Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News: New GPUBreach attack enables system takeover via GPU rowhammer

Featured Deal: Protect up to 9 devices from ads and tracking for just $16 in this AdGuard deal

Latest Buyer's Guide: Best VPNs in 2025

Proxy Script Address http://127.0.0.1:86 doesn't get away at all, need help

Started by sylhetifua , May 19 2021 09:28 AM

This topic is locked

24 replies to this topic

#1 sylhetifua

Members
11 posts
OFFLINE

Local time:04:36 AM

Posted 19 May 2021 - 09:28 AM

Hello all,
Hope you all are fine. First of all I would like to thanks to all admins and malware response team for their help. I am new to the forum and I am sharing a problem of mine which I am facing since last 5 days. From Five days, in my internet and network setting, it is showing
"http://127.0.0.1:86/" in setup script address field. And it never goes away and because of it I can't connect to my internet. I use a public domain Lan of my university which requires to set manual proxy to use internet here. And I can't do that now because of this script field. I faced this script address problem 2 months ago when I downloaded KMSPico earlier. But after it spread virus, I uninstalled it and I was able to fix the setup script problem using Regedit setting of removing everything from internet setting->Proxy fields and also other regedit settings. But now it again came back and this time it never goes away, everytime I restart my pc it come back always and no method works.
And my pc has become very slow since then, takes a long time to boot and load things very slowly whereas it was really fast just 5 days ago.
I sincerely hope someone helps me to fix it. I have installed FRST and ran it. I am attaching my results below.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-05-2021
Ran by Asus (administrator) on DESKTOP-9ARMNNG (ASUSTeK COMPUTER INC. VivoBook_ASUSLaptop X570ZD_X570ZD) (19-05-2021 12:18:43)
Running from C:\Users\Asus\Desktop\FRST
Loaded Profiles: Asus & niroco & lkClassAds & niLXIDiscovery
Platform: Windows 10 Home Single Language Version 20H2 19042.985 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\erl10.6\erts-10.6\bin\epmd.exe
() [File not signed] C:\Program Files\erl10.6\erts-10.6\bin\erl.exe
() [File not signed] C:\Program Files\erl10.6\erts-10.6\bin\erlsrv.exe
() [File not signed] C:\Program Files\erl10.6\erts-10.6\bin\inet_gethost.exe
() [File not signed] C:\Program Files\erl10.6\lib\os_mon-2.5.1\priv\bin\win32sysinfo.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository͘400.inf_amd64_d42706c82ef44182\B358199\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository͘400.inf_amd64_d42706c82ef44182\B358199\atiesrxx.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_062c4d867b14997b\ASUSLiveUpdateAgent\AsusLiveUpdateAgent.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_062c4d867b14997b\ASUSOptimization\ASUSOptimization.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_062c4d867b14997b\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsHidSrv64.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsLdrSrv64.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsMonStartupTask64.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Windows\CxSvc\CxUtilSvc.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Flexera Software LLC -> InstallShield Software Corporation) [File not signed] C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\iKernel.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_db704b106aae3892\ICEsoundService64.exe
(James Kring, Inc. -> JKI) C:\Program Files (x86)\JKI\VI Package Manager\support\VIPM Service.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\pacjsworker.exe
(Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_062c4d867b14997b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems LLC.) C:\Windows\CxSvc\CxAudioSvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe <2>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\MAX\nimxs.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\NI-488.2\Bin\gpibenumsvc.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\PXI\nipxicms.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe <5>
(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI-VISA\niLxiDiscovery.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Program Files\National Instruments\Shared\NI Error Reporting\nierserver.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Program Files\National Instruments\Shared\roco\niroco.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Program Files\National Instruments\Shared\Sync Domain\nisds.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\nidevldu.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\nipxism.exe
(National Instruments) [File not signed] C:\Program Files (x86)\National Instruments\NI Device Monitor\DeviceMonitor.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_2fe1168e8adef8f6\Display.NvContainer\NVDisplay.Container.exe <2>
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Synaptics Incorporated -> Conexant Systems, Inc.) C:\Windows\System32\CxUIUSvc32.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [NI Device Monitor] => C:\Program Files (x86)\National Instruments\NI Device Monitor\DeviceMonitor.exe [150016 2019-03-20] (National Instruments) [File not signed]
HKU\S-1-5-21-378399548-4021493369-4051984164-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536440 2021-04-27] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-378399548-4021493369-4051984164-1001\...\Run: [NIRegistrationWizard] => C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe [819760 2019-03-05] (National Instruments Corporation -> National Instruments Corporation)
HKLM\...\Windows x64\Print Processors\hpcpp165: C:\Windows\System32\spool\prtprocs\x64\hpcpp165.dll [602912 2014-02-19] (Hewlett-Packard Company -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-13] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon - Shortcut.lnk [2021-05-18]
ShortcutTarget: ctfmon - Shortcut.lnk -> C:\Windows\System32\ctfmon.exe (Microsoft Windows -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting (64-bit).lnk [2021-05-17]
ShortcutTarget: NI Error Reporting (64-bit).lnk -> C:\Program Files\National Instruments\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation -> National Instruments Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk [2021-05-17]
ShortcutTarget: NI Error Reporting.lnk -> C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation -> National Instruments Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VIPM Service.lnk [2021-05-17]
ShortcutTarget: VIPM Service.lnk -> C:\Program Files (x86)\JKI\VI Package Manager\support\VIPM Service.exe (James Kring, Inc. -> JKI)
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {265B2D06-1F3F-4692-8B47-36E34C567AB7} - System32\Tasks\NIUpdateServiceStartupTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [875400 2019-03-05] (National Instruments Corporation -> National Instruments Corporation)
Task: {3221F2D9-121B-4330-A8D4-B31C7785CBE4} - System32\Tasks\NI SSP Expiration Reminder => C:\Program Files (x86)\National Instruments\Shared\SSP Notifier\SSP Notifier.exe [168272 2020-11-19] (National Instruments Corporation -> National Instruments)
Task: {40024555-0CC6-4676-AC9E-E7EB172EE090} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {657652D2-6284-4C48-B3D3-69C1DA84F720} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-04-30] (Mozilla Corporation -> Mozilla Foundation)
Task: {77295880-3178-4CE7-AB65-952E03905A86} - System32\Tasks\Optimize Thumbnail Cache => C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\isupdate.exe [61104 2020-09-26] (Flexera Software LLC -> InstallShield®) [File not signed]
Task: {80D06639-C3D0-44A8-870E-883C2F721EA4} - System32\Tasks\Update Checker => C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_062c4d867b14997b\ASUSLiveUpdateAgent\UpdateChecker.exe [181688 2021-01-13] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {92143AD7-DF17-43D3-B683-9BAAD547DD4F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A8548257-4778-4424-9EAD-094127680772} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BF58A970-8DC7-4DE7-8A32-1D5B5332041C} - System32\Tasks\NIUpdateServiceCheckTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [875400 2019-03-05] (National Instruments Corporation -> National Instruments Corporation)
Task: {C31C3836-B8F4-4AAF-BE04-E3C2E8BFCDF6} - System32\Tasks\Microsoft\Windows\TextServicesFramework\CTF => C:\Windows\System32\ctfmon.exe [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {D3DD725B-F1B4-42DB-A73D-F8D22CE6F3FD} - System32\Tasks\JKIUpdateTask => C:\Program Files (x86)\JKI\VI Package Manager\support\JKIUpdate.exe [1488632 2020-07-27] (James Kring, Inc. -> JKI)
Task: {F10B366C-9CBB-4F77-8C67-A9863B9BB081} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_062c4d867b14997b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2215464 2021-01-13] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {F55B051F-251C-4806-874B-C2498EA57191} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FFA571CC-4ADD-49BB-B0E1-ECF3C27C7E0A} - System32\Tasks\InstallShield® Setup Engine Kernel => C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\iKernel.exe [72880 2020-10-16] (Flexera Software LLC -> InstallShield Software Corporation) [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ATTENTION (Restriction - ProxySettings)
AutoConfigURL: [HKLM] => hxxp://127.0.0.1:86/
AutoConfigURL: [HKLM-x32] => hxxp://127.0.0.1:86/
ProxyEnable: [S-1-5-21-378399548-4021493369-4051984164-1001] => Proxy is enabled.
ProxyServer: [S-1-5-21-378399548-4021493369-4051984164-1001] => 172.16.199.40:8080
Winsock: Catalog5 08 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [35448 2017-03-07] (National Instruments Corporation -> National Instruments Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [38520 2017-03-07] (National Instruments Corporation -> National Instruments Corporation)
Tcpip\Parameters: [DhcpNameServer] 172.16.3.2
Tcpip\..\Interfaces\{dfa6841d-c96c-45b6-bb14-3c353d3b56fd}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{ed1c2a3d-4fd4-4d22-a921-afabc33a89ce}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{ef4b6d1b-935c-4c89-a4b2-aa5629a347c6}: [DhcpNameServer] 172.16.3.2
ManualProxies: 0hxxp://127.0.0.1:86/
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Asus\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-18]

FireFox:
========
FF DefaultProfile: 0116dyq6.default
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\0116dyq6.default [2021-05-17]
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\88k9gicu.default-release [2021-05-19]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-12-20] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default [2021-05-19]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://meet.google.com; hxxps://www.facebook.com
CHR Extension: (Slides) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-10-08]
CHR Extension: (YouTube) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-10-08]
CHR Extension: (Google Docs Offline) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-17]
CHR Extension: (Office - Enable Copy and Paste) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2020-09-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Chrome Media Router) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-24]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AsHidService; C:\WINDOWS\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsHidSrv64.exe [173504 2019-03-04] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASLDRService; C:\WINDOWS\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsLdrSrv64.exe [227776 2019-03-04] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSLiveUpdateAgent; C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_062c4d867b14997b\ASUSLiveUpdateAgent\AsusLiveUpdateAgent.exe [272840 2021-01-13] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_062c4d867b14997b\ASUSOptimization\ASUSOptimization.exe [202168 2021-01-13] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_062c4d867b14997b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2215464 2021-01-13] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_062c4d867b14997b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [518048 2021-01-13] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R2 CxAudioSvc; C:\Windows\CxSvc\CxAudioSvc.exe [77216 2020-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems LLC.)
R2 CxUIUSvc; C:\WINDOWS\System32\CxUIUSvc32.exe [114968 2020-11-09] (Synaptics Incorporated -> Conexant Systems, Inc.)
R2 gpibenumsvc; C:\Program Files (x86)\National Instruments\NI-488.2\Bin\gpibenumsvc.exe [37872 2020-03-28] (National Instruments Corporation -> National Instruments Corporation)
R2 lkClassAds; C:\WINDOWS\SysWOW64\lkads.exe [61376 2020-04-07] (National Instruments Corporation -> National Instruments Corporation)
R2 lkTimeSync; C:\WINDOWS\SysWOW64\lktsrv.exe [73160 2020-04-07] (National Instruments Corporation -> National Instruments Corporation)
R2 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [96688 2020-03-12] (National Instruments Corporation -> National Instruments Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-15] (Hewlett-Packard) [File not signed]
R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [73736 2020-11-17] (National Instruments Corporation -> National Instruments Corporation)
S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [92680 2020-11-17] (National Instruments Corporation -> National Instruments Corporation)
R2 niauth; C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe [601544 2020-11-17] (National Instruments Corporation -> National Instruments Corporation)
R2 nidevldu; C:\WINDOWS\SysWOW64\nidevldu.exe [342496 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [424376 2020-04-07] (National Instruments Corporation -> National Instruments Corporation)
R2 niLXIDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI-VISA\niLxiDiscovery.exe [537144 2020-04-07] (National Instruments Corporation -> National Instruments Corporation)
R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [343080 2017-03-07] (National Instruments Corporation -> National Instruments Corporation)
R2 NINetworkDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [189512 2019-03-14] (National Instruments Corporation -> National Instruments Corporation)
R2 nipxicmsvc; C:\Program Files (x86)\National Instruments\PXI\nipxicms.exe [338904 2020-09-01] (National Instruments Corporation -> National Instruments Corporation)
R2 nipxirmu; C:\WINDOWS\SysWOW64\nipxism.exe [25472 2020-08-25] (National Instruments Corporation -> National Instruments Corporation)
S3 NiRioRpcLegacy; C:\WINDOWS\SysWOW64\NiRioRpc.exe [42352 2020-08-26] (National Instruments Corporation -> National Instruments Corporation)
S3 nirioserver; C:\WINDOWS\SysWOW64\nirioserver.exe [527296 2020-08-26] (National Instruments Corporation -> National Instruments Corporation)
R2 niroco; C:\Program Files\National Instruments\Shared\roco\niroco.exe [834528 2020-06-05] (National Instruments Corporation -> National Instruments Corporation)
R2 nisds; C:\Program Files\National Instruments\Shared\Sync Domain\nisds.exe [26560 2020-06-13] (National Instruments Corporation -> National Instruments Corporation)
R2 NiSvcLoc; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [102248 2020-03-16] (National Instruments Corporation -> National Instruments Corporation)
R2 NISystemWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [73712 2020-11-17] (National Instruments Corporation -> National Instruments Corporation)
R2 NITaggerService; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [752056 2020-04-08] (National Instruments Corporation -> National Instruments Corporation)
S4 NIWebServer; C:\Program Files\National Instruments\Shared\Web Server\httpd.exe [33656 2020-11-24] (National Instruments Corporation -> )
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-15] (Hewlett-Packard) [File not signed]
R2 RabbitMQ; C:\Program Files\erl10.6\erts-10.6\bin\erlsrv.exe [226304 2019-12-10] () [File not signed]
S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_2fe1168e8adef8f6\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_2fe1168e8adef8f6\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ASUSSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_062c4d867b14997b\ASUSSystemAnalysis\ASUSSAIO.sys [36408 2021-01-13] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\atkwmiacpi64.sys [36368 2019-03-04] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
S3 lvalarmk; C:\WINDOWS\System32\drivers\lvalarmk.sys [36920 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
S3 nicdcck; C:\WINDOWS\System32\drivers\nicdcckl.sys [30984 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
S3 nicdrk; C:\WINDOWS\System32\drivers\nicdrkl.sys [23552 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
S3 nicmrk; C:\WINDOWS\System32\drivers\nicmrkl.sys [23576 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
S3 nicondrk; C:\WINDOWS\System32\drivers\nicondrkl.sys [23536 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
S3 nicsrk; C:\WINDOWS\System32\drivers\nicsrkl.sys [23544 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
R3 nidimk; C:\WINDOWS\System32\drivers\nidimkl.sys [23560 2020-03-19] (National Instruments Corporation -> National Instruments Corporation)
S3 nidmxfk; C:\WINDOWS\System32\drivers\nidmxfkl.sys [23536 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
S3 nidsark; C:\WINDOWS\System32\drivers\nidsarkl.sys [23552 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
S3 niemrk; C:\WINDOWS\System32\drivers\niemrkl.sys [23544 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
S3 niesrk; C:\WINDOWS\System32\drivers\niesrkl.sys [23544 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
R3 NIEthernetDeviceEnumerator; C:\WINDOWS\System32\drivers\niede.sys [59464 2019-03-29] (National Instruments Corporation -> National Instruments Corporation)
S3 nifdrk; C:\WINDOWS\System32\drivers\nifdrkl.sys [23544 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
S3 nifslk; C:\WINDOWS\System32\drivers\nifslkl.sys [30992 2020-03-26] (National Instruments Corporation -> National Instruments Corporation)
S3 nihorbrk; C:\WINDOWS\System32\drivers\nihorbrkl.sys [23536 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
S3 nilmsk; C:\WINDOWS\System32\drivers\nilmskl.sys [23600 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
R3 nimdbgk; C:\WINDOWS\System32\drivers\nimdbgkl.sys [23560 2020-03-18] (National Instruments Corporation -> National Instruments Corporation)
R3 nimru2k; C:\WINDOWS\System32\drivers\nimru2kl.sys [23568 2020-03-19] (National Instruments Corporation -> National Instruments Corporation)
S3 nimsdrk; C:\WINDOWS\System32\drivers\nimsdrkl.sys [31344 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
S3 nimstsk; C:\WINDOWS\System32\drivers\nimstskl.sys [31288 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
R3 nimxdfk; C:\WINDOWS\System32\drivers\nimxdfkl.sys [23544 2020-03-18] (National Instruments Corporation -> National Instruments Corporation)
S3 nimxpk; C:\WINDOWS\System32\drivers\nimxpkl.sys [31296 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
S3 ninshsdk; C:\WINDOWS\System32\drivers\ninshsdkl.sys [15200 2015-01-27] (National Instruments Corporation -> National Instruments Corporation)
S3 niorbk; C:\WINDOWS\System32\drivers\niorbkl.sys [23552 2020-03-18] (National Instruments Corporation -> National Instruments Corporation)
S3 nipalfwedl; C:\WINDOWS\System32\drivers\nipalfwedl.sys [23808 2020-03-13] (National Instruments Corporation -> National Instruments Corporation)
R0 NIPALK; C:\WINDOWS\System32\drivers\nipalk.sys [790232 2020-03-13] (National Instruments Corporation -> National Instruments Corporation)
S3 nipalusbedl; C:\WINDOWS\System32\drivers\nipalusbedl.sys [23824 2020-03-13] (National Instruments Corporation -> National Instruments Corporation)
R0 nipbcfk; C:\WINDOWS\System32\drivers\nipbcfk.sys [19288 2020-03-13] (National Instruments Corporation -> National Instruments Corporation)
R0 nipcibrd; C:\WINDOWS\System32\drivers\nipcibrd.sys [141288 2020-08-25] (National Instruments Corporation -> National Instruments Corporation)
S3 nipxifpk; C:\WINDOWS\System32\drivers\nipxifpk.sys [43800 2020-08-25] (National Instruments Corporation -> National Instruments Corporation)
S3 nipxigpk; C:\WINDOWS\System32\drivers\nipxigpk.sys [32984 2020-08-25] (National Instruments Corporation -> National Instruments Corporation)
R2 nipxirmk; C:\WINDOWS\System32\drivers\nipxirmkl.sys [23480 2020-08-25] (National Instruments Corporation -> National Instruments Corporation)
S3 niraptrk; C:\WINDOWS\System32\drivers\niraptrkl.sys [23552 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
S3 niscdk; C:\WINDOWS\System32\drivers\niscdkl.sys [31528 2020-04-01] (National Instruments Corporation -> National Instruments Corporation)
S3 nisdigk; C:\WINDOWS\System32\drivers\nisdigkl.sys [23568 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
S3 nisftk; C:\WINDOWS\System32\drivers\nisftkl.sys [15184 2015-01-27] (National Instruments Corporation -> National Instruments Corporation)
S3 nispdk; C:\WINDOWS\System32\drivers\nispdkl.sys [31528 2020-04-01] (National Instruments Corporation -> National Instruments Corporation)
S3 nissrk; C:\WINDOWS\System32\drivers\nissrkl.sys [23552 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
S3 nistc2k; C:\WINDOWS\System32\drivers\nistc2kl.sys [31400 2020-03-26] (National Instruments Corporation -> National Instruments Corporation)
S3 nistc3rk; C:\WINDOWS\System32\drivers\nistc3rkl.sys [23544 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
S3 nistcrk; C:\WINDOWS\System32\drivers\nistcrkl.sys [31288 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
R2 nistreamk; C:\WINDOWS\System32\drivers\nistreamkl.sys [37376 2020-03-20] (National Instruments Corporation -> National Instruments Corporation)
S3 niswdk; C:\WINDOWS\System32\drivers\niswdkl.sys [30952 2020-03-23] (National Instruments Corporation -> National Instruments Corporation)
S3 nitfurk; C:\WINDOWS\System32\drivers\nitfurkl.sys [23592 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
S3 nitiork; C:\WINDOWS\System32\drivers\nitiorkl.sys [31288 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
S3 niufurk; C:\WINDOWS\System32\drivers\niufurkl.sys [23584 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
R3 NiViPciK; C:\WINDOWS\System32\drivers\NiViPciKl.sys [23568 2020-04-07] (National Instruments Corporation -> National Instruments Corporation)
S3 niwfrk; C:\WINDOWS\System32\drivers\niwfrkl.sys [23552 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
S3 nixfmrrk; C:\WINDOWS\System32\drivers\nixfmrrkl.sys [23560 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
S3 nixsrk; C:\WINDOWS\System32\drivers\nixsrkl.sys [23552 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [36168 2019-09-26] (McAfee, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-15] (Microsoft Windows -> Microsoft Corporation)
S3 usb6xxxk; system32\drivers\usb6xxxkl.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-19 12:15 - 2021-05-19 12:15 - 000000980 _____ C:\Users\Asus\Desktop\problem.txt
2021-05-19 12:05 - 2021-05-19 12:05 - 000000226 _____ C:\WINDOWS\pxisys.ini
2021-05-19 12:05 - 2021-05-19 12:05 - 000000217 _____ C:\WINDOWS\pxiesys.ini
2021-05-18 19:41 - 2021-05-18 20:16 - 000859794 _____ C:\WINDOWS\ntbtlog.txt
2021-05-18 19:41 - 2021-05-18 20:12 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-05-18 19:32 - 2021-05-19 12:08 - 000004164 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{E519C14C-42E5-46B5-9849-382884D11CB6}
2021-05-17 21:00 - 2021-05-17 21:02 - 000000000 ____D C:\AdwCleaner
2021-05-17 20:48 - 2021-05-17 20:48 - 001529856 _____ (www.facebook.com/maasher) C:\Users\Asus\Downloads\NI License Activator 1.2.exe
2021-05-17 20:21 - 2021-05-17 20:21 - 000003698 _____ C:\WINDOWS\system32\Tasks\NIUpdateServiceCheckTask
2021-05-17 20:21 - 2021-05-17 20:21 - 000003382 _____ C:\WINDOWS\system32\Tasks\NIUpdateServiceStartupTask
2021-05-17 20:16 - 2021-05-17 20:16 - 000000000 ____D C:\Program Files (x86)\Netscape
2021-05-17 20:16 - 2021-05-17 20:16 - 000000000 ____D C:\Program Files (x86)\mozilla.org
2021-05-17 20:16 - 2021-05-17 20:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-05-17 20:08 - 2021-05-17 20:26 - 000000000 ____D C:\ProgramData\PXISA
2021-05-17 20:08 - 2021-05-17 20:08 - 000000132 _____ C:\WINDOWS\ODBC.INI
2021-05-17 20:07 - 2021-05-17 20:12 - 000205232 _____ C:\WINDOWS\SysWOW64\niorbmap
2021-05-17 20:06 - 2021-05-17 20:06 - 000001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NI LabVIEW 2020 SP1 (32-bit).lnk
2021-05-17 20:04 - 2021-05-17 20:04 - 000001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NI MAX.lnk
2021-05-17 20:02 - 2021-05-17 20:02 - 000000000 ____D C:\WINDOWS\SysWOW64\cvirte
2021-05-17 20:02 - 2021-05-17 20:02 - 000000000 ____D C:\WINDOWS\system32\cvirte
2021-05-17 20:02 - 2021-05-17 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MGI Solution Explorer
2021-05-17 20:02 - 2021-05-17 20:02 - 000000000 ____D C:\Program Files (x86)\MGI
2021-05-17 20:01 - 2021-05-17 20:30 - 000000000 ____D C:\Users\Asus\Documents\LabVIEW Data
2021-05-17 20:01 - 2021-05-17 20:02 - 000000000 ____D C:\ProgramData\JKI
2021-05-17 20:01 - 2021-05-17 20:01 - 000003994 _____ C:\WINDOWS\system32\Tasks\JKIUpdateTask
2021-05-17 20:01 - 2021-05-17 20:01 - 000001417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIPM Browser.lnk
2021-05-17 20:01 - 2021-05-17 20:01 - 000001407 _____ C:\Users\Public\Desktop\VIPM Browser.lnk
2021-05-17 20:01 - 2021-05-17 20:01 - 000001407 _____ C:\ProgramData\Desktop\VIPM Browser.lnk
2021-05-17 20:01 - 2021-05-17 20:01 - 000001403 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VI Package Manager (VIPM).lnk
2021-05-17 20:01 - 2021-05-17 20:01 - 000001393 _____ C:\Users\Public\Desktop\VI Package Manager.lnk
2021-05-17 20:01 - 2021-05-17 20:01 - 000001393 _____ C:\ProgramData\Desktop\VI Package Manager.lnk
2021-05-17 20:01 - 2021-05-17 20:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JKI
2021-05-17 20:01 - 2021-05-17 20:01 - 000000000 ____D C:\Program Files (x86)\JKI
2021-05-17 19:58 - 2021-05-17 19:58 - 000003766 _____ C:\WINDOWS\system32\Tasks\NI SSP Expiration Reminder
2021-05-17 19:57 - 2021-05-17 19:57 - 000001024 _____ C:\.rnd
2021-05-17 19:53 - 2021-05-17 20:24 - 000000000 __SHD C:\ProgramData\{6A1798B4-4BC3-42D3-8545-B1A43208F7FC}
2021-05-17 19:53 - 2021-05-17 19:57 - 000000000 ____D C:\ProgramData\RabbitMQ
2021-05-17 19:53 - 2021-05-17 19:53 - 000000000 ____D C:\Users\Asus\AppData\Roaming\RabbitMQ
2021-05-17 19:53 - 2021-05-17 19:53 - 000000000 ____D C:\Program Files\RabbitMQ Server
2021-05-17 19:49 - 2021-05-17 19:49 - 000000000 ____D C:\ProgramData\IVI Foundation
2021-05-17 19:48 - 2021-05-17 19:48 - 000000000 ____D C:\Program Files\IVI Foundation
2021-05-17 19:48 - 2021-05-17 19:48 - 000000000 ____D C:\Program Files (x86)\IVI Foundation
2021-05-17 19:47 - 2021-05-17 19:47 - 000001428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NI Launcher.lnk
2021-05-17 19:46 - 2021-05-17 19:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Erlang OTP 22 (x64)
2021-05-17 19:46 - 2021-05-17 19:46 - 000000000 ____D C:\Program Files\erl10.6
2021-05-17 19:45 - 2021-05-17 19:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2021-05-17 19:44 - 2021-05-17 19:44 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2021-05-17 19:44 - 2021-05-17 19:44 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2021-05-17 19:40 - 2021-05-17 20:18 - 000000000 ____D C:\Users\Public\Documents\National Instruments
2021-05-17 19:40 - 2021-05-17 20:18 - 000000000 ____D C:\ProgramData\Documents\National Instruments
2021-05-17 19:37 - 2021-05-17 19:37 - 000000000 ____D C:\Program Files\Common Files\OPC Foundation
2021-05-17 19:28 - 2021-05-17 20:26 - 000000000 ____D C:\Users\Asus\AppData\Local\National_Instruments
2021-05-17 19:28 - 2021-05-17 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\National Instruments
2021-05-17 19:27 - 2021-05-17 20:18 - 000000000 ____D C:\Program Files (x86)\National Instruments
2021-05-17 19:27 - 2021-05-17 20:09 - 000000000 ____D C:\Program Files\National Instruments
2021-05-17 19:26 - 2021-05-18 15:39 - 000000000 ____D C:\Users\Asus\AppData\Local\National Instruments
2021-05-17 19:26 - 2021-05-17 20:29 - 000000000 ____D C:\ProgramData\National Instruments
2021-05-17 19:25 - 2021-05-17 19:26 - 006176128 _____ (National Instruments Corporation) C:\Users\Asus\Downloads\ni-labview-2020-x86_20.6_suite_online.exe
2021-05-17 01:16 - 2021-05-19 12:18 - 000000000 ____D C:\FRST
2021-05-17 01:15 - 2021-05-19 12:18 - 000000000 ____D C:\Users\Asus\Desktop\FRST
2021-05-16 23:15 - 2021-05-16 23:15 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-05-16 23:15 - 2021-05-16 23:15 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d738e58615a6c9
2021-05-16 23:13 - 2021-05-16 23:13 - 000004094 _____ C:\WINDOWS\system32\Tasks\Update Checker
2021-05-16 16:19 - 2021-05-19 12:07 - 000003750 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2021-05-16 12:47 - 2021-05-16 12:47 - 000003438 _____ C:\WINDOWS\system32\Tasks\InstallShield® Setup Engine Kernel
2021-05-13 14:41 - 2021-05-13 14:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-13 14:41 - 2021-05-13 14:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-13 14:41 - 2021-05-13 14:41 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-13 14:41 - 2021-05-13 14:41 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-13 14:40 - 2021-05-13 14:40 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-13 14:40 - 2021-05-13 14:40 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-13 14:40 - 2021-05-13 14:40 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-13 14:40 - 2021-05-13 14:40 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-13 14:40 - 2021-05-13 14:40 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-13 14:40 - 2021-05-13 14:40 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-13 14:40 - 2021-05-13 14:40 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-13 14:40 - 2021-05-13 14:40 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-09 19:40 - 2021-05-09 19:40 - 000301461 _____ C:\Users\Asus\Downloads\Resume_of_Naimul.pdf
2021-05-09 19:18 - 2021-05-09 19:18 - 000157180 _____ C:\Users\Asus\Downloads\Summer Internship advertisement (2)-pages-deleted.pdf
2021-05-02 11:47 - 2021-05-02 11:47 - 000103080 _____ C:\Users\Asus\Downloads\BTECH_4TH_SEMESTER_RESULT_2019-20.pdf
2021-05-02 11:42 - 2021-05-02 11:42 - 000123383 _____ C:\Users\Asus\Downloads\result of nit dgp.pdf
2021-05-01 23:25 - 2021-05-01 23:25 - 000690646 _____ C:\Users\Asus\Downloads\1914006 (4).pdf
2021-05-01 15:57 - 2021-05-09 19:43 - 000001991 _____ C:\Users\Asus\Desktop\application.txt
2021-04-30 23:14 - 2021-04-30 23:15 - 000172501 _____ C:\Users\Asus\Downloads\exp 8 extra.pdf
2021-04-30 23:10 - 2021-04-30 23:10 - 000090255 _____ C:\Users\Asus\Downloads\AC ASS EXTRA.pdf
2021-04-30 22:58 - 2021-04-30 22:58 - 000812735 _____ C:\Users\Asus\Downloads\1914006 (3).pdf
2021-04-30 21:29 - 2021-04-30 23:13 - 000000000 ____D C:\Users\Asus\Downloads\ilovepdf_images-extracted
2021-04-30 21:27 - 2021-04-30 21:27 - 004194606 _____ C:\Users\Asus\Downloads\ilovepdf_images-extracted.zip
2021-04-30 19:24 - 2021-04-30 19:24 - 003370653 _____ C:\Users\Asus\Downloads\1914006 exp 8.pdf
2021-04-30 19:21 - 2021-04-30 19:21 - 000319897 _____ C:\Users\Asus\Downloads\1914075_AC assignment.pdf
2021-04-30 09:29 - 2021-04-30 09:29 - 000965622 _____ C:\Users\Asus\Downloads\exp 2,3,5,6.pdf
2021-04-30 09:29 - 2021-04-30 09:29 - 000520818 _____ C:\Users\Asus\Downloads\exp7.pdf
2021-04-30 08:52 - 2021-04-30 08:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-04-30 08:30 - 2021-05-01 22:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-28 15:40 - 2021-04-28 15:40 - 000000000 ____D C:\Program Files\AMD
2021-04-27 23:10 - 2021-04-27 23:10 - 000482573 _____ C:\Users\Asus\Downloads\Summer Internship advertisement (2).pdf
2021-04-27 03:05 - 2021-04-27 03:05 - 000053811 _____ C:\Users\Asus\Downloads\dec exp.pdf
2021-04-26 15:21 - 2021-04-26 15:21 - 000294121 _____ C:\Users\Asus\Downloads\1914013(#ass2).pdf
2021-04-26 02:01 - 2021-04-26 02:01 - 001275344 _____ C:\Users\Asus\Downloads\1914006 (2).pdf
2021-04-26 02:01 - 2021-04-26 02:01 - 000695055 _____ C:\Users\Asus\Downloads\1914013(C.S)
2021-04-26 02:01 - 2021-04-26 02:01 - 000510457 _____ C:\Users\Asus\Downloads\1914006 (1).pdf
2021-04-26 02:01 - 2021-04-26 02:01 - 000200919 _____ C:\Users\Asus\Downloads\1914013(c.s-3).pdf
2021-04-25 22:41 - 2021-04-25 22:41 - 001760861 _____ C:\Users\Asus\Downloads\DEC_Assignment (1914063).pdf
2021-04-25 17:01 - 2021-04-25 17:01 - 000720902 _____ C:\Users\Asus\Downloads\exp 5 extra.pdf
2021-04-25 17:00 - 2021-04-25 17:00 - 000616836 _____ C:\Users\Asus\Downloads\exp 10 extra.pdf
2021-04-25 16:58 - 2021-04-25 16:58 - 002027111 _____ C:\Users\Asus\Downloads\exp 9 extra.pdf
2021-04-24 23:10 - 2021-04-24 23:10 - 005700228 _____ C:\Users\Asus\Downloads\1914044.exp_9_and_exp_10.pdf
2021-04-24 23:10 - 2021-04-24 23:10 - 004091700 _____ C:\Users\Asus\Downloads\1914182_dec_lab_e9&10.pdf
2021-04-24 14:16 - 2021-05-19 12:09 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-24 14:16 - 2021-04-24 14:16 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-04-24 14:14 - 2021-05-19 12:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-24 14:14 - 2021-05-16 12:47 - 000003798 _____ C:\WINDOWS\system32\Tasks\Optimize Thumbnail Cache
2021-04-24 14:14 - 2021-04-24 14:14 - 000000020 ___SH C:\Users\Asus\ntuser.ini
2021-04-24 14:14 - 2021-04-24 14:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-378399548-4021493369-4051984164-1001
2021-04-24 14:13 - 2021-04-24 14:14 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2021-04-24 14:13 - 2021-04-24 14:14 - 000007623 _____ C:\WINDOWS\diagerr.xml
2021-04-24 14:06 - 2021-05-19 12:05 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-24 14:06 - 2021-05-18 23:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-24 14:06 - 2021-05-18 15:52 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2021-04-24 14:06 - 2021-05-13 16:47 - 000435096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-24 12:25 - 2021-04-24 14:06 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-04-24 12:23 - 2021-05-18 20:15 - 000000000 ____D C:\Users\Asus
2021-04-24 12:23 - 2019-12-07 14:40 - 000001105 _____ C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-24 12:21 - 2021-05-17 20:26 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-04-24 12:18 - 2021-04-24 12:18 - 000000000 ____D C:\ProgramData\ssh
2021-04-24 12:12 - 2021-04-24 12:12 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-04-24 12:11 - 2021-04-24 12:11 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-04-24 12:11 - 2021-04-24 12:11 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-04-24 12:11 - 2021-04-24 12:11 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-04-24 12:11 - 2021-04-24 12:11 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-04-24 12:11 - 2021-04-24 12:11 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-04-24 12:11 - 2021-04-24 12:11 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-04-24 12:11 - 2021-04-24 12:11 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-04-24 12:11 - 2021-04-24 12:11 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-04-24 12:11 - 2021-04-24 12:11 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-04-24 12:11 - 2021-04-24 12:11 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-04-24 12:11 - 2021-04-24 12:11 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-04-24 12:11 - 2021-04-24 12:11 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-04-24 12:11 - 2021-04-24 12:11 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-04-24 12:11 - 2021-04-24 12:11 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-04-24 12:11 - 2021-04-24 12:11 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-04-24 12:11 - 2021-04-24 12:11 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-04-24 12:10 - 2021-04-24 12:10 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-04-24 12:10 - 2021-04-24 12:10 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-04-24 12:10 - 2021-04-24 12:10 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-04-24 12:10 - 2021-04-24 12:10 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-04-24 12:10 - 2021-04-24 12:10 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-04-24 12:10 - 2021-04-24 12:10 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-04-24 12:10 - 2021-04-24 12:10 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-04-24 12:10 - 2021-04-24 12:10 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-04-24 12:10 - 2021-04-24 12:10 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-04-24 12:10 - 2021-04-24 12:10 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-04-24 12:10 - 2021-04-24 12:10 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-04-24 12:10 - 2021-04-24 12:10 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-04-24 12:10 - 2021-04-24 12:10 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-04-24 12:10 - 2021-04-24 12:10 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-04-24 12:10 - 2021-04-24 12:10 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-04-24 12:10 - 2021-04-24 12:10 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-04-24 12:10 - 2021-04-24 12:10 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-04-24 12:10 - 2021-04-24 12:10 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-04-24 12:10 - 2021-04-24 12:10 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-04-24 12:10 - 2021-04-24 12:10 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-04-24 12:10 - 2021-04-24 12:10 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-04-24 12:10 - 2021-04-24 12:10 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-04-24 12:10 - 2021-04-24 12:10 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-04-24 12:10 - 2021-04-24 12:10 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-04-24 12:10 - 2021-04-24 12:10 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-04-24 12:10 - 2021-04-24 12:10 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-04-24 12:10 - 2021-04-24 12:10 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-04-24 12:10 - 2021-04-24 12:10 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-04-24 12:10 - 2021-04-24 12:10 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-04-24 12:10 - 2021-04-24 12:10 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-04-24 12:10 - 2021-04-24 12:10 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-04-24 12:09 - 2021-04-24 12:09 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-04-24 12:09 - 2021-04-24 12:09 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-04-24 12:09 - 2021-04-24 12:09 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-04-24 12:09 - 2021-04-24 12:09 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-04-24 12:09 - 2021-04-24 12:09 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-04-24 12:09 - 2021-04-24 12:09 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-04-24 12:09 - 2021-04-24 12:09 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-04-24 12:09 - 2021-04-24 12:09 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-04-24 12:09 - 2021-04-24 12:09 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-04-24 12:09 - 2021-04-24 12:09 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-24 12:09 - 2021-04-24 12:09 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-04-24 12:09 - 2021-04-24 12:09 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-04-24 12:09 - 2021-04-24 12:09 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-04-24 12:09 - 2021-04-24 12:09 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-04-24 12:09 - 2021-04-24 12:09 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-04-24 12:09 - 2021-04-24 12:09 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-04-24 12:09 - 2021-04-24 12:09 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-04-24 12:09 - 2021-04-24 12:09 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-04-24 12:09 - 2021-04-24 12:09 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-04-24 12:08 - 2021-04-24 12:08 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-04-24 12:08 - 2021-04-24 12:08 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-04-24 12:08 - 2021-04-24 12:08 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-04-24 12:08 - 2021-04-24 12:08 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-04-24 12:08 - 2021-04-24 12:08 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-04-24 12:08 - 2021-04-24 12:08 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-04-24 12:08 - 2021-04-24 12:08 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-04-24 12:08 - 2021-04-24 12:08 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-04-24 12:08 - 2021-04-24 12:08 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-04-24 12:08 - 2021-04-24 12:08 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-04-24 12:08 - 2021-04-24 12:08 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-04-24 12:08 - 2021-04-24 12:08 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-04-24 11:45 - 2021-04-24 11:45 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-04-24 04:28 - 2021-05-05 15:14 - 000000000 ___DC C:\WINDOWS\Panther
2021-04-24 04:21 - 2021-04-24 04:21 - 000000000 ___HD C:\$WinREAgent
2021-04-21 23:46 - 2021-04-21 23:46 - 002396756 _____ C:\Users\Asus\Downloads\1914044.exp_5_dec_lab_report.pdf
2021-04-21 21:19 - 2021-04-21 21:19 - 000106136 _____ C:\Users\Asus\Downloads\exp 7 extra.pdf
2021-04-21 21:16 - 2021-04-21 21:16 - 000139812 _____ C:\Users\Asus\Downloads\Exp 6 merging.pdf
2021-04-20 23:55 - 2021-04-20 23:55 - 002865194 _____ C:\Users\Asus\Downloads\1914051declab.pdf
2021-04-20 23:55 - 2021-04-20 23:55 - 001581637 _____ C:\Users\Asus\Downloads\1914079_Exp_7_CS_LAB.pdf
2021-04-20 23:54 - 2021-04-20 23:54 - 001472685 _____ C:\Users\Asus\Downloads\1914079 (2).pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-19 12:09 - 2019-12-07 14:43 - 000000000 ____D C:\WINDOWS\INF
2021-05-19 12:05 - 2019-12-07 14:44 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-19 12:05 - 2019-10-08 13:50 - 000000000 ____D C:\ProgramData\NVIDIA
2021-05-19 01:34 - 2019-12-07 14:33 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-05-19 01:33 - 2020-09-04 19:10 - 000000000 ____D C:\Users\Asus\AppData\LocalLow\Mozilla
2021-05-19 01:33 - 2020-09-04 19:10 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-18 23:24 - 2019-11-22 12:34 - 000000785 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-05-18 16:45 - 2021-02-10 13:52 - 000002351 _____ C:\Users\Asus\Desktop\Microsoft Teams.lnk
2021-05-18 16:23 - 2019-10-08 13:59 - 000000000 ____D C:\Users\Asus\AppData\Local\D3DSCache
2021-05-17 23:38 - 2021-04-15 19:42 - 000000355 _____ C:\Users\Asus\Documents\important.txt
2021-05-17 19:46 - 2019-10-20 19:13 - 000000000 ____D C:\ProgramData\Package Cache
2021-05-16 13:53 - 2019-10-20 19:04 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-05-15 20:25 - 2019-04-25 12:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-15 15:07 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-15 14:55 - 2020-07-16 15:19 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-15 14:55 - 2020-07-16 15:19 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-05-15 14:55 - 2020-07-16 15:19 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-05-15 14:55 - 2019-12-07 14:44 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-13 19:27 - 2019-12-07 14:44 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-13 16:46 - 2019-12-07 15:20 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-13 14:44 - 2019-12-07 14:33 - 000000000 ____D C:\WINDOWS\servicing
2021-05-13 14:44 - 2019-12-07 14:33 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-13 14:43 - 2019-12-07 15:22 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-13 14:17 - 2019-12-04 15:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-13 14:11 - 2019-12-04 15:53 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-13 13:57 - 2019-10-08 14:08 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-13 13:57 - 2019-10-08 14:08 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-13 13:57 - 2019-10-08 14:08 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-05-04 15:11 - 2019-10-08 13:59 - 000000000 ____D C:\Users\Asus\AppData\Local\AMD
2021-05-01 22:06 - 2020-09-04 19:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-05-01 15:05 - 2020-03-13 17:58 - 000000000 ____D C:\Users\Asus\AppData\Local\ElevatedDiagnostics
2021-04-30 19:21 - 2020-09-13 16:33 - 000000000 ____D C:\Users\Asus\Downloads\New
2021-04-30 08:51 - 2020-09-04 19:10 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-29 13:50 - 2020-10-03 00:08 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-28 18:39 - 2021-01-01 19:14 - 000000000 ____D C:\Users\Asus\Desktop\Fourth Semester
2021-04-26 13:37 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\appcompat
2021-04-24 14:26 - 2020-07-14 09:54 - 000000000 ____D C:\Users\Asus\AppData\Local\PlaceholderTileLogoFolder
2021-04-24 14:19 - 2019-12-07 14:44 - 000000000 ____D C:\ProgramData\USOPrivate
2021-04-24 14:19 - 2019-04-25 12:45 - 000000000 ____D C:\Users\Asus\AppData\Local\Packages
2021-04-24 14:14 - 2019-12-07 14:44 - 000000000 ____D C:\Program Files\Windows Defender
2021-04-24 14:14 - 2019-12-07 14:33 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-04-24 14:14 - 2019-10-08 13:57 - 000002051 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-04-24 14:14 - 2019-10-08 13:56 - 000000000 ____D C:\WINDOWS\CxSvc
2021-04-24 14:14 - 2019-10-08 13:51 - 000000000 ____D C:\ProgramData\Packages
2021-04-24 14:14 - 2019-04-25 12:45 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-04-24 14:14 - 2019-04-25 12:45 - 000000000 ___RD C:\Users\Asus\3D Objects
2021-04-24 14:11 - 2019-12-07 14:44 - 000000000 __RHD C:\Users\Public\Libraries
2021-04-24 14:07 - 2019-10-08 13:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-04-24 14:06 - 2020-06-06 20:39 - 000000000 ____D C:\Program Files\UNP
2021-04-24 14:06 - 2020-02-22 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHAREit
2021-04-24 14:06 - 2019-12-07 14:44 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-04-24 14:06 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-04-24 14:06 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\spool
2021-04-24 14:06 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-04-24 14:06 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-24 14:06 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-04-24 14:06 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\Help
2021-04-24 14:06 - 2019-12-07 14:44 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-04-24 14:06 - 2019-10-08 21:44 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2021-04-24 14:06 - 2019-10-08 21:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2021-04-24 14:06 - 2019-10-08 15:52 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2021-04-24 14:06 - 2019-10-08 15:50 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2021-04-24 14:06 - 2019-10-08 14:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-04-24 14:06 - 2019-10-08 14:09 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-04-24 14:06 - 2019-10-08 14:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-04-24 14:06 - 2019-03-19 10:22 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-04-24 14:06 - 2019-03-19 10:22 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-04-24 14:05 - 2019-12-07 14:48 - 000000000 ____D C:\WINDOWS\Setup
2021-04-24 12:31 - 2019-10-08 15:50 - 000000000 ____D C:\Users\Asus\AppData\Local\CrashDumps
2021-04-24 12:25 - 2021-02-13 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB
2021-04-24 12:25 - 2019-12-07 16:20 - 000000000 ____D C:\WINDOWS\Firmware
2021-04-24 12:25 - 2019-10-08 15:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2021-04-24 12:25 - 2019-10-08 13:53 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-04-24 12:18 - 2019-12-07 15:22 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-04-24 12:18 - 2019-12-07 15:22 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\Com
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\IME
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\Program Files\Common Files\System
2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-04-24 12:16 - 2019-12-07 15:22 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-04-22 13:30 - 2019-10-08 21:48 - 000000000 ____D C:\Users\Asus\AppData\Roaming\CodeBlocks

==================== Files in the root of some directories ========

2020-12-02 01:32 - 2020-12-15 12:33 - 000004208 _____ () C:\Users\Asus\AppData\Roaming\LTspiceXVII.ini
2021-03-01 22:45 - 2021-03-01 22:45 - 000000000 ____H () C:\Users\Asus\AppData\Local\BITF959.tmp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05-2021
Ran by Asus (19-05-2021 12:22:15)
Running from C:\Users\Asus\Desktop\FRST
Windows 10 Home Single Language Version 20H2 19042.985 (X64) (2021-04-24 08:44:12)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-378399548-4021493369-4051984164-500 - Administrator - Disabled)
Asus (S-1-5-21-378399548-4021493369-4051984164-1001 - Administrator - Enabled) => C:\Users\Asus
DefaultAccount (S-1-5-21-378399548-4021493369-4051984164-503 - Limited - Disabled)
Guest (S-1-5-21-378399548-4021493369-4051984164-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-378399548-4021493369-4051984164-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{F8F948EA-5AEA-4158-8821-A2F788ECE936}) (Version: 16.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)
CodeBlocks (HKU\S-1-5-21-378399548-4021493369-4051984164-1001\...\CodeBlocks) (Version: 17.12 - The Code::Blocks Team)
CPUID CPU-Z Gigabyte 1.90 (HKLM\...\CPUID CPU-Z Gigabyte_is1) (Version: 1.90 - CPUID, Inc.)
Erlang OTP 22 (10.6) (HKLM-x32\...\Erlang OTP 22 (10.6)) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
LTspice XVII (HKLM\...\LTspice XVII) (Version: - Linear Technology Corporation)
MATLAB R2013a (HKLM\...\Matlab R2013a) (Version: 8.1 - The MathWorks, Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-378399548-4021493369-4051984164-1001\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-378399548-4021493369-4051984164-1001\...\Teams) (Version: 1.4.00.2879 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 88.0 (x64 en-US) (HKLM\...\Mozilla Firefox 88.0 (x64 en-US)) (Version: 88.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 80.0.1 - Mozilla)
MSI Afterburner 4.6.1 (HKLM-x32\...\Afterburner) (Version: 4.6.1 - MSI Co., LTD)
National Instruments Software (HKLM-x32\...\NI Uninstaller) (Version: - National Instruments)
NI Measurement Studio Common Help 19.0 for .NET Framework (64-bit) (HKLM\...\{5497DD47-C545-4036-8C5B-5B1674E60883}) (Version: 19.00.49152 - National Instruments)
NI Measurement Studio Common Help 19.0 for .NET Framework (HKLM-x32\...\{5FC780E5-385F-4443-900C-7D0F61967196}) (Version: 19.00.49152 - National Instruments)
NI Package Manager 64-bit (HKLM\...\NI Package Manager) (Version: 20.7.1 - National Instruments)
NVIDIA Graphics Driver 457.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.63 - NVIDIA Corporation)
RabbitMQ Server 3.8.2 (HKLM-x32\...\RabbitMQ) (Version: 3.8.2 - Pivotal Software, Inc.)
SHAREit (HKLM-x32\...\www.ushareit.com_is1) (Version: 4.0.6.177 - SHAREit Technologies Co.Ltd)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
VI Package Manager 2020.1 (HKLM-x32\...\{582ADD07-2992-44D8-BF48-93F34B24144B}) (Version: 20.1.2348 - JKI)
VISA Shared Components 5.12.0 (64-Bit) (HKLM\...\{452610CE-4A5B-4CFF-87F3-B6A49E621E5C}) (Version: 5.12.0300 - IVI Foundation) Hidden
VISA Shared Components 5.12.0 (64-Bit) (HKLM-x32\...\VISASharedComponents) (Version: 5.12 - IVI Foundation)
VISA.NET Shared Components 5.11.0 (64-Bit) (HKLM\...\{E518296D-57A9-434B-AB33-9928D9B5E09D}) (Version: 5.11.0301 - IVI Foundation) Hidden
VISA.NET Shared Components 5.11.0 (64-Bit) (HKLM-x32\...\VISANETSharedComponents5.11.0) (Version: 5.11.0301 - IVI Foundation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.5 - VideoLAN)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)

Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2021-04-24] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.1.778.0_x64__v10z8vjag6ke6 [2021-04-24] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-24] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1102.0_x64__8wekyb3d8bbwe [2021-04-24] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.959.0_x64__56jybvy8sckqj [2020-12-02] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-04] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-07-15] (Adobe Systems Incorporated)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2049.10.0_x64__cv1g1gvanyjgm [2020-12-27] (WhatsApp Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-378399548-4021493369-4051984164-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Asus\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_2fe1168e8adef8f6\nvshext.dll [2021-01-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-06-15 19:16 - 2020-06-15 19:16 - 000005120 _____ () [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\Compat\NI5690.sdc
2020-06-15 19:16 - 2020-06-15 19:16 - 000012288 _____ () [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\Compat\NIDWG.sdc
2020-06-15 19:16 - 2020-06-15 19:16 - 000021504 _____ () [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\Compat\NIHSD.sdc
2020-06-15 19:16 - 2020-06-15 19:16 - 000006144 _____ () [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\Compat\NIPS.sdc
2020-06-15 19:16 - 2020-06-15 19:16 - 000005632 _____ () [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\Compat\NIRFSA.sdc
2020-06-15 19:16 - 2020-06-15 19:16 - 000013312 _____ () [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\Compat\NISL.sdc
2020-06-15 19:16 - 2020-06-15 19:16 - 000013824 _____ () [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\Compat\NISRC.sdc
2020-06-15 19:16 - 2020-06-15 19:16 - 000006656 _____ () [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\Compat\NISYNC.sdc
2020-06-15 19:16 - 2020-06-15 19:16 - 000007680 _____ () [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\Compat\NITNR.sdc
2020-06-15 19:16 - 2020-06-15 19:16 - 000009728 _____ () [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\Compat\NITSU.sdc
2019-12-10 03:11 - 2019-12-10 03:11 - 003778048 _____ () [File not signed] C:\Program Files\erl10.6\erts-10.6\bin\beam.smp.dll
2019-12-10 03:11 - 2019-12-10 03:11 - 000164864 _____ () [File not signed] C:\Program Files\erl10.6\erts-10.6\bin\erlexec.dll
2019-12-10 03:06 - 2019-12-10 03:06 - 000017920 _____ () [File not signed] c:\Program Files\erl10.6\lib\asn1-5.0.9\priv\lib\asn1rt_nif.dll
2019-12-10 03:08 - 2019-12-10 03:08 - 001564160 _____ () [File not signed] c:\Program Files\erl10.6\lib\crypto-4.6.3\priv\lib\crypto.dll
2019-12-10 03:08 - 2019-12-10 03:08 - 000007680 _____ () [File not signed] c:\Program Files\erl10.6\lib\crypto-4.6.3\priv\lib\crypto_callback.dll
2013-11-15 12:17 - 2013-11-15 12:17 - 000050688 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2013-11-15 12:17 - 2013-11-15 12:17 - 000066048 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2015-01-27 12:11 - 2015-01-27 12:11 - 000021504 _____ (National Instruments Corporation) [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\NI6535.sdc
2015-01-27 12:11 - 2015-01-27 12:11 - 000014848 _____ (National Instruments Corporation) [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\NISFT.sdc
2020-11-17 11:43 - 2020-11-17 11:43 - 000035328 _____ (National Instruments Corporation) [File not signed] C:\Program Files (x86)\National Instruments\Shared\NI WebServer\mod_niconf.dll
2020-11-17 11:43 - 2020-11-17 11:43 - 000061440 _____ (National Instruments Corporation) [File not signed] C:\Program Files (x86)\National Instruments\Shared\NI WebServer\mod_niesp.dll
2020-11-17 11:43 - 2020-11-17 11:43 - 000209408 _____ (National Instruments Corporation) [File not signed] C:\Program Files (x86)\National Instruments\Shared\NI WebServer\mod_nisessmgr.dll
2020-11-17 11:44 - 2020-11-17 11:44 - 000134656 _____ (National Instruments Corporation) [File not signed] C:\ProgramData\National Instruments\WebServices\NI\LVWSAuthSvc\niauthsvc.dll
2020-11-17 11:43 - 2020-11-17 11:43 - 000031744 _____ (National Instruments Corporation) [File not signed] C:\ProgramData\National Instruments\WebServices\NI\LVWSDeploySvc\deploysvc.dll
2020-11-17 11:44 - 2020-11-17 11:44 - 000165376 _____ (National Instruments Corporation) [File not signed] C:\ProgramData\National Instruments\WebServices\NI\LVWSSSLAdmin\ssladminsvc.dll
2020-11-17 11:44 - 2020-11-17 11:44 - 000219648 _____ (National Instruments Corporation) [File not signed] C:\ProgramData\National Instruments\WebServices\NI\LVWSSysAdmin\sysadminsvc.dll
2020-11-17 12:29 - 2020-11-17 12:29 - 000128512 _____ (National Instruments Corporation) [File not signed] C:\ProgramData\National Instruments\WebServices\NI\wif_core\wif_core.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 10:19 - 2019-03-19 10:19 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2019-11-22 12:34 - 2021-05-18 23:24 - 000000785 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
189
60
601
7 601
54 44 992
992
792

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\National Instruments\Shared\OpenVINO\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;D:\Program Files\MATLAB\R2013a\runtime\win64;D:\Program Files\MATLAB\R2013a\bin;C:\Program Files (x86)\IVI Foundation\VISA\WinNT\Bin\;C:\Program Files\IVI Foundation\VISA\Win64\Bin\;C:\Program Files (x86)\National Instruments\Shared\LabVIEW CLI;C:\Program Files (x86)\IVI Foundation\VISA\WinNT\Bin
HKU\S-1-5-21-378399548-4021493369-4051984164-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-80-1122491841-3392631692-228128370-2991616343-3360392805\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-80-2318606733-4105731500-2265514868-2382646068-3090068018\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-80-63272789-367670524-4235130887-501008514-333400210\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 172.16.3.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKU\S-1-5-21-378399548-4021493369-4051984164-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-378399548-4021493369-4051984164-1001\...\StartupApproved\Run: => "Adobe Reader Synchronizer"
HKU\S-1-5-21-378399548-4021493369-4051984164-1001\...\StartupApproved\Run: => "btweb"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{CBF383DD-49FB-45E8-985C-DCE7CAAA1A07}C:\users\asus\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\asus\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{8E564507-A839-467B-B21D-4B1B040A6B3A}C:\users\asus\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\asus\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{346A4F76-B046-450C-B06D-73BD9D810AF7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E17C2AE6-18B5-4071-8A18-6C4B2F97158A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{300BB5B2-2FC3-4DB3-BEA3-BC09B59805B5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BF8A63D1-2ACE-4560-8360-F7B00986120F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{170CCCF6-9EBB-4450-B9B8-61597E1502D1}] => (Allow) D:\Program Files (x86)\Mr DJ\Need For Speed Hot Pursuit\ConfigTool.exe => No File
FirewallRules: [{5189B748-15C9-4CA8-BE17-EA35EE536C84}] => (Allow) D:\Program Files (x86)\Mr DJ\Need For Speed Hot Pursuit\ConfigTool.exe => No File
FirewallRules: [{B9DE4310-D14A-4AC8-AD57-8D7B325D1F14}] => (Allow) D:\Program Files (x86)\Mr DJ\Need For Speed Hot Pursuit\NFS11.exe => No File
FirewallRules: [{69582727-CCD9-4E0A-BF9F-659987E47F72}] => (Allow) D:\Program Files (x86)\Mr DJ\Need For Speed Hot Pursuit\NFS11.exe => No File
FirewallRules: [{84D7CBCF-A286-4A4F-8247-075370A950C1}] => (Allow) C:\Program Files (x86)\Mr DJ\Need For Speed Hot Pursuit\ConfigTool.exe => No File
FirewallRules: [{3D743B71-DFE9-4FFF-97C4-8F85C21F69EE}] => (Allow) C:\Program Files (x86)\Mr DJ\Need For Speed Hot Pursuit\ConfigTool.exe => No File
FirewallRules: [{58FCD728-77A2-400D-B1A1-F82371DA50B2}] => (Allow) C:\Program Files (x86)\Mr DJ\Need For Speed Hot Pursuit\NFS11.exe => No File
FirewallRules: [{4469C15D-4E53-4D92-952E-61943737BA71}] => (Allow) C:\Program Files (x86)\Mr DJ\Need For Speed Hot Pursuit\NFS11.exe => No File
FirewallRules: [{CC9D8680-D9E1-4053-AA33-67EB5685F9EA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9954D499-1E66-47A6-9222-0EFCB7611C57}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{801ED1E6-6B40-40F4-8D01-8FD8EEC7F90F}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
FirewallRules: [{EE29B0AF-D945-45D2-A5B3-13940FA4AF4F}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
FirewallRules: [TCP Query User{0247D86B-3A32-43D3-94EC-A4D1BF342D25}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{8C19DF4C-3F28-42E4-A615-56D888F37281}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5E4A2EB8-E21A-4C1C-AB9F-9CABF6C7E488}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8A3BB187-468E-4D84-9792-02A814D0A23C}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe (National Instruments Corporation -> National Instruments Corporation)
FirewallRules: [{DF58609B-7294-4D7B-8E9A-A4EABA727F0B}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe (National Instruments Corporation -> National Instruments Corporation)
FirewallRules: [{6849FE02-BB6C-4E4B-9D4A-4A7FF1E9805E}] => (Allow) C:\Program Files\erl10.6\erts-10.6\bin\epmd.exe () [File not signed]
FirewallRules: [{A50E78ED-5234-4600-8026-D7A25E6D5ECA}] => (Allow) C:\Program Files\erl10.6\bin\erl.exe () [File not signed]
FirewallRules: [{82853E0F-9F20-4ABE-9E5D-1FBA18E8EDB7}] => (Allow) C:\Program Files\erl10.6\erts-10.6\bin\erl.exe () [File not signed]
FirewallRules: [{A9C2A7E2-75FE-4C61-8B15-6FCD44513AE3}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe (National Instruments Corporation -> National Instruments Corporation)
FirewallRules: [{E00BB3BC-29C0-4CC8-ABB9-86CE8659BBA2}] => (Allow) LPort=15672
FirewallRules: [{3B848BF1-A2CB-49D8-BEDD-6E15C4BDB929}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation -> National Instruments Corporation)
FirewallRules: [{22EC3136-CADE-4416-9D77-F40268D55AD2}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation -> National Instruments Corporation)
FirewallRules: [{C229CA86-D1D2-4089-A45B-2E31E803BAF1}] => (Allow) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation -> National Instruments Corporation)
FirewallRules: [{4F08CF52-B016-4A68-944C-1304C9C0BE35}] => (Allow) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation -> National Instruments Corporation)
FirewallRules: [{CD4A55A3-AC69-4910-B11D-11764353D2A1}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe (National Instruments Corporation -> National Instruments Corporation)
FirewallRules: [{E9F3CA92-CAD3-46F6-BDA4-C9D733553497}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe (National Instruments Corporation -> National Instruments Corporation)
FirewallRules: [{95BE4D68-FD92-4D32-8E0E-2ACE833137F5}] => (Allow) C:\Program Files (x86)\JKI\VI Package Manager\support\JKIUpdate.exe (James Kring, Inc. -> JKI)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.16 GB) (Free:47.12 GB) (42%)

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (05/19/2021 12:23:10 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2121-04-25T06:53:10Z. Error Code: 0x80070002.

Error: (05/19/2021 12:22:40 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2121-04-25T06:52:40Z. Error Code: 0x80070002.

Error: (05/19/2021 12:22:10 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2121-04-25T06:51:10Z. Error Code: 0x80070002.

Error: (05/19/2021 12:21:40 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2121-04-25T06:51:40Z. Error Code: 0x80070002.

Error: (05/19/2021 12:20:51 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2121-04-25T06:50:51Z. Error Code: 0x80070002.

Error: (05/19/2021 12:20:21 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2121-04-25T06:50:21Z. Error Code: 0x80070002.

Error: (05/19/2021 12:19:28 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2121-04-25T06:49:28Z. Error Code: 0x80070002.

Error: (05/19/2021 12:18:58 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2121-04-25T06:48:58Z. Error Code: 0x80070002.

System errors:
=============
Error: (05/19/2021 01:25:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CxUIUSvc Service service terminated unexpectedly. It has done this 1 time(s).

Error: (05/18/2021 08:16:45 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-9ARMNNG)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/18/2021 08:16:38 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-9ARMNNG)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/18/2021 08:15:42 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-9ARMNNG)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/18/2021 08:15:41 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-9ARMNNG)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (05/18/2021 08:15:36 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-9ARMNNG)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/18/2021 08:15:31 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-9ARMNNG)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/18/2021 08:15:25 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-9ARMNNG)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Windows Defender:
================
Date: 2021-05-17 20:58:49
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-05-17 03:39:03
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=App:Utorrent_BundleInstaller&threatid=290703&enterprise=0
Name: App:Utorrent_BundleInstaller
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Users\Asus\AppData\Roaming\BitTorrent\updates\7.10.5_45785.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: User
Process Name: Unknown
Security intelligence Version: AV: 1.339.825.0, AS: 1.339.825.0, NIS: 1.339.825.0
Engine Version: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-15 17:31:55
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-05-13 14:08:00
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-05-12 14:06:40
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-05-19 12:19:50
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.339.970.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18100.6
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2021-05-18 20:12:19
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2021-05-18 19:48:21
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2021-05-18 19:41:40
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2021-05-18 16:36:06
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.339.953.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18100.6
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:
===============
Date: 2021-05-19 12:20:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. X570ZD.310 07/04/2019
Motherboard: ASUSTeK COMPUTER INC. X570ZD
Processor: AMD Ryzen 5 2500U with Radeon Vega Mobile Gfx
Percentage of memory in use: 56%
Total physical RAM: 7116.23 MB
Available physical RAM: 3075.81 MB
Total Virtual: 8268.23 MB
Available Virtual: 2546.68 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.16 GB) (Free:47.12 GB) NTFS
Drive d: (OS) (Fixed) (Total:481.62 GB) (Free:439.82 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:448.79 GB) (Free:327.32 GB) NTFS

\\?\Volume{764d5628-3bcb-480a-a3ec-6df05efb8336}\ (Recovery) (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{870ba08b-6dfa-43cd-9c25-62f98bb39cc2}\ (RECOVERY) (Fixed) (Total:0.83 GB) (Free:0.39 GB) NTFS
\\?\Volume{3c498f32-8e43-46c5-b0b2-e9992850a15f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: C225EC37)

Partition: GPT.

==================== End of Addition.txt =======================

Attached Files

FRST.txt 66.13KB 2 downloads
Addition.txt 31.19KB 2 downloads

Edited by Oh My!, 19 May 2021 - 09:30 AM.

BC AdBot (Login to Remove)

BleepingComputer.com
Register to remove ads

#2 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
62,343 posts
OFFLINE

Gender:Male
Location:California
Local time:04:06 PM

Posted 19 May 2021 - 09:29 AM

Greetings sylhetifua and :welcome:

to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:

First, please keep in mind most of us at BleepingComputer volunteer our assistance for your benefit in your time of need. Please try to match our commitment to you with your patience toward us.
It is important to not run any tools or take any steps other than those I will provide for you.
Please perform all steps in the order they are listed. If things are not clear or you experience problems be sure to stop and let me know.
Please copy and paste all logs into your post unless otherwise requested.
When your computer is clean I will let you know, provide instructions to remove tools and reports, and offer you information about how you can combat future infections.
If you do not reply to your topic after 5 days I will assume it has been abandoned and I will close it.

===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and let me know.

Thank you for your patience thus far.

Please allow me just a bit of time to review what you have posted.

Lord, to whom shall we go? You have the words of eternal life and we have believed and have come to know that you are the Holy One of God.
John 6:68-69

The Man on the Middle Cross Said I Could Come

#3 sylhetifua

Topic Starter

Members
11 posts
OFFLINE

Local time:04:36 AM

Posted 19 May 2021 - 09:31 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-05-2021

Ran by Asus (administrator) on DESKTOP-9ARMNNG (ASUSTeK COMPUTER INC. VivoBook_ASUSLaptop X570ZD_X570ZD) (19-05-2021 12:18:43)

Running from C:\Users\Asus\Desktop\FRST

Loaded Profiles: Asus & niroco & lkClassAds & niLXIDiscovery

Platform: Windows 10 Home Single Language Version 20H2 19042.985 (X64) Language: English (United States)

Default browser: Chrome

Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\erl10.6\erts-10.6\bin\epmd.exe

() [File not signed] C:\Program Files\erl10.6\erts-10.6\bin\erl.exe

() [File not signed] C:\Program Files\erl10.6\erts-10.6\bin\erlsrv.exe

() [File not signed] C:\Program Files\erl10.6\erts-10.6\bin\inet_gethost.exe

() [File not signed] C:\Program Files\erl10.6\lib\os_mon-2.5.1\priv\bin\win32sysinfo.exe

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository͘400.inf_amd64_d42706c82ef44182\B358199\atieclxx.exe

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository͘400.inf_amd64_d42706c82ef44182\B358199\atiesrxx.exe

(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_062c4d867b14997b\ASUSLiveUpdateAgent\AsusLiveUpdateAgent.exe

(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_062c4d867b14997b\ASUSOptimization\ASUSOptimization.exe

(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_062c4d867b14997b\ASUSSystemAnalysis\AsusSystemAnalysis.exe

(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsHidSrv64.exe

(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsLdrSrv64.exe

(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsMonStartupTask64.exe

(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Windows\CxSvc\CxUtilSvc.exe

(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe

(Flexera Software LLC -> InstallShield Software Corporation) [File not signed] C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\iKernel.exe

(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe

(ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_db704b106aae3892\ICEsoundService64.exe

(James Kring, Inc. -> JKI) C:\Program Files (x86)\JKI\VI Package Manager\support\VIPM Service.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\pacjsworker.exe

(Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_062c4d867b14997b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe

(Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems LLC.) C:\Windows\CxSvc\CxAudioSvc.exe

(Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe <2>

(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe

(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\MAX\nimxs.exe

(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\NI-488.2\Bin\gpibenumsvc.exe

(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\PXI\nipxicms.exe

(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe

(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe

(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe

(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe

(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe <5>

(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe

(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe

(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe

(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI-VISA\niLxiDiscovery.exe

(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe

(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe

(National Instruments Corporation -> National Instruments Corporation) C:\Program Files\National Instruments\Shared\NI Error Reporting\nierserver.exe

(National Instruments Corporation -> National Instruments Corporation) C:\Program Files\National Instruments\Shared\roco\niroco.exe

(National Instruments Corporation -> National Instruments Corporation) C:\Program Files\National Instruments\Shared\Sync Domain\nisds.exe

(National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe

(National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe

(National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\nidevldu.exe

(National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\nipxism.exe

(National Instruments) [File not signed] C:\Program Files (x86)\National Instruments\NI Device Monitor\DeviceMonitor.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_2fe1168e8adef8f6\Display.NvContainer\NVDisplay.Container.exe <2>

(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe

(Synaptics Incorporated -> Conexant Systems, Inc.) C:\Windows\System32\CxUIUSvc32.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [NI Device Monitor] => C:\Program Files (x86)\National Instruments\NI Device Monitor\DeviceMonitor.exe [150016 2019-03-20] (National Instruments) [File not signed]

HKU\S-1-5-21-378399548-4021493369-4051984164-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536440 2021-04-27] (Adobe Inc. -> Adobe Systems Incorporated)

HKU\S-1-5-21-378399548-4021493369-4051984164-1001\...\Run: [NIRegistrationWizard] => C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe [819760 2019-03-05] (National Instruments Corporation -> National Instruments Corporation)

HKLM\...\Windows x64\Print Processors\hpcpp165: C:\Windows\System32\spool\prtprocs\x64\hpcpp165.dll [602912 2014-02-19] (Hewlett-Packard Company -> Hewlett-Packard Corporation)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-13] (Google LLC -> Google LLC)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon - Shortcut.lnk [2021-05-18]

ShortcutTarget: ctfmon - Shortcut.lnk -> C:\Windows\System32\ctfmon.exe (Microsoft Windows -> Microsoft Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting (64-bit).lnk [2021-05-17]

ShortcutTarget: NI Error Reporting (64-bit).lnk -> C:\Program Files\National Instruments\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation -> National Instruments Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk [2021-05-17]

ShortcutTarget: NI Error Reporting.lnk -> C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation -> National Instruments Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VIPM Service.lnk [2021-05-17]

ShortcutTarget: VIPM Service.lnk -> C:\Program Files (x86)\JKI\VI Package Manager\support\VIPM Service.exe (James Kring, Inc. -> JKI)

HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {265B2D06-1F3F-4692-8B47-36E34C567AB7} - System32\Tasks\NIUpdateServiceStartupTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [875400 2019-03-05] (National Instruments Corporation -> National Instruments Corporation)

Task: {3221F2D9-121B-4330-A8D4-B31C7785CBE4} - System32\Tasks\NI SSP Expiration Reminder => C:\Program Files (x86)\National Instruments\Shared\SSP Notifier\SSP Notifier.exe [168272 2020-11-19] (National Instruments Corporation -> National Instruments)

Task: {40024555-0CC6-4676-AC9E-E7EB172EE090} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {657652D2-6284-4C48-B3D3-69C1DA84F720} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-04-30] (Mozilla Corporation -> Mozilla Foundation)

Task: {77295880-3178-4CE7-AB65-952E03905A86} - System32\Tasks\Optimize Thumbnail Cache => C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\isupdate.exe [61104 2020-09-26] (Flexera Software LLC -> InstallShield®) [File not signed]

Task: {80D06639-C3D0-44A8-870E-883C2F721EA4} - System32\Tasks\Update Checker => C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_062c4d867b14997b\ASUSLiveUpdateAgent\UpdateChecker.exe [181688 2021-01-13] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)

Task: {92143AD7-DF17-43D3-B683-9BAAD547DD4F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {A8548257-4778-4424-9EAD-094127680772} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {BF58A970-8DC7-4DE7-8A32-1D5B5332041C} - System32\Tasks\NIUpdateServiceCheckTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [875400 2019-03-05] (National Instruments Corporation -> National Instruments Corporation)

Task: {C31C3836-B8F4-4AAF-BE04-E3C2E8BFCDF6} - System32\Tasks\Microsoft\Windows\TextServicesFramework\CTF => C:\Windows\System32\ctfmon.exe [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

Task: {D3DD725B-F1B4-42DB-A73D-F8D22CE6F3FD} - System32\Tasks\JKIUpdateTask => C:\Program Files (x86)\JKI\VI Package Manager\support\JKIUpdate.exe [1488632 2020-07-27] (James Kring, Inc. -> JKI)

Task: {F10B366C-9CBB-4F77-8C67-A9863B9BB081} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_062c4d867b14997b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2215464 2021-01-13] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)

Task: {F55B051F-251C-4806-874B-C2498EA57191} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {FFA571CC-4ADD-49BB-B0E1-ECF3C27C7E0A} - System32\Tasks\InstallShield® Setup Engine Kernel => C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\iKernel.exe [72880 2020-10-16] (Flexera Software LLC -> InstallShield Software Corporation) [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ATTENTION (Restriction - ProxySettings)

AutoConfigURL: [HKLM] => hxxp://127.0.0.1:86/

AutoConfigURL: [HKLM-x32] => hxxp://127.0.0.1:86/

ProxyEnable: [S-1-5-21-378399548-4021493369-4051984164-1001] => Proxy is enabled.

ProxyServer: [S-1-5-21-378399548-4021493369-4051984164-1001] => 172.16.199.40:8080

Winsock: Catalog5 08 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [35448 2017-03-07] (National Instruments Corporation -> National Instruments Corporation)

Winsock: Catalog5-x64 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [38520 2017-03-07] (National Instruments Corporation -> National Instruments Corporation)

Tcpip\Parameters: [DhcpNameServer] 172.16.3.2

Tcpip\..\Interfaces\{dfa6841d-c96c-45b6-bb14-3c353d3b56fd}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Tcpip\..\Interfaces\{ed1c2a3d-4fd4-4d22-a921-afabc33a89ce}: [DhcpNameServer] 192.168.2.1

Tcpip\..\Interfaces\{ef4b6d1b-935c-4c89-a4b2-aa5629a347c6}: [DhcpNameServer] 172.16.3.2

ManualProxies: 0hxxp://127.0.0.1:86/

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:

=======

Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]

Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]

Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]

Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]

Edge DefaultProfile: Default

Edge Profile: C:\Users\Asus\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-18]

FireFox:

========

FF DefaultProfile: 0116dyq6.default

FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\0116dyq6.default [2021-05-17]

FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\88k9gicu.default-release [2021-05-19]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=3.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-12-20] (VideoLAN -> VideoLAN)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:

=======

CHR DefaultProfile: Default

CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default [2021-05-19]

CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://meet.google.com; hxxps://www.facebook.com

CHR Extension: (Slides) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-10-08]

CHR Extension: (YouTube) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-10-08]

CHR Extension: (Google Docs Offline) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-17]

CHR Extension: (Office - Enable Copy and Paste) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2020-09-12]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]

CHR Extension: (Chrome Media Router) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-24]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)

R2 AsHidService; C:\WINDOWS\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsHidSrv64.exe [173504 2019-03-04] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)

R2 ASLDRService; C:\WINDOWS\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsLdrSrv64.exe [227776 2019-03-04] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)

R2 ASUSLiveUpdateAgent; C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_062c4d867b14997b\ASUSLiveUpdateAgent\AsusLiveUpdateAgent.exe [272840 2021-01-13] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)

R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_062c4d867b14997b\ASUSOptimization\ASUSOptimization.exe [202168 2021-01-13] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)

R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_062c4d867b14997b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2215464 2021-01-13] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)

R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_062c4d867b14997b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [518048 2021-01-13] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)

R2 CxAudioSvc; C:\Windows\CxSvc\CxAudioSvc.exe [77216 2020-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems LLC.)

R2 CxUIUSvc; C:\WINDOWS\System32\CxUIUSvc32.exe [114968 2020-11-09] (Synaptics Incorporated -> Conexant Systems, Inc.)

R2 gpibenumsvc; C:\Program Files (x86)\National Instruments\NI-488.2\Bin\gpibenumsvc.exe [37872 2020-03-28] (National Instruments Corporation -> National Instruments Corporation)

R2 lkClassAds; C:\WINDOWS\SysWOW64\lkads.exe [61376 2020-04-07] (National Instruments Corporation -> National Instruments Corporation)

R2 lkTimeSync; C:\WINDOWS\SysWOW64\lktsrv.exe [73160 2020-04-07] (National Instruments Corporation -> National Instruments Corporation)

R2 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [96688 2020-03-12] (National Instruments Corporation -> National Instruments Corporation)

R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-15] (Hewlett-Packard) [File not signed]

R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [73736 2020-11-17] (National Instruments Corporation -> National Instruments Corporation)

S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [92680 2020-11-17] (National Instruments Corporation -> National Instruments Corporation)

R2 niauth; C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe [601544 2020-11-17] (National Instruments Corporation -> National Instruments Corporation)

R2 nidevldu; C:\WINDOWS\SysWOW64\nidevldu.exe [342496 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [424376 2020-04-07] (National Instruments Corporation -> National Instruments Corporation)

R2 niLXIDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI-VISA\niLxiDiscovery.exe [537144 2020-04-07] (National Instruments Corporation -> National Instruments Corporation)

R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [343080 2017-03-07] (National Instruments Corporation -> National Instruments Corporation)

R2 NINetworkDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [189512 2019-03-14] (National Instruments Corporation -> National Instruments Corporation)

R2 nipxicmsvc; C:\Program Files (x86)\National Instruments\PXI\nipxicms.exe [338904 2020-09-01] (National Instruments Corporation -> National Instruments Corporation)

R2 nipxirmu; C:\WINDOWS\SysWOW64\nipxism.exe [25472 2020-08-25] (National Instruments Corporation -> National Instruments Corporation)

S3 NiRioRpcLegacy; C:\WINDOWS\SysWOW64\NiRioRpc.exe [42352 2020-08-26] (National Instruments Corporation -> National Instruments Corporation)

S3 nirioserver; C:\WINDOWS\SysWOW64\nirioserver.exe [527296 2020-08-26] (National Instruments Corporation -> National Instruments Corporation)

R2 niroco; C:\Program Files\National Instruments\Shared\roco\niroco.exe [834528 2020-06-05] (National Instruments Corporation -> National Instruments Corporation)

R2 nisds; C:\Program Files\National Instruments\Shared\Sync Domain\nisds.exe [26560 2020-06-13] (National Instruments Corporation -> National Instruments Corporation)

R2 NiSvcLoc; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [102248 2020-03-16] (National Instruments Corporation -> National Instruments Corporation)

R2 NISystemWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [73712 2020-11-17] (National Instruments Corporation -> National Instruments Corporation)

R2 NITaggerService; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [752056 2020-04-08] (National Instruments Corporation -> National Instruments Corporation)

S4 NIWebServer; C:\Program Files\National Instruments\Shared\Web Server\httpd.exe [33656 2020-11-24] (National Instruments Corporation -> )

R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-15] (Hewlett-Packard) [File not signed]

R2 RabbitMQ; C:\Program Files\erl10.6\erts-10.6\bin\erlsrv.exe [226304 2019-12-10] () [File not signed]

S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)

R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_2fe1168e8adef8f6\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_2fe1168e8adef8f6\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)

R1 ASUSSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_062c4d867b14997b\ASUSSystemAnalysis\ASUSSAIO.sys [36408 2021-01-13] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)

R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\atkwmiacpi64.sys [36368 2019-03-04] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)

R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)

S3 lvalarmk; C:\WINDOWS\System32\drivers\lvalarmk.sys [36920 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

S3 nicdcck; C:\WINDOWS\System32\drivers\nicdcckl.sys [30984 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

S3 nicdrk; C:\WINDOWS\System32\drivers\nicdrkl.sys [23552 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

S3 nicmrk; C:\WINDOWS\System32\drivers\nicmrkl.sys [23576 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

S3 nicondrk; C:\WINDOWS\System32\drivers\nicondrkl.sys [23536 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

S3 nicsrk; C:\WINDOWS\System32\drivers\nicsrkl.sys [23544 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

R3 nidimk; C:\WINDOWS\System32\drivers\nidimkl.sys [23560 2020-03-19] (National Instruments Corporation -> National Instruments Corporation)

S3 nidmxfk; C:\WINDOWS\System32\drivers\nidmxfkl.sys [23536 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

S3 nidsark; C:\WINDOWS\System32\drivers\nidsarkl.sys [23552 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

S3 niemrk; C:\WINDOWS\System32\drivers\niemrkl.sys [23544 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

S3 niesrk; C:\WINDOWS\System32\drivers\niesrkl.sys [23544 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

R3 NIEthernetDeviceEnumerator; C:\WINDOWS\System32\drivers\niede.sys [59464 2019-03-29] (National Instruments Corporation -> National Instruments Corporation)

S3 nifdrk; C:\WINDOWS\System32\drivers\nifdrkl.sys [23544 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

S3 nifslk; C:\WINDOWS\System32\drivers\nifslkl.sys [30992 2020-03-26] (National Instruments Corporation -> National Instruments Corporation)

S3 nihorbrk; C:\WINDOWS\System32\drivers\nihorbrkl.sys [23536 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

S3 nilmsk; C:\WINDOWS\System32\drivers\nilmskl.sys [23600 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

R3 nimdbgk; C:\WINDOWS\System32\drivers\nimdbgkl.sys [23560 2020-03-18] (National Instruments Corporation -> National Instruments Corporation)

R3 nimru2k; C:\WINDOWS\System32\drivers\nimru2kl.sys [23568 2020-03-19] (National Instruments Corporation -> National Instruments Corporation)

S3 nimsdrk; C:\WINDOWS\System32\drivers\nimsdrkl.sys [31344 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

S3 nimstsk; C:\WINDOWS\System32\drivers\nimstskl.sys [31288 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

R3 nimxdfk; C:\WINDOWS\System32\drivers\nimxdfkl.sys [23544 2020-03-18] (National Instruments Corporation -> National Instruments Corporation)

S3 nimxpk; C:\WINDOWS\System32\drivers\nimxpkl.sys [31296 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

S3 ninshsdk; C:\WINDOWS\System32\drivers\ninshsdkl.sys [15200 2015-01-27] (National Instruments Corporation -> National Instruments Corporation)

S3 niorbk; C:\WINDOWS\System32\drivers\niorbkl.sys [23552 2020-03-18] (National Instruments Corporation -> National Instruments Corporation)

S3 nipalfwedl; C:\WINDOWS\System32\drivers\nipalfwedl.sys [23808 2020-03-13] (National Instruments Corporation -> National Instruments Corporation)

R0 NIPALK; C:\WINDOWS\System32\drivers\nipalk.sys [790232 2020-03-13] (National Instruments Corporation -> National Instruments Corporation)

S3 nipalusbedl; C:\WINDOWS\System32\drivers\nipalusbedl.sys [23824 2020-03-13] (National Instruments Corporation -> National Instruments Corporation)

R0 nipbcfk; C:\WINDOWS\System32\drivers\nipbcfk.sys [19288 2020-03-13] (National Instruments Corporation -> National Instruments Corporation)

R0 nipcibrd; C:\WINDOWS\System32\drivers\nipcibrd.sys [141288 2020-08-25] (National Instruments Corporation -> National Instruments Corporation)

S3 nipxifpk; C:\WINDOWS\System32\drivers\nipxifpk.sys [43800 2020-08-25] (National Instruments Corporation -> National Instruments Corporation)

S3 nipxigpk; C:\WINDOWS\System32\drivers\nipxigpk.sys [32984 2020-08-25] (National Instruments Corporation -> National Instruments Corporation)

R2 nipxirmk; C:\WINDOWS\System32\drivers\nipxirmkl.sys [23480 2020-08-25] (National Instruments Corporation -> National Instruments Corporation)

S3 niraptrk; C:\WINDOWS\System32\drivers\niraptrkl.sys [23552 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

S3 niscdk; C:\WINDOWS\System32\drivers\niscdkl.sys [31528 2020-04-01] (National Instruments Corporation -> National Instruments Corporation)

S3 nisdigk; C:\WINDOWS\System32\drivers\nisdigkl.sys [23568 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

S3 nisftk; C:\WINDOWS\System32\drivers\nisftkl.sys [15184 2015-01-27] (National Instruments Corporation -> National Instruments Corporation)

S3 nispdk; C:\WINDOWS\System32\drivers\nispdkl.sys [31528 2020-04-01] (National Instruments Corporation -> National Instruments Corporation)

S3 nissrk; C:\WINDOWS\System32\drivers\nissrkl.sys [23552 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

S3 nistc2k; C:\WINDOWS\System32\drivers\nistc2kl.sys [31400 2020-03-26] (National Instruments Corporation -> National Instruments Corporation)

S3 nistc3rk; C:\WINDOWS\System32\drivers\nistc3rkl.sys [23544 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

S3 nistcrk; C:\WINDOWS\System32\drivers\nistcrkl.sys [31288 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

R2 nistreamk; C:\WINDOWS\System32\drivers\nistreamkl.sys [37376 2020-03-20] (National Instruments Corporation -> National Instruments Corporation)

S3 niswdk; C:\WINDOWS\System32\drivers\niswdkl.sys [30952 2020-03-23] (National Instruments Corporation -> National Instruments Corporation)

S3 nitfurk; C:\WINDOWS\System32\drivers\nitfurkl.sys [23592 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

S3 nitiork; C:\WINDOWS\System32\drivers\nitiorkl.sys [31288 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

S3 niufurk; C:\WINDOWS\System32\drivers\niufurkl.sys [23584 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

R3 NiViPciK; C:\WINDOWS\System32\drivers\NiViPciKl.sys [23568 2020-04-07] (National Instruments Corporation -> National Instruments Corporation)

S3 niwfrk; C:\WINDOWS\System32\drivers\niwfrkl.sys [23552 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

S3 nixfmrrk; C:\WINDOWS\System32\drivers\nixfmrrkl.sys [23560 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

S3 nixsrk; C:\WINDOWS\System32\drivers\nixsrkl.sys [23552 2020-06-15] (National Instruments Corporation -> National Instruments Corporation)

S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [36168 2019-09-26] (McAfee, Inc. -> The OpenVPN Project)

S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-15] (Microsoft Windows -> Microsoft Corporation)

R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-15] (Microsoft Windows -> Microsoft Corporation)

S3 usb6xxxk; system32\drivers\usb6xxxkl.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-19 12:15 - 2021-05-19 12:15 - 000000980 _____ C:\Users\Asus\Desktop\problem.txt

2021-05-19 12:05 - 2021-05-19 12:05 - 000000226 _____ C:\WINDOWS\pxisys.ini

2021-05-19 12:05 - 2021-05-19 12:05 - 000000217 _____ C:\WINDOWS\pxiesys.ini

2021-05-18 19:41 - 2021-05-18 20:16 - 000859794 _____ C:\WINDOWS\ntbtlog.txt

2021-05-18 19:41 - 2021-05-18 20:12 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job

2021-05-18 19:32 - 2021-05-19 12:08 - 000004164 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{E519C14C-42E5-46B5-9849-382884D11CB6}

2021-05-17 21:00 - 2021-05-17 21:02 - 000000000 ____D C:\AdwCleaner

2021-05-17 20:48 - 2021-05-17 20:48 - 001529856 _____ (www.facebook.com/maasher) C:\Users\Asus\Downloads\NI License Activator 1.2.exe

2021-05-17 20:21 - 2021-05-17 20:21 - 000003698 _____ C:\WINDOWS\system32\Tasks\NIUpdateServiceCheckTask

2021-05-17 20:21 - 2021-05-17 20:21 - 000003382 _____ C:\WINDOWS\system32\Tasks\NIUpdateServiceStartupTask

2021-05-17 20:16 - 2021-05-17 20:16 - 000000000 ____D C:\Program Files (x86)\Netscape

2021-05-17 20:16 - 2021-05-17 20:16 - 000000000 ____D C:\Program Files (x86)\mozilla.org

2021-05-17 20:16 - 2021-05-17 20:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

2021-05-17 20:08 - 2021-05-17 20:26 - 000000000 ____D C:\ProgramData\PXISA

2021-05-17 20:08 - 2021-05-17 20:08 - 000000132 _____ C:\WINDOWS\ODBC.INI

2021-05-17 20:07 - 2021-05-17 20:12 - 000205232 _____ C:\WINDOWS\SysWOW64\niorbmap

2021-05-17 20:06 - 2021-05-17 20:06 - 000001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NI LabVIEW 2020 SP1 (32-bit).lnk

2021-05-17 20:04 - 2021-05-17 20:04 - 000001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NI MAX.lnk

2021-05-17 20:02 - 2021-05-17 20:02 - 000000000 ____D C:\WINDOWS\SysWOW64\cvirte

2021-05-17 20:02 - 2021-05-17 20:02 - 000000000 ____D C:\WINDOWS\system32\cvirte

2021-05-17 20:02 - 2021-05-17 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MGI Solution Explorer

2021-05-17 20:02 - 2021-05-17 20:02 - 000000000 ____D C:\Program Files (x86)\MGI

2021-05-17 20:01 - 2021-05-17 20:30 - 000000000 ____D C:\Users\Asus\Documents\LabVIEW Data

2021-05-17 20:01 - 2021-05-17 20:02 - 000000000 ____D C:\ProgramData\JKI

2021-05-17 20:01 - 2021-05-17 20:01 - 000003994 _____ C:\WINDOWS\system32\Tasks\JKIUpdateTask

2021-05-17 20:01 - 2021-05-17 20:01 - 000001417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIPM Browser.lnk

2021-05-17 20:01 - 2021-05-17 20:01 - 000001407 _____ C:\Users\Public\Desktop\VIPM Browser.lnk

2021-05-17 20:01 - 2021-05-17 20:01 - 000001407 _____ C:\ProgramData\Desktop\VIPM Browser.lnk

2021-05-17 20:01 - 2021-05-17 20:01 - 000001403 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VI Package Manager (VIPM).lnk

2021-05-17 20:01 - 2021-05-17 20:01 - 000001393 _____ C:\Users\Public\Desktop\VI Package Manager.lnk

2021-05-17 20:01 - 2021-05-17 20:01 - 000001393 _____ C:\ProgramData\Desktop\VI Package Manager.lnk

2021-05-17 20:01 - 2021-05-17 20:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JKI

2021-05-17 20:01 - 2021-05-17 20:01 - 000000000 ____D C:\Program Files (x86)\JKI

2021-05-17 19:58 - 2021-05-17 19:58 - 000003766 _____ C:\WINDOWS\system32\Tasks\NI SSP Expiration Reminder

2021-05-17 19:57 - 2021-05-17 19:57 - 000001024 _____ C:\.rnd

2021-05-17 19:53 - 2021-05-17 20:24 - 000000000 __SHD C:\ProgramData\{6A1798B4-4BC3-42D3-8545-B1A43208F7FC}

2021-05-17 19:53 - 2021-05-17 19:57 - 000000000 ____D C:\ProgramData\RabbitMQ

2021-05-17 19:53 - 2021-05-17 19:53 - 000000000 ____D C:\Users\Asus\AppData\Roaming\RabbitMQ

2021-05-17 19:53 - 2021-05-17 19:53 - 000000000 ____D C:\Program Files\RabbitMQ Server

2021-05-17 19:49 - 2021-05-17 19:49 - 000000000 ____D C:\ProgramData\IVI Foundation

2021-05-17 19:48 - 2021-05-17 19:48 - 000000000 ____D C:\Program Files\IVI Foundation

2021-05-17 19:48 - 2021-05-17 19:48 - 000000000 ____D C:\Program Files (x86)\IVI Foundation

2021-05-17 19:47 - 2021-05-17 19:47 - 000001428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NI Launcher.lnk

2021-05-17 19:46 - 2021-05-17 19:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Erlang OTP 22 (x64)

2021-05-17 19:46 - 2021-05-17 19:46 - 000000000 ____D C:\Program Files\erl10.6

2021-05-17 19:45 - 2021-05-17 19:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2021-05-17 19:44 - 2021-05-17 19:44 - 000000000 ____D C:\Program Files\Microsoft Silverlight

2021-05-17 19:44 - 2021-05-17 19:44 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2021-05-17 19:40 - 2021-05-17 20:18 - 000000000 ____D C:\Users\Public\Documents\National Instruments

2021-05-17 19:40 - 2021-05-17 20:18 - 000000000 ____D C:\ProgramData\Documents\National Instruments

2021-05-17 19:37 - 2021-05-17 19:37 - 000000000 ____D C:\Program Files\Common Files\OPC Foundation

2021-05-17 19:28 - 2021-05-17 20:26 - 000000000 ____D C:\Users\Asus\AppData\Local\National_Instruments

2021-05-17 19:28 - 2021-05-17 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\National Instruments

2021-05-17 19:27 - 2021-05-17 20:18 - 000000000 ____D C:\Program Files (x86)\National Instruments

2021-05-17 19:27 - 2021-05-17 20:09 - 000000000 ____D C:\Program Files\National Instruments

2021-05-17 19:26 - 2021-05-18 15:39 - 000000000 ____D C:\Users\Asus\AppData\Local\National Instruments

2021-05-17 19:26 - 2021-05-17 20:29 - 000000000 ____D C:\ProgramData\National Instruments

2021-05-17 19:25 - 2021-05-17 19:26 - 006176128 _____ (National Instruments Corporation) C:\Users\Asus\Downloads\ni-labview-2020-x86_20.6_suite_online.exe

2021-05-17 01:16 - 2021-05-19 12:18 - 000000000 ____D C:\FRST

2021-05-17 01:15 - 2021-05-19 12:18 - 000000000 ____D C:\Users\Asus\Desktop\FRST

2021-05-16 23:15 - 2021-05-16 23:15 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA

2021-05-16 23:15 - 2021-05-16 23:15 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d738e58615a6c9

2021-05-16 23:13 - 2021-05-16 23:13 - 000004094 _____ C:\WINDOWS\system32\Tasks\Update Checker

2021-05-16 16:19 - 2021-05-19 12:07 - 000003750 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474

2021-05-16 12:47 - 2021-05-16 12:47 - 000003438 _____ C:\WINDOWS\system32\Tasks\InstallShield® Setup Engine Kernel

2021-05-13 14:41 - 2021-05-13 14:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2021-05-13 14:41 - 2021-05-13 14:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2021-05-13 14:41 - 2021-05-13 14:41 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll

2021-05-13 14:41 - 2021-05-13 14:41 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll

2021-05-13 14:40 - 2021-05-13 14:40 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2021-05-13 14:40 - 2021-05-13 14:40 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2021-05-13 14:40 - 2021-05-13 14:40 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi

2021-05-13 14:40 - 2021-05-13 14:40 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE

2021-05-13 14:40 - 2021-05-13 14:40 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe

2021-05-13 14:40 - 2021-05-13 14:40 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe

2021-05-13 14:40 - 2021-05-13 14:40 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe

2021-05-13 14:40 - 2021-05-13 14:40 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim

2021-05-09 19:40 - 2021-05-09 19:40 - 000301461 _____ C:\Users\Asus\Downloads\Resume_of_Naimul.pdf

2021-05-09 19:18 - 2021-05-09 19:18 - 000157180 _____ C:\Users\Asus\Downloads\Summer Internship advertisement (2)-pages-deleted.pdf

2021-05-02 11:47 - 2021-05-02 11:47 - 000103080 _____ C:\Users\Asus\Downloads\BTECH_4TH_SEMESTER_RESULT_2019-20.pdf

2021-05-02 11:42 - 2021-05-02 11:42 - 000123383 _____ C:\Users\Asus\Downloads\result of nit dgp.pdf

2021-05-01 23:25 - 2021-05-01 23:25 - 000690646 _____ C:\Users\Asus\Downloads\1914006 (4).pdf

2021-05-01 15:57 - 2021-05-09 19:43 - 000001991 _____ C:\Users\Asus\Desktop\application.txt

2021-04-30 23:14 - 2021-04-30 23:15 - 000172501 _____ C:\Users\Asus\Downloads\exp 8 extra.pdf

2021-04-30 23:10 - 2021-04-30 23:10 - 000090255 _____ C:\Users\Asus\Downloads\AC ASS EXTRA.pdf

2021-04-30 22:58 - 2021-04-30 22:58 - 000812735 _____ C:\Users\Asus\Downloads\1914006 (3).pdf

2021-04-30 21:29 - 2021-04-30 23:13 - 000000000 ____D C:\Users\Asus\Downloads\ilovepdf_images-extracted

2021-04-30 21:27 - 2021-04-30 21:27 - 004194606 _____ C:\Users\Asus\Downloads\ilovepdf_images-extracted.zip

2021-04-30 19:24 - 2021-04-30 19:24 - 003370653 _____ C:\Users\Asus\Downloads\1914006 exp 8.pdf

2021-04-30 19:21 - 2021-04-30 19:21 - 000319897 _____ C:\Users\Asus\Downloads\1914075_AC assignment.pdf

2021-04-30 09:29 - 2021-04-30 09:29 - 000965622 _____ C:\Users\Asus\Downloads\exp 2,3,5,6.pdf

2021-04-30 09:29 - 2021-04-30 09:29 - 000520818 _____ C:\Users\Asus\Downloads\exp7.pdf

2021-04-30 08:52 - 2021-04-30 08:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla

2021-04-30 08:30 - 2021-05-01 22:06 - 000000000 ____D C:\Program Files\Mozilla Firefox

2021-04-28 15:40 - 2021-04-28 15:40 - 000000000 ____D C:\Program Files\AMD

2021-04-27 23:10 - 2021-04-27 23:10 - 000482573 _____ C:\Users\Asus\Downloads\Summer Internship advertisement (2).pdf

2021-04-27 03:05 - 2021-04-27 03:05 - 000053811 _____ C:\Users\Asus\Downloads\dec exp.pdf

2021-04-26 15:21 - 2021-04-26 15:21 - 000294121 _____ C:\Users\Asus\Downloads\1914013(#ass2).pdf

2021-04-26 02:01 - 2021-04-26 02:01 - 001275344 _____ C:\Users\Asus\Downloads\1914006 (2).pdf

2021-04-26 02:01 - 2021-04-26 02:01 - 000695055 _____ C:\Users\Asus\Downloads\1914013(C.S)

2021-04-26 02:01 - 2021-04-26 02:01 - 000510457 _____ C:\Users\Asus\Downloads\1914006 (1).pdf

2021-04-26 02:01 - 2021-04-26 02:01 - 000200919 _____ C:\Users\Asus\Downloads\1914013(c.s-3).pdf

2021-04-25 22:41 - 2021-04-25 22:41 - 001760861 _____ C:\Users\Asus\Downloads\DEC_Assignment (1914063).pdf

2021-04-25 17:01 - 2021-04-25 17:01 - 000720902 _____ C:\Users\Asus\Downloads\exp 5 extra.pdf

2021-04-25 17:00 - 2021-04-25 17:00 - 000616836 _____ C:\Users\Asus\Downloads\exp 10 extra.pdf

2021-04-25 16:58 - 2021-04-25 16:58 - 002027111 _____ C:\Users\Asus\Downloads\exp 9 extra.pdf

2021-04-24 23:10 - 2021-04-24 23:10 - 005700228 _____ C:\Users\Asus\Downloads\1914044.exp_9_and_exp_10.pdf

2021-04-24 23:10 - 2021-04-24 23:10 - 004091700 _____ C:\Users\Asus\Downloads\1914182_dec_lab_e9&10.pdf

2021-04-24 14:16 - 2021-05-19 12:09 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2021-04-24 14:16 - 2021-04-24 14:16 - 000000000 ____D C:\ProgramData\Microsoft OneDrive

2021-04-24 14:14 - 2021-05-19 12:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2021-04-24 14:14 - 2021-05-16 12:47 - 000003798 _____ C:\WINDOWS\system32\Tasks\Optimize Thumbnail Cache

2021-04-24 14:14 - 2021-04-24 14:14 - 000000020 ___SH C:\Users\Asus\ntuser.ini

2021-04-24 14:14 - 2021-04-24 14:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-378399548-4021493369-4051984164-1001

2021-04-24 14:13 - 2021-04-24 14:14 - 000007623 _____ C:\WINDOWS\diagwrn.xml

2021-04-24 14:13 - 2021-04-24 14:14 - 000007623 _____ C:\WINDOWS\diagerr.xml

2021-04-24 14:06 - 2021-05-19 12:05 - 000008192 ___SH C:\DumpStack.log.tmp

2021-04-24 14:06 - 2021-05-18 23:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2021-04-24 14:06 - 2021-05-18 15:52 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK

2021-04-24 14:06 - 2021-05-13 16:47 - 000435096 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2021-04-24 12:25 - 2021-04-24 14:06 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate

2021-04-24 12:23 - 2021-05-18 20:15 - 000000000 ____D C:\Users\Asus

2021-04-24 12:23 - 2019-12-07 14:40 - 000001105 _____ C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2021-04-24 12:21 - 2021-05-17 20:26 - 000000000 ____D C:\WINDOWS\ServiceProfiles

2021-04-24 12:18 - 2021-04-24 12:18 - 000000000 ____D C:\ProgramData\ssh

2021-04-24 12:12 - 2021-04-24 12:12 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll

2021-04-24 12:11 - 2021-04-24 12:11 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr

2021-04-24 12:11 - 2021-04-24 12:11 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx

2021-04-24 12:11 - 2021-04-24 12:11 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr

2021-04-24 12:11 - 2021-04-24 12:11 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl

2021-04-24 12:11 - 2021-04-24 12:11 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax

2021-04-24 12:11 - 2021-04-24 12:11 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax

2021-04-24 12:11 - 2021-04-24 12:11 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax

2021-04-24 12:11 - 2021-04-24 12:11 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax

2021-04-24 12:11 - 2021-04-24 12:11 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax

2021-04-24 12:11 - 2021-04-24 12:11 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax

2021-04-24 12:11 - 2021-04-24 12:11 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx

2021-04-24 12:11 - 2021-04-24 12:11 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl

2021-04-24 12:11 - 2021-04-24 12:11 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx

2021-04-24 12:11 - 2021-04-24 12:11 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl

2021-04-24 12:11 - 2021-04-24 12:11 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll

2021-04-24 12:11 - 2021-04-24 12:11 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll

2021-04-24 12:10 - 2021-04-24 12:10 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll

2021-04-24 12:10 - 2021-04-24 12:10 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll

2021-04-24 12:10 - 2021-04-24 12:10 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll

2021-04-24 12:10 - 2021-04-24 12:10 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll

2021-04-24 12:10 - 2021-04-24 12:10 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll

2021-04-24 12:10 - 2021-04-24 12:10 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll

2021-04-24 12:10 - 2021-04-24 12:10 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll

2021-04-24 12:10 - 2021-04-24 12:10 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll

2021-04-24 12:10 - 2021-04-24 12:10 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll

2021-04-24 12:10 - 2021-04-24 12:10 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx

2021-04-24 12:10 - 2021-04-24 12:10 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll

2021-04-24 12:10 - 2021-04-24 12:10 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl

2021-04-24 12:10 - 2021-04-24 12:10 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll

2021-04-24 12:10 - 2021-04-24 12:10 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl

2021-04-24 12:10 - 2021-04-24 12:10 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv

2021-04-24 12:10 - 2021-04-24 12:10 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll

2021-04-24 12:10 - 2021-04-24 12:10 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll

2021-04-24 12:10 - 2021-04-24 12:10 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll

2021-04-24 12:10 - 2021-04-24 12:10 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll

2021-04-24 12:10 - 2021-04-24 12:10 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl

2021-04-24 12:10 - 2021-04-24 12:10 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl

2021-04-24 12:10 - 2021-04-24 12:10 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl

2021-04-24 12:10 - 2021-04-24 12:10 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb

2021-04-24 12:10 - 2021-04-24 12:10 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl

2021-04-24 12:10 - 2021-04-24 12:10 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll

2021-04-24 12:10 - 2021-04-24 12:10 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll

2021-04-24 12:10 - 2021-04-24 12:10 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll

2021-04-24 12:10 - 2021-04-24 12:10 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll

2021-04-24 12:10 - 2021-04-24 12:10 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

2021-04-24 12:10 - 2021-04-24 12:10 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv

2021-04-24 12:10 - 2021-04-24 12:10 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe

2021-04-24 12:09 - 2021-04-24 12:09 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll

2021-04-24 12:09 - 2021-04-24 12:09 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll

2021-04-24 12:09 - 2021-04-24 12:09 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll

2021-04-24 12:09 - 2021-04-24 12:09 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll

2021-04-24 12:09 - 2021-04-24 12:09 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll

2021-04-24 12:09 - 2021-04-24 12:09 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl

2021-04-24 12:09 - 2021-04-24 12:09 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll

2021-04-24 12:09 - 2021-04-24 12:09 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl

2021-04-24 12:09 - 2021-04-24 12:09 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl

2021-04-24 12:09 - 2021-04-24 12:09 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll

2021-04-24 12:09 - 2021-04-24 12:09 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll

2021-04-24 12:09 - 2021-04-24 12:09 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe

2021-04-24 12:09 - 2021-04-24 12:09 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb

2021-04-24 12:09 - 2021-04-24 12:09 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl

2021-04-24 12:09 - 2021-04-24 12:09 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys

2021-04-24 12:09 - 2021-04-24 12:09 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

2021-04-24 12:09 - 2021-04-24 12:09 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll

2021-04-24 12:09 - 2021-04-24 12:09 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll

2021-04-24 12:09 - 2021-04-24 12:09 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt

2021-04-24 12:08 - 2021-04-24 12:08 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin

2021-04-24 12:08 - 2021-04-24 12:08 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv

2021-04-24 12:08 - 2021-04-24 12:08 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll

2021-04-24 12:08 - 2021-04-24 12:08 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll

2021-04-24 12:08 - 2021-04-24 12:08 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll

2021-04-24 12:08 - 2021-04-24 12:08 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl

2021-04-24 12:08 - 2021-04-24 12:08 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll

2021-04-24 12:08 - 2021-04-24 12:08 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll

2021-04-24 12:08 - 2021-04-24 12:08 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll

2021-04-24 12:08 - 2021-04-24 12:08 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll

2021-04-24 12:08 - 2021-04-24 12:08 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll

2021-04-24 12:08 - 2021-04-24 12:08 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv

2021-04-24 11:45 - 2021-04-24 11:45 - 000008192 _____ C:\WINDOWS\system32\config\userdiff

2021-04-24 04:28 - 2021-05-05 15:14 - 000000000 ___DC C:\WINDOWS\Panther

2021-04-24 04:21 - 2021-04-24 04:21 - 000000000 ___HD C:\$WinREAgent

2021-04-21 23:46 - 2021-04-21 23:46 - 002396756 _____ C:\Users\Asus\Downloads\1914044.exp_5_dec_lab_report.pdf

2021-04-21 21:19 - 2021-04-21 21:19 - 000106136 _____ C:\Users\Asus\Downloads\exp 7 extra.pdf

2021-04-21 21:16 - 2021-04-21 21:16 - 000139812 _____ C:\Users\Asus\Downloads\Exp 6 merging.pdf

2021-04-20 23:55 - 2021-04-20 23:55 - 002865194 _____ C:\Users\Asus\Downloads\1914051declab.pdf

2021-04-20 23:55 - 2021-04-20 23:55 - 001581637 _____ C:\Users\Asus\Downloads\1914079_Exp_7_CS_LAB.pdf

2021-04-20 23:54 - 2021-04-20 23:54 - 001472685 _____ C:\Users\Asus\Downloads\1914079 (2).pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-19 12:09 - 2019-12-07 14:43 - 000000000 ____D C:\WINDOWS\INF

2021-05-19 12:05 - 2019-12-07 14:44 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2021-05-19 12:05 - 2019-10-08 13:50 - 000000000 ____D C:\ProgramData\NVIDIA

2021-05-19 01:34 - 2019-12-07 14:33 - 000524288 _____ C:\WINDOWS\system32\config\BBI

2021-05-19 01:33 - 2020-09-04 19:10 - 000000000 ____D C:\Users\Asus\AppData\LocalLow\Mozilla

2021-05-19 01:33 - 2020-09-04 19:10 - 000000000 ____D C:\ProgramData\Mozilla

2021-05-18 23:24 - 2019-11-22 12:34 - 000000785 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics

2021-05-18 16:45 - 2021-02-10 13:52 - 000002351 _____ C:\Users\Asus\Desktop\Microsoft Teams.lnk

2021-05-18 16:23 - 2019-10-08 13:59 - 000000000 ____D C:\Users\Asus\AppData\Local\D3DSCache

2021-05-17 23:38 - 2021-04-15 19:42 - 000000355 _____ C:\Users\Asus\Documents\important.txt

2021-05-17 19:46 - 2019-10-20 19:13 - 000000000 ____D C:\ProgramData\Package Cache

2021-05-16 13:53 - 2019-10-20 19:04 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2021-05-15 20:25 - 2019-04-25 12:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

2021-05-15 15:07 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\AppReadiness

2021-05-15 14:55 - 2020-07-16 15:19 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk

2021-05-15 14:55 - 2020-07-16 15:19 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk

2021-05-15 14:55 - 2020-07-16 15:19 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk

2021-05-15 14:55 - 2019-12-07 14:44 - 000000000 ___HD C:\Program Files\WindowsApps

2021-05-13 19:27 - 2019-12-07 14:44 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2021-05-13 16:46 - 2019-12-07 15:20 - 000000000 ____D C:\WINDOWS\system32\OpenSSH

2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ___RD C:\WINDOWS\PrintDialog

2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata

2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SysWOW64\setup

2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe

2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT

2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism

2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SystemResources

2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\WinMetadata

2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform

2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\setup

2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\oobe

2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\lt-LT

2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\Dism

2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\Provisioning

2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\PolicyDefinitions

2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\DiagTrack

2021-05-13 16:46 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\bcastdvr

2021-05-13 14:44 - 2019-12-07 14:33 - 000000000 ____D C:\WINDOWS\servicing

2021-05-13 14:44 - 2019-12-07 14:33 - 000000000 ____D C:\WINDOWS\CbsTemp

2021-05-13 14:43 - 2019-12-07 15:22 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll

2021-05-13 14:17 - 2019-12-04 15:53 - 000000000 ____D C:\WINDOWS\system32\MRT

2021-05-13 14:11 - 2019-12-04 15:53 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2021-05-13 13:57 - 2019-10-08 14:08 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2021-05-13 13:57 - 2019-10-08 14:08 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2021-05-13 13:57 - 2019-10-08 14:08 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk

2021-05-04 15:11 - 2019-10-08 13:59 - 000000000 ____D C:\Users\Asus\AppData\Local\AMD

2021-05-01 22:06 - 2020-09-04 19:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2021-05-01 15:05 - 2020-03-13 17:58 - 000000000 ____D C:\Users\Asus\AppData\Local\ElevatedDiagnostics

2021-04-30 19:21 - 2020-09-13 16:33 - 000000000 ____D C:\Users\Asus\Downloads\New

2021-04-30 08:51 - 2020-09-04 19:10 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

2021-04-29 13:50 - 2020-10-03 00:08 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

2021-04-28 18:39 - 2021-01-01 19:14 - 000000000 ____D C:\Users\Asus\Desktop\Fourth Semester

2021-04-26 13:37 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\appcompat

2021-04-24 14:26 - 2020-07-14 09:54 - 000000000 ____D C:\Users\Asus\AppData\Local\PlaceholderTileLogoFolder

2021-04-24 14:19 - 2019-12-07 14:44 - 000000000 ____D C:\ProgramData\USOPrivate

2021-04-24 14:19 - 2019-04-25 12:45 - 000000000 ____D C:\Users\Asus\AppData\Local\Packages

2021-04-24 14:14 - 2019-12-07 14:44 - 000000000 ____D C:\Program Files\Windows Defender

2021-04-24 14:14 - 2019-12-07 14:33 - 000032768 _____ C:\WINDOWS\system32\config\ELAM

2021-04-24 14:14 - 2019-10-08 13:57 - 000002051 _____ C:\WINDOWS\system32\InstallUtil.InstallLog

2021-04-24 14:14 - 2019-10-08 13:56 - 000000000 ____D C:\WINDOWS\CxSvc

2021-04-24 14:14 - 2019-10-08 13:51 - 000000000 ____D C:\ProgramData\Packages

2021-04-24 14:14 - 2019-04-25 12:45 - 000000000 __RHD C:\Users\Public\AccountPictures

2021-04-24 14:14 - 2019-04-25 12:45 - 000000000 ___RD C:\Users\Asus\3D Objects

2021-04-24 14:11 - 2019-12-07 14:44 - 000000000 __RHD C:\Users\Public\Libraries

2021-04-24 14:07 - 2019-10-08 13:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation

2021-04-24 14:06 - 2020-06-06 20:39 - 000000000 ____D C:\Program Files\UNP

2021-04-24 14:06 - 2020-02-22 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHAREit

2021-04-24 14:06 - 2019-12-07 14:44 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template

2021-04-24 14:06 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase

2021-04-24 14:06 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\spool

2021-04-24 14:06 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\NDF

2021-04-24 14:06 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\ServiceState

2021-04-24 14:06 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\LiveKernelReports

2021-04-24 14:06 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\Help

2021-04-24 14:06 - 2019-12-07 14:44 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

2021-04-24 14:06 - 2019-10-08 21:44 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks

2021-04-24 14:06 - 2019-10-08 21:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks

2021-04-24 14:06 - 2019-10-08 15:52 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner

2021-04-24 14:06 - 2019-10-08 15:50 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z

2021-04-24 14:06 - 2019-10-08 14:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

2021-04-24 14:06 - 2019-10-08 14:09 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2021-04-24 14:06 - 2019-10-08 14:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2021-04-24 14:06 - 2019-03-19 10:22 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated

2021-04-24 14:06 - 2019-03-19 10:22 - 000000000 ____D C:\WINDOWS\system32\MsDtc

2021-04-24 14:05 - 2019-12-07 14:48 - 000000000 ____D C:\WINDOWS\Setup

2021-04-24 12:31 - 2019-10-08 15:50 - 000000000 ____D C:\Users\Asus\AppData\Local\CrashDumps

2021-04-24 12:25 - 2021-02-13 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB

2021-04-24 12:25 - 2019-12-07 16:20 - 000000000 ____D C:\WINDOWS\Firmware

2021-04-24 12:25 - 2019-10-08 15:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID

2021-04-24 12:25 - 2019-10-08 13:53 - 000000000 ____D C:\WINDOWS\system32\AMD

2021-04-24 12:18 - 2019-12-07 15:22 - 000000000 ____D C:\Program Files\Windows Photo Viewer

2021-04-24 12:18 - 2019-12-07 15:22 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ___SD C:\WINDOWS\system32\UNP

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ___SD C:\WINDOWS\system32\F12

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SysWOW64\Com

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\Sysprep

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\migwiz

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\lv-LV

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\Keywords

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\et-EE

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\es-MX

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\Com

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\appraiser

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\ShellExperiences

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\ShellComponents

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\IME

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\Program Files\Common Files\System

2021-04-24 12:18 - 2019-12-07 14:44 - 000000000 ____D C:\Program Files (x86)\Windows Defender

2021-04-24 12:16 - 2019-12-07 15:22 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml

2021-04-22 13:30 - 2019-10-08 21:48 - 000000000 ____D C:\Users\Asus\AppData\Roaming\CodeBlocks

==================== Files in the root of some directories ========

2020-12-02 01:32 - 2020-12-15 12:33 - 000004208 _____ () C:\Users\Asus\AppData\Roaming\LTspiceXVII.ini

2021-03-01 22:45 - 2021-03-01 22:45 - 000000000 ____H () C:\Users\Asus\AppData\Local\BITF959.tmp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05-2021

Ran by Asus (19-05-2021 12:22:15)

Running from C:\Users\Asus\Desktop\FRST

Windows 10 Home Single Language Version 20H2 19042.985 (X64) (2021-04-24 08:44:12)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-378399548-4021493369-4051984164-500 - Administrator - Disabled)

Asus (S-1-5-21-378399548-4021493369-4051984164-1001 - Administrator - Enabled) => C:\Users\Asus

DefaultAccount (S-1-5-21-378399548-4021493369-4051984164-503 - Limited - Disabled)

Guest (S-1-5-21-378399548-4021493369-4051984164-501 - Limited - Disabled)

WDAGUtilityAccount (S-1-5-21-378399548-4021493369-4051984164-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{F8F948EA-5AEA-4158-8821-A2F788ECE936}) (Version: 16.2.1 - Hewlett-Packard) Hidden

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)

CodeBlocks (HKU\S-1-5-21-378399548-4021493369-4051984164-1001\...\CodeBlocks) (Version: 17.12 - The Code::Blocks Team)

CPUID CPU-Z Gigabyte 1.90 (HKLM\...\CPUID CPU-Z Gigabyte_is1) (Version: 1.90 - CPUID, Inc.)

Erlang OTP 22 (10.6) (HKLM-x32\...\Erlang OTP 22 (10.6)) (Version: - )

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)

LTspice XVII (HKLM\...\LTspice XVII) (Version: - Linear Technology Corporation)

MATLAB R2013a (HKLM\...\Matlab R2013a) (Version: 8.1 - The MathWorks, Inc.)

Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.62 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-378399548-4021493369-4051984164-1001\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)

Microsoft Teams (HKU\S-1-5-21-378399548-4021493369-4051984164-1001\...\Teams) (Version: 1.4.00.2879 - Microsoft Corporation)

Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)

Mozilla Firefox 88.0 (x64 en-US) (HKLM\...\Mozilla Firefox 88.0 (x64 en-US)) (Version: 88.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 80.0.1 - Mozilla)

MSI Afterburner 4.6.1 (HKLM-x32\...\Afterburner) (Version: 4.6.1 - MSI Co., LTD)

National Instruments Software (HKLM-x32\...\NI Uninstaller) (Version: - National Instruments)

NI Measurement Studio Common Help 19.0 for .NET Framework (64-bit) (HKLM\...\{5497DD47-C545-4036-8C5B-5B1674E60883}) (Version: 19.00.49152 - National Instruments)

NI Measurement Studio Common Help 19.0 for .NET Framework (HKLM-x32\...\{5FC780E5-385F-4443-900C-7D0F61967196}) (Version: 19.00.49152 - National Instruments)

NI Package Manager 64-bit (HKLM\...\NI Package Manager) (Version: 20.7.1 - National Instruments)

NVIDIA Graphics Driver 457.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.63 - NVIDIA Corporation)

RabbitMQ Server 3.8.2 (HKLM-x32\...\RabbitMQ) (Version: 3.8.2 - Pivotal Software, Inc.)

SHAREit (HKLM-x32\...\www.ushareit.com_is1) (Version: 4.0.6.177 - SHAREit Technologies Co.Ltd)

TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)

VI Package Manager 2020.1 (HKLM-x32\...\{582ADD07-2992-44D8-BF48-93F34B24144B}) (Version: 20.1.2348 - JKI)

VISA Shared Components 5.12.0 (64-Bit) (HKLM\...\{452610CE-4A5B-4CFF-87F3-B6A49E621E5C}) (Version: 5.12.0300 - IVI Foundation) Hidden

VISA Shared Components 5.12.0 (64-Bit) (HKLM-x32\...\VISASharedComponents) (Version: 5.12 - IVI Foundation)

VISA.NET Shared Components 5.11.0 (64-Bit) (HKLM\...\{E518296D-57A9-434B-AB33-9928D9B5E09D}) (Version: 5.11.0301 - IVI Foundation) Hidden

VISA.NET Shared Components 5.11.0 (64-Bit) (HKLM-x32\...\VISANETSharedComponents5.11.0) (Version: 5.11.0301 - IVI Foundation)

VLC media player (HKLM\...\VLC media player) (Version: 3.0.5 - VideoLAN)

WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)

Packages:

=========

Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2021-04-24] (Microsoft Corporation)

HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.1.778.0_x64__v10z8vjag6ke6 [2021-04-24] (HP Inc.)

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-24] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-24] (Microsoft Corporation) [MS Ad]

Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1102.0_x64__8wekyb3d8bbwe [2021-04-24] (Microsoft Studios) [MS Ad]

NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.959.0_x64__56jybvy8sckqj [2020-12-02] (NVIDIA Corp.)

Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-04] (Microsoft Corporation)

Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-07-15] (Adobe Systems Incorporated)

WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2049.10.0_x64__cv1g1gvanyjgm [2020-12-27] (WhatsApp Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-378399548-4021493369-4051984164-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Asus\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_2fe1168e8adef8f6\nvshext.dll [2021-01-06] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-06-15 19:16 - 2020-06-15 19:16 - 000005120 _____ () [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\Compat\NI5690.sdc

2020-06-15 19:16 - 2020-06-15 19:16 - 000012288 _____ () [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\Compat\NIDWG.sdc

2020-06-15 19:16 - 2020-06-15 19:16 - 000021504 _____ () [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\Compat\NIHSD.sdc

2020-06-15 19:16 - 2020-06-15 19:16 - 000006144 _____ () [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\Compat\NIPS.sdc

2020-06-15 19:16 - 2020-06-15 19:16 - 000005632 _____ () [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\Compat\NIRFSA.sdc

2020-06-15 19:16 - 2020-06-15 19:16 - 000013312 _____ () [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\Compat\NISL.sdc

2020-06-15 19:16 - 2020-06-15 19:16 - 000013824 _____ () [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\Compat\NISRC.sdc

2020-06-15 19:16 - 2020-06-15 19:16 - 000006656 _____ () [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\Compat\NISYNC.sdc

2020-06-15 19:16 - 2020-06-15 19:16 - 000007680 _____ () [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\Compat\NITNR.sdc

2020-06-15 19:16 - 2020-06-15 19:16 - 000009728 _____ () [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\Compat\NITSU.sdc

2019-12-10 03:11 - 2019-12-10 03:11 - 003778048 _____ () [File not signed] C:\Program Files\erl10.6\erts-10.6\bin\beam.smp.dll

2019-12-10 03:11 - 2019-12-10 03:11 - 000164864 _____ () [File not signed] C:\Program Files\erl10.6\erts-10.6\bin\erlexec.dll

2019-12-10 03:06 - 2019-12-10 03:06 - 000017920 _____ () [File not signed] c:\Program Files\erl10.6\lib\asn1-5.0.9\priv\lib\asn1rt_nif.dll

2019-12-10 03:08 - 2019-12-10 03:08 - 001564160 _____ () [File not signed] c:\Program Files\erl10.6\lib\crypto-4.6.3\priv\lib\crypto.dll

2019-12-10 03:08 - 2019-12-10 03:08 - 000007680 _____ () [File not signed] c:\Program Files\erl10.6\lib\crypto-4.6.3\priv\lib\crypto_callback.dll

2013-11-15 12:17 - 2013-11-15 12:17 - 000050688 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll

2013-11-15 12:17 - 2013-11-15 12:17 - 000066048 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll

2015-01-27 12:11 - 2015-01-27 12:11 - 000021504 _____ (National Instruments Corporation) [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\NI6535.sdc

2015-01-27 12:11 - 2015-01-27 12:11 - 000014848 _____ (National Instruments Corporation) [File not signed] C:\Program Files (x86)\National Instruments\Shared\Caps\NISFT.sdc

2020-11-17 11:43 - 2020-11-17 11:43 - 000035328 _____ (National Instruments Corporation) [File not signed] C:\Program Files (x86)\National Instruments\Shared\NI WebServer\mod_niconf.dll

2020-11-17 11:43 - 2020-11-17 11:43 - 000061440 _____ (National Instruments Corporation) [File not signed] C:\Program Files (x86)\National Instruments\Shared\NI WebServer\mod_niesp.dll

2020-11-17 11:43 - 2020-11-17 11:43 - 000209408 _____ (National Instruments Corporation) [File not signed] C:\Program Files (x86)\National Instruments\Shared\NI WebServer\mod_nisessmgr.dll

2020-11-17 11:44 - 2020-11-17 11:44 - 000134656 _____ (National Instruments Corporation) [File not signed] C:\ProgramData\National Instruments\WebServices\NI\LVWSAuthSvc\niauthsvc.dll

2020-11-17 11:43 - 2020-11-17 11:43 - 000031744 _____ (National Instruments Corporation) [File not signed] C:\ProgramData\National Instruments\WebServices\NI\LVWSDeploySvc\deploysvc.dll

2020-11-17 11:44 - 2020-11-17 11:44 - 000165376 _____ (National Instruments Corporation) [File not signed] C:\ProgramData\National Instruments\WebServices\NI\LVWSSSLAdmin\ssladminsvc.dll

2020-11-17 11:44 - 2020-11-17 11:44 - 000219648 _____ (National Instruments Corporation) [File not signed] C:\ProgramData\National Instruments\WebServices\NI\LVWSSysAdmin\sysadminsvc.dll

2020-11-17 12:29 - 2020-11-17 12:29 - 000128512 _____ (National Instruments Corporation) [File not signed] C:\ProgramData\National Instruments\WebServices\NI\wif_core\wif_core.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 10:19 - 2019-03-19 10:19 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2019-11-22 12:34 - 2021-05-18 23:24 - 000000785 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

189

601

7 601

54 44 992

992

792

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\National Instruments\Shared\OpenVINO\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;D:\Program Files\MATLAB\R2013a\runtime\win64;D:\Program Files\MATLAB\R2013a\bin;C:\Program Files (x86)\IVI Foundation\VISA\WinNT\Bin\;C:\Program Files\IVI Foundation\VISA\Win64\Bin\;C:\Program Files (x86)\National Instruments\Shared\LabVIEW CLI;C:\Program Files (x86)\IVI Foundation\VISA\WinNT\Bin

HKU\S-1-5-21-378399548-4021493369-4051984164-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg

HKU\S-1-5-80-1122491841-3392631692-228128370-2991616343-3360392805\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg

HKU\S-1-5-80-2318606733-4105731500-2265514868-2382646068-3090068018\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg

HKU\S-1-5-80-63272789-367670524-4235130887-501008514-333400210\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg

DNS Servers: 172.16.3.2

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"

HKU\S-1-5-21-378399548-4021493369-4051984164-1001\...\StartupApproved\Run: => "OneDrive"

HKU\S-1-5-21-378399548-4021493369-4051984164-1001\...\StartupApproved\Run: => "Adobe Reader Synchronizer"

HKU\S-1-5-21-378399548-4021493369-4051984164-1001\...\StartupApproved\Run: => "btweb"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{CBF383DD-49FB-45E8-985C-DCE7CAAA1A07}C:\users\asus\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\asus\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [TCP Query User{8E564507-A839-467B-B21D-4B1B040A6B3A}C:\users\asus\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\asus\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{346A4F76-B046-450C-B06D-73BD9D810AF7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{E17C2AE6-18B5-4071-8A18-6C4B2F97158A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{300BB5B2-2FC3-4DB3-BEA3-BC09B59805B5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{BF8A63D1-2ACE-4560-8360-F7B00986120F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{170CCCF6-9EBB-4450-B9B8-61597E1502D1}] => (Allow) D:\Program Files (x86)\Mr DJ\Need For Speed Hot Pursuit\ConfigTool.exe => No File

FirewallRules: [{5189B748-15C9-4CA8-BE17-EA35EE536C84}] => (Allow) D:\Program Files (x86)\Mr DJ\Need For Speed Hot Pursuit\ConfigTool.exe => No File

FirewallRules: [{B9DE4310-D14A-4AC8-AD57-8D7B325D1F14}] => (Allow) D:\Program Files (x86)\Mr DJ\Need For Speed Hot Pursuit\NFS11.exe => No File

FirewallRules: [{69582727-CCD9-4E0A-BF9F-659987E47F72}] => (Allow) D:\Program Files (x86)\Mr DJ\Need For Speed Hot Pursuit\NFS11.exe => No File

FirewallRules: [{84D7CBCF-A286-4A4F-8247-075370A950C1}] => (Allow) C:\Program Files (x86)\Mr DJ\Need For Speed Hot Pursuit\ConfigTool.exe => No File

FirewallRules: [{3D743B71-DFE9-4FFF-97C4-8F85C21F69EE}] => (Allow) C:\Program Files (x86)\Mr DJ\Need For Speed Hot Pursuit\ConfigTool.exe => No File

FirewallRules: [{58FCD728-77A2-400D-B1A1-F82371DA50B2}] => (Allow) C:\Program Files (x86)\Mr DJ\Need For Speed Hot Pursuit\NFS11.exe => No File

FirewallRules: [{4469C15D-4E53-4D92-952E-61943737BA71}] => (Allow) C:\Program Files (x86)\Mr DJ\Need For Speed Hot Pursuit\NFS11.exe => No File

FirewallRules: [{CC9D8680-D9E1-4053-AA33-67EB5685F9EA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{9954D499-1E66-47A6-9222-0EFCB7611C57}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{801ED1E6-6B40-40F4-8D01-8FD8EEC7F90F}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)

FirewallRules: [{EE29B0AF-D945-45D2-A5B3-13940FA4AF4F}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)

FirewallRules: [TCP Query User{0247D86B-3A32-43D3-94EC-A4D1BF342D25}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [UDP Query User{8C19DF4C-3F28-42E4-A615-56D888F37281}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{5E4A2EB8-E21A-4C1C-AB9F-9CABF6C7E488}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

FirewallRules: [{8A3BB187-468E-4D84-9792-02A814D0A23C}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe (National Instruments Corporation -> National Instruments Corporation)

FirewallRules: [{DF58609B-7294-4D7B-8E9A-A4EABA727F0B}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe (National Instruments Corporation -> National Instruments Corporation)

FirewallRules: [{6849FE02-BB6C-4E4B-9D4A-4A7FF1E9805E}] => (Allow) C:\Program Files\erl10.6\erts-10.6\bin\epmd.exe () [File not signed]

FirewallRules: [{A50E78ED-5234-4600-8026-D7A25E6D5ECA}] => (Allow) C:\Program Files\erl10.6\bin\erl.exe () [File not signed]

FirewallRules: [{82853E0F-9F20-4ABE-9E5D-1FBA18E8EDB7}] => (Allow) C:\Program Files\erl10.6\erts-10.6\bin\erl.exe () [File not signed]

FirewallRules: [{A9C2A7E2-75FE-4C61-8B15-6FCD44513AE3}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe (National Instruments Corporation -> National Instruments Corporation)

FirewallRules: [{E00BB3BC-29C0-4CC8-ABB9-86CE8659BBA2}] => (Allow) LPort=15672

FirewallRules: [{3B848BF1-A2CB-49D8-BEDD-6E15C4BDB929}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation -> National Instruments Corporation)

FirewallRules: [{22EC3136-CADE-4416-9D77-F40268D55AD2}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation -> National Instruments Corporation)

FirewallRules: [{C229CA86-D1D2-4089-A45B-2E31E803BAF1}] => (Allow) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation -> National Instruments Corporation)

FirewallRules: [{4F08CF52-B016-4A68-944C-1304C9C0BE35}] => (Allow) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation -> National Instruments Corporation)

FirewallRules: [{CD4A55A3-AC69-4910-B11D-11764353D2A1}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe (National Instruments Corporation -> National Instruments Corporation)

FirewallRules: [{E9F3CA92-CAD3-46F6-BDA4-C9D733553497}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe (National Instruments Corporation -> National Instruments Corporation)

FirewallRules: [{95BE4D68-FD92-4D32-8E0E-2ACE833137F5}] => (Allow) C:\Program Files (x86)\JKI\VI Package Manager\support\JKIUpdate.exe (James Kring, Inc. -> JKI)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.16 GB) (Free:47.12 GB) (42%)

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:

==================

Error: (05/19/2021 12:23:10 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2121-04-25T06:53:10Z. Error Code: 0x80070002.

Error: (05/19/2021 12:22:40 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2121-04-25T06:52:40Z. Error Code: 0x80070002.

Error: (05/19/2021 12:22:10 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2121-04-25T06:51:10Z. Error Code: 0x80070002.

Error: (05/19/2021 12:21:40 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2121-04-25T06:51:40Z. Error Code: 0x80070002.

Error: (05/19/2021 12:20:51 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2121-04-25T06:50:51Z. Error Code: 0x80070002.

Error: (05/19/2021 12:20:21 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2121-04-25T06:50:21Z. Error Code: 0x80070002.

Error: (05/19/2021 12:19:28 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2121-04-25T06:49:28Z. Error Code: 0x80070002.

Error: (05/19/2021 12:18:58 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2121-04-25T06:48:58Z. Error Code: 0x80070002.

System errors:

=============

Error: (05/19/2021 01:25:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The CxUIUSvc Service service terminated unexpectedly. It has done this 1 time(s).

Error: (05/18/2021 08:16:45 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-9ARMNNG)

Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:

{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/18/2021 08:16:38 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-9ARMNNG)

Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:

{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/18/2021 08:15:42 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-9ARMNNG)

Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:

{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/18/2021 08:15:41 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-9ARMNNG)

Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:

{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (05/18/2021 08:15:36 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-9ARMNNG)

Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:

{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/18/2021 08:15:31 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-9ARMNNG)

Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:

{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/18/2021 08:15:25 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-9ARMNNG)

Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:

{DD522ACC-F821-461A-A407-50B198B896DC}

Windows Defender:

================

Date: 2021-05-17 20:58:49

Description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2021-05-17 03:39:03

Description:

Microsoft Defender Antivirus has detected malware or other potentially unwanted software.

For more information please see the following:

https://go.microsoft.com/fwlink/?linkid=37020&name=App:Utorrent_BundleInstaller&threatid=290703&enterprise=0

Name: App:Utorrent_BundleInstaller

Severity: Low

Category: Potentially Unwanted Software

Path: file:_C:\Users\Asus\AppData\Roaming\BitTorrent\updates\7.10.5_45785.exe

Detection Origin: Local machine

Detection Type: Concrete

Detection Source: User

Process Name: Unknown

Security intelligence Version: AV: 1.339.825.0, AS: 1.339.825.0, NIS: 1.339.825.0

Engine Version: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-15 17:31:55

Description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2021-05-13 14:08:00

Description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2021-05-12 14:06:40

Description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2021-05-19 12:19:50

Description:

Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version:

Previous security intelligence Version: 1.339.970.0

Update Source: Microsoft Update Server

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.18100.6

Error code: 0x80240438

Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2021-05-18 20:12:19

Description:

Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.

Feature: On Access

Error Code: 0x8007043c

Error description: This service cannot be started in Safe Mode

Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2021-05-18 19:48:21

Description:

Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.

Feature: On Access

Error Code: 0x8007043c

Error description: This service cannot be started in Safe Mode

Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2021-05-18 19:41:40

Description:

Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.

Feature: On Access

Error Code: 0x8007043c

Error description: This service cannot be started in Safe Mode

Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2021-05-18 16:36:06

Description:

Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version:

Previous security intelligence Version: 1.339.953.0

Update Source: Microsoft Update Server

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.18100.6

Error code: 0x80240438

Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:

===============

Date: 2021-05-19 12:20:10

Description:

Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. X570ZD.310 07/04/2019

Motherboard: ASUSTeK COMPUTER INC. X570ZD

Processor: AMD Ryzen 5 2500U with Radeon Vega Mobile Gfx

Percentage of memory in use: 56%

Total physical RAM: 7116.23 MB

Available physical RAM: 3075.81 MB

Total Virtual: 8268.23 MB

Available Virtual: 2546.68 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.16 GB) (Free:47.12 GB) NTFS

Drive d: (OS) (Fixed) (Total:481.62 GB) (Free:439.82 GB) NTFS

Drive e: (New Volume) (Fixed) (Total:448.79 GB) (Free:327.32 GB) NTFS

\\?\Volume{764d5628-3bcb-480a-a3ec-6df05efb8336}\ (Recovery) (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

\\?\Volume{870ba08b-6dfa-43cd-9c25-62f98bb39cc2}\ (RECOVERY) (Fixed) (Total:0.83 GB) (Free:0.39 GB) NTFS

\\?\Volume{3c498f32-8e43-46c5-b0b2-e9992850a15f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================

Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================

Disk: 1 (Size: 931.5 GB) (Disk ID: C225EC37)

Partition: GPT.

==================== End of Addition.txt =======================