.169.0823.0008] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\selmi\AppData\Local\Microsoft\OneDrive\2 0.169.0823.0008"
HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\Policies\Explorer: []
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65496 2020-10-22] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\EPSON PC-FAX Driver2 64Monitor: C:\Windows\system32\EFXLM16A.DLL [182784 2020-04-20] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON WF-7720 Series 64MonitorBE: C:\Windows\system32\E_YLMBSAE.DLL [182784 2016-08-01] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\HP C611 Status Monitor: C:\Windows\system32\hpinkstsC611LM.dll [333344 2013-05-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Insta ller\chrmstp.exe [2020-12-02] (Google LLC -> Google LLC)
Startup: C:\Users\selmi\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\GenuineService.lnk [2019-10-11]
ShortcutTarget: GenuineService.lnk -> C:\Users\selmi\Autodesk\Genuine Service\GenuineService.exe (Autodesk, Inc. -> Autodesk)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {004CD9A3-5224-4969-B0B4-DF4D479FC5F1} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-03-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {032243c0-3cee-4b25-8bb1-cb23c09d48b2} - no filepath
Task: {04FF5772-8A5C-41F0-8F6A-CEC8B152975C} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2019-10-11] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {080E0A4F-6F9B-4123-94B5-63D55E58B671} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [38805911 2019-02-21] (ASUSTek Computer Inc.) [File not signed] [File is in use]
Task: {0a0972c1-8349-443f-a3f0-a7c124f16181} - no filepath
Task: {0a4a84a2-e12e-4e04-b67d-86b7992fc6b4} - no filepath
Task: {0BFA1FFE-D232-4FF8-8083-4552A17E031E} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE195 2-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790568 2019-03-22] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck .log
Task: {0c27d3e7-ea12-4304-9df2-108d69a29401} - no filepath
Task: {147466c0-ba7f-42fb-9fac-e3952201504d} - no filepath
Task: {18430388-9ef9-44bc-bf7d-0ff3b85fb541} - no filepath
Task: {19365853-04DA-418E-812F-9DF21414191A} - System32\Tasks\USBChargerPlusUWP => C:\Program Files (x86)\ASUS\USB Charger Plus Service\StartupUSBChargerPlus.exe [150416 2018-07-04] (ASUSTeK Computer Inc. -> )
Task: {1b1ef2e6-4cb2-4e7f-bdeb-8b6d98b2529a} - no filepath
Task: {224219D7-DC4E-464B-B6DB-AC66EEF4A02D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {246e089f-adcf-46ef-9505-f87ec6e3ff10} - no filepath
Task: {25e4916f-5700-4e79-8a2c-bb5d2dc6d19d} - no filepath
Task: {26B990C4-CB7A-41A5-979D-003B1A107D07} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2777BF07-E860-48A9-A6D3-FE5350B4D077} - System32\Tasks\G2MUpdateTask-S-1-5-21-2922445582-2401891900-2880202809-1001 => C:\Users\selmi\AppData\Local\GoToMeeting\18962\g2m update.exe [31320 2020-10-22] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {29BB5C2E-5334-410B-8408-E9F7E248284F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3724328 2019-03-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2e12c9d3-f682-451a-95d6-be9bf08b6d36} - no filepath
Task: {2e1c8643-14b9-4c05-8045-b3bc88258ff0} - no filepath
Task: {2EE4BACF-8E7B-42EB-89CA-748AE4849012} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d4fa 5c876e979b => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2019-10-11] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {2f02de03-e4c1-4599-8a09-ebaaee3559cb} - no filepath
Task: {31C0A4FF-B7E4-4345-A897-127D50693797} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSSoftwareManag er\AsusUpdateChecker.exe [693176 2020-11-18] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {35BC09BF-2643-4DBF-B066-878E00D148DC} - System32\Tasks\NahimicSvc32Run => C:\WINDOWS\SysWOW64\NahimicSvc32.exe [824744 2020-07-03] (A-Volute -> Nahimic)
Task: {38adccfb-6671-41e6-b46c-8fbbc52cbe65} - no filepath
Task: {43C32AE8-AFAB-44E8-9A32-34EC925C6E66} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-11] (Google Inc -> Google LLC)
Task: {445B7D53-62CE-4BFC-9EE8-7B84D79D9243} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [840744 2019-03-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4479D510-44E5-466F-98DE-A7D1706CF0C1} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-03-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4DCCC4C1-8083-4681-A14D-57E84F74E804} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\RtkAudUService64.exe [976888 2019-10-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {4f3cd37c-625d-4fba-87f8-4255e846ab13} - no filepath
Task: {4F878DFD-66B7-4F3A-9071-07218FE1C822} - System32\Tasks\EPSON WF-7720 Series Update {7CB1F12D-92FD-4DC5-B31F-E82A96560FF7} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSSAE.E XE [690536 2013-11-21] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {51ae34b9-3b63-4d83-9f59-626932a0a623} - no filepath
Task: {533B103E-06E3-4CE8-AFFC-60DAA05B9FE7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {58cfc4c9-5f9a-4eee-b670-be1bc6821f96} - no filepath
Task: {58fab492-5f5a-43a7-966b-0911900bf923} - no filepath
Task: {5AAFBE39-F11A-4099-B074-ECB4B79E8075} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790568 2019-03-22] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck .log
Task: {5E58A908-AD3C-46B3-8541-206BFEA6FB46} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\M ouse\ROG STRIX CARRY\P508PowerAgent.exe [48840 2019-08-12] (ASUSTeK Computer Inc. -> )
Task: {61896dab-45f2-47de-a610-813d3334aa9c} - no filepath
Task: {6A757006-AE43-4886-AFC8-1898106AE64B} - System32\Tasks\ASUS Promotion => C:\Program Files\ASUS\ASUS Promotion\ASUS Promotion.exe [787936 2018-09-06] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {73123025-08c4-4009-9b01-19b8a1374d16} - no filepath
Task: {77CF2365-B06D-44E5-9CB7-4F2A80B311AF} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\A rmourySocketServer.exe [1608920 2019-08-20] (ASUSTeK Computer Inc. -> ASUS)
Task: {794f2e0a-ef02-403d-a506-a6e78d331e9e} - no filepath
Task: {7b0a467c-a1bd-4236-9c12-b346de4c58b1} - no filepath
Task: {7D0DAA55-0DAE-4301-A526-FBC116AAEE8E} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-03-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7f022956-e27c-4a96-97c0-7069bf7d1b12} - no filepath
Task: {7f76b4ee-088e-4db1-96b9-cc80af719955} - no filepath
Task: {9162E1A1-98CF-47D8-B896-9C484CABEBB0} - System32\Tasks\NahimicSvc64Run => C:\WINDOWS\system32\NahimicSvc64.exe [1066920 2020-07-03] (A-Volute -> Nahimic)
Task: {933D3761-DF63-4F72-8936-F69D75480217} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1066920 2020-07-03] (A-Volute -> Nahimic)
Task: {9AC5C269-396C-41F0-B13F-268106FC4E38} - System32\Tasks\WD Device Agent Task selmi => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [717824 2020-08-08] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {9AD62231-0221-4051-8FBD-B81CE7D3CB49} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [840744 2019-03-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9c971d6a-9c2b-4c54-9880-07adad20055f} - no filepath
Task: {9d7f1b50-0228-4ce9-9bc6-d1f77dcbeacb} - no filepath
Task: {a07a552a-7091-4698-b895-9a5b5f92f95e} - no filepath
Task: {a2f4d5d6-3837-4b8c-a9b0-a9ee22277cfb} - no filepath
Task: {A6BC8BB9-CF13-4B96-B299-84C7A31386E4} - System32\Tasks\GameFirstV => C:\Program Files (x86)\ASUS\GameFirst\\GameFirst_V.exe [411512 2019-01-16] (Apex Titan Technology Corp. -> ASUS)
Task: {a7304234-1ab6-4ac9-aa6e-5291106577e9} - no filepath
Task: {ad39a39b-c584-4d94-9edb-7b6f38da9624} - no filepath
Task: {AD8458ED-4F43-446E-9EF9-672910A7DF73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-11] (Google Inc -> Google LLC)
Task: {ADB6142B-D9DE-48A6-8A45-D29D9E2EBA56} - System32\Tasks\WD Discovery Service Task selmi => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryServi ce.exe [72704 2020-08-08] (Western Digital Technologies, Inc. -> )
Task: {b0e68e3b-0216-4c73-a507-e42750579b2b} - no filepath
Task: {B2BDDDD7-C164-4A00-A54E-4CEEF1EC15B3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [702504 2019-03-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B3279AEC-8915-4FE7-870C-E1DCA3F90DE2} - System32\Tasks\Microsoft\Windows\PLA\074C0539-0999-4DA9-9D0D-3D016B62F4E9 => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\WINDOWS\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {B75EBC71-18C6-4E7E-8560-9F7367D7D36F} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {b86b9056-940d-4af2-85de-b418eabf9e16} - no filepath
Task: {b98163e4-3361-4a76-84a0-17c99223d942} - no filepath
Task: {BA1BD9F0-AB9B-4D31-A532-CFD01094F5C3} - System32\Tasks\EPSON WF-7720 Series Update {079F49F6-EEDA-434E-A75A-AB2BD8DCC62E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSSAE.E XE [690536 2013-11-21] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {bb3fd30d-12f4-49a6-9617-748984486901} - no filepath
Task: {c1771be0-d63f-4e35-8edf-82a79e87e525} - no filepath
Task: {c7107885-7fd2-4b22-8aca-49c63937ecb7} - no filepath
Task: {c755fea0-d3b0-4b6d-a9f8-9d89be3df3ff} - no filepath
Task: {cbcb2be8-f700-4ddc-a3a5-ed0ba9a152f6} - no filepath
Task: {cc125493-f777-44bb-9975-123894305e32} - no filepath
Task: {CE42AF39-5A2F-40CB-B824-12E2FB381631} - System32\Tasks\G2MUploadTask-S-1-5-21-2922445582-2401891900-2880202809-1001 => C:\Users\selmi\AppData\Local\GoToMeeting\18962\g2m upload.exe [31320 2020-10-22] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {cf962a19-aad2-4e82-8ddc-98d25c69b8eb} - no filepath
Task: {D2811CEC-76A0-478F-8A03-2AAB890F6455} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSOptimization\ AsusHotkeyExec.exe [222648 2020-11-18] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {D5FA48A7-5902-491B-8713-1F0490D336C3} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSSystemAnalysi s\AsusSystemAnalysis.exe [2166712 2020-11-18] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {D9074CB3-CCDB-468E-A041-EC3A29F73BE4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D989D470-F83E-486D-9B49-3282E99810D5} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572456 2019-03-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DA5517CC-98A3-4C55-BA81-B16A7F671A44} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-03-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {de4c8a1a-9b42-46d3-a783-903a19b80410} - no filepath
Task: {de865bf4-e726-4c36-9f7a-055ca76e9530} - no filepath
Task: {e1052c3e-cf7b-48b7-9424-1a03d3afbc60} - no filepath
Task: {E11715B5-6C28-4B20-9AE5-9AAE76037F45} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E4E6F3FE-49A4-4E62-8E4A-B25DB69E71EB} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [824744 2020-07-03] (A-Volute -> Nahimic)
Task: {eb5f2c19-719c-4fa9-b0ab-0d67be74ea17} - no filepath
Task: {EDFC5220-F5B0-48D3-B5C0-B3540258C09C} - System32\Tasks\Microsoft\Windows\PLA\AsusLinkNear => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\WINDOWS\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {f0afabb5-eede-4e76-a87d-3f44f2e45faf} - no filepath
Task: {f70d1f9f-463d-43af-ab3c-e9933898290a} - no filepath

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\EPSON WF-7720 Series Update {079F49F6-EEDA-434E-A75A-AB2BD8DCC62E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSSAE.E XE:/EXE:{079F49F6-EEDA-434E-A75A-AB2BD8DCC62E} /F:UpdateWORKGROUP\LAPTOP-GDUKT0K9$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-7720 Series Update {7CB1F12D-92FD-4DC5-B31F-E82A96560FF7}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSSAE.E XE:/EXE:{7CB1F12D-92FD-4DC5-B31F-E82A96560FF7} /F:UpdateWORKGROUP\LAPTOP-GDUKT0K9$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2922445582-2401891900-2880202809-1001.job => C:\Users\selmi\AppData\Local\GoToMeeting\18962\g2m update.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2922445582-2401891900-2880202809-1001.job => C:\Users\selmi\AppData\Local\GoToMeeting\18962\g2m upload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.104.151.51
Tcpip\..\Interfaces\{a45c0aa7-ff75-4069-b695-9c5dd8800619}: [DhcpNameServer] 10.104.151.51
Tcpip\..\Interfaces\{e003360e-0453-4125-bba0-75713488998c}: [DhcpNameServer] 192.168.42.129

Edge:
======
DownloadDir: C:\Users\selmi\Downloads
Edge Notifications: HKU\S-1-5-21-2922445582-2401891900-2880202809-1001 -> hxxps://www.facebook.com
Edge DefaultProfile: Default
Edge Profile: C:\Users\selmi\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-09]
Edge DownloadDir: C:\Users\selmi\Downloads
Edge Notifications: Default -> hxxps://www.facebook.com
Edge StartupUrls: Default -> "hxxps://www.google.com/?gws_rd=ssl"

FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_ex tn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_ex tn\adobe_acrobat-1.0-windows.xpi [2019-07-31]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_ex tn\adobe_acrobat-1.0-windows.xpi
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-07-17] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @tools.asus.com/ASUS Update;version=3 -> C:\Program Files (x86)\ASUS\Update\1.3.107.33\npAsusUpdate3.dll [No File]
FF Plugin-x32: @tools.asus.com/ASUS Update;version=9 -> C:\Program Files (x86)\ASUS\Update\1.3.107.33\npAsusUpdate3.dll [No File]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-07-17] (Adobe Inc. -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\selmi\AppData\Local\Google\Chrome\User Data\Default [2020-12-16]
CHR Extension: (Slides) - C:\Users\selmi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2019-10-11]
CHR Extension: (Docs) - C:\Users\selmi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2019-10-11]
CHR Extension: (Google Drive) - C:\Users\selmi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2020-10-28]
CHR Extension: (YouTube) - C:\Users\selmi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2019-10-11]
CHR Extension: (Adobe Acrobat) - C:\Users\selmi\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefi ndmkaj [2020-12-15]
CHR Extension: (Sheets) - C:\Users\selmi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2019-10-11]
CHR Extension: (Google Docs Offline) - C:\Users\selmi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2020-11-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\selmi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2019-10-11]
CHR Extension: (Gmail) - C:\Users\selmi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\selmi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm [2020-11-19]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1046904 2020-03-04] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844856 2020-06-20] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2019-10-11] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSLinkNear\Asus LinkNear.exe [1082808 2020-11-18] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSLinkNearExt; C:\WINDOWS\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSLinkNear\Asus LinkNearExt.exe [142264 2020-11-18] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSLinkRemote\As usLinkRemote.exe [790968 2020-11-18] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.​)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2019-10-11] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSOptimization\ AsusOptimization.exe [311224 2020-11-18] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSSoftwareManag er\AsusSoftwareManager.exe [797112 2020-11-18] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSSystemAnalysi s\AsusSystemAnalysis.exe [2166712 2020-11-18] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSSystemDiagnos is\AsusSystemDiagnosis.exe [600480 2020-11-18] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R2 Epson PMAService A; C:\Program Files (x86)\Epson Software\PMA_A\PMAService.exe [113144 2017-03-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2017-03-10] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [2701728 2020-07-03] (A-Volute -> Nahimic)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2523448 2020-12-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3478336 2020-12-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 RefreshRateService; C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe [29696 2019-01-10] () [File not signed]
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [2726912 2020-11-02] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 USBChargerService; C:\Program Files (x86)\ASUS\USB Charger Plus Service\USBChargerService.exe [120720 2018-07-04] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nva m.inf_amd64_f92a5acfce8259e8\Display.NvContainer\N VDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSyste m.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nva m.inf_amd64_f92a5acfce8259e8\Display.NvContainer\p lugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [31032 2018-07-04] (WDKTestCert Jie,131315143419111253 -> ASUSTek Computer Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ASUSSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSSystemAnalysi s\ASUSSAIO.sys [36792 2020-11-18] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSOptimization\ atkwmiacpi64.sys [44696 2020-11-18] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
S3 f5ipfw; C:\WINDOWS\system32\drivers\urfltv64.sys [34536 2019-06-20] (F5 Networks, Inc. -> F5 Networks, Inc.)
S3 GLCKIO2; C:\Program Files (x86)\ASUS\ROG Live Service\690b33e1-0462-4e84-9bea-c7552b45432b.sys [19392 2019-04-23] (ASUSTeK Computer Inc. -> )
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R3 ITEUcmCxClient; C:\WINDOWS\System32\drivers\ITEUcmCxClient.sys [96752 2019-02-26] (ITE Tech. Inc. -> ITE Tech. Inc.)
S3 KMWDFILTER; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [30208 2009-04-29] (MLK Technologies Limited -> Windows (R) Codename Longhorn DDK provider)
R1 netfilter21573; C:\WINDOWS\System32\drivers\netfilter21573.sys [104128 2018-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 urvpndrv; C:\WINDOWS\System32\drivers\covpnv64.sys [57736 2019-06-20] (F5 Networks Inc -> F5 Networks, Inc.)
R1 vbdenum; C:\WINDOWS\System32\drivers\vbdenum.sys [119432 2019-07-24] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-16 12:59 - 2020-12-16 13:00 - 000000000 ____D C:\FRST
2020-12-01 23:47 - 2020-12-01 23:47 - 002671254 _____ C:\Users\selmi\Downloads\Yellow and Black Geometric Pattern Company Meeting Presentation (2).pptx
2020-12-01 11:44 - 2020-12-01 11:44 - 006905063 _____ C:\Users\selmi\Downloads\Untitled.pdf
2020-12-01 08:44 - 2020-12-01 08:44 - 000167670 _____ C:\Users\selmi\Downloads\EligibilityResultsNotice (1).pdf
2020-11-30 19:21 - 2020-11-30 19:21 - 000225728 _____ C:\Users\selmi\Downloads\Job Board 11.25.20C.dwg
2020-11-29 17:19 - 2020-11-29 17:19 - 000167670 _____ C:\Users\selmi\Downloads\EligibilityResultsNotice. pdf
2020-11-29 16:50 - 2020-11-29 16:50 - 000198609 _____ C:\Users\selmi\Downloads\APA Fall 2020 Newsletter_.pdf
2020-11-29 16:30 - 2020-11-29 16:30 - 001260865 _____ C:\Users\selmi\Downloads\Fwd_ [EXTERNAL] Possible Volunteer Opportunity.eml
2020-11-29 14:46 - 2020-11-29 14:46 - 002622316 _____ C:\Users\selmi\Downloads\Yellow and Black Geometric Pattern Company Meeting Presentation (1).pptx
2020-11-29 14:30 - 2020-11-29 14:30 - 002601437 _____ C:\Users\selmi\Downloads\Yellow and Black Geometric Pattern Company Meeting Presentation.pptx
2020-11-29 12:09 - 2020-11-29 12:09 - 000468061 _____ C:\Users\selmi\Downloads\Urban Link Presentation.pptx
2020-11-28 19:33 - 2020-11-28 19:34 - 000919040 _____ C:\Users\selmi\Downloads\EthicalPlanningPractition erbonus.ppt
2020-11-25 14:47 - 2020-11-25 14:47 - 000175917 _____ C:\Users\selmi\Downloads\Job Board 11.25.20B.dwg
2020-11-23 17:08 - 2020-11-23 17:08 - 000350530 _____ C:\Users\selmi\Downloads\Selina_Angel.pdf
2020-11-23 15:41 - 2020-11-23 15:41 - 000257478 _____ C:\Users\selmi\Downloads\invoice-2020000004.pdf
2020-11-23 08:37 - 2020-11-23 08:37 - 000385755 _____ C:\Users\selmi\Downloads\Eaton Chapel Set 20201123.pdf
2020-11-23 07:53 - 2020-11-23 07:53 - 003887530 _____ C:\Users\selmi\Downloads\SMCB - Background Files.zip
2020-11-22 12:46 - 2020-11-22 12:46 - 000060088 _____ C:\Users\selmi\Downloads\Emmalyn Terracciano's Resume 2020.pdf
2020-11-22 12:26 - 2020-11-22 12:26 - 000462962 _____ C:\Users\selmi\Downloads\Matthew J Gloria Architectural Resume.pdf
2020-11-20 11:52 - 2020-11-20 12:54 - 000710355 _____ C:\Users\selmi\Downloads\CAD.zip
2020-11-20 09:23 - 2020-11-20 09:23 - 005650806 _____ C:\Users\selmi\Downloads\JOB BOARD.zip
2020-11-20 08:39 - 2020-11-20 10:23 - 000268153 _____ C:\Users\selmi\Downloads\X-Plan 240 Paseo Del Rio (1).bak
2020-11-20 07:57 - 2020-11-20 10:23 - 000297617 _____ C:\Users\selmi\Downloads\X-Plan 240 Paseo Del Rio (1).dwg
2020-11-19 13:18 - 2020-11-19 14:25 - 000231249 _____ C:\Users\selmi\Downloads\X-Plan 240 Paseo Del Rio.bak
2020-11-19 12:48 - 2020-11-19 14:26 - 000258641 _____ C:\Users\selmi\Downloads\X-Plan 240 Paseo Del Rio.dwg
2020-11-19 12:46 - 2020-11-19 12:46 - 000313035 _____ C:\Users\selmi\Downloads\X-Plan Paseo Del Rio.bak
2020-11-19 09:24 - 2020-11-19 09:24 - 000155547 _____ C:\Users\selmi\Downloads\S14-032.PDF
2020-11-18 10:57 - 2020-11-18 10:48 - 000561504 _____ C:\Users\selmi\Downloads\X-Elevations Ellen's Son.bak
2020-11-18 10:48 - 2020-11-18 10:57 - 000568325 _____ C:\Users\selmi\Downloads\X-Elevations Ellen's Son.dwg
2020-11-18 10:33 - 2020-11-18 10:15 - 000230981 _____ C:\Users\selmi\Downloads\A-20 Elevations 2809 Saratoga Drive.bak
2020-11-18 10:22 - 2020-11-18 10:22 - 000192692 _____ C:\Users\selmi\Downloads\A-21 Elevations 2809 Saratoga Drive.bak
2020-11-18 10:15 - 2020-11-18 10:33 - 000233509 _____ C:\Users\selmi\Downloads\A-20 Elevations 2809 Saratoga Drive.dwg
2020-11-18 10:15 - 2020-11-18 10:23 - 000228357 _____ C:\Users\selmi\Downloads\A-21 Elevations 2809 Saratoga Drive.dwg
2020-11-18 09:33 - 2020-11-18 09:55 - 000341061 _____ C:\Users\selmi\Downloads\X-Elevations 2809 Saratoga Drive.bak
2020-11-18 09:10 - 2020-11-18 10:15 - 000386774 _____ C:\Users\selmi\Downloads\X-Elevations 2809 Saratoga Drive.dwg
2020-11-18 09:00 - 2020-11-18 09:00 - 001108137 _____ C:\Users\selmi\Downloads\111320 Alamo As-Builts - 2SD-134 Kentucky Blvd. - Signed Contract.pdf
2020-11-18 08:47 - 2020-11-18 08:47 - 000176435 _____ C:\Users\selmi\Downloads\Job Board 11.17.20.dwg
2020-11-18 08:31 - 2020-11-18 08:31 - 000000000 ____D C:\Users\selmi\Downloads\Interior pics - 20.91A-20201118T141830Z-001
2020-11-18 08:26 - 2020-11-18 08:50 - 000090950 _____ C:\Users\selmi\Downloads\Contact Master List.xlsx
2020-11-18 08:19 - 2020-11-18 08:19 - 071087041 _____ C:\Users\selmi\Downloads\Interior pics - 20.91A-20201118T141830Z-001.zip
2020-11-18 07:57 - 2020-11-18 08:34 - 067697183 _____ C:\Users\selmi\Downloads\Interior pics - 20.91A-20201118T135543Z-001.zip
2020-11-17 18:08 - 2020-11-17 18:08 - 001728047 _____ C:\Users\selmi\Downloads\Sample_Registration_Form. pdf
2020-11-17 10:04 - 2020-11-25 17:32 - 000000822 _____ C:\WINDOWS\system32\Drivers\etc\hosts.bak
2020-11-16 20:37 - 2020-11-16 20:37 - 002682766 _____ C:\Users\selmi\Downloads\Mint Neon Experimental Fashion Brand Guidelines Presentation.pptx
2020-11-16 20:34 - 2020-11-16 20:34 - 002678410 _____ C:\Users\selmi\Downloads\Eastside Community Area Plan Presentation.pptx
2020-11-16 09:15 - 2020-11-16 09:15 - 016028056 _____ C:\Users\selmi\Downloads\JBSA Task I NRHP Eligibility Reassessment UTSA CCS draft.pdf
Reply With Quote
  #4  
Old December 16th, 2020, 08:11 PM
jodys67 jodys67 is offline
Member
 
Join Date: Jan 2005
Posts: 93
2nd half of scan 1 of 2

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-16 12:58 - 2020-08-09 07:05 - 000004168 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronizatio n-{BB9E9026-21F3-4130-A0E3-DC8C0397D9CC}
2020-12-16 12:58 - 2020-08-09 07:05 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2922445582-2401891900-2880202809-1001
2020-12-16 12:58 - 2020-08-09 06:15 - 000002369 _____ C:\Users\selmi\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\OneDrive.lnk
2020-12-16 12:58 - 2020-03-15 15:20 - 000000000 ___RD C:\Users\selmi\OneDrive - University of Texas at San Antonio
2020-12-16 12:58 - 2019-10-10 20:33 - 000000000 ___RD C:\Users\selmi\OneDrive
2020-12-16 12:58 - 2019-04-23 23:09 - 000000000 ____D C:\ProgramData\NVIDIA
2020-12-16 12:57 - 2020-08-09 07:05 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3 273-0563-4F20-B12F-826510B07474
2020-12-16 12:55 - 2020-08-09 07:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-15 18:25 - 2019-12-24 19:02 - 000000000 ____D C:\Program Files (x86)\Origin
2020-12-15 18:25 - 2019-10-11 00:32 - 000000000 ____D C:\Users\selmi\AppData\Local\D3DSCache
2020-12-15 18:23 - 2019-12-07 03:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-15 18:23 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-15 18:22 - 2019-10-11 07:23 - 000000000 ____D C:\ProgramData\Autodesk
2020-12-15 18:19 - 2020-08-09 07:03 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-15 18:19 - 2019-12-07 03:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-15 18:16 - 2019-09-23 18:05 - 000000000 ____D C:\ProgramData\ASUS
2020-12-15 18:14 - 2020-07-19 07:26 - 000002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-15 18:14 - 2020-07-19 07:26 - 000002261 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-15 18:14 - 2020-07-19 07:26 - 000002261 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-12-15 18:13 - 2020-09-16 06:59 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2020-12-15 18:13 - 2020-09-16 06:59 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2020-12-15 18:13 - 2020-08-09 06:15 - 000000000 ____D C:\Users\selmi
2020-12-15 18:13 - 2019-12-07 03:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-15 18:12 - 2020-08-09 07:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-15 18:12 - 2020-08-09 07:01 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-15 18:12 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-12-15 18:11 - 2019-12-07 03:03 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2020-12-09 09:02 - 2019-10-12 19:18 - 000002116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2020-12-09 09:02 - 2019-10-12 19:18 - 000002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2020-12-08 09:22 - 2020-08-13 12:52 - 000000000 ____D C:\WINDOWS\Minidump
2020-12-04 09:02 - 2020-08-09 07:05 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineU A
2020-12-04 09:02 - 2020-08-09 07:05 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineC ore
2020-12-04 08:40 - 2020-08-09 07:05 - 000004122 _____ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2020-12-04 08:38 - 2020-08-09 07:05 - 000003764 _____ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2020-12-04 08:26 - 2018-12-06 16:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-12-04 08:24 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-04 08:08 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-02 17:40 - 2019-10-11 07:45 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-02 17:40 - 2019-10-11 07:45 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-12-02 17:40 - 2019-10-11 07:45 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-12-01 16:28 - 2019-04-23 23:09 - 000000000 ____D C:\ProgramData\Package Cache
2020-11-29 18:37 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-11-28 11:15 - 2020-08-09 07:05 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskM achineUA
2020-11-28 11:15 - 2020-08-09 07:05 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskM achineCore
2020-11-25 13:47 - 2020-08-09 07:05 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-11-20 12:54 - 2020-01-17 09:33 - 000000000 ____D C:\Users\selmi\Dropbox\My PC (LAPTOP-GDUKT0K9)\Documents\2020_AlamoAsBuilts
2020-11-19 16:52 - 2020-03-29 11:54 - 000002370 _____ C:\Users\selmi\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Microsoft Teams.lnk

==================== Files in the root of some directories ========

2020-10-04 14:48 - 2020-11-08 17:40 - 000003044 _____ () C:\Users\selmi\AppData\Roaming\debug.log
2019-10-12 19:02 - 2019-10-12 19:02 - 000000410 _____ () C:\Users\selmi\AppData\Local\oobelibMkey.log

==================== SigCheck

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt
Reply With Quote
  #5  
Old December 16th, 2020, 08:13 PM
jodys67 jodys67 is offline
Member
 
Join Date: Jan 2005
Posts: 93
1st half of log 2 of 2

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by selmi (16-12-2020 13:00:47)
Running from C:\Users\selmi\Dropbox\My PC (LAPTOP-GDUKT0K9)\Downloads
Windows 10 Home Version 2004 19041.630 (X64) (2020-08-09 13:05:24)
Boot Mode: Normal
================================================== ========


==================== Accounts: =============================

Administrator (S-1-5-21-2922445582-2401891900-2880202809-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2922445582-2401891900-2880202809-503 - Limited - Disabled)
Guest (S-1-5-21-2922445582-2401891900-2880202809-501 - Limited - Disabled)
selmi (S-1-5-21-2922445582-2401891900-2880202809-1001 - Administrator - Enabled) => C:\Users\selmi
WDAGUtilityAccount (S-1-5-21-2922445582-2401891900-2880202809-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A360 Desktop (HKLM\...\{7758802D-9486-4883-9927-CCAC366A3BA4}) (Version: 7.2.3.1800 - Autodesk)
ACA & MEP 2017 Object Enabler (HKLM\...\{28B89EEF-0004-0000-5102-CF3F3A09B77D}) (Version: 7.9.45.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-0001-0000-3102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.2.1.441 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_6) (Version: 20.0.6 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\Amazon Kindle) (Version: 1.30.0.59056 - Amazon)
ArcGIS Desktop 10.5.1 (HKLM-x32\...\{4740FC57-60FE-45BB-B513-3309F6B73183}) (Version: 10.5.7333 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS Desktop 10.5.1 (HKLM-x32\...\ArcGIS Desktop 10.5.1) (Version: 10.5.7333 - Environmental Systems Research Institute, Inc.)
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.4.4.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{29f5bb52-3759-4b80-bdeb-bf6d881f3687}) (Version: 2.4.4.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.19 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32\...\{36aa03d4-9606-4f04-bf3e-a70ebe6650f3}) (Version: 1.1.19 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.2.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{443c1fe5-bd81-48e1-ab87-6fbcb9190990}) (Version: 1.2.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32\...\{9262d82e-792e-40d1-b9a2-ff6bb80c89d8}) (Version: 1.0.1.1 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{CB0E3BB6-3F2F-401E-B1D4-E23C582ACB11}) (Version: 1.0.1.1 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.33 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{43baebef-1237-4e88-be25-d3834308a0c6}) (Version: 1.0.33 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.27 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{1d71e6f3-e779-4002-a54b-4d7c5986d0a7}) (Version: 1.0.27 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.29 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{e3f99131-d5d0-4805-96a7-7e126e8295dd}) (Version: 1.0.29 - ASUSTek COMPUTER INC.) Hidden
ASUS Promotion (HKLM\...\{10FE8E2F-7BDD-4430-8D63-3D3BA3F708D9}) (Version: 1.0.0 - ASUSTeK COMPUTER INC.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.33 - ASUSTeK Computer Inc.) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.13 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.13 - ASUS)
AutoCAD 2017 - English (HKLM\...\{28B89EEF-0001-0409-2102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 (HKLM\...\{28B89EEF-0001-0000-0102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 Language Pack - English (HKLM\...\{28B89EEF-0001-0409-1102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk App Manager 2016-2017 (HKLM-x32\...\{C0954809-F5DC-426C-847E-8409DE14E4C0}) (Version: 2.2.0 - Autodesk)
Autodesk AutoCAD 2017 - English (HKLM\...\AutoCAD 2017 - English) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM-x32\...\{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}) (Version: 1.2.5.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM\...\{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}) (Version: 4.37.6853 - Autodesk)
Autodesk Certificate Package (x64) - 5.1.4 (HKLM\...\{79D5E475-5EAB-4474-84F5-BD612337A175}) (Version: 5.1.4.100 - Autodesk)
Autodesk Collaboration for Revit 2018 (HKLM\...\{AA384BE4-1800-0010-0000-97E7D7D00B17}) (Version: 18.0.0.420 - Autodesk) Hidden
Autodesk Collaboration for Revit 2018 (HKLM\...\Autodesk Collaboration for Revit 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 8.0.0.46 - Autodesk)
Autodesk Download Manager (HKLM-x32\...\{402BEAF1-A9F1-4D40-85B4-4F43D0D0EA27}) (Version: 6.3.181.0 - Autodesk, Inc.)
Autodesk Featured Apps 2016-2017 (HKLM-x32\...\{27C15055-713B-4D0E-881F-19598A2DFD59}) (Version: 2.2.0 - Autodesk)
Autodesk Genuine Service (HKLM-x32\...\{317D67F2-9027-4E85-9ED1-ADF4D765AE02}) (Version: 3.0.11 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk License Service (x64) - 5.1.4 (HKLM\...\{3609A8D9-FC0C-4C9B-9F58-0B1D1A4FE556}) (Version: 5.1.4.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2018 (HKLM-x32\...\{1B0F011A-66B4-4865-98B7-0FE132841035}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2018 (HKLM-x32\...\{6EC5DA32-D02D-47D4-A3C4-988C1BC1A5FE}) (Version: 16.11.1.0 - Autodesk)
Autodesk ReCap 360 (HKLM\...\{5F0F7049-0000-1033-0102-73A6DA3D7FA6}) (Version: 3.0.0.52 - Autodesk) Hidden
Autodesk ReCap 360 (HKLM\...\Autodesk ReCap 360) (Version: 3.0.0.52 - Autodesk)
Autodesk Revit 2018 (HKLM\...\Autodesk Revit 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Revit 2018 (HKLM\...\Revit 2018) (Version: - )
Autodesk Revit Content Libraries 2018 (HKLM\...\Autodesk Revit Content Libraries 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Revit Content Libraries 2018 (HKLM\...\Revit Content Libraries 2018) (Version: - )
Autodesk Revit MEP Imperial Content (HKLM\...\{7A218E72-B73A-44AF-B4CA-D97EEEAACEFF}) (Version: 2.1 - Autodesk)
Autodesk Revit MEP Metric Content (HKLM\...\{14301A33-A4A1-41B8-A3BF-237AEC8561BB}) (Version: 2.1 - Autodesk)
Autodesk Revit Model Review 2018 (HKLM\...\{715812E8-1800-0010-0000-BBB894911B46}) (Version: 18.0.0.420 - Autodesk) Hidden
Autodesk Revit Model Review 2018 (HKLM\...\Autodesk Revit Model Review 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Save to Web and Mobile (HKLM\...\{26FB18F7-B553-430D-94F6-C2389A91235F}) (Version: 3.0.21 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{E3807FC8-DD0A-4D6D-89E9-EAADE00C845C}) (Version: 10.22.00.1800 - Autodesk)
Autodesk Workflows 2018 (HKLM\...\{28B17270-375A-4844-9D34-754A457E17BF}) (Version: 16.11.1.0 - Autodesk, Inc.)
Batch Print for Autodesk Revit 2018 (HKLM\...\{82AF00E4-1800-0010-0000-FCE0F87063F9}) (Version: 18.0.0.420 - Autodesk) Hidden
Batch Print for Autodesk Revit 2018 (HKLM\...\Batch Print for Autodesk Revit 2018) (Version: 18.0.0.420 - Autodesk)
BIG-IP Edge Client Components (All Users) (HKLM-x32\...\F5 Networks Client Components) (Version: 71.2020.0108.2059 - F5 Networks, Inc.)
Cisco Webex Meetings (HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\ActiveTouchMeetingClient) (Version: 40.6.1 - Cisco Webex LLC)
Citrix Workspace 1911 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 19.11.0.50 - Citrix Systems, Inc.)
Data for GIS Tutorial 1, 10.3.x edition (HKLM-x32\...\{6D2EAD4D-61AB-4D72-A99E-148D486223B3}) (Version: 1.00.0000 - Esri)
Dynamo Core 1.2.2 (HKLM\...\{AEC2A178-12F1-4B42-B277-E7C395FC771C}) (Version: 1.2.2.373 - Dynamo)
Dynamo Revit 1.2.2 (HKLM\...\{0FF47E28-76A5-44BA-8EEF-58824252F528}) (Version: 1.2.2.373 - Dynamo)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 3.15.00 - Seiko Epson Corporation)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - Seiko Epson Corporation)
Epson ReadyInk Agent (A) (HKLM-x32\...\{A9B4584F-A29E-4880-97E6-1744B4AF2AF8}) (Version: 1.0.2.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
EPSON WF-7720 Series Printer Uninstall (HKLM\...\EPSON WF-7720 Series) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
eTransmit for Autodesk Revit 2018 (HKLM\...\{4477F08B-1800-0010-0000-9A09D834DFF5}) (Version: 18.0.0.420 - Autodesk) Hidden
eTransmit for Autodesk Revit 2018 (HKLM\...\eTransmit for Autodesk Revit 2018) (Version: 18.0.0.420 - Autodesk)
FARO LS 1.1.505.0 (64bit) (HKLM-x32\...\{8834451B-6209-4E02-9EF4-4EF9E3C1F70F}) (Version: 5.5.0.44203 - FARO Scanner Production)
FARO LS 1.1.600.6 (64bit) (HKLM-x32\...\{510A08AF-1649-4844-94E5-EAC43A023685}) (Version: 6.0.6.5 - FARO Scanner Production)
FormIt Converter For Revit 2018 (HKLM\...\{9FFF4CAD-41A6-44D2-9467-A16AC4B6DC2A}) (Version: 1.9.3.0 - Autodesk)
GameFirst V (HKLM-x32\...\{592DB52B-C5CF-4242-9E7C-3A4CC1A8191E}) (Version: 5.0.20.4 - ASUSTeK COMPUTER INC.) Hidden
GameFirst V (HKLM-x32\...\GameFirst V 5.0.20.4) (Version: 5.0.20.4 - ASUSTeK COMPUTER INC.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.14.0.18962 (HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\GoToMeeting) (Version: 10.14.0.18962 - LogMeIn, Inc.)
IronPython 2.7.3 (HKLM-x32\...\{1EBADAEA-1A0F-40E3-848C-0DD8C5E5A10D}) (Version: 2.7.31000.0 - IronPython Team)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.60 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{52EBC484-44A1-4DC5-824A-0A503735ABD8}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\Teams) (Version: 1.3.00.30866 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.13 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation)
NVIDIA Graphics Driver 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Online Plug-in (HKLM-x32\...\{222A41FD-855F-44DC-AC1B-519EC589DB1C}) (Version: 19.11.0.50 - Citrix Systems, Inc.) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.90.45798 - Electronic Arts, Inc.)
Personal Accelerator for Revit (HKLM\...\{7C317DB0-F399-4024-A289-92CF4B6FB256}) (Version: 16.0.1205.0 - Autodesk) Hidden
Personal Accelerator for Revit (HKLM\...\Personal Accelerator for Revit) (Version: 16.0.1205.0 - Autodesk)
RefreshRateService (HKLM-x32\...\{7E5E84CB-B190-4658-A4DC-166779C329D1}) (Version: 1.0.16 - ASUSTeK COMPUTER INC.)
Revit 2018 (HKLM\...\{7346B4A0-1800-0510-0000-705C0D862004}) (Version: 18.0.0.420 - Autodesk) Hidden
Revit Content Libraries 2018 (HKLM\...\{941030D0-1800-0410-0000-818BB38A95FC}) (Version: 18.0.0.420 - Autodesk) Hidden
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.1.10.0 - ASUSTek COMPUTER INC.)
Self-service Plug-in (HKLM-x32\...\{713A7965-2BF8-4D7F-B424-548CF9AE849D}) (Version: 19.11.0.33 - Citrix Systems, Inc.) Hidden
SketchUp 2019 (HKLM\...\{7EDDA955-6D4D-DB6C-C2C3-B757702C0FFE}) (Version: 19.3.253.135 - Trimble, Inc.)
SketchUp Import 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.64.84.1020 - Electronic Arts Inc.)
USB Charger Plus Service (HKLM-x32\...\{452B3493-18D3-4B36-9F59-78AF7963FFCC}) (Version: 5.0.6 - ASUS)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
WD Desktop App 2.1.0.311 (HKLM-x32\...\{b8265583-535c-49a9-9196-e2e835af56a4}) (Version: 2.1.0.311 - Western Digital Corporation) Hidden
WD Desktop App 2.1.0.311 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.311 - Western Digital Corporation) Hidden
WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 4.0.251 - Western Digital Technologies, Inc.)
WD SES Driver Setup (HKLM-x32\...\{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.1.0.25 - Western Digital) Hidden
Worksharing Monitor for Autodesk Revit 2018 (HKLM\...\{5063E738-1800-0010-0000-7B7B9AB0B696}) (Version: 18.0.0.420 - Autodesk) Hidden
Worksharing Monitor for Autodesk Revit 2018 (HKLM\...\Worksharing Monitor for Autodesk Revit 2018) (Version: 18.0.0.420 - Autodesk)
Zoom (HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\ZoomUMX) (Version: 5.2.1 (44052.0816) - Zoom Video Communications, Inc.)

Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4. 0_x86__e1rzdqpraam7r [2019-10-12] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_ x86__enpm4xejd91yc [2020-07-10] (Adobe Systems Incorporated)
AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.20004.0_x64__0a9344xs7nr4m [2020-11-04] (Advanced Micro Devices Inc.)
GameVisual -> C:\Program Files\WindowsApps\B9ECED6F.GameVisual_2.2.2.0_x64_ _qmba6cd70vzyy [2020-01-03] (ASUSTeK COMPUTER INC.) [Startup Task]
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_121.1. 193.0_x64__v10z8vjag6ke6 [2020-11-04] (HP Inc.)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_ 16051.13426.20308.0_x86__8wekyb3d8bbwe [2020-12-15] (Microsoft Corporation)
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_1 6051.13426.20308.0_x86__8wekyb3d8bbwe [2020-12-15] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.1 3426.20308.0_x86__8wekyb3d8bbwe [2020-12-15] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook _16051.13426.20308.0_x86__8wekyb3d8bbwe [2020-12-15] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPo int_16051.13426.20308.0_x86__8wekyb3d8bbwe [2020-12-15] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publish er_16051.13426.20308.0_x86__8wekyb3d8bbwe [2020-12-15] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireColl ection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16 051.13426.20308.0_x86__8wekyb3d8bbwe [2020-12-15] (Microsoft Corporation)
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_2.3.7.0 _x64__qmba6cd70vzyy [2020-12-15] (ASUSTeK COMPUTER INC.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8. 1.959.0_x64__56jybvy8sckqj [2020-11-28] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.Realtek AudioControl_1.7.198.0_x64__dt26b99r8h8gj [2020-07-19] (Realtek Semiconductor Corp)
Sonic Studio 3 -> C:\Program Files\WindowsApps\A-Volute.SonicStudio3_3.16.13.0_x64__w2gh52qy24etm [2020-09-15] (A-Volute)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625 .0_x86__zpdnekdrzrea0 [2020-12-15] (Spotify AB) [Startup Task]
USB Charger Plus -> C:\Program Files\WindowsApps\b9eced6f.usbchargerplus_5.0.9.0_ x86__qmba6cd70vzyy [2019-09-23] (ASUSTek COMPUTER INC.)
VitalSource Bookshelf -> C:\Program Files\WindowsApps\VitalSourceTechnologiesIn.VitalS ourceBookshelf_9.3.19.0_x64__wasrd15zsyawm [2020-10-09] (VitalSource Technologies Inc)
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2. 1702.2004_x64__8wekyb3d8bbwe [2019-11-11] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2922445582-2401891900-2880202809-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0
CustomCLSID: HKU\S-1-5-21-2922445582-2401891900-2880202809-1001_Classes\CLSID\{04271989-C4D2-9881-E51A-2CA272FD8C94} -> [OneDrive - University of Texas at San Antonio] => C:\Users\selmi\OneDrive - University of Texas at San Antonio [2020-03-15 15:20]
CustomCLSID: HKU\S-1-5-21-2922445582-2401891900-2880202809-1001_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2922445582-2401891900-2880202809-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-C39B612730BF} -> [Creative Cloud Files] => C:\Users\selmi\Creative Cloud Files [2019-12-15 10:19]
CustomCLSID: HKU\S-1-5-21-2922445582-2401891900-2880202809-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\selmi\AppData\Local\Webex\Webex\Applicati ons\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-2922445582-2401891900-2880202809-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\selmi\AppData\Local\Microsoft\TeamsMeetin gAddin\1.0.20275.4\x64\Microsoft.Teams.AddinLoader .dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2922445582-2401891900-2880202809-1001_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2020\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-2922445582-2401891900-2880202809-1001_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2922445582-2401891900-2880202809-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2020\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-2922445582-2401891900-2880202809-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\selmi\AppData\Local\GoToMeeting\18068\G2M OutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-2922445582-2401891900-2880202809-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\selmi\AppData\Local\Microsoft\TeamsMeetin gAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader .dll => No File
CustomCLSID: HKU\S-1-5-21-2922445582-2401891900-2880202809-1001_Classes\CLSID\{D1DE6864-2236-48B7-99C3-D29C757903A4}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2020\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-2922445582-2401891900-2880202809-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\en-US\acadficn.dll (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2922445582-2401891900-2880202809-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
SSODL: WDFSMountNotificator-wdfsconnect2017 - {312E5461-8262-422F-B7FA-153FDBE55B17} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {312E5461-8262-422F-B7FA-153FDBE55B17} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects: Virtual Storage Mount Notification -> {312E5461-8262-422F-B7FA-153FDBE55B17} => C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {312E5461-8262-422F-B7FA-153FDBE55B17} => C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-06] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2016-02-06] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-30] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [WDDesktopContextMenu] -> {2ee48016-4a5c-3824-9366-b8a472c09382} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers4: [WDDesktopContextMenu] -> {2ee48016-4a5c-3824-9366-b8a472c09382} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nva m.inf_amd64_f92a5acfce8259e8\nvshext.dll [2020-07-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-30] (Adobe Inc. -> Adobe Systems Inc.)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\selmi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Googl e Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2018-11-23 16:49 - 2018-11-23 16:49 - 000154112 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi\build\Re lease\ffi_bindings.node
2018-11-23 16:49 - 2018-11-23 16:49 - 000144384 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref\build\Re lease\binding.node
2019-10-11 00:31 - 2019-06-26 17:07 - 000094208 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\MacroControl. dll
2018-11-23 16:49 - 2018-11-23 16:49 - 000081920 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2016-09-14 13:31 - 2016-09-14 13:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2019-10-11 00:31 - 2019-06-26 17:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\l ibcrypto-1_1-x64.dll
2019-10-11 00:31 - 2019-06-26 17:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\l ibssl-1_1-x64.dll
2020-12-04 08:35 - 2020-03-16 13:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-12-04 08:35 - 2020-03-16 13:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-12-04 08:35 - 2020-01-19 18:26 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-12-15 18:25 - 2020-01-19 18:26 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-12-15 18:25 - 2020-01-19 18:26 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-12-15 18:25 - 2020-01-19 18:26 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-12-15 18:25 - 2020-01-19 18:26 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-12-15 18:25 - 2020-01-19 18:26 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-12-15 18:25 - 2020-01-19 18:26 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2019-10-11 00:31 - 2019-07-31 15:48 - 000072704 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\P rotocol\Interrupt\InterruptTransfer.dll
2020-08-08 18:33 - 2017-11-10 11:51 - 000180224 _____ (Western Digital Technologies, Inc.) [File not signed] C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\selmi\Downloads\My files in Dropbox.lnk:com.dropbox.ignored [1]
AlternateDataStreams: C:\Users\selmi\Dropbox\My PC (LAPTOP-GDUKT0K9)\Documents\2020_AlamoAsBuilts:com.dropbox .attrs [54]
AlternateDataStreams: C:\Users\selmi\Dropbox\My PC (LAPTOP-GDUKT0K9)\Documents\ArcGIS 10.5.1:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\selmi\Dropbox\My PC (LAPTOP-GDUKT0K9)\Documents\Files on my computer.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\selmi\Dropbox\My PC (LAPTOP-GDUKT0K9)\Documents\Files on my computer.lnk:com.dropbox.ignored [1]
AlternateDataStreams: C:\Users\selmi\Dropbox\My PC (LAPTOP-GDUKT0K9)\Documents\For Rentals:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\selmi\Dropbox\My PC (LAPTOP-GDUKT0K9)\Documents\Khromah:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\selmi\Dropbox\My PC (LAPTOP-GDUKT0K9)\Documents\Selina:com.dropbox.attrs [52]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\Software\Classes\.scr: AutoCADScriptFile =>

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.com/?gws_rd=ssl
hxxps://www.google.com/?gws_rd=ssl
SearchScopes: HKU\S-1-5-21-2922445582-2401891900-2880202809-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {312E5461-8262-422F-B7FA-153FDBE55B17}' -> No File
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavSt ub.dll [2019-07-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavSt ub.dll [2019-07-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: No Name -> {312E5461-8262-422F-B7FA-153FDBE55B17}' -> No File
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.d ll [2019-07-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.d ll [2019-07-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavSt ub.dll [2019-07-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.d ll [2019-07-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
DPF: HKLM-x32 {2BCDB465-81F9-41CB-832C-8037A4064446} C:\Users\selmi\AppData\Local\Temp\f5tmp\urxvpn.cab
DPF: HKLM-x32 {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} C:\Users\selmi\AppData\Local\Temp\f5tmp\f5tunsrv.c ab
DPF: HKLM-x32 {45B69029-F3AB-4204-92DE-D5140C3E8E74} C:\Users\selmi\AppData\Local\Temp\f5tmp\InstallerC ontrol.cab
DPF: HKLM-x32 {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} C:\Users\selmi\AppData\Local\Temp\f5tmp\urxshost.c ab
DPF: HKLM-x32 {E0FF21FA-B857-45C5-8621-F120A0C17FF2} C:\Users\selmi\AppData\Local\Temp\f5tmp\urxhost.ca b
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\utsa.edu -> hxxps://vpn.utsa.edu

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-10-13 12:48 - 2020-11-26 16:17 - 000000822 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\selmi\AppData\Local\Microsoft\Windows\The mes\RoamedThemeFiles\DesktopBackground\airbnbmyth1 .jpg
DNS Servers: 10.104.151.51
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Reply With Quote
  #6  
Old December 16th, 2020, 08:14 PM
jodys67 jodys67 is offline
Member
 
Join Date: Jan 2005
Posts: 93
2nd half of scan 2 of 2

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "pac"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "Redirector"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "FUFAXRCV"
HKLM\...\StartupApproved\Run32: => "FUFAXSTM"
HKLM\...\StartupApproved\Run32: => "WDDiscovery"
HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\StartupApproved\StartupFolder: => "GenuineService.lnk"
HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\StartupApproved\Run: => "PTOneClick"
HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\StartupApproved\Run: => "EPSDNMON"
HKU\S-1-5-21-2922445582-2401891900-2880202809-1001\...\StartupApproved\Run: => "F5 Networks VPN Cleanup {2BCDB465-81F9-41CB-832C-8037A4064446}"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2522C82C-BC9A-40AC-9DAE-C45CFA31D399}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F9F6E10D-E335-420C-9E4F-C6BE04BA0A01}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D269BEED-A493-48EF-B2CD-37C460D7CDEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 2\RCT2.EXE () [File not signed]
FirewallRules: [{73D65BB9-838A-410F-A7CA-9E4E630208F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 2\RCT2.EXE () [File not signed]
FirewallRules: [{4EBF4DA7-C310-449F-94DD-8880FCDCAC7D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{A0F77913-858C-4FEC-9DC3-7439E8E91357}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{D2A5041C-1098-46C1-B98E-9B9E4FC7AD54}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{555E90A1-EB5F-4A06-B3FF-E370794D3B53}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B25FA48E-577D-4DBA-A395-EB8AF33AFE21}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{1677AA3B-3D68-48A2-A7BE-B32531F562BC}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{910ABB00-8B47-4DA2-888B-99271899AD14}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{10A9679A-7449-4E43-9FA4-916C2454C3D7}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{A625A694-0268-4E44-ACB5-8E9AF06D20EE}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe => No File
FirewallRules: [{96EDB3DF-A00D-44E1-8D16-19829086FAD5}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe => No File
FirewallRules: [{5B5F3BB5-5384-41FA-B136-BA2AC277761F}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\A rmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{F0ADC094-B229-4817-968B-8353D41E85D4}] => (Allow) C:\Program Files (x86)\ASUS\GameFirst\GameFirst_V.exe (Apex Titan Technology Corp. -> ASUS)
FirewallRules: [{483CEDE0-4A49-443F-889A-8AC491DD0BA8}] => (Allow) C:\Program Files (x86)\ASUS\GameFirst\DUTUtil.exe (Apex Titan Technology Corp. -> ASUSTeK Computer Inc.)
FirewallRules: [{E3BE8A2A-B9FC-4907-A88F-AE389060E0D9}] => (Allow) C:\Program Files (x86)\ASUS\GameFirst\DUTUtil.exe (Apex Titan Technology Corp. -> ASUSTeK Computer Inc.)
FirewallRules: [{CA683033-64FA-4C41-B908-1AE17A04F31E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0FA98946-B6B0-4DA1-9120-F1B8A6CADA8A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{21F549D0-55F4-4137-B24B-3921B56740E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2C746BAF-6A3D-41BB-8777-0F7C540FC2B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CAC626FF-9871-48D6-934D-044F8F246EAC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1E9A0000-4C02-46CB-810A-CA9C91025EC2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{606FF22A-1BF1-46B6-9DB6-275ADCC185BB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook _16040.10730.20103.0_x86__8wekyb3d8bbwe\Office16\O UTLOOK.exe => No File
FirewallRules: [{0B9123A3-175D-40E4-9DE9-88C78167170D}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\A rmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{EC4BD1F8-0167-4491-8529-A1931AA8874B}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{3974AE4C-C6F5-4FA7-A2C5-19D77D94EE1D}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{D0818C6A-A1FA-4C01-B032-625923B7F10A}] => (Allow) C:\Users\selmi\AppData\Local\Temp\WF-7720\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [{D0C2B999-CA06-4AF8-A817-48EFAD346BDE}] => (Allow) C:\Users\selmi\AppData\Local\Temp\WF-7720\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [{F3B0EE12-F989-4D03-82F2-10680F77E974}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{73C68A1C-8AF9-47C1-9492-19B25B935084}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{FAC58964-B38C-4BD9-AD87-33879641C12B}] => (Allow) C:\Users\selmi\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{54F80446-D1CA-4DB9-B32C-FD9282F91275}] => (Allow) C:\Users\selmi\AppData\Roaming\Zoom\bin\airhost.ex e => No File
FirewallRules: [TCP Query User{C340954B-F09C-44B7-82C0-B8457C8D6E11}C:\users\selmi\appdata\local\microsof t\teams\current\teams.exe] => (Allow) C:\users\selmi\appdata\local\microsoft\teams\curre nt\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{9EFCF550-FE0C-4C38-862A-38B0A8399AC4}C:\users\selmi\appdata\local\microsof t\teams\current\teams.exe] => (Allow) C:\users\selmi\appdata\local\microsoft\teams\curre nt\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{516E9265-DA12-48B0-860A-CC5831A24DF0}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{C2A8E08C-E142-488C-AF41-4D99E18DCB1D}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{9E9B2823-F2DD-4715-9217-4485DEDC49AC}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{64BCDE9A-495D-492D-8A2E-395FCABE7637}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{2B424306-1655-4280-8F9C-59FC0482DD06}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe => No File
FirewallRules: [TCP Query User{8C01CB76-4085-4574-B3A3-D9C3D342A306}C:\users\selmi\appdata\local\microsof t\teams\current\teams.exe] => (Allow) C:\users\selmi\appdata\local\microsoft\teams\curre nt\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{338A23F8-A686-4B7A-AD78-8C14FF83CA0F}C:\users\selmi\appdata\local\microsof t\teams\current\teams.exe] => (Allow) C:\users\selmi\appdata\local\microsoft\teams\curre nt\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E475AA21-4C68-4C04-8D9F-E414BFC27272}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{9687FB22-7438-4A90-99AD-59BADA5FA8E6}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{9B6DA68F-03AA-4CAC-A067-57225FA8D24D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{751EF490-80CF-4918-8A1F-1FBBB796620B}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSLinkRemote\As usLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.​)
FirewallRules: [{6D385E20-D6C8-42F1-A974-C83EDE341249}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSLinkRemote\As usLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.​)
FirewallRules: [{182B7270-F7A8-41AC-9537-407FAAF2F57A}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asu ssci2.inf_amd64_fd308420000a4872\ASUSLinkNear\Asus LinkNear.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
FirewallRules: [{DDCA6D08-33DA-4D0B-9C7D-B47A509512D0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook _16051.13426.20308.0_x86__8wekyb3d8bbwe\Office16\O UTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D44B8ECD-F5F2-4318-9136-B58A08175BD0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{89BCB379-4C28-4A82-B460-C203B5190CF1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{50BC4A58-2B95-4CF4-A083-CEA8F237204E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6BEC01EB-B5BF-4E4E-BAE2-5228DA0EF56D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C031FE3C-5AAF-45DB-87B8-0CECA61868F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A2B102FA-9A22-467E-B9E7-FE437C21BD0B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{77ADF67A-1673-41C4-810E-D78943196B8F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D144360B-B3BC-4215-99EF-E034847641C3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BF8B235E-E5AA-453F-A502-2530FBEE3E43}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{65F4B3B2-B2ED-400C-BEC9-F1F54BFB1581}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D5CFDC24-510E-416B-A325-4ED50EB16176}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A94F95A0-F343-43C8-859A-E1C2D63AC037}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

20-11-2020 14:18:47 Scheduled Checkpoint
24-11-2020 07:51:48 Windows Update
04-12-2020 08:19:47 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/15/2020 06:11:50 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (12/09/2020 12:51:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program StartMenuExperienceHost.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 42d4

Start Time: 01d6c90431fb1bd9

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.StartMenuE xperienceHost_cw5n1h2txyewy\StartMenuExperienceHos t.exe

Report Id: 265e9882-529f-41fa-9ae5-6a0580d701f0

Faulting package full name: Microsoft.Windows.StartMenuExperienceHost_10.0.190 41.610_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (12/01/2020 04:28:57 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, A device attached to the system is not functioning.
.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (11/30/2020 08:33:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program YourPhone.exe version 1.20104.23.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2ea4

Start Time: 01d6c33789af4845

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20104.23.0 _x64__8wekyb3d8bbwe\YourPhone.exe

Report Id: ff91f58f-1096-4f99-bccd-47721c30682d

Faulting package full name: Microsoft.YourPhone_1.20104.23.0_x64__8wekyb3d8bbw e

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (11/29/2020 06:25:51 PM) (Source: Microsoft-Windows-Spell-Checking) (EventID: 31) (User: LAPTOP-GDUKT0K9)
Description: Failed to update 1 user custom wordlist: -2147024864. Spell checking will remain available, but this user wordlist will not be updated.

Error: (11/28/2020 07:13:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Bookshelf.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 3828

Start Time: 01d6c40d2748b2ef

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\VitalSourceTechnologiesIn.VitalS ourceBookshelf_9.3.19.0_x64__wasrd15zsyawm\Bookshe lf.exe

Report Id: 87030a20-06a9-4016-9305-c3a0658d74b4

Faulting package full name: VitalSourceTechnologiesIn.VitalSourceBookshelf_9.3 .19.0_x64__wasrd15zsyawm

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (11/26/2020 06:41:30 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={E96326A5-6F46-4A8A-8AAE-5140A6756326}: The user SYSTEM dialed a connection named _Common_F5_VPN_na_res - vpn.utsa.edu which has failed. The error code returned on failure is 619.

Error: (11/25/2020 05:32:54 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={BEA4E9F6-D0A6-412F-90CD-3219236E0864}: The user SYSTEM dialed a connection named _Common_F5_VPN_na_res - vpn.utsa.edu which has failed. The error code returned on failure is 628.


System errors:
=============
Error: (12/15/2020 06:11:35 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:51:07 AM on ‎12/‎9/‎2020 was unexpected.

Error: (11/30/2020 06:00:10 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x00000116 (0xffffdd8f4f3ac010, 0xfffff80362c3053c, 0xffffffffc0000001, 0x0000000000000003). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: 823ed40e-daeb-4332-b659-9c4785551467.

Error: (11/30/2020 06:00:01 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 5:58:29 PM on ‎11/‎30/‎2020 was unexpected.

Error: (11/26/2020 05:52:31 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ASUSSystemAnalysis service.

Error: (11/24/2020 02:00:37 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:18:30 PM on ‎11/‎24/‎2020 was unexpected.

Error: (11/24/2020 10:57:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Clipboard User Service_a09c5 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 3000 milliseconds: Restart the service.

Error: (11/21/2020 06:46:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NZKPSTSNW4P-Microsoft.XboxGamingOverlay.

Error: (11/21/2020 05:50:05 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: The system detected an address conflict for IP address 2600:1700:30:3350::24 with the system
having network hardware address A4-83-E7-C0-51-62. Network operations on this system may
be disrupted as a result.


Windows Defender:
===================================
Date: 2020-12-15 21:26:08.6690000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {1BFD39F0-4D75-4B99-A7DB-D007873F8523}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-12-01 11:24:29.5340000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {34772432-5311-471C-AB34-AD19308A728D}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-11-29 19:20:46.7920000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {7959FA9A-0574-47D8-8C6F-7985B522DEE1}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-11-28 12:00:26.6680000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {8D1DF1F9-4712-46EA-A942-2DCEF92FCCFD}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-11-26 09:09:35.1240000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {201E52FD-C3E0-4B5B-91C9-388A598E661F}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-11-25 17:30:33.1370000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.327.1487.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17600.5
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2020-11-20 13:01:08.7380000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.327.1215.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17600.5
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2020-11-12 13:29:31.8520000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.327.797.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17600.5
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

==================== Memory info ===========================

BIOS: American Megatrends Inc. GU502DU.208 08/01/2019
Motherboard: ASUSTeK COMPUTER INC. GU502DU
Processor: AMD Ryzen 7 3750H with Radeon Vega Mobile Gfx
Percentage of memory in use: 33%
Total physical RAM: 16191.94 MB
Available physical RAM: 10804.64 MB
Total Virtual: 18623.94 MB
Available Virtual: 11280.13 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:475.84 GB) (Free:298.35 GB) NTFS

\\?\Volume{5c0b94bf-072f-4e64-ab5c-04286bbdb097}\ (RECOVERY) (Fixed) (Total:0.83 GB) (Free:0.38 GB) NTFS
\\?\Volume{ea325387-c0ae-4025-b8e0-5f0b609535b5}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

================================================== ========
Disk: 0 (Size: 476.9 GB) (Disk ID: A695E2CC)

Partition: GPT.

==================== End of Addition.txt =======================
Reply With Quote
  #7  
Old December 16th, 2020, 08:14 PM
jodys67 jodys67 is offline
Member
 
Join Date: Jan 2005
Posts: 93
thank you

thank you so much for looking at this for me.
Reply With Quote
  #8  
Old December 17th, 2020, 04:38 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,284
I see no indication of malware in this log, or reason for slowness. You may want to open a new request in the CTH Windows 10 forum.
Reply With Quote
  #9  
Old December 17th, 2020, 11:40 PM
jodys67 jodys67 is offline
Member
 
Join Date: Jan 2005
Posts: 93
Thanks

Thank you for your review!
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Topics
Topic Topic Starter Forum Replies Last Post
Running slow and programs slow to respond EDO Malware Removal 6 August 12th, 2021 07:28 PM
Laptop loading slow internet running slow ira82 Windows XP 11 April 3rd, 2010 04:09 AM
PC Running A Little Slow ... Lots of Processes Running ... HJT LOG xupugh Malware Removal 42 January 26th, 2006 12:08 PM
pc running slow lydanial Windows XP 4 January 15th, 2006 10:39 AM
WIndows XP running unusually slow.... Like REALLY REALLY slow. Any ideas?? FrankieBonez Windows XP 8 July 24th, 2004 06:59 AM


All times are GMT +1. The time now is 07:25 PM.