My laptop was recently infected with the Nobu Ransomware virus and I read the article that was posted by you guys but since I'm inexperienced with this I came hoping that you would help me. All of my school files have been encrypted by Nobu and I have also seen the ransom note that was indicated by you guys. I'm really hoping you guys could help me because I really need your help.
In assistance for Nobu Ransomware removal.
- Thread starter desperatekid
- Start date
- Status
- Nov 5, 2019
- 1,431
Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.
==
This is not good news.
Navigate to this topic.
id-ransomware.malwarehunterteam.com
Submit a sample of the compromised files for their review.
They will reply and let you know what you are dealing with.
From what we know now, your files are not recoverable.
Your only solution would be to restore the files from a good backup if you have one.
The compromised files can be transferred to a CD or Flash drive.
Should a solution be found in the future you may be able to restore them.
Good luck.
<<<>>>
p.s.
If you have other computer issues please run this tool and let me know what the problem is.
Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please Attach it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
How to attach a file:
In the Reply section in the bottom of the topic Select Click the Choose a File.
Navigate to the location of the File.
Click the file. It will appear in section.
Click the Saving button.
Please attach the logs for my review.
Let me know what problems persists.
Wait for further instructions
p.s.
This program is updated often.
If it's identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided.
OR, you should restore the program from the Quarantine folder.
====
I'm nasdaq and will be helping you.
==
This is not good news.
Navigate to this topic.
ID Ransomware
Upload a ransom note and/or sample encrypted file to identify the ransomware that has encrypted your data.
id-ransomware.malwarehunterteam.com
Submit a sample of the compromised files for their review.
They will reply and let you know what you are dealing with.
From what we know now, your files are not recoverable.
Your only solution would be to restore the files from a good backup if you have one.
The compromised files can be transferred to a CD or Flash drive.
Should a solution be found in the future you may be able to restore them.
Good luck.
<<<>>>
p.s.
If you have other computer issues please run this tool and let me know what the problem is.
Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please Attach it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
How to attach a file:
In the Reply section in the bottom of the topic Select Click the Choose a File.
Navigate to the location of the File.
Click the file. It will appear in section.
Click the Saving button.
Please attach the logs for my review.
Let me know what problems persists.
Wait for further instructions
p.s.
This program is updated often.
If it's identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided.
OR, you should restore the program from the Quarantine folder.
====
I'm not able to upload in ID Ransomware. It always says that the page isn't working.Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.
==
This is not good news.
Navigate to this topic.
ID Ransomware
Upload a ransom note and/or sample encrypted file to identify the ransomware that has encrypted your data.
Submit a sample of the compromised files for their review.
They will reply and let you know what you are dealing with.
From what we know now, your files are not recoverable.
Your only solution would be to restore the files from a good backup if you have one.
The compromised files can be transferred to a CD or Flash drive.
Should a solution be found in the future you may be able to restore them.
Good luck.
<<<>>>
p.s.
If you have other computer issues please run this tool and let me know what the problem is.
Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please Attach it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
How to attach a file:
In the Reply section in the bottom of the topic Select Click the Choose a File.
Navigate to the location of the File.
Click the file. It will appear in section.
Click the Saving button.
Please attach the logs for my review.
Let me know what problems persists.
Wait for further instructions
p.s.
This program is updated often.
If it's identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided.
OR, you should restore the program from the Quarantine folder.
====
- Nov 5, 2019
- 1,431
Hi,
Let's check further.
Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
How to attach a file:
In the Reply section in the bottom of the topic Select Click the Attach Files.
Navigate to the location of the File.
Click the file. It will appear in the reply section.
Click the Post Reply button.
Please post the logs for my review.
Let me know what problems persists.
Wait for further instructions
Let's check further.
Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
How to attach a file:
In the Reply section in the bottom of the topic Select Click the Attach Files.
Navigate to the location of the File.
Click the file. It will appear in the reply section.
Click the Post Reply button.
Please post the logs for my review.
Let me know what problems persists.
Wait for further instructions
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-12-2020
Ran by Asus (administrator) on LAPTOP-909Q77D3 (ASUSTeK COMPUTER INC. VivoBook_ASUSLaptop X409JA_X409JA) (11-12-2020 16:31:09)
Running from C:\Users\Asus\Downloads
Loaded Profiles: Asus
Platform: Windows 10 Home Single Language Version 1909 18363.1256 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Users\Asus\AppData\Local\25cec880-f715-4781-8ca0-713049dbe360\52D5.exe
() [File not signed] C:\Users\Asus\AppData\Local\Route0\route.exe
() [File not signed] C:\Users\Asus\AppData\Local\Route0\zroute.exe <23>
() [File not signed] C:\Users\Asus\AppData\Roaming\Smart Clock\SmartClock.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <3>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSLinkRemote\AsusLinkRemote.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSLinkNear\AsusLinkNear.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSLinkNear\AsusLinkNearExt.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSOptimization\AsusOptimization.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSOptimization\AsusOptimizationStartupTask.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSOptimization\AsusOSD.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSSoftwareManager\AsusSoftwareManager.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Windows\System32\ELANFPService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <20>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_db704b106aae3892\ICEsoundService64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_d52c63e0e1c02c96\jhi_service.exe
(Intel(R) pGFX -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIServiceN.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxEMN.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b2a136cee25b9cb8\IntelCpHDCPSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_0c50c5dc47ed0efe\RstMwService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_7fd3c1076ca83746\Intel_PIE_Service.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Krisp Technologies, Inc -> Krisp) C:\Program Files\Krisp\Krisp.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\Asus\AppData\Local\kingsoft\WPS Office\11.2.0.9747\office6\wpscenter.exe <2>
(Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\Asus\AppData\Local\kingsoft\WPS Office\11.2.0.9747\office6\wpscloudsvr.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [AutoTransfer PC] => C:\Program Files (x86)\USB Disk Security\backupmaster.exe [397200 2018-04-09] (Bo Zheng -> Bo Zheng)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2091064 2020-07-17] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-06-06] (Adobe Inc. -> )
HKLM-x32\...\Run: [Genshin Impact_Launcher] => [X]
HKLM-x32\...\Run: [haleng] => C:\Users\Asus\AppData\Local\Temp\haleng. <==== ATTENTION
HKU\S-1-5-21-500565742-657202803-3798855404-1001\...\Run: [LDNews] => C:\XuanZhi\LDPlayer\ldnews.exe
HKU\S-1-5-21-500565742-657202803-3798855404-1001\...\Run: [Krisp] => C:\Program Files\Krisp\Krisp.exe [2370720 2020-09-02] (Krisp Technologies, Inc -> Krisp)
HKU\S-1-5-21-500565742-657202803-3798855404-1001\...\Run: [11f86284] => C:\Users\Asus\AppData\Local\Route0\route.exe [499200 2020-11-17] () [File not signed]
HKU\S-1-5-21-500565742-657202803-3798855404-1001\...\Run: [SysHelper] => C:\Users\Asus\AppData\Local\25cec880-f715-4781-8ca0-713049dbe360\52D5.exe [727040 2020-12-08] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-500565742-657202803-3798855404-1001\...\Run: [Spotify] => C:\Users\Asus\AppData\Roaming\Spotify\Spotify.exe [23233936 2020-12-04] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-500565742-657202803-3798855404-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-04] (Google LLC -> Google LLC)
Startup: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartClock.lnk [2020-12-08] <==== ATTENTION
ShortcutTarget: SmartClock.lnk -> C:\Users\Asus\AppData\Roaming\Smart Clock\SmartClock.exe () [File not signed] <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0D9CA9C6-6F33-4943-A6C3-ABC1A17ECCC5} - System32\Tasks\WpsExternal_Asus_20201122212337 => C:\Users\Asus\AppData\Local\Kingsoft\WPS Office\11.2.0.9747\office6\wpscloudsvr.exe [1482496 2020-11-22] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {154A1674-A7CE-4242-B6E6-74729BCB29FE} - System32\Tasks\ccleaner update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1DB736EB-0C81-483A-9907-E2191787B6BC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {34B3DE0F-93F3-4CB6-81AE-F268B4E3B009} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2020-07-04] (Google Inc -> Google Inc.)
Task: {48947bcd-b6c7-4409-93df-68178bd55e83} - no filepath
Task: {506DDA7B-9E08-4643-9A93-6EF48FCF0EBD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143712 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {52A049D1-D563-4406-A264-4D0306C7656B} - System32\Tasks\ASUS Update Checker 2.0 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSSoftwareManager\AsusUpdateChecker.exe [693176 2020-10-23] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {57B69F27-CE93-450C-AA2B-E5589BEC889B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-26] (Adobe Inc. -> Adobe Systems)
Task: {5D9060FE-7E83-4C68-887E-0CD933183C15} - System32\Tasks\RtkAudUService64_BG => C:\Windows\System32\RtkAudUService64.exe [1000736 2019-10-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {67BC4C34-9D98-4862-A8E7-EABD70451146} - System32\Tasks\WpsUpdateTask_Asus => C:\Users\Asus\AppData\Local\Kingsoft\WPS Office\11.2.0.9396\office6\wpsupdate.exe
Task: {6C2EB1C9-BB6B-4AD5-B061-9FC20BAAE46E} - System32\Tasks\Microsoft\Windows\PLA\AsusLinkNear => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\Windows\system32\pla.dll [1507328 2020-07-08] (Microsoft Windows -> Microsoft Corporation)
Task: {6D8E3F23-37C3-4548-AF67-43FAEBBDC659} - System32\Tasks\Microsoft\Windows\PLA\074C0539-0999-4DA9-9D0D-3D016B62F4E9 => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\Windows\system32\pla.dll [1507328 2020-07-08] (Microsoft Windows -> Microsoft Corporation)
Task: {7C8E691E-EEF1-438C-A71D-D25BEC43507E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E0FE01A-E1F4-4251-B19B-F58E48676704} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7F31B6CD-D031-45BA-B3F0-18E5100BF472} - System32\Tasks\MyASUS Update Messenger => C:\Users\Asus\AppData\Local\MyASUS Update Messenger\UpdateMessenger.exe [13750320 2020-10-22] (SweetLabs Inc. -> SweetLabs, Inc)
Task: {897B8DA4-37E0-45F6-8340-2DFF894C837E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8C5F771D-E5DA-4690-B513-52CCB796DAC2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2020-07-04] (Google Inc -> Google Inc.)
Task: {B55F032F-245E-4F2E-A524-9FA2C62489AA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C61B5D69-BEE0-4023-97F1-928227F77AFD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24690360 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CA334506-36D7-4318-8E26-6A6E28D12360} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143712 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {D44CA5BE-D297-42B4-AF51-4FC3A2CBBDF3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D92C2ABD-001A-4519-B1A9-8E3516AD1596} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FA551D8F-D440-4991-8C5F-57EFF93FF603} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSOptimization\AsusHotkeyExec.exe [221112 2020-10-23] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {FD63C524-B77F-46F2-8F34-7B6DCC8469A4} - System32\Tasks\Time Trigger Task => C:\Users\Asus\AppData\Local\25cec880-f715-4781-8ca0-713049dbe360\52D5.exe [727040 2020-12-08] () [File not signed] <==== ATTENTION
Task: {FF3C06AA-CC63-428F-B792-5E7D76DB1D12} - System32\Tasks\adobe flash player ppapi notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_pepper.exe [1454648 2020-07-08] (Adobe Inc. -> Adobe)
Task: {FFDFEBA4-1688-4C51-9D3D-CA138D6769B2} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2166712 2020-10-23] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{600ca06d-f359-4f79-ac41-5a01322dfcea}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8a153744-e161-4ee8-9b73-7fe148789bfb}: [DhcpNameServer] 40.52.1.13
Edge:
======
Edge Profile: C:\Users\Asus\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-17]
FireFox:
========
FF DefaultProfile: qh9rtnlf.default
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\qh9rtnlf.default [2020-07-07]
FF NewTab: Mozilla\Firefox\Profiles\qh9rtnlf.default -> hxxps://securesearch.org/homepage?hp=2&pId=BT171002&iDate=2020-07-06 10:21:28&bName=
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\4x6r8t31.default-release [2020-10-20]
FF Homepage: Mozilla\Firefox\Profiles\4x6r8t31.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=BT171002&iDate=2020-07-06 10:21:28&bName=
FF NewTab: Mozilla\Firefox\Profiles\4x6r8t31.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=BT171002&iDate=2020-07-06 10:21:28&bName=
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-07-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-07-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-07-17] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-07-17] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-12-11]
CHR Notifications: Profile 1 -> hxxps://aternos.org; hxxps://mail.google.com; hxxps://meet.google.com
CHR Extension: (Slides) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-09-18]
CHR Extension: (Just Black) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-09-18]
CHR Extension: (Docs) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-09-18]
CHR Extension: (Google Drive) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-09-18]
CHR Extension: (Sheets) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-09-18]
CHR Extension: (Google Docs Offline) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-09-18]
CHR Extension: (AdBlock Stream) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\npknjhekabepaannekikfhjbjgjhlbpf [2020-12-09]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2020-11-11]
CHR Extension: (Gmail) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-01]
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\System Profile [2020-09-23]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
"aikolgut" => service was unlocked. <==== ATTENTION
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [88648 2020-02-26] (Adobe Inc. -> Adobe Systems)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844856 2020-06-20] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 aikolgut; C:\Windows\SysWOW64\aikolgut\ffgrmnlt.exe [13208576 2020-12-08] () [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-05-20] (Apple Inc. -> Apple Inc.)
R2 ASUSLinkNear; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSLinkNear\AsusLinkNear.exe [1089976 2020-10-23] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSLinkNearExt; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSLinkNear\AsusLinkNearExt.exe [142264 2020-10-23] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSLinkRemote\AsusLinkRemote.exe [790968 2020-10-23] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSOptimization\AsusOptimization.exe [310200 2020-10-23] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSSoftwareManager\AsusSoftwareManager.exe [797112 2020-10-23] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2166712 2020-10-23] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [600480 2020-10-23] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-11-23] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2020-07-05] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
S3 QMEmulatorService; C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [198736 2020-08-15] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wpscloudsvr; C:\Users\Asus\AppData\Local\Kingsoft\WPS Office\wpscloudsvr.exe [1482496 2020-11-22] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 AsusPTPDrv; C:\Windows\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ASUSSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSSystemAnalysis\ASUSSAIO.sys [36792 2020-10-23] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSOptimization\atkwmiacpi64.sys [44696 2020-10-23] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2019-10-07] (Microsoft Corporation) [File not signed]
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 KrispSimple; C:\Windows\System32\drivers\KrispVad.sys [56008 2020-07-18] (Krisp Technologies, Inc -> )
R2 LdVBoxDrv; C:\Program Files\ldplayerbox\LdVBoxDrv.sys [315232 2020-08-03] (MyTestCertificate -> Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-11 16:31 - 2020-12-11 16:36 - 000027390 _____ C:\Users\Asus\Downloads\FRST.txt
2020-12-11 16:29 - 2020-12-11 16:29 - 000000000 ____D C:\Users\Asus\Downloads\FRST-OlderVersion
2020-12-11 16:26 - 2020-12-11 16:34 - 000000000 ____D C:\FRST
2020-12-11 16:23 - 2020-12-11 16:29 - 002288640 _____ (Farbar) C:\Users\Asus\Downloads\FRST64.exe
2020-12-10 00:02 - 2020-12-10 00:02 - 002045952 _____ C:\Windows\system32\rdpnano.dll
2020-12-10 00:02 - 2020-12-10 00:02 - 000171008 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2020-12-10 00:02 - 2020-12-10 00:02 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\ncpa.cpl
2020-12-10 00:02 - 2020-12-10 00:02 - 000100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncpa.cpl
2020-12-10 00:02 - 2020-12-10 00:02 - 000059392 _____ C:\Windows\system32\runexehelper.exe
2020-12-10 00:02 - 2020-12-10 00:02 - 000001370 _____ C:\Windows\system32\ThirdPartyNoticesBySHS.txt
2020-12-10 00:02 - 2020-12-10 00:02 - 000000357 _____ C:\Windows\system32\DrtmAuth14.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000357 _____ C:\Windows\system32\DrtmAuth13.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth18.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth17.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth16.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth15.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-12-10 00:01 - 2020-12-10 00:01 - 001756600 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-12-10 00:01 - 2020-12-10 00:01 - 001366144 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-12-08 19:23 - 2020-12-08 19:27 - 000000000 ___HD C:\KingsoftData
2020-12-08 19:22 - 2020-12-08 19:22 - 000000000 ____D C:\Users\Asus\AppData\Local\Piders
2020-12-08 19:20 - 2020-12-08 19:21 - 000000000 ____D C:\ProgramData\Garbage Cleaner
2020-12-08 19:19 - 2020-12-08 19:22 - 000000000 ____D C:\ProgramData\MJRVVULATP
2020-12-08 19:19 - 2020-12-08 19:19 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2020-12-08 19:19 - 2020-12-08 19:19 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll
2020-12-08 19:19 - 2020-12-08 19:19 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2020-12-08 19:19 - 2020-12-08 19:19 - 000001110 _____ C:\Users\Asus\_readme.txt
2020-12-08 19:19 - 2020-12-08 19:19 - 000001110 _____ C:\_readme.txt
2020-12-08 19:18 - 2020-12-08 19:20 - 000334288 _____ (Mozilla Foundation) C:\ProgramData\freebl3.dll
2020-12-08 19:18 - 2020-12-08 19:20 - 000000000 ____D C:\ProgramData\882CQ3NVNV
2020-12-08 19:18 - 2020-12-08 19:18 - 000000049 _____ C:\Users\Asus\AppData\Local\script.ps1
2020-12-08 19:18 - 2020-12-08 19:18 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Smart Clock
2020-12-08 19:18 - 2020-12-08 19:18 - 000000000 ____D C:\ProgramData\t2p2w0v6w8p2w0v6w8
2020-12-08 19:17 - 2020-12-08 19:27 - 000000000 ____D C:\Users\Asus\Documents\VlcpVideoV1.0.1
2020-12-08 19:17 - 2020-12-08 19:21 - 000000000 ____D C:\ProgramData\SWXJ6TOIAD
2020-12-08 19:17 - 2020-12-08 19:18 - 000000000 ____D C:\Users\Asus\AppData\Local\73368dfc-5082-4ca3-9ef1-79b35b74b02b
2020-12-08 19:17 - 2020-12-08 19:17 - 000003754 _____ C:\Windows\system32\Tasks\Time Trigger Task
2020-12-08 19:17 - 2020-12-08 19:17 - 000000565 _____ C:\Users\Asus\AppData\Local\bowsakkdestx.txt
2020-12-08 19:17 - 2020-12-08 19:17 - 000000000 ____D C:\Windows\SysWOW64\aikolgut
2020-12-08 19:17 - 2020-12-08 19:17 - 000000000 ____D C:\Users\Asus\AppData\Local\25cec880-f715-4781-8ca0-713049dbe360
2020-12-08 19:17 - 2020-12-08 19:17 - 000000000 ____D C:\SystemID
2020-12-08 19:16 - 2020-12-08 19:16 - 000000000 ____D C:\Users\Public\Thunder Network
2020-12-08 19:16 - 2020-12-08 19:16 - 000000000 ____D C:\ProgramData\Thunder Network
2020-12-08 19:16 - 2020-12-08 19:16 - 000000000 ____D C:\ProgramData\sib
2020-12-08 19:16 - 2020-12-08 19:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RearRips
2020-12-08 19:16 - 2020-12-08 19:16 - 000000000 ____D C:\Program Files (x86)\Seed Trade
2020-12-08 19:16 - 2020-12-08 19:16 - 000000000 ____D C:\Program Files (x86)\RearRips
2020-12-08 19:15 - 2020-12-08 19:15 - 000032768 _____ C:\Users\Asus\AppData\Roaming\1607426120358-shm
2020-12-08 19:15 - 2020-12-08 19:15 - 000000000 _____ C:\Users\Asus\AppData\Roaming\1607426120358-wal
2020-12-08 18:06 - 2020-12-08 18:51 - 000000000 ____D C:\Users\Asus\AppData\Local\Movavi
2020-12-08 18:06 - 2020-12-08 18:06 - 000000000 ____D C:\Users\Asus\AppData\Local\VideoEditorPlus
2020-12-08 18:06 - 2020-12-08 18:06 - 000000000 ____D C:\Users\Asus\AppData\Local\CrashRpt
2020-12-08 18:04 - 2020-12-08 18:04 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movavi Video Editor Plus 2021
2020-12-08 17:59 - 2020-12-08 17:59 - 000012623 _____ C:\ProgramData\juutbubq.wrj
2020-12-08 17:59 - 2020-12-08 17:59 - 000000016 _____ C:\ProgramData\mntemp
2020-12-08 15:38 - 2020-12-08 19:23 - 000007463 _____ C:\Users\Asus\Downloads\My CLE Story .docx.nobu
2020-12-08 14:53 - 2020-12-08 19:23 - 000014847 _____ C:\Users\Asus\Downloads\Speech.docx.nobu
2020-12-08 13:32 - 2020-12-08 19:23 - 000006719 _____ C:\Users\Asus\Downloads\references .docx.nobu
2020-12-07 13:43 - 2020-12-08 19:22 - 000026350 _____ C:\Users\Asus\Downloads\CHAPTER 2 nestling.png.nobu
2020-12-07 13:33 - 2020-12-08 19:23 - 008472886 _____ C:\Users\Asus\Downloads\PhotoScissorsSetup.exe.nobu
2020-12-07 13:31 - 2020-12-08 19:22 - 000014300 _____ C:\Users\Asus\Downloads\fledgling 2.png.nobu
2020-12-05 17:36 - 2020-12-08 19:22 - 000091185 _____ C:\Users\Asus\Downloads\Greenland (2020) [1080p] [BluRay] [5.1] [YTS.MX].torrent.nobu
2020-12-05 17:36 - 2020-12-08 19:22 - 000041410 _____ C:\Users\Asus\Downloads\greenland-2020-english-yify-261276.zip.nobu
2020-12-04 17:07 - 2020-12-08 19:23 - 000075646 _____ C:\Users\Asus\Downloads\[FFA] Fruits Basket 2nd Season - 01 - 25 [1080p][HEVC][AAC].torrent.nobu
2020-12-01 08:53 - 2020-12-08 19:22 - 001317414 _____ C:\Users\Asus\Downloads\ChromeSetup.exe.nobu
2020-11-29 21:21 - 2020-12-08 19:22 - 037308226 _____ C:\Users\Asus\Downloads\Cordero-1.MOV.nobu
2020-11-27 22:25 - 2020-12-08 19:22 - 000011422 _____ C:\Users\Asus\Downloads\Final Paper Submission.docx.nobu
2020-11-23 08:49 - 2020-12-08 19:23 - 000000496 ____H C:\Users\Asus\Downloads\~$oup chech rationale.docx.nobu
2020-11-22 21:23 - 2020-11-22 21:23 - 000004066 _____ C:\Windows\system32\Tasks\WpsExternal_Asus_20201122212337
2020-11-17 18:54 - 2020-11-17 19:12 - 000000011 _____ C:\ProgramData\kaosdma.txt
2020-11-17 18:48 - 2020-11-17 18:50 - 000000000 ____D C:\Users\Asus\Documents\Photoshop
2020-11-17 18:37 - 2020-11-17 18:37 - 000001554 _____ C:\Users\Asus\AppData\Local\recently-used.xbel
2020-11-17 18:37 - 2020-11-17 18:37 - 000000000 ____D C:\Users\Asus\AppData\Local\gtk-2.0
2020-11-17 18:26 - 2020-11-17 18:26 - 000000000 ____D C:\Users\Asus\.cache
2020-11-17 18:25 - 2020-11-17 18:25 - 000000000 ____D C:\Users\Asus\AppData\Roaming\GIMP
2020-11-17 18:25 - 2020-11-17 18:25 - 000000000 ____D C:\Users\Asus\AppData\Local\GIMP
2020-11-17 18:24 - 2020-11-17 18:38 - 000000000 ____D C:\Users\Asus\AppData\Local\babl-0.1
2020-11-17 18:24 - 2020-11-17 18:24 - 000000000 ____D C:\Users\Asus\AppData\Local\gegl-0.4
2020-11-17 18:23 - 2020-11-17 18:23 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.22.lnk
2020-11-17 18:19 - 2020-11-17 18:21 - 000000000 ____D C:\Program Files\GIMP 2
2020-11-17 17:09 - 2020-11-17 17:11 - 000000000 ____D C:\Users\Asus\AppData\Local\Route0
2020-11-12 08:18 - 2020-11-12 08:18 - 001101312 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2020-11-12 08:17 - 2020-11-12 08:17 - 001841152 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2020-11-12 08:16 - 2020-11-12 08:16 - 000200704 _____ C:\Windows\system32\IHDS.dll
2020-11-12 08:16 - 2020-11-12 08:16 - 000164864 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-11 16:40 - 2019-03-19 12:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-11 16:13 - 2020-07-06 12:06 - 000000000 ____D C:\Users\Asus\AppData\Local\Spotify
2020-12-11 16:10 - 2020-07-06 12:04 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Spotify
2020-12-11 16:09 - 2020-08-17 11:41 - 000000000 ____D C:\Users\Asus\Desktop\Everything that involves school
2020-12-11 13:02 - 2019-10-18 21:57 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-12-11 10:57 - 2020-10-22 00:15 - 000000000 ____D C:\Users\Asus\AppData\Local\MyASUS Update Messenger
2020-12-11 10:56 - 2020-07-24 14:50 - 000004162 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{EE1E69E2-4540-4DE6-AB85-F3360CD51650}
2020-12-11 10:54 - 2020-07-04 09:56 - 000003752 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2020-12-11 10:49 - 2020-08-21 14:35 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-12-11 10:49 - 2020-08-21 14:35 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-12-11 10:46 - 2020-09-29 01:15 - 000000000 ____D C:\Users\Asus\AppData\Local\Krisp
2020-12-11 10:44 - 2020-07-24 14:47 - 000000000 ____D C:\Users\Asus\AppData\Local\LogMeIn Hamachi
2020-12-11 10:43 - 2020-07-04 10:00 - 000000000 __SHD C:\Users\Asus\IntelGraphicsProfiles
2020-12-11 02:31 - 2020-07-15 04:00 - 000000000 ____D C:\Users\Asus\AppData\Roaming\discord
2020-12-11 02:25 - 2020-08-04 00:58 - 000000000 ____D C:\Users\Asus\AppData\Local\Battle.net
2020-12-11 00:40 - 2019-03-19 12:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-11 00:40 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\AppReadiness
2020-12-10 20:25 - 2020-08-10 17:08 - 000002224 _____ C:\Users\Asus\Desktop\Discord.lnk
2020-12-10 20:25 - 2020-07-15 04:01 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-12-10 20:24 - 2020-08-10 17:08 - 000000000 ____D C:\Users\Asus\AppData\Local\Discord
2020-12-10 08:53 - 2019-10-18 22:05 - 000795992 _____ C:\Windows\system32\PerfStringBackup.INI
2020-12-10 08:53 - 2019-03-19 12:50 - 000000000 ____D C:\Windows\INF
2020-12-10 08:48 - 2020-07-04 10:00 - 000000000 ___RD C:\Users\Asus\3D Objects
2020-12-10 08:48 - 2020-04-09 09:16 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-10 08:46 - 2019-10-18 21:57 - 000483504 _____ C:\Windows\system32\FNTCACHE.DAT
2020-12-10 08:45 - 2019-10-18 21:57 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-12-10 01:19 - 2019-03-19 12:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-12-10 01:18 - 2019-03-19 12:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2020-12-10 01:18 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-12-10 01:18 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\SystemResources
2020-12-10 01:18 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\system32\oobe
2020-12-10 01:18 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\system32\Dism
2020-12-10 01:18 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-12-10 01:18 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\bcastdvr
2020-12-10 01:18 - 2019-03-19 12:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-10 01:18 - 2019-03-19 12:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-10 00:19 - 2019-03-19 12:37 - 000000000 ____D C:\Windows\CbsTemp
2020-12-09 16:44 - 2020-07-09 11:09 - 000000000 ____D C:\Users\Asus\AppData\Roaming\vlc
2020-12-09 10:22 - 2020-08-17 11:49 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Canva
2020-12-09 08:22 - 2020-07-21 02:03 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-09 08:22 - 2020-07-21 02:03 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-09 08:22 - 2020-07-21 02:03 - 000002278 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-12-08 23:23 - 2020-07-04 09:59 - 000000000 ____D C:\Users\Asus
2020-12-08 19:27 - 2020-10-04 20:44 - 000000000 ____D C:\Users\Asus\Desktop\Dido
2020-12-08 19:27 - 2020-08-20 12:41 - 000000000 ____D C:\Users\Asus\Documents\Wondershare Filmora 9
2020-12-08 19:23 - 2020-11-09 21:45 - 001933394 _____ C:\Users\Asus\Downloads\PPG.pptx.nobu
2020-12-08 19:23 - 2020-11-07 23:28 - 000026107 _____ C:\Users\Asus\Downloads\IMG_0363.PNG.JPG.nobu
2020-12-08 19:23 - 2020-11-06 15:40 - 081664014 _____ C:\Users\Asus\Downloads\shotcut-win64-201031.exe.nobu
2020-12-08 19:23 - 2020-10-16 12:01 - 000040769 _____ C:\Users\Asus\Downloads\Peer-Evaluation.docx.nobu
2020-12-08 19:23 - 2020-10-13 16:40 - 041086773 _____ C:\Users\Asus\Downloads\My Video.mp4.nobu
2020-12-08 19:23 - 2020-10-05 19:47 - 000141317 _____ C:\Users\Asus\Downloads\LASALLIAN HONOR CODE DECLARATION.pdf.nobu
2020-12-08 19:23 - 2020-10-05 13:28 - 001117920 _____ C:\Users\Asus\Downloads\LASALLIAN HONOR CODE DECLARATION.docx.nobu
2020-12-08 19:23 - 2020-10-04 20:42 - 158234790 _____ C:\Users\Asus\Downloads\mover_free_easeus.exe.nobu
2020-12-08 19:23 - 2020-10-04 20:40 - 001516830 _____ C:\Users\Asus\Downloads\mover_free_Installer_20201004.100000.exe.nobu
2020-12-08 19:23 - 2020-10-03 22:08 - 017103454 _____ C:\Users\Asus\Downloads\TLauncher-2.72-Installer-0.6.5.v2.exe.nobu
2020-12-08 19:23 - 2020-09-30 18:31 - 000063647 _____ C:\Users\Asus\Downloads\SCAFFOLD2_EARTH&LIFE_PT (1).docx.nobu
2020-12-08 19:23 - 2020-09-30 11:58 - 000024174 _____ C:\Users\Asus\Downloads\SCAFFOLDING-2-MATH-GROUP2.docx.nobu
2020-12-08 19:23 - 2020-09-25 21:25 - 000002774 _____ C:\Users\Asus\Downloads\TOITNOICE.png.nobu
2020-12-08 19:23 - 2020-09-22 14:09 - 000027602 _____ C:\Users\Asus\Downloads\SCAFFOLDING #1-2.docx.nobu
2020-12-08 19:23 - 2020-09-22 13:15 - 000031910 _____ C:\Users\Asus\Downloads\TO DO- I'm the Teacher.docx.nobu
2020-12-08 19:23 - 2020-09-21 13:10 - 002770490 _____ C:\Users\Asus\Downloads\LICEO-SHS-REFLECTIONS-NO.07.pdf.nobu
2020-12-08 19:23 - 2020-09-18 00:10 - 003098240 _____ C:\Users\Asus\Downloads\PE - Activity 1.mov.nobu
2020-12-08 19:23 - 2020-09-11 14:04 - 000029668 _____ C:\Users\Asus\Downloads\TO DO- Fill in the Table.docx.nobu
2020-12-08 19:23 - 2020-09-11 11:35 - 000000496 ____H C:\Users\Asus\Downloads\~$tes-1-DLS.docx.nobu
2020-12-08 19:23 - 2020-09-11 08:53 - 000030417 _____ C:\Users\Asus\Downloads\notes-1-DLS.docx.nobu
2020-12-08 19:23 - 2020-09-10 22:55 - 000121565 _____ C:\Users\Asus\Downloads\SCAFFOLD2_EARTHLIFE_PT.docx.nobu
2020-12-08 19:23 - 2020-09-10 18:48 - 000063761 _____ C:\Users\Asus\Downloads\SCAFFOLD2_EARTH&LIFE_PT.docx.nobu
2020-12-08 19:23 - 2020-09-07 15:14 - 000063383 _____ C:\Users\Asus\Downloads\SCAFFOLD1_EARTH&LIFE_PT (1).docx.nobu
2020-12-08 19:23 - 2020-09-07 09:05 - 000060369 _____ C:\Users\Asus\Downloads\Research-MATH-ENG-Part-I.docx.nobu
2020-12-08 19:23 - 2020-09-03 22:50 - 000062506 _____ C:\Users\Asus\Downloads\SCAFFOLD1_EARTH&LIFE_PT.docx.nobu
2020-12-08 19:23 - 2020-08-18 13:48 - 000052227 _____ C:\Users\Asus\Downloads\Information Sheet.docx.nobu
2020-12-08 19:23 - 2020-08-17 14:37 - 013208150 _____ C:\Users\Asus\Downloads\ZoomInstaller.exe.nobu
2020-12-08 19:23 - 2020-08-17 09:51 - 000017079 _____ C:\Users\Asus\Downloads\images.jpeg.nobu
2020-12-08 19:23 - 2020-08-17 09:51 - 000017079 _____ C:\Users\Asus\Downloads\images (1).jpeg.nobu
2020-12-08 19:23 - 2020-08-05 15:44 - 001798366 _____ C:\Users\Asus\Downloads\new doc 2020-08-05 12.25.49.pdf.nobu
2020-12-08 19:23 - 2020-08-03 15:12 - 000000000 ____D C:\Users\Asus\vmlogs
2020-12-08 19:23 - 2020-07-24 12:22 - 016873294 _____ C:\Users\Asus\Downloads\TLauncher-2.72-Installer-0.5.4.exe.nobu
2020-12-08 19:23 - 2020-07-07 06:20 - 000000000 ____D C:\Users\Asus\AppData\Roaming\uTorrent
2020-12-08 19:23 - 2020-07-07 06:19 - 005068750 _____ C:\Users\Asus\Downloads\uTorrent.exe.nobu
2020-12-08 19:23 - 2020-07-06 12:02 - 000892566 _____ C:\Users\Asus\Downloads\SpotifySetup.exe.nobu
2020-12-08 19:23 - 2020-07-04 13:14 - 001573902 _____ C:\Users\Asus\Downloads\SteamSetup.exe.nobu
2020-12-08 19:22 - 2020-10-04 22:54 - 001107330 _____ C:\Users\Asus\Downloads\2 CONFORME SHEET.docx.nobu
2020-12-08 19:22 - 2020-10-04 22:40 - 004082778 _____ C:\Users\Asus\Downloads\1 Liceo eHandbook 2020-2021.pdf.nobu
2020-12-08 19:22 - 2020-10-04 22:34 - 000053850 _____ C:\Users\Asus\Downloads\2 CONFORME SHEET (2).pdf.nobu
2020-12-08 19:22 - 2020-10-04 22:30 - 000020630 _____ C:\Users\Asus\Downloads\2 CONFORME SHEET (2).docx.nobu
2020-12-08 19:22 - 2020-10-03 15:03 - 001201861 _____ C:\Users\Asus\Downloads\8.3.2.3-Let-Us-Remember-formatted (1).pdf.nobu
2020-12-08 19:22 - 2020-09-21 15:37 - 003670814 _____ C:\Users\Asus\Downloads\AnyDesk.exe.nobu
2020-12-08 19:22 - 2020-09-21 11:56 - 000015189 _____ C:\Users\Asus\Downloads\Assignment-5.docx.nobu
2020-12-08 19:22 - 2020-09-21 10:19 - 000178563 _____ C:\Users\Asus\Downloads\drake_meme.jpeg.nobu
2020-12-08 19:22 - 2020-09-14 13:50 - 000007959 _____ C:\Users\Asus\Downloads\Factors-Affecting-Students-Academic-Performance-by-Irfan-Mushtaq-Shabana-Nawaz-Khan.docx.nobu
2020-12-08 19:22 - 2020-09-14 08:47 - 000013603 _____ C:\Users\Asus\Downloads\ANSWER SHEET FOR ASSIGNMENT 5.1.docx.nobu
2020-12-08 19:22 - 2020-09-07 09:46 - 000781971 _____ C:\Users\Asus\Downloads\1.png.nobu
2020-12-08 19:22 - 2020-09-01 23:17 - 000037514 _____ C:\Users\Asus\Downloads\EVALUATING FUNCTIONS_QUESTIONNAIRE.docx.nobu
2020-12-08 19:22 - 2020-08-17 11:38 - 098382254 _____ C:\Users\Asus\Downloads\Canva Setup 1.5.0.exe.nobu
2020-12-08 19:22 - 2020-08-04 00:38 - 004903230 _____ C:\Users\Asus\Downloads\Battle.net-Setup.exe.nobu
2020-12-08 19:21 - 2020-08-17 13:02 - 000015201 _____ C:\Users\Asus\Documents\ialwayslookedbadinphotos.jpg.nobu
2020-12-08 19:21 - 2020-08-03 19:27 - 000000000 ____D C:\Users\Asus\.android
2020-12-08 19:21 - 2020-08-03 19:25 - 000000000 ____D C:\Users\Asus\.Ld2VirtualBox
2020-12-08 19:20 - 2020-04-09 09:47 - 000012982 ____H C:\devlist.txt.nobu
2020-12-08 19:20 - 2020-04-09 09:47 - 000000343 ____H C:\Finish.log.nobu
2020-12-08 19:19 - 2020-08-28 22:30 - 000000000 ____D C:\Temp
2020-12-08 19:19 - 2020-08-18 14:09 - 000000000 ____D C:\kingsoft
2020-12-08 19:19 - 2020-08-03 16:05 - 000000000 ____D C:\XuanZhi
2020-12-08 19:19 - 2019-10-18 22:23 - 000000000 ____D C:\eSupport
2020-12-08 09:35 - 2020-07-07 06:22 - 000000000 ____D C:\Users\Asus\AppData\Local\BitTorrentHelper
2020-12-08 07:41 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\LiveKernelReports
2020-12-08 07:35 - 2020-09-18 08:26 - 000000000 ____D C:\Users\Asus\AppData\LocalLow\uTorrent
2020-12-07 14:36 - 2020-10-04 21:01 - 000000000 ____D C:\Users\Asus\AppData\Local\MobiMoverUILaunch
2020-12-07 14:36 - 2020-10-04 20:55 - 000000000 ____D C:\ProgramData\EMM
2020-12-06 17:58 - 2019-10-18 22:01 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-05 22:52 - 2020-08-04 22:33 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2020-12-05 17:36 - 2020-07-08 11:28 - 000000000 ____D C:\Users\Asus\Desktop\Movies
2020-12-04 20:02 - 2020-07-04 10:13 - 000003418 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-04 20:02 - 2020-07-04 10:12 - 000003294 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-04 14:09 - 2019-10-18 21:57 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-12-04 09:28 - 2020-07-04 10:13 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-04 09:28 - 2020-07-04 10:13 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-12-04 09:28 - 2020-07-04 10:13 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-11-30 20:07 - 2020-07-21 02:03 - 000003480 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-30 20:07 - 2020-07-21 02:03 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-28 13:42 - 2020-11-06 15:50 - 000000000 ____D C:\Users\Asus\AppData\Local\cache
2020-11-28 13:42 - 2020-08-04 00:42 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-11-21 20:47 - 2020-09-30 23:39 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-11-21 14:51 - 2020-07-21 06:05 - 000000000 ____D C:\Users\Asus\AppData\Roaming\.tlauncher
2020-11-21 14:51 - 2020-07-21 06:05 - 000000000 ____D C:\Users\Asus\AppData\Roaming\.minecraft
2020-11-18 09:26 - 2020-04-09 09:10 - 000004122 _____ C:\Windows\system32\Tasks\ASUS Update Checker 2.0
2020-11-17 19:01 - 2020-07-05 05:08 - 000000000 ____D C:\Users\Asus\AppData\Local\Adobe
2020-11-17 00:20 - 2020-04-09 09:10 - 000003764 _____ C:\Windows\system32\Tasks\ASUS Optimization 36D18D69AFC3
2020-11-12 11:00 - 2020-09-30 23:39 - 000907064 _____ (Microsoft Corporation) C:\Windows\system32\sedplugins.dll
2020-11-12 10:59 - 2020-09-30 23:39 - 000436536 _____ (Microsoft Corporation) C:\Windows\system32\QualityUpdateAssistant.dll
2020-11-12 09:12 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\TextInput
2020-11-12 09:12 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\SysWOW64\setup
2020-11-12 09:12 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\system32\setup
2020-11-12 09:12 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\system32\migwiz
2020-11-12 09:12 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-11-12 08:51 - 2020-07-08 15:39 - 000000000 ____D C:\Windows\system32\MRT
2020-11-12 08:45 - 2020-07-08 15:38 - 133736600 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-11-12 08:16 - 2019-10-18 21:59 - 002876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
==================== Files in the root of some directories ========
2020-12-08 19:18 - 2020-12-08 19:20 - 000334288 _____ (Mozilla Foundation) C:\ProgramData\freebl3.dll
2020-12-08 19:19 - 2020-12-08 19:19 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2020-12-08 19:19 - 2020-12-08 19:19 - 000440120 _____ (Microsoft Corporation) C:\ProgramData\msvcp140.dll
2020-12-08 19:19 - 2020-12-08 19:19 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2020-12-08 19:19 - 2020-12-08 19:19 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll
2020-12-08 19:19 - 2020-12-08 19:19 - 000083784 _____ (Microsoft Corporation) C:\ProgramData\vcruntime140.dll
2020-12-08 19:15 - 2020-12-08 19:15 - 000032768 _____ () C:\Users\Asus\AppData\Roaming\1607426120358-shm
2020-12-08 19:15 - 2020-12-08 19:15 - 000000000 _____ () C:\Users\Asus\AppData\Roaming\1607426120358-wal
2020-08-03 19:25 - 2020-08-03 19:25 - 000000068 _____ () C:\Users\Asus\AppData\Roaming\changzhi_leidian.data
2020-12-08 19:17 - 2020-12-08 19:17 - 000000565 _____ () C:\Users\Asus\AppData\Local\bowsakkdestx.txt
2020-08-21 20:11 - 2020-08-21 20:11 - 000000000 _____ () C:\Users\Asus\AppData\Local\oobelibMkey.log
2020-11-17 18:37 - 2020-11-17 18:37 - 000001554 _____ () C:\Users\Asus\AppData\Local\recently-used.xbel
2020-12-08 19:18 - 2020-12-08 19:18 - 000000049 _____ () C:\Users\Asus\AppData\Local\script.ps1
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
Ran by Asus (administrator) on LAPTOP-909Q77D3 (ASUSTeK COMPUTER INC. VivoBook_ASUSLaptop X409JA_X409JA) (11-12-2020 16:31:09)
Running from C:\Users\Asus\Downloads
Loaded Profiles: Asus
Platform: Windows 10 Home Single Language Version 1909 18363.1256 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Users\Asus\AppData\Local\25cec880-f715-4781-8ca0-713049dbe360\52D5.exe
() [File not signed] C:\Users\Asus\AppData\Local\Route0\route.exe
() [File not signed] C:\Users\Asus\AppData\Local\Route0\zroute.exe <23>
() [File not signed] C:\Users\Asus\AppData\Roaming\Smart Clock\SmartClock.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <3>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSLinkRemote\AsusLinkRemote.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSLinkNear\AsusLinkNear.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSLinkNear\AsusLinkNearExt.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSOptimization\AsusOptimization.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSOptimization\AsusOptimizationStartupTask.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSOptimization\AsusOSD.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSSoftwareManager\AsusSoftwareManager.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Windows\System32\ELANFPService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <20>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_db704b106aae3892\ICEsoundService64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_d52c63e0e1c02c96\jhi_service.exe
(Intel(R) pGFX -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIServiceN.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxEMN.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b2a136cee25b9cb8\IntelCpHDCPSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_0c50c5dc47ed0efe\RstMwService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_7fd3c1076ca83746\Intel_PIE_Service.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Krisp Technologies, Inc -> Krisp) C:\Program Files\Krisp\Krisp.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\Asus\AppData\Local\kingsoft\WPS Office\11.2.0.9747\office6\wpscenter.exe <2>
(Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\Asus\AppData\Local\kingsoft\WPS Office\11.2.0.9747\office6\wpscloudsvr.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [AutoTransfer PC] => C:\Program Files (x86)\USB Disk Security\backupmaster.exe [397200 2018-04-09] (Bo Zheng -> Bo Zheng)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2091064 2020-07-17] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-06-06] (Adobe Inc. -> )
HKLM-x32\...\Run: [Genshin Impact_Launcher] => [X]
HKLM-x32\...\Run: [haleng] => C:\Users\Asus\AppData\Local\Temp\haleng. <==== ATTENTION
HKU\S-1-5-21-500565742-657202803-3798855404-1001\...\Run: [LDNews] => C:\XuanZhi\LDPlayer\ldnews.exe
HKU\S-1-5-21-500565742-657202803-3798855404-1001\...\Run: [Krisp] => C:\Program Files\Krisp\Krisp.exe [2370720 2020-09-02] (Krisp Technologies, Inc -> Krisp)
HKU\S-1-5-21-500565742-657202803-3798855404-1001\...\Run: [11f86284] => C:\Users\Asus\AppData\Local\Route0\route.exe [499200 2020-11-17] () [File not signed]
HKU\S-1-5-21-500565742-657202803-3798855404-1001\...\Run: [SysHelper] => C:\Users\Asus\AppData\Local\25cec880-f715-4781-8ca0-713049dbe360\52D5.exe [727040 2020-12-08] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-500565742-657202803-3798855404-1001\...\Run: [Spotify] => C:\Users\Asus\AppData\Roaming\Spotify\Spotify.exe [23233936 2020-12-04] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-500565742-657202803-3798855404-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-04] (Google LLC -> Google LLC)
Startup: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartClock.lnk [2020-12-08] <==== ATTENTION
ShortcutTarget: SmartClock.lnk -> C:\Users\Asus\AppData\Roaming\Smart Clock\SmartClock.exe () [File not signed] <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0D9CA9C6-6F33-4943-A6C3-ABC1A17ECCC5} - System32\Tasks\WpsExternal_Asus_20201122212337 => C:\Users\Asus\AppData\Local\Kingsoft\WPS Office\11.2.0.9747\office6\wpscloudsvr.exe [1482496 2020-11-22] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {154A1674-A7CE-4242-B6E6-74729BCB29FE} - System32\Tasks\ccleaner update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1DB736EB-0C81-483A-9907-E2191787B6BC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {34B3DE0F-93F3-4CB6-81AE-F268B4E3B009} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2020-07-04] (Google Inc -> Google Inc.)
Task: {48947bcd-b6c7-4409-93df-68178bd55e83} - no filepath
Task: {506DDA7B-9E08-4643-9A93-6EF48FCF0EBD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143712 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {52A049D1-D563-4406-A264-4D0306C7656B} - System32\Tasks\ASUS Update Checker 2.0 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSSoftwareManager\AsusUpdateChecker.exe [693176 2020-10-23] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {57B69F27-CE93-450C-AA2B-E5589BEC889B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-26] (Adobe Inc. -> Adobe Systems)
Task: {5D9060FE-7E83-4C68-887E-0CD933183C15} - System32\Tasks\RtkAudUService64_BG => C:\Windows\System32\RtkAudUService64.exe [1000736 2019-10-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {67BC4C34-9D98-4862-A8E7-EABD70451146} - System32\Tasks\WpsUpdateTask_Asus => C:\Users\Asus\AppData\Local\Kingsoft\WPS Office\11.2.0.9396\office6\wpsupdate.exe
Task: {6C2EB1C9-BB6B-4AD5-B061-9FC20BAAE46E} - System32\Tasks\Microsoft\Windows\PLA\AsusLinkNear => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\Windows\system32\pla.dll [1507328 2020-07-08] (Microsoft Windows -> Microsoft Corporation)
Task: {6D8E3F23-37C3-4548-AF67-43FAEBBDC659} - System32\Tasks\Microsoft\Windows\PLA\074C0539-0999-4DA9-9D0D-3D016B62F4E9 => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\Windows\system32\pla.dll [1507328 2020-07-08] (Microsoft Windows -> Microsoft Corporation)
Task: {7C8E691E-EEF1-438C-A71D-D25BEC43507E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E0FE01A-E1F4-4251-B19B-F58E48676704} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7F31B6CD-D031-45BA-B3F0-18E5100BF472} - System32\Tasks\MyASUS Update Messenger => C:\Users\Asus\AppData\Local\MyASUS Update Messenger\UpdateMessenger.exe [13750320 2020-10-22] (SweetLabs Inc. -> SweetLabs, Inc)
Task: {897B8DA4-37E0-45F6-8340-2DFF894C837E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8C5F771D-E5DA-4690-B513-52CCB796DAC2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2020-07-04] (Google Inc -> Google Inc.)
Task: {B55F032F-245E-4F2E-A524-9FA2C62489AA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C61B5D69-BEE0-4023-97F1-928227F77AFD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24690360 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CA334506-36D7-4318-8E26-6A6E28D12360} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143712 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {D44CA5BE-D297-42B4-AF51-4FC3A2CBBDF3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D92C2ABD-001A-4519-B1A9-8E3516AD1596} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FA551D8F-D440-4991-8C5F-57EFF93FF603} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSOptimization\AsusHotkeyExec.exe [221112 2020-10-23] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {FD63C524-B77F-46F2-8F34-7B6DCC8469A4} - System32\Tasks\Time Trigger Task => C:\Users\Asus\AppData\Local\25cec880-f715-4781-8ca0-713049dbe360\52D5.exe [727040 2020-12-08] () [File not signed] <==== ATTENTION
Task: {FF3C06AA-CC63-428F-B792-5E7D76DB1D12} - System32\Tasks\adobe flash player ppapi notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_pepper.exe [1454648 2020-07-08] (Adobe Inc. -> Adobe)
Task: {FFDFEBA4-1688-4C51-9D3D-CA138D6769B2} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2166712 2020-10-23] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{600ca06d-f359-4f79-ac41-5a01322dfcea}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8a153744-e161-4ee8-9b73-7fe148789bfb}: [DhcpNameServer] 40.52.1.13
Edge:
======
Edge Profile: C:\Users\Asus\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-17]
FireFox:
========
FF DefaultProfile: qh9rtnlf.default
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\qh9rtnlf.default [2020-07-07]
FF NewTab: Mozilla\Firefox\Profiles\qh9rtnlf.default -> hxxps://securesearch.org/homepage?hp=2&pId=BT171002&iDate=2020-07-06 10:21:28&bName=
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\4x6r8t31.default-release [2020-10-20]
FF Homepage: Mozilla\Firefox\Profiles\4x6r8t31.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=BT171002&iDate=2020-07-06 10:21:28&bName=
FF NewTab: Mozilla\Firefox\Profiles\4x6r8t31.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=BT171002&iDate=2020-07-06 10:21:28&bName=
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-07-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-07-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-07-17] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-07-17] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-12-11]
CHR Notifications: Profile 1 -> hxxps://aternos.org; hxxps://mail.google.com; hxxps://meet.google.com
CHR Extension: (Slides) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-09-18]
CHR Extension: (Just Black) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-09-18]
CHR Extension: (Docs) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-09-18]
CHR Extension: (Google Drive) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-09-18]
CHR Extension: (Sheets) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-09-18]
CHR Extension: (Google Docs Offline) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-09-18]
CHR Extension: (AdBlock Stream) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\npknjhekabepaannekikfhjbjgjhlbpf [2020-12-09]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2020-11-11]
CHR Extension: (Gmail) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-01]
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\System Profile [2020-09-23]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
"aikolgut" => service was unlocked. <==== ATTENTION
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [88648 2020-02-26] (Adobe Inc. -> Adobe Systems)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844856 2020-06-20] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 aikolgut; C:\Windows\SysWOW64\aikolgut\ffgrmnlt.exe [13208576 2020-12-08] () [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-05-20] (Apple Inc. -> Apple Inc.)
R2 ASUSLinkNear; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSLinkNear\AsusLinkNear.exe [1089976 2020-10-23] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSLinkNearExt; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSLinkNear\AsusLinkNearExt.exe [142264 2020-10-23] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSLinkRemote\AsusLinkRemote.exe [790968 2020-10-23] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSOptimization\AsusOptimization.exe [310200 2020-10-23] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSSoftwareManager\AsusSoftwareManager.exe [797112 2020-10-23] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2166712 2020-10-23] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [600480 2020-10-23] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-11-23] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2020-07-05] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
S3 QMEmulatorService; C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [198736 2020-08-15] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wpscloudsvr; C:\Users\Asus\AppData\Local\Kingsoft\WPS Office\wpscloudsvr.exe [1482496 2020-11-22] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 AsusPTPDrv; C:\Windows\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ASUSSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSSystemAnalysis\ASUSSAIO.sys [36792 2020-10-23] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_34ba03d292044348\ASUSOptimization\atkwmiacpi64.sys [44696 2020-10-23] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2019-10-07] (Microsoft Corporation) [File not signed]
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 KrispSimple; C:\Windows\System32\drivers\KrispVad.sys [56008 2020-07-18] (Krisp Technologies, Inc -> )
R2 LdVBoxDrv; C:\Program Files\ldplayerbox\LdVBoxDrv.sys [315232 2020-08-03] (MyTestCertificate -> Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-11 16:31 - 2020-12-11 16:36 - 000027390 _____ C:\Users\Asus\Downloads\FRST.txt
2020-12-11 16:29 - 2020-12-11 16:29 - 000000000 ____D C:\Users\Asus\Downloads\FRST-OlderVersion
2020-12-11 16:26 - 2020-12-11 16:34 - 000000000 ____D C:\FRST
2020-12-11 16:23 - 2020-12-11 16:29 - 002288640 _____ (Farbar) C:\Users\Asus\Downloads\FRST64.exe
2020-12-10 00:02 - 2020-12-10 00:02 - 002045952 _____ C:\Windows\system32\rdpnano.dll
2020-12-10 00:02 - 2020-12-10 00:02 - 000171008 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2020-12-10 00:02 - 2020-12-10 00:02 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\ncpa.cpl
2020-12-10 00:02 - 2020-12-10 00:02 - 000100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncpa.cpl
2020-12-10 00:02 - 2020-12-10 00:02 - 000059392 _____ C:\Windows\system32\runexehelper.exe
2020-12-10 00:02 - 2020-12-10 00:02 - 000001370 _____ C:\Windows\system32\ThirdPartyNoticesBySHS.txt
2020-12-10 00:02 - 2020-12-10 00:02 - 000000357 _____ C:\Windows\system32\DrtmAuth14.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000357 _____ C:\Windows\system32\DrtmAuth13.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth18.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth17.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth16.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth15.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-12-10 00:02 - 2020-12-10 00:02 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-12-10 00:01 - 2020-12-10 00:01 - 001756600 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-12-10 00:01 - 2020-12-10 00:01 - 001366144 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-12-08 19:23 - 2020-12-08 19:27 - 000000000 ___HD C:\KingsoftData
2020-12-08 19:22 - 2020-12-08 19:22 - 000000000 ____D C:\Users\Asus\AppData\Local\Piders
2020-12-08 19:20 - 2020-12-08 19:21 - 000000000 ____D C:\ProgramData\Garbage Cleaner
2020-12-08 19:19 - 2020-12-08 19:22 - 000000000 ____D C:\ProgramData\MJRVVULATP
2020-12-08 19:19 - 2020-12-08 19:19 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2020-12-08 19:19 - 2020-12-08 19:19 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll
2020-12-08 19:19 - 2020-12-08 19:19 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2020-12-08 19:19 - 2020-12-08 19:19 - 000001110 _____ C:\Users\Asus\_readme.txt
2020-12-08 19:19 - 2020-12-08 19:19 - 000001110 _____ C:\_readme.txt
2020-12-08 19:18 - 2020-12-08 19:20 - 000334288 _____ (Mozilla Foundation) C:\ProgramData\freebl3.dll
2020-12-08 19:18 - 2020-12-08 19:20 - 000000000 ____D C:\ProgramData\882CQ3NVNV
2020-12-08 19:18 - 2020-12-08 19:18 - 000000049 _____ C:\Users\Asus\AppData\Local\script.ps1
2020-12-08 19:18 - 2020-12-08 19:18 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Smart Clock
2020-12-08 19:18 - 2020-12-08 19:18 - 000000000 ____D C:\ProgramData\t2p2w0v6w8p2w0v6w8
2020-12-08 19:17 - 2020-12-08 19:27 - 000000000 ____D C:\Users\Asus\Documents\VlcpVideoV1.0.1
2020-12-08 19:17 - 2020-12-08 19:21 - 000000000 ____D C:\ProgramData\SWXJ6TOIAD
2020-12-08 19:17 - 2020-12-08 19:18 - 000000000 ____D C:\Users\Asus\AppData\Local\73368dfc-5082-4ca3-9ef1-79b35b74b02b
2020-12-08 19:17 - 2020-12-08 19:17 - 000003754 _____ C:\Windows\system32\Tasks\Time Trigger Task
2020-12-08 19:17 - 2020-12-08 19:17 - 000000565 _____ C:\Users\Asus\AppData\Local\bowsakkdestx.txt
2020-12-08 19:17 - 2020-12-08 19:17 - 000000000 ____D C:\Windows\SysWOW64\aikolgut
2020-12-08 19:17 - 2020-12-08 19:17 - 000000000 ____D C:\Users\Asus\AppData\Local\25cec880-f715-4781-8ca0-713049dbe360
2020-12-08 19:17 - 2020-12-08 19:17 - 000000000 ____D C:\SystemID
2020-12-08 19:16 - 2020-12-08 19:16 - 000000000 ____D C:\Users\Public\Thunder Network
2020-12-08 19:16 - 2020-12-08 19:16 - 000000000 ____D C:\ProgramData\Thunder Network
2020-12-08 19:16 - 2020-12-08 19:16 - 000000000 ____D C:\ProgramData\sib
2020-12-08 19:16 - 2020-12-08 19:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RearRips
2020-12-08 19:16 - 2020-12-08 19:16 - 000000000 ____D C:\Program Files (x86)\Seed Trade
2020-12-08 19:16 - 2020-12-08 19:16 - 000000000 ____D C:\Program Files (x86)\RearRips
2020-12-08 19:15 - 2020-12-08 19:15 - 000032768 _____ C:\Users\Asus\AppData\Roaming\1607426120358-shm
2020-12-08 19:15 - 2020-12-08 19:15 - 000000000 _____ C:\Users\Asus\AppData\Roaming\1607426120358-wal
2020-12-08 18:06 - 2020-12-08 18:51 - 000000000 ____D C:\Users\Asus\AppData\Local\Movavi
2020-12-08 18:06 - 2020-12-08 18:06 - 000000000 ____D C:\Users\Asus\AppData\Local\VideoEditorPlus
2020-12-08 18:06 - 2020-12-08 18:06 - 000000000 ____D C:\Users\Asus\AppData\Local\CrashRpt
2020-12-08 18:04 - 2020-12-08 18:04 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movavi Video Editor Plus 2021
2020-12-08 17:59 - 2020-12-08 17:59 - 000012623 _____ C:\ProgramData\juutbubq.wrj
2020-12-08 17:59 - 2020-12-08 17:59 - 000000016 _____ C:\ProgramData\mntemp
2020-12-08 15:38 - 2020-12-08 19:23 - 000007463 _____ C:\Users\Asus\Downloads\My CLE Story .docx.nobu
2020-12-08 14:53 - 2020-12-08 19:23 - 000014847 _____ C:\Users\Asus\Downloads\Speech.docx.nobu
2020-12-08 13:32 - 2020-12-08 19:23 - 000006719 _____ C:\Users\Asus\Downloads\references .docx.nobu
2020-12-07 13:43 - 2020-12-08 19:22 - 000026350 _____ C:\Users\Asus\Downloads\CHAPTER 2 nestling.png.nobu
2020-12-07 13:33 - 2020-12-08 19:23 - 008472886 _____ C:\Users\Asus\Downloads\PhotoScissorsSetup.exe.nobu
2020-12-07 13:31 - 2020-12-08 19:22 - 000014300 _____ C:\Users\Asus\Downloads\fledgling 2.png.nobu
2020-12-05 17:36 - 2020-12-08 19:22 - 000091185 _____ C:\Users\Asus\Downloads\Greenland (2020) [1080p] [BluRay] [5.1] [YTS.MX].torrent.nobu
2020-12-05 17:36 - 2020-12-08 19:22 - 000041410 _____ C:\Users\Asus\Downloads\greenland-2020-english-yify-261276.zip.nobu
2020-12-04 17:07 - 2020-12-08 19:23 - 000075646 _____ C:\Users\Asus\Downloads\[FFA] Fruits Basket 2nd Season - 01 - 25 [1080p][HEVC][AAC].torrent.nobu
2020-12-01 08:53 - 2020-12-08 19:22 - 001317414 _____ C:\Users\Asus\Downloads\ChromeSetup.exe.nobu
2020-11-29 21:21 - 2020-12-08 19:22 - 037308226 _____ C:\Users\Asus\Downloads\Cordero-1.MOV.nobu
2020-11-27 22:25 - 2020-12-08 19:22 - 000011422 _____ C:\Users\Asus\Downloads\Final Paper Submission.docx.nobu
2020-11-23 08:49 - 2020-12-08 19:23 - 000000496 ____H C:\Users\Asus\Downloads\~$oup chech rationale.docx.nobu
2020-11-22 21:23 - 2020-11-22 21:23 - 000004066 _____ C:\Windows\system32\Tasks\WpsExternal_Asus_20201122212337
2020-11-17 18:54 - 2020-11-17 19:12 - 000000011 _____ C:\ProgramData\kaosdma.txt
2020-11-17 18:48 - 2020-11-17 18:50 - 000000000 ____D C:\Users\Asus\Documents\Photoshop
2020-11-17 18:37 - 2020-11-17 18:37 - 000001554 _____ C:\Users\Asus\AppData\Local\recently-used.xbel
2020-11-17 18:37 - 2020-11-17 18:37 - 000000000 ____D C:\Users\Asus\AppData\Local\gtk-2.0
2020-11-17 18:26 - 2020-11-17 18:26 - 000000000 ____D C:\Users\Asus\.cache
2020-11-17 18:25 - 2020-11-17 18:25 - 000000000 ____D C:\Users\Asus\AppData\Roaming\GIMP
2020-11-17 18:25 - 2020-11-17 18:25 - 000000000 ____D C:\Users\Asus\AppData\Local\GIMP
2020-11-17 18:24 - 2020-11-17 18:38 - 000000000 ____D C:\Users\Asus\AppData\Local\babl-0.1
2020-11-17 18:24 - 2020-11-17 18:24 - 000000000 ____D C:\Users\Asus\AppData\Local\gegl-0.4
2020-11-17 18:23 - 2020-11-17 18:23 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.22.lnk
2020-11-17 18:19 - 2020-11-17 18:21 - 000000000 ____D C:\Program Files\GIMP 2
2020-11-17 17:09 - 2020-11-17 17:11 - 000000000 ____D C:\Users\Asus\AppData\Local\Route0
2020-11-12 08:18 - 2020-11-12 08:18 - 001101312 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2020-11-12 08:17 - 2020-11-12 08:17 - 001841152 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2020-11-12 08:16 - 2020-11-12 08:16 - 000200704 _____ C:\Windows\system32\IHDS.dll
2020-11-12 08:16 - 2020-11-12 08:16 - 000164864 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-11 16:40 - 2019-03-19 12:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-11 16:13 - 2020-07-06 12:06 - 000000000 ____D C:\Users\Asus\AppData\Local\Spotify
2020-12-11 16:10 - 2020-07-06 12:04 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Spotify
2020-12-11 16:09 - 2020-08-17 11:41 - 000000000 ____D C:\Users\Asus\Desktop\Everything that involves school
2020-12-11 13:02 - 2019-10-18 21:57 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-12-11 10:57 - 2020-10-22 00:15 - 000000000 ____D C:\Users\Asus\AppData\Local\MyASUS Update Messenger
2020-12-11 10:56 - 2020-07-24 14:50 - 000004162 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{EE1E69E2-4540-4DE6-AB85-F3360CD51650}
2020-12-11 10:54 - 2020-07-04 09:56 - 000003752 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2020-12-11 10:49 - 2020-08-21 14:35 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-12-11 10:49 - 2020-08-21 14:35 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-12-11 10:46 - 2020-09-29 01:15 - 000000000 ____D C:\Users\Asus\AppData\Local\Krisp
2020-12-11 10:44 - 2020-07-24 14:47 - 000000000 ____D C:\Users\Asus\AppData\Local\LogMeIn Hamachi
2020-12-11 10:43 - 2020-07-04 10:00 - 000000000 __SHD C:\Users\Asus\IntelGraphicsProfiles
2020-12-11 02:31 - 2020-07-15 04:00 - 000000000 ____D C:\Users\Asus\AppData\Roaming\discord
2020-12-11 02:25 - 2020-08-04 00:58 - 000000000 ____D C:\Users\Asus\AppData\Local\Battle.net
2020-12-11 00:40 - 2019-03-19 12:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-11 00:40 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\AppReadiness
2020-12-10 20:25 - 2020-08-10 17:08 - 000002224 _____ C:\Users\Asus\Desktop\Discord.lnk
2020-12-10 20:25 - 2020-07-15 04:01 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-12-10 20:24 - 2020-08-10 17:08 - 000000000 ____D C:\Users\Asus\AppData\Local\Discord
2020-12-10 08:53 - 2019-10-18 22:05 - 000795992 _____ C:\Windows\system32\PerfStringBackup.INI
2020-12-10 08:53 - 2019-03-19 12:50 - 000000000 ____D C:\Windows\INF
2020-12-10 08:48 - 2020-07-04 10:00 - 000000000 ___RD C:\Users\Asus\3D Objects
2020-12-10 08:48 - 2020-04-09 09:16 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-10 08:46 - 2019-10-18 21:57 - 000483504 _____ C:\Windows\system32\FNTCACHE.DAT
2020-12-10 08:45 - 2019-10-18 21:57 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-12-10 01:19 - 2019-03-19 12:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-12-10 01:18 - 2019-03-19 12:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2020-12-10 01:18 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-12-10 01:18 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\SystemResources
2020-12-10 01:18 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\system32\oobe
2020-12-10 01:18 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\system32\Dism
2020-12-10 01:18 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-12-10 01:18 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\bcastdvr
2020-12-10 01:18 - 2019-03-19 12:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-10 01:18 - 2019-03-19 12:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-10 00:19 - 2019-03-19 12:37 - 000000000 ____D C:\Windows\CbsTemp
2020-12-09 16:44 - 2020-07-09 11:09 - 000000000 ____D C:\Users\Asus\AppData\Roaming\vlc
2020-12-09 10:22 - 2020-08-17 11:49 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Canva
2020-12-09 08:22 - 2020-07-21 02:03 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-09 08:22 - 2020-07-21 02:03 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-09 08:22 - 2020-07-21 02:03 - 000002278 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-12-08 23:23 - 2020-07-04 09:59 - 000000000 ____D C:\Users\Asus
2020-12-08 19:27 - 2020-10-04 20:44 - 000000000 ____D C:\Users\Asus\Desktop\Dido
2020-12-08 19:27 - 2020-08-20 12:41 - 000000000 ____D C:\Users\Asus\Documents\Wondershare Filmora 9
2020-12-08 19:23 - 2020-11-09 21:45 - 001933394 _____ C:\Users\Asus\Downloads\PPG.pptx.nobu
2020-12-08 19:23 - 2020-11-07 23:28 - 000026107 _____ C:\Users\Asus\Downloads\IMG_0363.PNG.JPG.nobu
2020-12-08 19:23 - 2020-11-06 15:40 - 081664014 _____ C:\Users\Asus\Downloads\shotcut-win64-201031.exe.nobu
2020-12-08 19:23 - 2020-10-16 12:01 - 000040769 _____ C:\Users\Asus\Downloads\Peer-Evaluation.docx.nobu
2020-12-08 19:23 - 2020-10-13 16:40 - 041086773 _____ C:\Users\Asus\Downloads\My Video.mp4.nobu
2020-12-08 19:23 - 2020-10-05 19:47 - 000141317 _____ C:\Users\Asus\Downloads\LASALLIAN HONOR CODE DECLARATION.pdf.nobu
2020-12-08 19:23 - 2020-10-05 13:28 - 001117920 _____ C:\Users\Asus\Downloads\LASALLIAN HONOR CODE DECLARATION.docx.nobu
2020-12-08 19:23 - 2020-10-04 20:42 - 158234790 _____ C:\Users\Asus\Downloads\mover_free_easeus.exe.nobu
2020-12-08 19:23 - 2020-10-04 20:40 - 001516830 _____ C:\Users\Asus\Downloads\mover_free_Installer_20201004.100000.exe.nobu
2020-12-08 19:23 - 2020-10-03 22:08 - 017103454 _____ C:\Users\Asus\Downloads\TLauncher-2.72-Installer-0.6.5.v2.exe.nobu
2020-12-08 19:23 - 2020-09-30 18:31 - 000063647 _____ C:\Users\Asus\Downloads\SCAFFOLD2_EARTH&LIFE_PT (1).docx.nobu
2020-12-08 19:23 - 2020-09-30 11:58 - 000024174 _____ C:\Users\Asus\Downloads\SCAFFOLDING-2-MATH-GROUP2.docx.nobu
2020-12-08 19:23 - 2020-09-25 21:25 - 000002774 _____ C:\Users\Asus\Downloads\TOITNOICE.png.nobu
2020-12-08 19:23 - 2020-09-22 14:09 - 000027602 _____ C:\Users\Asus\Downloads\SCAFFOLDING #1-2.docx.nobu
2020-12-08 19:23 - 2020-09-22 13:15 - 000031910 _____ C:\Users\Asus\Downloads\TO DO- I'm the Teacher.docx.nobu
2020-12-08 19:23 - 2020-09-21 13:10 - 002770490 _____ C:\Users\Asus\Downloads\LICEO-SHS-REFLECTIONS-NO.07.pdf.nobu
2020-12-08 19:23 - 2020-09-18 00:10 - 003098240 _____ C:\Users\Asus\Downloads\PE - Activity 1.mov.nobu
2020-12-08 19:23 - 2020-09-11 14:04 - 000029668 _____ C:\Users\Asus\Downloads\TO DO- Fill in the Table.docx.nobu
2020-12-08 19:23 - 2020-09-11 11:35 - 000000496 ____H C:\Users\Asus\Downloads\~$tes-1-DLS.docx.nobu
2020-12-08 19:23 - 2020-09-11 08:53 - 000030417 _____ C:\Users\Asus\Downloads\notes-1-DLS.docx.nobu
2020-12-08 19:23 - 2020-09-10 22:55 - 000121565 _____ C:\Users\Asus\Downloads\SCAFFOLD2_EARTHLIFE_PT.docx.nobu
2020-12-08 19:23 - 2020-09-10 18:48 - 000063761 _____ C:\Users\Asus\Downloads\SCAFFOLD2_EARTH&LIFE_PT.docx.nobu
2020-12-08 19:23 - 2020-09-07 15:14 - 000063383 _____ C:\Users\Asus\Downloads\SCAFFOLD1_EARTH&LIFE_PT (1).docx.nobu
2020-12-08 19:23 - 2020-09-07 09:05 - 000060369 _____ C:\Users\Asus\Downloads\Research-MATH-ENG-Part-I.docx.nobu
2020-12-08 19:23 - 2020-09-03 22:50 - 000062506 _____ C:\Users\Asus\Downloads\SCAFFOLD1_EARTH&LIFE_PT.docx.nobu
2020-12-08 19:23 - 2020-08-18 13:48 - 000052227 _____ C:\Users\Asus\Downloads\Information Sheet.docx.nobu
2020-12-08 19:23 - 2020-08-17 14:37 - 013208150 _____ C:\Users\Asus\Downloads\ZoomInstaller.exe.nobu
2020-12-08 19:23 - 2020-08-17 09:51 - 000017079 _____ C:\Users\Asus\Downloads\images.jpeg.nobu
2020-12-08 19:23 - 2020-08-17 09:51 - 000017079 _____ C:\Users\Asus\Downloads\images (1).jpeg.nobu
2020-12-08 19:23 - 2020-08-05 15:44 - 001798366 _____ C:\Users\Asus\Downloads\new doc 2020-08-05 12.25.49.pdf.nobu
2020-12-08 19:23 - 2020-08-03 15:12 - 000000000 ____D C:\Users\Asus\vmlogs
2020-12-08 19:23 - 2020-07-24 12:22 - 016873294 _____ C:\Users\Asus\Downloads\TLauncher-2.72-Installer-0.5.4.exe.nobu
2020-12-08 19:23 - 2020-07-07 06:20 - 000000000 ____D C:\Users\Asus\AppData\Roaming\uTorrent
2020-12-08 19:23 - 2020-07-07 06:19 - 005068750 _____ C:\Users\Asus\Downloads\uTorrent.exe.nobu
2020-12-08 19:23 - 2020-07-06 12:02 - 000892566 _____ C:\Users\Asus\Downloads\SpotifySetup.exe.nobu
2020-12-08 19:23 - 2020-07-04 13:14 - 001573902 _____ C:\Users\Asus\Downloads\SteamSetup.exe.nobu
2020-12-08 19:22 - 2020-10-04 22:54 - 001107330 _____ C:\Users\Asus\Downloads\2 CONFORME SHEET.docx.nobu
2020-12-08 19:22 - 2020-10-04 22:40 - 004082778 _____ C:\Users\Asus\Downloads\1 Liceo eHandbook 2020-2021.pdf.nobu
2020-12-08 19:22 - 2020-10-04 22:34 - 000053850 _____ C:\Users\Asus\Downloads\2 CONFORME SHEET (2).pdf.nobu
2020-12-08 19:22 - 2020-10-04 22:30 - 000020630 _____ C:\Users\Asus\Downloads\2 CONFORME SHEET (2).docx.nobu
2020-12-08 19:22 - 2020-10-03 15:03 - 001201861 _____ C:\Users\Asus\Downloads\8.3.2.3-Let-Us-Remember-formatted (1).pdf.nobu
2020-12-08 19:22 - 2020-09-21 15:37 - 003670814 _____ C:\Users\Asus\Downloads\AnyDesk.exe.nobu
2020-12-08 19:22 - 2020-09-21 11:56 - 000015189 _____ C:\Users\Asus\Downloads\Assignment-5.docx.nobu
2020-12-08 19:22 - 2020-09-21 10:19 - 000178563 _____ C:\Users\Asus\Downloads\drake_meme.jpeg.nobu
2020-12-08 19:22 - 2020-09-14 13:50 - 000007959 _____ C:\Users\Asus\Downloads\Factors-Affecting-Students-Academic-Performance-by-Irfan-Mushtaq-Shabana-Nawaz-Khan.docx.nobu
2020-12-08 19:22 - 2020-09-14 08:47 - 000013603 _____ C:\Users\Asus\Downloads\ANSWER SHEET FOR ASSIGNMENT 5.1.docx.nobu
2020-12-08 19:22 - 2020-09-07 09:46 - 000781971 _____ C:\Users\Asus\Downloads\1.png.nobu
2020-12-08 19:22 - 2020-09-01 23:17 - 000037514 _____ C:\Users\Asus\Downloads\EVALUATING FUNCTIONS_QUESTIONNAIRE.docx.nobu
2020-12-08 19:22 - 2020-08-17 11:38 - 098382254 _____ C:\Users\Asus\Downloads\Canva Setup 1.5.0.exe.nobu
2020-12-08 19:22 - 2020-08-04 00:38 - 004903230 _____ C:\Users\Asus\Downloads\Battle.net-Setup.exe.nobu
2020-12-08 19:21 - 2020-08-17 13:02 - 000015201 _____ C:\Users\Asus\Documents\ialwayslookedbadinphotos.jpg.nobu
2020-12-08 19:21 - 2020-08-03 19:27 - 000000000 ____D C:\Users\Asus\.android
2020-12-08 19:21 - 2020-08-03 19:25 - 000000000 ____D C:\Users\Asus\.Ld2VirtualBox
2020-12-08 19:20 - 2020-04-09 09:47 - 000012982 ____H C:\devlist.txt.nobu
2020-12-08 19:20 - 2020-04-09 09:47 - 000000343 ____H C:\Finish.log.nobu
2020-12-08 19:19 - 2020-08-28 22:30 - 000000000 ____D C:\Temp
2020-12-08 19:19 - 2020-08-18 14:09 - 000000000 ____D C:\kingsoft
2020-12-08 19:19 - 2020-08-03 16:05 - 000000000 ____D C:\XuanZhi
2020-12-08 19:19 - 2019-10-18 22:23 - 000000000 ____D C:\eSupport
2020-12-08 09:35 - 2020-07-07 06:22 - 000000000 ____D C:\Users\Asus\AppData\Local\BitTorrentHelper
2020-12-08 07:41 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\LiveKernelReports
2020-12-08 07:35 - 2020-09-18 08:26 - 000000000 ____D C:\Users\Asus\AppData\LocalLow\uTorrent
2020-12-07 14:36 - 2020-10-04 21:01 - 000000000 ____D C:\Users\Asus\AppData\Local\MobiMoverUILaunch
2020-12-07 14:36 - 2020-10-04 20:55 - 000000000 ____D C:\ProgramData\EMM
2020-12-06 17:58 - 2019-10-18 22:01 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-05 22:52 - 2020-08-04 22:33 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2020-12-05 17:36 - 2020-07-08 11:28 - 000000000 ____D C:\Users\Asus\Desktop\Movies
2020-12-04 20:02 - 2020-07-04 10:13 - 000003418 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-04 20:02 - 2020-07-04 10:12 - 000003294 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-04 14:09 - 2019-10-18 21:57 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-12-04 09:28 - 2020-07-04 10:13 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-04 09:28 - 2020-07-04 10:13 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-12-04 09:28 - 2020-07-04 10:13 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-11-30 20:07 - 2020-07-21 02:03 - 000003480 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-30 20:07 - 2020-07-21 02:03 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-28 13:42 - 2020-11-06 15:50 - 000000000 ____D C:\Users\Asus\AppData\Local\cache
2020-11-28 13:42 - 2020-08-04 00:42 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-11-21 20:47 - 2020-09-30 23:39 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-11-21 14:51 - 2020-07-21 06:05 - 000000000 ____D C:\Users\Asus\AppData\Roaming\.tlauncher
2020-11-21 14:51 - 2020-07-21 06:05 - 000000000 ____D C:\Users\Asus\AppData\Roaming\.minecraft
2020-11-18 09:26 - 2020-04-09 09:10 - 000004122 _____ C:\Windows\system32\Tasks\ASUS Update Checker 2.0
2020-11-17 19:01 - 2020-07-05 05:08 - 000000000 ____D C:\Users\Asus\AppData\Local\Adobe
2020-11-17 00:20 - 2020-04-09 09:10 - 000003764 _____ C:\Windows\system32\Tasks\ASUS Optimization 36D18D69AFC3
2020-11-12 11:00 - 2020-09-30 23:39 - 000907064 _____ (Microsoft Corporation) C:\Windows\system32\sedplugins.dll
2020-11-12 10:59 - 2020-09-30 23:39 - 000436536 _____ (Microsoft Corporation) C:\Windows\system32\QualityUpdateAssistant.dll
2020-11-12 09:12 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\TextInput
2020-11-12 09:12 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\SysWOW64\setup
2020-11-12 09:12 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\system32\setup
2020-11-12 09:12 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\system32\migwiz
2020-11-12 09:12 - 2019-03-19 12:52 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-11-12 08:51 - 2020-07-08 15:39 - 000000000 ____D C:\Windows\system32\MRT
2020-11-12 08:45 - 2020-07-08 15:38 - 133736600 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-11-12 08:16 - 2019-10-18 21:59 - 002876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
==================== Files in the root of some directories ========
2020-12-08 19:18 - 2020-12-08 19:20 - 000334288 _____ (Mozilla Foundation) C:\ProgramData\freebl3.dll
2020-12-08 19:19 - 2020-12-08 19:19 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2020-12-08 19:19 - 2020-12-08 19:19 - 000440120 _____ (Microsoft Corporation) C:\ProgramData\msvcp140.dll
2020-12-08 19:19 - 2020-12-08 19:19 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2020-12-08 19:19 - 2020-12-08 19:19 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll
2020-12-08 19:19 - 2020-12-08 19:19 - 000083784 _____ (Microsoft Corporation) C:\ProgramData\vcruntime140.dll
2020-12-08 19:15 - 2020-12-08 19:15 - 000032768 _____ () C:\Users\Asus\AppData\Roaming\1607426120358-shm
2020-12-08 19:15 - 2020-12-08 19:15 - 000000000 _____ () C:\Users\Asus\AppData\Roaming\1607426120358-wal
2020-08-03 19:25 - 2020-08-03 19:25 - 000000068 _____ () C:\Users\Asus\AppData\Roaming\changzhi_leidian.data
2020-12-08 19:17 - 2020-12-08 19:17 - 000000565 _____ () C:\Users\Asus\AppData\Local\bowsakkdestx.txt
2020-08-21 20:11 - 2020-08-21 20:11 - 000000000 _____ () C:\Users\Asus\AppData\Local\oobelibMkey.log
2020-11-17 18:37 - 2020-11-17 18:37 - 000001554 _____ () C:\Users\Asus\AppData\Local\recently-used.xbel
2020-12-08 19:18 - 2020-12-08 19:18 - 000000049 _____ () C:\Users\Asus\AppData\Local\script.ps1
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
Last edited:
- Nov 5, 2019
- 1,431
Hi,
Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.
Run FRST and click Fix only once and wait.
The Computer will restart when the fix is completed.
It will create a log (Fixlog.txt) please post it to your reply.
===
Please post the Fixlog.txt and let me know what problem persists.
Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.
Run FRST and click Fix only once and wait.
The Computer will restart when the fix is completed.
It will create a log (Fixlog.txt) please post it to your reply.
===
Please post the Fixlog.txt and let me know what problem persists.
- Status
Similar threads
- Locked
