Solved PC downloading data without reason even after reset

veeg · Sep 13, 2022

Hello

Hopefully our expert will responding soon..

@Malnutrition

Data838 · Sep 13, 2022

Ok, thank you, I'll be waiting.

Data838 · Sep 13, 2022

I'm sorry, I think I have to make some precisions. It's actually a notebook, ASUS ROG - STRIX-G15-G512IC-HN004T if that can help.

Malnutrition · Sep 14, 2022

Please download the FRST 32 bit or FRST 64bit version to suit your operating system. It is important FRST is downloaded to your desktop.
If you are unsure if your operating system is 32 or 64 Bit please go HERE.
Once downloaded right click the FRST desktop icon and select "Run as administrator" from the menu"

If you receive any security warnings, or the User Account Control warning opens at any time whilst using FRST you can safely allow FRST to proceed.
FRST will open with two dialogue boxes, accept the disclaimer.

Accept the default whitelist options,
If the additions.txt options box is not checked please select it.
Then select Scan

Frst will take a few minutes to scan your computer, and when finished will produce two log files on your desktop, FRST.txt, and Addition.txt. They will display immediately on the desktop, but can be reopened later as a notepad file.

Please Copy and Paste the contents of these logs in your next post for review by our Security Team

Data838 · Sep 14, 2022

Thank you!

Here's the information:

FRST.txt

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSACCI\ArmouryCrateControlInterface.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ACCIMonitor.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSOptimization\AsusOSD.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\u0376545.inf_amd64_87c724e1cb953643\B376543\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376545.inf_amd64_87c724e1cb953643\B376543\atieclxx.exe
(explorer.exe ->) () [File not signed] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(Microsoft Corporation -> ) C:\Program Files\PCHealthCheck\PCHealthCheck.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376545.inf_amd64_87c724e1cb953643\B376543\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSLinkRemote\AsusLinkRemote.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ASUS MultiAntenna Service\AsusMultiAntennaSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSLinkNear\AsusLinkNear.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_a379f9cda17dd4b1\DAX3API.exe <2>
(services.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\3.9.126.0\McCSPServiceHost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <2>
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_9\mcapexe.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.gamingservices_5.68.30003.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.gamingservices_5.68.30003.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_aca6886fc90e37cd\RtkAudUService64.exe <2>
(sihost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5a894077.mcafeesecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <2>
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
(svchost.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe
(svchost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5a894077.mcafeesecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.yourphone_1.22062.543.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Realtek Semiconductor Corp) C:\Program Files\WindowsApps\realteksemiconductorcorp.realtekaudiocontrol_1.25.247.0_x64__dt26b99r8h8gj\RtkUWP.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [213728 2022-09-12] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [ASUS Smart Display Control] => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [143960 2021-03-25] (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK Computer Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-895565649-3931333595-811618271-1001\...\Run: [Rainlendar2] => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2433024 2011-08-12] () [File not signed]
HKU\S-1-5-21-895565649-3931333595-811618271-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\acco5\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-895565649-3931333595-811618271-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\acco5\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-895565649-3931333595-811618271-1001\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\acco5\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64" (No File)
HKU\S-1-5-21-895565649-3931333595-811618271-1001\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\acco5\AppData\Local\Microsoft\OneDrive\21.220.1024.0005" (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {013AF9A4-AA0E-4A26-B00A-2D477EE9619D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145752 2020-11-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {0AD50007-EC6D-4FDB-9E44-8477F68EFD48} - \ASUS\ASUSUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {0AE1AF72-54A1-410E-AE49-BF075E4BF8AB} - \NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {0CFF93A2-CDD3-4455-BFE1-648E48C22BD6} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {11755330-1251-4CAE-9D10-855C11DA1D85} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {1456FBB7-855A-4361-9232-A6A6496AE261} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3606664 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {241C138E-2D5C-490E-BEB5-8FD0B8E8B684} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSoftwareManager\AsusUpdateChecker.exe [788104 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {2B1FA0B5-52C2-45C0-8613-C2D8E5E77E55} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSOptimization\AsusHotkey.exe [240296 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {2F03CB02-4709-4F5A-B384-95690AF7AF90} - \NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {354B099A-44CB-4AE0-A9A9-392F41CDFC3A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145752 2020-11-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {38474140-144E-4A77-A88F-D83EDEDF0C03} - \Microsoft\Windows\PLA\074C0539-0999-4DA9-9D0D-3D016B62F4E9 -> No File <==== ATTENTION
Task: {45D05489-620F-4B03-B2E7-134E01F13A63} - \ASUS\AcPowerNotification -> No File <==== ATTENTION
Task: {4680A8DF-7B63-403E-ABB1-3FA7B77DE631} - \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan -> No File <==== ATTENTION
Task: {4BA1119B-7D8D-4647-971B-ECC4015857C8} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-08-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {559B0F92-63C4-4001-AE5E-A650091C71B8} - \Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance -> No File <==== ATTENTION
Task: {619FCF0D-C591-4E5C-ADC4-F5F036309425} - \ASUSSmartDisplayControl -> No File <==== ATTENTION
Task: {6A4DC439-09E3-4D69-914B-4374A5EF741F} - \McAfee Remediation (Prepare) -> No File <==== ATTENTION
Task: {6B483665-76E2-468A-90A3-C6BA829CE894} - \McAfeeLogon -> No File <==== ATTENTION
Task: {6CBEF361-EE00-46F9-B3B8-D803788F07C8} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
Task: {6FAE8AED-1808-4A26-AEA5-1567BB116B11} - \OneDrive Standalone Update Task-S-1-5-21-3450050205-251663859-3830464247-500 -> No File <==== ATTENTION
Task: {7193886A-4BD5-49D5-BEA9-E4CB5CC9E9A3} - \ASUS\P508PowerAgent_sdk -> No File <==== ATTENTION
Task: {8944B0D8-96C3-4F1C-BA3E-D00E067AA263} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-09-12] (Avast Software s.r.o. -> Avast Software)
Task: {8ACB53D9-7A3B-41B2-8448-52A927F42C4E} - \Microsoft\Windows\Setup\SetupCleanupTask -> No File <==== ATTENTION
Task: {914A6F9F-239E-423A-BD17-7A65EC9BCBD3} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {94B7956D-18E0-44A3-8DEB-5E5E35BC7648} - \NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {9BBDB971-0624-4288-879D-7DCDC8E7C8C0} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4943072 2022-09-12] (Avast Software s.r.o. -> AVAST Software)
Task: {A069FB43-A047-4FE2-829B-6F5589D58B35} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.7.104\DADUpdater.exe [4089168 2022-02-08] (McAfee, LLC -> McAfee, LLC)
Task: {A8AA174E-7037-4183-8B8F-289B51E46EA9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {AD74412B-B73B-4515-B286-509B8B2AC5E4} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d8c6df9cf467e6 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-08-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {BA120A06-6336-4323-BECD-09FA68CB1323} - \ASUS\ArmourySocketServer -> No File <==== ATTENTION
Task: {CA2AB449-8A3A-47EE-9818-8AAD9F7AF083} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764936 2020-10-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {CA3A278B-C039-40C8-BD85-A46405CC2485} - \McAfee\McAfee Idle Detection Task -> No File <==== ATTENTION
Task: {CABCE4BD-C389-47CC-AC81-EFA68D7AF9A5} - \NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {D72BE048-FB8D-4AD1-95C5-CC04A4424DE2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [144534560 2022-09-13] (Microsoft Windows -> Microsoft Corporation)
Task: {DB1218E6-F693-4F20-BC36-E62D6CB63AB4} - \Microsoft\Windows\Windows Defender\Windows Defender Cleanup -> No File <==== ATTENTION
Task: {DE36C036-4B8C-4D4B-8500-CA1F192519DD} - \McAfee\McAfee Auto Maintenance Task Agent -> No File <==== ATTENTION
Task: {DFC7A941-644D-4B29-A90E-E4BE1FFB403C} - \NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {E1E95467-AE5B-4605-AF3B-F8565F910E53} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764936 2020-10-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {E2A23218-3113-4A83-A136-BA85E48699AA} - \NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {E559FBB0-7370-4985-90DD-5D6B10DFC5F1} - \Microsoft\Windows\Windows Defender\Windows Defender Verification -> No File <==== ATTENTION
Task: {E67130FC-19FB-44BD-8F25-4F517976AF27} - \Microsoft\Windows\PLA\AsusLinkNear -> No File <==== ATTENTION
Task: {EB595763-BF8E-4FA0-BD51-254DF4BC1504} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_aca6886fc90e37cd\RtkAudUService64.exe [1253432 2021-03-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {EBD59F28-2D7F-4EB4-8AF4-93DCA358950F} - \NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {FDA04152-4F09-4471-A5EA-7E3565D984A2} - \NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {FE320D9D-19CA-4953-840F-18514DDC33CD} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [43509488 2022-07-08] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{0ac74aa6-98d2-4fa3-852f-3071b9d2dde6}: [DhcpNameServer] 192.168.43.1

Edge:
=======
Edge Profile: C:\Users\acco5\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-12]

FireFox:
========
FF DefaultProfile: gvfemib7.default
FF ProfilePath: C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\gvfemib7.default [2022-09-12]
FF ProfilePath: C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release [2022-09-14]
FF Session Restore: Mozilla\Firefox\Profiles\h2m6kk2k.default-release -> is enabled.
FF Extension: (uBlock Origin) - C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\Extensions\uBlock0@raymondhill.net.xpi [2022-09-12]
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2020-11-05] (McAfee, LLC -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-11-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2020-11-05] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-11-21] (Microsoft Corporation -> Microsoft Corporation)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ArmouryCrateControlInterface; C:\WINDOWS\System32\ASUSACCI\ArmouryCrateControlInterface.exe [1181296 2022-08-18] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [348280 2021-04-15] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-08-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\AsusAppService\AsusAppService.exe [901264 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [181576 2021-09-30] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSLinkNear\AsusLinkNear.exe [1174648 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSLinkRemote\AsusLinkRemote.exe [764576 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-08-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusMultiAntennaSvc; C:\Program Files\ASUS\ASUS MultiAntenna Service\AsusMultiAntennaSvc.exe [820856 2021-04-13] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSOptimization\AsusOptimization.exe [378512 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSoftwareManager\AsusSoftwareManager.exe [1086600 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSwitch\AsusSwitch.exe [626824 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3606664 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [790168 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8523800 2022-09-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [589536 2022-09-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [589536 2022-09-12] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-09-12] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8853384 2020-10-05] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_a379f9cda17dd4b1\DAX3API.exe [2431544 2022-03-09] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3426008 2021-05-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [819040 2022-09-12] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_9\McApExe.exe [779592 2020-11-04] (McAfee, LLC -> McAfee, LLC)
R3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [583344 2020-11-04] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.9.126.0\\McCSPServiceHost.exe [2785184 2020-11-30] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [646248 2020-09-14] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [646248 2020-09-14] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [646248 2020-09-14] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1584272 2020-11-27] (McAfee, LLC -> McAfee, LLC)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4217416 2020-11-27] (McAfee, LLC -> McAfee, LLC)
R2 RefreshRateService; C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe [39000 2021-01-27] (ASUSTEK COMPUTER INCORPORATION -> ASUSTek Computer Inc.)
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [6687384 2022-07-27] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25016 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0376545.inf_amd64_87c724e1cb953643\B376543\amdkmdag.sys [80456096 2022-02-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [43168 2021-09-30] (ASUSTeK Computer Inc. -> )
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [112848 2020-09-27] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSystemAnalysis\AsusSAIO.sys [46688 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [41760 2022-09-12] (Avast Software s.r.o. -> AVAST Software)
S1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [237632 2022-09-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [389064 2022-09-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [257992 2022-09-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [104904 2022-09-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [24528 2022-09-12] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [47936 2022-09-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [274976 2022-09-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [553880 2022-09-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [113920 2022-09-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88984 2022-09-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [861936 2022-09-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [671216 2022-09-12] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221464 2022-09-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327408 2022-09-12] (Avast Software s.r.o. -> AVAST Software)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSOptimization\AsusWmiAcpi.sys [45248 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75704 2020-09-23] (McAfee, Inc. -> McAfee, LLC)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [33424 2021-07-18] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218960 2020-05-26] (McAfee, LLC -> McAfee, Inc.)
R3 IGO_VSD; C:\WINDOWS\system32\drivers\igovsd.sys [42344 2021-07-05] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [531896 2020-09-23] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [385464 2020-09-23] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85944 2020-09-23] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [522168 2020-09-23] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1019832 2020-09-23] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [603072 2020-09-18] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [107968 2020-09-18] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116664 2020-09-23] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252344 2020-09-23] (McAfee, Inc. -> McAfee, LLC)
R3 MTKBTFilterX64; C:\WINDOWS\system32\DRIVERS\mtkbtfilterx.sys [261928 2021-02-23] (MEDIATEK INC. -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1403248 2022-04-27] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [234568 2022-06-24] (Nvidia Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144 2021-10-08] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-09-14 14:44 - 2022-09-14 14:45 - 000033642 _____ C:\Users\acco5\Desktop\FRST.txt
2022-09-14 14:43 - 2022-09-14 14:45 - 000000000 ____D C:\FRST
2022-09-14 14:42 - 2022-09-14 14:42 - 002371072 _____ (Farbar) C:\Users\acco5\Desktop\FRST64.exe
2022-09-13 07:21 - 2022-09-13 06:33 - 000000000 ____D C:\WINDOWS\Panther
2022-09-13 07:21 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\ASUS
2022-09-13 07:20 - 2022-09-14 14:37 - 000000000 ____D C:\WINDOWS\system32\ASUSACCI
2022-09-13 07:20 - 2022-09-13 07:20 - 000000000 ____D C:\WINDOWS\Firmware
2022-09-13 07:19 - 2022-09-13 07:19 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-09-13 07:19 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2022-09-13 07:19 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2022-09-13 07:19 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2022-09-13 07:19 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2022-09-13 07:19 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2022-09-13 07:19 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2022-09-13 07:19 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\system32\0409
2022-09-13 07:19 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\Setup
2022-09-13 07:19 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\DigitalLocker
2022-09-13 07:19 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\addins
2022-09-13 07:19 - 2022-09-13 07:19 - 000000000 ____D C:\ProgramData\ssh
2022-09-13 07:19 - 2022-09-13 06:33 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2022-09-13 07:19 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2022-09-13 07:19 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2022-09-13 07:19 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2022-09-13 07:19 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2022-09-13 07:19 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\system32\winrm
2022-09-13 07:19 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\system32\WCN
2022-09-13 07:19 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\system32\slmgr
2022-09-13 07:19 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2022-09-13 07:19 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\OCR
2022-09-13 07:17 - 2022-09-14 14:40 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-09-13 07:17 - 2022-09-13 07:20 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\SystemResources
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\system32\setup
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\system32\MUI
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\system32\Com
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\Help
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\Program Files\Windows NT
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\Program Files\Windows Defender
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\Program Files (x86)\Windows NT
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 __SHD C:\Program Files\Windows Sidebar
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 __RSD C:\WINDOWS\Media
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 __RHD C:\Users\Public\Libraries
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ___SD C:\WINDOWS\system32\Nui
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\Web
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\WaaS
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\Vss
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\tracing
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\TAPI
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SystemApps
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\winevt
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\ti-et
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\ta-in
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\si-lk
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\ras
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\my-mm
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\Macromed
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\Keywords
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\IME
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\icsxml
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\ias
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\DriverState
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\downlevel
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\am-et
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\System
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SKB
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\security
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\schemas
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SchCache
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\Resources
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\rescache
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\Registration
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\Provisioning
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\PLA
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\Performance
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\ModemLogs
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\L2Schemas
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\InputMethod
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\IdentityCRL
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\Globalization
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\Cursors
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\Containers
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\Branding
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\appcompat
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\ProgramData\USOShared
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\Program Files\Windows Security
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\Program Files\Windows Portable Devices
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\Program Files\Common Files\Services
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2022-09-13 07:17 - 2022-09-13 07:16 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2022-09-13 07:17 - 2022-09-13 07:16 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2022-09-13 07:17 - 2022-09-13 07:16 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2022-09-13 07:17 - 2022-09-13 07:16 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2022-09-13 07:17 - 2022-09-13 07:16 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2022-09-13 07:17 - 2022-09-13 07:16 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2022-09-13 07:17 - 2022-09-13 07:16 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2022-09-13 07:17 - 2022-09-13 07:16 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2022-09-13 07:17 - 2022-09-13 07:16 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2022-09-13 07:17 - 2022-09-13 06:32 - 000000000 ____D C:\ProgramData\USOPrivate
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ___SD C:\WINDOWS\system32\dsc
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\system32\spool
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\IME
2022-09-13 07:17 - 2022-09-13 06:28 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-09-13 07:17 - 2022-09-13 06:28 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-09-13 07:17 - 2022-09-13 06:27 - 000000000 ____D C:\Program Files\Common Files\System
2022-09-13 07:17 - 2022-09-13 06:27 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-09-13 07:17 - 2022-09-13 00:01 - 000000000 ____D C:\WINDOWS\INF
2022-09-13 07:17 - 2022-09-12 23:54 - 000000000 ____D C:\WINDOWS\ServiceState
2022-09-13 07:17 - 2022-09-12 23:53 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-09-13 07:17 - 2022-09-12 23:42 - 000000000 ___RD C:\Program Files (x86)
2022-09-13 07:17 - 2022-09-12 23:12 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-09-13 07:17 - 2022-09-12 22:30 - 000000000 ___HD C:\Program Files\WindowsApps
2022-09-13 07:17 - 2022-09-12 21:59 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-09-13 07:17 - 2022-09-12 21:43 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-09-13 07:17 - 2022-09-12 21:40 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-09-13 07:14 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\SMI
2022-09-13 07:14 - 2022-09-13 06:33 - 000000000 ____D C:\WINDOWS\servicing
2022-09-13 07:14 - 2022-09-13 06:33 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-09-13 07:14 - 2022-09-12 23:54 - 100925440 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-09-13 07:14 - 2022-09-12 23:54 - 017563648 _____ C:\WINDOWS\system32\config\SYSTEM
2022-09-13 07:14 - 2022-09-12 23:54 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT
2022-09-13 07:14 - 2022-09-12 23:54 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-09-13 07:14 - 2022-09-12 23:54 - 000131072 _____ C:\WINDOWS\system32\config\SAM
2022-09-13 07:14 - 2022-09-12 23:54 - 000065536 _____ C:\WINDOWS\system32\config\SECURITY
2022-09-13 07:14 - 2022-09-12 21:47 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2022-09-13 06:36 - 2022-09-13 00:01 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-13 06:33 - 2022-09-14 14:44 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2022-09-13 06:32 - 2022-09-13 06:32 - 000000000 _SHDL C:\Users\Default User
2022-09-13 06:32 - 2022-09-13 06:32 - 000000000 _SHDL C:\Users\All Users
2022-09-13 06:32 - 2022-09-13 06:32 - 000000000 _SHDL C:\Documents and Settings
2022-09-13 06:27 - 2022-09-13 06:27 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-09-13 06:26 - 2022-09-13 06:26 - 000000000 ____D C:\eSupport
2022-09-13 06:25 - 2022-09-14 14:37 - 000000000 ____D C:\ProgramData\NVIDIA
2022-09-13 06:25 - 2022-09-13 06:33 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-09-13 06:25 - 2022-09-13 06:31 - 000004122 _____ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2022-09-13 06:25 - 2022-09-13 06:25 - 000003366 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2022-09-13 06:25 - 2022-09-13 06:25 - 000000000 ____D C:\WINDOWS\system32\lxss
2022-09-13 06:25 - 2022-09-13 06:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-09-13 06:25 - 2022-09-13 06:25 - 000000000 ____D C:\ProgramData\Dolby
2022-09-13 06:25 - 2022-09-13 06:25 - 000000000 ____D C:\Program Files\AMD
2022-09-13 06:25 - 2022-09-12 23:11 - 000000000 ____D C:\WINDOWS\system32\AMD
2022-09-13 06:25 - 2022-09-12 21:41 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-09-13 06:24 - 2022-09-14 14:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-09-13 06:24 - 2022-09-13 06:24 - 000003756 _____ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2022-09-13 06:24 - 2022-09-13 06:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-09-13 06:24 - 2022-09-13 06:24 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-09-13 06:24 - 2022-09-12 23:54 - 000438936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-09-13 06:24 - 2022-09-12 23:54 - 000008192 ___SH C:\DumpStack.log.tmp
2022-09-13 06:24 - 2022-09-12 23:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-13 06:24 - 2022-09-12 21:49 - 000000000 ____D C:\ProgramData\ASUS
2022-09-13 06:24 - 2022-09-12 21:39 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-09-13 06:24 - 2022-09-12 21:39 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-09-13 00:44 - 2022-09-13 00:44 - 000000000 ___HD C:\$SysReset
2022-09-13 00:05 - 2022-09-13 00:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-09-13 00:05 - 2022-09-13 00:05 - 000001148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-09-13 00:05 - 2022-09-13 00:05 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-09-12 23:59 - 2022-09-12 23:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2022-09-12 23:57 - 2022-09-12 23:57 - 000002162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2022-09-12 23:57 - 2022-09-12 23:57 - 000000000 ____D C:\Users\acco5\AppData\Roaming\Avast Software
2022-09-12 23:57 - 2022-09-12 23:57 - 000000000 ____D C:\Users\acco5\AppData\Local\CEF
2022-09-12 23:57 - 2022-09-12 23:57 - 000000000 ____D C:\Users\acco5\AppData\Local\Avast Software
2022-09-12 23:54 - 2022-09-12 23:57 - 000000000 ____D C:\Users\acco5\AppData\Local\NVIDIA Corporation
2022-09-12 23:54 - 2022-09-12 23:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2022-09-12 23:53 - 2022-09-14 14:38 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-09-12 23:53 - 2022-09-12 23:53 - 000861936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-09-12 23:53 - 2022-09-12 23:53 - 000671216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-09-12 23:53 - 2022-09-12 23:53 - 000553880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-09-12 23:53 - 2022-09-12 23:53 - 000389064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-09-12 23:53 - 2022-09-12 23:53 - 000327408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-09-12 23:53 - 2022-09-12 23:53 - 000274976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-09-12 23:53 - 2022-09-12 23:53 - 000270560 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-09-12 23:53 - 2022-09-12 23:53 - 000257992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-09-12 23:53 - 2022-09-12 23:53 - 000237632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-09-12 23:53 - 2022-09-12 23:53 - 000221464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-09-12 23:53 - 2022-09-12 23:53 - 000113920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-09-12 23:53 - 2022-09-12 23:53 - 000104904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-09-12 23:53 - 2022-09-12 23:53 - 000088984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-09-12 23:53 - 2022-09-12 23:53 - 000047936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-09-12 23:53 - 2022-09-12 23:53 - 000041760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-09-12 23:53 - 2022-09-12 23:53 - 000024528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2022-09-12 23:53 - 2022-09-12 23:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-09-12 23:53 - 2022-09-12 23:53 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2022-09-12 23:53 - 2022-09-12 23:53 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2022-09-12 23:51 - 2022-09-12 23:54 - 000000000 ____D C:\ProgramData\Avast Software
2022-09-12 23:51 - 2022-09-12 23:51 - 000000000 ____D C:\Program Files\Avast Software
2022-09-12 23:50 - 2022-09-12 23:50 - 000000000 ____D C:\AdwCleaner
2022-09-12 23:45 - 2022-09-12 23:45 - 000000000 ___HD C:\$WinREAgent
2022-09-12 23:42 - 2022-09-12 23:54 - 000000000 ____D C:\Users\acco5\.rainlendar2
2022-09-12 23:42 - 2022-09-12 23:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainlendar2
2022-09-12 23:42 - 2022-09-12 23:42 - 000000000 ____D C:\Program Files (x86)\Rainlendar2
2022-09-12 23:31 - 2022-09-13 00:30 - 014292524 _____ C:\Users\acco5\Desktop\bookmarks 12.09.2022.html
2022-09-12 23:31 - 2022-09-12 23:31 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2022-09-12 23:13 - 2022-09-12 23:13 - 000000000 ____D C:\Users\acco5\AppData\Local\DBG
2022-09-12 23:03 - 2022-09-12 23:03 - 000000000 ____D C:\Users\acco5\Desktop\Rdv CAF
2022-09-12 23:03 - 2022-09-12 23:03 - 000000000 ____D C:\Users\acco5\Desktop\PB - Free Fog Overlays
2022-09-12 23:02 - 2022-09-12 23:03 - 000000000 ____D C:\Users\acco5\Desktop\Newest files from other computer
2022-09-12 23:02 - 2022-09-12 23:02 - 000000000 ____D C:\Users\acco5\Desktop\New Nature Sounds
2022-09-12 22:54 - 2022-09-12 23:01 - 000000000 ____D C:\Users\acco5\Desktop\Nature sound videos
2022-09-12 22:54 - 2022-09-12 22:54 - 000000000 ____D C:\Users\acco5\Desktop\Fog Effects
2022-09-12 22:54 - 2022-06-23 08:52 - 000017443 _____ C:\Users\acco5\Desktop\Videos.ods
2022-09-12 22:54 - 2022-05-04 20:11 - 019579010 _____ C:\Users\acco5\Desktop\x.mp4
2022-09-12 22:54 - 2022-03-28 22:10 - 000000164 _____ C:\Users\acco5\Desktop\Video notes.txt
2022-09-12 22:51 - 2022-06-17 19:17 - 3850464742 _____ C:\Users\acco5\Desktop\Triangular house rain 10H.mp4
2022-09-12 22:50 - 2022-06-18 18:11 - 1324484239 _____ C:\Users\acco5\Desktop\Triangular House Rain 10H compr.m4v
2022-09-12 22:50 - 2022-06-17 16:46 - 322347194 _____ C:\Users\acco5\Desktop\Triangular house rain 10 min.mp4
2022-09-12 22:50 - 2022-06-16 18:08 - 057950214 _____ C:\Users\acco5\Desktop\Triangular house rain 2 min.mp4
2022-09-12 22:49 - 2022-09-10 22:39 - 000001851 _____ C:\Users\acco5\Desktop\SUPERAntiSpyware Free Edition.lnk
2022-09-12 22:49 - 2022-09-08 01:50 - 000019702 _____ C:\Users\acco5\Desktop\Removed Apps.html
2022-09-12 22:49 - 2022-07-14 13:13 - 000111373 _____ C:\Users\acco5\Desktop\rekins_nr_P-22-28225.pdf
2022-09-12 22:49 - 2022-07-12 20:51 - 000036797 _____ C:\Users\acco5\Desktop\Signature manuscrite A.Balcere.svg
2022-09-12 22:49 - 2022-07-12 20:49 - 000006622 _____ C:\Users\acco5\Desktop\Signature manuscrite A.Balcere.pdf
2022-09-12 22:49 - 2022-06-24 21:08 - 017436477 _____ C:\Users\acco5\Desktop\test 1.mp4
2022-09-12 22:49 - 2022-06-17 17:02 - 1815784142 _____ C:\Users\acco5\Desktop\Triangular house rain 1H.mp4
2022-09-12 22:49 - 2022-03-15 23:05 - 000036761 _____ C:\Users\acco5\Desktop\resynth.zip
2022-09-12 22:49 - 2022-02-16 22:36 - 034803200 _____ C:\Users\acco5\Desktop\Puddle fragment video 2.mp4
2022-09-12 22:49 - 2021-12-01 19:48 - 063308222 _____ C:\Users\acco5\Desktop\Rain blue puddle tree in background longer.mp4
2022-09-12 22:49 - 2020-12-08 18:04 - 000283723 _____ C:\Users\acco5\Desktop\Projet Livre - mise en page.pdf
2022-09-12 22:47 - 2022-06-23 12:11 - 2120210478 _____ C:\Users\acco5\Desktop\Pine trees house rain thunder 10H.mp4
2022-09-12 22:45 - 2022-06-23 18:17 - 2094966830 _____ C:\Users\acco5\Desktop\Pine Trees House Rain Thunder 10H compr.m4v
2022-09-12 22:45 - 2022-06-23 10:07 - 1603305977 _____ C:\Users\acco5\Desktop\Pine trees house rain thunder 1H.mp4
2022-09-12 22:45 - 2022-06-23 09:53 - 298662835 _____ C:\Users\acco5\Desktop\Pine trees house rain thunder 10 min.mp4
2022-09-12 22:43 - 2022-09-08 18:10 - 2594012956 _____ C:\Users\acco5\Desktop\Pine tops fog rain thunder 10H.mp4
2022-09-12 22:42 - 2022-06-22 21:17 - 325901186 _____ C:\Users\acco5\Desktop\Pine Tops Fog Rain Thunder 10H compr.m4v
2022-09-12 22:42 - 2022-06-18 17:17 - 1251703727 _____ C:\Users\acco5\Desktop\Pine tops fog rain thunder 1H.mp4
2022-09-12 22:42 - 2022-06-18 17:02 - 223221612 _____ C:\Users\acco5\Desktop\Pine tops fog rain thunder 10 min.mp4
2022-09-12 22:42 - 2022-06-17 17:13 - 038694454 _____ C:\Users\acco5\Desktop\Pine tops fog rain thunder 2 min.mp4
2022-09-12 22:42 - 2022-03-28 07:34 - 006918111 _____ C:\Users\acco5\Desktop\pexels-tobi-463734 at night.xcf
2022-09-12 22:42 - 2021-12-27 22:21 - 006558402 _____ C:\Users\acco5\Desktop\pexels-max-mishin-9960706.xcf
2022-09-12 22:42 - 2021-12-13 14:06 - 012132452 _____ C:\Users\acco5\Desktop\pexels-estevon-roveda-6129571.mp4
2022-09-12 22:41 - 2022-09-08 01:24 - 000001906 _____ C:\Users\acco5\Desktop\Lakeside list 7.csv
2022-09-12 22:41 - 2022-08-09 15:14 - 000599214 _____ C:\Users\acco5\Desktop\Mantojuma apliecība A.Balcere.pdf
2022-09-12 22:41 - 2022-08-05 17:32 - 000004307 _____ C:\Users\acco5\Desktop\Lakeside list 6.csv
2022-09-12 22:41 - 2022-08-01 20:11 - 000313420 _____ C:\Users\acco5\Desktop\CAF annonce titre de sejour recu.pdf
2022-09-12 22:41 - 2022-07-31 18:02 - 000001934 _____ C:\Users\acco5\Desktop\Grim Tales 19 Heritage CE .lnk
2022-09-12 22:41 - 2022-07-29 20:31 - 000025486 _____ C:\Users\acco5\Desktop\Nature Sound YT channel texts.odt
2022-09-12 22:41 - 2022-07-29 20:30 - 000000734 _____ C:\Users\acco5\Desktop\CC0 License message.txt
2022-09-12 22:41 - 2022-07-29 16:18 - 000001086 _____ C:\Users\acco5\Desktop\Msg Max Verhamme.txt
2022-09-12 22:41 - 2022-07-28 13:45 - 000168004 _____ C:\Users\acco5\Desktop\Kadastra izzina.pdf
2022-09-12 22:41 - 2022-07-19 20:02 - 000077583 _____ C:\Users\acco5\Desktop\Lettre Desinscription CAF.pdf
2022-09-12 22:41 - 2022-07-19 20:02 - 000036416 _____ C:\Users\acco5\Desktop\Lettre Desinscription CAF.odt
2022-09-12 22:41 - 2022-07-14 13:12 - 000162053 _____ C:\Users\acco5\Desktop\pasutijums_nr_1148126.pdf
2022-09-12 22:41 - 2022-07-11 16:59 - 000001277 _____ C:\Users\acco5\Desktop\Desinscrire CAF.txt
2022-09-12 22:41 - 2022-07-10 14:44 - 000027327 _____ C:\Users\acco5\Desktop\IG Non-duality posts.ods
2022-09-12 22:41 - 2022-07-07 19:09 - 000053993 _____ C:\Users\acco5\Desktop\déclaration de CA_T2_2022.pdf
2022-09-12 22:41 - 2022-07-04 17:54 - 000000841 _____ C:\Users\acco5\Desktop\Louise Kay mail.txt
2022-09-12 22:41 - 2022-06-08 21:51 - 128991232 _____ C:\Users\acco5\Desktop\Mix 2 Rain Thunder White Noise with legnalegna55 shortened without other sounds.aup3
2022-09-12 22:41 - 2022-06-08 17:05 - 142782464 _____ C:\Users\acco5\Desktop\Mix 1 Rain Thunder White Noise.aup3
2022-09-12 22:41 - 2022-05-17 22:10 - 000479199 _____ C:\Users\acco5\Desktop\Lidojuma apstiprinajums 2022.pdf
2022-09-12 22:41 - 2022-05-05 00:44 - 000182442 _____ C:\Users\acco5\Desktop\Convocation rdv CAF.pdf
2022-09-12 22:41 - 2022-05-04 20:43 - 000023551 _____ C:\Users\acco5\Desktop\Finish - rain waves dark.mlt
2022-09-12 22:41 - 2022-04-26 16:54 - 000058785 _____ C:\Users\acco5\Desktop\Moonlight Vibes logo.mp4
2022-09-12 22:41 - 2022-03-28 18:10 - 000062812 _____ C:\Users\acco5\Desktop\Moonlight logo.mp4
2022-09-12 22:41 - 2022-03-15 17:24 - 1254738775 _____ C:\Users\acco5\Desktop\PB-Free-Fog-Overlays.zip
2022-09-12 22:41 - 2022-01-04 23:54 - 000000320 _____ C:\Users\acco5\Desktop\Handbrake video compression.txt
2022-09-12 22:41 - 2021-12-22 22:05 - 000026540 _____ C:\Users\acco5\Desktop\Lettre et signature en pdf.odt
2022-09-12 22:40 - 2022-07-27 14:36 - 000171551 _____ C:\Users\acco5\Desktop\9-01_1148126_26072022.edoc
2022-09-12 22:40 - 2022-07-20 20:22 - 375252875 _____ C:\Users\acco5\Desktop\Brown House With Lanterns Rain 10H compr.m4v
2022-09-12 22:40 - 2022-07-18 16:36 - 1336931970 _____ C:\Users\acco5\Desktop\Brown house with lanterns rain 1H.mp4
2022-09-12 22:40 - 2022-07-18 16:21 - 235614478 _____ C:\Users\acco5\Desktop\Brown house with lanterns rain 10 min.mp4
2022-09-12 22:40 - 2022-07-15 14:57 - 033974787 _____ C:\Users\acco5\Desktop\Brown house with lanterns rain 1 min.mp4
2022-09-12 22:40 - 2022-06-17 16:58 - 010645504 _____ C:\Users\acco5\Desktop\157434__timgormly__heavy-rain without other noises.aup3
2022-09-12 22:40 - 2022-06-17 16:54 - 039923712 _____ C:\Users\acco5\Desktop\577845__vilmuhametshin__rain-and-distant-thunder-2 amplified.aup3
2022-09-12 22:40 - 2022-06-09 17:11 - 046059520 _____ C:\Users\acco5\Desktop\405630__anthousai__2017-september-rain-the-end-of-a-rainstorm.aup3
2022-09-12 22:40 - 2022-06-08 16:43 - 019394560 _____ C:\Users\acco5\Desktop\329113__ivolipa__rain-falling-on-ground without noises.aup3
2022-09-12 22:40 - 2022-04-27 18:05 - 000001880 _____ C:\Users\acco5\Desktop\black rectangle.svg
2022-09-12 22:40 - 2021-06-12 15:49 - 044370789 _____ C:\Users\acco5\Desktop\Abstrakte Malerei, Acryl, easy, für Anfänger, Demo, Rakel-2jzBfpav47c-480p-1623505755823.mp4
2022-09-12 22:36 - 2022-09-12 22:36 - 000000000 ____D C:\Users\acco5\Desktop\USB
2022-09-12 22:36 - 2022-06-14 14:57 - 000000000 ____D C:\Users\acco5\Desktop\Shift plus u for at symbol
2022-09-12 22:33 - 2022-09-12 22:33 - 000000000 ____D C:\Users\acco5\AppData\Local\OneDrive
2022-09-12 22:32 - 2022-09-12 23:55 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-09-12 22:32 - 2022-09-12 23:54 - 000000000 ____D C:\Users\acco5\AppData\LocalLow\Mozilla
2022-09-12 22:32 - 2022-09-12 22:32 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-09-12 22:32 - 2022-09-12 22:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-09-12 22:32 - 2022-09-12 22:32 - 000000000 ____D C:\Users\acco5\AppData\Roaming\Mozilla
2022-09-12 22:32 - 2022-09-12 22:32 - 000000000 ____D C:\Users\acco5\AppData\Local\Mozilla
2022-09-12 22:32 - 2022-09-12 22:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-09-12 22:32 - 2022-09-12 22:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-09-12 22:29 - 2022-09-12 22:29 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2022-09-12 22:29 - 2022-09-12 22:29 - 000000000 ____D C:\Users\acco5\Desktop\Setups offline
2022-09-12 21:59 - 2022-09-12 21:59 - 000000028 ____H C:\.GamingRoot
2022-09-12 21:59 - 2022-09-12 21:59 - 000000000 ____D C:\XboxGames
2022-09-12 21:59 - 2022-09-12 21:59 - 000000000 ____D C:\Users\acco5\AppData\Local\Comms
2022-09-12 21:59 - 2022-09-12 21:59 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-09-12 21:59 - 2022-09-12 21:59 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2022-09-12 21:59 - 2022-09-02 17:10 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-09-12 21:48 - 2022-09-12 21:49 - 000000000 ____D C:\Users\acco5\AppData\Local\AcSdkInsLog
2022-09-12 21:47 - 2022-09-14 14:42 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-895565649-3931333595-811618271-1001
2022-09-12 21:47 - 2022-09-12 23:54 - 000000000 ____D C:\ProgramData\McInstTemp0242721663012063
2022-09-12 21:47 - 2022-09-12 21:47 - 000000061 _____ C:\WINDOWS\skipsavetoini
2022-09-12 21:47 - 2022-09-12 21:47 - 000000000 ___HD C:\OneDriveTemp
2022-09-12 21:47 - 2022-09-12 21:47 - 000000000 ____D C:\Program Files\dotnet
2022-09-12 21:47 - 2021-09-30 11:14 - 000043168 _____ C:\WINDOWS\system32\Drivers\AsIO3.sys
2022-09-12 21:47 - 2021-09-16 17:25 - 000151608 _____ (©ASUSTeK Computer Inc.) C:\WINDOWS\system32\AsIO3.dll
2022-09-12 21:47 - 2021-09-16 17:25 - 000123744 _____ (©ASUSTeK Computer Inc.) C:\WINDOWS\SysWOW64\AsIO3.dll
2022-09-12 21:46 - 2022-09-12 23:59 - 000000000 ____D C:\Users\acco5\AppData\Local\ASUS
2022-09-12 21:46 - 2022-09-12 21:46 - 000000000 ____D C:\Users\acco5\AppData\Local\NVIDIA
2022-09-12 21:45 - 2022-09-12 22:32 - 000000000 ____D C:\Users\acco5\AppData\Local\PlaceholderTileLogoFolder
2022-09-12 21:44 - 2022-09-14 14:42 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-895565649-3931333595-811618271-1001
2022-09-12 21:44 - 2022-09-12 23:13 - 000000000 ___RD C:\Users\acco5\OneDrive
2022-09-12 21:44 - 2022-09-12 21:44 - 000000000 ____D C:\Users\acco5\AppData\LocalLow\AMD
2022-09-12 21:44 - 2022-09-12 21:44 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-09-12 21:43 - 2022-09-13 00:44 - 000000000 ____D C:\Users\acco5\AppData\Local\D3DSCache
2022-09-12 21:43 - 2022-09-12 23:12 - 000000000 ____D C:\Users\acco5\AppData\Local\ConnectedDevicesPlatform
2022-09-12 21:43 - 2022-09-12 22:32 - 000000000 ____D C:\Users\acco5\AppData\Local\Packages
2022-09-12 21:43 - 2022-09-12 22:32 - 000000000 ____D C:\ProgramData\Packages
2022-09-12 21:43 - 2022-09-12 21:43 - 000000000 ___RD C:\Users\acco5\3D Objects
2022-09-12 21:43 - 2022-09-12 21:43 - 000000000 ____D C:\Users\acco5\AppData\Roaming\Adobe
2022-09-12 21:43 - 2022-09-12 21:43 - 000000000 ____D C:\Users\acco5\AppData\Local\VirtualStore
2022-09-12 21:43 - 2022-09-12 21:43 - 000000000 ____D C:\Users\acco5\AppData\Local\Publishers
2022-09-12 21:43 - 2022-09-12 21:43 - 000000000 ____D C:\Users\acco5\AppData\Local\AMD
2022-09-12 21:41 - 2022-09-12 21:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2022-09-12 21:40 - 2022-09-14 14:42 - 000002381 _____ C:\Users\acco5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-09-12 21:40 - 2022-09-12 23:42 - 000000000 ____D C:\Users\acco5
2022-09-12 21:40 - 2022-09-12 21:40 - 000000020 ___SH C:\Users\acco5\ntuser.ini
2022-08-24 14:57 - 2021-06-15 02:14 - 000053768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvswcfilter.sys
2022-08-24 14:57 - 2021-06-02 16:03 - 000067464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-09-13 06:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-09-13 06:30 - 2021-08-08 18:04 - 000000000 ____D C:\WINDOWS\OEM
2022-09-13 06:28 - 2021-08-08 17:59 - 000000000 ____D C:\ProgramData\McInstTemp0069471628438385
2022-09-13 06:28 - 2021-08-08 17:57 - 000000000 ____D C:\Program Files (x86)\LightingService
2022-09-13 06:28 - 2021-08-08 17:56 - 000000000 ____D C:\Program Files (x86)\ASUSTeK COMPUTER INC
2022-09-13 06:28 - 2021-08-08 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2022-09-13 06:28 - 2021-08-08 17:54 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-09-13 06:28 - 2021-08-08 17:53 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-09-13 06:28 - 2020-11-21 14:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2022-09-13 06:28 - 2020-11-21 14:43 - 000000000 ____D C:\Program Files\Microsoft Office 15
2022-09-13 06:27 - 2021-08-08 17:59 - 000000000 ____D C:\Program Files\McAfee.com
2022-09-13 06:27 - 2021-08-08 17:59 - 000000000 ____D C:\Program Files\Common Files\McAfee
2022-09-13 06:27 - 2021-08-08 17:59 - 000000000 ____D C:\Program Files\Common Files\AV
2022-09-13 06:27 - 2021-08-08 17:56 - 000000000 ____D C:\Program Files\ASUS
2022-09-13 06:27 - 2020-11-21 14:44 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2022-09-13 06:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-09-12 23:55 - 2021-08-08 17:59 - 000000000 ____D C:\Program Files\McAfee
2022-09-12 23:55 - 2021-08-08 17:59 - 000000000 ____D C:\Program Files (x86)\McAfee
2022-09-12 23:54 - 2021-08-08 17:59 - 000000000 ____D C:\ProgramData\McAfee
2022-09-12 22:32 - 2020-11-21 14:43 - 000000000 ____D C:\Program Files\Microsoft Office
2022-09-12 21:49 - 2021-08-08 17:57 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-09-12 21:49 - 2021-08-08 17:56 - 000000000 ____D C:\Program Files (x86)\ASUS
2022-09-12 21:49 - 2021-08-08 17:54 - 000000000 ____D C:\ProgramData\Package Cache
2022-09-12 21:44 - 2021-08-08 17:52 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-09-12 21:43 - 2020-11-21 13:59 - 000000000 ____D C:\WINDOWS\Log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-08-2022
Ran by acco5 (14-09-2022 14:45:38)
Running from C:\Users\acco5\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1889 (X64) (2022-09-13 04:33:03)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

acco5 (S-1-5-21-895565649-3931333595-811618271-1001 - Administrator - Enabled) => C:\Users\acco5
Administrator (S-1-5-21-895565649-3931333595-811618271-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-895565649-3931333595-811618271-503 - Limited - Disabled)
Guest (S-1-5-21-895565649-3931333595-811618271-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-895565649-3931333595-811618271-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: McAfee Firewall (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AI Noise Cancelation Audio Software (HKLM-x32\...\{ab5f014e-883d-470d-bc2d-127ef91e5611}) (Version: 2.0.3 - ASUSTek Computer Inc.)
AI Noise Cancelation Audio Software SDK (HKLM\...\{9B441197-6389-46FC-BE60-56C8B6E5ADE9}) (Version: 1.0.6 - ASUSTeK COMPUTER INC.)
ARMOURY CRATE Service (HKLM\...\{01378DC3-088F-4F55-AAFA-DC6A9CCA292A}) (Version: 4.0.16 - ASUS)
ASUS Aac_GmAcc HAL (HKLM\...\{998249B1-6913-447E-AA37-F445B8CA33D0}) (Version: 1.0.0.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_GmAcc HAL (HKLM-x32\...\{fd4cf3d0-9937-417e-89b4-56658158819a}) (Version: 1.0.0.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.5.12.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{cd70cc72-872c-4308-9fd1-9de5de28e448}) (Version: 2.5.12.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.2.12.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32\...\{fe2996bf-7174-4ad7-af8c-3e8e510c8263}) (Version: 1.2.12.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.3.26.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{b351ae91-a5dd-4741-8830-883dddd22eb7}) (Version: 1.3.26.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.07 - ASUSTek COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 3.1.0.2 - ASUSTeK Computer Inc.)
ASUS Framework Service (HKLM-x32\...\{80f60ecc-98e1-474b-aee2-0c470f02dbbc}) (Version: 2.0.2.6 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.0.2.6 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.1.48.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{79497ebd-229a-42ac-9410-87264af2e929}) (Version: 1.1.48.0 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.35 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{193a2068-8738-4276-ab1b-9133f9403487}) (Version: 1.0.35 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{B8F984F2-7887-4DD2-8D96-F9A4BC5A4AC5}) (Version: 1.1.0.45 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{559342ce-3e0f-4daf-bd9f-dfb67f065c28}) (Version: 1.1.0.45 - ASUSTek COMPUTER INC.) Hidden
ASUS MultiAntenna Service (HKLM\...\{285B9C1B-A3F2-4576-9B8B-40CF0D871517}) (Version: 3.1.3 - ASUSTeK COMPUTER INC.)
ASUS Smart Display Control (HKLM-x32\...\{8714A8D1-0F08-4681-9DF6-A8C4607A58B4}) (Version: 1.2.0 - ASUSTek COMPUTER INC.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.85 - ASUSTeK Computer Inc.) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.16 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.16 - ASUS)
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.05.06 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{a890e515-8afe-4007-81e7-5c4d3da50086}) (Version: 3.05.06 - ASUSTeK Computer Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.8.6030 - Avast Software)
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R29 - McAfee, LLC)
Microsoft .NET Host - 5.0.14 (x64) (HKLM\...\{61A6E3A7-F406-418A-B2A6-0606DB55B325}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.14 (x64) (HKLM\...\{8D88F0E2-CE9B-4A6D-8309-FDC562195F5B}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.14 (x64) (HKLM\...\{B810ACDF-1C0C-4108-9B92-12F1674FA444}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13127.20616 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 105.0.1343.33 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 105.0.1343.33 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{A9CFD6A1-C0D3-7F37-C220-8B104867EF15}) (Version: 10.1.22621.1011 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-895565649-3931333595-811618271-1001\...\OneDriveSetup.exe) (Version: 22.166.0807.0002 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 (HKLM-x32\...\{7d607fb4-7e28-4c7a-a92f-3fcdaf555faf}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.26.28720 (HKLM-x32\...\{86380aef-fd23-4fc3-8723-a98ccad8f2c6}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.26.28720 (HKLM\...\{CB4A0FDE-1126-4AE2-97C6-A243692C3D95}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.26.28720 (HKLM\...\{DD1EC0FD-3F0A-4740-A05E-1DCD14A6B0D1}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.26.28720 (HKLM-x32\...\{2F69FB2B-2C48-491C-B249-22C1BDCE1117}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.26.28720 (HKLM-x32\...\{31C9EB3A-5F0C-49E7-8E6C-D404E48F433D}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.14 (x64) (HKLM\...\{4CD6FFC6-FA14-4016-A7A6-B7E3D6286331}) (Version: 40.56.30911 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.14 (x64) (HKLM-x32\...\{d21a4f20-968a-4b0c-bf04-a38da5f06e41}) (Version: 5.0.14.30911 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 104.0.2 (x64 en-US)) (Version: 104.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 104.0.2 - Mozilla)
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Graphics Driver 462.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 462.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - )
RefreshRateService (HKLM-x32\...\{7E5E84CB-B190-4658-A4DC-166779C329D1}) (Version: 2.0.8 - ASUSTeK COMPUTER INC.)
ROG CustomHotkey (HKLM-x32\...\{374883e6-b31d-4a3c-9c4a-2685a840aed4}) (Version: 1.1.1 - ASUSTek Computer Inc.)
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.5.10.0 - ASUSTek COMPUTER INC.)
WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.756 - McAfee, LLC)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.21.30024.0_x64__0a9344xs7nr4m [2022-09-12] (Advanced Micro Devices Inc.) [Startup Task]
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.2.12.0_x64__qmba6cd70vzyy [2022-09-12] (ASUSTeK COMPUTER INC.)
AURA Creator -> C:\Program Files\WindowsApps\B9ECED6F.AURACreator_3.4.3.0_x64__qmba6cd70vzyy [2022-09-12] (ASUSTeK COMPUTER INC.)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.37.9.0_x64__6rarf9sa4v8jt [2022-09-12] (Disney)
Dolby Access -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyaccess_3.14.67.0_x64__rz1tebttyb220 [2022-09-12] (Dolby Laboratories)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2022-09-12] (McAfee LLC.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9020.0_x64__8wekyb3d8bbwe [2022-09-12] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10801.429.0_x64__8wekyb3d8bbwe [2022-09-12] (Microsoft Corporation)
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.5.0_x64__qmba6cd70vzyy [2022-09-12] (ASUSTeK COMPUTER INC.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.962.0_x64__56jybvy8sckqj [2022-09-12] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.25.247.0_x64__dt26b99r8h8gj [2022-09-12] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0 [2022-09-12] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-09-12] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-09-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-09-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-11-05] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-09-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2022-02-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\nvshext.dll [2022-06-24] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-09-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-11-05] (McAfee, LLC -> McAfee, LLC)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-09-12 21:48 - 2022-06-20 16:14 - 000520704 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ac_node_addon\prebuilds\win32-ia32\node.napi.node
2022-09-12 21:48 - 2022-06-08 11:33 - 000479744 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2022-09-12 21:48 - 2022-06-08 11:33 - 000470016 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2022-09-12 21:48 - 2022-06-08 11:33 - 000832512 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\usb-detection\prebuilds\win32-ia32\node.napi.node
2021-08-08 17:57 - 2019-12-24 03:51 - 000093184 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll
2022-09-12 21:48 - 2022-06-08 11:33 - 000081920 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2010-05-23 20:20 - 2010-05-23 20:20 - 000012288 _____ () [File not signed] C:\Program Files (x86)\Rainlendar2\lfs.dll
2010-05-23 20:20 - 2010-05-23 20:20 - 000126976 _____ () [File not signed] C:\Program Files (x86)\Rainlendar2\lua51.dll
2011-08-12 07:45 - 2011-08-12 07:45 - 000198144 _____ () [File not signed] C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll
2020-11-21 14:17 - 2020-11-21 14:17 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\e_sqlite3.dll
2020-05-27 02:08 - 2020-05-27 02:08 - 002831360 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\LightingService\log4cxx.dll
2021-08-08 17:57 - 2021-01-01 02:26 - 002676224 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\AURAChecker.dll
2021-08-08 18:02 - 2021-08-08 18:02 - 000179200 _____ (Fortemedia) [File not signed] C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.25.247.0_x64__dt26b99r8h8gj\FMAPOCTL.dll
2021-12-24 01:02 - 2021-12-24 01:03 - 016742912 _____ (McAfee LLC) [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.dll
2021-08-08 18:02 - 2021-08-08 18:02 - 000023040 _____ (Synaptics Incorporated.) [File not signed] C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.25.247.0_x64__dt26b99r8h8gj\SynAudSrvDll.dll
2011-07-28 20:20 - 2011-07-28 20:20 - 000244736 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\Rainlendar2\libcurl.dll
2021-08-08 17:57 - 2019-06-27 01:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll
2021-08-08 17:57 - 2019-06-27 01:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll
2011-01-29 13:59 - 2011-01-29 13:59 - 001102336 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Rainlendar2\LIBEAY32.dll
2011-01-29 13:59 - 2011-01-29 13:59 - 000237056 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Rainlendar2\SSLEAY32.dll
2010-12-12 12:56 - 2010-12-12 12:56 - 001205760 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Rainlendar2\wxbase28u_vc_rny.dll
2010-12-12 12:58 - 2010-12-12 12:58 - 000131584 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Rainlendar2\wxbase28u_xml_vc_rny.dll
2010-12-12 12:57 - 2010-12-12 12:57 - 000707584 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Rainlendar2\wxmsw28u_adv_vc_rny.dll
2010-12-12 12:57 - 2010-12-12 12:57 - 002633216 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Rainlendar2\wxmsw28u_core_vc_rny.dll
2010-12-12 12:57 - 2010-12-12 12:57 - 000485376 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Rainlendar2\wxmsw28u_html_vc_rny.dll
2010-12-12 12:58 - 2010-12-12 12:58 - 000502784 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Rainlendar2\wxmsw28u_xrc_vc_rny.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-11-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-21] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2020-11-05] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2020-11-05] (McAfee, LLC -> McAfee, LLC)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-895565649-3931333595-811618271-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\acco5\Desktop\white_flowers_nature_plants-21425.jpg!d.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-895565649-3931333595-811618271-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4D71EE77-6CBD-48A8-A21F-E2EB877965E6}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.5.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{4E23DFAD-87AE-4721-8383-F59B91DA4A7E}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.5.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{9F3550D8-F22E-4685-9789-8E16B9AF85AD}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.5.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{4C138621-0EAC-4FB8-B2AF-C7A2B99CA17C}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.5.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{B25F42FC-B892-48E9-98C5-8D364EC78F4A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{51D2BE98-9E59-489D-ADB2-DD3198C15E24}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{06A16F9A-022F-4337-8CEA-EB3BBEDE8AC5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8F66AB5F-F5CF-4FFE-95B0-97F14239175D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EFE5E416-1C9D-452B-A2A9-C77B2C017641}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{D2509200-7EDE-4AB4-94BC-46BAAE17954A}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{D191D2A8-6FF4-43D5-A782-71E4CC6C83F7}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{17E6E1DB-6811-46A9-9D95-6FF0F770842A}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTEK COMPUTER INCORPORATION -> )
FirewallRules: [{A476B622-4E44-4FA0-8B1E-3984980C05AF}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{15E5C64C-D0C1-42AC-B54B-87414F296814}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{0ABC14FF-2DD3-4306-B489-6815B4D35391}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{290CFDAB-452B-4756-8486-CE1697ADB12F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{78223492-85A2-4C09-8B02-8F05A70674EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{221E9954-E8A6-4AD5-B0E2-8305A673B1FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2B07C2C0-3BEE-4BE4-A94E-44F581AD28A1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6D1214D2-3A49-4047-9F79-485FC62A24F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ACCA6159-C91A-4E60-AD8B-C49343D5A97D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1AFFF290-FB7F-441F-ADCF-83FC80F3C467}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A3DFA536-FC3E-432B-B530-7D8AADF09EF3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\105.0.1343.33\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{74AC523A-DA02-400B-8FFE-84EE96C86817}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{CACB8F62-E313-4262-9A56-34E10D0B28BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5E6228DD-7EAC-433C-8056-9EE50369209C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9EDFBAB8-439F-4EE6-944D-36300D2700C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BB9316C8-299E-4C58-AB01-807055B0FA47}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{724E5ACE-9754-4E00-880D-4DA058D6F076}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B9C0CB4C-2DD1-4E93-AAD5-54C80F863ABC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{82C83712-382E-4341-B7D5-2E69CC019281}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8FFA6781-BFDF-4D36-A76B-D0FB3D9636D8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{86A5642A-2677-4672-B769-FEB907D76DB3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F5432C84-7BAE-4701-8499-B081794565CF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9FCB9CC1-2944-4E67-9081-6F06546D708B}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{B77552C3-BD1B-4762-8F2C-897A508E169E}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSwitch\AsusSwitchNet.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{F8A33FFF-CDFB-406A-BAFD-ED0894EA43ED}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{BDCF42E4-525B-42D8-AC37-63DAF3B7E632}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{82D41F1F-EDF1-47B1-BF74-BE694D9E0CCE}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{1CC5608B-A042-4548-B90B-F6DB8D31F4BD}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTEK COMPUTER INCORPORATION -> )
FirewallRules: [{0DC342B6-973B-4784-9980-82C6BFC2D38A}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTEK COMPUTER INCORPORATION -> )
FirewallRules: [{8FFF978C-E43D-4B3D-8798-E289F46621AE}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B81B2959-BF80-4211-B4B8-24378A867FB7}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:453.5 GB) (Free:248.79 GB) (55%)

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (09/14/2022 02:37:36 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (09/14/2022 02:37:36 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/12/2022 11:54:38 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-6ODOHNQP$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Mon, 12 Sep 2022 21:54:38 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 05291232-8232-4c24-9467-f80c7c308b86

Method: GET(2062ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (09/12/2022 10:30:15 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 11) (User: LAPTOP-6ODOHNQP)
Description: Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy-2147024662

Error: (09/12/2022 09:47:19 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: LAPTOP-6ODOHNQP)
Description: Application or service 'ROG Live Service' could not be restarted.

Error: (09/12/2022 09:43:28 PM) (Source: ESENT) (EventID: 522) (User: )
Description: StartMenuExperienceHost (9300,P,98) TILEREPOSITORYS-1-5-21-895565649-3931333595-811618271-1001: An attempt to open the device with name "\\.\C:" containing "C:\" failed with system error 5 (0x00000005): "Access is denied. ". The operation will fail with error -1032 (0xfffffbf8).

Error: (09/12/2022 09:39:54 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\WIN-22BCO55SN2S$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Mon, 12 Sep 2022 19:39:53 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 8d2a10e3-7b14-4282-a744-5f11ac412de1

Method: GET(453ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (09/13/2022 06:34:52 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80072EE7
Command-line arguments:
RuleId=3482d82e-ca2c-4e1f-8864-da0267b484b2;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=0567073a-7d74-403b-b2d5-6b35da372d8d;NotificationInterval=1440;Trigger=TimerEvent

System errors:
=============
Error: (09/12/2022 11:53:52 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (09/12/2022 11:53:52 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (09/13/2022 06:37:45 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server EnterpriseDeviceManagement.Service.AutoPilot.AutoPilotServer did not register with DCOM within the required timeout.

Error: (09/13/2022 06:35:15 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server EnterpriseDeviceManagement.Service.AutoPilot.AutoPilotServer did not register with DCOM within the required timeout.

Error: (09/13/2022 06:32:18 AM) (Source: WinRM) (EventID: 10142) (User: )
Description: The WinRM service cannot migrate the listener with Address * and Transport HTTP. A listener that has the same Address and Transport configuration already exists.

Error: (09/13/2022 06:30:58 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Network List Service service terminated with the following error:
The device is not ready.

Error: (09/13/2022 06:30:58 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {A47979D2-C419-11D9-A5B4-001185AD2B89} did not register with DCOM within the required timeout.

Error: (09/13/2022 06:30:18 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} did not register with DCOM within the required timeout.

Windows Defender:
================Event[0]:

Date: 2022-09-12 21:46:56
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 0.0.0.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 0.0.0.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2022-09-12 21:46:56
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 0.0.0.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 0.0.0.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2022-09-12 21:46:56
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 0.0.0.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 0.0.0.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2022-09-12 21:46:56
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 0.0.0.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 0.0.0.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2022-09-12 21:46:56
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 0.0.0.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 0.0.0.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

CodeIntegrity:
===============
Date: 2022-09-14 14:45:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2022-09-14 14:45:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

Date: 2022-09-14 14:39:38
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2022-09-14 14:39:38
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends International, LLC. G513IC.314 03/30/2022
Motherboard: ASUSTeK COMPUTER INC. G513IC
Processor: AMD Ryzen 7 4800H with Radeon Graphics
Percentage of memory in use: 36%
Total physical RAM: 15792.36 MB
Available physical RAM: 10024.63 MB
Total Virtual: 18736.36 MB
Available Virtual: 10781.53 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:453.5 GB) (Free:248.79 GB) (Model: HFM512GD3JX013N) (Protected) NTFS

\\?\Volume{66a3209f-eb4a-4404-8e69-a0688f1f2f8d}\ (RECOVERY) (Fixed) (Total:0.98 GB) (Free:0.09 GB) NTFS
\\?\Volume{f51f1b4c-8df5-41a8-8f65-bdf58564b60b}\ (RESTORE) (Fixed) (Total:22 GB) (Free:4.52 GB) NTFS
\\?\Volume{c59d0604-e288-4986-a06e-e17a96ca7a64}\ (MYASUS) (Fixed) (Total:0.19 GB) (Free:0.13 GB) FAT32
\\?\Volume{1b46213c-b1f2-4ef0-bf62-3e223d1cbb73}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: C0F51CB1)

Partition: GPT.

==================== End of Addition.txt =======================

Malnutrition · Sep 15, 2022

You have Mcafee and Avast installed, please remove both with GeekUninstaller. then reboot the machine and post new FRST and Addition.txt logs. There is no need for either in windows 10, at least while we work on the machine please remove. You can install at a later time, when we are done.

Prior to running the FRST tool again and after removing the two antivirus applications., please run Adware Cleaner, and malwarebytes.

Adware Cleaner

Download AdwCleaner and save it to your Desktop
Right-click on AdwCleaner.exeand select

Run as Administrator
Accept the EULA (I accept), then click on Scan Now
Let the scan complete
Once the scan completes, make sure that every item listed in the different tabs is checked and click on the Clean & Repair button
Subsequently you may be asked to Run Basic Repair. This is optional. I would suggest holding off on this for now.
Once the cleaning process is complete, AdwCleaner will ask you to restart your computer
Close all other open windows and allow it to restart
After the restart, Notepad will open with the AdwCleaner cleaning log
Please Attach the contents of that log into your next reply to me

Download Malwarebytes v.4 . Install and run.

Once the MBAM dashboard opens, click on Settings (gear icon).
Click on Security tab and make sure that all four Scan options are enabled.
Close Settings and click on the Scan button on the dashboard.
Once the scan is completed make sure you have it quarantine any detections it finds.
If no detections were found click on the Save results drop-down, then the Export to TXT button and save the file as a Text file to your desktop.
If there were detections then once the quarantine has completed click on the View report button, then click the Export drop-down, then the Export to TXT button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
If the computer restarted to quarantine you can access the logs from the Detection History, then the History tab. Highlight the most recent scan and double-click to open it. Then click the Export drop-down, then the Export to TXT button, and save the file as a Text file to your desktop or other location you can find and include that log on your next reply.

Malnutrition · Sep 15, 2022

https://download.mcafee.com/molbin/iss-loc/SupportTools/MCPR/MCPR.exe Mcafee removal tool.
https://support.avast.com/en-us/article/10/#pc Avast removal tool.

Data838 · Sep 15, 2022

Thank you for all the information

.

I ran the FRST tool but I'm sorry I didn't run Adwcleaner and Malwarebytes before that, only after. Actually, I've been using both for a long time and it has been a while since they have detected anything. Anyway, below are all the reports you asked for. Adwcleaner didn't open any Notepad file, but I went into Log Files and copied the scan results.

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022
Ran by acco5 (administrator) on LAPTOP-6ODOHNQP (ASUSTeK COMPUTER INC. ROG Strix G513IC_G513IC) (15-09-2022 09:48:53)
Running from C:\Users\acco5\Desktop
Loaded Profiles: acco5
Platform: Microsoft Windows 10 Home Version 21H2 19044.1889 (X64) Language: English (United Kingdom)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSACCI\ArmouryCrateControlInterface.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ACCIMonitor.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSOptimization\AsusOSD.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
(DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\u0376545.inf_amd64_87c724e1cb953643\B376543\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376545.inf_amd64_87c724e1cb953643\B376543\atieclxx.exe
(explorer.exe ->) () [File not signed] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376545.inf_amd64_87c724e1cb953643\B376543\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSLinkRemote\AsusLinkRemote.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ASUS MultiAntenna Service\AsusMultiAntennaSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSLinkNear\AsusLinkNear.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_a379f9cda17dd4b1\DAX3API.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.gamingservices_5.68.30003.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.gamingservices_5.68.30003.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_aca6886fc90e37cd\RtkAudUService64.exe <2>
(sihost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5a894077.mcafeesecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <2>
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
(svchost.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe
(svchost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5a894077.mcafeesecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.bingweather_4.53.42432.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.yourphone_1.22062.543.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1852_none_7de3b01c7cacf858\TiWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [ASUS Smart Display Control] => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [143960 2021-03-25] (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK Computer Inc.)
HKU\S-1-5-21-895565649-3931333595-811618271-1001\...\Run: [Rainlendar2] => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2433024 2011-08-12] () [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {013AF9A4-AA0E-4A26-B00A-2D477EE9619D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145752 2020-11-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {0AD50007-EC6D-4FDB-9E44-8477F68EFD48} - \ASUS\ASUSUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {0AE1AF72-54A1-410E-AE49-BF075E4BF8AB} - \NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {0CFF93A2-CDD3-4455-BFE1-648E48C22BD6} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {11755330-1251-4CAE-9D10-855C11DA1D85} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {1456FBB7-855A-4361-9232-A6A6496AE261} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3606664 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {241C138E-2D5C-490E-BEB5-8FD0B8E8B684} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSoftwareManager\AsusUpdateChecker.exe [788104 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {2B1FA0B5-52C2-45C0-8613-C2D8E5E77E55} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSOptimization\AsusHotkey.exe [240296 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {2F03CB02-4709-4F5A-B384-95690AF7AF90} - \NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {354B099A-44CB-4AE0-A9A9-392F41CDFC3A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145752 2020-11-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {38474140-144E-4A77-A88F-D83EDEDF0C03} - \Microsoft\Windows\PLA\074C0539-0999-4DA9-9D0D-3D016B62F4E9 -> No File <==== ATTENTION
Task: {45D05489-620F-4B03-B2E7-134E01F13A63} - \ASUS\AcPowerNotification -> No File <==== ATTENTION
Task: {4680A8DF-7B63-403E-ABB1-3FA7B77DE631} - \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan -> No File <==== ATTENTION
Task: {4BA1119B-7D8D-4647-971B-ECC4015857C8} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-08-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {559B0F92-63C4-4001-AE5E-A650091C71B8} - \Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance -> No File <==== ATTENTION
Task: {619FCF0D-C591-4E5C-ADC4-F5F036309425} - \ASUSSmartDisplayControl -> No File <==== ATTENTION
Task: {6CBEF361-EE00-46F9-B3B8-D803788F07C8} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
Task: {6FAE8AED-1808-4A26-AEA5-1567BB116B11} - \OneDrive Standalone Update Task-S-1-5-21-3450050205-251663859-3830464247-500 -> No File <==== ATTENTION
Task: {7193886A-4BD5-49D5-BEA9-E4CB5CC9E9A3} - \ASUS\P508PowerAgent_sdk -> No File <==== ATTENTION
Task: {8ACB53D9-7A3B-41B2-8448-52A927F42C4E} - \Microsoft\Windows\Setup\SetupCleanupTask -> No File <==== ATTENTION
Task: {914A6F9F-239E-423A-BD17-7A65EC9BCBD3} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {94B7956D-18E0-44A3-8DEB-5E5E35BC7648} - \NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {A8AA174E-7037-4183-8B8F-289B51E46EA9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {AD74412B-B73B-4515-B286-509B8B2AC5E4} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d8c6df9cf467e6 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-08-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {BA120A06-6336-4323-BECD-09FA68CB1323} - \ASUS\ArmourySocketServer -> No File <==== ATTENTION
Task: {CA2AB449-8A3A-47EE-9818-8AAD9F7AF083} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764936 2020-10-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {CABCE4BD-C389-47CC-AC81-EFA68D7AF9A5} - \NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {D72BE048-FB8D-4AD1-95C5-CC04A4424DE2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [144534560 2022-09-13] (Microsoft Windows -> Microsoft Corporation)
Task: {DB1218E6-F693-4F20-BC36-E62D6CB63AB4} - \Microsoft\Windows\Windows Defender\Windows Defender Cleanup -> No File <==== ATTENTION
Task: {DFC7A941-644D-4B29-A90E-E4BE1FFB403C} - \NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {E1E95467-AE5B-4605-AF3B-F8565F910E53} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764936 2020-10-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {E2A23218-3113-4A83-A136-BA85E48699AA} - \NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {E559FBB0-7370-4985-90DD-5D6B10DFC5F1} - \Microsoft\Windows\Windows Defender\Windows Defender Verification -> No File <==== ATTENTION
Task: {E67130FC-19FB-44BD-8F25-4F517976AF27} - \Microsoft\Windows\PLA\AsusLinkNear -> No File <==== ATTENTION
Task: {EB595763-BF8E-4FA0-BD51-254DF4BC1504} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_aca6886fc90e37cd\RtkAudUService64.exe [1253432 2021-03-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {EBD59F28-2D7F-4EB4-8AF4-93DCA358950F} - \NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {FDA04152-4F09-4471-A5EA-7E3565D984A2} - \NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {FE320D9D-19CA-4953-840F-18514DDC33CD} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [43509488 2022-07-08] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{0ac74aa6-98d2-4fa3-852f-3071b9d2dde6}: [DhcpNameServer] 192.168.43.1

Edge:
=======
Edge Profile: C:\Users\acco5\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-12]

FireFox:
========
FF DefaultProfile: gvfemib7.default
FF ProfilePath: C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\gvfemib7.default [2022-09-12]
FF ProfilePath: C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release [2022-09-15]
FF Session Restore: Mozilla\Firefox\Profiles\h2m6kk2k.default-release -> is enabled.
FF Extension: (uBlock Origin) - C:\Users\acco5\AppData\Roaming\Mozilla\Firefox\Profiles\h2m6kk2k.default-release\Extensions\uBlock0@raymondhill.net.xpi [2022-09-12]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-11-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-11-21] (Microsoft Corporation -> Microsoft Corporation)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ArmouryCrateControlInterface; C:\WINDOWS\System32\ASUSACCI\ArmouryCrateControlInterface.exe [1181296 2022-08-18] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [348280 2021-04-15] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
U2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-08-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\AsusAppService\AsusAppService.exe [901264 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [181576 2021-09-30] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSLinkNear\AsusLinkNear.exe [1174648 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSLinkRemote\AsusLinkRemote.exe [764576 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-08-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusMultiAntennaSvc; C:\Program Files\ASUS\ASUS MultiAntenna Service\AsusMultiAntennaSvc.exe [820856 2021-04-13] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSOptimization\AsusOptimization.exe [378512 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSoftwareManager\AsusSoftwareManager.exe [1086600 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSwitch\AsusSwitch.exe [626824 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3606664 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [790168 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8853384 2020-10-05] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_a379f9cda17dd4b1\DAX3API.exe [2431544 2022-03-09] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3426008 2021-05-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 RefreshRateService; C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe [39000 2021-01-27] (ASUSTEK COMPUTER INCORPORATION -> ASUSTek Computer Inc.)
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [6687384 2022-07-27] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25016 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0376545.inf_amd64_87c724e1cb953643\B376543\amdkmdag.sys [80456096 2022-02-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [43168 2021-09-30] (ASUSTeK Computer Inc. -> )
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [112848 2020-09-27] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSystemAnalysis\AsusSAIO.sys [46688 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSOptimization\AsusWmiAcpi.sys [45248 2022-08-04] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [33424 2021-07-18] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R3 IGO_VSD; C:\WINDOWS\system32\drivers\igovsd.sys [42344 2021-07-05] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.)
R3 MTKBTFilterX64; C:\WINDOWS\system32\DRIVERS\mtkbtfilterx.sys [261928 2021-02-23] (MEDIATEK INC. -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1403248 2022-04-27] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [234568 2022-06-24] (Nvidia Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144 2021-10-08] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-09-15 09:48 - 2022-09-15 09:49 - 000024968 _____ C:\Users\acco5\Desktop\FRST.txt
2022-09-15 09:38 - 2022-09-15 09:47 - 000000000 ____D C:\ProgramData\McInstTemp0069061663227501
2022-09-15 09:37 - 2022-09-15 09:46 - 000000000 ____D C:\Users\acco5\AppData\Roaming\Geek Uninstaller
2022-09-15 09:36 - 2022-09-15 09:36 - 002789978 _____ C:\Users\acco5\Downloads\geek.zip
2022-09-15 09:30 - 2022-09-15 09:30 - 000000000 ___HD C:\$WinREAgent
2022-09-15 09:30 - 2022-09-15 09:30 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-09-14 14:43 - 2022-09-15 09:49 - 000000000 ____D C:\FRST
2022-09-14 14:42 - 2022-09-14 14:42 - 002371072 _____ (Farbar) C:\Users\acco5\Desktop\FRST64.exe
2022-09-13 07:21 - 2022-09-13 06:33 - 000000000 ____D C:\WINDOWS\Panther
2022-09-13 07:21 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\ASUS
2022-09-13 07:20 - 2022-09-15 09:47 - 000000000 ____D C:\WINDOWS\system32\ASUSACCI
2022-09-13 07:20 - 2022-09-13 07:20 - 000000000 ____D C:\WINDOWS\Firmware
2022-09-13 07:19 - 2022-09-13 07:19 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-09-13 07:19 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2022-09-13 07:19 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2022-09-13 07:19 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2022-09-13 07:19 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2022-09-13 07:19 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2022-09-13 07:19 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2022-09-13 07:19 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\system32\0409
2022-09-13 07:19 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\Setup
2022-09-13 07:19 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\DigitalLocker
2022-09-13 07:19 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\addins
2022-09-13 07:19 - 2022-09-13 07:19 - 000000000 ____D C:\ProgramData\ssh
2022-09-13 07:19 - 2022-09-13 06:33 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2022-09-13 07:19 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2022-09-13 07:19 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2022-09-13 07:19 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2022-09-13 07:19 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2022-09-13 07:19 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\system32\winrm
2022-09-13 07:19 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\system32\WCN
2022-09-13 07:19 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\system32\slmgr
2022-09-13 07:19 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2022-09-13 07:19 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\OCR
2022-09-13 07:17 - 2022-09-15 09:47 - 000000000 ___RD C:\Program Files (x86)
2022-09-13 07:17 - 2022-09-15 09:47 - 000000000 ____D C:\WINDOWS\ServiceState
2022-09-13 07:17 - 2022-09-15 09:47 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-09-13 07:17 - 2022-09-15 09:35 - 000000000 ____D C:\WINDOWS\INF
2022-09-13 07:17 - 2022-09-13 07:20 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\SystemResources
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\system32\setup
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\system32\MUI
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\system32\Com
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\WINDOWS\Help
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\Program Files\Windows NT
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\Program Files\Windows Defender
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\Program Files (x86)\Windows NT
2022-09-13 07:17 - 2022-09-13 07:19 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 __SHD C:\Program Files\Windows Sidebar
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 __RSD C:\WINDOWS\Media
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 __RHD C:\Users\Public\Libraries
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ___SD C:\WINDOWS\system32\Nui
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\Web
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\WaaS
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\Vss
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\tracing
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\TAPI
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SystemApps
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\winevt
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\ti-et
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\ta-in
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\si-lk
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\ras
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\my-mm
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\Macromed
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\Keywords
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\IME
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\icsxml
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\ias
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\DriverState
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\downlevel
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\am-et
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\System
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SKB
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\security
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\schemas
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\SchCache
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\Resources
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\rescache
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\Registration
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\Provisioning
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\PLA
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\Performance
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\ModemLogs
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\L2Schemas
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\InputMethod
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\IdentityCRL
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\Globalization
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\Cursors
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\Containers
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\Branding
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\appcompat
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\ProgramData\USOShared
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\Program Files\Windows Security
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\Program Files\Windows Portable Devices
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\Program Files\Common Files\Services
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2022-09-13 07:17 - 2022-09-13 07:17 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2022-09-13 07:17 - 2022-09-13 07:16 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2022-09-13 07:17 - 2022-09-13 07:16 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2022-09-13 07:17 - 2022-09-13 07:16 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2022-09-13 07:17 - 2022-09-13 07:16 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2022-09-13 07:17 - 2022-09-13 07:16 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2022-09-13 07:17 - 2022-09-13 07:16 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2022-09-13 07:17 - 2022-09-13 07:16 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2022-09-13 07:17 - 2022-09-13 07:16 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2022-09-13 07:17 - 2022-09-13 07:16 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2022-09-13 07:17 - 2022-09-13 06:32 - 000000000 ____D C:\ProgramData\USOPrivate
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ___SD C:\WINDOWS\system32\dsc
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\system32\spool
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-09-13 07:17 - 2022-09-13 06:30 - 000000000 ____D C:\WINDOWS\IME
2022-09-13 07:17 - 2022-09-13 06:28 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-09-13 07:17 - 2022-09-13 06:28 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-09-13 07:17 - 2022-09-13 06:27 - 000000000 ____D C:\Program Files\Common Files\System
2022-09-13 07:17 - 2022-09-13 06:27 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-09-13 07:17 - 2022-09-12 23:53 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-09-13 07:17 - 2022-09-12 23:12 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-09-13 07:17 - 2022-09-12 22:30 - 000000000 ___HD C:\Program Files\WindowsApps
2022-09-13 07:17 - 2022-09-12 21:59 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-09-13 07:17 - 2022-09-12 21:43 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-09-13 07:17 - 2022-09-12 21:40 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-09-13 07:14 - 2022-09-15 09:46 - 092274688 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-09-13 07:14 - 2022-09-15 09:46 - 018350080 _____ C:\WINDOWS\system32\config\SYSTEM
2022-09-13 07:14 - 2022-09-15 09:46 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT
2022-09-13 07:14 - 2022-09-15 09:46 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-09-13 07:14 - 2022-09-15 09:46 - 000131072 _____ C:\WINDOWS\system32\config\SAM
2022-09-13 07:14 - 2022-09-15 09:46 - 000065536 _____ C:\WINDOWS\system32\config\SECURITY
2022-09-13 07:14 - 2022-09-15 09:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-09-13 07:14 - 2022-09-15 09:35 - 000000000 ____D C:\WINDOWS\servicing
2022-09-13 07:14 - 2022-09-15 09:35 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-09-13 07:14 - 2022-09-13 07:17 - 000000000 ____D C:\WINDOWS\system32\SMI
2022-09-13 06:36 - 2022-09-13 00:01 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-13 06:33 - 2022-09-15 09:49 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2022-09-13 06:32 - 2022-09-13 06:32 - 000000000 _SHDL C:\Users\Default User
2022-09-13 06:32 - 2022-09-13 06:32 - 000000000 _SHDL C:\Users\All Users
2022-09-13 06:32 - 2022-09-13 06:32 - 000000000 _SHDL C:\Documents and Settings
2022-09-13 06:27 - 2022-09-13 06:27 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-09-13 06:26 - 2022-09-13 06:26 - 000000000 ____D C:\eSupport
2022-09-13 06:25 - 2022-09-15 09:49 - 000000000 ____D C:\ProgramData\NVIDIA
2022-09-13 06:25 - 2022-09-13 06:33 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-09-13 06:25 - 2022-09-13 06:31 - 000004122 _____ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2022-09-13 06:25 - 2022-09-13 06:25 - 000003366 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2022-09-13 06:25 - 2022-09-13 06:25 - 000000000 ____D C:\WINDOWS\system32\lxss
2022-09-13 06:25 - 2022-09-13 06:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-09-13 06:25 - 2022-09-13 06:25 - 000000000 ____D C:\ProgramData\Dolby
2022-09-13 06:25 - 2022-09-13 06:25 - 000000000 ____D C:\Program Files\AMD
2022-09-13 06:25 - 2022-09-12 23:11 - 000000000 ____D C:\WINDOWS\system32\AMD
2022-09-13 06:25 - 2022-09-12 21:41 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-09-13 06:24 - 2022-09-15 09:47 - 000008192 ___SH C:\DumpStack.log.tmp
2022-09-13 06:24 - 2022-09-15 09:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-13 06:24 - 2022-09-15 09:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-09-13 06:24 - 2022-09-13 06:24 - 000003756 _____ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2022-09-13 06:24 - 2022-09-13 06:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-09-13 06:24 - 2022-09-13 06:24 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-09-13 06:24 - 2022-09-12 23:54 - 000438936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-09-13 06:24 - 2022-09-12 21:49 - 000000000 ____D C:\ProgramData\ASUS
2022-09-13 06:24 - 2022-09-12 21:39 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-09-13 06:24 - 2022-09-12 21:39 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-09-13 00:44 - 2022-09-13 00:44 - 000000000 ___HD C:\$SysReset
2022-09-13 00:05 - 2022-09-13 00:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-09-13 00:05 - 2022-09-13 00:05 - 000001148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-09-13 00:05 - 2022-09-13 00:05 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-09-12 23:57 - 2022-09-15 09:46 - 000000000 ____D C:\Users\acco5\AppData\Local\Avast Software
2022-09-12 23:57 - 2022-09-12 23:57 - 000000000 ____D C:\Users\acco5\AppData\Local\CEF
2022-09-12 23:54 - 2022-09-12 23:57 - 000000000 ____D C:\Users\acco5\AppData\Local\NVIDIA Corporation
2022-09-12 23:53 - 2022-09-12 23:53 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2022-09-12 23:51 - 2022-09-15 09:46 - 000000000 ____D C:\ProgramData\Avast Software
2022-09-12 23:50 - 2022-09-12 23:50 - 000000000 ____D C:\AdwCleaner
2022-09-12 23:42 - 2022-09-15 09:47 - 000000000 ____D C:\Users\acco5\.rainlendar2
2022-09-12 23:42 - 2022-09-12 23:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainlendar2
2022-09-12 23:42 - 2022-09-12 23:42 - 000000000 ____D C:\Program Files (x86)\Rainlendar2
2022-09-12 23:31 - 2022-09-13 00:30 - 014292524 _____ C:\Users\acco5\Desktop\bookmarks 12.09.2022.html
2022-09-12 23:31 - 2022-09-12 23:31 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2022-09-12 23:13 - 2022-09-12 23:13 - 000000000 ____D C:\Users\acco5\AppData\Local\DBG
2022-09-12 23:03 - 2022-09-12 23:03 - 000000000 ____D C:\Users\acco5\Desktop\Rdv CAF
2022-09-12 23:03 - 2022-09-12 23:03 - 000000000 ____D C:\Users\acco5\Desktop\PB - Free Fog Overlays
2022-09-12 23:02 - 2022-09-12 23:03 - 000000000 ____D C:\Users\acco5\Desktop\Newest files from other computer
2022-09-12 23:02 - 2022-09-12 23:02 - 000000000 ____D C:\Users\acco5\Desktop\New Nature Sounds
2022-09-12 22:54 - 2022-09-12 23:01 - 000000000 ____D C:\Users\acco5\Desktop\Nature sound videos
2022-09-12 22:54 - 2022-09-12 22:54 - 000000000 ____D C:\Users\acco5\Desktop\Fog Effects
2022-09-12 22:54 - 2022-06-23 08:52 - 000017443 _____ C:\Users\acco5\Desktop\Videos.ods
2022-09-12 22:54 - 2022-05-04 20:11 - 019579010 _____ C:\Users\acco5\Desktop\x.mp4
2022-09-12 22:54 - 2022-03-28 22:10 - 000000164 _____ C:\Users\acco5\Desktop\Video notes.txt
2022-09-12 22:51 - 2022-06-17 19:17 - 3850464742 _____ C:\Users\acco5\Desktop\Triangular house rain 10H.mp4
2022-09-12 22:50 - 2022-06-18 18:11 - 1324484239 _____ C:\Users\acco5\Desktop\Triangular House Rain 10H compr.m4v
2022-09-12 22:50 - 2022-06-17 16:46 - 322347194 _____ C:\Users\acco5\Desktop\Triangular house rain 10 min.mp4
2022-09-12 22:50 - 2022-06-16 18:08 - 057950214 _____ C:\Users\acco5\Desktop\Triangular house rain 2 min.mp4
2022-09-12 22:49 - 2022-09-10 22:39 - 000001851 _____ C:\Users\acco5\Desktop\SUPERAntiSpyware Free Edition.lnk
2022-09-12 22:49 - 2022-09-08 01:50 - 000019702 _____ C:\Users\acco5\Desktop\Removed Apps.html
2022-09-12 22:49 - 2022-07-14 13:13 - 000111373 _____ C:\Users\acco5\Desktop\rekins_nr_P-22-28225.pdf
2022-09-12 22:49 - 2022-07-12 20:51 - 000036797 _____ C:\Users\acco5\Desktop\Signature manuscrite A.Balcere.svg
2022-09-12 22:49 - 2022-07-12 20:49 - 000006622 _____ C:\Users\acco5\Desktop\Signature manuscrite A.Balcere.pdf
2022-09-12 22:49 - 2022-06-24 21:08 - 017436477 _____ C:\Users\acco5\Desktop\test 1.mp4
2022-09-12 22:49 - 2022-06-17 17:02 - 1815784142 _____ C:\Users\acco5\Desktop\Triangular house rain 1H.mp4
2022-09-12 22:49 - 2022-03-15 23:05 - 000036761 _____ C:\Users\acco5\Desktop\resynth.zip
2022-09-12 22:49 - 2022-02-16 22:36 - 034803200 _____ C:\Users\acco5\Desktop\Puddle fragment video 2.mp4
2022-09-12 22:49 - 2021-12-01 19:48 - 063308222 _____ C:\Users\acco5\Desktop\Rain blue puddle tree in background longer.mp4
2022-09-12 22:49 - 2020-12-08 18:04 - 000283723 _____ C:\Users\acco5\Desktop\Projet Livre - mise en page.pdf
2022-09-12 22:47 - 2022-06-23 12:11 - 2120210478 _____ C:\Users\acco5\Desktop\Pine trees house rain thunder 10H.mp4
2022-09-12 22:45 - 2022-06-23 18:17 - 2094966830 _____ C:\Users\acco5\Desktop\Pine Trees House Rain Thunder 10H compr.m4v
2022-09-12 22:45 - 2022-06-23 10:07 - 1603305977 _____ C:\Users\acco5\Desktop\Pine trees house rain thunder 1H.mp4
2022-09-12 22:45 - 2022-06-23 09:53 - 298662835 _____ C:\Users\acco5\Desktop\Pine trees house rain thunder 10 min.mp4
2022-09-12 22:43 - 2022-09-08 18:10 - 2594012956 _____ C:\Users\acco5\Desktop\Pine tops fog rain thunder 10H.mp4
2022-09-12 22:42 - 2022-06-22 21:17 - 325901186 _____ C:\Users\acco5\Desktop\Pine Tops Fog Rain Thunder 10H compr.m4v
2022-09-12 22:42 - 2022-06-18 17:17 - 1251703727 _____ C:\Users\acco5\Desktop\Pine tops fog rain thunder 1H.mp4
2022-09-12 22:42 - 2022-06-18 17:02 - 223221612 _____ C:\Users\acco5\Desktop\Pine tops fog rain thunder 10 min.mp4
2022-09-12 22:42 - 2022-06-17 17:13 - 038694454 _____ C:\Users\acco5\Desktop\Pine tops fog rain thunder 2 min.mp4
2022-09-12 22:42 - 2022-03-28 07:34 - 006918111 _____ C:\Users\acco5\Desktop\pexels-tobi-463734 at night.xcf
2022-09-12 22:42 - 2021-12-27 22:21 - 006558402 _____ C:\Users\acco5\Desktop\pexels-max-mishin-9960706.xcf
2022-09-12 22:42 - 2021-12-13 14:06 - 012132452 _____ C:\Users\acco5\Desktop\pexels-estevon-roveda-6129571.mp4
2022-09-12 22:41 - 2022-09-08 01:24 - 000001906 _____ C:\Users\acco5\Desktop\Lakeside list 7.csv
2022-09-12 22:41 - 2022-08-09 15:14 - 000599214 _____ C:\Users\acco5\Desktop\Mantojuma apliecība A.Balcere.pdf
2022-09-12 22:41 - 2022-08-05 17:32 - 000004307 _____ C:\Users\acco5\Desktop\Lakeside list 6.csv
2022-09-12 22:41 - 2022-08-01 20:11 - 000313420 _____ C:\Users\acco5\Desktop\CAF annonce titre de sejour recu.pdf
2022-09-12 22:41 - 2022-07-31 18:02 - 000001934 _____ C:\Users\acco5\Desktop\Grim Tales 19 Heritage CE .lnk
2022-09-12 22:41 - 2022-07-29 20:31 - 000025486 _____ C:\Users\acco5\Desktop\Nature Sound YT channel texts.odt
2022-09-12 22:41 - 2022-07-29 20:30 - 000000734 _____ C:\Users\acco5\Desktop\CC0 License message.txt
2022-09-12 22:41 - 2022-07-29 16:18 - 000001086 _____ C:\Users\acco5\Desktop\Msg Max Verhamme.txt
2022-09-12 22:41 - 2022-07-28 13:45 - 000168004 _____ C:\Users\acco5\Desktop\Kadastra izzina.pdf
2022-09-12 22:41 - 2022-07-19 20:02 - 000077583 _____ C:\Users\acco5\Desktop\Lettre Desinscription CAF.pdf
2022-09-12 22:41 - 2022-07-19 20:02 - 000036416 _____ C:\Users\acco5\Desktop\Lettre Desinscription CAF.odt
2022-09-12 22:41 - 2022-07-14 13:12 - 000162053 _____ C:\Users\acco5\Desktop\pasutijums_nr_1148126.pdf
2022-09-12 22:41 - 2022-07-11 16:59 - 000001277 _____ C:\Users\acco5\Desktop\Desinscrire CAF.txt
2022-09-12 22:41 - 2022-07-10 14:44 - 000027327 _____ C:\Users\acco5\Desktop\IG Non-duality posts.ods
2022-09-12 22:41 - 2022-07-07 19:09 - 000053993 _____ C:\Users\acco5\Desktop\déclaration de CA_T2_2022.pdf
2022-09-12 22:41 - 2022-07-04 17:54 - 000000841 _____ C:\Users\acco5\Desktop\Louise Kay mail.txt
2022-09-12 22:41 - 2022-06-08 21:51 - 128991232 _____ C:\Users\acco5\Desktop\Mix 2 Rain Thunder White Noise with legnalegna55 shortened without other sounds.aup3
2022-09-12 22:41 - 2022-06-08 17:05 - 142782464 _____ C:\Users\acco5\Desktop\Mix 1 Rain Thunder White Noise.aup3
2022-09-12 22:41 - 2022-05-17 22:10 - 000479199 _____ C:\Users\acco5\Desktop\Lidojuma apstiprinajums 2022.pdf
2022-09-12 22:41 - 2022-05-05 00:44 - 000182442 _____ C:\Users\acco5\Desktop\Convocation rdv CAF.pdf
2022-09-12 22:41 - 2022-05-04 20:43 - 000023551 _____ C:\Users\acco5\Desktop\Finish - rain waves dark.mlt
2022-09-12 22:41 - 2022-04-26 16:54 - 000058785 _____ C:\Users\acco5\Desktop\Moonlight Vibes logo.mp4
2022-09-12 22:41 - 2022-03-28 18:10 - 000062812 _____ C:\Users\acco5\Desktop\Moonlight logo.mp4
2022-09-12 22:41 - 2022-03-15 17:24 - 1254738775 _____ C:\Users\acco5\Desktop\PB-Free-Fog-Overlays.zip
2022-09-12 22:41 - 2022-01-04 23:54 - 000000320 _____ C:\Users\acco5\Desktop\Handbrake video compression.txt
2022-09-12 22:41 - 2021-12-22 22:05 - 000026540 _____ C:\Users\acco5\Desktop\Lettre et signature en pdf.odt
2022-09-12 22:40 - 2022-07-27 14:36 - 000171551 _____ C:\Users\acco5\Desktop\9-01_1148126_26072022.edoc
2022-09-12 22:40 - 2022-07-20 20:22 - 375252875 _____ C:\Users\acco5\Desktop\Brown House With Lanterns Rain 10H compr.m4v
2022-09-12 22:40 - 2022-07-18 16:36 - 1336931970 _____ C:\Users\acco5\Desktop\Brown house with lanterns rain 1H.mp4
2022-09-12 22:40 - 2022-07-18 16:21 - 235614478 _____ C:\Users\acco5\Desktop\Brown house with lanterns rain 10 min.mp4
2022-09-12 22:40 - 2022-07-15 14:57 - 033974787 _____ C:\Users\acco5\Desktop\Brown house with lanterns rain 1 min.mp4
2022-09-12 22:40 - 2022-06-17 16:58 - 010645504 _____ C:\Users\acco5\Desktop\157434__timgormly__heavy-rain without other noises.aup3
2022-09-12 22:40 - 2022-06-17 16:54 - 039923712 _____ C:\Users\acco5\Desktop\577845__vilmuhametshin__rain-and-distant-thunder-2 amplified.aup3
2022-09-12 22:40 - 2022-06-09 17:11 - 046059520 _____ C:\Users\acco5\Desktop\405630__anthousai__2017-september-rain-the-end-of-a-rainstorm.aup3
2022-09-12 22:40 - 2022-06-08 16:43 - 019394560 _____ C:\Users\acco5\Desktop\329113__ivolipa__rain-falling-on-ground without noises.aup3
2022-09-12 22:40 - 2022-04-27 18:05 - 000001880 _____ C:\Users\acco5\Desktop\black rectangle.svg
2022-09-12 22:40 - 2021-06-12 15:49 - 044370789 _____ C:\Users\acco5\Desktop\Abstrakte Malerei, Acryl, easy, für Anfänger, Demo, Rakel-2jzBfpav47c-480p-1623505755823.mp4
2022-09-12 22:36 - 2022-09-12 22:36 - 000000000 ____D C:\Users\acco5\Desktop\USB
2022-09-12 22:36 - 2022-06-14 14:57 - 000000000 ____D C:\Users\acco5\Desktop\Shift plus u for at symbol
2022-09-12 22:33 - 2022-09-12 22:33 - 000000000 ____D C:\Users\acco5\AppData\Local\OneDrive
2022-09-12 22:32 - 2022-09-12 23:55 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-09-12 22:32 - 2022-09-12 23:54 - 000000000 ____D C:\Users\acco5\AppData\LocalLow\Mozilla
2022-09-12 22:32 - 2022-09-12 22:32 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-09-12 22:32 - 2022-09-12 22:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-09-12 22:32 - 2022-09-12 22:32 - 000000000 ____D C:\Users\acco5\AppData\Roaming\Mozilla
2022-09-12 22:32 - 2022-09-12 22:32 - 000000000 ____D C:\Users\acco5\AppData\Local\Mozilla
2022-09-12 22:32 - 2022-09-12 22:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-09-12 22:32 - 2022-09-12 22:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-09-12 22:29 - 2022-09-12 22:29 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2022-09-12 22:29 - 2022-09-12 22:29 - 000000000 ____D C:\Users\acco5\Desktop\Setups offline
2022-09-12 21:59 - 2022-09-12 21:59 - 000000028 ____H C:\.GamingRoot
2022-09-12 21:59 - 2022-09-12 21:59 - 000000000 ____D C:\XboxGames
2022-09-12 21:59 - 2022-09-12 21:59 - 000000000 ____D C:\Users\acco5\AppData\Local\Comms
2022-09-12 21:59 - 2022-09-12 21:59 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-09-12 21:59 - 2022-09-12 21:59 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2022-09-12 21:59 - 2022-09-02 17:10 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-09-12 21:48 - 2022-09-12 21:49 - 000000000 ____D C:\Users\acco5\AppData\Local\AcSdkInsLog
2022-09-12 21:47 - 2022-09-14 14:42 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-895565649-3931333595-811618271-1001
2022-09-12 21:47 - 2022-09-12 21:47 - 000000061 _____ C:\WINDOWS\skipsavetoini
2022-09-12 21:47 - 2022-09-12 21:47 - 000000000 ___HD C:\OneDriveTemp
2022-09-12 21:47 - 2022-09-12 21:47 - 000000000 ____D C:\Program Files\dotnet
2022-09-12 21:47 - 2021-09-30 11:14 - 000043168 _____ C:\WINDOWS\system32\Drivers\AsIO3.sys
2022-09-12 21:47 - 2021-09-16 17:25 - 000151608 _____ (©ASUSTeK Computer Inc.) C:\WINDOWS\system32\AsIO3.dll
2022-09-12 21:47 - 2021-09-16 17:25 - 000123744 _____ (©ASUSTeK Computer Inc.) C:\WINDOWS\SysWOW64\AsIO3.dll
2022-09-12 21:46 - 2022-09-12 23:59 - 000000000 ____D C:\Users\acco5\AppData\Local\ASUS
2022-09-12 21:46 - 2022-09-12 21:46 - 000000000 ____D C:\Users\acco5\AppData\Local\NVIDIA
2022-09-12 21:45 - 2022-09-12 22:32 - 000000000 ____D C:\Users\acco5\AppData\Local\PlaceholderTileLogoFolder
2022-09-12 21:44 - 2022-09-14 14:42 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-895565649-3931333595-811618271-1001
2022-09-12 21:44 - 2022-09-12 23:13 - 000000000 ___RD C:\Users\acco5\OneDrive
2022-09-12 21:44 - 2022-09-12 21:44 - 000000000 ____D C:\Users\acco5\AppData\LocalLow\AMD
2022-09-12 21:44 - 2022-09-12 21:44 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-09-12 21:43 - 2022-09-13 00:44 - 000000000 ____D C:\Users\acco5\AppData\Local\D3DSCache
2022-09-12 21:43 - 2022-09-12 23:12 - 000000000 ____D C:\Users\acco5\AppData\Local\ConnectedDevicesPlatform
2022-09-12 21:43 - 2022-09-12 22:32 - 000000000 ____D C:\Users\acco5\AppData\Local\Packages
2022-09-12 21:43 - 2022-09-12 22:32 - 000000000 ____D C:\ProgramData\Packages
2022-09-12 21:43 - 2022-09-12 21:43 - 000000000 ___RD C:\Users\acco5\3D Objects
2022-09-12 21:43 - 2022-09-12 21:43 - 000000000 ____D C:\Users\acco5\AppData\Roaming\Adobe
2022-09-12 21:43 - 2022-09-12 21:43 - 000000000 ____D C:\Users\acco5\AppData\Local\VirtualStore
2022-09-12 21:43 - 2022-09-12 21:43 - 000000000 ____D C:\Users\acco5\AppData\Local\Publishers
2022-09-12 21:43 - 2022-09-12 21:43 - 000000000 ____D C:\Users\acco5\AppData\Local\AMD
2022-09-12 21:41 - 2022-09-12 21:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2022-09-12 21:40 - 2022-09-14 14:42 - 000002381 _____ C:\Users\acco5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-09-12 21:40 - 2022-09-12 23:42 - 000000000 ____D C:\Users\acco5
2022-09-12 21:40 - 2022-09-12 21:40 - 000000020 ___SH C:\Users\acco5\ntuser.ini
2022-08-24 14:57 - 2021-06-15 02:14 - 000053768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvswcfilter.sys
2022-08-24 14:57 - 2021-06-02 16:03 - 000067464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-09-13 06:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-09-13 06:30 - 2021-08-08 18:04 - 000000000 ____D C:\WINDOWS\OEM
2022-09-13 06:28 - 2021-08-08 17:59 - 000000000 ____D C:\ProgramData\McInstTemp0069471628438385
2022-09-13 06:28 - 2021-08-08 17:57 - 000000000 ____D C:\Program Files (x86)\LightingService
2022-09-13 06:28 - 2021-08-08 17:56 - 000000000 ____D C:\Program Files (x86)\ASUSTeK COMPUTER INC
2022-09-13 06:28 - 2021-08-08 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2022-09-13 06:28 - 2021-08-08 17:54 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-09-13 06:28 - 2021-08-08 17:53 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-09-13 06:28 - 2020-11-21 14:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2022-09-13 06:28 - 2020-11-21 14:43 - 000000000 ____D C:\Program Files\Microsoft Office 15
2022-09-13 06:27 - 2021-08-08 17:56 - 000000000 ____D C:\Program Files\ASUS
2022-09-13 06:27 - 2020-11-21 14:44 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2022-09-13 06:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-09-12 22:32 - 2020-11-21 14:43 - 000000000 ____D C:\Program Files\Microsoft Office
2022-09-12 21:49 - 2021-08-08 17:57 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-09-12 21:49 - 2021-08-08 17:56 - 000000000 ____D C:\Program Files (x86)\ASUS
2022-09-12 21:49 - 2021-08-08 17:54 - 000000000 ____D C:\ProgramData\Package Cache
2022-09-12 21:44 - 2021-08-08 17:52 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-09-12 21:43 - 2020-11-21 13:59 - 000000000 ____D C:\WINDOWS\Log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-08-2022
Ran by acco5 (15-09-2022 09:49:44)
Running from C:\Users\acco5\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1889 (X64) (2022-09-13 04:33:03)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

acco5 (S-1-5-21-895565649-3931333595-811618271-1001 - Administrator - Enabled) => C:\Users\acco5
Administrator (S-1-5-21-895565649-3931333595-811618271-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-895565649-3931333595-811618271-503 - Limited - Disabled)
Guest (S-1-5-21-895565649-3931333595-811618271-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-895565649-3931333595-811618271-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AI Noise Cancelation Audio Software (HKLM-x32\...\{ab5f014e-883d-470d-bc2d-127ef91e5611}) (Version: 2.0.3 - ASUSTek Computer Inc.)
AI Noise Cancelation Audio Software SDK (HKLM\...\{9B441197-6389-46FC-BE60-56C8B6E5ADE9}) (Version: 1.0.6 - ASUSTeK COMPUTER INC.)
ARMOURY CRATE Service (HKLM\...\{01378DC3-088F-4F55-AAFA-DC6A9CCA292A}) (Version: 4.0.16 - ASUS)
ASUS Aac_GmAcc HAL (HKLM\...\{998249B1-6913-447E-AA37-F445B8CA33D0}) (Version: 1.0.0.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_GmAcc HAL (HKLM-x32\...\{fd4cf3d0-9937-417e-89b4-56658158819a}) (Version: 1.0.0.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.5.12.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{cd70cc72-872c-4308-9fd1-9de5de28e448}) (Version: 2.5.12.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.2.12.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32\...\{fe2996bf-7174-4ad7-af8c-3e8e510c8263}) (Version: 1.2.12.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.3.26.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{b351ae91-a5dd-4741-8830-883dddd22eb7}) (Version: 1.3.26.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.07 - ASUSTek COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 3.1.0.2 - ASUSTeK Computer Inc.)
ASUS Framework Service (HKLM-x32\...\{80f60ecc-98e1-474b-aee2-0c470f02dbbc}) (Version: 2.0.2.6 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.0.2.6 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.1.48.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{79497ebd-229a-42ac-9410-87264af2e929}) (Version: 1.1.48.0 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.35 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{193a2068-8738-4276-ab1b-9133f9403487}) (Version: 1.0.35 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{B8F984F2-7887-4DD2-8D96-F9A4BC5A4AC5}) (Version: 1.1.0.45 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{559342ce-3e0f-4daf-bd9f-dfb67f065c28}) (Version: 1.1.0.45 - ASUSTek COMPUTER INC.) Hidden
ASUS MultiAntenna Service (HKLM\...\{285B9C1B-A3F2-4576-9B8B-40CF0D871517}) (Version: 3.1.3 - ASUSTeK COMPUTER INC.)
ASUS Smart Display Control (HKLM-x32\...\{8714A8D1-0F08-4681-9DF6-A8C4607A58B4}) (Version: 1.2.0 - ASUSTek COMPUTER INC.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.85 - ASUSTeK Computer Inc.) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.16 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.16 - ASUS)
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.05.06 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{a890e515-8afe-4007-81e7-5c4d3da50086}) (Version: 3.05.06 - ASUSTeK Computer Inc.)
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
Microsoft .NET Host - 5.0.14 (x64) (HKLM\...\{61A6E3A7-F406-418A-B2A6-0606DB55B325}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.14 (x64) (HKLM\...\{8D88F0E2-CE9B-4A6D-8309-FDC562195F5B}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.14 (x64) (HKLM\...\{B810ACDF-1C0C-4108-9B92-12F1674FA444}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13127.20616 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 105.0.1343.33 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 105.0.1343.33 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{A9CFD6A1-C0D3-7F37-C220-8B104867EF15}) (Version: 10.1.22621.1011 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-895565649-3931333595-811618271-1001\...\OneDriveSetup.exe) (Version: 22.166.0807.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 (HKLM-x32\...\{7d607fb4-7e28-4c7a-a92f-3fcdaf555faf}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.26.28720 (HKLM-x32\...\{86380aef-fd23-4fc3-8723-a98ccad8f2c6}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.26.28720 (HKLM\...\{CB4A0FDE-1126-4AE2-97C6-A243692C3D95}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.26.28720 (HKLM\...\{DD1EC0FD-3F0A-4740-A05E-1DCD14A6B0D1}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.26.28720 (HKLM-x32\...\{2F69FB2B-2C48-491C-B249-22C1BDCE1117}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.26.28720 (HKLM-x32\...\{31C9EB3A-5F0C-49E7-8E6C-D404E48F433D}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.14 (x64) (HKLM\...\{4CD6FFC6-FA14-4016-A7A6-B7E3D6286331}) (Version: 40.56.30911 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.14 (x64) (HKLM-x32\...\{d21a4f20-968a-4b0c-bf04-a38da5f06e41}) (Version: 5.0.14.30911 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 104.0.2 (x64 en-US)) (Version: 104.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 104.0.2 - Mozilla)
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Graphics Driver 462.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 462.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - )
RefreshRateService (HKLM-x32\...\{7E5E84CB-B190-4658-A4DC-166779C329D1}) (Version: 2.0.8 - ASUSTeK COMPUTER INC.)
ROG CustomHotkey (HKLM-x32\...\{374883e6-b31d-4a3c-9c4a-2685a840aed4}) (Version: 1.1.1 - ASUSTek Computer Inc.)
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.5.10.0 - ASUSTek COMPUTER INC.)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.21.30024.0_x64__0a9344xs7nr4m [2022-09-12] (Advanced Micro Devices Inc.) [Startup Task]
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.2.12.0_x64__qmba6cd70vzyy [2022-09-12] (ASUSTeK COMPUTER INC.)
AURA Creator -> C:\Program Files\WindowsApps\B9ECED6F.AURACreator_3.4.3.0_x64__qmba6cd70vzyy [2022-09-12] (ASUSTeK COMPUTER INC.)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.37.9.0_x64__6rarf9sa4v8jt [2022-09-12] (Disney)
Dolby Access -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyaccess_3.14.67.0_x64__rz1tebttyb220 [2022-09-12] (Dolby Laboratories)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2022-09-12] (McAfee LLC.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9020.0_x64__8wekyb3d8bbwe [2022-09-12] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10801.429.0_x64__8wekyb3d8bbwe [2022-09-12] (Microsoft Corporation)
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.5.0_x64__qmba6cd70vzyy [2022-09-12] (ASUSTeK COMPUTER INC.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.962.0_x64__56jybvy8sckqj [2022-09-12] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.25.247.0_x64__dt26b99r8h8gj [2022-09-12] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0 [2022-09-12] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2022-02-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_a6c8d8415ff0e012\nvshext.dll [2022-06-24] (Nvidia Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-09-12 21:48 - 2022-06-20 16:14 - 000520704 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ac_node_addon\prebuilds\win32-ia32\node.napi.node
2022-09-12 21:48 - 2022-06-08 11:33 - 000479744 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2022-09-12 21:48 - 2022-06-08 11:33 - 000470016 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2022-09-12 21:48 - 2022-06-08 11:33 - 000832512 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\usb-detection\prebuilds\win32-ia32\node.napi.node
2021-08-08 17:57 - 2019-12-24 03:51 - 000093184 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll
2022-09-12 21:48 - 2022-06-08 11:33 - 000081920 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2010-05-23 20:20 - 2010-05-23 20:20 - 000012288 _____ () [File not signed] C:\Program Files (x86)\Rainlendar2\lfs.dll
2010-05-23 20:20 - 2010-05-23 20:20 - 000126976 _____ () [File not signed] C:\Program Files (x86)\Rainlendar2\lua51.dll
2011-08-12 07:45 - 2011-08-12 07:45 - 000198144 _____ () [File not signed] C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll
2020-11-21 14:17 - 2020-11-21 14:17 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\e_sqlite3.dll
2020-05-27 02:08 - 2020-05-27 02:08 - 002831360 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\LightingService\log4cxx.dll
2021-08-08 17:57 - 2021-01-01 02:26 - 002676224 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\AURAChecker.dll
2021-12-24 01:02 - 2021-12-24 01:03 - 016742912 _____ (McAfee LLC) [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.dll
2011-07-28 20:20 - 2011-07-28 20:20 - 000244736 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\Rainlendar2\libcurl.dll
2021-08-08 17:57 - 2019-06-27 01:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll
2021-08-08 17:57 - 2019-06-27 01:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll
2011-01-29 13:59 - 2011-01-29 13:59 - 001102336 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Rainlendar2\LIBEAY32.dll
2011-01-29 13:59 - 2011-01-29 13:59 - 000237056 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Rainlendar2\SSLEAY32.dll
2010-12-12 12:56 - 2010-12-12 12:56 - 001205760 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Rainlendar2\wxbase28u_vc_rny.dll
2010-12-12 12:58 - 2010-12-12 12:58 - 000131584 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Rainlendar2\wxbase28u_xml_vc_rny.dll
2010-12-12 12:57 - 2010-12-12 12:57 - 000707584 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Rainlendar2\wxmsw28u_adv_vc_rny.dll
2010-12-12 12:57 - 2010-12-12 12:57 - 002633216 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Rainlendar2\wxmsw28u_core_vc_rny.dll
2010-12-12 12:57 - 2010-12-12 12:57 - 000485376 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Rainlendar2\wxmsw28u_html_vc_rny.dll
2010-12-12 12:58 - 2010-12-12 12:58 - 000502784 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Rainlendar2\wxmsw28u_xrc_vc_rny.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-11-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-21] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-895565649-3931333595-811618271-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\acco5\Desktop\white_flowers_nature_plants-21425.jpg!d.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-895565649-3931333595-811618271-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4D71EE77-6CBD-48A8-A21F-E2EB877965E6}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.5.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{4E23DFAD-87AE-4721-8383-F59B91DA4A7E}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.5.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{9F3550D8-F22E-4685-9789-8E16B9AF85AD}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.5.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{4C138621-0EAC-4FB8-B2AF-C7A2B99CA17C}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.5.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{B25F42FC-B892-48E9-98C5-8D364EC78F4A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{51D2BE98-9E59-489D-ADB2-DD3198C15E24}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{06A16F9A-022F-4337-8CEA-EB3BBEDE8AC5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8F66AB5F-F5CF-4FFE-95B0-97F14239175D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{17E6E1DB-6811-46A9-9D95-6FF0F770842A}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTEK COMPUTER INCORPORATION -> )
FirewallRules: [{A476B622-4E44-4FA0-8B1E-3984980C05AF}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{15E5C64C-D0C1-42AC-B54B-87414F296814}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{0ABC14FF-2DD3-4306-B489-6815B4D35391}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{290CFDAB-452B-4756-8486-CE1697ADB12F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{78223492-85A2-4C09-8B02-8F05A70674EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{221E9954-E8A6-4AD5-B0E2-8305A673B1FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2B07C2C0-3BEE-4BE4-A94E-44F581AD28A1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6D1214D2-3A49-4047-9F79-485FC62A24F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ACCA6159-C91A-4E60-AD8B-C49343D5A97D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1AFFF290-FB7F-441F-ADCF-83FC80F3C467}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A3DFA536-FC3E-432B-B530-7D8AADF09EF3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\105.0.1343.33\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{74AC523A-DA02-400B-8FFE-84EE96C86817}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{CACB8F62-E313-4262-9A56-34E10D0B28BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5E6228DD-7EAC-433C-8056-9EE50369209C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9EDFBAB8-439F-4EE6-944D-36300D2700C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BB9316C8-299E-4C58-AB01-807055B0FA47}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{724E5ACE-9754-4E00-880D-4DA058D6F076}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B9C0CB4C-2DD1-4E93-AAD5-54C80F863ABC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{82C83712-382E-4341-B7D5-2E69CC019281}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8FFA6781-BFDF-4D36-A76B-D0FB3D9636D8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{86A5642A-2677-4672-B769-FEB907D76DB3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F5432C84-7BAE-4701-8499-B081794565CF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8DF779F9-21CF-487B-AF6B-BF8DC74BE6B1}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{06F411FD-A26E-43A2-8BF7-F7B164A4371A}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSwitch\AsusSwitchNet.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{63B695F4-FAAB-4292-B96D-75BC2DD26A5D}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{FEB20D46-C8BA-454F-B762-6727C3BC8647}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{28F7128C-57C3-452E-B54A-8CF0A0FAA680}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{F2E53FE9-6870-4137-85FF-7CF7CBB0228D}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTEK COMPUTER INCORPORATION -> )
FirewallRules: [{A8B1E6AD-5481-4AE0-AE70-9F022E886F25}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTEK COMPUTER INCORPORATION -> )

==================== Restore Points =========================

15-09-2022 09:30:54 Windows Modules Installer

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (09/15/2022 09:47:12 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-6ODOHNQP$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep failed:

GetCACaps

Method: GET(16ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (09/15/2022 09:46:30 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (09/15/2022 09:46:30 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (09/15/2022 09:33:44 AM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (09/15/2022 09:33:44 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/14/2022 02:37:36 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (09/14/2022 02:37:36 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/12/2022 11:54:38 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-6ODOHNQP$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Mon, 12 Sep 2022 21:54:38 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 05291232-8232-4c24-9467-f80c7c308b86

Method: GET(2062ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

System errors:
=============
Error: (09/15/2022 09:49:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee WebAdvisor service failed to start due to the following error:
The system cannot find the file specified.

Error: (09/15/2022 09:48:44 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (09/15/2022 09:46:26 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-6ODOHNQP)
Description: The server Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.

Error: (09/12/2022 11:53:52 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (09/12/2022 11:53:52 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (09/13/2022 06:37:45 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server EnterpriseDeviceManagement.Service.AutoPilot.AutoPilotServer did not register with DCOM within the required timeout.

Error: (09/13/2022 06:35:15 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server EnterpriseDeviceManagement.Service.AutoPilot.AutoPilotServer did not register with DCOM within the required timeout.

Error: (09/13/2022 06:32:18 AM) (Source: WinRM) (EventID: 10142) (User: )
Description: The WinRM service cannot migrate the listener with Address * and Transport HTTP. A listener that has the same Address and Transport configuration already exists.

Windows Defender:
================Event[0]:

Date: 2022-09-12 21:46:56
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 0.0.0.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 0.0.0.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2022-09-12 21:46:56
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 0.0.0.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 0.0.0.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2022-09-12 21:46:56
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 0.0.0.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 0.0.0.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2022-09-12 21:46:56
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 0.0.0.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 0.0.0.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2022-09-12 21:46:56
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 0.0.0.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 0.0.0.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

CodeIntegrity:
===============
Date: 2022-09-15 09:38:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2022-09-15 09:38:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends International, LLC. G513IC.314 03/30/2022
Motherboard: ASUSTeK COMPUTER INC. G513IC
Processor: AMD Ryzen 7 4800H with Radeon Graphics
Percentage of memory in use: 22%
Total physical RAM: 15792.36 MB
Available physical RAM: 12250.46 MB
Total Virtual: 18736.36 MB
Available Virtual: 13453.59 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:453.5 GB) (Free:248.72 GB) (Model: HFM512GD3JX013N) (Protected) NTFS

\\?\Volume{66a3209f-eb4a-4404-8e69-a0688f1f2f8d}\ (RECOVERY) (Fixed) (Total:0.98 GB) (Free:0.09 GB) NTFS
\\?\Volume{f51f1b4c-8df5-41a8-8f65-bdf58564b60b}\ (RESTORE) (Fixed) (Total:22 GB) (Free:4.52 GB) NTFS
\\?\Volume{c59d0604-e288-4986-a06e-e17a96ca7a64}\ (MYASUS) (Fixed) (Total:0.19 GB) (Free:0.13 GB) FAT32
\\?\Volume{1b46213c-b1f2-4ef0-bf62-3e223d1cbb73}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: C0F51CB1)

Partition: GPT.

==================== End of Addition.txt =======================

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 15/09/2022
Scan Time: 10:15
Log File: 8576c100-34ce-11ed-885a-04421a85b23d.json

-Software Information-
Version: 4.5.14.210
Components Version: 1.0.1767
Update Package Version: 1.0.60079
Licence: Trial

-System Information-
OS: Windows 10 (Build 19044.1889)
CPU: x64
File System: NTFS
User: LAPTOP-6ODOHNQP\acco5

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 272967
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 0 min, 39 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)

# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-08-22.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-15-2022
# Duration: 00:00:04
# OS: Windows 10 Home
# Scanned: 32100
# Detected: 0

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

AdwCleaner[S00].txt - [1406 octets] - [15/09/2022 10:00:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Malnutrition · Sep 16, 2022

FRST Fix.

Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Data838 · Sep 16, 2022

Thank you!

Here it is

:

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-08-2022
Ran by acco5 (16-09-2022 17:04:08) Run:1
Running from C:\Users\acco5\Desktop
Loaded Profiles: acco5
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start::
CloseProcesses:
SystemRestore: On
CreateRestorePoint:
RemoveProxy:
Task: {0AD50007-EC6D-4FDB-9E44-8477F68EFD48} - \ASUS\ASUSUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {0AE1AF72-54A1-410E-AE49-BF075E4BF8AB} - \NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {0CFF93A2-CDD3-4455-BFE1-648E48C22BD6} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {2F03CB02-4709-4F5A-B384-95690AF7AF90} - \NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {38474140-144E-4A77-A88F-D83EDEDF0C03} - \Microsoft\Windows\PLA\074C0539-0999-4DA9-9D0D-3D016B62F4E9 -> No File <==== ATTENTION
Task: {45D05489-620F-4B03-B2E7-134E01F13A63} - \ASUS\AcPowerNotification -> No File <==== ATTENTION
Task: {4680A8DF-7B63-403E-ABB1-3FA7B77DE631} - \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan -> No File <==== ATTENTION
Task: {559B0F92-63C4-4001-AE5E-A650091C71B8} - \Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance -> No File <==== ATTENTION
Task: {619FCF0D-C591-4E5C-ADC4-F5F036309425} - \ASUSSmartDisplayControl -> No File <==== ATTENTION
Task: {6CBEF361-EE00-46F9-B3B8-D803788F07C8} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
Task: {6FAE8AED-1808-4A26-AEA5-1567BB116B11} - \OneDrive Standalone Update Task-S-1-5-21-3450050205-251663859-3830464247-500 -> No File <==== ATTENTION
Task: {7193886A-4BD5-49D5-BEA9-E4CB5CC9E9A3} - \ASUS\P508PowerAgent_sdk -> No File <==== ATTENTION
Task: {8ACB53D9-7A3B-41B2-8448-52A927F42C4E} - \Microsoft\Windows\Setup\SetupCleanupTask -> No File <==== ATTENTION
Task: {914A6F9F-239E-423A-BD17-7A65EC9BCBD3} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {94B7956D-18E0-44A3-8DEB-5E5E35BC7648} - \NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {BA120A06-6336-4323-BECD-09FA68CB1323} - \ASUS\ArmourySocketServer -> No File <==== ATTENTION
Task: {CABCE4BD-C389-47CC-AC81-EFA68D7AF9A5} - \NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {DB1218E6-F693-4F20-BC36-E62D6CB63AB4} - \Microsoft\Windows\Windows Defender\Windows Defender Cleanup -> No File <==== ATTENTION
Task: {DFC7A941-644D-4B29-A90E-E4BE1FFB403C} - \NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {E2A23218-3113-4A83-A136-BA85E48699AA} - \NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {E559FBB0-7370-4985-90DD-5D6B10DFC5F1} - \Microsoft\Windows\Windows Defender\Windows Defender Verification -> No File <==== ATTENTION
Task: {E67130FC-19FB-44BD-8F25-4F517976AF27} - \Microsoft\Windows\PLA\AsusLinkNear -> No File <==== ATTENTION
Task: {EBD59F28-2D7F-4EB4-8AF4-93DCA358950F} - \NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {FDA04152-4F09-4471-A5EA-7E3565D984A2} - \NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
2022-09-12 23:57 - 2022-09-15 09:46 - 000000000 ____D C:\Users\acco5\AppData\Local\Avast Software
2022-09-12 23:51 - 2022-09-15 09:46 - 000000000 ____D C:\ProgramData\Avast Software
(sihost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5a894077.mcafeesecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(svchost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5a894077.mcafeesecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
cmd: net stop bits
Move: C:\ProgramData\Microsoft\Network\Downloader\qmgr*.db C:\ProgramData\Microsoft\Network\Downloader\qmgr*.db.old
cmd: net start bits
cmd: bitsadmin /list /allusers
CMD: "%WINDIR%\SYSTEM32\lodctr.exe /R"
CMD: "%WINDIR%\SysWOW64\lodctr.exe /R"
CMD: "C:\Windows\SYSTEM32\lodctr.exe /R"
CMD: "C:\Windows\SysWOW64\lodctr.exe /R"
CMD: sc stop sysmain
CMD: sc config sysmain start= disabled
CMD: sc stop DiagTrack
CMD: sc config DiagTrack start= disabled
CMD: sc stop dmwappushservice
CMD: sc config dmwappushservice start= disabled
CMD: del /f /s /q %windir%\prefetch\*.*
CMD: del /s /q C:\Windows\SoftwareDistribution\download\*.*
CMD: del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*"
CMD: del /s /q "%userprofile%\AppData\Local\temp\*.*"
CMD: ipconfig /flushdns
C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
emptytemp:
Reboot:
End::
*****************

Processes closed successfully.
SystemRestore: On => completed
Restore point was successfully created.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-895565649-3931333595-811618271-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully

========= End of RemoveProxy: =========

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0AD50007-EC6D-4FDB-9E44-8477F68EFD48}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AD50007-EC6D-4FDB-9E44-8477F68EFD48}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\ASUSUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0AE1AF72-54A1-410E-AE49-BF075E4BF8AB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AE1AF72-54A1-410E-AE49-BF075E4BF8AB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0CFF93A2-CDD3-4455-BFE1-648E48C22BD6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0CFF93A2-CDD3-4455-BFE1-648E48C22BD6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F03CB02-4709-4F5A-B384-95690AF7AF90}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F03CB02-4709-4F5A-B384-95690AF7AF90}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38474140-144E-4A77-A88F-D83EDEDF0C03}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38474140-144E-4A77-A88F-D83EDEDF0C03}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\PLA\074C0539-0999-4DA9-9D0D-3D016B62F4E9" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{45D05489-620F-4B03-B2E7-134E01F13A63}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45D05489-620F-4B03-B2E7-134E01F13A63}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\AcPowerNotification" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4680A8DF-7B63-403E-ABB1-3FA7B77DE631}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4680A8DF-7B63-403E-ABB1-3FA7B77DE631}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{559B0F92-63C4-4001-AE5E-A650091C71B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{559B0F92-63C4-4001-AE5E-A650091C71B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{619FCF0D-C591-4E5C-ADC4-F5F036309425}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{619FCF0D-C591-4E5C-ADC4-F5F036309425}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUSSmartDisplayControl" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{6CBEF361-EE00-46F9-B3B8-D803788F07C8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6CBEF361-EE00-46F9-B3B8-D803788F07C8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Management\Provisioning\PostResetBoot" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6FAE8AED-1808-4A26-AEA5-1567BB116B11}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6FAE8AED-1808-4A26-AEA5-1567BB116B11}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-3450050205-251663859-3830464247-500" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7193886A-4BD5-49D5-BEA9-E4CB5CC9E9A3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7193886A-4BD5-49D5-BEA9-E4CB5CC9E9A3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\P508PowerAgent_sdk" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8ACB53D9-7A3B-41B2-8448-52A927F42C4E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8ACB53D9-7A3B-41B2-8448-52A927F42C4E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\SetupCleanupTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{914A6F9F-239E-423A-BD17-7A65EC9BCBD3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{914A6F9F-239E-423A-BD17-7A65EC9BCBD3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{94B7956D-18E0-44A3-8DEB-5E5E35BC7648}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94B7956D-18E0-44A3-8DEB-5E5E35BC7648}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BA120A06-6336-4323-BECD-09FA68CB1323}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA120A06-6336-4323-BECD-09FA68CB1323}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\ArmourySocketServer" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CABCE4BD-C389-47CC-AC81-EFA68D7AF9A5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CABCE4BD-C389-47CC-AC81-EFA68D7AF9A5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB1218E6-F693-4F20-BC36-E62D6CB63AB4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB1218E6-F693-4F20-BC36-E62D6CB63AB4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Cleanup" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DFC7A941-644D-4B29-A90E-E4BE1FFB403C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFC7A941-644D-4B29-A90E-E4BE1FFB403C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2A23218-3113-4A83-A136-BA85E48699AA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2A23218-3113-4A83-A136-BA85E48699AA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E559FBB0-7370-4985-90DD-5D6B10DFC5F1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E559FBB0-7370-4985-90DD-5D6B10DFC5F1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Verification" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E67130FC-19FB-44BD-8F25-4F517976AF27}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E67130FC-19FB-44BD-8F25-4F517976AF27}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\PLA\AsusLinkNear" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EBD59F28-2D7F-4EB4-8AF4-93DCA358950F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EBD59F28-2D7F-4EB4-8AF4-93DCA358950F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FDA04152-4F09-4471-A5EA-7E3565D984A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDA04152-4F09-4471-A5EA-7E3565D984A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
HKLM\System\CurrentControlSet\Services\McAfee WebAdvisor => removed successfully
McAfee WebAdvisor => service removed successfully
C:\Users\acco5\AppData\Local\Avast Software => moved successfully
C:\ProgramData\Avast Software => moved successfully
C:\Program Files\WindowsApps\5a894077.mcafeesecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe => No running process found
C:\Program Files\WindowsApps\5a894077.mcafeesecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe => No running process found
McAfee WebAdvisor => service not found.

========= net stop bits =========

The Background Intelligent Transfer Service service is stopping..
The Background Intelligent Transfer Service service was stopped successfully.

========= End of CMD: =========

"C:\ProgramData\Microsoft\Network\Downloader\qmgr*.db" moved successfully to C:\ProgramData\Microsoft\Network\Downloader\qmgr*.db.old

========= net start bits =========

The Background Intelligent Transfer Service service is starting.
The Background Intelligent Transfer Service service was started successfully.

========= End of CMD: =========

========= bitsadmin /list /allusers =========

BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Listed 0 job(s).

========= End of CMD: =========

========= "%WINDIR%\SYSTEM32\lodctr.exe /R" =========

Error: Unable to rebuild performance counter setting from system backup store, error code is 2
========= End of CMD: =========

========= "%WINDIR%\SysWOW64\lodctr.exe /R" =========

Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========

========= "C:\Windows\SYSTEM32\lodctr.exe /R" =========

Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========

========= "C:\Windows\SysWOW64\lodctr.exe /R" =========

Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========

========= sc stop sysmain =========

SERVICE_NAME: sysmain
TYPE : 30 WIN32
STATE : 3 STOP_PENDING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x2710

========= End of CMD: =========

========= sc config sysmain start= disabled =========

[SC] ChangeServiceConfig SUCCESS

========= End of CMD: =========

========= sc stop DiagTrack =========

SERVICE_NAME: DiagTrack
TYPE : 10 WIN32_OWN_PROCESS
STATE : 3 STOP_PENDING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_PRESHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x3
WAIT_HINT : 0x0

========= End of CMD: =========

========= sc config DiagTrack start= disabled =========

[SC] ChangeServiceConfig SUCCESS

========= End of CMD: =========

========= sc stop dmwappushservice =========

[SC] ControlService FAILED 1062:

The service has not been started.

========= End of CMD: =========

========= sc config dmwappushservice start= disabled =========

[SC] ChangeServiceConfig SUCCESS

========= End of CMD: =========

========= del /f /s /q %windir%\prefetch\*.* =========

Deleted file - C:\WINDOWS\prefetch\AACNBDTSETUP.EXE-F606F8EA.pf
Deleted file - C:\WINDOWS\prefetch\ACCIMONITOR.EXE-F938D1E5.pf
Deleted file - C:\WINDOWS\prefetch\ADWCLEANER.EXE-5183E42E.pf
Deleted file - C:\WINDOWS\prefetch\ADWCLEANER.EXE-DB3A2910.pf
Deleted file - C:\WINDOWS\prefetch\ALERTHOST.EXE-61C79FD9.pf
Deleted file - C:\WINDOWS\prefetch\ALERTMANAGERREG.EXE-A7BE6478.pf
Deleted file - C:\WINDOWS\prefetch\ALERTPLUGINREGISTER.EXE-B491883F.pf
Deleted file - C:\WINDOWS\prefetch\AMCINST.EXE-5753A555.pf
Deleted file - C:\WINDOWS\prefetch\AM_BASE.EXE-3F70DC95.pf
Deleted file - C:\WINDOWS\prefetch\AM_DELTA.EXE-78CA83B0.pf
Deleted file - C:\WINDOWS\prefetch\AM_ENGINE.EXE-F1C956E4.pf
Deleted file - C:\WINDOWS\prefetch\APPLICATIONFRAMEHOST.EXE-8CE9A1EE.pf
Deleted file - C:\WINDOWS\prefetch\ARMOURYCRATE.APPSERVICEBRIDGE-C317A2DD.pf
Deleted file - C:\WINDOWS\prefetch\ARMOURYCRATE.EXE-7ECFE09D.pf
Deleted file - C:\WINDOWS\prefetch\ARMOURYCRATE.USERSESSIONHELPE-1BA7E1E1.pf
Deleted file - C:\WINDOWS\prefetch\ARMOURYCRATEKEYCONTROL.EXE-077DDC65.pf
Deleted file - C:\WINDOWS\prefetch\ASCHECKASCI.EXE-985A170F.pf
Deleted file - C:\WINDOWS\prefetch\ASUSCERTSERVICE.EXE-2F6AC3B4.pf
Deleted file - C:\WINDOWS\prefetch\ASUSHOTKEY.EXE-C101708B.pf
Deleted file - C:\WINDOWS\prefetch\ASUSKEYBOARDHOST.EXE-98C3FD8D.pf
Deleted file - C:\WINDOWS\prefetch\ASUSLINKWP2P.EXE-D66CB1A3.pf
Deleted file - C:\WINDOWS\prefetch\ASUSOPTIMIZATIONSTARTUPTASK.E-BBB41BC8.pf
Deleted file - C:\WINDOWS\prefetch\ASUSOSD.EXE-7D7B893D.pf
Deleted file - C:\WINDOWS\prefetch\ASUSSMARTDISPLAYCONTROL.EXE-B3CD5F5A.pf
Deleted file - C:\WINDOWS\prefetch\ASUSSOFTWAREMANAGERAGENT.EXE-9F9331EB.pf
Deleted file - C:\WINDOWS\prefetch\ASUSSPLENDID.EXE-94F2F12E.pf
Deleted file - C:\WINDOWS\prefetch\ASUSSYSTEMANALYSIS.EXE-9532A0DE.pf
Deleted file - C:\WINDOWS\prefetch\ASUSUPDATE.EXE-C5D92B78.pf
Deleted file - C:\WINDOWS\prefetch\ASWIDSAGENT.EXE-49D93A96.pf
Deleted file - C:\WINDOWS\prefetch\ASWOFFERTOOL.EXE-103B9FA8.pf
Deleted file - C:\WINDOWS\prefetch\ASWOFFERTOOL.EXE-90180C34.pf
Deleted file - C:\WINDOWS\prefetch\ASWRUNDLL.EXE-C4FAFF28.pf
Deleted file - C:\WINDOWS\prefetch\ASWTOOLSSVC.EXE-96B32844.pf
Deleted file - C:\WINDOWS\prefetch\AUDIODG.EXE-AB22E9A6.pf
Deleted file - C:\WINDOWS\prefetch\AVASTNM.EXE-A097FF9E.pf
Deleted file - C:\WINDOWS\prefetch\AVASTSVC.EXE-CBA6876B.pf
Deleted file - C:\WINDOWS\prefetch\AVASTUI.EXE-19622E35.pf
Deleted file - C:\WINDOWS\prefetch\AVASTUI.EXE-19622E36.pf
Deleted file - C:\WINDOWS\prefetch\AVASTUI.EXE-19622E37.pf
Deleted file - C:\WINDOWS\prefetch\AVASTUI.EXE-19622E3D.pf
Deleted file - C:\WINDOWS\prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-233451AE.pf
Deleted file - C:\WINDOWS\prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-B3E368A1.pf
Deleted file - C:\WINDOWS\prefetch\AVBUGREPORT.EXE-90230411.pf
Deleted file - C:\WINDOWS\prefetch\AVDUMP.EXE-88F67075.pf
Deleted file - C:\WINDOWS\prefetch\AVEMUPDATE.EXE-A47D4A28.pf
Deleted file - C:\WINDOWS\prefetch\BACKGROUNDTASKHOST.EXE-05A8BF9D.pf
Deleted file - C:\WINDOWS\prefetch\BACKGROUNDTASKHOST.EXE-375FE866.pf
Deleted file - C:\WINDOWS\prefetch\BACKGROUNDTASKHOST.EXE-7165C35C.pf
Deleted file - C:\WINDOWS\prefetch\BACKGROUNDTASKHOST.EXE-F5292CA0.pf
Deleted file - C:\WINDOWS\prefetch\BACKGROUNDTRANSFERHOST.EXE-07EA5F06.pf
Deleted file - C:\WINDOWS\prefetch\BCDEDIT.EXE-FE221428.pf
Deleted file - C:\WINDOWS\prefetch\BDEUISRV.EXE-7BC33651.pf
Deleted file - C:\WINDOWS\prefetch\BITSADMIN.EXE-61856B04.pf
Deleted file - C:\WINDOWS\prefetch\BYTECODEGENERATOR.EXE-FB938A53.pf
Deleted file - C:\WINDOWS\prefetch\cadrespri.7db
Deleted file - C:\WINDOWS\prefetch\CEFREG.EXE-80317DAE.pf
Deleted file - C:\WINDOWS\prefetch\CERTUTIL.EXE-28F1E0C1.pf
Deleted file - C:\WINDOWS\prefetch\CHECKNETISOLATION.EXE-B39F2C30.pf
Deleted file - C:\WINDOWS\prefetch\CHROMIUMCONTAINERREG.EXE-DA46C958.pf
Deleted file - C:\WINDOWS\prefetch\CHXSMARTSCREEN.EXE-061DFBA0.pf
Deleted file - C:\WINDOWS\prefetch\CLIENTANALYTICSREG.EXE-21863748.pf
Deleted file - C:\WINDOWS\prefetch\CMD.EXE-0BD30981.pf
Deleted file - C:\WINDOWS\prefetch\CMD.EXE-6D6290C5.pf
Deleted file - C:\WINDOWS\prefetch\COMPATTELRUNNER.EXE-B7A68ECC.pf
Deleted file - C:\WINDOWS\prefetch\CONFIGHELPER.EXE-89E2B6A1.pf
Deleted file - C:\WINDOWS\prefetch\CONHOST.EXE-0C6456FB.pf
Deleted file - C:\WINDOWS\prefetch\CONSENT.EXE-40419367.pf
Deleted file - C:\WINDOWS\prefetch\CREDENTIALUIBROKER.EXE-8CEDA3EB.pf
Deleted file - C:\WINDOWS\prefetch\DADUPDATER.EXE-A3DA1233.pf
Deleted file - C:\WINDOWS\prefetch\DBINSTALLER.EXE-217768FE.pf
Deleted file - C:\WINDOWS\prefetch\DEVCON_X64.EXE-090A0522.pf
Deleted file - C:\WINDOWS\prefetch\DISMHOST.EXE-8973BCA3.pf
Deleted file - C:\WINDOWS\prefetch\DLLHOST.EXE-077D6084.pf
Deleted file - C:\WINDOWS\prefetch\DLLHOST.EXE-0BCCFE33.pf
Deleted file - C:\WINDOWS\prefetch\DLLHOST.EXE-1BAE06BB.pf
Deleted file - C:\WINDOWS\prefetch\DLLHOST.EXE-47BE07DC.pf
Deleted file - C:\WINDOWS\prefetch\DLLHOST.EXE-6F625E57.pf
Deleted file - C:\WINDOWS\prefetch\DLLHOST.EXE-7617EDA2.pf
Deleted file - C:\WINDOWS\prefetch\DLLHOST.EXE-7D5CE0CA.pf
Deleted file - C:\WINDOWS\prefetch\DLLHOST.EXE-810B6BBE.pf
Deleted file - C:\WINDOWS\prefetch\DLLHOST.EXE-BAC16BA4.pf
Deleted file - C:\WINDOWS\prefetch\DLLHOST.EXE-C4E575FD.pf
Deleted file - C:\WINDOWS\prefetch\DLLHOST.EXE-D200FEC3.pf
Deleted file - C:\WINDOWS\prefetch\DLLHOST.EXE-D52C49C5.pf
Deleted file - C:\WINDOWS\prefetch\DLLHOST.EXE-F380896B.pf
Deleted file - C:\WINDOWS\prefetch\DLLHOST.EXE-F7FC6593.pf
Deleted file - C:\WINDOWS\prefetch\DLLHOST.EXE-FD157D10.pf
Deleted file - C:\WINDOWS\prefetch\DRVINST.EXE-39D9EAC7.pf
Deleted file - C:\WINDOWS\prefetch\DSMUSERTASK.EXE-853A6893.pf
Deleted file - C:\WINDOWS\prefetch\dynrespri.7db
Deleted file - C:\WINDOWS\prefetch\ENGSUP.EXE-157960DA.pf
Deleted file - C:\WINDOWS\prefetch\ENGSUP.EXE-4BB060A4.pf
Deleted file - C:\WINDOWS\prefetch\ENGSUP.EXE-F82C1D67.pf
Deleted file - C:\WINDOWS\prefetch\EXPLORER.EXE-D5E97654.pf
Deleted file - C:\WINDOWS\prefetch\FILECOAUTH.EXE-C06305F6.pf
Deleted file - C:\WINDOWS\prefetch\FILECOAUTH.EXE-F2767FF1.pf
Deleted file - C:\WINDOWS\prefetch\FILEOPERATOR.EXE-E502074F.pf
Deleted file - C:\WINDOWS\prefetch\FIREFOX INSTALLER.EXE-5ABF7067.pf
Deleted file - C:\WINDOWS\prefetch\FIREFOX.EXE-66015FD1.pf
Deleted file - C:\WINDOWS\prefetch\FIRESVC.EXE-317443A8.pf
Deleted file - C:\WINDOWS\prefetch\FIRSTLOGONANIM.EXE-FA0BF656.pf
Deleted file - C:\WINDOWS\prefetch\FRST64.EXE-43572EA5.pf
Deleted file - C:\WINDOWS\prefetch\FRST64.EXE-7A77C050.pf
Deleted file - C:\WINDOWS\prefetch\GAMEBAR.EXE-FCA42608.pf
Deleted file - C:\WINDOWS\prefetch\GAMESDK.EXE-852FA093.pf
Deleted file - C:\WINDOWS\prefetch\GEEK.EXE-6759E004.pf
Deleted file - C:\WINDOWS\prefetch\GEEK64.EXE-673ABD43.pf
Deleted file - C:\WINDOWS\prefetch\GPU POWER SAVING.EXE-66A560D7.pf
Deleted file - C:\WINDOWS\prefetch\ICACLS.EXE-CCAC2A58.pf
Deleted file - C:\WINDOWS\prefetch\IDENTITY_HELPER.EXE-5EE101B7.pf
Deleted file - C:\WINDOWS\prefetch\IG-0.EXE-7F50B692.pf
Deleted file - C:\WINDOWS\prefetch\IG-1.EXE-92A67117.pf
Deleted file - C:\WINDOWS\prefetch\IG-10.EXE-B582B86F.pf
Deleted file - C:\WINDOWS\prefetch\IG-11.EXE-C8D872F4.pf
Deleted file - C:\WINDOWS\prefetch\IG-12.EXE-DC2E2D79.pf
Deleted file - C:\WINDOWS\prefetch\IG-13.EXE-EF83E7FE.pf
Deleted file - C:\WINDOWS\prefetch\IG-14.EXE-02D9A283.pf
Deleted file - C:\WINDOWS\prefetch\IG-15.EXE-162F5D08.pf
Deleted file - C:\WINDOWS\prefetch\IG-16.EXE-2985178D.pf
Deleted file - C:\WINDOWS\prefetch\IG-17.EXE-3CDAD212.pf
Deleted file - C:\WINDOWS\prefetch\IG-18.EXE-50308C97.pf
Deleted file - C:\WINDOWS\prefetch\IG-19.EXE-6386471C.pf
Deleted file - C:\WINDOWS\prefetch\IG-2.EXE-A5FC2B9C.pf
Deleted file - C:\WINDOWS\prefetch\IG-20.EXE-1AF529AC.pf
Deleted file - C:\WINDOWS\prefetch\IG-21.EXE-2E4AE431.pf
Deleted file - C:\WINDOWS\prefetch\IG-22.EXE-41A09EB6.pf
Deleted file - C:\WINDOWS\prefetch\IG-23.EXE-54F6593B.pf
Deleted file - C:\WINDOWS\prefetch\IG-24.EXE-684C13C0.pf
Deleted file - C:\WINDOWS\prefetch\IG-25.EXE-7BA1CE45.pf
Deleted file - C:\WINDOWS\prefetch\IG-26.EXE-8EF788CA.pf
Deleted file - C:\WINDOWS\prefetch\IG-27.EXE-A24D434F.pf
Deleted file - C:\WINDOWS\prefetch\IG-28.EXE-B5A2FDD4.pf
Deleted file - C:\WINDOWS\prefetch\IG-29.EXE-C8F8B859.pf
Deleted file - C:\WINDOWS\prefetch\IG-3.EXE-B951E621.pf
Deleted file - C:\WINDOWS\prefetch\IG-30.EXE-80679AE9.pf
Deleted file - C:\WINDOWS\prefetch\IG-31.EXE-93BD556E.pf
Deleted file - C:\WINDOWS\prefetch\IG-32.EXE-A7130FF3.pf
Deleted file - C:\WINDOWS\prefetch\IG-33.EXE-BA68CA78.pf
Deleted file - C:\WINDOWS\prefetch\IG-34.EXE-CDBE84FD.pf
Deleted file - C:\WINDOWS\prefetch\IG-35.EXE-E1143F82.pf
Deleted file - C:\WINDOWS\prefetch\IG-36.EXE-F469FA07.pf
Deleted file - C:\WINDOWS\prefetch\IG-37.EXE-07BFB48C.pf
Deleted file - C:\WINDOWS\prefetch\IG-38.EXE-1B156F11.pf
Deleted file - C:\WINDOWS\prefetch\IG-39.EXE-2E6B2996.pf
Deleted file - C:\WINDOWS\prefetch\IG-4.EXE-CCA7A0A6.pf
Deleted file - C:\WINDOWS\prefetch\IG-40.EXE-E5DA0C26.pf
Deleted file - C:\WINDOWS\prefetch\IG-41.EXE-F92FC6AB.pf
Deleted file - C:\WINDOWS\prefetch\IG-42.EXE-0C858130.pf
Deleted file - C:\WINDOWS\prefetch\IG-43.EXE-1FDB3BB5.pf
Deleted file - C:\WINDOWS\prefetch\IG-44.EXE-3330F63A.pf
Deleted file - C:\WINDOWS\prefetch\IG-45.EXE-4686B0BF.pf
Deleted file - C:\WINDOWS\prefetch\IG-46.EXE-59DC6B44.pf
Deleted file - C:\WINDOWS\prefetch\IG-47.EXE-6D3225C9.pf
Deleted file - C:\WINDOWS\prefetch\IG-48.EXE-8087E04E.pf
Deleted file - C:\WINDOWS\prefetch\IG-49.EXE-93DD9AD3.pf
Deleted file - C:\WINDOWS\prefetch\IG-5.EXE-DFFD5B2B.pf
Deleted file - C:\WINDOWS\prefetch\IG-6.EXE-F35315B0.pf
Deleted file - C:\WINDOWS\prefetch\IG-7.EXE-06A8D035.pf
Deleted file - C:\WINDOWS\prefetch\IG-8.EXE-19FE8ABA.pf
Deleted file - C:\WINDOWS\prefetch\IG-9.EXE-2D54453F.pf
Deleted file - C:\WINDOWS\prefetch\IG.EXE-B773B179.pf
Deleted file - C:\WINDOWS\prefetch\IG.EXE-F242F87F.pf
Deleted file - C:\WINDOWS\prefetch\INSTUP.EXE-7F4AC2E8.pf
Deleted file - C:\WINDOWS\prefetch\INSTUP.EXE-A53FB69B.pf
Deleted file - C:\WINDOWS\prefetch\INSTUP.EXE-DCA24DB4.pf
Deleted file - C:\WINDOWS\prefetch\INTEGRATOR.EXE-873C4A60.pf
Deleted file - C:\WINDOWS\prefetch\ISBEW64.EXE-C74829E1.pf
Deleted file - C:\WINDOWS\prefetch\LAUNCH.EXE-1B621CBE.pf
Deleted file - C:\WINDOWS\prefetch\Layout.ini
Deleted file - C:\WINDOWS\prefetch\LOCKAPP.EXE-ACD69F07.pf
Deleted file - C:\WINDOWS\prefetch\LODCTR.EXE-21DD01F9.pf
Deleted file - C:\WINDOWS\prefetch\LODCTR.EXE-57DC4D95.pf
Deleted file - C:\WINDOWS\prefetch\LOGMAN.EXE-10F10B53.pf
Deleted file - C:\WINDOWS\prefetch\LOGONUI.EXE-F639BD7E.pf
Deleted file - C:\WINDOWS\prefetch\MBAM.EXE-728D2E12.pf
Deleted file - C:\WINDOWS\prefetch\MBAMINSTALLERSERVICE.EXE-F0636C85.pf
Deleted file - C:\WINDOWS\prefetch\MBAMSERVICE.EXE-1DD79AE7.pf
Deleted file - C:\WINDOWS\prefetch\MBAMTRAY.EXE-08C66B4A.pf
Deleted file - C:\WINDOWS\prefetch\MBAMWSC.EXE-2DADCD3B.pf
Deleted file - C:\WINDOWS\prefetch\MBSETUP-37335.37335.EXE-58FBE361.pf
Deleted file - C:\WINDOWS\prefetch\MBSETUP.EXE-84DDBE32.pf
Deleted file - C:\WINDOWS\prefetch\MBUPDATRV5.EXE-889B13E5.pf
Deleted file - C:\WINDOWS\prefetch\MCAFEE-SECURITY-FT.EXE-BCD081D5.pf
Deleted file - C:\WINDOWS\prefetch\MCAGENT.EXE-E4C61513.pf
Deleted file - C:\WINDOWS\prefetch\MCAMTASKAGENT.EXE-C0AE07E6.pf
Deleted file - C:\WINDOWS\prefetch\MCAPEXE.EXE-5E01A462.pf
Deleted file - C:\WINDOWS\prefetch\MCAUTOREG.EXE-FB07ADD1.pf
Deleted file - C:\WINDOWS\prefetch\MCAWFWK.EXE-E3B7E286.pf
Deleted file - C:\WINDOWS\prefetch\MCBOOTSVCSET.EXE-F79883AF.pf
Deleted file - C:\WINDOWS\prefetch\MCCBENTANDINSTRU.EXE-BD45A7F2.pf
Deleted file - C:\WINDOWS\prefetch\MCCSPSERVICEHOST.EXE-D0108F6A.pf
Deleted file - C:\WINDOWS\prefetch\MCCSPUNINSTALL.EXE-66156BC9.pf
Deleted file - C:\WINDOWS\prefetch\MCCSPUNINSTALL.EXE-F229863A.pf
Deleted file - C:\WINDOWS\prefetch\MCHOST.EXE-80DC0554.pf
Deleted file - C:\WINDOWS\prefetch\MCINFO.EXE-6C8252E7.pf
Deleted file - C:\WINDOWS\prefetch\MCINST.EXE-A701358C.pf
Deleted file - C:\WINDOWS\prefetch\MCINST.EXE-C5518D5B.pf
Deleted file - C:\WINDOWS\prefetch\MCINSTRU.EXE-2A42CDBC.pf
Deleted file - C:\WINDOWS\prefetch\MCOCROLLBACK.EXE-859500FC.pf
Deleted file - C:\WINDOWS\prefetch\MCOOBEFIX.EXE-7AD2A661.pf
Deleted file - C:\WINDOWS\prefetch\MCPLTCMD.EXE-0FA9B681.pf
Deleted file - C:\WINDOWS\prefetch\MCSVRCNT.EXE-4914669B.pf
Deleted file - C:\WINDOWS\prefetch\MCSYNC.EXE-9D7C7E1C.pf
Deleted file - C:\WINDOWS\prefetch\MCUICNT.EXE-98D75864.pf
Deleted file - C:\WINDOWS\prefetch\MCUIHOST.EXE-E190089F.pf
Deleted file - C:\WINDOWS\prefetch\MCUPDATE.EXE-8E5BB827.pf
Deleted file - C:\WINDOWS\prefetch\MCUPDATEMGR.EXE-81DD6C33.pf
Deleted file - C:\WINDOWS\prefetch\MCUPDUTL.EXE-B5005F9C.pf
Deleted file - C:\WINDOWS\prefetch\MCVSCINS.EXE-8A7E6E71.pf
Deleted file - C:\WINDOWS\prefetch\MCVSMAP.EXE-045553DA.pf
Deleted file - C:\WINDOWS\prefetch\MCVSSHLD.EXE-218003AB.pf
Deleted file - C:\WINDOWS\prefetch\MESSAGINGSDKREG.EXE-8080CE17.pf
Deleted file - C:\WINDOWS\prefetch\MFEAMCIN.EXE-3655D2D2.pf
Deleted file - C:\WINDOWS\prefetch\MFEAVSVC.EXE-AF06204E.pf
Deleted file - C:\WINDOWS\prefetch\MFEBROWSERHOST.EXE-DFC541D5.pf
Deleted file - C:\WINDOWS\prefetch\MFEEXTNSTATUSREG.EXE-96B69AE0.pf
Deleted file - C:\WINDOWS\prefetch\MFEHIDIN.EXE-D1DAEDC9.pf
Deleted file - C:\WINDOWS\prefetch\MFELAMINSTALLER.EXE-7AF5A84F.pf
Deleted file - C:\WINDOWS\prefetch\MICROSOFT.MSN.WEATHER.EXE-57683955.pf
Deleted file - C:\WINDOWS\prefetch\MICROSOFTEDGEUPDATE.EXE-7A595326.pf
Deleted file - C:\WINDOWS\prefetch\MIGHOST.EXE-9C9CEBB4.pf
Deleted file - C:\WINDOWS\prefetch\MMSSHOST.EXE-03FB6953.pf
Deleted file - C:\WINDOWS\prefetch\MMSSHOST.EXE-C81697D0.pf
Deleted file - C:\WINDOWS\prefetch\MODULECOREREG.EXE-39434D30.pf
Deleted file - C:\WINDOWS\prefetch\MODULECORESERVICE.EXE-9D318627.pf
Deleted file - C:\WINDOWS\prefetch\MODULEREGISTER.EXE-B72435DE.pf
Deleted file - C:\WINDOWS\prefetch\MOFCOMP.EXE-5225C32D.pf
Deleted file - C:\WINDOWS\prefetch\MOUSOCOREWORKER.EXE-4429AC2B.pf
Deleted file - C:\WINDOWS\prefetch\MPCMDRUN.EXE-2C9109F9.pf
Deleted file - C:\WINDOWS\prefetch\MPCMDRUN.EXE-6EACB62D.pf
Deleted file - C:\WINDOWS\prefetch\MPFALERT.EXE-3A6E8B52.pf
Deleted file - C:\WINDOWS\prefetch\MPSIGSTUB.EXE-5D0450B3.pf
Deleted file - C:\WINDOWS\prefetch\MPSIGSTUB.EXE-C2705D35.pf
Deleted file - C:\WINDOWS\prefetch\MPSIGSTUB.EXE-E6B2483B.pf
Deleted file - C:\WINDOWS\prefetch\MSCORSVW.EXE-16B291C4.pf
Deleted file - C:\WINDOWS\prefetch\MSCORSVW.EXE-8CE1A322.pf
Deleted file - C:\WINDOWS\prefetch\MSEDGE.EXE-37D25F9A.pf
Deleted file - C:\WINDOWS\prefetch\MSEDGE.EXE-37D25FA1.pf
Deleted file - C:\WINDOWS\prefetch\MSEDGE.EXE-37D25FA2.pf
Deleted file - C:\WINDOWS\prefetch\MSEDGEWEBVIEW2.EXE-37F9CB6A.pf
Deleted file - C:\WINDOWS\prefetch\MSEDGEWEBVIEW2.EXE-37F9CB6C.pf
Deleted file - C:\WINDOWS\prefetch\MSEDGEWEBVIEW2.EXE-37F9CB6D.pf
Deleted file - C:\WINDOWS\prefetch\MSEDGEWEBVIEW2.EXE-37F9CB71.pf
Deleted file - C:\WINDOWS\prefetch\MSEDGEWEBVIEW2.EXE-37F9CB72.pf
Deleted file - C:\WINDOWS\prefetch\MSGRUNNER.EXE-9C910406.pf
Deleted file - C:\WINDOWS\prefetch\MSIEXEC.EXE-8FFB1633.pf
Deleted file - C:\WINDOWS\prefetch\MSIEXEC.EXE-CDBFC0F7.pf
Deleted file - C:\WINDOWS\prefetch\MSMPENG.EXE-264AB08A.pf
Deleted file - C:\WINDOWS\prefetch\MSMPENG.EXE-558DCD36.pf
Deleted file - C:\WINDOWS\prefetch\MVSINST.EXE-028D2C23.pf
Deleted file - C:\WINDOWS\prefetch\NET.EXE-0225D674.pf
Deleted file - C:\WINDOWS\prefetch\NET.EXE-A0964F30.pf
Deleted file - C:\WINDOWS\prefetch\NET1.EXE-091D8149.pf
Deleted file - C:\WINDOWS\prefetch\NET1.EXE-509326A5.pf
Deleted file - C:\WINDOWS\prefetch\NETSH.EXE-A596235F.pf
Deleted file - C:\WINDOWS\prefetch\NGEN.EXE-4A8DA13E.pf
Deleted file - C:\WINDOWS\prefetch\NGEN.EXE-734C6620.pf
Deleted file - C:\WINDOWS\prefetch\NGENTASK.EXE-0E6CEC17.pf
Deleted file - C:\WINDOWS\prefetch\NGENTASK.EXE-849BFD75.pf
Deleted file - C:\WINDOWS\prefetch\NISSRV.EXE-09946424.pf
Deleted file - C:\WINDOWS\prefetch\NISSRV.EXE-6AC8B398.pf
Deleted file - C:\WINDOWS\prefetch\NOTEPAD.EXE-032BB3D8.pf
Deleted file - C:\WINDOWS\prefetch\NOTEPAD.EXE-C5670914.pf
Deleted file - C:\WINDOWS\prefetch\NVDISPLAY.CONTAINER.EXE-74E7BE3C.pf
Deleted file - C:\WINDOWS\prefetch\ONEDRIVE.EXE-68B6F841.pf
Deleted file - C:\WINDOWS\prefetch\OOBENETWORKCONNECTIONFLOW.EXE-ECA03BE4.pf
Deleted file - C:\WINDOWS\prefetch\Op-MSEDGE.EXE-37D25F9A-00000001.pf
Deleted file - C:\WINDOWS\prefetch\Op-SEARCHAPP.EXE-DD93808B-00000002.pf
Deleted file - C:\WINDOWS\prefetch\OVERSEER.EXE-F00DB31F.pf
Deleted file - C:\WINDOWS\prefetch\PEFHELPER.EXE-760A3120.pf
Deleted file - C:\WINDOWS\prefetch\PfPre_aa28cdfd.mkd
Deleted file - C:\WINDOWS\prefetch\PfPre_aa2993da.mkd
Deleted file - C:\WINDOWS\prefetch\PfSvPerfStats.bin
Deleted file - C:\WINDOWS\prefetch\PINGSENDER.EXE-B4914655.pf
Deleted file - C:\WINDOWS\prefetch\POWERSHELL.EXE-CA1AE517.pf
Deleted file - C:\WINDOWS\prefetch\PROTECTEDMODULEHOST.EXE-256D6C25.pf
Deleted file - C:\WINDOWS\prefetch\RAINLENDAR-2-9-ES-EN-WIN.EXE-12F4E8D3.pf
Deleted file - C:\WINDOWS\prefetch\RAINLENDAR2.EXE-930E8EB2.pf
Deleted file - C:\WINDOWS\prefetch\REG.EXE-A93A1343.pf
Deleted file - C:\WINDOWS\prefetch\REGSVR.EXE-870D3CB9.pf
Deleted file - C:\WINDOWS\prefetch\REGSVR.EXE-C06B4513.pf
Deleted file - C:\WINDOWS\prefetch\REGSVR32.EXE-03D3FB87.pf
Deleted file - C:\WINDOWS\prefetch\REGSVR32.EXE-B31EC963.pf
Deleted file - C:\WINDOWS\prefetch\ResPriHMStaticDb.ebd
Deleted file - C:\WINDOWS\prefetch\ROGLIVESERVICE.EXE-2087C948.pf
Deleted file - C:\WINDOWS\prefetch\RTKUWP.EXE-58EA5CB6.pf
Deleted file - C:\WINDOWS\prefetch\RUNDLL32.EXE-1AF61D4A.pf
Deleted file - C:\WINDOWS\prefetch\RUNDLL32.EXE-2B046BA7.pf
Deleted file - C:\WINDOWS\prefetch\RUNDLL32.EXE-34FF2A45.pf
Deleted file - C:\WINDOWS\prefetch\RUNDLL32.EXE-36D847E4.pf
Deleted file - C:\WINDOWS\prefetch\RUNDLL32.EXE-662CAAF4.pf
Deleted file - C:\WINDOWS\prefetch\RUNDLL32.EXE-6BAB4F6E.pf
Deleted file - C:\WINDOWS\prefetch\RUNDLL32.EXE-75313621.pf
Deleted file - C:\WINDOWS\prefetch\RUNDLL32.EXE-7BB99DCB.pf
Deleted file - C:\WINDOWS\prefetch\RUNDLL32.EXE-7C5D7BDB.pf
Deleted file - C:\WINDOWS\prefetch\RUNDLL32.EXE-B6E1DD18.pf
Deleted file - C:\WINDOWS\prefetch\RUNDLL32.EXE-CD12ADFF.pf
Deleted file - C:\WINDOWS\prefetch\RUNDLL32.EXE-D9B14E32.pf
Deleted file - C:\WINDOWS\prefetch\RUNONCE.EXE-FB4EF753.pf
Deleted file - C:\WINDOWS\prefetch\RUNTIMEBROKER.EXE-008667D2.pf
Deleted file - C:\WINDOWS\prefetch\RUNTIMEBROKER.EXE-19A2583B.pf
Deleted file - C:\WINDOWS\prefetch\RUNTIMEBROKER.EXE-2E55558F.pf
Deleted file - C:\WINDOWS\prefetch\RUNTIMEBROKER.EXE-37F1061D.pf
Deleted file - C:\WINDOWS\prefetch\RUNTIMEBROKER.EXE-4551A062.pf
Deleted file - C:\WINDOWS\prefetch\RUNTIMEBROKER.EXE-4A4F959C.pf
Deleted file - C:\WINDOWS\prefetch\RUNTIMEBROKER.EXE-52775CFE.pf
Deleted file - C:\WINDOWS\prefetch\RUNTIMEBROKER.EXE-56B17296.pf
Deleted file - C:\WINDOWS\prefetch\RUNTIMEBROKER.EXE-62498256.pf
Deleted file - C:\WINDOWS\prefetch\RUNTIMEBROKER.EXE-67310593.pf
Deleted file - C:\WINDOWS\prefetch\RUNTIMEBROKER.EXE-8AAD16E3.pf
Deleted file - C:\WINDOWS\prefetch\RUNTIMEBROKER.EXE-A8BE2357.pf
Deleted file - C:\WINDOWS\prefetch\RUNTIMEBROKER.EXE-BD44BA9E.pf
Deleted file - C:\WINDOWS\prefetch\RUNTIMEBROKER.EXE-C1392BD2.pf
Deleted file - C:\WINDOWS\prefetch\RUNTIMEBROKER.EXE-C49FDE10.pf
Deleted file - C:\WINDOWS\prefetch\RUNTIMEBROKER.EXE-D2EE0952.pf
Deleted file - C:\WINDOWS\prefetch\RUNTIMEBROKER.EXE-D938BA9E.pf
Deleted file - C:\WINDOWS\prefetch\SBR.EXE-921B9C38.pf
Deleted file - C:\WINDOWS\prefetch\SBR.EXE-A62395CC.pf
Deleted file - C:\WINDOWS\prefetch\SC.EXE-6C4D4413.pf
Deleted file - C:\WINDOWS\prefetch\SC.EXE-F4E1A8F7.pf
Deleted file - C:\WINDOWS\prefetch\SCHTASKS.EXE-8B6144A9.pf
Deleted file - C:\WINDOWS\prefetch\SCHTASKS.EXE-DC1676CD.pf
Deleted file - C:\WINDOWS\prefetch\SDXHELPER.EXE-832215EB.pf
Deleted file - C:\WINDOWS\prefetch\SEARCHAPP.EXE-F7220F7E.pf
Deleted file - C:\WINDOWS\prefetch\SEARCHFILTERHOST.EXE-44162447.pf
Deleted file - C:\WINDOWS\prefetch\SEARCHINDEXER.EXE-1CF42BC6.pf
Deleted file - C:\WINDOWS\prefetch\SEARCHPROTOCOLHOST.EXE-69C456C3.pf
Deleted file - C:\WINDOWS\prefetch\SECHEALTHUI.EXE-FAB65C18.pf
Deleted file - C:\WINDOWS\prefetch\SECURITYHEALTHHOST.EXE-06344EE9.pf
Deleted file - C:\WINDOWS\prefetch\SECURITYHEALTHSERVICE.EXE-91B5FB98.pf
Deleted file - C:\WINDOWS\prefetch\SECURITYHEALTHSYSTRAY.EXE-E527A4AE.pf
Deleted file - C:\WINDOWS\prefetch\SERVICEHOST.EXE-6D39D7F5.pf
Deleted file - C:\WINDOWS\prefetch\SETUP-STUB.EXE-BA60232F.pf
Deleted file - C:\WINDOWS\prefetch\SETUP.EXE-2F0E860D.pf
Deleted file - C:\WINDOWS\prefetch\SETUP.EXE-E0C1ED09.pf
Deleted file - C:\WINDOWS\prefetch\SETUPINF.EXE-2F6F3C42.pf
Deleted file - C:\WINDOWS\prefetch\SGRMBROKER.EXE-32481FEB.pf
Deleted file - C:\WINDOWS\prefetch\SHELLEXPERIENCEHOST.EXE-4CC9062B.pf
Deleted file - C:\WINDOWS\prefetch\SIHCLIENT.EXE-98C47F6C.pf
Deleted file - C:\WINDOWS\prefetch\SLUI.EXE-3E441AEE.pf
Deleted file - C:\WINDOWS\prefetch\SMARTSCREEN.EXE-EACC1250.pf
Deleted file - C:\WINDOWS\prefetch\SPATIALAUDIOLICENSESRV.EXE-4032171B.pf
Deleted file - C:\WINDOWS\prefetch\SPPSVC.EXE-96070FE0.pf
Deleted file - C:\WINDOWS\prefetch\SRTASKS.EXE-3C9D2EEC.pf
Deleted file - C:\WINDOWS\prefetch\SUSTAINABILITYFRAMEWORKREG.EX-A7994142.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-09F4AEA4.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-117C4441.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-12266D0E.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-19B557B1.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-1B73F444.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-3D497EFC.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-4B98D760.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-4BD0A607.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-4D0E9C8C.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-4E79CC0D.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-4FBD1216.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-59780EBF.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-59D511F9.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-6867B1E5.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-73D024B2.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-764FA25C.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-7AAD9645.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-84F32335.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-852EC587.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-8E554B3D.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-9A28EB78.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-9D041ABC.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-A79A44A2.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-B18C213B.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-BE3D0421.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-C2DA4F6F.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-C38EF8DD.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-C625B657.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-C696140F.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-D2BBD1E3.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-EA46708B.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-EBBF67E6.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-F5E1DCD3.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-F952D9A9.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-FB759C0F.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-FC689811.pf
Deleted file - C:\WINDOWS\prefetch\SYSTEMSETTINGS.EXE-BE0858C5.pf
Deleted file - C:\WINDOWS\prefetch\SYSTEMSETTINGSADMINFLOWS.EXE-F74198E7.pf
Deleted file - C:\WINDOWS\prefetch\TASKHOSTW.EXE-2E5D4B75.pf
Deleted file - C:\WINDOWS\prefetch\TASKKILL.EXE-BE180FC8.pf
Deleted file - C:\WINDOWS\prefetch\TASKMGR.EXE-4C8500BA.pf
Deleted file - C:\WINDOWS\prefetch\TASKSCHEDULERREG.EXE-8D40E806.pf
Deleted file - C:\WINDOWS\prefetch\TEMPLATE.EXE-B8B7F2EF.pf
Deleted file - C:\WINDOWS\prefetch\TEXTINPUTHOST.EXE-91C3EC58.pf
Deleted file - C:\WINDOWS\prefetch\TIWORKER.EXE-38A3C1E9.pf
Deleted file - C:\WINDOWS\prefetch\TRUSTEDINSTALLER.EXE-766EFF52.pf
Deleted file - C:\WINDOWS\prefetch\UIHOST.EXE-BC7FD80E.pf
Deleted file - C:\WINDOWS\prefetch\UNINSTALLPEF.EXE-9D13858D.pf
Deleted file - C:\WINDOWS\prefetch\UNREGISTERMAPLUGIN.EXE-80B9870A.pf
Deleted file - C:\WINDOWS\prefetch\UNSECAPP.EXE-72B9DDB3.pf
Deleted file - C:\WINDOWS\prefetch\UPDATEPLATFORM.EXE-C973671D.pf
Deleted file - C:\WINDOWS\prefetch\UPDATER.EXE-254F185B.pf
Deleted file - C:\WINDOWS\prefetch\UPFC.EXE-89D4FAEB.pf
Deleted file - C:\WINDOWS\prefetch\UPGRADE.EXE-73B5D41D.pf
Deleted file - C:\WINDOWS\prefetch\USEROOBEBROKER.EXE-65584ADF.pf
Deleted file - C:\WINDOWS\prefetch\USOCLIENT.EXE-4ADC110B.pf
Deleted file - C:\WINDOWS\prefetch\VDS.EXE-2FCA9D16.pf
Deleted file - C:\WINDOWS\prefetch\VDSLDR.EXE-50179B50.pf
Deleted file - C:\WINDOWS\prefetch\VSSVC.EXE-6C8F0C66.pf
Deleted file - C:\WINDOWS\prefetch\WACMODULEREG.EXE-6C94837C.pf
Deleted file - C:\WINDOWS\prefetch\WACTOASTACTIONADAPTOR.EXE-51A41ACC.pf
Deleted file - C:\WINDOWS\prefetch\WERMGR.EXE-BE3A79B5.pf
Deleted file - C:\WINDOWS\prefetch\WEVTUTIL.EXE-1E154F39.pf
Deleted file - C:\WINDOWS\prefetch\WINSTORE.APP.EXE-72DA3071.pf
Deleted file - C:\WINDOWS\prefetch\WMIADAP.EXE-BB21CD77.pf
Deleted file - C:\WINDOWS\prefetch\WMIAPSRV.EXE-FC8436DD.pf
Deleted file - C:\WINDOWS\prefetch\WMIPRVSE.EXE-E8B8DD29.pf
Deleted file - C:\WINDOWS\prefetch\WPDSHEXTAUTOPLAY.EXE-89FFE003.pf
Deleted file - C:\WINDOWS\prefetch\WPR.EXE-5ED1C0A2.pf
Deleted file - C:\WINDOWS\prefetch\WSC_PROXY.EXE-7AD7438A.pf
Deleted file - C:\WINDOWS\prefetch\WSSNGMAMBASSADOR.EXE-6DA38C77.pf
Deleted file - C:\WINDOWS\prefetch\WUAUCLT.EXE-5D573F0E.pf
Deleted file - C:\WINDOWS\prefetch\ReadyBoot\rblayout.xin
Deleted file - C:\WINDOWS\prefetch\ReadyBoot\Trace1.fx
Deleted file - C:\WINDOWS\prefetch\ReadyBoot\Trace2.fx
Deleted file - C:\WINDOWS\prefetch\ReadyBoot\Trace3.fx
Deleted file - C:\WINDOWS\prefetch\ReadyBoot\Trace4.fx

========= End of CMD: =========

========= del /s /q C:\Windows\SoftwareDistribution\download\*.* =========

Deleted file - C:\Windows\SoftwareDistribution\download\109d63bff77d6276cc282de370699e023f5d4b7b
Deleted file - C:\Windows\SoftwareDistribution\download\45d7b8e98e22f939ed0083fe31204caa9a72fa76
Deleted file - C:\Windows\SoftwareDistribution\download\4f3e8bba3362b9186811a73fd8fe9cd28355cfe3
Deleted file - C:\Windows\SoftwareDistribution\download\809f1f45c3fee50d57a56537f765588fdb60c93e
Deleted file - C:\Windows\SoftwareDistribution\download\8b8059f6854067867824a88f7d84aa87ede69999
Deleted file - C:\Windows\SoftwareDistribution\download\910e1cd56944c6cfed5e2a08d02e7c851ee4cb72
Deleted file - C:\Windows\SoftwareDistribution\download\6e4d6ac7216286d3c4de591faf916e37\ActionList.xml
Deleted file - C:\Windows\SoftwareDistribution\download\6e4d6ac7216286d3c4de591faf916e37\compdb.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\6e4d6ac7216286d3c4de591faf916e37\DownloadList.xml
Deleted file - C:\Windows\SoftwareDistribution\download\6e4d6ac7216286d3c4de591faf916e37\DownloadList_old.xml
Deleted file - C:\Windows\SoftwareDistribution\download\6e4d6ac7216286d3c4de591faf916e37\ExeUpdateAgentDeployment.cab
Deleted file - C:\Windows\SoftwareDistribution\download\6e4d6ac7216286d3c4de591faf916e37\unifiedinstaller.exe
Deleted file - C:\Windows\SoftwareDistribution\download\6e4d6ac7216286d3c4de591faf916e37\UpdHealthTools.cab
Deleted file - C:\Windows\SoftwareDistribution\download\6e4d6ac7216286d3c4de591faf916e37\windlp.state-old.xml
Deleted file - C:\Windows\SoftwareDistribution\download\6e4d6ac7216286d3c4de591faf916e37\windlp.state.xml
Deleted file - C:\Windows\SoftwareDistribution\download\6e4d6ac7216286d3c4de591faf916e37\Logs\CapsulePublishRemediation.001.etl
Deleted file - C:\Windows\SoftwareDistribution\download\6e4d6ac7216286d3c4de591faf916e37\Metadata\compdb.xml
Deleted file - C:\Windows\SoftwareDistribution\download\6e4d6ac7216286d3c4de591faf916e37\Metadata\compdb.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\6e4d6ac7216286d3c4de591faf916e37\Metadata\DeviceInventory.xml
Deleted file - C:\Windows\SoftwareDistribution\download\6e4d6ac7216286d3c4de591faf916e37\Metadata\Dpx.dll
Deleted file - C:\Windows\SoftwareDistribution\download\6e4d6ac7216286d3c4de591faf916e37\Metadata\ExeUpdateAgent.dll
Deleted file - C:\Windows\SoftwareDistribution\download\6e4d6ac7216286d3c4de591faf916e37\Metadata\Mitigation.dll
Deleted file - C:\Windows\SoftwareDistribution\download\6e4d6ac7216286d3c4de591faf916e37\Metadata\UAOneSettings.dll
Deleted file - C:\Windows\SoftwareDistribution\download\6e4d6ac7216286d3c4de591faf916e37\Metadata\UpdateAgent.dll
Deleted file - C:\Windows\SoftwareDistribution\download\SharedFileCache\28b0573ec096c6e1b264df33de0db500f998462885e4c4f0f551a28bb68f9db8
Deleted file - C:\Windows\SoftwareDistribution\download\SharedFileCache\2cf43889d55f3b62a701d7cc770ead86ba5b6956fa1df90829ad1cfbeb6093d3
Deleted file - C:\Windows\SoftwareDistribution\download\SharedFileCache\32ba34b159dc72faa79f82398d81fe502c0490b1de7b5dd54cd27eb7fc330651
Deleted file - C:\Windows\SoftwareDistribution\download\SharedFileCache\76e9523c453d957ca72d336e6f882b969fa3f798eb2287625207f2ec4c92a8fd

========= End of CMD: =========

========= del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*" =========

The system cannot find the path specified.

========= End of CMD: =========

========= del /s /q "%userprofile%\AppData\Local\temp\*.*" =========

Deleted file - C:\Users\acco5\AppData\Local\temp\.ses
Deleted file - C:\Users\acco5\AppData\Local\temp\geek64.exe
Deleted file - C:\Users\acco5\AppData\Local\temp\LAPTOP-6ODOHNQP-20220912-2043.log
Deleted file - C:\Users\acco5\AppData\Local\temp\LAPTOP-6ODOHNQP-20220912-2132.log
Deleted file - C:\Users\acco5\AppData\Local\temp\mbsetup.log
Deleted file - C:\Users\acco5\AppData\Local\temp\Microsoft_Windows_Desktop_Runtime_-_5.0.14_(x64)_20220912204708.log
Deleted file - C:\Users\acco5\AppData\Local\temp\Microsoft_Windows_Desktop_Runtime_-_5.0.14_(x64)_20220912204708_000_dotnet_runtime_5.0.14_win_x64.msi.log
Deleted file - C:\Users\acco5\AppData\Local\temp\Microsoft_Windows_Desktop_Runtime_-_5.0.14_(x64)_20220912204708_001_dotnet_hostfxr_5.0.14_win_x64.msi.log
Deleted file - C:\Users\acco5\AppData\Local\temp\Microsoft_Windows_Desktop_Runtime_-_5.0.14_(x64)_20220912204708_002_dotnet_host_5.0.14_win_x64.msi.log
Deleted file - C:\Users\acco5\AppData\Local\temp\Microsoft_Windows_Desktop_Runtime_-_5.0.14_(x64)_20220912204708_003_windowsdesktop_runtime_5.0.14_win_x64.msi.log
Deleted file - C:\Users\acco5\AppData\Local\temp\msedge_installer.log
Deleted file - C:\Users\acco5\AppData\Local\temp\StructuredQuery.log
Deleted file - C:\Users\acco5\AppData\Local\temp\tmp-347.xpi
Deleted file - C:\Users\acco5\AppData\Local\temp\tmpaddon
Deleted file - C:\Users\acco5\AppData\Local\temp\tmpaddon-2da475
Deleted file - C:\Users\acco5\AppData\Local\temp\tmpaddon-8e9a35
Deleted file - C:\Users\acco5\AppData\Local\temp\tmpaddon-ef18be
Deleted file - C:\Users\acco5\AppData\Local\temp\wct2129.tmp
Deleted file - C:\Users\acco5\AppData\Local\temp\wct30E0.tmp
Deleted file - C:\Users\acco5\AppData\Local\temp\wct30E1.tmp
Deleted file - C:\Users\acco5\AppData\Local\temp\wct3A01.tmp
Deleted file - C:\Users\acco5\AppData\Local\temp\wct9298.tmp
Deleted file - C:\Users\acco5\AppData\Local\temp\wct94CC.tmp
Deleted file - C:\Users\acco5\AppData\Local\temp\wctA88.tmp
Deleted file - C:\Users\acco5\AppData\Local\temp\wctB554.tmp
Deleted file - C:\Users\acco5\AppData\Local\temp\wctB8C3.tmp
Deleted file - C:\Users\acco5\AppData\Local\temp\wctB8C4.tmp
Deleted file - C:\Users\acco5\AppData\Local\temp\wctB96F.tmp
Deleted file - C:\Users\acco5\AppData\Local\temp\wctCC2E.tmp
Deleted file - C:\Users\acco5\AppData\Local\temp\wctD117.tmp
Deleted file - C:\Users\acco5\AppData\Local\temp\wctD1EB.tmp
Deleted file - C:\Users\acco5\AppData\Local\temp\wctE668.tmp
Deleted file - C:\Users\acco5\AppData\Local\temp\wmsetup.log
Deleted file - C:\Users\acco5\AppData\Local\temp\wsu2B3F.tmp
Deleted file - C:\Users\acco5\AppData\Local\temp\wsu2C3A.tmp
Deleted file - C:\Users\acco5\AppData\Local\temp\wsu2CA9.tmp
Deleted file - C:\Users\acco5\AppData\Local\temp\wsu2DE2.tmp
Deleted file - C:\Users\acco5\AppData\Local\temp\wsu2E41.tmp
Deleted file - C:\Users\acco5\AppData\Local\temp\wsu2EBF.tmp
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\windowsdesktop-runtime-5.0.14-win-x64.exe
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ACSetup\ACSetup.deps.json
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ACSetup\ACSetup.dll
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ACSetup\ACSetup.exe
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ACSetup\ACSetup.pdb
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ACSetup\ACSetup.runtimeconfig.dev.json
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ACSetup\ACSetup.runtimeconfig.json
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ACSetup\BIOSInfoLib.dll
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ACSetup\DeviceInformationSDK.dll
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ACSetup\GamingCenter.SDK.dll
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ACSetup\GamingCenter.SDK.xml
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ACSetup\Microsoft.Windows.SDK.NET.dll
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ACSetup\WinRT.Runtime.dll
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ACSetup\ref\ACSetup.dll
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ASIO3_1.00.25\AsIO3_32.dll
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ASIO3_1.00.25\AsIO3_32.sys
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ASIO3_1.00.25\AsIO3_64.dll
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ASIO3_1.00.25\AsIO3_64.sys
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ASIO3_1.00.25\AsusCertService.exe
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ASIO3_1.00.25\InstDrv.exe
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ASIO3_1.00.25\Version.ini
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ROGLiveServicePackage\ProductLineCheck.dll
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ROGLiveServicePackage\ROGLiveServiceSetup.exe
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ROGLiveServicePackage\ROGLiveServiceSetup.ini
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ROGLiveServicePackage\ROGLiveService\ROGLiveService.msi
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ROGLiveServicePackage\VC\vc_redist.x64.exe
Deleted file - C:\Users\acco5\AppData\Local\temp\ACFL\ROGLiveServicePackage\VC\vc_redist.x86.exe
Deleted file - C:\Users\acco5\AppData\Local\temp\mbam\qt-jl-icons\234952aec40.ico
Deleted file - C:\Users\acco5\AppData\Local\temp\mbam\qt-jl-icons\234952aec60.ico
Deleted file - C:\Users\acco5\AppData\Local\temp\mbam\qt-jl-icons\234952aed90.ico
Deleted file - C:\Users\acco5\AppData\Local\temp\mbam\qt-jl-icons\23495423d50.ico
Deleted file - C:\Users\acco5\AppData\Local\temp\mbam\qt-jl-icons\23495423d90.ico
Deleted file - C:\Users\acco5\AppData\Local\temp\mbam\qt-jl-icons\23495423da0.ico
Deleted file - C:\Users\acco5\AppData\Local\temp\mbam\qt-jl-icons\23495423fb0.ico
Deleted file - C:\Users\acco5\AppData\Local\temp\mbam\qt-jl-icons\26093560490.ico
Deleted file - C:\Users\acco5\AppData\Local\temp\mbam\qt-jl-icons\26093560570.ico

========= End of CMD: =========

========= ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

=========== "C:\Windows\Temp\*.*" ==========

C:\Windows\Temp\ASUS Aac_NBDT HAL_20220912204911.log => moved successfully
C:\Windows\Temp\ASUS Aac_NBDT HAL_20220912204911_000_Setup.log => moved successfully
C:\Windows\Temp\ASUS Aac_NBDT HAL_20220912204916.log => moved successfully
C:\Windows\Temp\catalog.json => moved successfully
Could not move "C:\Windows\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
Could not move "C:\Windows\Temp\FXSTIFFDebugLogFile.txt" => Scheduled to move on reboot.
C:\Windows\Temp\gameinputredist.log => moved successfully
C:\Windows\Temp\GameSDK Service_20220912204946.log => moved successfully
C:\Windows\Temp\GameSDK Service_20220912204946_000_Setup.log => moved successfully
C:\Windows\Temp\httputitlity-2022-09-12.log => moved successfully
C:\Windows\Temp\LAPTOP-6ODOHNQP-20220912-2132.log => moved successfully
C:\Windows\Temp\LAPTOP-6ODOHNQP-20220912-2132a.log => moved successfully
C:\Windows\Temp\LAPTOP-6ODOHNQP-20220912-2132b.log => moved successfully
C:\Windows\Temp\LAPTOP-6ODOHNQP-20220912-2217.log => moved successfully
C:\Windows\Temp\LAPTOP-6ODOHNQP-20220912-2223.log => moved successfully
C:\Windows\Temp\LAPTOP-6ODOHNQP-20220912-2354.log => moved successfully
C:\Windows\Temp\LAPTOP-6ODOHNQP-20220912-2359.log => moved successfully
C:\Windows\Temp\LAPTOP-6ODOHNQP-20220913-0005.log => moved successfully
C:\Windows\Temp\LAPTOP-6ODOHNQP-20220914-1434.log => moved successfully
C:\Windows\Temp\LAPTOP-6ODOHNQP-20220914-1437.log => moved successfully
C:\Windows\Temp\LAPTOP-6ODOHNQP-20220914-1437a.log => moved successfully
C:\Windows\Temp\LAPTOP-6ODOHNQP-20220915-0933.log => moved successfully
C:\Windows\Temp\LAPTOP-6ODOHNQP-20220915-0933a.log => moved successfully
C:\Windows\Temp\LAPTOP-6ODOHNQP-20220915-0947.log => moved successfully
C:\Windows\Temp\LAPTOP-6ODOHNQP-20220915-0952.log => moved successfully
C:\Windows\Temp\LAPTOP-6ODOHNQP-20220915-1018.log => moved successfully
C:\Windows\Temp\LAPTOP-6ODOHNQP-20220915-1837.log => moved successfully
C:\Windows\Temp\LAPTOP-6ODOHNQP-20220916-1700.log => moved successfully
C:\Windows\Temp\LAPTOP-6ODOHNQP-20220916-1703.log => moved successfully
C:\Windows\Temp\LAPTOP-6ODOHNQP-20220916-1703a.log => moved successfully
Could not move "C:\Windows\Temp\LAPTOP-6ODOHNQP-20220916-1704.log" => Scheduled to move on reboot.
C:\Windows\Temp\mbamiservice.log => moved successfully
C:\Windows\Temp\mb_errors999.log => moved successfully
C:\Windows\Temp\MpCmdRun.log => moved successfully
C:\Windows\Temp\MpSigStub.log => moved successfully
C:\Windows\Temp\msedge_installer.log => moved successfully
C:\Windows\Temp\officeclicktorun.exe_streamserver(2022091510180615A4).log => moved successfully
Could not move "C:\Windows\Temp\officeclicktorun.exe_streamserver(202209161704121FF4).log" => Scheduled to move on reboot.
C:\Windows\Temp\tem28B5.tmp => moved successfully
C:\Windows\Temp\tem4CC8.tmp => moved successfully
C:\Windows\Temp\WIN-22BCO55SN2S-20220912-2131.log => moved successfully
C:\Windows\Temp\{34CD30CE-B06D-442D-9341-179726D8AD0B} - OProcSessId.dat => moved successfully
C:\Windows\Temp\{82701D20-85CE-4816-841C-AF807079C066} - OProcSessId.dat => moved successfully
C:\Windows\Temp\{C3A428D7-927D-44E5-B01D-AF94C113D7FA} - OProcSessId.dat => moved successfully

========= End -> "C:\Windows\Temp\*.*" ========

=========== "C:\WINDOWS\system32\*.tmp" ==========

not found

========= End -> "C:\WINDOWS\system32\*.tmp" ========

=========== "C:\WINDOWS\syswow64\*.tmp" ==========

not found

========= End -> "C:\WINDOWS\syswow64\*.tmp" ========

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16933008 B
Java, Discord, Steam htmlcache => 0 B
Windows/system/drivers => 6065 B
Edge => 0 B
Firefox => 315172895 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 34338 B
NetworkService => 39326 B
acco5 => 214136 B

RecycleBin => 29283223 B
EmptyTemp: => 344.9 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 16-09-2022 17:05:37)

C:\Windows\Temp\FXSAPIDebugLogFile.txt => Is moved successfully
C:\Windows\Temp\FXSTIFFDebugLogFile.txt => Is moved successfully
C:\Windows\Temp\LAPTOP-6ODOHNQP-20220916-1704.log => Is moved successfully
C:\Windows\Temp\officeclicktorun.exe_streamserver(202209161704121FF4).log => Is moved successfully

==== End of Fixlog 17:05:37 ====

Malnutrition · Sep 16, 2022

What issue remains? How is the machine?

Data838 · Sep 16, 2022

Well, for now it seems that everything's working fine. I paused updates to be sure that nothing else is being downloaded and will continue to observe if there are any changes in the coming days.
I'm just wondering if there's any way to get rid of all the unnecessary data that was downloaded before. I don't remember the initial amount of free space in my C disk but it might be between 10 and 20 GB. When this problem started, any excessive data disappeared after I restarted my laptop but now it continues to remain in my laptop. If not, that's ok, the most important thing is that the problem seems to be solved.

Thank you for your help, I'm sending you a plate of virtual cookies so you could eventually become a Well Fed Mod :thumbsup:

!

Malnutrition · Sep 17, 2022

To update older programs, use patchmypc home edition.

To clean up the tools we used.

Download KpRM
Save to Desktop
Check Delete Tools'
Delete Restore points
Create Restore point.
Then click run.
I'll Mark this as solved for you.

Feel free to create a new thread in the windows 10 forum, and ask how to free up space.

Data838

veeg

PCHF Manager

Data838

Data838

Malnutrition

Malnurished Admin

Data838

Malnutrition

Malnurished Admin

Malnutrition

Malnurished Admin

Data838

Malnutrition

Malnurished Admin

Attachments

Data838

Malnutrition

Malnurished Admin

Data838

Malnutrition

Malnurished Admin

Search

Search

Solved PC downloading data without reason even after reset

We value your privacy